This research note is the first of series of documents describing KuppingerCole’s basic positions and providing insights into IT Service and Information Security Management. It describes the fundamental building blocks of, including what IT should be able to deliver to the business as well as the technical production of IT services. Together, these form the basis for effective organization of IT departments, as well as for improving Business/IT alignment, and making the procurement or production of IT services more efficient.
The fundamental role of IT within an organization is simple to describe: It must provide the IT services that business requires in the way business wants them – nothing more, nothing less. The elements involved in providing these services, namely Service Management and Information Security, are what we at KuppingerCole call “IT Management and Security”. They are wholly responsible for procuring, orchestrating and managing IT services and ensuring that they are provided securely by protecting valuable and sensitive information.
Underneath the IT Management and Security layer there are various IT service producers. These can include both internal on-premise IT providers and external “cloud” providers. However, they are both simply service providers. Opting for the cloudis therefore not really a strategic decision at all; it’s just the result of decisions made at the IT Management and Security level. IT strategy is actually set at this middle layer, so that is where IT management needs to focus its attention. Making sure this layer is running smoothly is the necessary first step towards creating an IT that can provide the necessary business services in a secure and timely manner.
Unfortunately, corporate IT departments tend to concentrate more on technology than on the needs of the business. What IT professionals need to understand is that the “I” in “IT” is much more important than the “T”. By getting hung up on technology issues, IT departments are doing both themselves and their partners in the business units a disservice, besides misspending money the company needs to conduct its business successfully.
Thankfully, a growing number of IT decision makers, as well as many in top management, are awakening to the fact that classical, technology-centric investment is to IT what the Ford Model T is to a modern automobile: quaintly anachronistic and hopelessly inefficient. What today’s organizations need is a business-style approach to IT management, including fine-grain accounting for IT service consumed by business and the industrialization of IT services with the aim of achieving true “ERP for IT”. IT must be capable of accurately measuring the direct costs of business services and billing for them accordingly. It needs to be able to plan ahead so it can focus on the most cost-efficient way of developing or procuring the IT services needed by business.
That doesn’t automatically mean the end of on-premise IT service production, but it does mean that this will be just one model among many, depending on the nature of the required services and the speed and flexibility with which they need to be provided. Producing services is only part of IT’s job; its main focus should be on providing the right kind of ser-vice to business. This is a major paradigm shift for most IT professionals, and one which will be dis-cussed in more detail over the course of this research note.