 My intention with this panel's session was to identify a number of themes primarily around transformation and things. My purpose here as the coordinator of the discussion is just to facilitate it that we would be remiss if we didn't respond to questions from you. So I'll drop into my graduate teacher role and facilitate a dialogue with the rest of the class ..so that you can bombar these people with questions. One thing I would like to do first of all is to link some of the things that have come up in all four presentations, ..and that is this notion of transformation, and it is directed at you Rob initially. So, something that you said in the Deltyloid story, was about the, if you will, the softer parts of business transformation, O'r hwn, mae'n rhaid o'n meddwl sy'n meddwl ysgrifennu yw'n meddwl hwn yn ei fan i'r meddwl yw'r proses i'r meddwl. NYddai'n meddwl hyn yn yhteisio hwn? Gweithio'n meddwl hwn ar hyn o'r meddwl a'r hyn yn meddwl i'r holl, ond mae'r defnyddio ar rhai'r rom, mae'r meddwl hwn yn dod o'r peth yn meddwl i'r meddwl wedi hi'r meddwl ymlaen, mae'n golygu ar eto cymryd yn diogelio fynd o'r cyfnodol, i chi'n gweithio'r cyfrifolol, i chi'n gweithio'r cyfrifolol, a rydw i'n gweithio'r progres ar yr ymweld ar y Gweinig Llanfransysgrwm. Ond rydw i'n cwrs eich gweithio, y maen nhw yw'r maen nhw'n byw ychydig o'r cyfrifolol, mae'n gweithio'r cyfrifolol yn y cyfrifolol o'r cyfrifolol o'r cyfrifolol. Is that something that people retooling? Is that something that you've had to do in Shell? People are a problem. I'm glad I asked that. Rob's exactly right about skills, and I'd like to throw one back at you. I will ask the question, but I'll give you an opportunity to think about it. I don't think it's about certification about these people, or not only about certification of people in this team. How are we going to get the IT graduates coming up understanding this before they even enter the workplace? I'm glad you asked, and I will respond. It's not only what Rob said about skills is absolutely correct and making people work in a different way is hard. People are change resistant. Even the ones that are most supportive of the cause even have trouble making changes. Absolutely. It's a great story, Mary, but it's about them, isn't it? I think everybody should change, except me. The world would be a better place if everybody else changed. That comes back to this, as you said, around automation. One of the things we look a lot of in Everlet Packard is around the journey, which is really saying you can start by automating a lot of the individual things you can orchestrate across, and then you can do transformations and really creating that industrialisation of IT first. Because then you have a foundation for the people, and you're taking up all the manual part, which is the ones that would otherwise be very scared about transformation because they would potentially not be the ones you're needing afterwards. But you take that out of the transformation game. Maybe also what Mary you pointed out is if you look at the graduates that come from school, I mean it's interesting to know how agile works, and that's typically where they are trained in, right? New capability, which is fun, but IT management, as basis, is not really teach very well. Or they cover agile a bit, but that's too much process-oriented. It doesn't really... Nobody that I found coming from a university or whatever, they suddenly are in the IT world, let's say, and they are IT specialists in some way, have no clue what's happening in an IT organisation, and what's needed to run IT. And ITAL doesn't cover that very well. It's indeed, as you mentioned, it's a gap. I've had an interesting opportunity to hire two interns recently to help with some of our product development, and they're emerging graduates from four-year programs, a small school where I live in northwestern Wisconsin, one computer science graduate in December, one an MIS graduate, and they'd heard of source control and maybe did a little bit of it on some actual project. Again, I've got a very small sample size, but I was surprised that they weren't coming to the table knowing all about subversion and continuous integration and all that kind of stuff, and that I had to prove to them that it worked and that it was a foundation for having more than one person working on stuff at the same time. And similarly, the whole idea of tracking defects, work item planning, and then the thing that I was, so I may have to go back to these folks, professors and programs, but they struggled with doing even simple things like debugging. But you mentioned like requirement to deploy is probably the most, let's say, item where it's thought like people are in test-driven development, they are typically around development. There's a lot of focus on development and development skills. Maybe you're not always on the end, but not on the end to end. It seems to run for another few years, or some applications even run 20 years, let's say. Stuff seems to stick around a lot longer than you expected it to, right? And I guess I've always thought that one of the things we have to be careful about with the agile software development movement, particularly some of the zealots on one end of the extreme is I think it's patently unfair for a small community of people that are involved in the shortest period of an asset's life cycle to be able to set the terms of engagement for the rest of the organization. And I think that's very myopic and narrow-minded, because, again, what about the poor people that have to support and operate it? Now, of course, if you move to a DevOps model, they become one and the same, and they gain a broader viewpoint of what that means. One of the things I encounter is in the agile, let's say a lot of businesses or IT organization wants to be agile, like they implement scrum and all those capabilities, and then suddenly they come up with the new idea of we are a team and we can decide how we work because it's decided on the workflow, right? That's one of the agile manifesto, you know, interactions