CONSULTANCY ON STRATEGIC INFORMATION PLANNING Edited by Zdravka Pejova and Forest W. Horton ISBN 92-9038-140-X © ICPE 1993 Published by the International Center for Public Enterprises in Developing Countries, Dunajska 104, Ljubljana, Slovenia Printed by Biro M, Ljubljana INFORMATION POLICIES FOR PROFITABLE INFORMATION MANAGEMENT: PRACTICAL STEPS by Liz Orna BASIC RESOURCES Any organisation that wants to start developing an information policy, and to succeed, needs these resources to start with: - Support and commitment from the top - People of sufficient knowledge, experience, judgment and standing to carry the process through, taking both management and colleagues forward with them - Adequate time - Access to people and documents - Agreed methods for managing the process, and for reporting to the top level In most cases, the first task is to ensure these resources by making a clear case for an information policy - the first of many pieces of selling. SELF KNOWLEDGE Any organisation that commits itself to developing an information policy must first know some things about itself - Its objectives and priorities - Its organisational structure - Its organisational culture 165 CONSULTANCY ON STRATEGIC INFORMATION PLANNING Objectives are the framework within which we have to interpret everything we learn about what the organisation does with information, evaluate possible courses of action, make decisions. If we don't fully understand what it thinks it's in business for, and its priorities, we risk choosing information solutions that don't match, and may actually harm, its interests. We need to know both formal objectives and how key people interpret them. As research shows, there is often a difference... The Organisation's Structure determines information flow, so we need answers to these questions: - Who takes what decisions? Who has power to override them? - What formal units is the organisation divided into? - How much autonomy do the main units have? - Where does the structure come on the line between hierarchy (top down and no horizontal communication) and network (upward and horizontal information flow)? - Who are the managers? What are their formal responsibilities? - How do their responsibilities relate to their authority and accountability? - Does the organisation chart represent what really happens? The Organisation's "Culture" We need to know not only what it does, but the way that it does it. Culture is a potent influence on how enterprises value information, the way it flows, and how it is used. It conditions the resources the organisation will be prepared to commit to information policy, and the success of policy. Questions That Reveal the Culture - Personnel policy: is it rigid or does it encourage development? - Are there sharp boundaries between grades and departments? Or cooperation? - Is there a policy for staff development and training? Do staff help define it? - Industrial relations: are they authoritarian, cooperative, capricious? - What are management attitudes to sharing information with staff? 166 Orna: Information policies for profitable information management: practical steps - Do different functions share information? Or keep it to themselves? - How are decisions taken? Is available information used? Or is it on the basis of "feelings", intuition, influence of powerful individuals? - What is the attitude to risk taking? Does the organisation ever take risks? Never? All the time? Does it take them at appropriate times? - How do people in the organisation view change? With optimism? Anxiety? Gloom? Finding out about the objectives, structure and culture of the organisation will give: - Insight into what the organisation thinks it's doing, what it's actually doing, how it's doing it, and how appropriate all that is to the environment in which it's operating - Some first conclusions about how it rates information. That makes the basis for what is often called an INFORMATION AUDIT MAKING AN INFORMATION AUDIT This is a process of asking questions. How we ask them, and who we ask must depend on our judgment, in the light of our knowledge of the organisation. What does the audit cover? Earlier, I proposed a wide definition of information: Anything that the organisation and those who work for it need to know and apply in order to achieve their objectives As Horton (1992) has put it, that means, external as well as internal; manual as well as automated; sources, and services as well as systems; and all the activities in which people of many different specialisms take data or information and add value to it. So the questions we ask in an information audit cover a wide range: - What information do people Acquire - where from? Create - how? Process - eg store, file, extract data, input, search Transmit - who to? In what form? - What budget is given for information resources? Who controls it? 167 CONSULTANCY ON STRATEGIC INFORMATION PLANNING - Who and what are involved in these activities? People — job titles? responsibilities? Physical means - eg hardware, software, telecoms - How does information flow? Do people get what they need at right time? Are there places where the flow breaks down? - How are costs and values of information measured? Are the measures appropriate? - Are there any resources of information which are: Unused? Only partially used? The level of detail to which the questions are taken is a matter for decision by those who manage the information audit. Some Key Areas of the Information Audit The people who manage information - What is their education and training for the job? - Their work background? - Their orientation: is it towards accounting, data processing, management information systems, records management, information services? - Their level in the hierarchy? - The relation between their responsibilities and their powers? The Technology That People Use in Managing information Questions about technology come after questions about information content and information use, and about the people who use information. Information technology is indeed qualitatively different from earlier technologies because it has potential for adaptive interaction with users, enabling new ways of thinking and acting - but the first steps in interaction still have to be initiated by humans. And