Thought Leaders Gene Batchelder, Senior Vice President, Services and CIO, ConocoPhillipsQ: What do other C-level executives need to understand better about IT? A: " They should understand it's no longer about IT. It's about the business. It's about the enterprise. IT can be a very powerful enabler and partner, but the drivers should be the business. Foundational IT services -- cost effective, accessible, reliable, predictable service levels -- are required to even be in the game. The real opportunity for the CXO is to use IT to help drive business value -- access to customers, knowledge sharing, cycle-time reduction, business intelligence, employee and manager self service. We spend too much time identifying the next 10 or 15 percent cost reduction, when the real opportunity is to better leverage investments and resources already in our IT organizations. The next big opportunity for IT is exploitation of investments we've made the last 10 years. It will be significant with great returns. "  Hossein Eslambolchi, CIO, AT&TQ: What do other C-level executives need to understand better about IT? A: " There are a couple of key items that make IT core to the business. Any business is centered around process excellence and often some key intellectual property, and probably less so on its assets. AT&T is no exception -- the key flow-through provisioning and maintenance processes for customer service and network care are the heart and soul of AT&T, and not which IP or VoIP technologies it uses in any given time period. Systems and IT play a key role. In a nutshell, as business process automation takes further hold in telecom, one can say that process equals systems.
 Andres Gutierrez, CIO, Family Health Centers of San DiegoQ: Are changes made for regulatory reasons improving or hampering your IT A: " It makes no difference to our strategy. We have to ensure we have audits and controls in place to make sure we are in compliance. The health industry is heavily regulated, so it has to be a component of your everyday strategy. We are one of the rare community clinics that is [Joint Commission on Healthcare Organizations] certified.
 Philip Freeborn, CIO, UBS Investment BankQ: What criteria do you apply to evaluating outsource partners? A: " We evaluate partners against a very substantial set of criteria. A few examples are the ability to provide the quality of staff we require, the capacity to scale services as needed, and delivering value for money. Other factors include meeting stringent security standards and a track record for delivering high quality services, preferably in an investment banking environment.
 Walter Fahey, Vice President and CIO, Maimonides Medical CenterQ: Have e-prescriptions changed your organization's IT? A: " All of our prescriptions are computer-based. The piece we're not doing yet is going out to "Rx hubs" that actually push the prescriptions. The link-ups are just being created. Most of this is new technology, and we have to wait for our providers of the application to create the link. Our entire catalog of pharmaceuticals is there and the doctors order directly out of the formulary by selecting what meds they want electronically. We've done a lot of work to identify "sound-alikes" and patient validation for safety reasons. It was a lot of work internally to actually identify and set up all the patient safety rules for prescribing electronically, for doing the order entry piece of it. "  Steve Cooper, Senior Vice President and CIO, The American Red CrossQ: How do you deploy wireless technology in your organization? A: " In disaster scenarios, we use wireless technology extensively. Satellite receiver equipment can be deployed anywhere our teams go. That enables us to establish a communications link back to a more permanent station and we can maintain contact with our people.
 Glenn Galloway, CIO, Children's Hospitals and Clinics of MinnesotaQ: Which will play a bigger role in your IT strategy this year, HIPAA or Sarbanes-Oxley? A: " Concerning HIPAA vs. Sarbanes-Oxley: At the moment, it is still safe to say that HIPAA is more of a priority, although Sarbanes-Oxley is moving up the scale. With HIPAA guidelines now a couple of years old, some things HIPAA-wise are now ingrained into the organization, and most new initiatives now are HIPAA compliant already, rather than trying to bring initiatives up to compliance. "  Joshua S. Levine, chief technology and operations officer, E*Trade FinancialQ: What quality or ability is most important to you when choosing an outsource partner? A: " In choosing IT outsourcing partners, E*Trade Financial focuses on firm size, processes and security. We look for partners that are neither too large where we would be lost in their client list, nor too small where they couldn't scale as our requirements grew. We also want to be sure that their processes for undertaking and completing projects are mature and in practice. Outsourcing is about efficiency, and it doesn't make sense to partner with a firm where substantial training is required. Above all, we are vigilant about protecting our customers' data. Our partners must be equally vigilant, with strong physical and information security practices. "  Kent Seinfeld, CIO, Commerce BankQ: What is your biggest IT challenge right now? A: " Commerce is a fairly young institution, founded in 1973. We're a $32 billion dollar bank and we're growing rapidly, more than 30% a year. Our IT budget grows much faster every year than your typical IT budget: we've experienced IT budget growth of 30% to 35% year over year. That presents challenges to support, but they are the right kind of challenges. While the nucleus of what we do is a retail bank focus, we're becoming more of a middle market bank. We require more systems and functionality to support that. As you become a bigger bank, you are dealing with larger customers with more complex requirements. We have very strong technical services and support groups. All of our IT operations from the growth standpoint ... are virtually second nature now. We live and breathe it. "  Marc West, Senior Vice President and CIO, H&R BlockQ: How do you measure the success of an IT strategy? A: " Critical to measuring any IT Strategy is first and foremost identifying and understanding how the business or end consumer of the goods or services measures the value created. Think of this as more like 'how do they value this?' versus the normal IT measures of on-time, on budget and 99.9%.
 David Nicholl, CIO and CTO, Government of Ontario, CanadaQ: Ontario is considered a leader in e-government. Can you give some examples of why? A: " Seventy percent of our services are now available at ServiceOntario. Address changes for multiple government programs from a single interface, birth, death and marriage certificate applications, and vehicle registration renewal are all available online, with more services planned.
_sm.jpg) Dan Lane, CTO, Merchant LinkQ: Payment Card Industry (PCI) Standards were changed on Oct. 1, 2008. As a credit card payment gateway, what adjustments did Merchant Link make to adapt to the new standards? A: " We've approached security as something we need to do to protect our customers and our business first -- and then make sure we stay compliant with PCI and industry standards. In many areas, we practice what we preach to our customers by exceeding PCI compliance so we won't have to implement significant changes to meet revised standards. Specifically, we move data off and away from servers, educate our clients and employees about credit card security, encourage them to create a crisis plan, and make sure their vendors are equally compliant.
 Lior Blik, CIO, Hoboken University Medical CenterQ: At Hoboken University Medical Center, the CIO is hired as a consultant. How does being a consultant affect your relationship with other C-level executives and department heads at the hospital? A: " As a consultant CIO, I can draw on outside resources and offer my knowledge of business processes from other verticals. I can deliver results that fulfill the financial aspects of C-level executives' needs.
 Dave Wagner, CIO and Senior Vice President, ON SemiconductorQ: Earlier this year, your company completed its merger of AMIS Holdings Inc. How does that affect the IT department? How do you bring together disparate technologies? A: " We're merging two different ERP systems, AMIS's SAP system into ON Semiconductor's Oracle instance. There are differences in business process practices, but where the rubber really hits the road is where data is different. You run into terminology issues, and issues around different levels of data quality and validity checking.  Ken Silva, CTO, VeriSign Inc.Q: How have factors like VoIP, Internet video, SaaS and mobile computing affected the amount of data that must travel over the Internet? Is data growth threatening to affect user experience? A: " Data transaction rates are skyrocketing and show no signs of decelerating. In 2000, the ".com" and ".net" systems -- which VeriSign operates -- received 1 billion daily requests for information; today they receive more than 48 billion requests. Internet video and VoIP are among the key drivers for this increase. YouTube's traffic today is equivalent to that of the entire Internet in 2000. VoIP subscriptions are expected to rise from 16 million in 2005 to 55 million in 2009.  Nick Coussoule, CIO, BlueCross BlueShield of TennesseeQ: You came from outside BlueCross BlueShield of Tennessee to step into the CIO role. What are the biggest challenges of taking over IT leadership when you didn't come up through the ranks? A: " Coming from outside the organization means having to prove you are not only knowledgeable about the technology component of your job, but that you understand the business. This means getting in front of business and operational leadership, asking questions and learning as much as you can about key business issues.  John Charleson, CIO and Director, Supply Chain Management and Information Technology, Longo Brothers Fruit Market Inc.Q: How much difference can inventory management make to a retail chain's bottom line? A: " Understanding the bottom-line impact of inventory management applications requires understanding the solution's effects on several P&L items.  Claudio Caballero, CIO, WorkshopLive Web siteQ: What are the challenges for a dot-com transitioning to Web 2.0? A: " As with anything in IT, there are both business and technical challenges. .jpg) Joseph Geretz, CIO, SRSsoftQ: What are some of the unique challenges to managing IT within the healthcare industry? A: " One particular challenge for managing IT within the healthcare industry involves coordination between disparate information processing systems. Doctors are among the most demanding audience of users, insisting on instant access to information which is scattered throughout separate software applications. A solution to this is a hybrid electronic medical record system that is engineered with open path technology providing for maximum extensibility and interoperability. It allows users to directly access external applications and data through one system. "  Peter Walton, Vice President and CIO, Amerada HessQ: What do you think of Broadband over Power Lines (BPL)? A: " We consider ourselves a conservative 'fast follower' of technology, unless there is a possible competitive advantage for us to adopt something early. If we perceive such an advantage with BPL, Amerada Hess would need to be convinced that it is reliable, secure, cost effective and environmentally friendly, and then there would need to be a business case for either switching to BPL or for using it in a new startup location. Additionally, we wonder why a power company would invest in building out their infrastructure when the market is already crowded with DSL, cable and the promise of Wimax to come? Most of our locations are in areas with an overabundance of broadband capability today providing last mile connectivity. I suspect this will likely die in the Gartner 'trough of disillusionment' or sooner on the hype cycle curve. "  Ross Philo, CIO, U.S. Postal ServiceQ: The Postal Service has made many product and service advancements that include sophisticated online mailing tools for businesses and automated postal centers. What is the biggest IT challenge to maintaining that online infrastructure? A: " The biggest challenges to maintaining the U.S. Postal Service's online infrastructure is its size and the ever-increasing number of visitors who go to the USPS Web site to access its many products and services. These are challenges we are more than happy to have. The Postal Service has had an online presence since 1994. Since 1998, we have launched a number of applications to better serve our customers in an electronic environment, and as a result, the USPS Web site has grown between 18% and 22% annually. The IT group manages the increased demand on our infrastructure by analyzing growth-rate trends, infrastructure changes and planned events such as ad campaigns and so on. The analysis provides us with the information we need to adjust capacity on a continuous basis and make necessary changes to avoid disruption of service. We have utilized the trend analysis process since 2003 to estimate our growth each year, and we have met the peak demand of our customers. Maintaining performance and staying ahead of demand are key to our online presence. "  Jack Nelson, Senior Vice President and CIO of Mount Sinai Medical CenterQ: What is the most interesting project you're currently working on? A: " The implementation of McKesson's Horizon Surgical Manager system is he most interesting project we are working on this year. It will provide tangible benefits to a wide range of our constituents and improve the efficiency of many operational areas. Surgeons will benefit from the streamlined surgical scheduling process including the ability to view future schedules and request operating room time via the Internet. The availability of real-time patient tracking information will enhance communication between the operating room staff and the surgeons and will allow patient's families to be continuously updated as to where their loved ones are in the surgical process.
