People of the LinkedIn Universe

If we don’t know each other, don’t send me a message with only the default connect message.

1. Mark, it is good to see you on LinkedIn…
2. Mark, because you are someone I trust…
3. I’d like to connect with you on LinkedIn…

You need to tell me why we need to connect. If you want to sell me something, the bar is really hard to justify connecting. If we’ve never even been in the same zip code, state or country at the same time then I’m not sure why we should connect. You need to make a case for it.

Don’t be lazy.

You may now return to your regularly scheduled programming…

 

 

 

June 11, 2013 Posted by Mark Brewer | social media | LinkedIn, social media, Social network | Leave a Comment

2C) Supply Chain

For whatever your organization does, what is the supply chain?  From inputs to outputs? This is the engine that fuels the results of the organization. If you are non-profit taking care of babies, then what donations are coming from where, how is the organization processing those donations and then how are they being distributed? If you make something, then what parts and services are required to generate the output that you sell? All organizations have these processes and as a new CIO, one needs to get their arms around those processes and how IT is supporting the ‘chain’.

Related, the reverse supply chain also needs to be understood with the same questions asked and answered. The reverse supply chain is for items being returned for whatever reasons.

In some cases, the phrase Order to Cash(OTC) is used is relevant as it covers everything from orders being placed through receiving cash(or equivalent) back from your customer.

Questions that should be considered and reviewed:

1. Prioritization of Projects: How are your business partners prioritizing what they need IT to do and how is the relationship with these partners? Does the business have a collaborative partnership with IT to get things done?
2. Shadow IT: Is there an out of control shadow IT needed by the organization to be successful? If so, why? Are there IT components being sourced, paid for and installed by the business independent of IT? If so, why? In these cases, the IT leadership needs to work on better collaboration and partnership with the business. Typically these things are being done because either a) someone in the business wants to be in IT or b) the business is just trying to get their job done. In either case, a conversation and fresh start is needed.
3. 3rd Party Collaboration with Suppliers and Customers: What is the strategy and what tools/processes are in place to tie your extended supply chain together? Are things like co-planning being done where customers are sharing their future needs with your organization and if so, how and what tools are involved and how healthy are they? Just as your organization might want better visibility with customers, you must do the same for suppliers. Be the customer you want your customers to be. How is IT facilitating the ease of doing business? Perhaps visit with some customer or suppliers directly. Here is a post from InformationWeek that addresses the collaborative supply chain strategy.
4. Signaling and Metrics: Does the organization have the level of signaling and measures in place to have full and deep visibility of the supply chain? Visibility needs to range upstream in suppliers and downstream to customer warehouses. Are there dashboards in place? Are there analytics about the health of the supply chain that cover logistics, warehouse inventory levels, order status, etc.?
5. Security of the Supply Chain: How are you securing the sharing of information between suppliers and customers? How are you securing plans, drawings, IP, etc. And don’t forget to think about the business continuity capabilities of your suppliers. Don’t assume anything.
6. What else? Your business is unique and are you appropriately looking at those unique aspects too? For example, if you have sub-components that need very long lead times to produce, then how good is your forecasting processes and tools? Long lead times likely mean you have to order things before you might have real orders in place. Do you have those thoughts well underpinned?

Your organization is unique so don’t assume what others do or say is the right answer for you. And certainly don’t assume just because a big software vendor wants to sell you something because everyone is doing it doesn’t make it right for you. I’ve learned that lesson myself.

What else?

June 10, 2013 Posted by Mark Brewer | analytics, new cio, operations | Supply chain, Supply chain management | Leave a Comment

2B) IT Operations

There are lots of topics in this area and those in IT have lots of stories to tell about their operations. I’ll list a few points here and perhaps do another list later or update this later with further points.

An IT shop begins and ends with how well it does basic operations. The services that are provided need to work reliably before one can begin discussions about adding new services or systems. One needs to have an honest assessment of how things are going and this should include both a qualitative understanding and a quantitative, metrics based understanding. When you talk to your peers, what did they tell you about how IT was doing? Did they give you any insights? On the metrics front, do you have real trend lines about uptime and costs and power consumption and outages? Can your team account for outages and talk about them to root cause? Is the team trying to fix problems at the root cause or just doing a ctrl-alt-del type fix?

Even if your ‘services’ are outsourced to a 3rd party, you still are accountable for it to the organization. You aren’t off the hook if the system runs in the Amazon cloud or Google Cloud or Salesforce, etc. Putting a service in the cloud doesn’t relieve you of this responsibility.

