by Elizabeth M. Ferrarini

When a major corporation files for bankruptcy, senior executives can take one of two paths: stay and help build the company to be better than ever, or bail out in search of greener pastures. Dan Wagner, the CIO of Global Crossing, the fourth top U.S. telecom company, as ranked by InformationWeek, is a  builder, a survivor, and a you-can-achieve-anything optimist.

Two months before Wagner was appointed to the CIO role at Global Crossing in 2002 , the company filed for bankruptcy. John Legere, Global Crossing's CEO, immediately enlisted Wagner, who had been running the company's European operation, to be part of the turnaround team. Global Crossing, a darling of the dot.com days, had racked up $12.4 billion in debt as a result of building a 100,000-mile fiber optic network.

Today, Global Crossing, which sells telecommunications products and services to organizations in 50 countries, is a leaner, more efficient and customer-oriented machine with improved IT business processes. In fact, the company's headcount has gone from 16,000 employees to 3,400 employees.

During the past four years, Wagner has diligently rebuilt IT, reducing spending from $300 million a year to $60 million a year, and cutting the IT workforce from 1,600 to 350 employees. He is involved in integrating the company's recent acquisition of Impsat, a Latin American-based telecom company, which will give Global Crossing, 1,200 new employees and 4,500 new customers.

Enterpriseleadership.org recently spoke with Wagner about some of the things he did to help turn the company around, especially in IT operations.

EL: Can you sum up some of the initial things you had to do as part  of your turnaround work?

DW: It has taken a massive, five-year effort to get to where we are today. We had no choice but to change and improve operations. Initially, we focused on reducing costs. For example, we reduced our IT cost by 80 percent from what it was in 2001. We also realized we had to increase our IT capabilities to the business.

We reduced our IT spending from $300 million to $60 million. Our operational expenditures were reduced by 50 percent or more. Our cash burden in 2001 was $400 million a month, and we are now cash-flow positive. This is a better place to be than the place we were in before.

EL: Can you talk about some of the key restructuring actions you  took?

DW: Before the restructuring, we had dozens of competing projects and lots of capital going out of the door. The first phase of restructuring included consolidating applications, servers, data centers and infrastructure, as well as closing down millions of square feet of real estate. We focused on the key applications that were good for our customers, good for our products, and good for revenue growth. For example, we reduced 17 billing systems to two, and took provisioning and order management systems from 25 to seven.

The next phase consisted of building an intelligent front office to make all of our employees more productive. Built on the Microsoft.net platform, the intelligent front office, for example, enables our sales force and our customers to see, and to manage, their services directly. This platform powers our external portals, enabling us to focus today on what's important to Global Crossing -- customers!

EL: Can you go into more detail about how the intelligent front  office works?

DW: We incorporated many things into our intelligent front office to improve the way our employees collaborate with each other as they do their work. We deployed a pretty extensive next-generation platform based on Microsoft Communicator. In fact, we built some of these capabilities into many of our applications, as well.

Take the org chart: you can look at it and see whether people are online or not. You can immediately click and talk to them, click and send them email, or chat with them. This presence-enabled infrastructure and functionality carries over to most of our applications. You can click and communicate in real time, while you're in a corporate application, such as order entry.

More than 90 percent of our employees use IP telephony, which is part of this integrated intelligent front office. Wherever I am in the world, I can pop on calls that have been flowed into my laptop and can communicate with anyone on our network or outside of our network.

EL: What have you learned from the traumatic experience of Global  Crossing's bankruptcy?

DW: I've learned that you can do anything you want if you set your mind to it. Of course, you need to have the right people with the right attitude. I have an irritating go, go, go model. However, it exemplifies what Global Crossing is about. Because of what we've gone through, we've created a culture of people hungry to serve customers passionately.

EL: What does your IT governance model look like?

DW: Reporting to the president, we have an executive team  that sets strategies and priorities. I'm part of this team.

Below that, we have a portfolio action committee consisting of the IT executives in the company, along with members of product marketing and finance. This committee manages all of the major projects and capital expenditures. Every two weeks, we look at the status of the priorities for product development, for operational efficiencies, and for IT spending.

We also have a steering committee made up of people who represent different functions in the company. They meet weekly to look at the progress being made in about 55 active projects. The goal here is to make sure everything is on track. If there is an issue, they come back to our action committee for resolution.

The good news is that there are no disconnects between these groups.

EL: You have 350 IT people reporting to you today. How have you  allocated these resources?

DW: About half of them include operations people who man the data center or the help desk. The other half of the workforce resides in strategic product development. We've decided to increase the number of people doing this software development. Our IP products, along with the intelligent front office, require a lot of software development. On occasion, we'll hire a team of developers -- perhaps a dozen -- to work on specific projects.

EL: What are you doing to keep customers excited about Global  Crossing's future?

DW: We're a huge carrier of VoIP, providing more than 5 billion minutes of it each month to about 600 carriers. We're also a big consumer of VoIP services internally, It's important for an IT shop to sell what it consumes, especially since it has saved us huge amounts of money. I spend about 50 percent of my time selling to customers.

In 2006, I went on 100 sales calls. Members on my IT team made 500 sales calls in 2006. Making sales close differentiates us from our competitors. Customers like that we pay attention to them and provide the products and services they're looking for.

The IT team has a lot of credibility because we can talk about our experience using our products. I go out as a testimonial to our product capabilities and technology know how. When I talk to a customer's CIO, I know there is an innate trust between us. We've become our own success story about why customers should do business with us.

At the start of 2006, I said, let's go from restructuring to revenue growth by helping the sales force as much as we can. IT people know more about the business than anyone else, especially how everything works across functional areas.

We've put IT at the center of our company's strategy, and it's been working for us. Perhaps the passion in our IT team's voice while talking to customers helped to drive revenue growth by 17 percent in 2005.

--

Elizabeth M. Ferrarini is a freelance technology writer  based outside of Boston, Massachusetts. Reach her at elizabethferrarini@yahoo.com.

by Mary Nugent

Internal IT organizations are frequently viewed as cost centers. While most business units assume that the cost of IT is too high, and that they can get better value by outsourcing, they should consider the undocumented services performed by IT. At the same time, IT must prove its business value by demonstrating its understanding of customer needs.

