RISK in IT Capital Budgeting

RISK is by far another misused term after ROI in IT.  It is often used to describe "the probability of the unknown" - maybe I am giving too much credit to the ones who use it!  It is also used to make IT decisions most ambiguous.  Lastly, it is a great CYA term - "what is the RISK of this decision?" - was never sure what people mean by these statements.

Anyways, getting down to business, let us define RISK in more real-life terms.  RISK is the probability of an unknown event that may lead to a LOSS (a non-deterministic behavior or Stochastic process).  It is driven by two factors - unknown outcome of a decision - attributed to lack of Information , and randomness of the assumptions used in making a decision - attributed to lack of Statistical rigor in evaluating assumptions used in a decision.  We can minimize RISK by minimizing these two factors that drive RISK

....more coming up soon...

Does your IT Strategy have Strong Fundamentals?

http://www.ciozone.com/index.php/Blogs/view/1856/.html

IT Cost Reduction – Reactive or Proactive?

http://www.ciozone.com/index.php/Blogs/view/1222/.html

Business-IT Alignment Demystified

http://www.ciozone.com/index.php/Blogs/view/424/.html

How to Tap IT’s Hidden Potential: A Practical Perspective

http://www.ciozone.com/index.php/Blogs/view/395/.html

Doing IT the ROIt way...

The term ROI is the most misled and misused term when evaluating the true potential of a given technology.  Vendors use ROI as the "silver" bullet to prove how good the investment is if made in their offering, CIOs use it to look smart in front of the vendors, Corporate Finance uses yet another method to calculate the "true financial impact" of technology investments. The main issue is ROI is a point in time metric i.e. it only tells us the Net Gains from an Investment.  Let us take an example to illustrate how this works.

Example:  We need to invest $500K in some new piece of software that automates the billing department.  By investing in this we can free up 2 billing clerks who are annually paid $50K each.  The cost of training the other people in the department is $50K and is a one time expense. The annual maintenance on the software (charged from year 2) is 10% of the price

ROI (Year 1) = ( ( 2*100) - (500+50) ) / (500+50) = -64%

This is misleading as from the second year, there is a Net Savings of (2 * 100)- (10% of 500K), which $150K on an ongoing basis.  Hence, by just looking at the ROI of the project, it does not look like something that we should invest in.  However the NPV for a 5-year period (Net Present Value) of the project is $76K (assuming a 14% Cost of Capital), and an IRR (Internal Rate of Return) of 26%.

Hence, from a pure Corporate Finance 101 perspective, this is a project that we should embark if we look at the NPV and IRR, however this project is a "no-go" if we just look at the ROI.

To summarize, we need to look at stronger long-term metrics such as NPV and IRR rather than just the ROI of the project.  It is important for IT organizations to see the impact of a Capital Investment on their long-term operating structure and to explore "value-creation" opportunities rather than look at a "point-of-time" measurement - Return on Investment (ROI)

SaaSy Software...

Software as a Service (SaaS) has been a buzz word for a while.  Does not seem to take off too well. I attribute this to two main reasons.  Larger vendors are still trying to figure out how to move their perpetual license customers into this model (i.e. if they want) and trying to create a compelling business case to ensure that they do not cannibalize exiting revenue streams. 

However from a financial perspective many have argued that SaaS has a very different financial impact on an IT organization.  This is simply due to the fact that from a license plus annual maintenance model, the corporations suddenly start incurring an "annual fee".  They would argue that this changes the impact of a SaaS based offering to their cash flow projections.  In other words, the initial license fee is a Capital Expense (CAPEX) and the annual maintenance is an Operating Expense (OPEX).  Therefore there will be a bigger drop on the cash flow projections for the initial year due to the license costs and then a fixed decrease due to the annual maintenance OPEX.  In a SaaS based model there is no CAPEX and everything is a OPEX which leads to the fact that there is not CAPEX and hence no impact of depreciation.  Apparently this kind of sounds right....Does it?  The financial impact of the SaaS model is analogous to an "Operating Lease" when the books create a "fictitious asset" and "depreciate" it over the years.  This is technically how it must be treated.  Hence, CIOs must not worry about the impact of SaaS on cash flows as it is no different that other software purchases. 

Looking at the operating aspects of Saas, is it any better than traditional software from a maintenance or operational perspective? Apparently the SaaS model seems to reduce OPEX.  However, I think it does that marginally.  The biggest merit of the model is its impact on operational RISK.  One can argue that since it is a hosted solution (hosted at someone else' site), it adds to the risk since there is less control on the day-to-day functioning of the solution.  Vendors hosting solutions are usually using a robust and proven infrastructure.  They are also "very good" at what they do - host solutions.  Finally they negotiate Service Level Agreements (SLAs) with their customers on the downtime of the hosted solution within acceptable levels of threshold of the customers' tolerance.  Hence, I would say a SaaS model reduces operational risk.  To turn the argument around, such a model has a higher opportunity cost - the cost of downtime if hosted within the company infrastructure.  It may also be argued that a hosted solution is vulnerable to security intrusions.  This increases the security risk of the solution which is a significant component of operational risk.  The decision to use a hosted solution is predicated on a careful evalution of the risks that it exposes and mitigates.  Accessing a SaaS model from an OPEX perspective is not completely apporpriate.   