Eric Goldfarb, CIO, BearingPointQ: Hiring and retaining skilled professionals remains a challenge for CIOs. How are you meeting that challenge? A: " I would agree that hiring and retaining is one of several burning issues facing CIOs today. In order to meet that challenge, we invest in our people. We also create a very collaborative organization, meaning we encourage people to mentor and learn from each other. We try to make our company an employer of choice, so we value diversity. Ultimately, at the end of the day, we try to create an environment within the IT organization where an employee can't think of a better place to work. In order to do that, you need to focus on training and development, compensation, benefits and the whole work-life balance. We do a class for employees at Yale: a one-week session that we provide for people to help them improve management skills and leadership skills. I do send people on my team to it, and it's a big deal. You want to make sure you are competitive with the marketplace. You want to create career paths and reward your best employees. "  Will Weider, CIO, Ministry Health Care and Affinity Health SystemQ: What are the main reasons IT projects fail? A: " Unfortunately, I have had many opportunities to collect this data. It is a frequent topic on my blog. Reasons include incomplete technical analysis, poor vendor performance, bad process re-design and lack of a capable business champion. But the primary reason for project failure is poor planning. Every project should have a detailed plan that identifies the tasks, task relationships and the resources required. Whenever someone comes to me with a high-level plan in a spreadsheet, I know the length of the project will double when a real plan is completed. A poor understanding of the project's expected benefits is another form of poor planning. I believe projects that don't clearly define business benefits are failures before they start. "  Larry Moran, Executive Vice President - Chief Information Officer, CommonHealthQ: What are some of the unique challenges to managing IT within an ad agency? A: " The unique thing about advertising agency technology is that sometimes it enables the work, while at other times it is the work. We need to balance delivery of core technology services to our traditional agencies with support for our digital agency that does Web development and digital video production. Along the way, we are also a service department within a service business. We need to ensure that our business users have the tools they need to make their clients happy and that CommonHealth has the tools it needs to stay profitable and efficient while they do it. If we do our job properly, we can influence how our agency delivers work today, and what form the work will take in the future. "  Craig Bickel, CIO, Lawson SoftwareQ: What is the biggest challenge to overseeing the IT issues for a global organization? A: " Perhaps the key IT challenge in a global organization is managing the tension between running the business while providing the foundation for new business models. As companies globalize functions and processes, moving to shared services environments and standardizing processes and service delivery globally, the IT function must provide common, integrated services to support the organization. While this transformation is happening, the IT organization also has to support legacy environments and operations, which can consume more than half of available resources. This often feels like changing the wings of a fully-loaded cargo plane in midflight. Success hinges on management commitment and involvement, flexible staffing and funding models, and a committed and motivated organization. Difficult? Yes. But it must be met if global companies are going to realize the benefits of scale and scope that their size should provide. "  Bob Green, CIO and CPA.CITP, insync Information Management, LLCQ: Is regulatory compliance still a major issue for CIOs? A: " It's absolutely a disaster right now. Companies are trying to deal with records management in order to get the information in the hands of people who need it most and also remain in compliance with things required by law. There are other regulatory pressures beyond Sarbanes-Oxley and HIPAA. Email security and archival destruction procedures as well as the Federal Rules of Civil Procedure, which calls for availability of information for a litigation matter, are also a factor. It's all-encompassing. The concept of information and records management gets more pervasive every day with the use of email and Blackberrys. That's really hard to do. Information management isn't just about the CIO job. It's a bigger issue than IT. It's what is important to Finance and to the executive branch as well and should involve both the CFO and the CEO. It is their fiduciary responsibility to protect their assets. "  Tim Toews, CIO, Office DepotQ: What challenges do CIOs at global organizations face this year? A: " CIOs at large, global companies like Office Depot will be facing a number of challenges over the next few years. But with those challenges come a number of opportunities for positive change and growth. The top challenges that I see CIOs having to conquer are alignment to business and speed to market with IT solutions; delivering IT solutions at an appropriate cost and that we consistently meet our expected ROI; understanding the importance of security and of course compliance; motivating associates and offering them opportunities to develop their skill sets and work with new and innovative software; globalization; complexity of systems; and stability, where IT needs to be dependable and deliver stable and available platforms. "  Greg Buoncontri, CIO, Pitney BowesQ: How do you manage IT priorities in a weak economy? A: " It's about alignment and governance and setting priorities. For the most part, IT organizations have been efficient with their spending, but deciding which investments should get precedence over others and how you govern and stay aligned with your business partners can be a challenge. There's always more demand for IT services than there is man power or financial capacity to fulfill it. That's the reality of the IT industry, whether you are in flush times or lean times. We try to balance the company's priorities. You are constantly juggling. All the constituencies can't be served. There's internal governance which consists of trying to get business cases built for IT investments. Your workforce isn't fungible. If your priority has been sales force automation systems for three years, and the next two years the priority is the supply chain, it's not easy to shift the resources into that other discipline. The skills may be different; the technology is different. It's hard to deal with these very steep, cyclical changes. You wind up training, hiring and looking to third party providers to assist you. There has to be a good governance mechanism, and you need to communicate to key stakeholders outside of IT so they understand the way decisions have been made and the way priorities have been set. If priorities are well understood by the company, they get it. If you don't have alignment in the organization around priorities, there are going to be groups who feel they are not being supported which leads to dysfunctional behavior and IT becomes a block. "  Martin Trzaskalik, CIO, cleverbridgeQ: How are you dealing with the current spam and security threats within your organization, such as botnets, phishing, spoofing, spyware and the like? A: " Cleverbridge employs two strategies to protect both its internal office environment and its service platform from attacks. First, we have securely configured our infrastructure, making sure that all of our systems are hardened, all the latest available patches and up-to-date anti-malware tools have been run or installed, and we only grant access rights that are absolutely necessary. Equally important, or perhaps more so, is our second strategy: user education. Phishing attacks initially were successful because they hit an unprepared and uneducated audience. This is essentially true for every emerging threat. Ensuring that the technical staff, as well as all company employees, is familiar with new threats is a key to successfully thwarting attacks. It's about being proactive versus reactive. "  Ken Fell, CIO and Vice President of Information Technology, New York Independent System OperatorQ: Is NERC making energy IT better? A: " No. The only thing NERC is doing is putting security standards on us. We have lots of agencies that give us security standards and none of them are quite the same. That costs me something. It becomes a resource issue. We don't have any issue with the standards. We're trying to figure out how to provide the documentation required. How do I stay compliant with all of them and still maintain a budget and level of resources to be able to do it?
Matt Ebaugh, VP- CIO, Silvercross HospitalQ: There is often a big challenge in adoption of electronic medical records (EMR) technology among physicians. What is at the heart of this issue? A: " There are three reasons why physicians are reluctant. There's the price versus benefit issue. Physicians want to know what the value equation is. The second is about changing the process of how they have been practicing medicine. Physicians who've gone through their residency with EMR are more likely to accommodate the adoption of EMR. The third reason is a little more controversial, and it's the unspoken one. It is the fear of privacy concerns and data sharing. There is unfortunately a great ignorance on all our parts on what the Health Insurance Portability and Accountability Act (HIPAA) is and is not. Banking solved the problem by putting in the Federal Deposit Insurance Company (FDIC). The federal government needs to drive that fear out of the medical community. The fear is real. Having gone through governance structure with physicians, I can tell you it's real. The great irony is that the old processes are much more non-private and insecure today. "  Mark Zielazinski, CIO, El Camino Hospital in Mountain View, Calif.Q: Is the electronic health records (EHR) approach the Holy Grail in healthcare IT? A: " I think it is. It's what everybody has been talking about, and I've been in health care since 1980. Here at El Camino Hospital, we've had physician order entry and results reporting since 1971, and all our pharmacy orders are done electronically, with no transcription. Although we've done some interesting things, I'd say we're still fairly far away from electronic records. I think the technical problems are easily resolved, but it's impossible to achieve because of security requirements. A national identifier for patients is a sociopolitical issue. "  Steve Lapekas, CIO, Pegasus Solutions Inc.Q: Which skill set is hard to find in an IT employee? A: " In my role at Pegasus Solutions, I've found the most important yet hardest skill to find in an IT employee is advanced problem-solving skills. In our industry, we offer and work with technology to simplify tasks and business processes for hotels, travel distributors and travel agencies, which are brought together through an underlying complexity. An employee should one, understand the end-to-end process; two, isolate problems; and three, resolve issues in a dynamic environment. Our company is the global leader in providing reservations, distribution and commission processing technology. With a global presence, eager competitors, and so many products and services, it's key we find the right talent to not only "get it," but also continue to make it the best. "  William Gruszka, CIO, Southern Polytechnic State UniversityQ: Are there unique challenges for you in overseeing IT at a university that specializes in science and technology? A: " There certainly are unique challenges. The primary challenge is managing user expectations, and it manifests itself in two different ways. The first is that at SPSU we use technology to teach technology. That creates an environment where the technology has to work. At more traditional universities, if the technology does not work, the professor can fall back to another method of teaching. At SPSU we have "hands on" technology in many of our classes and labs. If the technology does not work, the class cannot go on. The other challenge of user expectations is that as a science and technology university, we are expected to have the latest and greatest of technology at all times. Further, we have a high concentration of faculty who are very technologically savvy, which tends to magnify the situation. With the economic challenges facing all of us in higher education, meeting these lofty expectations is a continual struggle. We are forced to take a creative approach to investing in technology, while providing all of the services that our faculty and students need and hopefully most of the services they want. "  Jeff Huegel, Chief Security Officer, USiQ: How do new regulations and laws concerning electronic document retention impact your organization? A: " Organizations, ours included, are faced with conflicting requirements in the area of document retention. In the balance are laws and regulations that increase requirements for document retention vis-à-vis costs of storage, costs of security, and increased administration. In addition, companies need to be concerned about aspects of liability and discovery of long-term record retention. To strike the proper balance, we review and accommodate legislated requirements and develop or modify our company policies to meet the regulations in the most cost-effective manner. Then, the important element is consistency of policy enforcement. To manage liability and discovery risks, policies must be effectively and consistently implemented. Compliance with published policies is key to all aspects of effectively managing document retention requirements. "  Bernard F. "Bud" Mathaisel, Senior VP and CIO, Achievo CorporationQ: What is the biggest challenge for you as a CIO in integrating analytics within your organization? A: " Data sourcing is my primary concern. Even the most capable analytics engines will produce meaningless analytics if the source data are wrong. Achievo has three major sources of operations information: our enterprise resource package, which contains the transactions and financial audit trail for the outsourcing work we do; our customer relationship management system; and our project management system, which contains workflow and details about how we execute to client engagements, most importantly those that involve onshore and offshore coordination.  W. Hord Tipton, CIO, U.S. Department of the InteriorQ: What are some of the biggest IT challenges you face? A: " Keeping up with changing technology can be difficult, as well as communicating the need to adapt to our department's culture. A lot of it is really about getting the other employees to understand how important information technology is to their day-to-day operations. Public sector workers are much more resistant to change than their counterparts in the private sector.