As the Internet enables enterprises to become "virtual," organizations must be able to share business systems with partners and customers. This trend is putting more pressure on IT departments. In fact, IT is no longer just focused on LAN or WAN; now it must deal with remotely dispersed servers, disconnected clients and public Internet connections. IT assets must be managed with guaranteed and reliable service levels. To cope with the new demands of service level management, many enterprises will look at outsourcing.

Is outsourcing less expensive than internal IT?

While many enterprises believe that using external service providers will automatically lower costs, analysts caution them to look closely at the breakdown of services offered by providers. According to M. Nicolett of Gartner, "Good business decisions can only be made with a clear understanding of current services and costs, the impact of change and the risk associated with IT services that do not meet business requirements."

Internal IT organizations must provide their business units with a complete list of services they offer. If this documentation is not provided, enterprises may pay more for outsourcing in the long run as they request services that were once standard with IT but were missing from the external service provider's initial quote.

What if outsourcing is not an option?

For some enterprises, outsourcing IT resources is not a viable option. For example, while security is a paramount concern, outsourcing IT may create rigid security precautions that do not allow for the same level of productivity. Also, some organizations may choose not to outsource because they do not want to give up control of their technology infrastructure, their applications or their information. If any of these concerns are present, the internal IT organization must adopt the practices of outsourcers to become a service provider to its own enterprise.

How is IT affected?

As a result of this new enterprise-internal service provider relationship, IT departments will be held responsible for providing business services in addition to IT services. For example, rather than monitoring just the performance and availability of each component (server, database, etc.), IT will need to ensure that the service levels meet the strategic goals and needs of individual business units and departments.

How does IT become a service provider?

Think like an external service provider

For starters, IT organizations must replace the term "end user" with "client." Referring to individuals as "users" is a thing of the past -- now everyone is a "client" or "customer." This change in thinking leads to the biggest hurdle the IT organization faces -- becoming an effective communicator. The entire IT staff must improve its communication skills and business acumen. Becoming a good communicator means learning how to sell the IT value proposition. "Selling" does not come naturally to a technical person so IT staff must be trained to understand their customers' businesses and to effectively communicate with the business units.

Define good service levels

The basics of "who, what, when and where" apply to any service levels that are agreed upon with the customer. Who is responsible for what, how often it will be reviewed (when) and where the review process will occur.

Also, IT must define services within the context of business strategy and customer needs. According to Kris Brittain and Richard Matlus of Gartner, "…defined services are an amalgamation of the internal and external elements from a business and IT perspective."

Clearly communicate the value proposition of IT services

IT organizations are used to focusing inward on technology. Now they need to focus outward on communications with the business units. According to D. Curtis of Garter, "To optimize its contribution to corporate profitability, [IT] must also focus outwardly on regularly communicating with business stakeholders."

IT must proactively demonstrate that it understands its customers' needs. If not, the business units may turn to outsourcers because they think external service providers -- who use the same business terms as business units -- are more familiar with business needs and have better processes than internal IT. However, Nicolett points out: "The internal IT operations group can solidify its position as the preferred service provider by defining current services, developing granular cost information and leveraging its potential for customer intimacy."

Also, according to Martin Rosenberg of META Group, "… IT executives and [business unit] managers should jointly assess IT investments by regularly running tactical and strategic services planning meetings." IT can achieve this by identifying business "gurus" who will agree to act as the IT organization liaison to the business group. Getting these experts to feel as if they are a part of the "team" is important. IT should work at this relationship through frequent, personal contact, such as lunch dates. Otherwise, as B. Gomolski and J. Grigg, of Gartner, write: "If personal contact is limited to the office, it will be difficult -- if not impossible -- for the [IT] outsider to become a management insider."

At the same time, Curtis says, "This communications path must be a two-way street, meaning that the [IT] organization is not the only stakeholder. The business units must also identify the parties responsible for their end of the negotiations."

Curtis goes on to say that communicating with business units about service levels on a continuous basis will help IT to better meet service levels. "A defined process to renegotiate SLAs because of changes in the business environment will ensure that the IT infrastructure continues to perform as needed by the business units."

Assigning a value to and charging for services

Rosenberg says that IT organizations should offer variable pricing linked to availability options, similar to those of external service providers. Different levels of services should be offered at different costs so the amounts charged back to business units are based on specific requirements. This "…enhances the enterprise's ability to better compare "apples to apples" in services that are internally sourced to those offered by external service providers," say Matlus and Brittain.

Defining SLAs that govern services

Often when business units ask for SLAs, they receive raw data, which is not relevant to what they want to know. Business units require business-focused metrics. These metrics must be clearly defined and understood before SLAs can proceed. IT and business units must agree on key performance indicators, such as what is being measured, what form it will be in and the types of reports that will be provided.

According to Brittain and Matlus, the IT organization determines the terms and metrics of these SLAs, which are documented as service commitments and communicated to the business units. They go on to say that often times SLAs are not met because lack of communication and failure to set expectations. They suggest that IT and business units need to agree on service levels to be measured and on each other's roles. Internal IT must be willing to accept SLAs as performance to work against and define penalties for when SLAs are not met need to be defined. Also, IT should evaluate current service levels so that it is aware of what is realistic before guaranteeing SLAs to business units.

In addition, a well-defined SLA has a language common to both IT and business units, which reduces the cost of having to explain reports, according to B. Gassman of Gartner. Accuracy of metrics is important to their value, and the value should be determined by what the customer requires so that only relevant metrics are published.

Adopt new tools to address the unique requirements of a one-to-many  model

IT needs a solution with a multi-tenancy architecture that enables it to deliver a highly scalable and reliable application with low administrative costs. Then IT can easily, reliably and seamlessly support large numbers of customers (business units).

Continually review practices and look for industry-adopted templates for IT  service

IT should examine current operations to identify ways of improvement. Nicolett suggests that to be proactive in its marketing to business units, "the IT operations group should implement best practices independent of any outsourcing evaluation."

To better position themselves against external service providers, internal IT organizations should have both a detailed service description and well-defined process. A formalized approach to supporting business initiatives is best. To do this, IT needs to get formal acknowledgement from business units that certain levels of service are necessary.

Summary

IT organizations must continually communicate with their business unit customers to ensure a good working relationship and long-term success. Changing the language used and focusing on how service levels relate to business needs will help demonstrate IT's value to the business units.

