IT Portfolio Management: Asset Classes and Portfolios

Multi-order Interconnections of Assets

Comments from yesterday’s post regarding the difference between IT Assets and Traditional Investment Assets I had a tendency to agree with in the past.  However, since the changes in law and the economy the independence between assets no longer exists as once was believed.  As the most recent financial meltdown the economy is still recovering from demonstrates.  This phenomena of interconnectedness pointed out in Albert-László Barabási’s book “Linked” points to the fact that everything is connected.  The issue becomes how these are connected and the depth of the effects of that connection.  This is the area of systems dynamics which I continue to study at the Center for Understanding Change.  My objective is understand the 1st, 2nd, 3rd, etc. levels of consequence to the ever widening web of connection we live in and how to apply it to ITSM and Enterprise as a whole.

Applying these concepts to IT Portfolio Management the relationships between the traditional assets classes under management became first a hierarchy and second not much to my surprise like the taxonomy originally developed for the conceptual underpinning Has Witt and I discussed for Active Directory. This hierarchy points to ITSM (Services) as the bridge between Enterprise concerns and IT Functional concerns.  It is the IT Services which enable the enterprise capabilities which at the corporate level are the assets.

Accounting for temporal relationships

Below is the initial brainstorming of the hierarchy and its relationship to both enterprise and time.  The time dimension in most portfolio management methodologies is limited to the time value of money typically in the form of NPV.  However, not accounting for the effects of time on the various attributes under consideration for the enterprise is where I see the limits to using time in present portfolio management methodologies.  A White Paper, still under development, “The Optimum Path to an Uncertain Destination” is one approach I’ve found to address this situation and is included in the Modern IT Portfolio Management methodology I’ve been creating.

IT Asset Class Hierarchy

Investment Management and ITSM: Lessons to be Learned

Spent several hours yesterday with a brokerage firm, consolidating various financial accounts.  I’ve worked for various corporations over my career naturally choosing to take the 401k investment options that each had offered.  My belief is if the place is good enough to work at why wouldn’t you invest in it also.  On the surface the logic makes sense.  However, as I’ve delved deeper in Portfolio Management and Enterprise Risk Management (ERM) concepts the past several months I’ve gained a deeper appreciation of the concepts of diversification and attention capacity or economics.


Most modern portfolio management discussions introduce the topic of diversification as a means of risk mitigation.  The theory suggest that having a broad set of investments reduces one’s risk as if one element in the portfolio crashes or under performs it will be made up by others.  This only hold true if each investment is independent of the others.  That is to say, there is causal relationship between the two components.  However, if there are causal relationships then these components are not truly independent and the portfolio you’ve create still has risk exposure.  Take the most recent financial meltdown of the economy.  Stocks, Bonds, Real Estate, and other investment all tanked crashing the economy.  In theory this should not have occurred as these are separate asset classes, independent of others.  However, as the laws, rules and regulations changed regarding banks, brokerage houses, Real Estate Mortgages, and other financial vehicles subtle interconnections between these components were established.  These connections were either not well understood or completely ignored.  Investment vehicles such as collateralized debt started to appear.  These created the linkage between other assets which established the potential for what eventually happened.

Collateralized Debt has as its root a portion of Portfolio Management.  That is investing in multiple elements to reduce risk, in many cases high risk mortgages.  The theory being that may be one or two mortgages might fail but overall the majority of these would not.  However, the conditions that created failure for several of these mortgage failures where the same for most of the others.  This when one failed it was only a matter of time for the others. As such this pool was a collection not a managed portfolio.  Add to this other investment vehicles such as derivatives which further linked real estate to other types of investment in the economy and the causal chain was completed with few people realizing the risk that was just created.

ITSM’s relationship to Investment Management

ITSM seeks to create an ecosystem for the enterprise where the Information Technology function creates a catalog of services for the rest of the enterprise to consume either to perform its knowledge work or provide to its external customers.  One the surface this is a great concept.  In practice creating an catalog of services that are tightly integrated brings to it the same risks to the enterprise as tightly linking the various financial vehicles did in the general economy.  This serious strategy and due diligence in risk management and mitigation is called for least an enterprise crash like the economy over an IT failure.  Consider if your network infrastructure failed for several days and you just recently migrated all your voice (phones) to voice of IP (VOIP):  Your financial functions can not access your general ledger, not billing can go out, nor paying vendors; Your in house sales staff either cannot call prospects or have to use their personal cellphones to make calls, further expense and they can’t enter orders anyway your systems are down; other negative effects propagate throughout the enterprise and compound the situation.  In a very short period of time an enterprise could be so overwhelmed with the consequences it could take years to recover or might never recover.

Some vendors might say move to the cloud that will solve the problem…but will it? What happens if your cloud provider fails, or access (your internet connection is down), or both.  You are back to that same perfect storm scenario.  So is the answer go back to a paper based system?  Not likely, the scale and speed of business today prevents going back to such methods.  The answer I believe lays in a more comprehensive approach to the strategy and design of enterprise.  An approach the unifies Executives, Line of Business Management and Information Technology is an effort to view and manage the risk in a coherent and conscious manner.  This suggest enhancing current portfolio management practices advocated by vendors that only prioritize investment by ROI (gain) to include the downside aspects (i.e., Risks such that ERM typically works to mitigate).