 Bill Miller, CTO, XAwareQ: Will a recession be good for open source? A: " First, let's make an important distinction between usage and revenue. Growth in open source usage may be somewhat "recession proof" as IT organizations look for ways to get things done without spending scarce budget. But growth in open source company revenues is certainly not. No spending means no spending, including no spending on open source-related services. It probably will be a good time for commercial open source companies to get aggressive and pick up market share on a usage basis, planting seeds that will produce revenue growth later. The inherently lower cost structures of open source business models will help these companies weather the storm versus license model competitors, allowing them to focus on growing adoption instead of cutting heads and reducing expenses. "  Clark Kelso, CIO, State of CaliforniaQ: What can the public sector teach the private sector about IT? A: " IT in the public sector has learned a lot from the private sector. But the private sector can also learn from the public sector, where we do IT in a fishbowl. For example, I think that public sector IT has a better grip on its fiduciary responsibility as a custodian of private information. We tend to be more sensitive about observing fair information practices. This certainly can increase the costs associated with data collection and sharing, but public trust is promoted by following these practices. The private sector can be oblivious to these concerns, and that risks a regulatory response. Sometimes, you can do well by doing good. "  Rob Israel, CIO, John C. Lincoln Health NetworkQ: What is your overall strategy for data protection and IT policy enforcement? A: " We use a combination of technology and end users' needs to balance out a program that allows them to continue to do their job while protecting electronic assets. Policies and procedures aren't enough. We have to balance it out so that people can still do their jobs.
 Stuart Sugarman, Senior Vice President and the CIO for NYU Medical CenterQ: Which will play a bigger role in your IT strategy this year, HIPAA or A: " For healthcare, HIPAA has arrived, while Sarbanes-Oxley is threatening to arrive. As such, the three HIPAA regulations of privacy, electronic data interchange and security currently impact all facets of our IT strategy.
 Roger Batsel, CIO-VP and managing director of Information Systems, Republic Bank & Trust Co.Q: What was the biggest challenge in implementing an integrated voice response (IVR) and call center management solution for your organization? A: " The biggest challenge for an organization like ours is that we tend to grow organically. So, you grow around the technology and the tools you have. You begin to realize that with call center technology, you don't need to have everyone in one area. They can be distributed. They can also contract and expand depending on our needs at any given time.
 Dawn Powers, Vice President, Information Security, Prudential FinancialQ: What are some of the biggest issues you deal with in information security administration, and what are some techniques that have proven especially helpful in securing the company's network? A: " Prudential Financial has processes in place to continually enhance its security administration. One of the biggest challenges we face is streamlining the administration process. In many cases, a single administration request can generate 50 to 80 transactions within our application suite. We are working to implement Functional Role Basing which provides individuals with the systems access to perform their specific work assignments. These roles enhance the implementation of automated provisioning tools that provide consistency, create efficiencies, improve quality, and enables proactive monitoring, which in turn reduces risk. "  Gary Masada, CIO, ChevronTexacoQ: What is the single biggest challenge energy companies face from an IT standpoint? A: " For a large, global organization like ChevronTexaco, IT is not simply a service function; it is a fundamental business enabler. You have to look at integrating technology into every aspect of your business, and that poses significant challenges, particularly in the energy sector. We have to manage the flow of information throughout the company, including managing huge volumes of data coming from remote locations in extreme parts of the globe, typically from highly specialized applications. We also have to stretch beyond the traditional role of IT services to become a partner in our R&D efforts, to create innovative new applications of technology to improve exploration. IT must also manage information flow in a very complex supply chain environment. Last, but certainly not least, we have to ensure we handle data in a way that satisfies complex regulatory requirements. "  Susan Brennan, CIO, Sierra Pacific PowerQ: What is the key to protecting your system? A: " Good planning is essential. We also make sure our protocols are in place and tested, both internally and externally. "  Jim Dillon, CIO, New York StateQ: Can the public and private sectors work together to achieve better IT? How? A: " With a clear understanding of each other's goals, the public and private sectors can work well together. New York State is the size of a Fortune 10 company but we don't always act like one. The public and private sectors have different goals - corporations to earn profits for shareholders and government to deliver constitutional or statutory services to citizens - but we can often achieve them with similar strategies. We can learn from large corporations who have consolidated and standardized business processes across multiple business units to achieve greater efficiencies and savings. We have taken steps in this regard but more still can be done. In addition, vendors need to be aware of our statewide strategies and goals for enterprise architecture. Vendors who are selling products and services contrary to our strategic plans are not helpful to us. But working "together" I believe we can achieve better IT. "  Paul Schieb, CIO, Children's Hospital BostonQ: What are some of the biggest information security issues you're dealing with today? A: " We are working to protect the desktops from viruses and spyware, but there's also a lot of focus on account management and identity management. Since we're a teaching hospital, we have many physicians coming and going, and we need to be able to manage their accounts as they come and go. We're doing a lot of identity and account provisioning, and automating the account provisioning process so that a manager can simply enter the request and the accounts are automatically created. We're also working on a single sign-on initiative, so that a physician can enter their credentials once and get access to everything they need. Because we have so many people sharing machines and the systems are so integral to patient care, there are a lot of issues in automating it and making sure it's secure. "  Brian Furumasu, CIO, Bonneville Power AdministrationQ: What are the coming IT threats that you're preparing for right now? A: " Security is always a threat we have to be vigilant about. I see across the industry the downward pressure to lower costs and deliver all of what a company needs. It's not as much of a threat, but a challenge for us. I am going through a consolidation across IT at Bonneville. We're looking at what we can do differently, do it at a lower cost, and meet the needs of the business and mission of the agency. The most frequently asked question of a CIO is, 'Why does this cost so much?' We're looking at a 25% [budget] decrease over the next two years while still providing and maintaining the same high level of service. I need to be able to provide the same or better services at lower cost. "  Lisa Schlosser, CIO, Department of Housing and Urban DevelopmentQ: Is IT playing a big enough role in supporting major government programs? A: " Government overall has done a really good job in the past four years at improving and focusing on the use of IT and supporting major programs. Citizens can go to benefits.gov and get access to most services the federal government offers -- and in many cases, the services the state and local governments offer online. We're also looking at ways to eliminate redundant systems, to save costs in the way technology is used, and to increase efficiency. "  Jeff Scime, VP-Operations, SEMDirectorQ: How does your organization use instant messaging (IM) products? A: " We are a distributed software organization, with six different offices in the U.S. and Latin America. Instant messaging is widely used within our organization, both for internal and limited external communication. We are heavy users of IM and like the productivity and nature of the communication it provides.
 Kamal Bherwani, CIO, New York City Department of Health and Mental HygieneQ: You are the CIO for three New York City government agencies. What is the biggest challenge for you and the IT team in terms of that breadth of IT responsibility? A: " The biggest challenge for me has been to create a model of sustainable IT staffing. While private markets are quite adept at adjusting budgets up and down dynamically, the pace at which this can be done in government is limited. The solution is to create a compelling IT work environment, using the latest technologies. This creates a career path where technology workers learn and grow quickly alongside technology service contractors during the build phase of a project. This allows hands-on learning and has allowed the maintenance of systems to be brought in-house. The turnover rate at all three agencies has turned out to be lower than industry standards. IT professionals who want to do good and have fun have been able to grow professionally, while turning a lower than private-sector salary into a self-investment. "  Stephen Michaele, VP-CIO, Direct Marketing AssociationQ: Are there IT challenges that are unique to a trade association? A: " We have many different constituencies we need to support across lines of businesses. We need systems in place that will do things like track complex information and allow our members to find that information. We are creating systems to help us track user interest and interactions that inform how we can help them, what information they need and how we can get that information to them. We have a database that we've built to track those interests. We use various technologies, including Web technology, database technology and CRM technology.
 Gayle Vernon Simkin, CIO, Catholic Healthcare WestQ: What is the most interesting project you're working on these days? A: " A project that is not just interesting but also fundamental to our core operations is the CareConnect project. The physician-led CareConnect project, also known as the Enterprise Clinical Information System (ECIS), has a goal to directly and dramatically enhance our ability to provide high quality patient care by providing clinicians with ready access to clinical data and effective decision support tools.
 David J. Farrer, VP-product development, Apangea Learning Inc.Q: What is the biggest challenge in making your IT organization more business responsive? A: " There are several equally important challenges. First, finding and developing qualified personnel are persistent concerns. We have streamlined our interviewing processes and created a mentoring program to address this issue.
 Joe Oesterling, CIO, CbeyondQ: How are you currently handling regulatory requirements? A: " We are moving into what I'll call Year Two or Year Three of living in the regulatory environment. It is now about orienting yourself and your team to the fact that this is a part of life.
 Ed Bell, CIO, ING DirectQ: As a financial services company, what is your biggest obstacle to better information security? A: " I'd address it from three perspectives knowing the demands for more and more data by clients -- both internal and external -- is furthering the challenge.
 Rich McNeil, CIO, Boston Software SystemsQ: As a company that provides hospitals with workflow automation software, what should hospitals consider when evaluating these technologies? A: " Whenever you introduce one piece of technology, the whole technology fabric of the organization is affected. You'll want to ensure the least amount of disruption to your existing systems and processes. Script development tools allow you to choose the tasks you want to automate without bringing in consultants or vendors.
 Tony Young, CIO, InformaticaQ: Is Sarbanes-Oxley making IT better or worse? A: " It depends on the IT shop you are in. If you are in a shop that has really strong processes and procedures, it shouldn't have been a significant change to how you do business. I think a lot of what Sarbanes-Oxley is doing is reinforcing good practices in your IT organization. Where some shops have found it to be extremely onerous is that they may not have been very strong in process and procedure to begin with.
