"You're trying to get the best of both worlds. You keep [IT] people close to the business for responsiveness, but you have the resource advantages of centralization. You are able to achieve reuse, standardize in ways that enable greater optimization, and achieve economies of scale," says Mike Keller, enterprise CIO at Nationwide, which employs a federated IT structure.

ACHIEVING THE OBJECTIVE

There are, however, potential downsides. "One of the concerns with the hybrid or federated model is not having a strong governance structure," says Prashanth Ajjampur, a director in Deloitte's Technology Integration practice and former vice president of enterprise architecture at The Hartford.

Marc Cecere, vice president and principal analyst at Forrester, points out the model may operate counter to an insurer's objective of achieving process consistency and efficiency, supported by automated workflow technology, across the enterprise. "A federated structure where application groups make decisions autonomously works against that [goal]," he says.

Effective governance in a federated model is therefore a balance of exercising strong corporate IT control over enterprise assets and concerns–such as standards, security, and architecture–while preserving the authority of the business units to develop and deploy technology that meets business needs. "Security, risk management, vendor management–those are organizations that become more important in federated [IT]," Cecere says. "There has to be great consistency."

Chubb had operated under a centralized model before structuring into four strategic business units (SBUs) about seven years ago. Within each business unit is a CIO who reports directly to the unit leader, with a dotted-line report to the global CIO.

Chubb's corporate IT handles enterprise IT compliance and risk management, infrastructure, and standards along with managing shared services. It also is responsible for "centers of excellence" that serve as a resource for cross-unit development competencies, such as integration and SOA capabilities, as well as a home for innovation initiatives.

Ownership of and accountability for IT assets by business units and the hard-line reporting relationship make the structure work, according to Drewry. Chubb hired Drewry as its global CIO in 2006 with plans to have her ultimately leave that role after cultivating a successor. By press time, she will have moved on to head a business transformation project within Chubb.

"In the past when we were centralized, even if an IT group was dedicated to the business, it was too easy for business leaders to go to the corporate CIO and say, 'Fix this problem.' Once you federate, business leaders know they have the responsibility and authority to fix it," says Drewry.

Federated IT has had a "huge" impact on business-IT alignment at Chubb, Drewry says. "IT knows the business incredibly well, and business knows IT well. You can go and ask the heads of business units what's happening on a project, and they will be able to tell you in detail–they don't ask you to ask the CIO," she explains.

"IT also has a seat at the table and is part of setting business strategy. Once you put the application units into the business units, and once IT is part of the business unit senior management team, the issue of whether IT is aligned with business and is performing well really becomes a moot point," she adds.

Chubb has put in place new systems and processes to enforce governance in its federated structure. For instance, any new development project and any deviation from established enterprise architecture standards require filing a detailed "building permit" with Chubb's architectural board and receiving approval. "There are good reasons for deviating, but we need to have a tough process that requires justifications to exceptions, or the standards themselves have no value," Drewry points out.

Developers accept the strong architectural governance in part because Chubb's enterprise architect maintains strong ties to the business, including continuing to serve as a business unit architect. "I was skeptical of that dual role at first, but it's turned out the architectural decisions that are made are much more pragmatic, enforceable, and executable than they would be if they were perceived as coming from an ivory tower," Drewry reports.

Chubb has assessed potential risks to a federated model, Drewry says. "At first, you worry standards will go to hell in a handbasket and you'll have different technology in each SBU, but you address that through governance. There's some perception you will lose economies of scale by decentralizing development; however, the effectiveness we've gained as an organization will far outweigh any perceived loss."

Unlike Chubb, Nationwide had been decentralized before migrating to a federated IT model about five years ago.

"Traditionally, we had a lot of separation between business units, but as we moved toward a more integrated model from a business standpoint, we had a business need to identify technology that could be shared and a technology strategy that would support that business model," says Michael Carrell, Nationwide's assistant vice president of Internet delivery and one of the architects of Nationwide's IT governance model.

