|
Tuesday,
May 24
Monday,
May 23
Sunday,
May 22
|
|
CIO Panel Tackles Big IT Issues
Real-Time Survey of Attendees Uncovers Compliance, Standards
Policy, Budget Concerns
A panel of influential industry chief information officers
tackled the big technology issues at a the packed general session Confidently
Meeting an Uncertain Future.
During the session, a real-time survey of the 400 forum attendees found:
- 78% of attendees reported that more
corporate attention is being paid to regulatory compliance initiatives, but
only 38% reported additional funding for it;
- 71% reported that greater demand for
data transparency has led to changes in internal controls; and
- one-third expect more business process
outsourcing in the next few years.
The session covered key issues such as
compliance, standards policy and understanding of standards, business-technology
alignment, legacy systems, and budget. During the interactive session, the
executives analyzed the survey responses while adding their own perspectives.
|
How much attention is paid to regulator
compliance initiatives? |
|
More |
78% |
|
Same |
17% |
|
Less |
5% |
|
Did you get additional funding for
regulatory compliance? |
|
More |
38% |
|
Same |
62% |
The CIOs:
- Chubb CIO Charles G. McCaig, FLMI, who serves as ACORD chairman;
- Barbara Koster, CIO, Prudential Financial; and
- Robert Gorski, vice president and CIO of U.S. reinsurance, XL Reinsurance.
Moderators were:
- Gregory A. Maciag, ACORD CEO
- Ann M. Purr, FLMI, CSP, PCS, second vice president, technology management,
LOMA
Compliance
Updates and changes to meet regulatory compliance requirements have
pushed aside other technology investment opportunities, McCaig said.
Implementing compliance initiatives in 2004 meant an "opportunity cost": other
initiatives that were deferred, concurred XL's Gorski. The next step in
compliance with the new regulatory and legal environment is "institutionalizing"
these practices to make them "part of the way of doing business," he added.
Prudential's flat budget meant that "we took dollars from somewhere else in
order to handle Sarbanes, Gramm-Leach-Bliley, [and] HIPAA [Health Insurance
Portability and Accountability Act of 1996] privacy," Koster stated. "And I
don't think that's going away. I think that's going to increase for the next few
years, and it's going to be part of the normal everyday business. We're going to
have to find better, cheaper, faster ways of implementing the compliance
activities because we're not getting more money for it."
|
Has compliance like Sarbanes-Oxley
affected the work that you do? |
|
Yes |
58% |
|
No |
42% |
Standards Policy
There are two key reasons that a standards policy is
important, Koster explained. "One is ... when we are looking at our vendors or
when we're working with our consulting partners, it's very important that you're
all speaking the same language. So having everyone using ACORD standards [means]
they all speak the same language. So getting work done, I think, is much better.
And the products that the vendors are developing or enhancing ... using
standards makes it easier to integrate it into your environment."
The second reason, she said, is that "every company needs to have an
architecture, and a strategy for implementing that architecture."
|
Do you have a corporate industry
standards compliance policy or strategy in place? |
|
Yes |
28% |
|
No |
55% |
|
Not sure |
18% |
To support its policy, Koster set up an enterprise-wide standards board with
business-unit representation within her company's environment of "federated"
CIOs. Prudential also supports standards with: use of standards as the default
choice for IT projects, a structure for complying and supporting that policy,
and technical architecture.
Koster, who joined Prudential from a banking and brokerage environment, has seen
huge opportunities to gain the benefits of standardization. "We started down the
ACORD path very, very heavily, because we got the operations team to understand
that it facilitated straight-through processing. It facilitated customer
service. It facilitated our ability to put together good information for our
agents in order to be able to sell to our customers, and for our customers to be
able to do self-service."
Understanding of ACORD Standards
In the opinion of the attendees, 83% of non-IT
executives either "seldom" or "sometimes" the value of ACORD standards, showing
the need for members to sell the idea of standards within their organizations.
Only 16% "almost always" or "for the most part" understand the role of ACORD
standards.
But management and board leaders are growing in their appreciation for
standards, which once were viewed more as an accommodation to agents, McCaig
explained. "There's more and more of a need for us to have visibility and
transparency across operations dealing with a multitude of legacy systems,
whether it's for Sarbanes-Oxley [compliance] ... or enterprise risk. It's now
internally where we're looking for a common language that we can use to tie our
systems together. Now we talk about ACORD as an internal standard basically for
providing ... for gluing the systems together. That they understand much more
clearly."
Koster commented: "It's a matter of educating your business around why [use of]
standards [is] ... important, what it does for you, and how it takes you through
the entire life cycle of a sale," she added. "It's not an easy sell. But clearly
a lot of the help that ACORD [provided in] defining the standards and coming in
and talking to the business - that helped us a lot as well."
