A phrase commonly used to describe the CIO’s present predicament is that they are expected to do ‘more with less’.
Just as the cost-cutting imperative is constraining what they can do, intensified competition is mandating that they do more. But as two of this issue’s features explain, there are management approaches that can help to solve this seemingly impossible equation.
The cover story examines how the traditional approach to information security, scattershot and unrefined, is proving to be both expensive and ineffective. It presents the case for a risk management approach to IT security, in which an organisation assesses what vulnerabilities and pitfalls they are prone to, what damage each would cause and therefore how much it is worth investing to protect against them.
The feature entitled ‘Database Wars Revisited’, meanwhile, looks at the growing popularity of open source database software among businesses. While it is generally acknowledged that such software may not yet be ready to support all ‘prime-time’, business-critical systems, open source database vendors point out that only a small proportion of a given organisation’s systems could truthfully be described in such terms.
For those systems that do not require the very fastest times or the very latest functionality, there are options available that drastically cut licence cost.
In both cases, the argument is that opportunities exist to reduce cost by allocating resources in a more sophisticated fashion. The mirror image of that argument is that there are some areas where cost cannot be cut without serious impairment to the business, as Peter Dew, CIO of logistics giant CEVA explains in his interview on page 30. As an organisation for which IT is part of the service offering to customers, cost cuts at CEVA must be made with extreme care, he says.
Hopefully, CIOs will already know which areas of their IT environment are doing the heavy lifting, and which could lose a little flab. But the complexity of the typical enterprise IT infrastructure means that this will not always be true.
If not, getting to know should be a high priority, as those organisations could be paying to maintain systems that do not merit their upkeep. Worse still, they could, in a fit a recessionary zeal, cut an IT component that earns revenue.
And can anyone afford to do that?