According to the Industry Lights-on IT Activities Cost a Lot – But Where is all the Money Going?
Introduction: How’s it going?
In a study published in InformationWeek in October 2012, results of a survey into the reputation of IT as a source of innovation were published. The most striking headline statistic was that in many cases (57%) IT thinks it’s doing ok (as in that it’s “agile, flexible”), yet the business (29%) doesn’t agree.
Why the difference of opinion? One major factor is that, in many situations, IT cannot afford to do everything it needs to. The overworked IT executive team must explain that the majority of time, budget and resource is spent simply ‘Keeping the lights on’. We’re told that the majority of resource is needed just to keep the wheels turning.
Costly confession
What does ‘Lights On’ actually mean? “In a line-item budget, lights-on is a descriptor for expenditures that are absolutely necessary for maintaining a company’s critical business operations. Lights-on differentiates a ‘need’ from a ‘want.’” Gartner Group states that 70% of IT budgets are spent on lights-on activities. Forrester Research suggests this number may be as high as 80%. At accounts Micro Focus has spoken with, that ‘lights-on’ percentage was placed as higher still – in some instances up to 90%.
However, these activities are not keeping pace with the amount of required change. According to Gartner, the overall cost of what it calls ‘IT debt’ is projected to reach $1 trillion by 2015.
Counting the cost
Faced with an OPEX of perhaps tens of millions of dollars, many IT leaders have wanted to learn more, to find ways to reduce that burden. So, what does lights-on actually mean in terms of time, effort and dollars spent? There are three major categories that typically comprise ‘lights-on’:
- The routine maintenance of applications and systems
- The application improvement or enhancement backlog
- Regulatory and Legislative Compliance
Let’s look at these in turn.
Maintenance
As up-to-date as IT systems may be, they must evolve constantly to remain current and support the evolution of the business. Routine maintenance, either in terms of bug fixing and updates for ‘home built’ systems, or patches/updates from the vendor, are a fact of life for core IT systems. Regular updates to hardware, storage and communications also comprise a necessary activity in IT.
Such activities will naturally require time and effort from IT staff, as well as incurring maintenance or leasing costs to hardware, software and related suppliers. Typically, maintenance activities are not fully understood by other teams. Maintenance tasks include correcting errors, keeping up with new platforms and third party software integration. It’s not just bug fixing.
Enhancements
Maintenance activities may be important for keeping systems up-to-date. But, more often than not, business stakeholders or user groups may be demanding more dramatic or visible improvements to IT systems in support of business changes. New markets, new customers, new levels of performance or new channels may be best obtained by leveraging existing systems, tailored or enhanced beyond their current remit to serve a broader purpose.
However, planning and implementing such incremental improvements is often seen as part and parcel of the IT operating expense. Fundamentally, these activities are also seen as part of the overall cost of the lifecycle of that application or system. As such, ‘enhancement’ work may simply be seen as a specific sub-category of maintenance[i].
Compliance
Since the Enron scandal and in the recent period of economic austerity, the public has borne witness to unprecedented scrutiny into industrial-scale problems. Examples are banking and retail system outages, LIBOR rigging, PPI mis-selling, Insider Trading, Overseas Corporate Tax avoidance, leading to widespread public and governmental criticism of industry bodies and major organizations. This scrutiny, together with new legislative changes, has resulted in an array of compliance measures being introduced.
For legislative, industry regulatory or procedural requirements, the task falls on IT to implement the changes within its core systems to support the legislative requirement. Organizations may look at implementation ahead of specific deadlines as a level of readiness, even before legislation is passed. Either way, the imposition of new regulation includes prescribed timescales, often requiring IT organizations to “find room” to add this new project work.
Whether global (ISO27002, Basel II/III), International (FACTA 2013 International Tax Compliance), Continental (SEPA, Euro), country specific (e.g. PCI-DSS, FISMA, Joint Healthcare Commission, HIPAA and SarbOx in the USA), or industry-specific (e.g. Basel, Solvecy II and countless others in Financial Services), the number of new compliance measures to support has continued to evolve and grow over time.
Conclusion
Irrespective of the composition of lights-on activities, the biggest concern is the overall operating expenditure devoted towards them. Simply, this is not seen as moving the business forward. Tech-savvy consumers are demanding cloud, mobile and new IT architecture and this new generation of customer is forcing organizations to look hard at their strategy.
IT is under continued pressure to do more, but the burden of the existing day-to-day workload has never been greater, and continues to grow. IT leaders need to look towards smart ways to combine innovation and lights-on projects to stand any chance of accelerating delivery of both sets of requirements.