 Dave Leonard, Chief Technology Officer, InfocrossingQ: How is your company instituting standardization practices across its national network for five data centers? A: " We've adopted a "best of breed" model which enables us to select the best tools for each data center process. After reviewing existing software licenses and processes across the five data centers, we picked the best products and integrated them into our proprietary "light" management framework throughout all the data centers.
 Raj Croager, CIO, FASTSIGNS International, Inc.Q: How does your organization support its different units that have desktop support issues? A: " With 500-plus franchisee units in the U.S. and around the world, we've discovered the key to efficiently handling desktop support is being able to see the issue in real-time and solve it, regardless of the franchisee's location. Expecting end-users to fix IT issues themselves is time consuming and frustrating for all involved. To overcome this, we use a remote support tool from NTRglobal called NTRsupport that allows our technicians to either share or take control of their desktop in order to fix their IT issues, thereby reducing the time and cost required to support our franchisees. "  Michael Spears, CIO and Chief Data Officer, National Council on Compensation Insurance, Inc.Q: What is your strategy of protecting the security of data? A: " Managing the nation's largest database of workers compensation insurance information is a commitment that NCCI takes very seriously. Information security is a top priority for us. Our strategy is multi-pronged. From an IT perspective, we stay up to date with the latest security technology such as firewalls, network security, vulnerability tests, penetration tests, application scans of Web-based code, laptop data encryption, password reset strategies and so on.
 David Barley, Chief Technology Officer, Casdex, Inc.Q: What is your biggest IT challenge? A: " As a digital archive firm that caters largely to small and mid-sized businesses, our main IT focus at Casdex is storage management. With multiple data centers located in various geographical locations, it's always a challenge to ensure that we keep up-to-speed with our timelines and space availability on our servers for our clients. Without doing so, we would lose our competitive edge. "  Larry Lotenero, CIO, University of California, San Francisco, Medical CenterQ: Which will play a bigger role in your IT strategy this year, HIPAA or Sarbanes-Oxley? A: " For us, it's HIPAA, but our security efforts extend well beyond that into the use of outpatient information and research. Throughout our organization, we make sure the capture and use of data is handled in a way that keeps the data secure, appropriate, and handled accordingly. Our work here is very much push and pull: In a research environment, we need to have information available to other scientists and medical centers, for research and collaboration purposes. But we also need to keep our system very secure. This presents quite a few challenges. "  David Wennergren, CIO, Department of the NavyQ: Can the public and private sectors work together to achieve better IT? A: " The strategic partnership between government and industry is absolutely crucial and the places where things work the best are where government and industry work together. The success of the Navy/Marine Corps intranet comes from a performance-based contract where we tell our private-sector partners the results we want to achieve and give incentive payments if they are able to exceed our expectations. The idea of performance-based contracting is powerful, and it brings together government and industry as strategic partners. We take advantage of all the great talents and intellects out there to help us get the mission of the Navy/Marine Corps done. "  Ken Orgeron, CIO, Gardere Wynne Sewell LLPQ: How does the possibility of natural disasters impact your organizational disaster recovery and business continuity plans? A: " The possibility of natural disasters is a key focus when designing a Business Continuity/Disaster Recovery Plan. Each part of the plan must be approached differently. The BC Plan focuses on long-term recovery, where the DR Plan will focus on the short-term impact immediately after the natural disaster.
 Nicole Spelhaug, Chief of Product Development, Mayo ClinicQ: What is the most interesting project you are working on? A: " We're evolving an integration strategy between claims, pharmacy, and lab data with the kind of information tools that we provide to help people manage their health. So as areas of need are identified through a health risk assessment, we can integrate that with health management resources that we provide and the claims data that another partner of ours might supply. We're offering interactive programs and tools to help Fortune 500 companies give their employees resources that help them reduce their healthcare costs through the interventions our site provides. "  James McDonnell, Vice President and Chief Information & Security Officer for USEC, Inc.Q: What are the IT challenges that power companies face this year? A: " First and foremost is the continued integration of business systems and operational systems as companies migrate from proprietary control systems to commercial off-the-shelf systems. You have to set up an entirely different controls regime, to make sure you're allowing people to do their jobs but segmenting information that is extremely critical. You also have to start segmenting the network and data processing systems internally with much more care. "  Scott Thompson, Executive Vice President of Technology Solutions for Inovant, a Visa Solutions CompanyQ: How is data storage essential to an always-on business environment? A: " Merchants and cardholders increasingly demand more information with each transaction. Understanding the sensitivity of this data, we have implemented a robust security infrastructure at both the physical and logical levels to prevent unauthorized access to this information. Our job is to make transaction data available to our members in a way that maintains the integrity of the payment system. The Member bank can access the cardholders' transactions by card number and determine in real-time what the transaction was and where it occurred. "  Tim Lemieux, CIO/ Vice President of Information Services, Ratner CompaniesQ: What is the biggest challenge for you as a CIO managing IT in the retail environment? A: " Providing effective systems in the highly distributed landscape of a retail environment creates the greatest challenge. Ratner Companies owns and operates nearly 1,000 hair salons on the East Coast, in the Midwest and in the United Kingdom. We are currently implementing a new system to manage the customer flow in all of our salons. Training all of our locations to use it consistently is a challenge [as well].
 Martin Davis, Executive Vice President and Corporate CIO, WachoviaQ: How will ongoing Sarbanes-Oxley requirements impact your organization going forward? A: " In addition to the quarterly attestations, Sarbanes-Oxley and Wachovia's CIO groups are more closely aligned with other risk management activities. This has prompted a thorough review of key IT controls throughout the company. "  Basil Maloney, CIO, PresenceIDQ: What is the most effective way to get users in your organization to comply with new regulatory standards? A: " The most effective way to make sure employees comply with new regulatory standards is through a combination of training and deployment of IT systems that help them comply. Training is critical to making sure employees know what regulations mean in relation to how they perform their jobs. Things like not emailing sensitive information to unauthorized people, not sharing passwords, and many other security and privacy procedures. Equally important is improving IT systems to ensure compliance by synchronizing security throughout the enterprise, not just the perimeter. Using rights-based provisioning of users and content combined with virtual desktops that only allow access to what they are authorized, and not entire directories they can explore, keeps employees, temps and consultants in line. "  Walter Milligan, Chief Information Officer, Michigan Technological UniversityQ: How is your organization using collaboration tools? A: " The use of collaboration is in its infancy here. Purchasing decisions are very distributed. The coordination issue with any new software initiative is something we're struggling with right now. For example, we have recruiters out in the field who are not in our home town making visits to high schools. They need to share documents with each other. Doing so with collaboration tools is much more efficient that sending around Microsoft Word documents.
 Don Kosak, CTO, LycosQ: You've led the integration of Lycos' acquired technologies for sites including Tripod, Angelfire, Matchmaker and Quote.com. What is the biggest IT challenge when it comes to integration? A: " The biggest challenge was selecting a common platform for Lycos's key systems. These systems weren't small "department" servers -- they were customer-facing applications with millions of daily users from all over the world. As much as Web 2.0 and software-as-a-service promise platform independence, there are critical IT functions such as customer registrations, billing and reporting, that can become unmanageable if not consolidated. The up-front costs can be hard to justify; however, the long-term savings in maintenance, increased business agility, and streamlined compliance more than pays for the effort in the long run. "  Greg Valdez, CIO, BMC SoftwareQ: What is the greatest barrier to IT compliance? A: " The biggest hindrance to IT compliance is a lack of focus on processes. All IT shops are working to achieve the effectiveness of the best shops which on average are five times more productive and run 25% cheaper. Obtaining this efficiency requires a strong focus on process management, especially in change and configuration management. If the right people, skills and processes are in place, compliance is essentially free. Compliance is but another set of metrics on processes. "  Mahesh Bhavana, CIO, Junosource Processing Inc.Q: How do you ensure the security of stored data? A: " When you work in an industry where compliance takes center stage, data security is of the utmost importance. As a technology-enabled loan packaging business, Junosource is constantly implementing innovative security measures to ensure our customers' sensitive information is protected. Our biggest challenge is to comply with the extremely strict requirements imposed by our business partners without sacrificing the cost effective solutions our clients have come to expect from us. In addition to utilizing role-based access and authentication, access to data servers is protected by VPN/Firewall, and our Web portal is secured by 256-bit Secure Socket Layer Certificates. With existing measures in constant review, we worry about security so our clients don't have to. "  Kelly Stephen, Chief Technology Officer, WebVisible, Inc.Q: As a company that specializes in leading-edge technology, what are some of the biggest internal technological challenges you face as its CIO? A: " We face a number of internal technological challenges in providing leading-edge technology to our customers. Number one is ensuring that all of our various platforms and products are integrated together seamlessly, especially from a customer's perspective, even if behind the scenes they may be completely separate products and platforms. Second would be remaining flexible in order to continue to improve our technology to incorporate the wide range of emerging technologies and ideas that we may not have known about before. And finally, we need to always balance our desire to be innovative and build products that drive our technology roadmap while continuing to meet the needs of our existing customers and new prospects. "  Rick Brouwer, Vice President of Information Services, Total Logistic ControlQ: Which skill set is most important and hardest to find among IT employees? A: " At Total Logistic Control, we are finding it increasingly difficult to recruit employees with that rare but necessary combination of business and operational skills, combined with technical skills. When looking to deploy best-of-breed supply chain applications, like warehouse management or transportation management systems, we seek candidates who understand the operational problems that are being solved by the application. Also, finding multi-disciplined technical managers such as project managers and development managers is becoming more of a challenge. To round out the recruiting spectrum, security and system administrators are routinely in demand. "  Joel Smith, Co-founder and CTO, AppRiverQ: What is the biggest challenge in balancing your network operations responsibilities with your R&D responsibilities within your organization? A: " Staying involved in the R&D process is a challenge in the midst of day-to-day operations, but we try to maintain a balance through effective communication both internally and with our customers. We are constantly gathering data through customer surveys as well as weekly meetings with our sales and customer service groups to ensure our R&D road map stays on target with what the customers need.
 Gregory Veltri, Chief Information Officer, Denver Health & Hospital AuthorityQ: In healthcare IT, what is the greatest obstacle to electronic health records implementation? A: " Our organization cares for more than 150,000 patients, providing two billion in uninsured care since 1992, yet we continually leverage technology to improve patient safety and quality of care while managing cost. For many organizations, the biggest challenge to implementing electronic health records (EHRs) is gaining the acceptance from the clinical staff. If clinician users do not clearly understand how technology can help improve safety or quality of care, this can lead to strong resistance and slow down the entire implementation process.