--

Mary Nugent is an accomplished software technology executive with expertise and in-depth knowledge of information technology. She is responsible for the development of projects around Business Service Management (BSM) for BMC Software.

by Dana Farver

The Internet has come of age, and organizations continue to find ways to leverage the power of the Web to build, and improve, relationships with customers, vendors, partners, and employees. Even that bastion of tradition and stability, the banking industry, has come to appreciate Internet resources that far-thinking IT groups are utilizing to become more customer-centric than ever. Witness Wells Fargo, whose executive vice president for wholesale Internet solutions, Danny Peltz, was chosen as a Bold 100 Winner for Commercial Electronic Office by CIO magazine. Enterpriseleadership.org caught up with this banking exec recently to talk about how his group adds value to his business, keeping morale and productivity high (free food is part of the answer!), and the greatest risk he's taken so far in his career. Here's what he said:

EL: Can you tell us a bit about yourself, about the Wholesale Internet and Treasury Solutions Group at Wells Fargo, and how you came to head up this group?

DP: I've been with the bank for about 16 years and have worked in a variety of different capacities, including finance, project management, marketing, and incentive compensation project management. In 1999, Wells Fargo decided to make a big investment in the Internet. You've got to remember that at that time, the thought was that all banks were going to "become dinosaurs," and we were going to be "dot.com'ed" to death! Each and every line of business was leveraging, or hoping to leverage, the Internet as an avenue for growth at the bank. And if you know anything about Wells Fargo, you know that our focus is on topline revenue growth. So utilizing the Internet was a pretty key issue, going all the way up to the CEO of our company, Mr. Dick Kovosovich. He decided to form a centralized group that focused exclusively on the Internet, and it was at that time that the Wholesale Internet and Solutions team was born. I would've been Employee #2 in that group, along with a gentleman named Steve Ellis. The two of us built out a variety of different services focused on our customers, of which the flagship product was the Commercial Electronic Office (CEO), and that just grew like wildfire at the company. As it grew, its importance to our customers and to our relationship managers within our company also grew, and our responsibilities increased. Eventually, Steve got promoted and I got promoted, and that's how I wound up heading the Wholesale Internet and Treasury Solutions Group.

EL: What is "CEO"?

DP: CEO is our Commercial Electronic Office. It is a single-sign-on, financial-services portal that enables our larger, business customers, through a single interface, to access all the products and services that we offer them. And I define "larger business customers" as customers with essentially $10 million in annual sales, all the way up to the largest companies on the planet. The CEO has had spectacular growth. Since 2000, we have gotten about 70 percent of our commercial customers to actively use the CEO on a daily basis. And we process trillions of dollars worth of payments on an annual basis through that platform. It enables us to access products and services such as treasury management, brokerage services, credit services, trust services, foreign exchange services, letters of credit, 401k services, etc., all through a single interface.

EL: That probably reduces a tremendous amount of confusion and  duplication of effort.

DP: It made it much simpler. Most other banks at the time really delivered Internet functionality through each one of those lines of business, and we decided to take a holistic approach to our customers. Our business model stood true over time, and most of the other companies are now continuing to play catch-up with us.

EL: That was probably quite a challenge for the IT  group.

DP: I don't know if it was as much of a challenge to the IT group as it is the convergence of business and IT. It changed the way that we approached business. My philosophy about IT is that when my business people are confused for my IT people, and my IT people are confused for my business people, I know that I'm successful. And all of them need to be incessantly focused on what the customer wants and needs as opposed to what the bank needs, and that makes us super successful.

EL: We are curious about the demographics or trends for Wells Fargo's online commercial business these days. Has it become dominated by a small number of major players, or is there still a lot going on with small businesses online?

DP: Well, obviously the bank has had successful penetration rates for the small business line; in fact I think 53 percent of our small businesses actively bank with us online, but not on the Commercial Electronic Office platform. The CEO has 70 percent of our commercial customers, so it's not small businesses, its all businesses. And what we found is that the more control and products and services that you can give to a customer, the happier they are, because they're able to manage their own finances as opposed to waiting for the bank to support their needs.

EL: We've interviewed a number of CIOs since we launched a year ago, in many different industries -- hospitals, government, academia, as well as the retail sector -- You're the head of a group that provides products and services for the 5^th largest bank in the U.S. What is it you need to do to add  value, to keep your business competitive, in your particular  area?

DP: Probably the most important thing is to focus on is the end user, the customer, and to keep things as simple as possible. And then, to provide them with the right workflow tool, so they can accomplish what they need to. The interesting thing for me in terms of how the industry has evolved is as clear as the difference between a client-server application and a Web-based application. In the old days, there was an extreme divide between where the bank ended and the customer began. The workflows that happened in the customer's office were distinct from the workflows that happened in the bank. But the Web has allowed us to create a greater interconnection, and those boundaries no longer exist. So, we're now an extension of our customers' workflow, as opposed to an extra step, and by focusing on what our customers need and the ease of use of our products, this has enabled us to be successful. I usually frame things in three different ways when building out new functionality: 1) How is what I'm building going to make it easier for my customers to do business with their customers, partners, vendors, employees; 2) How is what I'm building going to make it easier for our customers to do business with us; and 3) How is what I'm building going to make it easier for my relationship managers, sales force, and staff to do business with my customers. If you can frame everything you do within those three questions, you're probably on the right track.

EL: What quality initiatives do you find most effective for your  organization?

DP: I'm a big believer in organic growth and organic ideas and innovative thinking, and we don't use an "off the shelf" industry standard quality initiative like ITIL or Six Sigma. We basically create Pillars of Truth, and we try to focus all of our development and efforts around them. Those are: We want to be 99.9 percent available for our customers, we want customers to be one click away from where they want to get to, we want to make sure that everything we do is centered around the customer, and focused on what they want to do, and we test out our ideas with our customers first, and we never do anything like a "Big Bang" type of migration; we're always doing progressive rollouts and migrations. It's a slightly more costly way to do business, but it's a better way to do business because you have a better service delivery model.

EL: We've read that you and your group are constantly upgrading your commercial Web portal to be more customer-friendly, and thus encourage more revenue per customer. Can you talk about some of the ways you've done this, and your philosophy in general about customer service in an age of depersonalizing customer contact?

