The Effective CIO: Improving Efficiency Through Information

by Stu Henderson
July 23, 2009

IT managers can improve efficiency—and cut costs—by recognizing a certain type of opportunity. This opportunity is characterized by a separation between where information is needed to make a decision and where that information is available.

The following examples describe separation between where information is needed and where it’s located. Each provides a different type of solution:

• Capacity planners need to know transaction volumes to ensure there’s enough hardware to process transactions. For example, an end user such as the marketing department might be planning a sales campaign or some other change that will affect transaction volume. End users don’t always pass this sort of information on to capacity planners. As described in my last column, you can fix this by modifying the Service Level Agreement (SLA) between IT and end users to include information about transaction volume.
• The problem management team (aka the group of people in the data center charged with monitoring and managing problems each day) needs to know about all problems and complaints. You can use both automation and policy to ensure they have the information they need. With automation, many types of information can be routed to the problem management team regarding:

– Hardware that’s starting to fail with increasing frequency (from LOGREC data)
– Unscheduled IPLs, failing production jobs, late production of reports, slow response time, and other problems (from SMF data)
– Environmental fluctuations such as temperature, humidity, electric power (from environmental monitors)
– Network outages (from network monitors).

You also can set policy to inform problem managers about all IT complaints. You inform users that your staff will respond to and resolve any problems reported to the help desk. You further explain that any complaint not reported to the help desk can’t be addressed, since you won’t be aware of it. Such a policy makes it difficult for end users to complain about IT without your problem managers knowing.

• Information security staff control access to data and also may determine how long to retain various types of data. They need to know what laws and regulations apply as well as the results of application risk assessments and data classification. This information may not be available to them, although it often resides in departments such as legal, risk management, insurance, and compliance. (These departments know there may be several dozen agencies involved in regulating records retention.)

You can ensure that information security staff has the information they need by requiring information about regulations, risk assessments, and data classification for each application to be stored in an applications inventory where they can access it.

• At one time storage administrators may have had difficulty determining what application some data set belonged to and whether it was production or test. You solved the problem by implementing and enforcing naming standards for data sets.