above tools and processes. And as a result, they say we don't need documentation, we don't need because we are agile, and by itself that is correct, but they still need to work in an entwined world where they deliver something that needs to be operated and supported and improved continuously. So it is challenging now because they say tools are not important. It's about we collaborate with the business what they want. And then we come with IT fighting. So, well, we actually want to standardize that. That's one of the challenges we face. I think so. I think so. And I respond very positively to this comment about agility. So the students need to be a lot more agile to coming out of university. And I take full responsibility as a representative academic in the forum. In fact, it's one of the things that draws me to it. So one of the things that we need to, if you will, evangelize with IT for IT is the learning opportunity that this presents for improvement of the generation of students. So there are clearly graduate programs. I had a conversation with one of Lars's colleagues over lunch. So we're moving that forward and closing some loops. But high awareness, Mary, and we will get it. But if you think people resist change, you should work in an academic institution. Maybe we should swap one day and then we can decide which organization is more change resistant. What fun we could have, what mayhem we could call. But it's also interesting, and maybe it's something about maturity in the academic world. If I look at the professors and what have I, that goes on many of the computer science faculty they have no clue as to how IT runs, basically. And at the same time, if I go to the manufacturing or the mechanical engineering, if you will, they actually have courses in processes and process design and plant design and stuff like that. But if you go to IT, basically these things doesn't exist. And so it's a very fundamental thing that is missing in our education system, I think. We can repair it to some degree by then saying, okay, you start by being a developer or something. But then we need as an industry to create the capability of further education after you graduate. It's almost like you have to develop a sort of IT for IT game where you have teams of students working at the strategy portfolio development and then see what happens when you don't do this very well because then it runs in production and there's an incident. It's almost like a game you play and it's not difficult to create in a university setting or even in a business to let play and say, okay, if we don't collaborate together, it doesn't provide the business value as we expect. So could we do like Monopoly, the IT for IT edition? No, no, no. It's more sophisticated. Rob's actually presented a kind of a model that could be stood up quite quickly. You can role play the Phoenix project. Sure. And for a graduate or an MBA type thing. But this is a persistent problem. So true story, 25 years ago when I first came into higher education, one of my senior colleagues asked whether or not it was necessary to teach programming skills to MBA students, which we did at that time. And my answer was affirmed yes because they need the conceptual underpinnings of what those senior management responsibilities bring with them when you are sent to a role like Mary's in a complex organisation like Shell. I think it irresponsible to let them out, if you will, without conceptual apparatus because otherwise they can't make sense of and bring into operation something like the standard that we've launched today, but still. But yes, responsibility acknowledged and we'll move on. If there are questions from the audience, I'd like to drive the dialogue that way and if needs be I'll take us back onto the theme. Would you wait for the microphone to come to you, Sir? Simply because we're trying to record this so that we can stream later on to the folks not able to attend. Thanks very much. I'd just like to respond to Mary's question really. We are actually working with several universities in the UK and in response to Rob, we use gamification in that as well. So we give them roles responsibilities, show them the impact, et cetera, et cetera. My conversation with Chris just outside was to make him aware that the University of the West of England in the UK will be looking at IT for IT to be part of one of their degree programmes at next September. Excellent. Impressive. Awesome. The rather nice piece of loop closing there is that your chairman graduated with his PhD from the University of the West of England. So Jane Berry, the programme director there, will be back in touch with me and hopefully then we can map it across the Atlantic too and take what has been developed there into USF initially and we'll see where we go from there. So a nice nudge. OK, further questions from the floor. Mr Ryan. Yes, over the last couple of days we've heard a lot of discussion particularly with the keynotes yesterday from BAE systems around the importance of initially developing the case for change and the big why. As each of you who worked with your CIOs, your leadership teams, how are you articulating the big why for this? Why it's important? Why now? Is it simply the cost savings or is there something more? I'm going to make a great admission here. We don't have the big why and we don't have the full force between for just doing IT for IT. There isn't a case for doing that. For each individual step and actually embedding this where it makes sense opportunistically with a business case is the way we're approaching it. But actually everything that you saw on my roadmap is making sense. It's slotting in somewhere into somebody's agenda and the more we see the emerging technology come in, the more and more you see it. You can see since we started this three years ago we've done licence management, we've done cost transparency, we're in the middle of portfolio management and all of the new cloud management stuff is close on its way and we are just starting our journey there. So we are in a tidal wave