DP: That is an excellent question, because our business is all built on relationships. And so, I am in the business of creating more contact because it allows us to strengthen our relationship with that customer. So, when we went out on the Internet, it became quite clear to us that this was a channel, and not the channel, and that it was not a cost-cutting play, but a revenue growth and customer experience play. And by focusing on it that way, we enabled those existing customer service people who were already servicing those customers to have access to more tools, to be able to service them online. And so, if our customers always called Judy down in the call center, we wanted them to continue to do that, but to also enable the access to the tools to support the channel within that call center. And that's been extremely important because -- and this is what's interesting to us -- the more a customer calls us, the more satisfied they typically are.

EL: We understand that your group has also made strides in cleaning up your internal systems architecture. Based on what you've learned and implemented for your external customers, can you talk more about that?

DP: What we learned pretty easily was that people like single sign-on. They don't like to remember all these passwords and usernames. So, it was obvious that, once we understood the technology, by creating a single sign-on portal for our employees to be able to access their tools was a pretty important initiative. And so we built out what we call the ICEO, or Internal Commercial Electronic Office, which allows our employees, through the single sign-on interface, to access the tools that they need to support our customers. And really, this was an effort to simplify their day-to-day business line so they could spend more time on the street and less time focusing on how to manage the bank.

EL: So Danny, what do you think has been the greatest risk you've  taken so far at Wells Fargo?

DP: I think the greatest risk is the incessant focus on doing things as simply as possible for the customers, because this sometimes means taking technology risks. I'll give you an example: We offer our commercial customers a desktop deposit solution that is an Internet-based, remote deposit capture solution that enables them to take their checks, run them through a scanner, and deposit those items online When we went about building that out, we took a different tack than the rest of the industry. The rest of the industry decided that they could not do this without having software loaded on the customer's location. And for us at the bank, that required software maintenance, software distribution, interfacing with the customer's IT organization, and not a lot of flexibility in terms of changes over a long period of time. And I basically put my foot down and said no, we're going to figure out how to do this on the Internet; I don't care how complicated we think it is, that's the easiest way for our customers to be able to do business with us. While the rest of the industry was going one way, we went another, so we were the first bank, or vendor for that matter, to roll out an Internet-based tool. It has shown that we were right going in this direction -- while it was a risk that we may have some execution problems, if you put huge challenges in front of people, they'll step up, provided they're smart and have the right resources. And in a little over a year since our launch, we have over 10 percent of our commercial customers depositing electronically with us, and all told, I think we have somewhere close to about $71 billion in deposits going through our Check 21 service.

EL: How do you maximize productivity within the group while keeping  up morale?

DP: I buy them food! No, I think that's the great question: How do you keep a "crusade mentality" as you grow and mature within a large organization? The good news is that success begets success, so as we've been successful, we've been asked to do more things, and so we've gotten more people involved. And those who started out originally with us have gotten more responsibility and have grown within the organization. We realized early on that this was a marathon, not a sprint, and while we run really hard, we also have fun together. And so, it's not just about working people hard; we have company picnics and end-of-the-year celebrations, routine parties, and celebrations of milestones and accomplishments, because without that, I think people would feel there was something missing in their day-to-day lives. And we also do buy food, and, we allow people to dress how they want. We look much more like a dot.com of 2000 than we do a financial institution of 2006.

EL: They probably feel more relaxed and more creative as a  result.

DP: Yeah, and you know, the other thing that I do is I have what is called a "fishnet organization." That fishnet organization allows me the flexibility to move people around to new things, so that the power of the organization doesn't rest within the hierarchy, it rests within what people are doing and the projects that they're on. And as they complete those projects, we move those people around in the organization. That allows them to get their head around new ideas and new activities. In the first 100 days of a new initiative, I've found that the best ideas come from people from other projects with different perspectives.

EL: That's really smart, because when people get so overly focused on the hierarchy, they sometimes lose focus on getting the job done.

DP: Exactly, and people lose sight of the fact that it's  what they're doing, not where they sit.

EL: We know that your group's infrastructure at Wells Fargo has become service-oriented architecture, or at least you're moving in that direction, but you believe that not every project should be opened up as a service. Could you talk about that, and tell us what are your criteria when you're deciding whether or not to make a function a service?

DP: When you start making functions services, if you continue to do that, you all of a sudden increase the management of those services. And I believe that there are not that many services that we want to be able to share across many different applications. And so I really want to make sure that at least three, four, five applications that we know of today would want to consume that service before I'm willing to actually make it a shareable, callable service. It requires somewhat of a change in philosophy of development. I think the great hope was that everything would become services and that you'd be able to compile applications on the fly. And I think the reality is that life is not that simple, and that you need to be very measured in how you're using these Web services. Having said that, SOA a great tool for the right uses.

EL: What cost saving initiatives do you use to keep  competitive?

DP: Well, again, I focus a lot on the topline growth and the customer, and improving the quality of service. Because I think in banking -- and let's be honest here, nobody actually wants to do banking -- the easier you can make it for your customers, the more satisfied they are, and we're in a business where the average delivery is very average. We happen to be in a position where our delivery is considered by the vast majority of our customers to be either very good or excellent. So, I'd rather spend a penny than save a penny, but make people happier, because they're going to stay with me and buy more products.

by Elizabeth Ferrarini

By combining two different service quality methodologies, Xerox Corporation realized more than $150 million in economic profit during 2004. Dave Rowlands, the vice president of Lean Six Sigma for Xerox North America, says that a good chunk of this profit came from reducing IT costs in areas such as application development and network infrastructure. Rowland's recent book -- What  is Lean Six Sigma? -- explains how the marriage of the two service quality methodologies can help midsize to large organizations cut costs in most operational areas, while improving service to either internal or external customers, or both.

Rowlands recently took time to talk about the concepts in his book, and to provide plenty of examples of how Xerox used Lean Six Sigma to cut IT costs. Here's what this 14-year veteran of Xerox had to say:

EL: Can you provide a quick overview of the key differences between Lean and Six Sigma and what do you get when you combine them?

DR: Six Sigma focuses on reducing variations, capturing the voice of the customer, and reducing the cost of delivering customer requirements. On the other hand, "Lean" is a methodology that came out of manufacturing. It focuses on creating value flow to the customer and not creating any type of cost associated with non-value add. The combination of the two can result in making work better (using Six Sigma) and making work faster (using Lean principles). This quality improvement method provides you with tools to identify quality problems and to eliminate waste in your work area.

EL: Did Xerox develop the concept of Lean Six Sigma?

