The latest Hackett Group study suggests companies are not agile enough or, in their words, have failed the agility test. Hackett sees the agility problem when companies are unable to reduce key expenditure categories during the recession as fast as their revenues are plummeting.

As Hackett puts it in their latest report, “Typical Global 1000 companies (with $26 billion in annual revenue) are losing out on up to $1 billion in annual cost savings as a result of this lack of agility.”

Even if you’re not a multibillion-dollar company, you stand to benefit from increased agility. If companies are to reduce costs as fast as revenue falls, they will need to adopt some of wiredFINANCE’s six technologies that bolster agility. more

The usual way managers assess the value of an IT initiative is through ROI. It has become the standard metric for picking one IT project over another or for determining the success of an IT effort. ROI has become so pervasive in determining IT value that I have put my daughters through college, in large part, by doing ROI analyses for technology vendors; see my Ultimate ROI Guide.

ROI certainly works for stand-alone IT projects. The approach, however, does not work particularly well for long-duration, ongoing IT efforts that may serve multiple uses and span decades, suggests Miko Matsumura, chief strategist at Software AG.

Matsumura calls his preferred approach “return on assets” (ROA). This is not exactly your accountant’s ROA. It is more like a determination, partly metaphorical, of determining the lifetime value delivered by an IT investment. more

Complying with federal data privacy mandates, particularly the Gramm-Leach-Bliley Act, with its financial privacy protection, safeguards rule, and pretexting (social engineering) protection, is hard enough. But ever since passage earlier in this decade of California SB 1386, which mandates the disclosure of data breaches and notification to individuals whose data has been potentially compromised, the pressure has only intensified. Almost two dozen states have adopted similar laws.

Beginning on Jan 1, 2010, expect the pressure to ratchet up. On that date, the latest Massachusetts data privacy protection regulation, MA 201CMR 17 takes effect. This regulation, inspired by the massive data privacy breach that occurred at TJX, a major Massachusetts retailer, is regarded as the strictest of all.

Almost every business keeps the combination of data that falls under the new Massachusetts regulation. This will apply to almost every organization that transacts business with Massachusetts residents or employs them. more

IT infrastructure virtualization is hot. Companies large and small are racing to virtualize their servers, storage, desktops, and networks in an effort to simplify and consolidate, mainly for the purpose of saving money.

At one level, virtualization appears to simplify the IT infrastructure by masking the complexity IT deployment. However, as organizations expand their virtualization efforts, these environments pose significant management risks. As a result, “organizations with the most mature and complex virtualization implementations (more than 50 virtual machines in operation) are demanding more sophisticated tools to help manage these environments,” reports leading researcher International Data Corp. (IDC), Framingham, MA, in a study titled Virtual Infrastructure Management Priorities.

With various compliance mandates requiring managers to sign off on how their data is being created, used, processed, stored, managed, and protected, the lack of effective virtualization management itself presents a substantial risk. more

How often have you demanded, “Just give me a number.” You had a spreadsheet and needed to plug in one number. So you ask someone who should have it, but instead of a number you start getting a whole song-and-dance: If this happens, then it’s this number; if that happens, it might be a different number, etc. etc. All you wanted was a lousy number!

This is a well-documented tendency (see Why Can’t You Just Give Me the Number?: An Executive’s Guide to Using Probabilistic Thinking to Manage Risk and to Make Better Decisions by Patrick Leach, Probabilistic Publishing, 2006). The number you get will most likely be an average concocted from a range of values.

“Plans based on average assumptions are wrong on average,” declares Sam Savage, in The Flaw of Averages (John Wiley & Sons. Inc., 2009). Think of a drunk walking down a busy road wandering from side to side. Mathematically, the drunk’s average position is smack in the middle of the road where he might be safe, but, as Savage explains, “the average state of the drunk is dead,” not unlike spreadsheets based on flawed data. more