where the tsunami is going to come and hit us if we're not prepared. I think there's almost if you will a double negative there so I'd prompt you to respond a bit further to Rob's last slide, the balloon on it because I think that goes some way to addressing Rowan's question. I know Rob very well, he's offered around in show as well and his last slide really caught my attention. If you don't remember it, it had the herd of hippopotamus with it and the balloon and there is a greater danger of us not changing the way we manage IT and becoming a dinosaur and eventually becoming extinct than actually saying let me show you and let me lead the way. It's far less risky to stick your head over the parapet and say let's change because there's greater danger from leaving it behind. I tend to also try to ask the opposite question what's the alternative? I'm okay with you not doing IT for IT but tell me what you're going to do instead and nobody can come up with an answer except while we're going to reinvent the wheel. Okay, fine with you. But the why question was raised a delta light and it was not an easy task to convince people because there was a budget needed to implement this journey. So what was initially done is said okay, let's at least look at a sort of IT for IT blueprint and look at how you organize today and then look at all the changes that were coming like new cloud infrastructure more and more changes, more vendors more security risks and agile and DevOps teams so suddenly there were about 10 different projects identified where people were working on and there was no glue between them and they were all already ongoing in some way. That was a DevOps pilot and agile pilot monitoring needs to be improved application portfolio management business chain monitoring all those things were there and then the why said okay we need to streamline that so we knew service management tool needed and it's not about tools but also they want to reorganize the IT organization with DevOps teams so they were basically stuck in an old way of thinking okay improve there, improve there, improve there and then we said okay if you need to improve on a roadmap and select the items you do first then people say well we need a business case so there was a business case still needed to build and that's still challenging and the business case was here built on automation of the new cloud infrastructure. That was the advantage because they want to move the legacy applications to the more cloud platforms and that was basically not really a green field but that was the enabler to say if you do that now you need to do it from the start correctly and then you got your budget because you didn't have budget for IT for IT but you had budget to move to the cloud and part of that budget to move to the cloud is used for implementing IT for IT and a lot of IT organizations are in that mode that they move to the cloud and that costs a lot of money to invest and then you say well if you move to the cloud it costs that money millions of investment and you deserve 10% of that migration to IT for IT still a lot of selling to do but that's what you see happening a lot The danger of not intervening when you see all of those things going on is they will do exactly what I said in my presentation each of those eight initiatives will go out and buy new tools and it's the worst thing in the world if you're trying to get to an integrated IT for IT so you better be on the front foot and you better go out there and catch them early even further behind and we're seeing a lot of our clients that IT is trying to get ahead of the curve a little bit because they can see what's happening and the increased demands and expectations short turn around times in order to really support the agility of the enterprise although we need to be careful about getting caught up in proxy variables about agile what does that mean as it relates to increasing profitability, reducing cost that kind of stuff but for example I look at architecture in particular needs to promote and encourage agility I mean if you do architecture and you're not agile I think that's an impedance mismatch I mean your brain should explode because that is the whole reason of doing architecture is to respond to change and not being prepared for the velocity of change and the multi sourcing approaches on the pipe I think a lot of IT executives are looking for to get ahead of the curve and then there's this very basic simplification opportunities I'm sure you guys have it really very dramatic circumstances to deal with in the scope of your organization but like when we've been working at a couple of companies in the US one has 13 service request systems so when you want to put in a ticket there's 13 systems you might put it in and there are 13 teams that are supporting that some of them are custom applications they're not package implementations commercial things and so there's a huge opportunity to get IT to be more lean and mean and optimized and obviously my perspective is trying to take an enterprise architecture lens towards trying to bring those things to a reality we also see a number of cases on the line with what you're saying it's a multi supplier situation so it might be amplified by cloud and unfortunately some people have a naive belief that if you put it in the cloud then it's all done but still the management still needs to be there they're realizing that and then because of the promise of things being quicker in the cloud they realize well if I don't have a more systematic approach of then doing the management side I'm part of my language screwed I called in at the very last end of that and say ok well I just happen to have this thing right and I can bring it out and go oh wow please when can we have the next meeting and it actually becomes a pretty easy sell around using IT for IT it doesn't become a question yeah we just need to do it there's nothing else OK so I was going to pose your question so I've had some involvement in this over the years which has always made me aware of a kind of what