 Bob Mitchell, Senior Vice President, Operation & CIO, GTSI CorporationQ: How do you best promote the importance of IT to C-level executives? A: " A successful CIO doesn't overtly promote IT. If you do, you risk positioning yourself as an IT program or infrastructure manager, not a CIO, and are likely to fail. The successful CIO must be an executive business leader working cross functionally to facilitate real business process improvement through the rest of the leadership team, not around them. To succeed, you must (1) show a strong and credible multidiscipline business understanding, (2) establish influential relationships throughout multiple levels across the company, and (3) bring together all relevant departments to work together to maximize business process improvements, including, but not limited to, those facilitated by technology. If you do this, the team will go forward together and the value of IT and your leadership will be implicit. "  Yossi Jan, Chief IT Officer, Maccabi HealthCare ServicesQ: How has mobile technology changed your organization? A: " Maccabi Healthcare Services uses mobile technology intensively to improve the delivery of health services beyond the bounds of our own clinics. Maccabi doctors and nurses can access and update patient's Electronic Medical Records stored in our central database while performing on-site occupational health diagnosis, treating patients at their homes, or visiting them in the hospital. Those capabilities were found useful also during emergencies or even during the last war with Lebanon last summer. We are now working on adding the capability to view these medical records on PDAs as well. Israel is not big, but our portable capabilities make it even smaller. "  Christopher S. Andoh, COO-CIO, Global Integrated Development GroupQ: Given your company's focus on developing business in Sub-Saharan Africa, an emerging economy, what are the unique IT challenges you are encountering? A: " On occasion we experience communication challenges while traveling in various countries. Making adaptations from an IT standpoint is essential for international business success and requires patience and in many cases persistence.
 Abraham Elias, CIO, Circle L RoofingQ: What are the business benefits and risks related to developing new applications with open source code? A: " The advantage in using open source is that you have a whole network of resources developing software for you to use. The problem is that it needs to be compliant with your internal corporate policy. One of the biggest drawbacks of using open source is that you constantly have to manage the license. We hire good programmers, but we don't hire programmers who double as attorneys. We take that away from the developers and use the compliance software to manage that.
 Anthony Vaccarelli, CIO, Aptuit Inc.Q: What is the most effective way to get users in your organization to comply with new regulatory standards? A: " It's essential to have a consistent standard across all locations and all business units. We're in the UK and Scotland, the East Coast of the U.S. and Kansas City, Missouri. We've used the framework of an industry standard called Good Automated Manufacturing Practices. That's the standard for all computer systems validation and qualification. It's any computer software that supports a regulated activity. In using those standards, we're actually using standards put together by our customers. Those standards were established by the pharmaceutical industry.
 Dan Demeter, CIO, Korn/Ferry InternationalQ: How do regulatory requirements impact your IT strategy? A: " Regulations might be costly and add complexity, but compliance may provide -- by way of example -- improved security and reduced risk. What should matter most is not the positive or negative impact of regulations, but rather the process by which one deals with the constant changes in this area. CIOs should make regulatory requirements an integral part of the IT strategy. Dealing with regulatory change should be baked into the IT design, architecture and infrastructure of the firm. It is so much easier to implement Sarbanes-Oxley requirements when proper security procedures are followed as a matter of good business practice. Privacy regulations are a cinch when proper access control and permissions are an integral part of system design. Equal Opportunity regulations are easier to implement when flexible workflow and data segmentation are part of the enterprise architecture. Anticipate change, design for change and regulatory requirements will become just another repeatable process. "  Bill Nadal, Chief Technology Officer and Senior Vice President, Full Capture Solutions, Inc.Q: How does your organization use instant messaging products? A: " Full Capture uses Instant Messaging as a lightweight communication tool within a larger set of collaboration products. IM is a great way of determining a user's online presence and getting real-time responses for simple inquiries. Full Capture's staff, customers and vendors interact across many time zones. When a timely response is critical, knowing that a key resource is online can save us time and money and provide better customer service. A quick IM chat often avoids the delay and overhead of an email or phone call. Sensitive information or files should never be sent over IM. When used appropriately, IM can be a valuable collaboration tool in your organization. "  Chris Hall, CTO, International Association of Business CommunicatorsQ: In overseeing the re-design of your organization's Web site, what was the most challenging aspect of incorporating Web 2.0-type features? A: " On the IABC Web site, while our blogs are open to both members and non-members, many of the discussion forums are tucked away behind member-only areas of the site. In addition to integrating the discussion forums with our existing member database, it was a challenge to match their look and feel to the newly redesigned site. Moreover, we wanted our members to only log in once, regardless of which parts of the site they visited, so we had to customize the login codes to pass in their credentials transparently, assuming they are already logged in. We've been taking a piecemeal approach with other Web 2.0 features, such as AJAX or other rich user interface enhancements, adding them only to select sections of the site. "  David Michael, CIO, PR NewswireQ: What are some of the IT challenges unique to a news aggregation and distribution service? A: " PR Newswire distributes nearly 1,000 news releases to the media, general public and financial community each day. We use both satellite and digital delivery technologies to deliver our clients' content directly into the newsrooms of more than 4,700 media outlets, as well as to more than 3,600 Web sites and online databases. Our clients -- public relations and investor relations professionals -- send us news releases in various document formats, and it is our job to convert these documents into a standard format that can then be subsequently delivered to a wide audience.
 Campbell Dobbin, CIO, The ADWEB AgencyQ: How do you handle security concerns within your organization? A: " The current business climate has a strong need for more real-time access to information, which has altered the nature of security concerns. Security concerns require innovative solutions and long-term strategic direction on technologies that impact your business processes.
 Michael Peterson, CIO, CHG Healthcare ServicesQ: How do medical professionals use IT these days? A: " Technology is the lifeline of the medical profession today, whether the medical professionals are using handheld devices to quickly and accurately diagnose their patients, access the latest research updates and medical journals, or perform surgeries or treatment for their patients.
 Michael Lederman, Director of Information Technology, Alvin Ailey American Dance TheaterQ: What has been your biggest challenge in streamlining and integrating the business processes of your company's disparate departments? A: " We are currently working on two strategic initiatives to help our staff collaborate better and eliminate the inefficiencies in their workflows: a digital asset management system and an organizational intranet. While common in larger enterprises, these systems are rare to find in smaller arts organizations and represent a significant shift in our workflow. In creating buy-in for these projects, the greatest challenge has been identifying the different sources of resistance from each department as well as which benefits would motivate change. Some departments are open to change but are stuck in their existing, inefficient processes and cannot create time to evaluate or even hear alternative solutions. Other groups may easily identify the benefits of a new system, but something about the idea of change is unsettling. As a result, they develop a resistance to the project, not because of the results, but simply because it represents a change. "  Amit Shah, CTO, Void CommunicationsQ: What are some IT challenges you are dealing with right now? A: " On December 1, 2006, FRCP Rule 26 came into effect and solidified years of case law regarding the admissibility of stored electronic information for legal discovery. Essentially, this rule states that as part of the legal discovery process an organization must be able to produce any stored data that was collected during a timeframe designated by a company or industry.
 Jeanne Skül, Vice Chancellor for Information Technology, The University of South Carolina UpstateQ: What is your disaster recovery plan? A: " At the University of South Carolina Upstate, we are committed to protecting the welfare of our faculty, staff, and students, as well as our intellectual property and facilities. Our incident management system (IMS) identifies roles and responsibilities in a formalized response hierarchy for all types of emergencies, from minor events to catastrophes. Tied to and incorporated into the IMS, we have [plans that include] an Information Technology & Services plan.
 Wendy Cebula, Executive VP and COO, VistaPrint USA IncorporatedQ: What is your IT department doing to combat rising energy costs? A: " VistaPrint is moving to a new technology platform that simultaneously provides a more scalable production environment while reducing hardware and energy costs. We migrated away from existing servers to products that give us more flexibility. This choice has reduced the number of servers by a factor of five and cut energy requirements by 50%. VistaPrint also started leveraging virtual machine software to run nearly 100 servers on just nine physical machines. Aside from the energy reduction, it has enabled us to reduce our data center footprint and corresponding hardware and maintenance costs even in a period of rapid growth. We are also in the process of switching from CRT monitors to LDC monitors to lower energy costs. "  Tom Franke, Chief Information Officer & Assistant VP, University of New HampshireQ: What was the biggest challenge in overhauling the university's storage infrastructure? A: " The biggest challenge has been with people and with timing. I had been CIO at the University of New Hampshire for three months when asked to purchase a storage area network (SAN) to replace direct-attached storage on an MS Exchange cluster that was showing performance problems. An existing SAN in another unit was two months from lease renewal. With expected dramatic increases in storage demands we lack resources to manage multiple SANs. As CIO, I value technical staff recommendations, but here they were in disagreement. We engaged an outside storage consultancy to do a comprehensive storage review, and followed their recommendation for a central storage service model with a single SAN. It's been tough quickly changing support models and technology, but it was right for the university. "  Carmella Cassetta, Senior Vice President and Chief Information Officer, Corinthian CollegesQ: Are there unique security challenges for the CIO of a college that has an online education component? A: " While not necessarily unique to online education, there are specific security considerations. The first relates to implementing appropriate authentication and authorization methods for both students and faculty. This involves validating the identity of the person requesting the service and determining the appropriate access for that person. These applications are accessed via the Internet, which dictates the use of technologies to protect the data as it traverses the public network. There are various technologies that can be used, such as VPN and SSL. Because these applications contain sensitive information, it is also necessary to encrypt the stored information and often requires physically segregating these applications from internal networks. However, the biggest challenge is balancing the right level of security with the ability to offer the functionality and information required by students and faculty. "  Melissa Mullinax, Chief Information Officer, Seattle UniversityQ: What is the most challenging project you're working on right now? A: " My most challenging project is the establishment of an IT governance structure. Since IT touches every aspect of higher education, it is imperative that governance be put in place and be comprised of decision makers from across the university. The governance committee is charged by the executive team with the authority to review, recommend modifications, and grant approval of the office of information technology for the tactical plan and technology capital plans and expenditures. This allows the university to set the priorities of the IT team according to their current needs. Some of the challenges arise from the perception that control of IT purchases will be relinquished when in fact with governance oversight the individual departments will have more resources at their disposal. "  Frederick Dillman, CTO, Unisys CorporationQ: How does the CIO-CTO relationship impact business goals? A: " Actually, it's more that business goals are reshaping the CTO-CIO relationship. The CTO was once responsible primarily for discovering new and emerging technologies that could help address his or her organization's needs, while the CIO was focused on managing IT assets, functions and budgets. Yet, the current business climate has altered their roles as a number of demands, including the push for more real-time access to information, and increasing security concerns, now require more need for innovation and long-term strategic direction on technology solutions that impact business processes. Business goals now focus more on establishing strategic IT infrastructures that offer security best practices. The CTO and CIO must now share a combined business/technology mindset to bring value to their organizations. They must combine their technology and business expertise to effectively identify leading, proactive solutions, uncover new methods where needed and manage the risk along the way. "  Richard J. Schaeffer, Vice President and CIO, St. Clair HospitalQ: Healthcare has been slow to adopt RFID Technology. Within a hospital, where does the initial RFID implementation make the most sense? A: " It is every hospital's responsibility to provide a safe patient environment. In the delivery of care to the patient, there are mistakes that will occur due to human error involved in the process. Even in a patient care process that has been optimally engineered, errors can not be completely eliminated without the introduction of a technological aid. RFID is an ideal technology to assist the caregiver at the bedside in eliminating medication administration errors that threaten the patient's safety. Using RFID on patient and caregiver IDs should be the organization's top priority. Dual mode scanners handle the bar-coded medications and RFID-tagged patients and caregivers utilizing a PDA device. The same application can be used for other patient safety tasks such as lab specimen verification. "  John Pavlov, VP of Engineering and Chief Technology OfficerQ: How does the CIO-CFO relationship impact business goals? A: " The CIO has significant impact on the ability of an organization to support its business goals, particularly with respect to revenue generation and cost controls. Many of the efficiencies organizations seek in streamlining their business operations -- both in generating revenue and in cutting costs -- are achieved through technology, and it is the CIO's responsibility to help identify, evaluate and implement these solutions. In addition, CIO's must work closely with CFOs to blueprint and execute security strategies to protect intellectual property and support compliance initiatives, such as those associated with Sarbanes-Oxley. Proactive CIOs will work with CFOs to leverage technology strategies and process improvements to support the organization's growth." "  Jack Chen, Chief Information Officer, Adelphi UniversityQ: What are the coming IT threats you are preparing for right now? A: " IT security has evolved to be the most challenging area, especially in an institution of higher education where collaboration and openness are an integral part of its operations. Students returning from a long summer vacation will most likely bring back computer viruses and worms. This creates a huge challenge for the institution every year. Compounding the problem is the fact that network hackers have become more sophisticated and they're creating new and dangerous viruses and worms with only slight modifications to the codes.
