James Thew - Fotolia
Did you ever notice that a good deal of what is written about software as a service (SaaS) governance is written by people who are selling it? I found about 13.5 million Google search results for "SaaS" and another 2.1 million results for "SaaS governance" -- sources largely dominated by names that you would typically find organized into quadrants, with or without the magic. Most of the content opines about the usual areas of interest, e.g. is it really cost-effective? Is it secure and how will I know? Does it scale? How is data managed? Is it reliable? What about my IP? What happens when it goes down?
By no means am I suggesting that these are unimportant topics for CIOs to consider -- clearly, from an IT professional's perspective, these are among the most critical domains of governance. I am saying however, that if we look at -- or listen to -- SaaS governance entirely from the IT point of view, we are -- metaphorically, of course -- listening to the sound of a clap made by one hand. For those of you who prefer sports-oriented analogies, think "… partial score: Boston 6 …"
SaaS governance, while indeed challenging to CIOs and their teams, in its more holistic context should be seen as an opportunity to become a better business partner and to move closer to the seemingly unachievable goal of aligning IT with the business.
"It's not about what it is, it's about what it can become..."
- Dr. Seuss, The Lorax, 1971
Embracing SaaS and evolving your IT governance in ways that exploit the value of SaaS while ensuring appropriate levels of risk management and compliance can become the cornerstone of a CIO's strategy and roadmap. While the challenges of outsourcing business processes and their supporting applications to the cloud should not be underestimated, when done thoughtfully, the outcomes can significantly enhance the CIO's relationships with internal and external business partners, drive business model innovation, drive significant efficiencies across business processes and applications, and significantly enhance the alignment and value of IT to the enterprise. Here are a few key things to consider.
Significantly enhanced business processes…
Moving a business process and its supporting applications to a SaaS model is, in many ways, similar to outsourcing. A fundamental difference is that in many outsourcing relationships, the outsource provider will often either highly customize their application to meet the needs of an individual client -- make theirs look like yours -- or, as is often the case, assume responsibility for running your existing application. Functional gaps are tightly managed, often with the specific objective of minimizing impacts to business processes, i.e., make the transition as transparent as possible to end-users. Major benefits of this type of outsourcing are generally focused upon cost savings from ongoing IT operations, decreased time to market for enhancements, and providing the IT team with increased bandwidth to put financial and other resources to work on more innovative projects. In practical terms, cost savings from outsourcing are known to have materialized, decreased time to market and benefits from redeployment of available resources to more value-added projects have been a lot more elusive.
In contrast to traditional outsourcing, with a SaaS implementation it is most common for the service provider to offer a standard product that is highly configurable -- software and data-defined features and functions -- but not highly customizable, i.e., minimal to no changes to the fundamentals of how the thing works. When you buy into adopting a SaaS solution you are essentially trading the way your enterprise performs the function -- and who the experts are -- today for the way that the service provider offers the function and provides ongoing expertise and support post implementation. In effect, a SaaS implementation of this nature becomes one focused upon business process reengineering and business process management on steroids. The opportunities that accrue from a program characterized by simplification and standardization are far greater than those to be realized from the more traditional form of outsourcing. Business process efficiencies and effectiveness are typically a primary benefit to business partners as well as to IT. When the SaaS function is customer facing, for example, CRM, revenue enhancements are commonly achieved as marketing and sales staff can see measurable improvements in their productivity. When the SaaS function is middle or back office facing, e.g. ERP, business savings well beyond reduced IT operational costs can be realized through better supply chain management, more efficient resource utilization, etc.
IT focus on higher value activities…
Once a successful SaaS implementation has been achieved, CIOs and their teams can focus on higher value activities. Examples include:
- Leveraging automation to increase the level of integration across major business processes, e.g. straight through or cash-to-ledger processing
- Leveraging additional forms of unstructured and structured data to enrich reporting and decision making, e.g. social media, sensor-based, Internet of Things, etc.
- Leveraging enhanced analytics driven by higher quality and higher volume of data being captured and processed to support the end-to-end needs of practically every business function
It is easy to see, in principle, how moving away from a model based on traditional application development, maintenance and IT operations to a model that provides more business process support can benefit the entire enterprise in ways that go well beyond reducing the cost of running an application. In order to realize these benefits, CIOs will need to evolve their objectives, roles and their organizations in the following ways:
- Focus on becoming a trusted advisor and collaborator with your business partners. Don't argue with business partners who are considering a SaaS solution but rather embrace the approach and help them navigate the sometimes-murky waters throughout the entire journey. Helping them through the prickly patches and being a supporter of the program -- rather than trying to defend against the demise of a 30-year-old in-house application -- will likely enhance the probability of a successful outcome and you will be recognized as an enabler of positive change rather than as an obstacle to progress. You will likely increase the probability of being invited to participate in the next business strategy discussion that you may not have otherwise been invited to. Recognize that this approach could earn you the highly sought after voice at the business table.
- Understand the impact of evolving to a SaaS model, on the skills required of your team and re-tool your bench strength as required. Moving to the SaaS model will demand people skilled in internal matrix management and external partner/vendor management that go well beyond the requirements of the traditional systems development life cycle management approach. Increased attention to governance -- partner evaluation and selection, contract negotiation, creating and managing external and internal service level agreements, etc. -- is clearly key. Similarly, enhanced risk management capabilities -- especially information security, data privacy and continuity of business -- become especially critical in dealing with today's ever-increasingly demanding compliance environment.
- If you have not done so already, pay particular attention to your analytics and data management capabilities. As described above, SaaS implementation provides the IT team with a valuable opportunity to deliver significantly enhanced actionable insights to their business partners. That drive increases to both top line revenue and operating expenses, all of which can make material contributions to sustainable earnings growth.
Looked at individually and/or taken together, moving IT teams and working with business partners in these directions will assist CIOs in not only talking about aligning IT to the business but will create it.
Let me know what you think. Post a comment or drop me a note at email@example.com. Discuss, debate or even argue -- let's continue the conversation …
Hybrid cloud management myths
Build a cloud management strategy
Cloud computing: managing the risks
- CW+ Open Group: Governance in IT and Architecture - TOGAF –ComputerWeekly.com
- Governance of IT, an executive guide to ISO/IEC 38500 –ComputerWeekly.com