I've written about as a strategic vacuum so you've got a very strong vision from the CIO or somebody in Mary's office at the top you've got really full understanding of what it takes to architect a solution from folks like Chris and Rob particularly is there something in that middle space that we need to do with operational managers to raise their awareness of the capabilities that the new standard offers and shall we refer to that layer as permafrost there's a whole load of vision that comes out of the top and it goes down one layer with the CIO and we'll go yeah this is great and somewhere low in the organisation if you tell them about it they go thank god finally they've seen the light but in the middle they're just resistant to the change they don't see it and actually that is the layer to get because that's the layer that's actually going to make the difference and it's communication it's engagement you said some of these people are going to be effective if we're successful in this if we manage IT better we potentially don't need as many IT people and we have a lovely English expression that says if you can't change the people change the people and they can see that second change that's what people are coming so we're actually in a really kind of difficult position but actually to that point I've seen that it helps a little bit when I meet the permafrost I love that expression layer I won't address them that way but when I meet with these people if I go out and say IT for IT is not about organisation or process re-engineering it's about figuring out what tools and systems you need to put in place which is the normative part of it then they sort of say okay I can relax a bit because they're not about optimising my people or myself it's just about solving my problems and I have problems with all the tools not being alright so then we get in the door then we can have the discussion then maybe at a later state something else will happen with that layer but then it's too late for them to object to it but going in with that the message around it's tooling that we're really talking about that helps a little bit in getting in the door okay which leads me to another question and observation and forgive me for stealing the energy from the floor to what extent do you think that the certification of tools product services and so forth will add velocity to that change process so I think in your presentation large you said that will come second after the defrosting of the permafrost layer through people's certification I mean it makes it much easier to adapt IT for IT once we get to that layer obviously when the think you worse of adapters and I like that drawing I do have a 3D printer by the way and I knew about these kind of things I am trying to combine Lego with Knicks but it seems to be harder in IT and so once we have that certification that is easier than to do it but it's not the problem we have with IT for IT right now it's more the recognition that you need to use that method yeah I think it's still the vacuum in between I mean it's the tooling maturity and integration a lot of effort to configure and tune your applications to manage the end to end workflow it's a lot of work but I think it's indeed the middle layer that IT for IT reference architecture it doesn't directly I mean apply to they will read the document and say oh there's architectural stuff and it's not the CIO level you don't need it in the middle they need to have that high level value change picture as well and they don't need all the details but they need to adopt that model so we need also a sort of deliverable not called reference architecture but something IT for IT business for IT architecture but it's something that applies to them because a lot of organizations that like to not use an architectural point of view they like to be pragmatic and they see architecture as a sort of oh yeah there's nice big diagrams complexity what does it bring value so we need to have solve that gap at the same time so we need to get away from that ad hocory that Mary was talking about where you'll assign a new role to somebody so the next question is is in that layer are there entirely new roles and skill sets that we need to train too so this is where you guys will give me the assignment for the development of that curriculum I think so you mentioned one of the roles I see is let's say take each value stream as an example there will be a sort of lead for each value stream so what that person needs to do it needs to be a specialist in kind of way to understand all the practices that you need a strategy to portfolio it's not a techie, it's not an architect it's a person that understands what do we need for capabilities to run this typically on the IT management side still IT but less from the tools but a combination of everything data process and we've seen the same sort of thing with taking an EA approach towards running your business a capability owner someone who's responsible for that part of the value stream and then of course there's got to be a capability architect because by God we need one more architect it's not easy to find those it's very difficult to find those persons exactly and I'm hoping that the application program will be a step in the direction of at least informing people what's the language that we use to describe the things that we do and the way we describe the IT landscape and I think it will help remove one layer of what is the value stream what are the capabilities so that people can focus on how to make them work within their organizations because we have, I'm curious if the people on the panel in the audience have a number of clients that have departments or units within IT called IT for IT that has nothing to do with this they just thought it was a cool acronym and it's hey we're going to be running IT like we're trying to run IT and I don't know if the open group is going to chase after those guys for a trademark infringement which I don't think is the idea but just to help inform people we've been doing IT stuff for almost a