From a SaaS provider's perspective, such a model is ideal to leverage Economies of Scale once the number of customers reach a certain number.  SaaS vendors usually price their offering as per seat, per usage or on subscription basis.  In a perfect competition scenaro, the SaaS vendor will maximize his profits when his Margical Cost is equal to his Marginal Revenue.  However, when economies of scale are achieved, Marginal Cost tends to be minimal or equal to zero.  At that point, if the vendor can differentiate his offering from his competitors, he can transition to a Price Discrimination model to price his customers differently.  This leads to higher profits over a period of time.  However, the key message here consists of two variables - large number of customers to achieve economies of scale and differentiated service offering to leverage a Price Discrimination strategy.

A SaaS model seems to work very well for applications that are independent in nature i.e. not tightly integrated with the other enterprise applications.  SaaS based solutions work really well if their dependency on other applications is low or predictable over a time period.  Hence CRM systems that are not tightly integrated with Order Management or Provisioning systems seem to be an excellent are where this model seems to be getting a lot of traction and success - a.k.a. SalesForce and NetSuite.  However, if these are tightly integrated with other ERP systems the efficacy reduces leading to a non-economic solution offering.  Other areas that seem to benefit from a SaaS model are industries that require "Information on Demand" - such as Financial Services Analytics, Video on Demand, News etc.

So if all is nice and dandy with SaaS, why is it not picking-up or slow to pick-up?  The answer is simple - the diffusion of this technology into the "Late Majority" has not yet happened.  This is due to two reasons.  Since the profitability of a SaaS solution requires a larger gestation period, vendors are reluctant to offer it as a primary delivery channel of their products.  This is also due to the aggressive competition.  Competitive forces are not allowing software vendors to attain the desired economies of scale leading to revert back to a licensing model where they make money from the maintenance contracts.  From the customers' perspective the perception of risk offsets the benefits of the model. 

Who says "Customers are rational"?

IT Organizations or Second Class Citizens...

Corporate America treats IT organizations as "Cost Centers" better known as second class citizens.  This goes back to my previous post on "Corporate Finance for Techies...".  Most of corporate IT comprises professionals from an architecture, application development and IT operations background with the "degree in eliteness" in descending order.  Architects think they drive technology in the enterprise, Application Development Teams (if there are any - mostly the architects are embedded in these teams.  They still consider themeselves the elites) think they do the "Real Work" and IT Operations laugh at the other two and think "if it were not for us...you guys would be nowhere".

On a more serious note, I often think why is this the case?  Firstly, why is a department that is the latest addition to the other more conventional ones such as Finance, Sales and Marketing, perceived as a "Cost Center".  Simple answer - CIOs don't do a good job of two things.  Firstly - they do a poor job of correlating the value of their organization's output to the Enterprise Value of the firm.  This is because they are incapable or going after the "quick wins" and "low hanging fruits" - which are tactical and mostly do not add or augment Enterprise Value of the firm.  Secondly - they are not "forward looking".  In other words, they do not "think" about using "IT as a Revenue Generating" catalyst as much as a "Cost cutting tool".  Those that do, come up with disruptive and Killer Apps - Internet Retail Banking, Online Payments, Online Trading...I can go on.  One can argue whether these ideas originated from the business or from the technology community.  I would argue - they orginated from technologists who were interested in making their firms "earn more money" than "save more money".  They were thinking of what Gary Hamel terms as the "Opportunity Share" of a market that is non-existent at that point of time.

So why are IT organizations second class citizens?  Finance does not bring in revenue - but does not have a reputation like IT.  I think it is due to this inherent nature of technologist to experiment, perfect and be proud to flaunt a "cool new gadget" or "solution" and NOT focus on trying to help their firms generate more revenue.  It also due to their nature about trying to solve the 20% of the problems which have insignificant or a very low impact (positive or negative) on the firm's bottom line.  Basically it is also due to the "Capex heavy" and "Opex bleeding" nature of the department.  Every business case for a new IT project has a "Hardware", "Software" and "Professional Services" sections.  All this adds up to a VERY LARGE NUMBER which DOES NOT TRANSLATE to ENTERPRISE VALUE" - I am just a stickler for Enterprise Value.  Every department's existence in Corporate America or any other economy must be contingent about their ability to add "value" to their firm.