DR: We're one of the early adopters of putting both concepts together. In the early 1990s, we started using Lean in our manufacturing operations. We got very good at producing things better at less cost. As 2000 approached, I talked to our quality team about doing both Lean and Six Sigma. At first, the team was hesitant about the move for two reasons: few companies were doing it, and no one had a good understanding of how the two methodologies could work together.

EL: Are there any differences in the way you apply Lean Six Sigma to  IT initiatives than to sales or marketing areas?

DR: No. You use the same methodology for IT as you would for other areas. For IT, a lot of the voice of the customer area focused -- at least for us -- on internal customers, the people who use these systems within the company.

EL: Can you talk about the specific IT areas in which you've applied  Lean Six Sigma?

DR: We've used it to reduce infrastructure costs resulting from our outsourcing agreement with EDS. Specifically, we've looked at how we could get a higher level of Help Desk service at a lower cost and with faster turnaround. We applied it to storage by examining how we could reduce the amount of storage required and the number of servers. We also looked at how we could do a better job of predicting when to consolidate servers, and purging and archiving what we do.

The basic Lean Six Sigma tools enable you to collect data, and then structure that data so you can make rational decisions. To this end, you'll be able to either elevate your level of service or reduce your cost for the same level of service.

When it came to applications development, we looked at how we could get faster adoption rates for the things we developed, how we could test things more efficiently, and how we could predict earlier in the process when something was going to reach maturity.

EL: Looking at infrastructure areas, can you discuss some specific projects to which you applied Lean Six Sigma successfully to reduce costs?

DR: One project consisted of looking at the infrastructure cost per telephone and the level of service our sales group in Canada was providing to customers. Our research showed that we were paying a certain price for all of these internal phone and voicemail systems. By mapping out the different source of phone services and the cost for each, we were able to devise a new model for telephone service for our sales force. We migrated these folks onto a consolidated plan that provided a remote voice mail link which could loop back to the main Xerox phone system. So we offered them the benefits of a cellphone at the reduced cost of a standard, high-volume plan. At the same time, we got rid of the unnecessary telephone infrastructure and the support.

As the applications development projects get larger, the business requirements documents get more complex, and the variation in our estimates of how many errors there are gets even larger. As a result, we get worse at predicting when a project will be released and the level of maturity. We use Lean Six Sigma to study the correlations between the size of the project and the estimation for what it will take us to finish it.

We've also used Lean Six Sigma to study the role throughput yield of developers. Yield is the one-stop process of looking for defects. Role throughput looks at how many of the steps in a multi-step process you can get through without defects. It's a good indicator of how much rework and how much cost is involved. For example, poor role throughput yield means there is a lot of hidden waste in rework and inspection. In turn, you'll have poor predictability of release.

EL: What improvements have you made in application development as a  result of your Lean Six Sigma findings?

DR: We changed the way we set up large projects teams to avoid unnecessary manpower costs. For example, we found that you'll get better cycle time if you use more developers on a project. However, the marginal yield -- the amount of additional testing needed -- drops off dramatically with just three developers. So, we now assign three or four developers to a sub-section of a project.

EL: Can you give me an example of a non-IT area in which you  successfully used Lean Six Sigma?

DR: Another example was our spare parts usage throughout our 14 different service districts. We looked at the usage of parts for identical pieces of equipment. We had a 200 percent variation from best to worse. For example, the best in the country could create a level of service with half the parts budget of the worse in the country. Mapping helped us to find out the differences in the process and move everyone to the best. Then we looked at how we automate these into our ERP system.

EL: What kinds of analytical tools or software packages do you use to  carry out your Lean Six Sigma analysis?

DR: We use a lot of basic analytical tools such as process maps, and praetors. When it comes to the next step of understanding the real differences between different processes, we use statistical tools, such as hypothesis testing. Minitab is an industry standard for doing control charts and hypothesis testing. Our approach is to get results by using the simplest tools possible.

EL: Are you doing a lot of Lean Six Sigma projects with your external  customers?

DR: We've taken the approach that we aren't trying to sell you copiers; we want to provide you with document management solutions for problems you have and find opportunities for you. We might talk to a customer about doing a workflow assessment in their office. In this case, we'll use Lean Six Sigma to find ways to reduce the time it takes them to do work, to improve the quality of work, or to reduce the cost, all at the same time. For example, we used Lean Six Sigma to study a large bank with 3,000 copiers and printers located in various offices. Just by understanding who was using the information, how they were printing their information, and what their costs were, we cut their number of machines to 400 and cut their costs by one third, while continually improving the quality of service.

EL: How has Lean Six Sigma initiatives contributed to Xerox's bottom  line?

DR: The ultimate measure we use is called economic process. It's a net operating profit after tax and after cost of capital. It directly benefits our shareholders. If you generate economic profit, you're generating bottom profit for the shareholders. It helps us to decide which projects to go after. You can do a cost-saving project, revenue producing project, or an inventory reduction project.

Internally, we've generated more than $150 million in economic profit during 2004. These are reductions in our operational costs and driving our revenue.

--

Elizabeth M. Ferrarini is an IT consultant from Boston,  Massachusetts.

by Elizabeth M. Ferrarini

The CIO role at organizations with more than a $1 billion in annual revenues has changed. That's the finding in Ellen Kitzis's, book, The New CIO  Leader. A group vice president at Gartner's Executive Programs -- a membership-only program for more than 2,000 CIOs -- Kitzis says that many large corporations have one corporate CIO, who is responsible for the overall strategic direction of IT, and dozens of other CIOs, who are responsible for keeping systems up and running. However, that CIO model doesn't quite fit The Hartford Financial Services Group, one of the largest and the oldest financial investment and insurance companies based in the U.S.

With annual revenues of $2.3 billion, The Hartford has a corporate CIO and senior vice president (Ken Auman) and five regional CIOs, each directly aligned with a specific business division. Together, this team of six IT senior executives oversees the leadership of 1,800 IT professionals. The role of a divisional CIO at The Hartford, however, can make or break how competitive a division's product will be in the marketplace.

