In a previous post, I talked about developing a criteria triangle, with the bottom being the systems/data layer, the middle the objectives/tactics layer, and the peak the strategic results layer. The objective is to make sure the criteria that you select hit in the middle and upper layers of the triangle, where folks work in the realm of business results day in and day out.
A key step in putting together a business case is to ask, “Who cares about what?” “Who” is your audience: the decision makers. “What” is their criteria. The purpose of this step is to accurately determine your audience for your business case and the factors they will use—their criteria—in making their investment decision.
There are many times when I’m on consulting engagements when I ask CIOs, “How much of an understanding do you and your management have about how your company makes money, thereby having a staff that knows where the money comes from and where it goes?” One of the scariest responses that I have had to that question was, “Why would I want to do this? I don’t have enough time to do what I need to do now.” My answer to that scary response is that by doing this, you will accomplish the task of having an IT organization that knows how to see opportunities to differentiate the company from the competition. Continue reading You Need IT-Business Integration, Not Alignment
The October conference schedule is now complete and it was a tough one but very rewarding. The events that happened in October were numerous and overlapping in some cases. Travel was one week here and the next week there, yet we managed to get through it. Of the mass of conferences, I attended IPexpo as a guest and The ExecEvent and Hacker Halted as a speaker. I discovered something very strange – virtualization and cloud security are merely after thoughts. I felt this should have changed by now, but alas this is not the case. Is it that our scope is incorrect, or is it that there is no Return on Investment on security tools, procedures, etc? Continue reading Cloud and Virtualization Security: An After Thought