the humans who do the work that IT is meant to support should make the most important contribution to specifying what the technology should be able to help them to do. 168 Oma: Information policies for profitable information management: practical steps Disasters happen when the people who design and market the technology, those who make the purchasing decisions, and those who manage the technology are all unaware of: - The significance of information for the organisation - What the people in it really need to do with information - Basic principles of managing information. So, the audit should: - Build up a map of all the technology resources used by people for all aspects of managing information throughout the organisation - Find out what technology is used for; and how appropriate it is for the job - Identify who makes purchasing decisions and who manages IT. In some ways, organisations that are using little or no information technology when they start an information audit have a better chance of making good decisions when they do start investing in the technology! Information Flow When I am involved in an information audit, I find it helpful to make myself pictures of the organisation's information activities and their interconnections - it helps in seeing how information should flow and where the flow is breaking down. (See Figure 1) How the Organisation Measures Costs and Values of Information Measuring costs and values of information is a difficult area. It is often hard to find out what measures are being used, and harder still to devise appropriate ones. But the question has to be tackled, if our findings and recommendations are to carry conviction with decision makers! Relevant questions about cost measures:. - Is there a specified objective of costing? What is it? What kind of cost is taken into account (eg investment to date, direct costs, replacement costs)? 169 CONSULTANCY ON STRATEGIC INFORMATION PLANNING What elements of cost are taken into account? Does it look at what Burk and Horton call functional, resource and temporal elements? Functional = doing things with information Resource = capital costs, hardware and software, costs of getting information, staff, materials Temporal = depreciation, development, rental fees, etc. FIGURE 1______ VISUALISING INFORMATION FLOW IN AN ORGANISATION Operations Purchase Planning Set up plans objective Manufacture Research Collect, process, disseminate information from outside & inside Monitor information from operations, market, environment Decide on changes Implement Market Advertise Sell Service Create information products Analyse, compare actual with desired results Interactions Suppliers * Materials * Products * Information Market * Actual * Potential Operating Environment * Economy * Competitors * Legislation * Govern, policy * International Information flow in an organisation: a diagram like this can help in identifying places where flow breaks down 170 Oma: Information policies for profitable information management: practical steps - Do the measures look backward or forward? At past costs only? Or do they provide an appropriate basis for assessing costs of future proposed investment? While it is possible to put a figure to information costs — though difficult to find an appropriate basis for the figures - when it comes to the value of information to the organisation, the appropriate measures are qualitative ones, and that is something not usually appreciated by organisations. So when looking at measures of value, we need to ask whether they take into account such factors as these ( Burk and Horton, 1988): - Quality - is information accurate, comprehensive, relevant? - Usability — can the people who need to use it get at it easily, and is it easy to use? - Impact on the organisation's productivity - does it help decision-making improve product quality, save time, help timely action? - Impact on meeting objectives — does it contribute to meeting key objectives? - Impact on financial position — does it help reduce or save costs, increase profits, improve return on investment? USING THE INFORMATION AUDIT FINDINGS When we have the answer to the Information Audit questions, the next step is to relate the findings to what we already know about the organisation's objectives, structure and culture. The aim is to find: (1) Areas where information is of high strategic importance in achieving objectives, and there is already a good fit between what's being done with information and the key objectives of the organisation, and the organisational culture is favourable. If there are a fair number of those, the organisation is well placed to move towards an information policy. (2) Areas where information is of high strategic importance, but there is a mismatch between what is being done with it and key objectives and an unfavourable organisational climate. 171 CONSULTANCY ON STRATEGIC INFORMATION PLANNING If there are a lot of areas like this, urgent action is needed on them as a first step towards an information policy. If they are all like that - it may be a hopeless situation, but at least we will have the measure of it! THE PROCESS OF POLICY DEVELOPMENT If the results of the information audit show a favourable situation for developing an information policy, and a decision is taken, to go ahead, we have to ensure a sound basis for the work. The essentials are: - Sponsorship/commitment by a "critical mass" of top management - Time for the people involved in policy development - Someone of appropriate standing and qualifications to manage policy development, implementation, monitoring and growth - A clear statement of what is going to be done and why - for everybody in the organisation - Teamwork: drawing in people from different functions, with different interests and different angles on information. A first statement of information policy objectives The first step is a basic statement of information policy objectives; that will be the skeleton to which people in organisation will add flesh as they work to develop policy. AN EXAMPLE OF BASIC OBJECTIVES FOR AN ORGANISATIONAL INFORMATION POLICY Overall aim of the policy: To use information fully in helping to achieve the organisation's key objectives Objectives of the policy: (1) To identify what information the organisation needs, and what it needs to do with it, in order to meet its key corporate objectives. (2) To acquire the relevant information from outside, and to generate it within the organisation. 