Developing An ICT Strategy (Part Four)

Introduction

This month seems the conclusion of our toolkit to develop an ICT strategy. We’ll be looking at ICT governance, how to get your best return on investment (when it’s worth spending money and why) and how to cope when things change.

Remember, there are only two reasons to use ICT:

  1. Doing things better
  2. Doing better things

Developing an ICT strategy: Phase Nine to Eleven

This month we’ll look at:

Phase Nine - Governance: Security, Policies, Procedures and Risk
Phase Ten – Money and Return on Investment
Phase Eleven – Coping with Change

By the end of the article, you should be clear how to manage risk around ICT and information management, when and why you should spend money (and how to get it) and what to do when the goalposts move.

Phase Nine – Governance: Security, Policies, Procedures and Risk

Let’s face it. Lots of voluntary organisations have barely managed to understand their organisational governance never mind the ICT issues. But it’s not that complicated and it is very important…

Decide how you want to ‘control’ the use of ICT. You could offer your staff free and open access to do what they want. If they’re technically savvy, and completely trustworthy, this is a reasonable way to go. You could have a completely restrictive (locked down) system – this might endear you to your colleagues but it could minimise the risks of things going wrong (people installing software which damages your system or data, inappropriate or illegal use of the internet, data protection breaches etc.) These decisions should be made as an organisation, in consultation with staff, management and trustees and the implications explained to everyone.

You need to think about what happens if something goes wrong. Remember that prior planning prevents pretty poor performance? Yes, you need to plan, write those policies and procedures and carry out a risk assessment. The ICT Hub Knowledgebase is a good place to start – www.icthubknowledgebase.org.uk

You also need infrastructure. Security is all important and although it may well have been dealt with under hardware and software, it’s a good point to review whether your firewall, anti-virus, anti-spyware etc. are in place and working and that colleagues aren’t compromising the system.

The thing about ICT governance is that it has to fit with organisational culture. It’s perfectly reasonable in a ten staff organisation to prevent individuals installing their own software (and locking down systems to prevent them allowing website and viruses to do the same). With a few colleagues, you’ll probably tell people they can use the internet for personal use as long as it doesn’t interfere with work or break the law or damage the reputation of the organisation. You wouldn’t reprimand someone for leaving their screen on in the open plan office when they leave their desk but you might remind them of the sensitivity of data and that passwords should be secure (and not written on a post-it note under the keyboard). Many of the things that can go wrong with security are down to people and not technology.

Risk management sounds more trouble than it’s worth. It’s a pain, but as anyone whose office has burned down or who lost confidential information in a burglary will tell you, I wish I’d done it. We think about it, but there’s always a competing priority.

Look at it this way. Imagine the worst think that could happen. Someone burns your office down and you lose ten years data and contacts. Someone runs off with the details of vulnerable people who entrusted you with their private information. How would you sleep at night? Makes risk management and disaster prevention seem like a top priority! And it’s not just about operations, you could destroy years of trust and reputation through one accident.

Ultimately responsibility lies with senior management and trustees but it also lies with you. What can you do to ensure nothing bad happens and if it does, that the impact is minimal?

Checkpoint

Do we understand:

  • The importance of backing data up so we can recover information in the event or burglary, fire or system crashes and are we doing backups?
  • How systems are secured and why and how to manage them?
  • Why risk management matters and how to share that with colleagues?
  • How much our reputation depends on ICT?
  • How much people depend on us to help them and how important the policies, procedures and security are to support this?

Phase Ten – Money and return (value?) on investment

How much did you spend on ICT last year?

It’s a question I ask a lot and the most common answer is “I don’t know” followed by “not much”.

How much did ICT cost you last year?

OK, so you might think that’s another way of asking the earlier question…

WRONG. Your ICT cost you whatever you could have saved as an organisation if you had an effective and efficient ICT system.

I recently did some work with a small charity whose ICT was a bit of a mess. Too few computers and what there was didn’t work very well. Poor systems management, no policies or direction around ICT, just a chaotic mess. And some unhappy staff who were being hindered in their jobs (their real jobs, not their ICT work). We estimate there was a potential loss of productivity in time lost/wasted of tens of thousands per year.

The senior management recognised this. They worked with us to develop an ICT strategy, with a funder to raise money, with us again to develop a detailed ICT plan, with a  support company to get new equipment, proper networking, system optimisation, training etc. So what happened….

The funder thought that their investment (around £20k in total for start to finish) would make such a huge difference, they couldn’t wait to invest. My colleagues and I were passionate to make the difference. The new system is working extremely well, morale has shot up, relationships are easier, staff are happier, fully supported through ICT and they have an annual support contract for when anything goes wrong.

This organisation’s investment will have paid for itself in increased productivity in less than six months. It’s improvement in morale is already worth the money. Staff can now do what they need to do and ICT supports them, not hinders them.

What could good ICT do for you, your people, your organisation and your clients?

It’s not on return on investment (because ICT will always costs money and your ICT spending may well always increase). It will make its difference on the bottom line (better, more effective and efficient services, and more bang for your buck).