half a century now, not that there are still opportunities for improvement and a broader view but the value stream, the logical components, the data stuff is pretty well understood and I think this is a specification that makes that much more clear and obvious so that we can start having the more value add discussion which is what are we going to do as opposed to what is it and that's what it is these people need to be out there and they need to stop fiddling with tools I am an IT for IT department and I do do this and it's my job to make sure that Shell has the proper IT for IT integrated toolset to do its job. What I need that layer to be doing, what you say, what you need to train them on I need them to understand what outcomes they're trying to do and it's their job to improve the performance of Shell, not improve the performance of IT for IT this is where I think the four presentations were so rich because Rob came in with a new role that I'd never heard before but realised I'd seen before so you talked about a service portfolio manager and I think that's a defrosting of part of that permafrost and I think it's what people like Sue and others that I've worked with over the years called relationship managers those are the guys that were interfacing between the business units and the internal IT shop and those are the sorts of skill sets that we need to look at through the people's certification in order to enable those transitions of both people and process so I get it but with help we can take that out into the wider world but I think I'm scanning the floor now because I need to invite questions we have one from Mark Smalley I think Thank you I raised my hand to ask a question before the permafrost discussion but before that I had a very productive discussion with Etienne here front left from HP we came up with the the notion of the role for Eucharist the role of the IT information manager I think there's going to be a need for an IT information manager so that's something to think about the question that I had partially addressed in the beginning when you talked about skills and when resistance was touched on I'd like to develop it a little bit further by moving it on into attitudes and cultural issues that you've come across and in particular the kind of interventions that you've found either successful or not successful last mentioned one talk about tools divert the any other thoughts on this so I can just give another angle into that is that very often when we go into the room sort of setting up an IT for IT workshop typically because there is very often an operational issue so it's indeed to see area it kind of starts that's where we have most of the engagement that just goes head on and we get these tribes of people coming in and it's very clear that they're coming in and really hating each other not maybe personally but at least from a fighting for the budget et cetera and so as we then explain first of all as we start with the tooling we're not talking about their departments but they realise certainly what is the value of what the other guys are doing that are responsible for some of the other tools and I'm always tempted to say flapper gas that are really surprised that they weren't aware of the importance of these other guys after these meetings we see some of these tribal things being broken down because they suddenly say well actually I do think you should have the budget so that you can do that because that's the reason why I'm not successful because this seem to be or this change process is not working that's why my network designs are never being implemented correct and so that to me explains that problem in the industry that people don't actually understand things end to end and now we have a message of explaining that fairly simple with all respect to the classical enterprise architect it ends up with very complicated diagrams and so unless you are willing to invest a lot of time you don't really understand that picture but now I can do it in a single slide I can get people to really understand into it and that helps a lot in breaking down these barriers I agree one of the things that's also important during the implementation of these kind of programs is that you measure and you ask people it's a tool that DeltaLog uses as a pulse it's a kind of measurement do the teams still believe in this because everybody understood the vision and said that's what we want and it was to implement this but once you go to some issues and you always find some blockers on the way and you measure do people believe in it, do they still support this vision and idea and if you measure that with each of the teams you can really score and see here we see that they don't believe in the tool aspect but not in the roles or the skills so you need to measure that throughout your project and in the different teams because they don't tell immediately that they don't believe in it they only will execute but they don't really 100% support it maybe after a few months so you need to measure that and have a sense and then steer on that Can I go back to my first comment people are a problem but there's traditional ways of how you do change management and the biggest problem with people is everybody responds to change differently and everybody responds to a different way of actually influencing them and so you actually have to find the right influencing style for the occasion and the audience and there isn't a single answer there's not a silver bullet and you can go by and you can read all the traditional stuff and you can try tell doesn't work very well in corporations these days so you kind of have to get something that appeals to your audience so some people go for very rational arguments and you really need to build your business case some people are much more emotionally driven so you can actually say to them God doesn't it awful when this happens and you can do it that way but you just have to go through all of the traditional ways of doing it but I really like what you described is a traditional lean exercise looking