Attention Economics

The problem with such an approach is that it requires greater attention to detail and in an age where businesses have caught AD/HD, this is a hard practice to employ.  Its easy to ignore the risks as did the investment and economics communities prior to the financial meltdown.  Many corporations are focused on multiple targets and this one is left to the IT function, typically without effective governance or oversight my the executive suite.  Possibly due to the fact that discussions often arise around the technology’s structure rather than the capability ad risks of applying.  This tends to overwhelm the attention span of the rest of the business as those not involved with IT capability creation and management don’t have the time to learn the details.  This is where Enterprise Architects and Technology Strategist should play a role, however, oft times they are used for designing applications rather than helping to guide technology application for the enterprise.  A subtle difference but critical to understand if your EA function is to provide the highest value to the corporation.

The one leverage point that may eventually cause corporations to focus on this arena -in spite of all the standards and methodologies out there– is that Corporate Executives are now held responsible for governance actions.  And whether they understand the ramifications or not of new laws and regulations such as SOX, Patriot Act, HIPA, and others not understanding how to govern corporate information and information processing will eventually put both a business at risk and executives out on the street or worse.

Windows 8 UI/UX and other service delivery issues

Had Windows 8 support reach out to me on Saturday to fix Windows App store issues.  After about an hour of the support rep. remotely managing my system, he escalated to level 2.  They scheduled a call for between 2-5 same day.  However, no reply call came. I expect they are pouring over the several system reports level 1 created to figure out the problem.  Interestingly enough, wife’s new Windows 8 laptop is now having the same problem:  Have internet connectivity as indicated by Outlook and IE browsing, but Store App reports no Internet access.  Been looking at the various forums and chat rooms since; seems to be a common problem emerging.

In the meantime after the last automatic windows update several of my applications do not load now.  These are mostly video applications: Sony Movie Studio Platinum 12 and Pinnacle Studio 16.  These were working the past year before the update, so I expect whatever crunch Windows App store may have also zapped my video applications.  Not going to be too happy if I have to rebuild the system again to fix this.   I can see why average end users, outside of Redmond, are not upgrading and switching to services like Google and closed systems like Apple.   Something’s broken in the design and delivery system.  I expect one of the causes maybe Microsoft’s success; the fact that there are some many products now and configurations, its hard to keep control of it all.  Justification for having Enterprise Architects and Configuration Management Databases (CMDB) and focusing on IT Service management (ITSM).

I was going to work on building a Server today, however, I think my time is going to be better served developing my own ITSM system for my home infrastructure.  Well at least MS Access works, so I’ll start inventorying my hardware and software this week.  Maybe I should consider starting an ITSM service for small business as I don’t see Office365 filling that role either; there are other critiques that point out that Office does not cover all of the office functions people do.  I was disappointed that Business Contract Manager and MS Accounting products were deprecated as they had almost enough functionality when integrated with the rest of Office to create a working small business infrastructure.

ITIL muses

Considering all the churn in I.T. organizations today around skills, delivery models, development technologies application backlogs and portfolios, I’m surprise how little time CIOs and CxOs are looking at re-engineering the I.T. function to meet today’s and tomorrows new challenges.  Talking across the industry with friends and colleagues this month has indicated to me most organizations are using a scatter-shot quick hit approach towards fixing the issue which seems to only be treating the symptoms.  The Einstein and Clinton quote appears appropriate: “Doing the same thing expecting a different results….” or maybe it is a case of draining the swamp and all the alligators.

While pondering that, the idea of using a single instance of ITIL/CoBIt across multiple provider models (i.e., ITIL Provider Types I – III) seems doable if one takes the same mindset as OS Developers have had for years: Layers of Abstraction and delayed binding:  Since the IT Governance and management functions do not require the absolute details and seven layers of precision, it is feasible.  At the highest level of governance and management I would challenge anyone to see the difference between in-house IT and Outsourcing.  The differences only become apparent when you’re at the 1st and 2nd levels of operations.  While legal and financial details are different between in-house and Outsourcing the control objectives and processes are the same, just the R&Rs and accountabilities change and are adapted to the legal structures accountable to perform.  The Service Order Management, Service Portfolio and Catalog project I’d worked on last year and blogged about prior has convinced me of that fact.

I.T. is a business within a business, but has not been managed that way.  Adopting Service Management enables switching to that perspective.  That switch of perspective permits a CIO to consider other aspects of I.T. that have been not given a due consideration.  The surround around the technical aspects of an offering in business ( (Slywotzky, 1995) (Marks, 1998) has influence on success as much and in many cases more than the technical features.

Designing the attributes of the surround is something many businesses do by default and I.T. organizations are not even aware of but could benefit greatly by addressing.