Canadian Information Processing Society (CIPS)
http://www.cips.ca
 

CIPS CONNECTIONS

INTERVIEWS by STEPHEN IBARAKI, FCIPS, I.S.P., ITCP/IP3P, MVP, DF/NPA, CNP, FGITCA

Carlos Juiz, Professor University of the Balearic Islands Spain and Top Authority in IT Governance and ICT

This week, Stephen Ibaraki has an exclusive interview with Carlos Juiz.

Carlos JuizAssociate Prof. Carlos Juiz received his B.Sc., M.Sc. and Ph.D. degrees in Computer Science from the University of the Balearic Islands (UIB), Spain. He has a postgraduate degree in Office Automation from the Polytechnic University of Madrid, Spain. Before joining the Department of Computer Science at UIB, he had several positions related to the computer systems industry. From 1990 he was a Systems Analyst for Xerox, leaving this position as Senior Analyst in 1999. He was a visiting researcher at the Department for Computer Science and Business Informatics, University of Vienna, in 2003 and Visiting Associate Professor at Biomedical Informatics Research, in 2011 at Stanford University. Carlos Juiz is heading the ACSIC research group (http://acsic.uib.es) and his research interests mainly focus on web performance engineering, semantic web and IT governance.

He has been involved in several regional, national, European and international research projects, including cooperation projects mainly with Universities of Paraguay. He has participated in more than 300 international conferences, workshops and congresses as reviewer, session chair, programme committee member or scientific committee member and president of the program committee. He is co-author of more than 150 international papers (including journals, published reviews and proceedings and book chapters) and one university textbook. Carlos Juiz has given about 40 international seminars and has been invited to conferences at numerous prestigious universities in the world.

Carlos Juiz is a senior member of the IEEE and also a senior member of the ACM. He is an invited expert of the International Communication Union (ITU) and Academic Advocate of ISACA. Recently, Carlos Juiz has been appointed as member of the Domain Committee on Cloud Computing from IFIP.

He was Sub-director of the Polytechnic School (2004-2005) and Director of the Office of Planning and Prospective at University of the Balearic Islands (2005-2007). He was the President's Delegate of New Technologies and CIO (2007-2011) and Vice Director for Information Technologies and CIO (2011-2013) at UIB. Carlos Juiz was the Director of the Chair from Telefónica at UIB (2012-2014). Currently he is board member of TURISTEC cluster and also of Balears.T cluster.

The latest blog on the interview can be found in the IT Manager's Blog where you can provide your comments in an interactive dialogue.
http://blogs.technet.com/b/cdnitmanagers/

DISCUSSION:

Q: Carlos, your outstanding contributions have significant government, industry and academic global impact. Thank you for sharing your considerable expertise, deep accumulated insights, and wisdom with our audience.

A:  "Thank you for your kind words and for interviewing me. I hope the audience will enjoy our conversation about IT governance."

Q: Carlos, can you profile your work at the University and your top IT predictions for 2015 and beyond?

A:  "Of course, Stephen. As you mentioned in the introduction, I'm Associate Professor at the University of the Balearic Islands, so my main activities are to research and to teach several topics, including Governance and Management of ICT and ICT Strategy for Organizations. Additionally, I'm coordinating the subgroup of Governance of IT at AENOR (the Spanish normalization mirror at ISO/IEC), and also board member of two industrial clusters related to e-Tourism innovation. Regarding the ICT predictions for 2015, I'm not very original saying that orchestration of networks for general users or industry sectored ones is going to continue as the most interesting business and therefore, Cloud computing, collaborative knowledge, smart communities, etc. and other related disciplines holding this kind of business, will continue conducting the innovative sectors for mobile, apps, services etc."

Q: How can executives act on your predictions?

A:  "They know better than me that all this stuff should be managed, but I do not know if they see that it must be governed."

Q: You recently spoke at the IFIP World CIO Forum where more than 1000 executives participated from over 50 countries.