at the value stream and getting people in a room drawing up what they do and finding out where all the disconnects are and suddenly you've got a whole group of people in there that go oh I know what the problem is and then they're all bought into solving the same problem Wonderful so they begin to see that vacuum Pick a picture which they didn't have before Absolutely and they see the responsibilities it created Great question, thank you Mark There's a hand at the back there if somebody could thanks Martin Thank you very much If I could just paint a silly situation for you then maybe you could comment on whether you believe that IT for IT will help clear up the silly situation but I work for Cryptzone and we make access solutions which are fairly general purpose things they get used in all sorts of ways and we've worked with some quite large corporates and we can put a solution in that solves a specific problem that was identified on the back of a project and then we have a platform in there which now can provision access but when they have another project coming along somebody has a separate budget and they on the whole will go and look at a different access solution and we get excuses like I don't want those guys messing around with my system or I've got a budget and I'm going to spend my budget and we've got a platform in place that could do it already and even worse than that and I know that licensing has been mentioned already we have situations in the past where I would know for instance that maybe 100 licences in Australia have just been freed off and I'm a relatively nice person so I might say to a guy in the UK you know there's 100 licences available in Australia and he says now it's too difficult to get them pulled across I'll just buy 100 more and I'm wondering whether what we're talking about today is actually going to solve some of those sort of issues that we see from the vendor point of view I'd be happy to give the first the go on it obviously being one of the core inventors of IT for IT I would say yes absolutely that will help you but but not right now we need more work and what I'm getting at is some of the things you're describing here is asset management and that's actually a work stream we're just kicking off tomorrow what it was kicked off three months ago but we will really start speeding it up now but the bigger thing around understanding so maybe not with access control but the similar problems are saying well in HP we had probably somewhere around 25 different time tracking systems right and we've now rationalised that down to three I think that's still too many but it's much better and the reason why we could do that is that somebody actually made the inventory somebody actually figured out which time tracking system was better than the other one and how it came about and then you could do that portfolio rationalisation so that's maybe the TO or two to you on what's the result of S2P and what you're doing there that's exactly trying to solve some of those problems so I think it's actually absolutely right and you say it's a stupid situation it is you sad stand up it sounds like a stupid situation it's the reality of many big corporates it is genuine reality and I could take your story even further and say not only are you going to do that and buy another solution actually you don't ever get the value out of any of those solutions because nobody's actually defined who should have access to what and the access policies are so actually we go even further we buy tools and we don't even use them to their full extent that they could help us and you're absolutely right portfolio management is where that should help us we will do portfolio management on the IT for IT portfolio as well as on all the other portfolios and we'll do exactly that and Kara will attest we do that all the time on our portfolio and the more we look beyond our own barriers and we go out and we look in our lines of business we find more and more of these solutions and I can tell you the oil price being low is really helpful in this circumstance and actually there is another angle to it that's the plan build run being replaced by plan build consume run ideally once the first or at least when the third version of the access control has been implemented it's actually going to be put into a service catalogue so that the general rule will be if you need when you're doing something somewhere and you need access control you go into the catalogue and order it from there and it has already been improved and it's ready to go and if you're not consuming the licence any longer it automatically goes back into the licence pool and being managed by the consumption part that is very alien to most IT organisation that's not how they're run today but if you implement that you can get much more agility around that but the example of access management I think is valid for also for monitoring you have typically the same as long as it becomes technology facing people say I need different monitoring tools different deployment tools different access management tools but maybe it comes back to know what you already have so they see that maybe it's available already somewhere and the other is who is accountable within the entire organisation for access management apparently that's very difficult to have one or at least a team because then maybe access on desktop software differently managed then or for servers or business applications but that's what is IT for IT trying to solve as well in this case requirement to fulfil if there is access management as part of that then make somebody responsible that oversees this development and can say well actually we don't need another tool we would like to improve the access management capabilities we already have integrating it because typically if you have many different access management tools you still don't have the understanding of what is a user perspective if a user logs into a portal what access rights does he have if that is spread around in 10 different access management and request management