Andrew MacDonald functions as the CIO for the personal lines division, overseeing a staff of 250 IT professionals and about 150 contractors, depending on the projects at hand. He, along with the other divisional four CIOs, reports directly to Auman and indirectly to the president of the personal lines division. MacDonald's role does consist of developing and maintaining systems support of the personal lines operation. Moreover, his role has two strategy components: ensuring that the IT team can provide products and solutions to meet the division's ongoing needs, and providing defined business value through key investments to meet future needs. Prior to joining The Hartford in 2002, MacDonald worked as a vice president for strategic alliances for a worldwide product vendor, where he gained experience delivering complementary products to support the mission of international organizations.

Enterpriseleadership.org recently spoke with Andrew MacDonald about his role  as a divisional CIO. Here's what he had to say:

EL: What does your governance model look like?

AM: The company has several governance boards -- one board covers the needs of the property and casualty business, and the second board governs all of the business strategies. The latter looks at how we're going to drive business value for The Hartford. A portfolio management team governs corporate business strategy execution within each division.

EL: At a recent Computer Science Corp. conference, you told the audience they need to take a hint from the fast-food industry and adopt a pilot approach to developing new products. Can you talk a little more about this concept?

AM: Traditionally, the insurance business has not taken advantage of IT. That attitude has started to change. We're now seeing a lot of new players getting their products faster to market than some well-established companies.

At the conference, we talked about how companies can approach new ways of doing business by deploying IT systems. For example, the fast food industry tends to identify a market, tests the product in a specific market, and then decides if the test results justify rolling out the product to other markets. We also tend to identify pilot opportunities, test the market with the new product, and weigh our market share opportunities. We use new techniques, such as speed to market, to gauge their effectiveness. For example, the configurable engines in our rating systems and our underwriting systems enable us to make product changes very quickly.

EL: Computer Sciences Corp. is a big Six Sigma company. What kinds of  best practices do you use at The Hartford?

AM: Many years ago, we started using Six Sigma methods to make business operations more efficient. The large-call customers that support our customers have benefited greatly from Six Sigma.

We've started to look at how IT can leverage Six Sigma alongside of our mainstay best practice, Capacity Maturity Model Integration (CMMI). These two best practices can help us to measure our IT transformation and to help us make better use our of IT talent across the five divisions.

We use CMMI to measure the effectiveness of our applications development process. We also use the IT Infrastructure Library in support of our actual products.

We recently created a shared service that is deploying both CCMI and ITIL across our five divisions. This shared service enables my group to focus on the applications suite used in the personal lines division.

EL: You mentioned an IT transformation at The Hartford. Can you go  into more details about this?

AM: We began this transformation in 2003 to look at how well we get things done. We needed to drive more capabilities into IT. Where it made sense, we decided to leverage outsourcing to maintain some of our legacy applications. This structure has enabled us to have our talented IT people work on new products.

EL: How is the transformation helping to drive cost out of  IT?

AM: Each division's portfolio management group is helping its respective IT organization make better business decisions. For example, we want to create full transparency about where we spend our money. This goes for both on-going maintenance and the investment in new products. What does and what doesn't provide a competitive advantage to The Hartford are important business decisions. That's the whole idea behind the transformation. The process has created a much-needed dialog between IT and the divisions. It has allowed that transparency to be leveraged.

EL: Do you have any CIO rotation program going on where you spend  some time running a business unit?

AM: No, we don't have any such rotation program. The model is to have each CIO linked to the respective divisional organization. We try to sit with the division folks, attend their leadership meetings, as well as meetings with the corporate CIO and the president.

EL: As part of the transformation, what types of IT talented are you  seeking?

AM: We're focused on how we can hire the best talent possible and to continue to nurture talented professionals. We're hiring a lot of MBAs to be business analysts. We're also looking for professionals in project management and software architecture. We're heavily developing both of these areas.

EL: What is the role of business intelligence in your  organization?

AM: We're tracking other IT shops to determine what capabilities they have to support their business units. Specifically, we want to look at how some of our competitors are leveraging IT to deploy new solutions. We're constantly looking around to see if they are using best practices or are there better things we should be doing.

--

Elizabeth M. Ferrarini is a freelance technology writer and  IT consultant from Boston, Massachusetts. Reach her at elizabethferrarini@yahoo.com.

by Elizabeth Ferrarini

Staying on stop of best business practices in IT -- especially for privacy, security, and new technologies -- has become a hallmark for the CIO at one of the largest teaching hospital organizations in the United States. Dr. John Halamka has managed to combine his training as a medical doctor with an innate ability to understand all aspects of computer networking.

Dr. Halamka oversees the IT needs for CareGroup Health Systems' three major Boston-area hospitals -- Beth Israel Deaconess Hospital, Mount Auburn Hospital, and New England Baptist Hospital -- and three community hospitals. Together, the six CareGroup facilities have about 12,000 employees, including 3,000 doctors who see about one million patients per year. Halamka is also an associate dean of Harvard Medical School where he spearheads all of the technology programs.

Halamka got a jumpstart on EDI long before HIPAA came along, and his security and privacy practices at CareGroup appear as a case study in a book by the National Academy of Sciences. He took a minute to answer some questions about what he has been doing in EDI, security and privacy, how he keeps up with technology, what he learned from an outage that plagued two hospitals for almost two days, and what types of technology he uses every day.

EL: Can you summarize the high points of your entire network  infrastructure?

JH: About 225 employees maintain the IT infrastructure consisting of 8,000 desktops, 32 terabytes of storage, and 25,000 network ports throughout the 45 miles of wide area network (WAN). A 155MB per second SONET backbone connects the WAN. Most of the networking gear -- firewalls, virtual private network (VPN), routers, and switches -- comes from Cisco. Either Hewlett Packard UNIX servers or Compaq Windows 2000 servers front end several EMC Symmetrix storage area networks. A StorageTek tape library handles all enterprise backups.

EL: Once you were finished planning for Y2K, you had to start worrying about HIPAA. How did you lay the preliminary foundation for HIPAA requirements such as electronic data interchange (EDI)?

JH: Back in 1998, even before Y2K, the CIOs of our provider organizations formed a consortium to enable the entire New England payer provider community to create EDI transactions among ourselves for free. The New England Health EDI Network went live in 1999 before HIPAA EDI transactions for benefits and eligibility.

Since that time, we've used a common infrastructure -- basically Napster for healthcare -- or point-to-point interaction using a VPN between payer and provider. The VPN sends encrypted transactions through a common gateway we've built for referral authorization and our claims, and Web status inquiries. In October 2002, we completed all of the EDI HIPAA transactions for New England.