A:  http://www.worldcioforum.com/cioIndex.action?language=1

Which sessions did you find most valuable and what are the lessons from those sessions?
"All the event sessions were really interesting. Due to my expertise, the Leadership Summit Forum and the session devoted to Innovation of the Internet were the closest to my interests. But other issues as Cloud Computing, Big Data, Mobile Internet and Security were very valuable for CIOs attending the conference. I think that the most important lesson we perceive in any session was that CIOs should be part of the board since their duties are crucial for the strategy of companies. Moreover, the executive tasks for CIOs will conduct them to be more in the CEO's agendas than just being technologists."

What surprised you?
"First of all, the wonderful organization, even better than the previous event in 2011; I mean, the proactive actions by everyone belonging to the Chinese organizations in charge of the WCF."

What did the host country presenters say that you found noteworthy?
"Presentations coming from the new successful companies like Huawei or Alibaba, just to mention the most famous, but others were also very interesting. I realize the power that Chinese ICT industries have gained in the last few years."

What were the most memorable moments from the week?
"From a tourist point of view, the visit to the museum of the warriors of Xi'an is a memory for life. The good atmosphere among all VIP from the western countries and the camaraderie between them were amazing. Proactivity of students and professors from local universities and kindness with visitors was also remarkable. From a professional standpoint, I think it should strengthen technological alliances between European and Chinese companies since I've seen some interesting synergies that should be exploited."

Q: Why is governing IT more complex than governing other assets?

A:  "Governing IT is much more complex than governing other assets, mainly because the pressure forces coming from the business units are seeking new IT solutions and the low perception of IT services. But there are other reasons like the uncertainty of the value of IT, and the undefined roles and responsibilities for the CIO that provoke numerous problems in governing IT. In fact, IT is intellectual and manufactured capital so IT should be governed as the other assets are."

Q: What are the top five CIO strategies for enterprise effectiveness?

A:  "Delivering projects that enable business growth and improving the business and IT plans together are the most effective strategies. Of course, reducing IT costs is always a must, but attracting and retaining IT staff is also very important. All of these strategies are confirmed through several studies and also through the experience of leaders governing IT since 2008."

Q: What are the most important principles of project portfolio management?

A:  "We may distinguish the classic concept of project, program and portfolio management (ppp management) from the governance of ppp. Following the ISACA materials, we may deduce that we have to manage project portfolio strategically, totally and using consistent criteria. However, consistent criteria does not mean justice or equilibrium among stakeholders, it means that governance structures must select the portfolio based on strategic objectives for the business and distributing the project effort by strategic goals. Therefore, the result of a prioritized selection of projects and their corresponding effort are usually unbalanced. "

Q: How do successful organizations exploit the benefits of IT?

A:  "The organizations, which are integrating the IT strategy and the business strategy, clearing the objectives, the measurement and the KPIs, will success exploiting the benefits of IT assets. In order to get this, companies should create the organizational structures, the communication means and the processes to provide an IT governance framework. However, these are just the initial steps; successful organizations are approaching IT governance by engaging business leaders in appropriate behavior. IT governance is a board executive responsibility that must focus on business performance rather than technological details."

Q: How can the board better work with IT?

A:  "The board must take primary responsibility for setting the agenda for use of IT as an integral part of business strategy, so that investment decisions related with IT are depending on the enabling business capability and successful management and operation of IT assets. The board must govern IT through directing strategic goals, evaluating the delivery of investments and monitoring the performance and conformance of the management and operation, among other activities."

Q: What are the main problems with IT governance?

A:  "First, IT governance has been conducted by IT managers, since board and top executives usually do not want the corresponding accountability. This absence of governance produces miscommunication between the board and the IT staff, because the management goals are not integrated or aligned with the strategic objectives. Governance of IT is a board and top executive responsibility that must focus on business performance rather than technology details. Second, much of what has been called IT governance is in fact IT management, and this confusion has emerged regarding what exactly governance and management of IT are."

Q: What are your recommendations for effective IT governance?