So here is a list of some ideas some of which are repeats from above:

1. Power costs and consumption for your data centers.
2. System/service uptime/downtime events (frequency) and duration (how long down). Note that these are different things and have different solutions. You need these for all your mission critical services and core or base level services. Remember that email is a mission critical system to your knowledge workers.
3. Disaster Recovery testing data.
4. Overall IT Operations costs and trends in a fashion where you can drill down to understand what is driving your costs.
5. Equipment aging.
6. Patch status on all levels of the stack. Network, server, OS, database, applications, clients, etc.
7. Audit findings, testing and assurance practices.
8. Accounts and in particular trusted account review process and frequency.
9. Security monitoring and logging.
10. Integrated monitoring across your whole stack where you can related events between systems and services. Security Information and Event Management (SIEM) tools and practices that are robust.
11. And your help desks should be providing you a rich set of information about what services are providing the most grief to your workforce, suppliers and customers. Why are people calling in for help?

There are more ideas and I could probably keep writing. I must highlight a earlier post on Checklists that I think helps you assess the maturity of your operations. Are you using checklists; are your escalation rules followed and clear; is your team researching problems to root cause; are all indicators of maturity.

If I’ve left out some major thoughts or you want to add to this list, please let me know in the comments.

Mark

 

May 16, 2013 Posted by Mark Brewer | new cio, operations, security | Information technology operations, Security information and event management, SIEM | Leave a Comment

2A) Collaboration Tools

Given I write about collaboration frequently, it would obviously be a front-burner topic that needs investigation and understanding in a new role. You need to understand how your employees are working together to share information, work on projects, communicate with each other and generally get things done. This would include the following topics:

1. Review the health and status of the email eco system. Is it appropriately robust, secure and reliable? Is SPAM filtering effective? How is the system protected from malware? If a locally hosted system is it secured and is it relatively up-to-date on patches? How is the uptime on the service?
2. Look at other collaboration systems. This might include Sharepoint, wikis, instant messaging/chat services, and Yammer, etc. How are these tools being used and ask similar questions to the email service. Are your employees using these tools? How much overlap between tools do you have?
3. Telepresence/Video Services. What tools are you using and how are they being used? Are the appropriately secured? Are they being used? Is the technology up-to-date? Are they easy to use?
4. Partner Connected Tools. For the above tools, are they being used to connect with customers and suppliers and if so, do you have the proper policies and security setup? If email is the only option for your folks to connect with partners, then you might want to consider alternatives since there is not a lot of control on email.
5. File Sharing. How are files routinely being shared between internal work groups and then with external partners? Is the proper security in place and at the same time are the tools and services easy to use?
6. Other Tools. After reviewing the above tools that are supported by your company, what other tools are being used that are not supported? For example, if your IT team doesn’t support Dropbox are your employees using it anyway to store files and to share with 3rd parties? Lots to think about here. Depending on your business you might need to put some restrictions in place or roll out a supported platform and steer use to the supported platform.
7. Social Platforms. And then what about services like Facebook and Twitter and the like? Are you allowing or blocking and if so why or why not? I’m not recommending one way or another, but you need to have a discussion on it and be purposeful in your direction.
8. Mobile. I’ll likely write more on this later, but how can all the services above be accessed by mobile workers.

There is a huge inventory of topics on this one post and they are complicated with lots of interdependencies and lots of security implications. Your collaboration services are inherently in conflict with your security needs so you’ve got to understand both sides of that coin for these services. The point of listing this for new CIOs is to make sure these topics get carefully reviewed.

What have I missed on this topic?

May 11, 2013 Posted by Mark Brewer | collaboration, mobile, new cio, security, social media | collaboration, collaboration systems, Dropbox, Facebook, Filesharing, Microsoft SharePoint, Sharepoint, Twitter, Yammer | 3 Comments

2) Next Steps

In earlier posts, I listed connecting with peers, understanding the portfolio, securing the enterprise, understanding your spending and meeting your people as your top priorities when starting a new CIO position. I’m not sure if any of those are higher priority than any others, but I think they are the top priorities to discuss in the opening days and weeks of the new assignment.

In the following posts, I’ll be talking about a series of tier-2 topics. They are not really less important, but they are areas that should be addressed after the first 5 are underway.

I’ll be posting these in the coming days and weeks.

May 10, 2013 Posted by Mark Brewer | Uncategorized | Leave a Comment