|Each morning Tom Sanzone, CIO of Citigroup's Global Corporate and Investment Banking Group, walks into his office, sits down with his assistant and gets a rundown of where the 15,000-20,000 development projects within his group stand.
After his initial consultation, he is prepared to start his day. Sanzone has never had an assistant like this before - one who can give him the exact status of each project, expenditure related to its original budget, and the level of customer satisfaction after each job is complete.
Since this assistant came on board in 2001, Sanzone has been able to decrease his budget by US $200 million. Contrary to what one would think, his trusted adviser is a sophisticated portal that helps manage the firm's many projects, as well as its 15,000 developers. And, at a cost of a small development team, it was well worth the price, Sanzone says.
Sanzone, who was the visionary behind the portal, named it Mystic, for My Systems and Technology Information Center. The goal of the system - used by both developers and tech and business managers - is performance improvement, knowledge sharing and standardization.
Performance was first noted using the colors of a traffic light - green, yellow and red. Projects coded in green meant the project was proceeding as planned. Yellow meant there could be a problem but further investigation was necessary, and red meant something was wrong.
"When we started out, we were probably 60 some-odd percent on time (with our projects). If you look at it now, it says we're around 80 percent," the Sanzone says. Using Mystic, Sanzone was able to cut the $200 million from his budget through better management of projects and people. This cost savings also came from the ability to share components throughout the global enterprise using Mystic's applications repository. Rather than constantly recreate the wheel, the system provides an index of applications that have already been developed, so they can be reused.
In addition, Mystic makes it possible for Sanzone's managers to manage larger portfolios, he says. Citigroup used to have one manager for every five developers, now that has changed to one manager to 10 developers, enabling managers to do more, notes John D'Onofrio, head of development engineering, who reports to Sanzone.
Now that the portal is proven, Citigroup is considering selling it to other institutions or companies that are looking for a system to monitor performance and standardize practices. "It's in the exploratory stage, we're just feeling it out," Sanzone says, declining to comment further on when a decision would be made or what the cost would be.
Sanzone credits the creation of Mystic to Citigroup's merger phase. The company needed a way to standardize all the different technology processes across the organizations that came together.
"Mystic was really envisioned after we had put a whole bunch of disparate tech organizations under one management," Sanzone says, adding that he was put in charge of the development organization for the new Citigroup in 2000. The concept was to standardize the development processes on a global scale. The goal was, for example, that Citigroup in Asia would have the same processes as Citigroup in New York.
He adds, "Given that these (development groups) came from different companies, we didn't have any consistent processes of any size around the globe. We had 50 different flavors at that point and therefore one of the goals was to have predictability in performance."
Mystic - How it Works
The portal has five components:
- performance management
- portfolio management
- asset management
- knowledge management
- process management
The newest module, which is being beta tested, is risk management.
Performance management helps business or technology managers monitor the performance of their team or department. It helps Sanzone manage the performance of his 15,000 developers worldwide. It monitors their productivity and tracks the financials and quality of the development work using performance metrics. Each project is measured to determine whether it is meeting its original specs of time and budget.
Sanzone notes that the system has been through a few iterations. "We came out of the gate with a traffic-light scenario ... That module was implemented quickly and people were taken aback." He explains that while red would indicate something was wrong, it wasn't always the case. For example, a developer could have a project that was late due to an external factor. Because the project's end date slipped compared to the original date, it would have been coded red.
As a result, Citigroup moved to a green and yellow color-coded system. Yellow means it needs to be looked into, but it doesn't necessarily mean a project has veered off track, Sanzone says.
"The manager's and the developer's job is to look at the yellows and say, 'If it's a problem, fix it,'" Sanzone says. The performance-measurement component is Sanzone's homepage. "So, yes, I definitely come in and take a look at this right away. People have gotten very used to me calling them up after seeing a yellow light."
Although Sanzone has access to everyone's performance, a manager who has a development group of 20 would only have access to his or her team's projects. Each developer has access to their metrics, their team's metrics and their manager's metrics, he notes. This allows everyone to know where they stand compared to their peers.
The second component, portfolio management, works with the performance-measurement component by sending alerts to managers with status reports on their many projects.
Creating this type of system in-house is a huge investment - not specifically around technology development but process implementation, notes Robert Hegarty, vice president of TowerGroup's Securities and Investment Practice, who points to Fidelity as another company that has put a PPM in place. "It's tough to swallow for some firms. The reason we're seeing some of it now is because a lot of CIOs put their reputations on the line by saying, 'I can save you X, but we need to put up Y to get there.'" He adds, "It depends on whether or not the CIO is a risk taker, because they're putting their careers on the line."
Another core component is the asset management module, which offers a database of the applications and components that exist throughout the enterprise. If, for example, a specific application is being upgraded, a query could be done across the enterprise to find out where it is being used. As a result, the application can be upgraded or replaced on an enterprise-wide basis.
Augmenting this is the knowledge management module, which provides a collection of tools and reference centers for developers, allowing them to share critical information across the organization. For example, if a developer in Asia was having trouble with a standard or application, the person could query the knowledge center. This would produce a report detailing which other Citigroup developers had created similar components. As a result, the developer placing the query may decide to use the existing component or call its creator for assistance.
"This is not uncommon for large conglomerates to have," says Hegarty. "They often have a way to inventory projects, which can save them money." However, he notes that the trick is being able to implement a process that people will use.
The fifth component is process management. This provides what Citigroup calls a "lifecycle for development" - in other words, the steps that must be taken to turn a project from theory into reality. This is where standardizing the project-development methodologies comes into play, which is important when trying to comply with US Office of the Comptroller of the Currency regulations for development, Sanzone says.
In a way, standardizing the process is similar to the Capability Maturity Model (CMM) certifications that many organizations are considering moving toward. However, Sanzone says, "We're going along our own path of maturity and practices. Are we formally following CMM? No. But we are consistently trying to improve our practices."
The newest component, being rolled out in 2004, is called risk management. It was designed to monitor and track the performance of applications, while highlighting areas of concern. This component can help a manager assess his/her inventory and the costs associated with running certain technology. For example, it monitors the maintenance costs of running systems, so if maintenance is excessive on an older system, it might make Sanzone consider scrapping it for a more efficient one.
In addition, what Sanzone calls the "proactive" risk management tool monitors systems' performance and will alert a manager to inefficiencies. The system tracks performance so a manager can react and fix the problem before it even occurs.
(An extract of an article by Kerry Massaro which originally appeared in Wall Street & Technology, January 2004. Copyright 2004 CMP Media LLC).