McCaig added: "Now when we talk about ACORD as an internal standard, basically
we're providing the way to glue the systems together...that they [senior
management] understand much more clearly."
|
Do non-IT executives understand the role
of ACORD industry standards? |
|
Almost always |
2% |
|
For the most part |
13% |
|
Sometimes |
28% |
|
Seldom |
55% |
|
To what extent do you obtain C-Level
sponsorship for ACORD industry standards? |
|
Always |
15% |
|
Seldom |
30% |
|
Sometimes |
54% |
Business-Technology Alignment
"I think senior management recognizes that's it
critical for effective IT to support their business units," Gorski said of his
firm, pointing out that a subcommittee of the XL executive management committee
focuses on technology. "There's a lot of time that's invested in that."
"It's a must have," Koster said of IT-business alignment.
|
How good is the relationship between IT
and the business group in your firm? |
|
Excellent |
14% |
|
Very Good |
31% |
|
Good |
38% |
|
Not Good |
12% |
|
Poor |
5% |
|
What is your level of confidence that
your firm can align IT and business for differentiation and growth? |
|
Very confident |
36% |
|
Moderately confident |
49% |
|
Not very confident |
15% |
Budget
The panel CIOs expressed surprise that more than half of attendees said
their IT spending was up. Companies that have "flat" budgets, as does Chubb,
McCaig noted, actually have less money for new investments in technology because
licensing fees, salaries, and other costs continue to climb even though the
overall budget is level.
|
Is your IT budget Up or Down? |
|
Up |
54% |
|
Same |
29% |
|
Down |
17% |
When new initiatives are brought to executive management, commented McCaig, a
common response is: "'Go do that one and figure out something else not to do.'
That's sometimes the approval you get. So you think twice before you bring a
very, very large project because you may have to 'self-fund' it. So going in,
you want to be sure that if you get that answer, you also can accommodate it
elsewhere."
Despite a flat budget this year, explained Gorski, "We are still going to make
investments in particular areas where they can help us to manage our costs down
the road or try to simplify our environment. We're making significant
investments in those areas."
Koster noted that her portfolio of IT investments is doled out into four
buckets: growth, cost cutting, regulatory, and risk management.
|
Which area gets the most investment
dollars? |
|
Enterprise architecture |
20% |
|
Regulatory compliance |
9% |
|
Policy systems |
46% |
|
Distribution systems |
15% |
|
Other |
10% |
Outsourcing
XL has "moved slowly in this area," commented Gorski. "On the IT
side, we've looked at [outsourcing] the help desk" as well as starting a pilot
project in application development. "Clearly we see this as an important way to
help manage our costs going forward."
Chubb has outsourced its IT infrastructure areas and intends to outsource a
portion of its application development. "We take a look at what is absolutely
core to Chubb strategically," commented McCaig. "For things that are not
strategically mission critical (even though they may be operationally mission
critical), we would take [and ask:] 'Can those things be done more efficiently
someplace else?' If they can, we would turn them over to a specialist firm."
|
What are your plans for Business Process
Outsourcing over the next few years? |
|
More |
37% |
|
Same |
21% |
|
Less |
6% |
|
We do not outsource |
25% |
|
Don't Know |
11% |
Legacy Systems
Mainframe, client-server, and web systems all can be "legacy"
systems now, pointed out McCaig, and many are "functionally rich." A technology
lifecycle model, he pointed out, is that years 1-3 are high-cost years; 4-7
years are when systems hit their stride; and after seven years maintenance costs
begin to increase.
Koster agreed that technology obsolescence often competes against business
functionality in making decisions about legacy systems.
XL's history of acquisitions gives it a different legacy problem: duplication.
"We're very much focused on a strategy around consolidation. Our plan over the
next few years is to eliminate this type of redundancy ..." A key focus is
building information architecture to have the ability "to move that information
in a streamlined and efficient way."
|
How much of a problem are your legacy
systems? |
|
High |
27% |
| |
22% |
|
Moderate |
23% |
| |
16% |
|
Low |
12% |
Federated/Corporate IT
"It's the divisional or regional CIO who is
responsible for seeing to it that the business unit or region responds best to
whatever the competitive pressures are in that line of business or marketplace," McCaig said. "The corporate CIO is responsible for seeing that the enterprise as
a whole, IT as a whole, is rationalized for the corporation."
Explained Koster of her role as corporate CIO: "I'm trying to strike a balance
right between the key important thing of handling the business need and
requirements at the same time that [I'm] trying to create an infrastructure for
the company that will deliver across the business the services that we all can
share."
Corporate CIO's Role: CIOs are the arbiters of competing demands for corporate
cost containment on the one hand and business-unit investment on the other.
Pointed out McCaig: "The CEO tends to view, still today, IT as driving
bottom-line results to take costs out of the corporation. There's an awful lot
of pressure on a corporate CIO running a more-efficient IT operation overall,
and take costs out. There's a lot of pressure by the business-unit CIOs on the
corporate CIO to 'go get us more money' so that in fact that we can do all these
things that we need to do, especially these 'corporate tax' items."
At the same time, corporate CIOs are responsible for enterprise-wide
transparency and risk management, noted McCaig. "The funding is primarily coming
at the business-unit level...rather than the corporate level."
TOP
|