tools but it comes back to who owns that capability and we see a lot of organisations that it's very product centric so someone owns the windows database platform someone owns the dv2 database platform or linux versus this but as Togaf would talk about really trying to elevate the value proposition from the solution building block level to the architecture building block level which is Togaf's way in some ways of talking about what's the capability what are the requirements and having that single point of entry others had talked about trying to internalise demand management portfolio management into the IT role is an obvious thing but very difficult to implement it's been our experience that when you asked an app owner in IT can you add this new requirement to your asset no one ever says no no one ever says let me check with my buddies who might do the same thing and they immediately take the budget and go with it without that rationalisation across the portfolio so of course the answer is enterprise architecture there is another thing that is important and we are working a lot on that in IT for IT but it's not super well articulated yet in the release standard and that's around the shift from products and applications to services and thinking about access service not as a product that is implemented and that shift is actually more fundamental than most people will believe and so we have a white paper on it and there is some material on it we want to walk with more but I hate it when people talk about application, portfolio, optimisation no it should be service portfolio, optimisation just happened that some of the services are implemented by applications and that pulls you together because suddenly you'll have a service owner not multiple application exactly and another challenge is if you do IT for IT that you would like to deliver that as a service to the IT community the developers and testers but then you need to have a good service because there are shared services in any organisation like shared integration service or we have a shared service for reporting and typically people tend to say well it's not dynamic it's expensive we can do it cheaper own way and that's a key thing but if you over design that central service it needs to be simple easy to use because if you over engineer it like an integration bus that you use for other purposes or a reporting service it probably will fail because it becomes expensive and people tend to say well we're not adopting the standard service we're going to do it ourselves because it's faster but that also leads to the other thing that we're talking about IT needs to change into becoming a service provider it's part of running IT as a business so if you cannot put in your service catalogue things that the lines of business IT will consume that's because you're not doing an appropriate job the reason why they go to Amazon is because your own private cloud is not good enough and so on and so forth and so suddenly you have a different kind of measurement not whether you deliver on budget on time but actually whether you deliver on satisfaction and whether you get consumers in the lines of business that's a major shift for a lot of IT organisations indeed so I think you've heard a multidimensional yes in response to that so we have just a few more minutes folks so we have time for one more question which I see Martin is ready to share with us and then I'll just pull the panel to a close so in the new world of digital business and IoT how will you position IT for IT so in the new world of the internet of things and digital ok and big data how will we position IT for IT see simple even more important you can well big data and IoT is two different things well they're interlinked and we can go out drawing wind diagrams around the intersections but internet of things for instance is also around the technology for production plants et cetera that goes in large IT and this convergence of everything technology wise into something that has to do with IT just implies that IT has more roles to play and so it becomes more important that we have a streamlined way of managing and optimizing and delivering those kind of capabilities but there will be with IoT just like there was with any other evolution of IT a degree of chaos to begin with where there are shadow IT and people doing special projects and not being under the umbrella of the IT budgets and eventually it will be brought back in and be controlled that's the nature of innovation I guess for me like big data or cloud or mobile or internet of things there are new technologies that the business would like to have potentially even asking for it but IT for IT then includes dimension is there to make it a success so big data is often sold as a technology by big data vendors and then IT for IT needs to think about how are we going to manage it to make it really a value for the business and implement this not just that it's running there but does it bring the value as the requirements business would like to have it so it brings the dimension more about how do we manage big data as a solution to the business and make it a success and basically relevant for any other technology or new technology think about management as well and we've been seeing organisations wanting to think of data as a service analytics as a service so just one more thing to put it into the service portfolio there is one thing coming up that security in those two areas that is more important than ever and you could say what we currently have in terms of security or governance risk and compliance if you will that sort of intersect with security is not very well articulated yet in IT for IT so there is more work to be done there so just taking IT for IT and say it solves all your problem no that's not true at least not version 2 version 9 maybe ish it's been a memorable day we've launched the standard it is concrete but it needs help to grow and evolve and respond to all these challenges and please join me in thanking our four panellists for a wonderful discussion