IT Organizations (comprising architects, developers, testers and operations personnel) have to think "Revenue" NOT "Cost".  It is not a paradigm shift - it is just trying to figure out a way to extend their thought-process to transform the "coolness factor" of a "new gadget or solution" to "add value" to the firm.  Putting it simply - they have to get out of the "solution mode" and start their thought process from "What business problem am I solving" or better still "How can the coolness of this new technology add value by generating more Revenue for my firm".  Believe me if they just start thinking on these lines - we would have more killer apps.  Killer apps are an after thought - though technologists think they know what is a killer app.  Suppliers of IT products and services consider their products no less than a killer app.  However, it is the problem that these apps finally solve makes them a killer app.  On the demand-side of IT, the CTO organization is rarely thinking of "value" or "revenue".  They think in terms of "cost", "process automation", "reduction in manual processes" - all geared towards automating manual business process with the use of technology.  Why is it that they do not learn from the examples of Online Banking and Online Payments that IT can be also be used to generate revenue...

What is really tragic is the mypoic perspective of CIOs and CTOs.  They are there to "fix" a problem.  But they are fixing the symptoms or saving their jobs.  Hence the short life span - 18-24 months on an average.  I think they are to be blamed for turning the IT Organization into a second-class citizen.  CIOs and CTOs assume that their job is to cut costs by automating business processes (which is not a bad beginnning) and "keep the lights on" - as they say.  As more CIOs/CTOs try and introduce visionary and breakthrough solutions to existing and anticipated business problems, this trend may change.  Companies with those kinds of CIOs/CTOs fall in the top 10% of the leading companies in any industry vertical - Schwab in Financial Services, DELL in Online Hardware Retail, Amazon in Online Retail Aggregation to name a few...Others are mediocre companies that do not believe in IT as a differentiator - or I would say that there CIOs/CTOs do not have the courage to think so as they "assume" too much about their job responsibilities and do not want to make a difference...

Corporate Finance for Techies...or am I looking for my next "cool" gadget?

What is "cool" does not provide "value".  What provides "value" may not be cool.  What is "cool" may have "value" that needs to be communicated.  So where do the poor techies go - "coolness" is their mojo.  Not with the intention to trivialize the value of "techies", it seems that more and more software vendors are targeting their products at the "early adopters" and are failing at the "mass adoption" stage.  This is clearly a problem which leads to the understanding of why "good" technologies do not catch-up.

Doing some thinking around this for a while now.  I came to the conclusion that "techies" do need to be taught corporate finance 101.  That should not be a stretch since Black Scholes was driven by laws of thermodynamics.  It is imperative for "serious technologists" to understand the concept of "Enterprise Value" as defined in corporate finance.  It is more important for software vendors to prove the contribution of their technology to their consumers.  This can only be achieved if technologists understand the concept of "value" the way the "market" sees it.

Projects or investments add to the "Total Enterprise Value" if the the returns from the project, usually denoted and loosely defined by ROI (Return on Investment), is greater than the company's cost of capital.  In other words the returns from the investment in technology need to offset the cost of the interest paid by the company on its debt and equity components.

Technologists need to understand the nature of their company.  If they belong to the supply-side (software product and services vendors), it depends on how the company is funded.  If the company is highly leveraged, the cost of capital is biased towards the cost of debt.  If the company is a public company, then the cost of capital is a mix of the cost of debt and equity.  Technologists on the supply-side are mainly driven by market demand of their products.  However, a knowledge of corporate finance to just this extent allows them to better prioritize and rationalize the product road map.

On the demand-side (corporate users of technology) perform a charade of a so called "business case" which essentially ends up in the form of a Discounted Cash Flow (DCF) showing the Net Present Value of any IT project to be a very high number (mostly in millions).  This is good corporate citizenship.  However, the goal of the business case is not to create "value" in the organization.  It is usually to work an angle off the CIO's Capital Expenditure (Capex) budget.  The real kicker is when the project gets initiated, no one really controls or even looks at the "assumptions" made during constructing the DCF.  This is usually due to two reasons.  First, the cost of the project has created a hole in the CFO's pocket and we don't want to boil the ocean.  Second, the assumptions made (especially those around the cost components) are no longer valid and let inertia prevail.  Job security, quest for building the resume with "cool" technologies, hoping to get a job at Google...probably are the more prominent vested interests than actually creating "value".  The poor CIO who has a life span of 18-24 months is looking at "quick wins" or "low hanging fruits" - whatever those mean.

The real problem arises from the so called technology proponents from the demand-side - namely the "Architecture Groups" start imposing their "standards" and "SOA evangelism" into the CIO's agenda.  Not denying that these groups do bring some kind of an "unknown, non-quantifiable cosmic" value to the IT organization,  but has anyone questioned or correlated their "value generating" abilities to the stock price or even the Return on the Invested Capital (ROIC)? 

I am petrified and appalled at the fact that we continue to talk about "Enterprise Architecture", "Technology Evangelism", "Standards" etc. etc. - but we don't bother to spend any quality time trying to quantify and capture the IT "value" in corporate finance terms to convey and communicate all the good work around sound investments in technologies with a high NPV.  The "Enterprise Technology Strategy" must be guided by "value" to business.  Period!

So as the CIO do I not have the corporate responsibility to help improve my stock price?