Best Practices In IT Financial Management

Best Practices In IT Financial Management

Without IT cost transparency, it is virtually impossible to operate IT efficiently and manage IT demand.”

In a recent Forrester survey of 84 enterprise IT decision-makers, only 52% said that they have a formal IT chargeback process in place. It is difficult to run IT like a business when the product appears to be free to customers but costs the business hundreds of millions of dollars to operate — which is precisely what happens when IT costs are not charged back to its customers.Instead, CIOs should embrace full cost transparency, which requires IT to operate like a service provider with a catalog of products and services aligned with its customers’ needs, defined cost models for each service, an understanding of the demand drivers, and a process to track and invoice its customers based on their consumption of those services. Forrester has identified a number of best practices that leading organizations have used to make this transition to full cost transparency.

MOST FIRMS FAIL TO UNDERSTAND IT COSTS

IT organizations have never been under more pressure than they are today. Today’s CIOs face the fallout of a global recession that has put extreme pressure on IT budgets as well as increased competition from outsourcers, software-as-a-service (SaaS) solutions, and other third-party service providers that are hungry for business. Unfortunately, many IT organizations are unprepared for both situations. According to a recent Forrester survey, almost half of IT decision-makers reported that they do not charge IT costs back to appropriate business functions, leaving all IT costs to be borne as overhead costs. And many of those that do have IT chargeback in place are doing so on a cost center allocation basis, where each cost center is charged for a prorated amount of the IT spend based on headcount, revenue, or some similar metric. This leads to a number of problems, mainly that:

• IT costs are not transparent. The only window into IT costs that most executives and business users have is either the total annual budget for IT or the lump-sum charge for IT that finds its way into their monthly operating statement. Neither provides any information about what the money is being spent on or how they benefit from it. What they do know is that it seems like a lot of money and they have no control over it.”All I know is that every month my cost center gets charged $176,000 for IT. We have PCs, email, Internet access, and we run some applications, but how do I know what it should cost? If we want anything else, it costs more.” (General manager for a Global 1000 manufacturer)
• IT costs don’t reflect usage. IT costs that are charged back to cost centers on a lump-sum basis don’t necessarily reflect the actual use of IT. For example, an accounting department has very different usage characteristics than an engineering department that is running CAD/CAM applications that require high-performance workstations and utilizes banks of servers for the computer-intensive product simulations. If the IT organization allocates its costs based on headcount or desktops, it results in the accounting department subsidizing the IT expense of the engineering department.This is similar to a fixed-price, all-you-can-eat buffet. While a certain number of people will eat more food than the cost, they will be subsidized but the people who eat less. In our example above, the engineering department is “eating” more IT resources than they are being charged for, but the accounting department is subsidizing them.
• IT costs aren’t aligned with business needs. IT and business are aligned when IT understands the business strategy and operating model, the business understands IT capabilities, and they work together to ensure that the business’ IT requirements are met. When IT costs are not charged back or are allocated using some crude algorithm, there is little opportunity for dialogue, and IT tends to take a least-common-denominator approach to providing IT services.

These problems leave the enterprise without a detailed view into IT costs, making it almost impossible to know where cuts should be made that result in the least damage or how to evaluate a proposal from an outsourcer or other third-party solution. IT is a black box.

SIX BEST PRACTICES FOR TRANSPARENT IT

A small but growing number of IT organizations have undergone a radical transformation to reposition themselves as internal service providers with a catalog of products and services that are marketed and sold to their stakeholders. Barclays Global Investors refers to this transformation as going from a black box to a glass box. Forrester interviewed a number of CIOs, vendors, and industry experts to distill a set of best practices that others can follow in making a successful transition. At the heart of this process is a mastering of IT financial management, a core discipline in running IT like a business.

