Smart Partnering
Keeping it simple isn't always, well, simple.

By Paul Hyman
Winter 2007

CIOs, management consultants say, ought to persuade their service providers to agree on common solutions to reduce complexity. But invoking the KISS principle—“Keep it simple, stupid!”—isn’t so, well, simple. Service providers don’t always cooperate, the analysts say. Too often they create disparate solutions whose incompatibilities with other aspects of the business require CIOs to act as integrators. “Smart partnering is worth the effort and can certainly increase the chance of success,” says Jim Hayes, managing director of Accenture’s global Oracle practice. “When success does occur, the benefits include cost and time savings and reduced risk. Of course, any success makes a CIO look great.”

Keeping it simple is especially challenging in large, complex organizations, where inevitably, many partners and suppliers are part of the IT ecosystem. The more partners are involved, the more important it is to reach common solutions, suggests Dennis Walters, who, as global alliance director at EDS, is responsible for such key alliance partners as Motorola and CA. “Common solutions reduce complexity in the environments, translating into lower costs and a better user experience,” Walters says. “In the long run, that means happier customers and fewer calls to the CIO saying IT services aren’t adequate.” Hayes, Walters and John Romagnoli, a senior analyst in Wholesale Communications Strategies at the Yankee Group, offer the following seven recommendations to CIOs eager to pursue common solutions.

TIP 1 >
Choose your service providers wisely. Actually, you don’t really want service providers; you want providers with solutions to your problems.

“The number one frustration for CIOs is how difficult it is to find companies with thoughtful, intelligent solutions for their particular problems,” Romagnoli says. “Whenever I’m at a trade show, CIOs tell me that they are impatient with providers who just ‘throw products over the wall until, finally, one fits.’ ”

Romagnoli says that although some of the smaller carriers in the U.S. telecom industry are more nimble than the larger service providers, companies such as Verizon and AT&T “are starting to come to the table with real solutions rather than piece parts. That’s the sort of company you want on your side.”

He recommends that CIOs emulate government procurement officers. Contact one or two service providers, Romagnoli advises, and tell them upfront in the RFP that they will be expected to partner with other service providers to make solutions happen.

“The government wants to know more than that its service providers will use partners,” Romagnoli says. “It wants to know how they’ll use partners—and how they’ll integrate.”

The result, he concludes, “is a sort of internal certification process through which a CIO can identify a provider, understand its capabilities and expect a documented, repeatable model that, in effect, says that when the provider presents a solution, it will be a ubiquitous one that extends across the CIO’s entire sphere of operation.”

TIP 2 >
Seek out service providers that have already “prepartnered.” A real find for a CIOis a service provider that has gone through a prepartnering process with other service providers. The advantage is that such a provider may have addressed and developed solutions for some of the problems the CIO is experiencing.

“We’re talking about a service provider that, on its own, has gotten together with competitors and said, ‘Let’s come up with a common solution here,’ ” Romagnoli explains. For example, he says, AT&T has been layering services on top of its Ethernet service by certifying such partners as Verizon and Bell South.

“AT&T is certifying partners it can recommend up front,” Romagnoli says. For example, he says, when AT&T tells a CIO that the company needs to go into Verizon’s footprint before it can build a solution, AT&T can add that Verizon is already one of its certified partners. “That’s a flag for the CIO that AT&T has already done its homework,” Romagnoli says.

TIP 3 >
Set a clear governance structure. CIOs must make certain that service providers understand their specific roles and responsibilities.

“Once the roles are understood,” says Accenture’s Hayes, “service providers do their best thinking. They get together to consider and come up with hugely advantageous solutions for the client’s problems. It’s only when the client pits service providers against one another or creates an unhealthy competitive environment that the situation can become problematic.”

There may be a certain amount of debate at the beginning of the process, EDS’s Walters says, but after the CIO has made a decision about how to implement, the debate is over, and it’s time to execute.

“The CIO has to clarify the situation: ‘Provider #1, this is where you fit in, and this is your swim lane. Provider #2, this is what you’re bringing to the party,’ and so on,” Walters says. “Everything has to be spelled out up front, and everyone has to understand that there are common systems, a common reporting structure and a common governance structure.”

TIP 4 >
Put it in writing. Not only do the service providers need to know who is responsible for what, but they

also need to understand the common goal.

“If it’s not explicitly stated—if it’s not in writing — the odds that all the providers will understand the objective are reduced drastically,” Walters warns. “Each service provider may have the customer’s best interests in mind, but if the CIO doesn’t spell out what is expected from every party — as clearly as possible — different opinions on the best ways to meet the CIO’s needs may give rise to friction.”

TIP 5 >
Don’t forget incentives. Underscore the value of common solutions by including incentives that encourage service providers to work together.

“Adjust variable compensation on the basis of how smoothly the service providers function together,” Walters recommends.