 John C. Reece, Chairman-CEO, John C. Reece & Associates, LLCQ: What is the most effective thing a CIO can do in terms of better managing security and risk management within the organization? A: " The CIO should proactively engage their chief executive to embed an all-risk (tactical, operational and strategic) identification and mitigation approach in their institution's culture and in its fundamental ways of doing business. That approach makes theirs a "trusted" enterprise by all its stakeholders; that is, an institution where global risk management, compliance and governance are perceived as competitive advantages. This approach is the genesis by which "securing the enterprise" becomes a positive and enabling process. One that most fully opens the organization's total resources to serving the greatest needs of all of those it seeks to engage -- customers, employees, channel partners, outsourcers, suppliers, shareowners, community, et cetera. It is a strategy that ultimately vests those enterprises delivering totally "trusted" (secure) operations with market leadership and competitive dominance over extended periods of time. "  Chris Levan, CIO, BlueCross BlueShield of TennesseeQ: How do medical professionals use IT these days? A: " The healthcare and business communities are in agreement that information technology has the potential to re-shape the healthcare landscape in America. It is widely accepted that IT will improve diagnostic processes, better track medical conditions, encourage early prevention, reduce medical errors and help contain costs.
 Michael McNicholas, Webmaster and Director of Information Services, PrintingForLess.comQ: What qualities or abilities are most important to you when choosing an outsource partner? A: " The critical qualities we look for in a partner are adaptability and responsiveness. Because most of our systems and information processes are custom built by our internal developers to meet our exact needs and are key to sustaining our competitive advantage, we look for vendors that welcome and support the customization and even innovation of their products or services. Detailed functionality that meets our needs and the quality of support are usually significantly more important than price, which is only one, frequently small, component of the total cost of ownership or the value of the relationship. "  Mark Headland, Vice President and CIO, Children's Hospital of Orange CountyQ: How are you handling the emerging trend towards digital medical records? A: " In the not-too-distant future, we will be able to say that we remember when doctors and nurses used to write down patient information on paper and keep it on charts. CHOC transitioned into the world of electronic patient charts with the launch of our Clinical Documentation system, or ClinDoc, this past year. It began as a pilot program in the NICU in April 2005, and was rolled out to the rest of CHOC in May. Using tablets or wireless devices, patient information is now collected at the bedside to create an electronic medical record, a "paperless chart."
 Jonathan Kass, CIO, Veterinary Pet Insurance Co. (VPI)Q: What is the most challenging IT issue you are contending with right now? A: " At VPI, our business has been growing rapidly as the concept of pet insurance becomes more popular. We are now investing heavily in support of multiple ongoing business initiatives and in preparation for future growth. Ultimately, our number one challenge is change management.
 Cheron Vail, Senior Vice President and Chief Information Officer, RegenceQ: Since Regence is a not-for-profit, monetary resources are likely an issue. What are the recruiting challenges in hiring well-qualified, highly-competent IT employees? A: " For 20 years, the computing technology at Regence has been mainframe-based and the IT skill sets supporting the major applications have not changed appreciably during that time. Therefore, there has not been significant training on new technologies. As we move to those newer technologies, we are challenged in our ability to attract talent in a timely fashion with the existing compensation programs. Positions in IT that are technically equivalent in complexity and responsibility may not experience the same market demand. We must be able to adjust our compensation packages to compete for the skill sets that are in greater demand, for example Java developer vs. Cobol developer. Moreover, we must constantly review our annual incentive bonus program to ensure that it can compete with the attractiveness of an employee stock purchase program at a for-profit company. "  E. Glenn Rogers Sr., Deputy Chief Information Officer, Food and Drug AdministrationQ: What are the coming IT threats that you are preparing for right now? A: " The Food & Drug Administration continues to observe significant increases in e-mail and Web-based threats, including spam and "phishing" campaigns, spyware, and adware. These issues not only pose a serious threat to any computing environment, but they also adversely impact the user computing experience.
 John Lambeth, Vice President-Information Technology, Blackboard Inc.Q: How does the CIO-CFO relationship impact business goals? A: " The CIO-CFO relationship at Blackboard, a provider of technology to the education industry, is crucial. Our CFO Michael Beach and I determine what infrastructure and key performance measurements must be in place to support Blackboard's business priorities: financial, strategic, and tactical.
 Bob Worrall, CIO, Sun MicrosystemsQ: What quality or ability is most important to you when choosing an outsource partner? A: " While competitive pricing and technical capabilities are certainly key to vendor selection, the true differentiator is a strong process orientation and how it is implemented. Vendors must demonstrate their processes and the support model to be implemented from the transition phase through sustaining operations.
 Dr. Peter Murray, CIO, University of Maryland, BaltimoreQ: What is the biggest challenge to managing IT for a university from a security perspective? A: " The distributed nature of the institution presents an inherent challenge. The campus network comprises numerous connected sub-networks, so each respective sub-network has some independence even though it is connected to a campus network. An effective IT security program in this environment requires a great deal of communication and collaboration between IT security administrators. We call our IT security program a "safety quilt" since it is a well connected group of people and technologies that blankets the entire enterprise. My biggest challenge at UMB is the work required to create and maintain this collaborative IT security program. "  Steve Hassell, VP and CIO, Emerson ElectricQ: What is the biggest challenge in managing the IT of a global company with multiple offices and business units? A: " Emerson has 116,000 employees around the world, and about 1,200 of them work in IT. They're spread across 150 countries and more than 60 divisions. Our challenge is pulling all of these people around the world together. To address this issue, we created an IT portal specifically for the worldwide IT staff. The idea is to open a new communication channel that is the most accurate and most definitive source of IT information throughout the company. It also will provide visibility into active projects and allow people to reach out to colleagues across the globe to better leverage skills and best practices.
 Arthur Downing, CIO, Baruch CollegeQ: How is your job as CIO of an educational institution different or distinct from a corporate CIO's world? A: " Working in academia allows me to develop and apply technology specifically to advance student learning, as well as work with faculty to research how digital media can enhance pedagogy. That said, corporate and academic IT environments are increasingly similar as we focus on issues such as security and serving users worldwide.
 Roger Rehm, VP Information Technology, CIO, Central Michigan UniversityQ: What is the most interesting IT project you are working on right now? A: " One of the most exciting projects in which I expect to find myself engaged over the coming year is the building of a catalog of university IT services.
 James Boyce, CIO, PRCQ: How do you protect your company's data? A: " As a leading provider of outsourced customer management services, PRC has to be extremely focused on the security of its data network. The nature of PRC's business, which includes connecting to client systems and transmitting customer data, requires that we have multiple checkpoints in place to guarantee the integrity and security of our data systems.
 Chris Nabinger, CIO , MASERGYQ: What is the most challenging IT issue you are contending with right now? A: " The most challenging IT issue today centers around delivery end-user services in a predictable, reliable manner, at a cost they believe adds value to their departments and to the company bottom line.
 Jeff Williams, CIO, VP-operations, Medi-Call, Manila, PhillipinesQ: What are some of the technology challenges you face in your call center, where operators are using e-mail, voice over IP and chat? A: " A challenge for me is I use nurses in the call center. I'm not taking "call center people" and training them in nursing functions. I'm taking nurses and training them in call center functions. They have already gone through four years of school. All of the training and curriculum is in English. That works really well for them.
 Jari Tavi, CTO, BasWare CorporationQ: As an international company, what are some of the challenges to maintaining Sarbanes-Oxley (SOX) compliance? A: " The single biggest challenge in maintaining SOX compliance as an international company is the need to be compliant with different regulations from a variety of geographic regions. As legislation changes and requirements from different sources tighten, it is important for the software solutions we use to be agile so that we can remain in compliance.
 Jack Novielli, Senior Vice President and Chief Information Officer, Provident BankQ: What are the security challenges you are dealing with right now? A: " Financial services providers can establish and maintain an expensive information security management system only to have it circumvented by inadequate security controls at the provider's business partners and vendors as businesses increasingly use outsourcing services. Obtaining and monitoring security methodologies used by third-party vendors is becoming a bigger task every day.