Best Practice No. 1: Create Well-Defined Governance Structures

Governance is first and foremost about engagement, ensuring that the appropriate business leaders are directly involved with IT investment decisions. Transitioning from the traditional black-box IT to a fully cost-transparent IT is a two-way street paved with accountability. IT is accountable for the costs of the products and services it provides to its customers, but at the same time, the customers (business) are accountable for the demand that drives those costs. In other words, good governance facilitates the discussions between IT and business that lead to fact-based decisions that result in services that are aligned with business needs and optimized for a rational level of demand. This means good governance structures drive what products and services IT offers, define the required service levels, set funding levels, and resolve conflicts and priorities between business units.

As an example, a large healthcare services provider implemented a three-tiered approach to IT governance that ensured that the business was engaged at the appropriate levels. Corporate IT was a shared services organization that provided infrastructure services, enterprise applications services, and applications hosting for the business units. The business units retained responsibility for business-unit-specific applications. The three governance structures included:

• The IT executive council. Comprised of the president of each business unit, the controller, the head of human resources, and the CIO, the IT executive council (ITEC) was responsible for reviewing and approving new shared services, approving the cost allocation methodologies, recommending budget levels, and assessing overall IT performance. The ITEC provided the strategic perspective to ensure that the decisions made offered the most value to the organization. The major challenge was to gain as much standardization and commonality as possible to leverage scale.
• The IT buyers council. Comprised of the divisional (business-unit) CIOs, the buyers council was responsible for representing the business units’ requirements to the IT executive council and to approve spending to meet those requirements.
• The IT technology council. Comprised of IT managers and architects, the technology council was responsible for decisions relating to technical direction, architecture, road maps, and vendor selection.

Together the three councils distributed the decision-making to the appropriate people and provided a forum to ensure that the enterprise perspective was represented and that all IT decisions were made transparently. By putting governance first, IT organizations get from the business the commitment and engagement required for a successful transformation.

Best Practice No. 2: Organize For Success

Making the transition to an internal service provider is a significant organizational change management initiative that cannot be underestimated. In fact, one CIO we spoke to referred to the organization as the “secret sauce.” Traditionally, IT is organized around technologies, but IT products and services are often composed of multiple technologies that cross IT organizational boundaries. This requires cooperation across the technology stacks, something many IT organizations are not adept at.

Best-practice IT organizations have moved from organizing around technology silos to organizing around service/product life cycles that cut across the technology boundaries. One example is the trend to organize around plan, design, build, and run functions. Furthermore, IT operating as an internal service provider requires a customer-friendly face to the rest of the organization. New skills and competencies must be acquired including account management and sales and marketing, traits not often found in IT organizations. An internal service provider IT organization requires:

• A service/product management function. A service is typically comprised of multiple technology assets that are often organized and managed in technology silos. The service manager owns the complete life cycle of the service, including designing the service, determining its cost, ensuring that service-level agreements are met, working on continuous improvement, and providing a single point of contact, liaison, and escalation for all service-related matters.
• A customer-facing function. Client account managers have a tactical focus on working with users on a day-to-day basis to ensure that they are getting the services they need at the appropriate service levels. They work with customers during planning and budgeting to assist in forecasting demand and understanding pricing, and they can make suggestions about alternatives. During incidents, the account manager works with service managers to identify problems and communicate status back to customers.
• New competencies. Both a service management function and a customer-facing function require new skills and competencies that are often not found in IT organizations where technical proficiency has been the primary benchmark. In some cases, existing IT staffers will be able to learn these newly required skills and move effectively into one of these two functions. But often, IT will need to recruit new people into these roles. One CIO said that he had significantly underestimated this aspect of the transition.
• New culture. In addition to the new skills, the IT organization must adapt its culture from a siloed, inwardly focused culture based on technology stewardship to a customer-focused culture based on collaboration and service excellence. Changing culture is probably the most difficult task organizations can undertake. It requires committed leadership that “walks the talk,” a clear template of expected behaviors, and highly visible rewards for those who demonstrate those behaviors.

The organizational issues cannot be underestimated since they alone can doom the transformation to failure even if you get everything else right. Successful organizations have looked to external service providers and large vendors for potential talent to staff key roles and set examples for the rest of the organization.