A:  "IT governance requires that business leaders come to terms with what they can achieve by harnessing IT to enable and enhance business capability and focus on delivering the most valuable outcomes. In consequence, a governance framework must be constructed and then direct and control the use of IT from a business perspective."

Q: How do you build an IT governance framework?

A:  "There a lot of factors to consider in order to build an IT governance framework but you must follow the ISO/IEC 38500 standard principles to do it. (http://www.iso.org/iso/catalogue_detail?csnumber=51639) That's what I did in my institution, a couple of years ago, and it worked... until a new board arrived... but this is for the next interview"

Q: Can you talk more about the ISO/IEC 38500?

A:  "ISO/IEC 38500 is the first international standard that provides guidelines for IT governance. ISO/IEC 38500 was deliberately aligned with the definition of corporate governance in the Cadbury report. The main activities for governing IT are direct, evaluate and monitor the use of IT following the ISO/IEC 38500 principles:
  • Responsibility: Establish clearly understood (and appropriate) responsibilities for (decisions relating to use and supply of) IT;
  • Strategy: Plan (supply and use of) IT to best support the organization;
  • Acquisition: Invest (in new and ongoing use of IT) validly;
  • Performance: Ensure that IT performs well (in respect of business needs), whenever required;
  • Conformance: Ensure (all aspects of decision making, use and supply of) IT conforms to formal rules;
  • Human behavior: Ensure (planning, supply and use of) IT respects human behavior.
You are free to build the framework for IT governance, by taking into account these principles and activities. In any case, my recommendation is reading the original documents to base your particular framework construction. In fact, dFogIT (detailed Framework Of Governance for IT, http://acsic.uib.eu/Empreses/productes/) is the one we created for my institution and it is extensible for other companies, or even other assets."


Q: Based upon your speech at the World CIO Forum, what additional lessons and tips can you provide?

A:  "To govern or not govern Information Technology is no longer a choice for any organization. All large and medium size enterprises need to govern IT, mainly due to two factors:
  • Business necessity: many actors in the market use technology to gain advantage.
  • Enterprise maturity: narrow focus on operating infrastructure, architecture and service management of an owned IT asset is no longer key to the development of the organization."
Q: Can you point to the top resources for IT governance?

A:  "The adoption of ISO/IEC 38500 to guide the governance of IT provides engagement of business leaders in controlling the organization’s use of IT. Academic resources to help would be the books from Weill and Ross and the ones from Van Grembergen and de Haes, among others, for understanding two different but complementary ways to understand IT governance and IT management. For a more modern view of IT governance that includes important internal IT Management functions covered by earlier IT governance models plus external functions that address broader issues of setting and realizing the agenda for business use of IT, the book from my friend Mark Toomey is a must. By the way, Mark and I publish an article in the CACM February 2015 issue explaining the differences about these resources."

Q: Can you describe your most significant and influential achievements and the practical outcomes seen today and forecasted into the future?

A:  "Regarding IT governance, I feel that our publication in CACM will influence executives and CIOs to review their current direction. I believe that public organizations will also take advantage of combining the principles of social responsibility standards and IT governance frameworks, in terms of accountability."

Q: What are your best leadership lessons that can be used by executives?

A:  "Just govern IT! (In any other cases IT will govern you)"

Q: Do you feel computing should be a recognized profession on par with accounting, medicine and law with demonstrated professional development, adherence to a code of ethics, personal responsibility, public accountability, quality assurance and recognized credentials? [See http://www.ipthree.org and the Global Industry Council, http://www.ipthree.org/about-ip3/global-advisory-council]

A:  "Of course, part of my message for graduate and undergraduate students at University is that they should fight for this recognition."

Q: From your extensive speaking, travels, and work, please share three stories (amusing, surprising, unexpected, amazing).