 Dennis Chen, CIO. FunMobilityQ: What is the most challenging IT issue you are contending with right now? A: " As a company that provides leading services in rich media content such as wallpaper, ringtone/truetone and animated greetings, we spend a lot of time thinking about the best way to build the next generation services that truly engages end-users. To accomplish this goal, these services need to provide much higher degree of personalization and will demand much greater bandwidth and processing power. We are constantly contending with balancing the richness of our content against the bandwidth of the wireless carrier network and against the processing power of the mobile handset. "  Albert Hitchcock, CIO, NortelQ: What is the most interesting IT project you are working on right now? A: " Nortel IS adopted a multiple vendor outsourcing approach in early 2006 as a way to diversify, respond to changing business needs, emphasize business case driven decisions, and to take advantage of individual vendor strengths.
 Ray Ouellette, CIO, Forbes.comQ: What are your challenges in your new role at Forbes.com? A: " Forbes.com has done impeccable job establishing itself as a Web destination for business leaders. We're experiencing growth in multiple areas of the business. I was brought on board to support and further that growth. The growth of the business will be driven by continuing to deliver best of breed solutions to advertisers and business partners. My challenge and opportunity is to leverage the existing technologies and developing new and innovative ways to support the business growth.
 Stephanie Cline, VP-CIO, Jack in the BoxQ: What is the most challenging IT issue you are contending with right now? A: " Our corporate and field business partners, as well as our technology staff, are constantly looking for innovative ways to improve and streamline our business processes, align IT with the company's strategic plan and ensure that day-to-day operations run smoothly. One of our recent innovations was launching computer-based training (CBT) in all Jack in the Box restaurants.
 Steve Bergman, CIO, Goodwill Industries International, Inc.Q: What is the most challenging IT issue you are contending with right now? A: " Change management is the most challenging IT issue Goodwill is contending with today.
 Jerome F. Waldron, CIO, Salisbury UniversityQ: What was the biggest challenge you encountered in the implementation of the university's web-based enterprise resource planning (ERP) system? A: " When we did this, we were focusing on the technology, when in fact it was the cultural aspect that was more significant and long-lasting. The challenge in our environment was taking these tools and re-orienting the faculty. The students adapted quickly as you would expect.
 Sean Magee, VP-Information Technology, Ricoh AmericasQ: What are the biggest challenges to deploying wireless networks? A: " We have a wireless network for service technicians in the field to support customers. The challenge is selecting the right platform and then developing the application. You also need to make sure you have the appropriate network partner.
 Angelo Mazzocco, CIO, Progressive Medical Inc.Q: What is the biggest challenge when it comes to information systems integration? A: " The biggest challenge when it comes to information systems integration today is making sure that an organization uses the proper processes in order to review the alternatives that are available and chooses the best solution. There was once a time when the biggest challenge in information systems integration was determining how best to enhance the existing custom-developed system utilizing the in-house staff.
 Terry Brosnan, CIO and CFO, PeopleCubeQ: How do you align IT within your organization with business objectives? A: " Our vision for IT is that it should be an enabler of the business. Automating routine functions for the staff is important. IT is part of establishing the business objectives, along with operations, beginning with the budget process. We're trying to get everybody on to the same page from day one. It's not a one-time budget process. It's an ongoing process. We have monthly management meetings, and IT is part of that.
 Mark Vorholt, CTO, dbaDIRECTQ: Why is data infrastructure management a challenge for so many companies? A: " It's because, by nature, if your data infrastructure is working right, it is under the radar. It usually only gets management attention if it is not working. Like your house, you seldom think about the plumbing, electricity or drainage until it isn't working.
 Lib Wanner, CIO, Wake County, North CarolinaQ: How is technology helping you to better manage information in Wake County? A: " In Wake County government, we use technology to provide information to our citizens, service partners, employees and the business community in ways that are of value to them. We use traditional phone-based information systems to provide referral services to help people find the services they need; interactive voice response units to allow builders to set up inspections quickly and [to allow] citizens to pay vehicle taxes. [We use] our Web site to allow people from all over the world to apply for our jobs, our citizens to pay their taxes, our business community members to compete for work with us, and our employees to quickly access information on all of our services. "  Simon Nehme, CTO, Protus IP SolutionsQ: What are the challenges of moving delivery of email, voice and fax to IP networks? A: " There are many challenges in moving traditional phone services to IP. One is reliability. The telephone network has been existence for over 100 years, but it's not very flexible. I compare it to the old typewriter. It's very reliable, but very basic. The IP network is relatively new. It's complex, but very powerful. I compare it to the computer ten years ago, when Windows was first released. It could do many things, but it would crash often. You would lose your documents. With the typewriter, you didn't lose your documents. The challenge in moving telephone service to the IP network is building applications to address loopholes. When you're on the Internet you have different standards and protocols. You have different user needs. You need to address those within the application or the set-up.
 Brian D. Voss, CIO, Louisiana State UniversityQ: What are the IT security challenges you face on a university campus where students have around-the-clock Internet access? A: " The short answer is universities are by their nature all about sharing and creation of knowledge. As a result, the environments we have need to be more open and accommodating to people not only in our community, but outside of our community. That means we have a greater security risk than an enterprise that can put up a big firewall and screen communications and so forth. We have to worry a lot about how to maintain integrity and security, but at the same time be cognizant of the fact that there needs to be a flow of information.
 Robert Rosen, CIO, National Institute of Arthritis and Musculoskeletal and Skin DiseasesQ: What is the most challenging IT issue you are contending with right now? A: " Storage and storage management is the most challenging issue right now. The amount of storage we use is growing by leaps and bounds. Managing that storage is a complex and ever more difficult task. One has to deal with life cycle management of data, e.g., how long do I need to keep data, how do I find the data I need over time, etc. Then I have to worry about disaster recovery. All of this needs to be done in an environment of constrained hiring and budgets. Many vendors think they have an answer, but unless it is standards based, easy to learn and use (because of staff turnover), and works in a heterogeneous environment, it is not a solution. "  Gail M. Roper, CIO, City of Kansas City, MOQ: How does a public sector CIO measure return on investment (ROI)? A: " The public sector CIO is challenged with both promoting and implementing solutions that impact the organization's ability to enhance economic competitiveness. The CIO has to ensure that investments in IT projects and assets maximize the organization's strategic vision and ultimately promote business value. The ROI has to represent a worth that can be directly related to measurable payback in the form of better citizen service (effectiveness), value (best service to cost ratio) and expense management.
 Pankaj Malviy, CIO and Founder, Relationals Inc.Q: What is the most challenging IT issue you are contending with right now? A: " When we launched Relationals, a part of it was outsourced to India. Although we were strong in our core technology, the outsourced part of our technology became foreign to our own employees. We started losing control. When our customers reported bugs or asked for improvements we were fine as far as our core platform was concerned. But it took a lot of time and money to get the response and to get things fixed from the outsourced partner.
 Claudio Caballero, Principal, Felisa Technologies, LLCQ: As de-facto CIO for your small-and-medium-sized business clients, and technology advisor to large corporations, what do you see as the most important IT trend today? A: " The most important trend is what I would call the democratization of programming. The advent of the PC started the shift to empowering end users to retrieve, manipulate and extract knowledge from the data in IT systems. It is commonplace for users today to create their own ad-hoc reports, for instance, where once they would have to ask the IT department to do it. When it comes to the automation of business processes, however, we're just in the beginning stages.
 Jack Storey, VP, Chief Information Officer, Children's Healthcare of AtlantaQ: Are changes made for regulatory reasons hampering or enhancing your IT strategy? A: " Like most requirements in life, regulations are not always fun to implement. HIPAA regulations have impacted us most over the last three years. However, I think that HIPAA has enabled us to implement positive changes in our organization.
 Robin Crewe, Chief Technology Officer, ProperoQ: What do other C-level executives need to understand about IT? A: " IT is a support service. Like electricity, it is incredibly important. The organization may not be able to run its business without it. But it is not why the organization is in business. C-level executives should demand the same information about IT as they would for any other support service: How much does it cost? What do we get for that? How many applications do we use? Do we use all of these? Are our costs higher or lower than our competitors? Where does IT give us competitive advantage? You don't need to understand technology to understand the answers.
 Frank Modruson, CIO, AccentureQ: What is different about providing IT services to people who are themselves IT consultants? A: " Accenture's IT consultants are very knowledgeable about what is possible with IT, and our IT organization is challenged every day to perform our very best. We have to be an exemplary role model for what our consultants recommend to clients.
 Paul Roche, CIO, Network Services Co.Q: What is the most interesting IT project you are working on right now? A: " We're working on a full disaster recovery plan and firming up our current infrastructure. We started the process last summer in terms of planning and putting together our plan for the next year, three years and five years, and we began to talk about what the business will require.
 Dwain Kinghorn, CTO, AltirisQ: How does Altiris manage its own applications internally? A: " I head a program called 'Altiris @ Altiris' in which we practice what we preach by using our own products in house. We believe Software Virtualization Solution (SVS) will have a major impact on the way Altiris IT and our customers manage software by abstracting an application's file system from the operating system and other applications.
 Mark W. Pfefferman, Assistant Vice President & Director, Distributed Computing Services, Western & Southern Financial GroupQ: How do you handle corporate network security to thwart viruses, spammers, and other network threats? A: " We're a Fortune 500 financial services company. We cover everything from life insurance to annuities to investment products. We're entrusted with peoples' life savings and we take that extremely seriously. My job is to protect the infrastructure.
 John Wade, CIO, St. Luke's Health SystemQ: Which will play a bigger role in your IT strategy this year, HIPAA or Sarbanes-Oxley? A: " Ninety-nine percent of Sarbanes-Oxley does not apply to tax exempt organizations. However, we'll still focus on Sarbanes-Oxley for this year. We're trying to conduct ourselves as if we were for-profit because we think it's good business practice.
 Joe Luppino, Vice President and CIO, ManheimQ: How has the role of the CIO changed in your organization? A: " Today's CIO must spend as much time as the CEO thinking about where the company is headed in the future so that the right systems are in place to enable innovation and growth utilizing an enterprise portfolio management process. One of my favorite ways of looking ahead is to study developments in other industries and how they could be applied to our own business. We are a customer-centric organization so by studying the airlines to see how they are improving the customer experience, we started looking at how we could apply new features in our kiosks at our auto auctions to let our customers save time and be empowered through self-service. Looking at the wireless industry, we realized there is a big opportunity to give our customers PDAs to provide real-time data on thousands of cars as they come up for auction.
 John Connolly, CIO, Thames WaterQ: How does IT help your organization meet the challenge of ensuring a reliable water supply? A: " Almost every aspect of water supply is underpinned by an IT system of one sort or another, ranging from field dispatch to SCADA to customer information. Historically these systems have been implemented from a departmental perspective, for example, customer systems implemented separately from network management. While this has allowed each group to do its own job there has been little integration between business functions, which means that customers sometimes receive a less than seamless service and our internal business operations often struggle to get integrated performance information.
