Read part one: Growth vs. risk: How CIOs can strike the balance
At this point, you might be tempted to exclusively pursue IT growth projects. You’ve read about the incredible profits Google and Apple have obtained through their innovative products. The potential pay-off for innovation is considerable. However, innovation is not the only responsibility of today’s CIOs. Your project portfolio has to include capacity for core projects.
Core projects are akin to bonds in an investment portfolio. They provide stability and help you get through hard times. Core technology projects maintain your organization’s current technological capabilities. Maintaining the organization also includes compliance with regulations and corporate policy also fall into the core category.
- CASL (Canada’s anti-spam legislation) Compliance.
Email marketing remains one of the most important marketing methods. According to Experian, an information services company, one dollar spent on email marketing yields a $44.25 average return. Despite the rise of social media, email marketing remains vitally important.
On July 1 2014, CASL legislation took effect in Canada. The CRTC has the power to enforce a range of penalties including multi-million dollar fines on companies that fail to comply. Implementing CASL compliance is simply a cost of business, necessary to protect an important marketing asset.
In a December 2013 article, Canadian lawyer Barry Sookman summarized the impact of CASL as follows: “Developing a compliance program including making necessary IT enhancements can be very expensive, with one-time costs alone being in the millions of dollars for some organizations.”
- Maintaining Supplier Support: Windows XP in 2014
Reliable operating systems are an essential component of IT systems. Like many essential services, it is easy to take them for granted when they function smoothly. However, these core systems often require change. Change can come from several areas including when the vendor decides to change their policies, such as ceasing support.
In 2014, Microsoft ceased providing updates for the Windows XP operating system. Published in 2001, Windows XP was one of the most popular operating systems in the world. As late as October 2014, Windows XP retained a market share of 17% of all Internet connected computers. However, continued use of XP represented a source of risk. The University of Leicester’s Windows 7 Project described the risk in these terms: “Windows XP stopped receiving patches in 2014. To have continued using it beyond this point would have meant significant security concerns.”
Hoe can CIOs maintain the core of systems built by vendors? To a degree, this risk is outside the CIO’s control. Fortunately, the risk can be managed by proactively managing supplier relationships rather than viewing the supplier through the transaction lens. The proactive, approach increases the lead time for planning and enhance the relationship more generally.
- Validate Disaster Recovery (DR) technology and practices through testing
Delivering reliable technology services in the aftermath of a disaster is a steep challenge. Insufficient disaster recovery capabilities result in significant financial losses. According to a 2014 report published by the Disaster Recovery Preparedness Council, over 20% of organizations surveyed reported losses over $50,000. The losses are compounded by the fact that 65% of organizations do not pass their own DR tests.
Designing an appropriate disaster recovery project will depend on your organization’s DR maturity. Some CIOs, particularly those at smaller organizations, may have to begin at ground zero by determining which services and applications require DR support. Mature organizations can switch their focus to testing their DR – the IT equivalent of a fire drill – annually and addressing errors.
Learn more from Bruce Hapham by visiting ProjectManagementHacks.com