Although infrastructure and a handful of shared services had been corporately controlled under the decentralized structure, there was no reporting relationship between business unit CIOs and the enterprise CIO. Today, there are additional shared services and Nationwide's federated IT model includes a matrix structure that incorporates dual-line reports from unit CIOs to unit leaders as well as the enterprise CIO.

"Decisions about what we do are driven by business units. How we do it is what we have centralized," Carrell says.

Although the structural change was driven from the top down, getting formerly autonomous units to work collectively required significant change management efforts, including revising Nationwide's bonus structure to reward IT and business execs on achieving shared IT objectives.

"Previously, our IT agenda of 'enterprise sharing' did not have any real teeth in it. There wasn't enough incentive or consequence for people to play or not play. Now there is," Keller says.

"We also put promotion, hiring, and incentive decisions equally in the hands of both sides [business and IT]," he adds. "At leadership levels within the company, there isn't a transfer, move, or promotion that doesn't go through our CIO council."

Nationwide has seen the benefit of a federated structure through increased economies of scale and greater reuse. But one of the unexpected benefits has been an improvement in IT job satisfaction.

"Standardization [of job titles] allows talent to move more easily throughout the company, which also benefits us from a resource perspective," Keller indicates. "IT staff is paid and promoted in a consistent way, and people feel their careers have much more opportunity because they know how their roles and responsibilities relate to people in other units."

Although achieving greater efficiency is an oft-cited goal of moving away from a fully decentralized development model, Keller says federated IT has the potential to do just the opposite, something that Nationwide has worked to address.

"You now have a lot of things decided through committee," he explains. "For instance, in creating enterprise standards, people from different organizations need a voice. If it was just one business unit team, it would be faster than standardizing across units. But we think the benefits of standardization outweigh the downside, and we have refined our model to get better at driving consensus quickly."

TRANSPARENCY AND TRICKLE-UP

Although determining security or network resources should be standardized across the enterprise might be straightforward, identifying that, for instance, a content management system being deployed by claims should become an enterprise system is not.

Transparency, enabled by effective enterprise governance, allows a company to target applications for potential reuse, but a business unit still may be reluctant to take the extra time–or spend the extra money–to develop them as such. That's where strong corporate IT has a vital role in a federated model.

"You need a centralized leadership body with the transparency to drive good decision-making, because there will be trade-offs," says Steve Hatfield, principal at Deloitte.

"It's pretty easy to know you want one general ledger, one accounting system, one HR system. You might want to have one prospecting and sales system, especially if you're cross-selling. But if you get into the depths of policy processing, your personal lines system isn't going to be the same as your commercial lines system," notes Drewry.

"It gets tricky when technology comes in such as rule engines or product engines that have the potential for reuse across SBUs," she adds. "However, it's a rare instance where everybody wants to work on the same thing at the same time. You might need to deploy it one way simply for speed, but you still should strive for an enterprise vision and design."

Nationwide can point to several examples of "trickle up" reuse gained by cross-unit communication and corporate transparency. For example, development of a centralized customer information file (CIF) arose from simultaneous needs across several business units.

"As privacy requirements came along and we received technical security requirements for opt-in/opt-out systems from different business units, we began to build a thin integration layer that would connect to the downstream CIFs. But the farther down the path we got, coupled with some internal integration we also did, the more it led us to evolve in the direction of creating a common CIF," Carrell says.

In addition to the internal standards a company develops, industry standards also have enabled a federated IT model and facilitated reuse, Ajjampur claims. "Particularly if you look at an organization that has created a center of excellence and aligns that to standards, those standards enable programmers to focus not on what technology to use but what problems to solve," he says.

COMMUNICATION

Companies migrating from a decentralized approach often fear adding a layer of corporate IT will become a corporate roadblock; those that move from a centralized approach fear business-unit anarchy. Communication is the key to avoiding both problems.

"Corporate IT is a collection of different leadership roles across the organization, but it shouldn't be viewed as an administrative body. If it is, people will find a way to work around it, and it defeats the purpose. Instead, it should be viewed as a body that's coming together to discuss what different units are working on so the entire organization gains the benefit. How you set up the charter of the organization so that it is more about enablement than approval is critical," Ajjampur asserts.