 John Fisher, CIO, SmithBucklinQ: How can a CIO best manage an outsourcing arrangement? A: " At SmithBucklin, we understand the future of most organizations depends on their ability to leverage technology in order to enhance, extend and personalize their members' experiences. Two elements critical to managing a successful outsourcing arrangement are, first, a clear understanding of the roles and responsibilities, and second, a mechanism for handling changes in those roles and responsibilities. For example, conflicts sometimes arise because the outsourcing party wants a set price, but is not always clear on the scope of service. Outsourcers want a defined scope in order to provide an accurate price and minimize overall costs. They also want the ability to adjust the price if the scope of the project changes. The one certainty in life is change, and creating a defined process in advance to handle change allows everyone to react appropriately when it occurs. "  Kevin Kern, CIO, Computer AssociatesQ: As CIO of a Fortune 1000 company, how do you approach alignment of IT with business objectives? A: " The Computer Associates IT organization partners with business stakeholders by actively participating in strategic planning sessions and key business decisions. As the complexity around IT increases and pressures to decrease spend continues to grow, CEOs are turning to CIOs to execute an IT strategy that supports the overall business goals.
 Bill Miller, CIO, Harris CorporationQ: As CIO of a global company, how do you approach alignment of IT with business objectives? A: " Business alignment never happens by accident, but is the result of a vetted strategy adapted to current business needs. IT alignment is also not a 'singular event' but the outcome of a persistent effort towards relationship-building with the executive management team. There are no shortcuts or recipes for achieving a true value-added mode of operation. In fact, true IT alignment sometimes requires course corrections on a weekly basis. Business leaders are most inclined to agree that IT is closely aligned with their needs and values if their own teams are expressing satisfaction with tools, processes, and services offered by the IT organization. "  Ken Auman, CIO, The HartfordQ: Can you give us a quick update of your multi-year transformation technology project you've embarked on in the eBusiness and Technology division? A: " The Hartford's eBusiness & Technology organization is in the midst of a major transformation to improve the efficiency and effectiveness in supporting our property and casualty business. Technology's role in supporting our strategic agenda continues to grow, as is the pressure to provide our services more cost effectively. To date, we have made great progress in improving the transparency of our IT spend and tracking key metrics. A more thoughtful governance model has improved the alignment of our IT spend with our strategic agenda. We have also engaged world-class partners to augment our internal capabilities, enable scale and support our desire for a variable cost structure. "  Michelle Gaines, CIO, Port of PortlandQ: What are the challenges of electronic document management in public agencies? A: " The challenge, which I think is probably true for any organization, is that as more and more goes into a digital form, how do you apply the laws or schedules that were written to be targeted at the paper form? How do you apply that? And as the technology continues to evolve, how does that change the definition? Typically, in most records retention rules, a voicemail message isn't considered something that would get retained in the same way that a document would. Voice over IP, if you have that in a digital form, does the fact that it's in a different medium change the way you would need to retain that? So those are some of the challenges -- keeping people informed, keeping pace with the regulation and the requirements that you need to comply with, and then overlaying how the technology and even how the information is stored -- how those all interrelate in keeping your practices updated. "  Tim Toews, CIO, Office DepotQ: How do the employees of your company use mobile IT services? A: " Any Office Depot associate who travels for business -- whether that is internationally or from building to building on our corporate campus -- has a wireless enabled laptop. We are wireless enabled on our campus so that employees have access to the Internet wherever they are. We also have software on our laptops to allow us to use public wireless networks available at hotels, Starbucks, or wherever else we may need access. We use Blackberries as well. We have found it is an effective way to communicate.
 Pat McNamee, Senior Vice President and CIO, Express ScriptsQ: Are changes made for regulatory reasons hampering or enhancing your IT strategy? A: " They both hamper and enhance our IT strategy. Sensible regulatory changes, such as HIPAA, that protect patient privacy, are imperative.
 Patrick O'Hare, CIO, Spectrum HealthQ: How does your organization make IT services available to more than 140 different service sites and 13,000 employees? A: " One of the things that we do is analyze the type of use taking place at a particular location, the intensity of use, type of applications. We then make a determination about type of connectivity that's needed, whether that is a fiber link or a telecom grade wireless point-to-point network or whether it's a remote location that can actually utilize dialup service. Based on that, we make a decision about the connection and what level of redundancy is needed at that location. From a health care perspective, we ask whether the location is a surgical center that needs images available in the operating room and disruption of service would be of greater consequence than a location where the main services are rehab and primarily documenting care and could tolerate a slight interruption or a warehouse that has more of a 9-to-5 function.
 Mark Settle, CIO, Arrow ElectronicsQ: What do other C-level executives need to understand about IT? A: " They need to know IT solutions can give them global visibility. IT is the key to globalization for any business. A lot of people think the first time they have an overseas office, they are a global company, but they don't have visibility across the board in terms of customers and processes. You need to create bridging processes across autonomous business units. The key to the global kingdom is IT, which leads to revenue generation and gives the C-level executives the competitive advantage. IT is the only way to get real time inventory logistics updates on global scale.
 John Hill, CTO, Siemens Business Services, a business unit of SiemensQ: Earlier this year, you announced Siemens would -- over the next three years -- centralize its IT infrastructure worldwide under Siemens Business Services. How is that going? A: " Siemens as a corporation worldwide has made a decision to outsource its infrastructure management to Siemens Business Services, the IT division of the firm. So far, we've done some piloting of the product with some divisions. We're refining definitions and the detailed design of these services. We're preparing for the continuing rollout of the program more intensively in the beginning of next year. We're in the middle of commercial due diligence to confirm the base line of what exists in the business units to come to an agreement on the scope of the transition.
 Richard Launius, Senior Director, Technology, Advertising and Publishing Group, BellSouth Advertising and PublishingQ: How does the IT department help improve efficiency for other departments through the use of technology? A: " We're totally replacing the entire selling system and marketing support systems. Your platforms need to be integrated. Our publishing system, our graphics system, and our pagination system are all moving to Web platforms. [Salespeople] can now pre-prep accounts more efficiently. They can do it quickly and easily in the system. They can make changes quickly, whereas in the old version, things like discounts take place outside the system.
 Gerald Shields, CIO, AflacQ: What impact have privacy initiatives had on IT efficiency in your organization? A: " I can answer that in two ways. Privacy initiatives have made me much more efficient and kept me out of jail and kept me employed. If we had not had privacy initiatives and projects, I would be in a lot more of a damage control and corrective mode. It's a cost avoidance type of thing. How much money does it save you by changing your oil in your car? You have to change it every 3,000 miles and pay $50 to do that. But, if you don't, the engine is going to overheat, the engine is going to fall out of the car, and you'll have to spend $5,000 for a new engine. Privacy initiatives are a lot like that. In every project I do now, I have to consider the privacy aspect. On the flip side, if I wasn't addressing the privacy aspect before undertaking a project, I would be addressing that in a reactive mode, in the middle of something else happening. We'd have to patch a hole, refund some money or do damage control. These are critical projects, critical initiatives that really stop you from having a catastrophe on your hands. "  Dan Drawbaugh, CIO, University of Pittsburgh Medical CenterQ: Which will play a bigger role in your IT strategy this year: HIPAA or Sarbanes-Oxley? A: " Sarbanes-Oxley definitely plays a much bigger role and a much more strategic role for the University of Pittsburgh Medical Center. That's where our focus is this year. UPMC is a non-profit organization [which exempts it from Sarbanes-Oxley requirements], but the board made a decision to voluntarily comply with SOX. We've set a target date of June 2006 for that compliance. While it's not required in the industry, UPMC believes we need to operate at the highest level. We expect to spend a little over $6 million to achieve SOX compliance and about 68,000 person hours in the initiative. The information services division will spend probably about $1.5 million of the total $6 million. It is definitely a strategy priority for the IT organization. "  Harold Schomaker, CIO, City of Largo, FloridaQ: What are the coming IT threats that you're preparing for right now? A: " The biggest risk I see is budget cuts, being in city government and being in Florida. I had to offer up a few products that potentially could have been cut [from the budget this year] that ultimately did not, but we have to have fallbacks when a project does get cut and figure out a way to achieve the same goals or function at a lower level of service. We're a Linux-based operation here. We have our firewalls, our 'demilitarized zones' -- which act as a buffer between the Internet and our internal network -- but we usually have no problems or big concerns with that kind of stuff. Virus threats have not been a problem for us. "  Austin A. Adams, Corporate CIO, JPMorgan Chase & Co.Q: Given last year's merger with Bank One, what is the most recent project you have completed in the area of data and systems integration? A: " Chase successfully completed its major systems conversion in Texas the weekend of September 16, upgrading the technology and opening the company's full network of 400 branches in the state. Continuing a successful year of technology and operations upgrades following the 2004 merger of JPMorgan Chase & Co. and Bank One, the Texas conversion is a key milestone because it allows the state's two million retail and commercial customers to use both heritage Chase and heritage Bank One branches. The conversion involved more than two million hours of programming and testing, more than one million hours of training for more than 11,000 customer-facing employees, the replacement of computers and other technology in 182 Chase branches with state-of-the-art equipment, and the conversion of more than 900,000 consumer and commercial deposit accounts onto a single deposit, customer and loan system. When the 400 branches and 850 ATMs in Texas are united under the Chase brand Oct. 10, the company will provide the state's largest customer base with the most convenience. "  Bob Hanson, CIO, Sarasota County GovernmentQ: Do you have a disaster recovery plan in place as Florida approaches another hurricane season? A: " Every storm and every hurricane season provides learning opportunities. All public sector organizations have so-called business continuity plans and continuity of governance plans that detail how we will respond during and after a storm event.
 David P. Burgess, CIO, Pennsylvania Department of StateQ: What are the coming IT threats that you're preparing for right now? A: " The security threats that we are meeting head-on are the same as most other organizations. We are concerned with both physical security as well as cyber security. In cyber security, we are continuing to improve our patch management process to ensure our servers and desktops are properly patched and up-to-date, while not vastly impacting our employee's productivity. We are participating with all other agencies within Pennsylvania on intrusion detection, making sure that we understand the doors into and out of our network. In the coming year, we will be upgrading our firewalls and continuing to map out our infrastructure as it grows to meet the increasing demand for Web-enabled applications. Security of our systems and our data is a great concern for us as we enhance our infrastructure or build new applications. Security is a part of the design from the start; it cannot be an afterthought. " |
CIO Channel Sponsor
This independent editorial program is brought to you by 
ADVERTISEMENT Research & MetricsPoll |
 |
|