Best Practice No. 3: Deploy A Service Catalog

A service catalog is an essential vehicle for communication and coordination between IT and its customers. The service catalog plays a key role in IT cost transparency. A well-implemented service catalog solution both fully integrates a customer-focused service catalog and makes it actionable and operational for determining the right portfolio of service offerings, negotiating service-level options with the business, tracking IT budgets and consumption, and managing the fulfillment of requests for services. The service catalog provides transparency because it gives business executives a view into IT that describes the portfolio of services that IT provides in business-relevant terms that facilitate decision-making. The service catalog includes:

• A complete description of what the business gets at what cost. The service components, objectives, service providers, pricing, cost drivers, and other relevant data are provided for each service. This enables business users to clearly map IT service offerings to business needs. The fixed and variable cost drivers provide information to help the business forecast and budget its IT demand more accurately.
• Reporting capabilities that provide detailed usage information. Business customers can track unit cost trends and analyze the consumption of IT services including deviations between forecasted IT demand and actual service consumption. The customer of an IT service will be able to compare actual usage versus the budget over the course of the year.

The catalog also enables service-based pricing instead of the typical high-level allocation mechanisms so IT can produce line-item invoices for actual consumption and provide IT customers with ongoing visibility into budgeted versus actual spend. Business units now have the ability to change behaviors around demand and have more control over their IT expenditures. Moreover, it provides a framework for making intelligent decisions about requesting new services, improving existing services, or even eliminating some services.

When first building out a service catalog, it does not have to be all-inclusive. Deploying a service catalog can be an incremental process. It makes sense to start with the most popular services first. Often the 80/20 rule applies where 20% of the services are responsible for 80% of the demand. Whatever approach organizations take, the services must be defined in user terms, not IT terms.

Best Practice No. 4: Develop A Cost Model For Each Service

Closely coupled to the service catalog is a cost model for each service. The cost model will be used to set prices for each service in the catalog and ultimately determine what users will pay, providing the organization with complete cost transparency. Developing cost models involves many factors and requires data from many sources. In many cases, costs will be explicit and easily linked to services; in other cases, they will have to be estimated and allocated in some way. Three building blocks of cost models include:

• Cost drivers. Cost drivers are factors that determine the cost of an activity. When it comes to IT services, cost drivers vary based on the type of service and how it is consumed. For example, some service costs are headcount-driven. Provisioning a desktop or laptop computer or providing an email account is done for an individual, so the total cost of these services correlates with the number of people requesting the services. Other services may be driven by output such as the number of transactions for a general ledger service, number of pages printed or displayed for a reporting service, or number of new accounts opened for a CRM service.In some cases, the cost drivers may not be so straightforward. For example, enterprisewide ERP systems are extremely complex with many different modules and many different types of users. A simple approach would be to take the total cost of the ERP system and divide it by the number of users, but this would not be an accurate representation, especially if service charges are done at the departmental level. On the other hand, trying to get too granular soon creates diminishing returns. A compromise approach might be to segment ERP by major module or function and identify three tiers of usage — heavy, medium, and casual — with different prices for each.
• Cost categories. ITIL V3 has provided a framework for service costing that breaks service costs down into three categories: direct costs, absorbed indirect costs, and unabsorbed indirect costs. Direct costs are those that are exclusively incurred by a specific service such as the cost of a server dedicated to email. Absorbed indirect costs are costs that are shared across multiple services such as the cost of the network that is shared by email, Web hosting, Internet access, etc. These costs are allocated to the services based on the share of the costs they incur. For example, if email uses 40% of the network bandwidth, then 40% of the network costs should be absorbed by the email service. Likewise, if 50% of a system admin’s time is used to support email, then 50% of the labor cost should be absorbed by email.Costs that are really not attributable to any service are unabsorbed indirect costs and include general overhead like the CIO and administrative staff, planning, architecture, procurement, R&D, etc. Sometimes these costs are allocated to the services based on some algorithm, and sometimes these costs are absorbed at the corporate level as a general and administrative (G&A) expense.
• Cost components. Services are comprised of a number of components that include assets and resources. Common service components are hardware such as servers and storage; software such as operating systems, middleware, and applications; facilities (e.g., floor space and utilities); labor (both employees and contractors); and external services such as outsourced functions and telecom.The costs of components can be extracted from general-ledger systems or time-tracking systems or calculated using methods like activity-based costing (ABC) in conjunction with the cost drivers identified earlier.