"As in any matrix structure, if the leaders on either side don't work well together, it can't function," Keller says. "We have a CEO who puts a high degree of value on cooperation and collaboration and makes it clear he wants to run the company that way. In our business model, we share where it's in the best interest to share and are unique to the business unit where it makes sense to be unique, not just in IT but in all areas of business."

"We spend an awful lot of time together," Drewry says. Chubb's senior IT leadership team–consisting of business unit CIOs, the global CIO, the enterprise architect, and heads of risk management, IT human resources, shared services, infrastructure, IT finance, the program management office, and IT communications–meets once a week for two hours, every two weeks for the better part of a day, and once a quarter for more than two days.

"It's easy to drift if you see each other only once a quarter. It's much harder to drift if you spend significant time together," Drewry says.

COUNTERPOINT

Still, only a minority of companies use a federated IT structure, with most enterprises choosing centralization (see graph, p. 18). And a federated IT structure may not be the right choice to achieve business objectives, even for a large and growing company.

When Lincoln Financial Group, today with more than $237 billion in assets, merged with Jefferson Pilot in 2005, each company had a different approach to IT. Jefferson Pilot was highly centralized, whereas Lincoln was decentralized, with no corporate CIO and many enterprise services, such as infrastructure and security, outsourced and under the control of various business units.

Yet after the merger, Lincoln chose to migrate to a centralized model. Chuck Cornelio, CIO and senior vice president of shared services at Lincoln, believes despite the cultural changes it required, the move fit Lincoln's going-forward objectives.

"Coming out of the merger, you might think the model Lincoln had would have been more responsive to the business, but it wasn't. Because there was no corporate sharing, people were unhappy with the level of IT services," Cornelio says.

"Also, during the course of a merger of two companies with equal resources and overlapping IT organizations, we needed to understand our overall IT activities and total IT spend. Without going to a centralized model, that would have been difficult to do," he says.

In addition, a centralized model enabled Lincoln to evaluate its enterprise business priorities, according to Cornelio, and ensure its IT budget as allocated by business areas was in alignment with those priorities. "We also were able to improve talent management and career development by establishing consistent roles across the organization. That's a huge benefit from an IT perspective," he adds.

Moving completely away from a decentralized model enabled Lincoln to implement enterprise IT governance, including creating metrics and methods to gain transparency into both IT assets and performance. "We measure pretty much everything," Cornelio says. "We now are able to compare application development areas and get a handle on why one group is performing better than another and to drive to the point where IT is consistently delivering across the enterprise. We are far, far more efficient today both in terms of our expenses as well as the number of projects we successfully complete."

Still, there are challenges to the centralized model, Cornelio says. "IT establishes the IT budget, but business units are the source of revenue in the company, so they have a sense of what they would like to spend. There is a natural tension that builds up, and if we're not careful, we can be put in a position where we need to tell a business it wants to spend more on technology than IT has available."

Addressing those types of alignment challenges–and ensuring IT remains agile and responsive to business demands–has required Lincoln borrow key components of collaboration from the federated model. Although there are no reporting relationships, dotted-line or otherwise, from IT to business, Lincoln has structured itself to respond quickly to business needs.

"IT staff participates in business meetings and in many cases is located in business areas. We also have cost-benefit analyses on large projects that are joint efforts between business and IT. And we have clear partnerships established between business units within IT, so that business unit staff members know who their IT partners are and vice-versa," Cornelio explains. "Without this structure, the model would have a great chance of disconnecting."

MAKING IT WORK

The structure that works best for a particular company is influenced by its size, history, corporate culture, and business objectives. And even for companies that have achieved an effective IT structure today, it is a process of continual refinement.

"We're still trying to fine-tune the model right now; tweaking what we centralize and decentralize," Keller says. "You have to align your IT structure to your business, rather than around what IT would like to get done." TD