EL: Privacy is a challenging area for all types of organizations. How would you rate your privacy best practices for the past few years?

JH: I'd rate them as excellent! We're one of the test cases  featured in the leading book about healthcare privacy. For The Record --  Protecting Electronic Healthcare Information, published by the National Academy of Sciences, covers best practices in authentications and access control, auditing, physical security, and disaster recovery.

EL: What kinds of initiatives do you have in place for  privacy?

JH: Since the early 1980s, we've been auditing every transaction that goes through any one of our clinical systems. We've got a Web site called PatientSite where any one of our patients who has received the appropriate authentication credentials can review his or her security audit online. We can also give a patient a printout of the security audit.

We've got a strict no-tolerance policy for confidentiality violations. About three or four employees get terminated every year because of these violations.

EL: What have you been doing to increase privacy?

JH: Each employee needs to be completely trained in all aspects of privacy. For example, every patient needs to be notified about our privacy policy and to sign off on it. A patient needs the opportunity to opt out of certain things, such as automatic enrollment in fundraising activities. We require a great deal of manpower to train our 12,000 employees. So we've selected individuals from key departments, such as IT, human resources, and medical records, to work together to conduct training sessions.

EL: You can't have privacy unless you have security. Unfortunately, HIPAA still doesn't have a hard and fast security rule right now. How did you decide what best practices to use?

JH: You need to sort of make one up. In other words, ask yourself, what are those security elements that are absolutely required to meet the privacy regulations, effective April 2003.

We've had some very good security best practices for many years. For example, every Internet transaction always has 128-bit secure sockets. All strong authentication passwords must have a minimum of six characters, consisting of alphanumeric characters; these passwords expire in 90 days.

Based on the information in For The Record, we created a grid to rank the security provisions for each one of 400 different IT systems. Because there is no security rule, we're not sure if 128-bit secure sockets are good enough. What about Triple DES? We looked at all of those things that didn't meet the spirit of best practices. We've begun to remediate, for example, systems that didn't have passwords or didn't have audit trails.

EL: What are your feelings about security technologies such as PKI  and biometrics?

JH: We tried PKI about four years ago. It didn't work for us. Maintaining 12,000 certificates for that many employees can became an administrative nightmare. We use PKI, in one sense, to do secure email between our trading partners. A company we use offers a secure, SMTP gateway for certification exchange between organizations. Each transaction remains encrypted as it travels over the public Internet from payer to provider or between two large provider organizations. These aren't personal certifications, but organizational ones.

Biometrics doesn't work very well in healthcare. You can't have false negatives. Imagine you're attending to a critical patient. You can't get the patient's chart because the patient has a sweaty thumb print.

EL: Is there any special device you use to handle  authentication?

JH: We use a device from BlueSocket on both our wireless and our wired networks. The device hits the LDAP directory. We think WEP or the wired equivalent privacy protocol isn't sufficient. It uses a single key for all clients. Once someone cracks the key, your security is compromised. With the BlueSocket device, you need to specify your user name password in order to access an application.

EL: Shifting gears from security and privacy, what types of new technologies are you considering that will enhance the quality of care physicians provide to patients?

JH: We're carrying out RFID to track critical medical equipment in the emergency department using devices from Pango Networks. Over the next year, we'll be using bar-coded wrist bands, bar-coded medications, and bar-coded employee badges to track medication administration.

We have two million square feet of wireless to ensure our clinicians have all of the information they need to deliver quality care.

EL: Several years ago, The Boston Globe and all of the computer trade press publications carried the story about a network outage at two of the CareGroup hospitals. Can you briefly tell what happened and what you learned from the experience?

JH: On Wednesday, November 13, 2002, the network experienced a major slowdown for three days. The CISCO technical support team found the Layer 2 structure of the network to be unstable and out of specification with 802.1d standards. The management VLAN in some locations had 10 Layer 2 hops from root. The Spanning Tree Protocol (STP)  imposes a maximum network diameter default of seven. Thus, two distinct bridges in the network should not be more than seven hops away from one to the other.

A major contributor to this STP issue was the network and  Picture Archive Communication System (PACS) network, for sharing high-bandwidth visual files and other clinical data; this was 10 hops away from the closest core network switch, three too many for the spanning tree to handle. To eliminate its influence on the CareGroup network, we isolated it with a Layer 3 boundary. All redundancy in the network was removed to ensure no STP loops were possible.

I learned that infrastructure must be lifecycle-managed per a multi-year strategic plan and not simply replaced at end of life. You need to retire legacy network. You also need to demand review and testing of network changes before you carry them out. Good downtime procedures must accompany each application we carry out. Another lesson is that a disaster recovery plan addresses all the details of a disaster. You need to plan employee logistics, communicate realistically, prepare baseline backups, and focus disaster plans on the network, not just the integrity of the data.

EL: One of your colleagues said that you're really a bionic CIO. What  types of devices do you carry with you at all times.

JH: I'm connected at all times and on call at all times. I have a Blackberry 7290 (Bluetooth enabled GSM/GPRS phone), which I use to answer 500 daily emails. It's also fully integrated via Bluetooth into my 2005 Toyota Prius so I'm completely connected when I drive. I also carry a nationwide pager for redundancy. My medical information is implanted in my right triceps, should I ever need medical care.

--

Elizabeth Ferrarini is a free-lance writer from Boston,  Massachusetts. Reach her at iswive@aol.com.

by Elizabeth M. Ferrarini

Can an organization's IT infrastructure helped to differentiate the organization strategically in the eyes of its competitors? In the infamous Harvard Business Review article, IT Doesn't Matter (May 2002), author  Nicholas G. Carr provides a gloomy prognosis of this happening today.

FedEx, however, has managed to create an IT infrastructure that has glowed brightly in the eyes of competitors since it started in 1971. In 2002, about $22 billion worth of business passed through FedEx's extensive package delivery networks.

Rob Carter, executive vice president and chief information officer of FedEx, says that his company's IT component "is the competitive glue that holds all of our businesses units together." While Carter refers to himself as a classic CIO overseeing applications development, the network infrastructure, and five data centers, he sets the technology direction for FedEx's global IT organization which has 6,000 employees and operates on a $1.5 billion annual budget.

Carter, who joined the company in 1993 and has received many industry recognitions, such as InformationWeek's Chiefs of the Year. He talks about FedEx's technology that built the package delivery business, FedEx's educational initiative to devise a major technological center in the South, best practices and cost models used by FedEx's IT organization, and, of course, Carr's article.

