Information Technology – Strategic Planning
Whether you think Information technology (IT) is a strategic asset to an organization or just a cost center that needs to be minimized, IT strategic planning at some level is necessary if the organization wants to hit its objectives more efficiently and effectively.
An organization’s dependence on information makes it imperative that it align its IT infrastructure to support business strategies. Those business strategies will all need information delivered at the right time and in the right way. The IT Strategic Plan is designed to guide the technology projects and plans to correspond with those strategies and deliver on the future needs for information.
The planning process will ensure that efforts by the IT department are aligned with strategy and that resources are used to focus energies on those tasks that are best suited for the continued growth and well-being of the organization. The IT plan must anticipate the business capabilities the organization will need over the next several years so that the proper infrastructure, software, and tools can be implemented in time. The IT strategic plan must also anticipate the potential threats to information security and build in plans to evolve the organization’s cyber security program. Budgetary expectations and resource allocation are also key drivers of the IT strategic plan.
The size and complexity of the IT strategic plan should be commensurate with the size and complexity of the organization. Organizations that take this practice seriously can have highly detailed plans that have been honed and perfected over time. Organizations that do not have a plan at all will need to start with the basics. The very basic components of an IT strategic plan include:
- Long term business objectives – The plan must start with an understanding and documentation of what the organization intends to do over the next 3-5 years and how intends to do it.
- IT objectives that map to the business objectives – These need to match the time horizons of the business objectives.
- Programs and initiatives – Scheduled over a three-to-five-year horizon that will execute the plan
- Milestones – The plan should also include measurable milestones and schedules to track the plan’s progress
- Diagrams and process flows – High level diagrams showing the design of future infrastructure.
- Budgets and forecasts – Integration of IT spending into the budgeting process and weighing of direct and indirect benefits against the total cost of ownership of the technology.
- Risks – Identification of potential risks associated with changes or new investments in technology and risk management planning.
- Cybersecurity – Incorporate cybersecurity controls into the architecture design and not as an afterthought once in operation.
The leaders of the organization need to define and articulate the strategic direction of the business. This includes key strategic objectives over the next three-to-five years. Business objectives can include the following categories:
- Revenue growth
- Profitability targets
- Market penetration
- Product/service mix
- Risk reduction
Business line managers are often tasked with developing specific plans and initiatives to achieve these strategic objectives. These can include developing new products and services, process improvements and cost reduction projects, customer service improvement initiatives, strategic partnerships, mergers, acquisitions, and divestitures etc. The business leader’s area also responsible for approving IT budgets required to achieve both the IT and business objectives
All these business plans and initiatives have an impact on IT because they all involve creating, analyzing, transferring, and sharing of data. The IT leaders need to understand the business initiatives as thoroughly as possible to understand what these impacts are and the implications, they have on the future of the IT department and technical infrastructure. This understanding will drive the IT planning process and will help the establishment of IT strategic objectives that are in sync with the business objectives and initiatives.
IT strategic objectives have the following characteristics:
- Long term perspective – three-to-five years
- Larger and more significant goals and initiatives
- Continuous process and rolling time horizon
- Long term objectives have less detail than shorter term objectives
This means that your spreadsheet of projects budgeted for the year is not a strategic plan. It is just a list of projects. Projects that do not advance the organization toward its future vision are tactical. Tactical projects are required as much as system maintenance. But they don’t make up for longer term thinking.
The biggest obstacle to creating an IT strategic plan that we have seen is a lack of a business plan. Without a business strategy as a foundation, you have an IT plan for IT planning’s sake. Yes, you can take a stab at what you think the business will need in the future and develop an IT plan based on that prognostication. But remember, the business has to pay for the platforms, tools, and technology you want to put into place. It is better if you can show them that, even if they do not think IT is a strategic asset, without a business-based IT strategic plan their ability to achieve their business goals will be undermined.
How Can We Help?
CLA’s IT and Cybersecurity team have experienced professionals that can help form or evaluate IT strategic plans.
Brittany has more than twelve years of experience and specializing in providing audit and accounting services to financial institutions. In addition to planning, managing and performing financial statement audits for institutions ranging in total assets from $10 million to $50 billion, she has performed engagements designed to test the adequacy of loan documentation and reserves, adherence to internal control policies, outsourced internal audit, and consulting engagements for various compliance requirements.
Comments are closed.