TIP 6 >
But keep your hands off the differentiators. Hayes cautions CIOs to remember that all solutions can’t be common solutions. If a business has a competitive advantage that delivers real value, the CIO shouldn’t try to eliminate differences in order to simplify things. Differentiators, he says, should be accentuated, even if that means dealing with a little more complexity.

Less complexity to lower cost of ownership is, Hayes says, “an admirable goal. But the trick is for the CIO to recognize the business drivers in his company, as well as the differentiating technologies those drivers deliver in support of the business. Then, I think, it’s OKto be not so common. One mistake a CIO can make is to take a differentiating facet of the business and try to change it merely for purposes of simplification.”

TIP 7 >
Keep your eye on the ball. It’s not enough to select service providers and give them their marching orders. The process must be reviewed regularly, assessing the effectiveness of the providers — individually and collectively.

“In some cases, reviewing once every quarter is enough,” Walters says. “In other cases, once a month or more [often] may be appropriate. For sure, once a year isn’t going to work.”

CIOs should never be wed to the original plan and, depending on the outcome of the regular reviews, they should be ready to make adjustments. The best solution providers continuously learn about the CIO’s business and its operations, and as part of that process, they can offer new ideas on ways to make improvements. That, as they say, is a good thing.

Paul Hyman is a freelance writer who reports on the technology sector. He was formerly editor in chief of Electronic Buyers’ News and GamePower.

How Deloitte & Touche Builds Client Success
Nothing breeds success like success. That's why Deloitte & Touche LLP security consultants consider setting short-term goals a leading practice when developing strategic customer-specific solutions. "I like to showcase incremental successes every four to six months," says Deborah Golden, a principal in Deloitte & Touche's Security & Privacy Services practice. "We like to show value as soon as possible and build toward the long term vision demonstrating value along the way."

Deloitte & Touche consultants utilize short-term goals to keep clients engaged and focused on the strategic value of the solution, Golden explains. These short-term wins keep stakeholders involved in the process. "That way, when you move to the next step, you don't have to pull the stakeholders along," she adds. "They've seen what they're achieving, and they want to continue building on prior accomplishments."

Another Deloitte & Touche leading practice for developing customer specific solutions: secure buy-in from all stakeholders in the project. That's especially important when a solution involves not only the CIO and several suppliers, but also multiple business units across the CIO's organization, Golden says. By finding common solutions, multiple business units in the same organization can utilize a single approach and underlying technology solution to develop comprehensive results that may ultimately lead to a higher degree of economies of scale. "So many of today's solutions integrate common technologies across various applications, infrastructure and business units," Golden explains. "The true value of an identity management solution encompasses many aspects of an organization and not just one silo component and business unit."

Get Hip to HIPAA Putting these principles into action, Deloitte & Touche's Security & Privacy Services group recently advised a health-care client that sought recommendations on processes that involve Health Insurance Portability and Accountability Act (HIPAA) requirements.

To do so, the Deloitte & Touche security consulting team reviewed the complexityof the client's environment. This environment supported not only the client's own employees, but also an entire community of physicians, nurses, students and multiple campuses. Next, the Deloitte & Touche team drew up a priorities road map for the client. "We aligned those proposed priorities into areas that could be delivered in incremental and successful components," Golden recounts, "not only to one particular organization, but also to the greater community that our client has to support."

Golden and her team have another advantage, namely the breadth of the practice at Deloitte & Touche. The firm brings together many years of global industry experience with a complete array of security and privacy services across all industries. By virtue of this global organization, Deloitte & Touche's clients have access to experienced professionals and specialists who can address specific, complex issues from multiple angles.

This multi-disciplinary business model allows industry-experienced specialists to support the engagement by applying specialized knowledge, skills, resources and tools. "Because of what we call a multidisciplinary approach with audit and control capabilities, industry practices and more, we team together to solve our clients' problems," Golden says. "We can easily reach out to other member firms that specialize in a certain area, whether an application, technology or industry."

To create powerful, unified solutions, the Security & Privacy Services group at Deloitte & Touche often turns to vendors with which it has relationships. Deloitte & Touche connects these vendors with its Identity and Access Management specialists to create solutions that meet client requirements, Golden says. For example, the aforementioned health-care provider performed an analysis of proposed technology solutions from CA and three other software vendors. After a careful review, the client selected the CA solution. "Our client believed CA was the company that most holistically met their needs," Golden explains. "The alliance relationship between CA and Deloitte & Touche permitted our two organizations to work together effectively to deliver the solution to our client."

"The alliance relationship between CA and Deloitte & Touche permitted our two organizations to work together effectively to deliver the solution to our client." Leveraging Deloitte & Touche's approach of maintaining a steady stream of short-term goals, the CA and Deloitte & Touche team integrated the first phase of the healthcare engagement — which included people, process and technology components — in just four months. Next, the team will incorporate additional solutions in phases two, three and beyond. "The alliance has produced a solution for the client that might not have occurred without both of our involvements," Golden says. "That's the true value of not only an alliance, but also the value we provide to our clients."

— P.H.