EL: In David Kirkpatrick's Fortune magazine opinion piece (May 28, 2003) about Nicholas G. Carr's Harvard Business Review article, IT Doesn't Matter, you say, "Everything in the company has IT inputs. It's the software stupid!" Can you explain what you meant?

RC: Carr's basic premise in the article is since the infrastructure is built out, you don't need to pay attention to technology anymore. To some extent that's true. We have a broad set of technology infrastructure in place. My comment, it's the software stupid, refers to the applications within the infrastructure as the key elements that differentiate you in customers' eyes. These applications will drive your internal productivity.

The battleground continues to be the application of that technology not the fact that you happen to have a computer system that runs payroll.

Everything we do at FedEx has a technology underpinning that supports not just our internal operations but the information we're able to provide our customers about shipments in the FedEx networks. We built the FedEx brand with a set of capabilities including, not only the operational excellence of FedEx, but the technology that allowed us to achieve this excellence.

EL: Can you summarize the technology that built your company and changed the competitive climate for well-established companies such as United Parcel Service?

RC: Our package tracking system was a unique offering at FedEx. It really built the industry of express transportation and information about the shipment. In 1978, Fred Smith, the chairman and founder of Federal Express (incorporated in 1998 as FedEx), said this great quote which is worth repeating: "The information about the shipment is as important as the shipment itself." Moving packages reliability was a key component of our initial success, but we were then, as well as now, about making customers aware of what was happening with their packages until they reached their final destination. We created that visibility to go along with the industry philosophy of reliable delivery.

Our package tracking system kept us ahead of the competition for about two decades. It wasn't until the 1990's that our competitors started to understand the value of the information and began to build their technology and information networks.

EL: If you apply what Carr says in his article, you're going to have shorter competitive windows for new, innovative technologies. What's your feeling about that?

RC: We don't know what yet-to-emerge killer applications will enable us to change the way we do business. It's like this: In 1899 when Charles Duell, the commissioner of the U.S. Patent Office was leaving his post, he remarked that we didn't need the Patent Office any more because everything that can be invented has already been invented. There are endless things yet to come; there's no question in my mind where we are with the application of information and technology.

Today, competition is more active and fierce than it was when we started the business. Everyone wants to provide the best possible information about every shipment moving through their systems.

I don't think any technology innovation will have a two decade advantage anymore. Some may have a couple years advantage as you get new technologies out there and customers adopt them. A certain first move advantage occurs. These customers get so hooked on your technology and your pricing they become so overwhelmed at the thought of switching to another competitor's offering.

EL: You have a gigantic IT organization. How is it organized?

RC: The majority of our IT organization lives inside of a shared services called FedEx Services. It provides applications support, and infrastructure support to all of the operating companies at FedEx Corp.

FedEx Services has a hierarchy of boards of governance, including an executive committee and strategic management level. All of the various lines of business report to the latter.

Our internal business partners work with various IT project management teams to launch new product offerings and or new business initiatives and strategies. The different tiers of governance bodies set priorities and plan the resources for IT for the upcoming months and years.

EL: Have you been looking at new businesses such as outsourcing transportation logistics for your customers, such as Ryder does?

RC: FedEx Supply Chain Services competes with Ryder on that kind of transportation management function. We go in and run sets of transportation services for companies.

EL: Have you adopted certain best practices models such as Six Sigma or  the IT Infrastructure Library (ITIL)?

RC: We know about ITIL. However, we've based most of our governance process on a component of Six Sigma. We've internally developed program methodology and governance structure that supports the IT component of our ISO 9000 certification. We've used a lot of the best practices out of the Capability Maturity Model, Six Sigma, and some IT Infrastructure Library.

I became quite enamored with the ITIL. In fact, the ITIL set of books are quite good and their content has provided basic reference points for a lot of our IT practices. Many of our groups use specific areas of ITIL, such as change management, but we don't use it end to end.

EL: What costs models do you use for IT?

RC: For the most part, we allocate costs back to the business units based on usage. This method isn't as fine grained as charging back for transactional services.

EL: A lot of companies got hit by the dot.com bust because they built out their infrastructure. How well did you folks weather this event?

RC: We continued to support huge growth in our Internet-based customers throughout the dot.com boom. Since the inception of FedEx.com in 1994, we've experienced at least 100 percent growth in all areas of our services. This site has provided us with massive customer interaction and customer service. We had no down side to that. We built our infrastructure as fast as we could and customers have continued to adopt it at an incredibly fast rate globally.

EL: You announced FedEx Institute of Technology. What will be its  focus?

RC: FedEx Institute of Technology, based at the University of Memphis, consists of a broad array of technology research and practical deployment. The Institute is a hub for applied IT in all different types of domains, such as bioinformatics, supply chain research, artificial intelligence, Internet-based computing, and telecommunications.

The Institute is a public/private partnership with the University of Memphis, FedEx, local government agencies, and area businesses throughout the South. We've used schools in the Boston area, such as Massachusetts Institute of Technology, as examples of how to grow a center for technological innovations and spin them off to support the local economy.

EL: To really be competitive, economist Lester Thurow, in his new book,  Fortune Favors the Bold: What We Must Do to Build a New and Lasting Global  Prosperity (HarperCollins), says that major companies need to have a chief knowledge officer (CKO) who functions like the Central Intelligence Agency. Do you have such a person?

RC: While we don't have a CKO, we abundantly serve this area. For the past 10 years, we've made a big investment in gathering intelligence. In fact, we've one of the world's largest information warehouses. We also have groups of brilliant PhD's who are excellent at applying customer-related information to how the business can be optimized and how customers can best be served.

EL: What strategic projects are you putting a lot of effort into for  2004?

RC: One particular project is the next generation in handheld computing, called the PowerPad, which we'll be rolling out throughout the summer. This revolutionary device takes the edge of computing all the way out to the customer. Its active communications capabilities enable it to be on the network. Embedded technology enables it to communicate with the truck, the printer, and the network components the courier has with him or her. Use of the device will change the information access the courier has when he or she is face to face with the customer. The device will also make the courier more productive while enroute to each destination.

--

Elizabeth M. Ferrarini is a free-lance technology writer based in  Boston, Massachusetts, and is the author of two computer trade books.