172 Oma: Information policies for profitable information management: practical steps (3) To exploit it fully, in order to meet all current needs, and to help the organisation to develop in response to changes in its strategies or in the environment. (4) To get information on time, and in the right format, to the people who need to use it. (5) To make sure that the people who process information understand the needs of the people who use it. (6) To give everybody who processes and uses information the opportunity for learning the appropriate knowledge and skills, for cooperating with each other in using them in their work, and for developing new ways of using and processing information to help the organisation to achieve its subjects. (7) To keep the technology used for managing information under review, in order to evaluate how appropriate it is in relation to the organisation's overall objectives, and to its information objectives. (8) To take decisions on new technology with proper regard to the organisation's information policy, and to its total socio-technical environment. (9) To ensure appropriate human resources and organisational forms for managing and developing the use of information and applying information policy. (10) To develop appropriate measures for the cost and value of information to the organisation. (11) To develop relevant monitoring criteria for evaluating the results of implementing the information policy. (12) To ensure that the findings monitoring the information policy and its results are fed back into the organisation's policy making and used in helping to develop organisational strategies. That example is simply an outline of the areas that a statement of the principles of an information policy needs to cover. How the policy statement is formulated in any organisation must depend on inside knowledge. It is for the people responsible for policy development to choose ways of expressing it that match the "organisational culture" - particularly the ways in which decision makers think and express their ideas! 173 CONSULTANCY ON STRATEGIC INFORMATION PLANNING The first policy statement needs to be presented "upstream" and "downstream": to top management, and to those who create, use, process and transmit information. - Upstream, to secure commitment, and ensure development resources for the future - Downstream, not as an exercise in giving a "feeling of participation" but to gain commitment to agreed objectives, involving the people who will work on further development and implementation. Plenty of time is needed for this process, the less time it gets, the less likely are the next stages to succeed. When the main objectives of the information policy are accepted and understood, they should become a formal part of corporate objectives. Areas for Further Development The next stage is to select areas for further development of the policy, and to draw in representatives of the people who are the most concerned in them to work with policy team. This is a pattern that will be repeated many times as policy development proceeds, and each time it should be a learning experience, so that the next time it goes better. With experience, the cycle of policy development can run in a number of places at any one time: as one phase is being implemented and monitored the next can be starting. Inside knowledge of the organisation is the key to choosing both where to start, and the subsequent sequence of projects. The first stage of development is crucial in selling the policy and gaining support for its further development, so the developers need to select a project which is manageable and low-risk, which gives key people something useful in a short time, and which shows clear benefits to the organisation's priority objectives. Each phase of information policy development should: - Contribute to a key objective and produce benefits that clearly exceed costs - Take a reasonably short time to carry through and give visibly used results in a short time - Involve manageable numbers of well motivated people. 174 Orna: Information policies for profitable information management: practical steps And the planning for policy development should take account of: - Time constraints - Which bits of the organisation have to cooperate in particular "work packa-ges" - What phases have to be completed before others can start - What interrelation of phases will give the best support in acMeving objectives - What resources of people, time, money, can be safely committed at any one time. NO PHASE SHOULD START WITHOUT GUARANTEED RESOURCES. The Role of Consultancy A word here about the role of consultancy in the cycle of development. The role to be played by consultants has to be defined by the organisation itself, on the basis of the knowledge that exists within the organisation, and within the framework of its objectives, I myself think the initial stages of investigations should be undertaken in-house - the report on it can form the basis of first discussions with consultants. The organisation and the consultants should negotiate an agreed brief, with a clear statement of the objectives of the consultancy, and of who will do that. The brief should provide for a phased handover of responsibility from the consultants to the in-house people. The consultants should be open-minded and prepared to work cooperatively; avoid those who promise everything but really have only one solution to sell. Training Preparing for implementing any policy package should include: - Identifying training needs - Planning training to meet them - before and during implementation Principles for effective training: - Allocate clear responsibility for training - Empower people to identify their own training needs - Use the experience of staff who have been involved in policy development for their own work area in helping to train their colleagues 175 CONSULTANCY ON STRATEGIC INFORMATION PLANNING - Not too much at once - Expect every possible misunderstanding - Focus on people's real tasks, not the technology - Give training when it's needed, not