It’s really about value for investment and to get the best out of it, you need to look across the whole organisation.

So to budgets…

You need a one year budget (what you plan to do and spend this year) and it must link the overall management budget – what difference can you make to that, what savings can you create for it?

You need a three year budget. What are the big projects that will change the organisation for the better and make a real difference for your service users. This is how you start to justify the really big money – through the really big purpose.

Budget for return on investment. If you need a new network, check out what productivity improvements you’ll get by measuring the way it is now (and estimating what you can get out of the new system). What could improved information management do for you? How can that new website save you time and money?

Budget against change. Something as simple as installing broadband could increase your monthly costs, but give you better access to information and make certain tasks quicker and easier. But you need to account for the fact things change, costs increase and you don’t always know what’s around the corner – give yourself some scope and breathing space.

But this really depends on what your senior management and trustees think doesn’t it? Talk to them in their language – effectiveness and efficiency through a passion for the organisational cause. Last year you might have helped 500 vulnerable kids. With the new ICT system it will be 600 because… (and only you can say why).

There has to be a real ‘business case’ – a real good reason for doing this and once you have it then convincing others is much less of a challenge.

Remember if you’re serious about ICT making a difference your project must contribute to doing things better or doing better things. It might contribute indirectly, but you have to see how and why to get others to buy in and to secure that all important funding.

Checkpoint

  • How much did we spend last year and why?
  • How much did our ICT cost us operationally last year?
  • Do we all understand what could good ICT do for us, our people, our organisation and our clients?
  • Have we worked out the value return on investment of our projects?
  • Have we got (or have plans for) one and three year budgets?
  • Are the ‘bosses’ on board?
  • Are we clear about our business case?

Phase Eleven – Coping with Change

Whatever you do today, the goalposts will move to cause you problems.

If you develop a project over three years, the environment (and doubtless costs) will be very different at the end than at the beginning. People move on, technologies move on, change happens. Often the best thing you can do to an ICT project which is no longer needed or no longer working is to kill it off!

This isn’t the time and place for a detailed view of change management (there’s more at http://www.icthub.org.uk/articles/Making_Change_Happen.html for all that) but a few things to ponder as you plan your ICT.

Cutting edge or bleeding edge?

How innovative do you really need to be? Sure, you want to use new technologies. Sure, you want to be ahead of the game. But maybe you can do what lots of other organisations already do. Maybe you need to think about secure and stable infrastructure before doing anything too clever. Remember cutting edge is cutting, but bleeding edge hurts and why should you be the first one to make the mistakes?

Do you really need the new whizzygig?

New toys are fun, but what difference will they make and how badly could they hurt you. Remember what we said about value on investment and justifying the business case. Let’s face it, Microsoft Office 2003 is already so detailed, what could we possibly want from an upgrade to Office 2007 (even Microsoft admit this!).

Organisational change

What difference will ICT make in your organisation? Applying sound change management will help. Remember whatever you do has an impact on someone somewhere and it may not always be obvious. Plan for change and plan for challenge and make sure you have a really good reason for doing what you’re doing.

The other side of the coin is that the organisation might change around (or outside) your ICT project. What was really sensible and clever last year might be redundant this year. You can’t always legislate for that but you can deal with it when it happens. Remember, scrapping projects can save you time, money and resources in the long run.

What happens next?

Prior planning prevents pretty poor performance but you need to manage plans. Keep on top of them, make sure the strategy is meaningful, that the plans fit and that the key parties are engaged. Learn to predict what might happen next.

Review dates and organic developments

Strategies are not one offs. You need to keep an eye on how your organisation and its projects are developing. You need to manage ICT carefully and you need to set dates to review the ICT strategy. These could be annual reviews or any time the organisation itself undergoes major change.

Checkpoint

Do we know:

  • How to manage change
  • How brave we want to be in changing things?
  • How much we want or need the new functions and systems?
  • What are the implications of organisational change for ICT (and how do we know what it going on)
  • When we’re going to review our plans and strategy

Summing Up - Don’t panic!

A few points to leave you with. You’ve know been through the eleven stages of planning an ICT strategy. So here are a few final thoughts:

  • Listen to the people (inside and outside the organisation)
  • Learn from others (especially around systems) including competitors
  • Don’t reinvent the wheel or overcomplicate
  • NEVER overpromise benefits
  • Define the goal… the rationale… and the direction and means to get there…
  • Follow up with the detailed plan & structure to support it
  • It’s about attitude, leadership and helping to make a difference

Before you panic at the amount of work involved, none of this is as bad as you think and you don’t have to write your strategy overnight. Everything you are doing is aimed at making you more efficient, effective and economic and the strategy and development plan will be a real asset when it comes to fundraising. You may even be able to get a volunteer to do some of this work for you – check out www.it4communities.org.uk for more info.

It’s time to get on with it… go let’s go to work!

Simon Davey
Preponderate.net
simon@preponderate.net
http://www.preponderate.net 

More Articles
 

web design & technology by Futurate