Building a cost model for a service involves collecting the costs for each of the service components based on their category and using the cost drivers to develop the unit cost. For example, the cost of an email service includes hardware, software, facilities, labor, and possibly external services — some of which are direct costs and others that are indirect costs. Once the total cost of providing email has been determined, it can be divided by the cost driver, in this case number of users, to come up with the unit cost for email.

Service pricing is not necessarily equal to the service cost even for IT organizations that are not set up as profit and loss centers. Oftentimes IT organizations will take the service cost and add an uplift to account for unanticipated capacity upgrades, fund an internal R&D function, or build a “rainy day” fund.

Best Practice No. 5: Optimize Delivery Through Right-Sourcing

Once the service catalog has been created and cost models developed for each of the services, IT can now begin to analyze how it can optimize each service by balancing cost with performance. IT cost transparency opens the door to right-sourcing — that is, choosing the best provider for each service that can deliver the required level of service at the best possible cost.

There are a number of reasons why an external provider, rather than the captive IT organization, is a better choice to deliver some services. These factors would include:

• Economies of scale. Some services are commodities where there is little differentiation while others may have high fixed costs. An external service provider can aggregate volume from multiple customers and amortize fixed costs across a much larger base than all but the largest global enterprises could do, enabling it to provide these services at a lower cost. As long as the external provider can meet any requisite SLAs, it should be considered as a viable approach. Examples of such services would include Web hosting, datacenter hosting, or providing call centers.
• Specialized expertise. Some services may require specialized expertise that is either difficult or expensive to acquire; this is especially true for governments, nonprofits, and small to medium-size businesses. Examples of such services would include supporting an SAP system or providing offshore maintenance and development.
• Geographic coverage. Services may need to be delivered in remote locations both domestically or internationally where the cost to deliver them would be prohibitive. Sourcing delivery from a local provider can be a more cost-effective way — and in some cases, the only way — to deliver services to these customers.

Developing cost models for services can be a double-edged sword because it does expose IT costs for service delivery. IT organizations that are not operationally effective and efficient may find that their costs are high relative to their peers and external service providers, which may prompt senior management to consider outsourcing all of IT. On the other hand, we know of IT organizations that have been able to use cost transparency to demonstrate that their costs are better than any outsourcer, which is logical given that captive IT organizations typically do not have to earn a profit. Without cost transparency, CIOs have little information to refute claims of outsourcers aggressively pursuing business.

Best Practice No. 6: Invoice Customers To Rationalize Behaviors

The final step in cost transparency is invoicing customers for their consumption of IT resources with the goal of complete cost recovery (i.e., the aggregate of all enterprisewide invoices for IT products and services is equal to the total cost of IT). This type of chargeback enables IT customers to link their IT charges directly to business value and make intelligent decisions about their demand. Every month, cost center managers each receive a line-item invoice that details their consumption of IT resources. This invoice provides them with their actual costs for the month by service, the budgeted amounts for the services, and any variance.

The service catalog coupled with the invoice becomes an extremely valuable component for IT demand management. It enables business executives and managers to have fact-based dialogues with their IT relationship or account managers about their requirements for IT services. At budgeting time, rather than looking at last year’s expense plus some growth factor, managers can look at specific demand and cost drivers and make rational decisions about future demand. This leads to more accurate forecasting and planning. It also enables business managers to look at the ROI of each service (i.e., the business value).