A:  "I remember a trip to Tokyo to present a paper, 20 years ago, I felt lost close to Keio University. I did not find anyone speaking English early in the morning, but too late for arriving to the conference already....My Japanese language skills were also very limited....then a dozen little girls appeared in the street, all of them with their typical scholar uniform, they understood my questions but they were incapable of explaining to me how to get to the University....They made a circle, talked few second and one of them took my hand. The rest of the group was laughing and talking all the way behind us while they led me to the main gate of the University, just two blocks away, as a father with a dozen daughters. As soon we arrived, they pointed out the main gate, saluted me with a traditional reverence (all of them at the same time) and said goodbye (in English at the same time).

When security at airports was less stressed, my baggage went around the world PMI-MAD-SHN-SAN-MAD-PMI, because the employees at the counter sent it to SHA-nghai, not to SAN-Diego....(sometimes letters are mysteriously "opened", but things may go not very "close").

In the UK in springtime, checking in one afternoon in a nice cottage in the middle of the moors, close to where the Brontë sisters were born and lived. I arrived just before the sundown. The reception was also a pub for the locals and clients, a nice environment. I went up to my room, took a shower and went walking to see the surroundings. It's darker outside. As soon as I arrived at the main entrance and opened the door to get out....everyone stopped talking and looked at me, I felt ashamed....anyway, I went out for my usual walk before dinner, to get to know the surroundings....In seconds, I clearly understood two important things: the reason for the title "Wuthering Heights," and why locals were surprised a south-European guy was trying to walk in the middle of the moors. (It was almost dark, a bit rainy, no lights, no one outside, just a couple of trees hit by the wind and the sound of this wind through the stone hills, the sheep bells ringing far away, the trees moving back and forth, and other scary sounds....I hoped that it was a dog....). The face of the locals when I came back to the pub in just a minute....they stopped talking again, looked at me, laughed and continued drinking and chatting....and someone invited me to a pint)."


Q: You choose the topic area. What do you see as the three top challenges facing us today and how do you propose they be solved?

A:  "In IT governance, the 3 top challenges should be:
  • Implement ISO/IEC 38500 in every company; this should be easier through the new auditing process, to be standardized in the next year or so.
  • Conciliate best social responsibility practices and governance standards for all the assets in the companies; this could be done joining the different frameworks in one meta-framework.
  • Automation of accountability for Smart Cities governance; this is a hot topic right now and there are promising solutions that would be provided in next four years, including several issues as service registry, open data, public-private partnership, etc."
Q: If you were conducting this interview, what 3 questions would you ask, and then what would be your answers?

A:  "Your background and research is also about Performance Engineering, right? What are the motivations for a performance engineer scientist to work in the IT governance issues?
After more than 10 years working as developer, analyst, manager....outside the academia and after working in different positions in university management and governance, for example, being CIO during 6 years, I realized that IT governance should be improved, discipline should be taught and, as a researcher, I decided to open a new line of research in my curriculum. So the main reasons were the pain I suffered in several IT positions, observing the gaps in governance from different perspectives: as IT staff, as a user, as a business manager, as a board member....as a citizen.

Are you living on a very small island in the Mediterranean Sea, Majorca, which is famous as a tourism destination (mainly for Europeans), and the site of several multinationals in the tourism industry? Are you collaborating with the stakeholders of e-tourism?
Yes, as I mentioned before, I'm a member of the board of two different tourism industry clusters, and we are developing an open innovation marketplace for this industry. These are some ways to improve the local industry, trying to give them a worldwide marketplace based on IT innovation.

Is the EU interested in governance for the public sector?
I believe that the EU citizens' concerns around accountability, corruption and management malpractices are going to include governance of public enterprises in the EU agenda, not only as a political issue but as a behavioral culture to formalize it in different frameworks based on principles of governance and accountability for all countries."


Q: Carlos, with your demanding schedule, we are indeed fortunate to have you come in to do this interview. Thank you for sharing your substantial wisdom with our audience.

A:  "My pleasure, Stephen. I hope we'll meet each other in IT meetings and also hope that the audience will pressure private companies and public institutions in order to improve transparency and openness which are the basics of governance of any asset, including IT."