too long beforehand to be remembered, or too late to be of use. - Training for change demands interactive skills as well as technical ones. ORGANISATION-WIDE CONCERNS - HUMAN RESOURCES AND TECHNOLOGY At the same time, policy developers have to start thinking of two concerns which span the whole organisation; - Human resources for information use - The technology, in relation to human resources as well as to corporate objectives. Some basic principles for using human and technological resources - The organisation must know the abilities, skills, knowledge and potential of those who work for it and seek to use them to the full - Jobs should be structured so that people spend the maximum proportion of their time using their abilities to the highest level - People doing jobs should take part in defining how the tasks should be done - When changes affecting work are proposed, adequate time must be given to explaining them - Technology should help humans contribute what they are best at; people should never be distorted to serve technology; they should be physically and mentally at ease with it - There must be appropriate training programmes, with the people concerned helping to specify, plan, and evaluate their training. IT Disasters There is a long history of costly disasters associated with the introduction of information technology into organisations. They happened, and go on happening essentially because the people who developed the technology, the people who sold it, the people who decided to buy it, and the people who designed the systems, all: - Failed to understand the real tasks on which people were supposed to use the IT 176 Orna: Information policies for profitable information management: practical steps - Undervalued information and overvalued technology - Didn't define the objectives for which the technology was to be used - Didn't consult the people who were to use the technology. The results: - Investment wasted - Financial losses instead of gains - Systems at worst abandoned and at best underutilised - Human adaptability overexploited and human intelligence insulted - Passive or active sabotage - Loss of valuable human resources FIGURE 2_ BUILDING A SUCCESSFUL IT STRATEGY AS PART OF AN JNFORMATION POLICY Building a successful IT strategy Foundations Develop IT strategic plan; key objectives * Matching corporate objectives * Supporting key features of organisational culture Justify costs: * On policy, not traditional accounting, grounds Visual Building and implementing * Integrate technical and social systems * Look at likely impact in advance * Analyse tasks from technical and social points of view * Give users prototypes to try for themselves * Implement in stages, monitor as you go Plans * Corporate objectives * Organisational structure * Information audit Create decision-making structure: * Senior management * Experts * "Stakeholders" 177 CONSULTANCY ON STRATEGIC INFORMATION PLANNING Monitoring and Evaluation As we develop the information policy, it is essential to build into it how we monitor and evaluate it, and to agree methods for making reliable monitoring easy and cost effective. The results from monitoring each phase of implementation need to be fed into the regular cycle of corporate decision-making. This brings information policy to the fore at the top level, and so allows the information policy, and those who manage it, to contribute to corporate policy decisions - and that will enrich the quality and profitability of the decisions. FIGURE 3_ MONITORING AND EVALUATION Establishing, applying and verifying monitoring criteria For each area of information policy, what do we need to know in order to check: (a) that the policy is being implemented as planned (b) that it is making the expected contribution to achieving the information policy objectives? Select appropriate quantitative and qualitative criteria Those that will give maximum relevant information yield for minimum input of time Incorporate into information policy: * Key areas for monitoring * Criteria to be used * Responsibility for monitoring * Frequency of reporting * To whom results will be presented * How they will be used * Provisions for periodic verification of criteria Looking in an integrated way at all the organisation's information activities can suggest wholly new developments, which would not have become visible if each information activity had been considered in isolation. It can lead to 178 Oma: Information policies for profitable information management: practical steps realisation of hitherto unrecognised information resources which may: - Form the basis for a new product range - Open up a new market - Make possible an enhanced service - Raise the organisation's profile - Allow it to extend its influence in a key "constituency" - Help it to recognise threats and opportunities on the horizon, and turn crisis to "the coin of opportunity" WHAT MAKES FOR SUCCESS? Finally, a reminder of what seem to be the key success factors in organisations that have committed themselves to a coherent policy for the strategic use of information - Top management commitment - Keeping IT in an infrastructure role - Knowledgeable people to take initiative towards information policy development and to manage it - Drawing the "stakeholders" - those with a direct personal work interest -into information policy development and implementation - Bringing together people from different functions and cultures to exchange information and ideas - Open minds and positive attitudes + "good opportunism" - Clear common understanding of objectives - Criteria for assessing costs and values of information which are relevant and meaningful in relation to the organisation's key objectives - Supporting people in meeting change by appropriate training - Confronting external threats and taking the lead, rather than just reacting - Enthusiasm and self-confidence on the part of the information professionals. REFERENCES BURK, Cornelius F. Jr. and HORTON, Forest W. Jr. 1988. InfoMap: a complete guide to discovering corporate information resources. Englewood Cliffs, NJ:Prentice Hall. HORTON, Forest Woody Jr. 1992. The corporate information management function. Aslib Proceedings. London: The Association for Information Management. 44(3): 107-114. Mar. 179