A few weeks ago, Stephanie Balaouras and I posted a podcast on a topic that has been a high priority for many of our customers — how to apply risk management techniques to IT security. We know that many of you are feeling the pressure to take the lead in IT risk management and in some cases even play a role in initiating risk management at the corporate level.
The key to success is understanding the core elements of risk management and how to plug them into existing processes without creating simply another layer of overhead. A major theme of my recent research has been on existing risk management standards and how they are being applied to IT Security and Risk functions. For example, the ISO 31000 risk management standard outlines a five-step process for formalized risk management. My January report, Introducing ERM To IT Security And Risk , provides a summary of the standard, and I will be expanding upon the next steps in my upcoming research documents. In addition, look out for my next doc on Regulatory Intelligence, to be published in the next few months.
In the meantime, I encourage you to listen to this podcast to hear about best practices and lessons learned from clients who have gone through these steps. And as always, I welcome any questions or feedback.
A recent email got my attention. It highlighted a blog post on the MIT Technology Review website about a video from RSA Animate (copied below) illustrating a lecture by Dan Pink (@danielpink on Twitter): "The Surprising Truth About What Motivates Us," based on his book of the same name.
What got my attention? We need to stop rewarding with a carrot and threatening with a stick. The video highlights multiple research findings that suggest knowledge workers are more motivated by autonomy, mastery and purpose than by financial reward. Pink suggests that financial incentives may actually have a detrimental impact on performance under certain circumstances. (The research suggests money is a motivator for purely mechanical tasks but as soon as some level of cognitive processing is required to complete the task, money is secondary to other factors.)
It's time for IT to get out of the business of running everything itself and move into the role of delivering technology value to the business. This is a core theme that runs through a large majority of Forrester's research and our advice to clients. But exactly how do you make this transition? Well, a good example can be found in Amylin Pharmaceuticals.
When designing application infrastructure strategy, planning for the renewal of their application landscape, or assessing their overall strategic position, banks and other types of firms in financial services typically like to know the answer to the question: “What are the others doing?” In the past, surveys similar to our newest financial services survey helped application delivery professionals as well as enterprise architects assess their position, for example, regarding application infrastructure strategy as well as broader application renewal initiatives and position their individual initiative in the regional or global IT and business environment.
Each year we conduct a search for the best examples of social media/social communities as part of our search for winners of the prestigious Forrester Groundswell Awards. This year we have added a new category of award aimed at internal communities designed to help management with innovation and/or collaboration across the organization — communities that empower employees.
In the fall I’ll be helping my colleague, Ted Schadler — co-author of the upcoming book Empowered — to judge the winners of the management category. So if you have a social community or social media success story please consider nominating your firm for one or more categories in this year’s awards.
Next week, vendors from across the social computing landscape will converge on Boston for TechWeb’s Enterprise 2.0, a business Web 2.0 conference and trade show. In advance of this event – which I will be attending – I thought I’d discuss a topic that has started to emerge in my research of social software: the proliferation of social components in business applications. More specifically, I want to address a question a client recently raised: is having a social layer going to be necessary for businesses to adopt business applications going forward?
Over the last few years, we have seen software vendors position social tools as part of software suites such as collaboration platforms (e.g. SharePoint 2010, Lotus Connections), project management packages (e.g. ThoughtWorks Mingle), BPM tools (e.g. ARISalign) and CRM systems (e.g. Salesforce Chatter). This is the natural reaction to what seems to be heavy business interest in these technologies: 65% of firms deploy at least one Web 2.0 tool. However, the marketing and selling of these tools is predicated on two myths:
Myth #1: Information workers are clamoring for these social tools. I have sat in on many vendor briefings where a company representative tells me employees demand Facebook-like or Twitter-like tools to do their jobs. Not true. When we ask information workers about their use of social networks, wikis, discussion forums, blogs, and microblogs for work, only a small group actually uses them; social networking tools, the best-adopted technology, is used by only 12% of information workers. When we ask non-users their desire in using each of these tools, small portions express interest; the most sought-after technology, discussion forums, only piques the interest of 15% of information workers.
[Scroll down to view Forrester’s "The Evolution Of Green IT" video… don’t worry, it’s only ~6 minutes.]
As a quick recap, part one of this video series walked through how corporations and governments are using green strategies to achieve their financial and political ends. From there, I gave a handful of examples around how green IT is helping leading organizations — like Sprint, AT&T, and Tesco — save $20m, $12m, and achieve a 17% reduction in fuel consumption, respectively.
So what can you expect in part two? In ~6:00 minutes, part two of this video series will discuss green IT's quickly expanding scope and approach. What do I mean by this? In short, green IT's scope is evolving beyond the data center into distributed IT and broader business operations. Forrester calls this the green IT 1.0 ("green for IT") and 2.0 ("IT for green") transition. Likewise, the approach to green IT is expanding beyond procuring more energy efficient equipment to also include software, services, people, and process. And the savings from these new approaches are impressive:
In this podcast Claire covers the three most common types of relationships in workplace mentoring and goes on to discuss the benefits to the mentor, mentee, and organization. She cites two major companies that have succesfully implemented large scale mentoring technology implementations. Critical components for successful mentoring programs are discussed and the podcast is closed with takeways for establishing a mentoring program.
According to IBM’s CEO Sam Palmisano, “vision without execution is delusion.” That saying stuck in the minds of attendees at IBM’s SmarterCities event in Shanghai last week making it the de facto theme of the event. According to Palmisano, it’s time to move beyond ideas and put those ideas into practice.
I would argue, however, that when it comes to making “cities” smarter it’s not a question of “vision without execution.” IBM and others are executing, particularly in China and other emerging markets. IBM’s growth markets revenue was up 19% in 2009, up from 18% growth in 2008. China alone grew 14.7 % in 2010. In many markets, stimulus funding has spurred spending on “smart” initiatives.
Rather, it is still more a question of vision. The mantra of smarter cities resonates with many — it’s like motherhood and apple pie, or the equivalents across the globe (rice pudding? crème brûlée?). You can’t argue against it. But, can you show me a smarter city? “Smarter cities” is a catch-all phrase for any initiative undertaken by a government or even nongovernmental entity — the transport ministry or tax agency, the postal service, a hospital or university, or even an association of exporters. Don’t get me wrong; I love the idea. I’ve just been wrestling with a definition for some time now. Everything can be a “city” and within IBM’s sights.
Unfortunately, this week’s IT Forum is at the same time as the World Innovation Forum, which many of my professional colleagues are attending. But Forrester’s IT Forums still give me a much great opportunity to interact with people who are working on innovation initiatives, so I'm not complaining. I’m looking forward to reporting on my experience in Lisbon next week.
Here are a few of my observations from the Vegas event: