During the next two years, IT's greatest opportunity to significantly improve overall corporate operational performance will unfold from resolving the nine most contentious issues.

"Growing global economic instability is putting increasing pressure on IT departments to support crucial business goals," says Ken McGee, vice-president and Gartner Fellow. "At a time when there is little in the way of additional budget available, chief information officers (CIOs) need to know where and when to focus to best assist and improve organisational performance."
* Issue one: Business expectations for IT have outstripped IT's internal capability to deliver – In recent years, organisations have wanted their IT departments to increase their external focus on customers, new products and services, new geographies and business processes. Unfortunately, few CIOs have the staff with the skill sets to adequately meet these externally focused demands and there has been little remaining funding for additional hires. Gartner recommends that CIOs recognise the skills gap, refrain from solely hiring staff with IT backgrounds in the future and focus on identifying and delivering distinctive solutions for the business.
* Issue two: How to more rapidly modernise infrastructure and operations, and reduce costs – Infrastructure and Operations (I&O) leaders recognise that accelerating modernisation is the only way to deal with rapid increases in demand growth and the need to respond more rapidly to the business but must balance this against unrelenting pressure to reduce costs.  Gartner recommends emphasising modernisation projects that can be Oself-funding¹, that is, pay for themselves, which can often be achieved through I&O consolidation and virtualisation.
* Issue three: Business accountability for security and risk management – Security and risk management is not just an IT issue. It is essential that the IT risk manager, using effective communications skills, persuade the appropriate IT owners and line-of-business managers to accept explicit, written responsibility for residual risk impacting their systems and processes, on either a direct or a dotted-line basis. Risk managers should develop mechanisms for assignment and acceptance of residual risk and risk decisions – for example, signature forms, processes, and policies that address the requirement and execution of risk acceptance. The risk manager should also develop mechanisms to convey residual risk levels that remove reference to technology but still support good risk-based decisions at a business level that may result in the implementation of technical controls.
* Issue four: Lack of business intelligence sponsorship – Many IT leaders lament issues such as the lack of a business intelligence (BI) vision and strategy; and overall business sponsorship and ownership for BI.  Meanwhile, many business people believe there is little or no difficulty with BI as they continue using ad hoc methods to make business decisions. Gartner advises clients to use its "Business Intelligence and Performance Management Framework" model together with its "Four Worlds" model to build a more complete and integrated plan for BI initiatives and to yield greater returns from related business and IT investments.
* Isseu five: How do I get my vendor to deliver what I was promised? – Opportunities for dispute abound when it comes to sourcing contracts. While users bear a responsibility to be competent buyers of sourcing services, both sides need to be more flexible in laying out a range of conditions and options that should be addressed in the contract. Vendors have seen most conditions and could therefore alert users when they are about to demand an incomplete or wrong contractual term or condition.
* Issue six: "Turf" – Control and ownership-related friction that often exists between various IT groups and the corporate architecture group becomes especially notable when multiple IT groups maintain high-level planning functions. Gartner recommends focusing on three core IT management disciplines ­ Enterprise Architecture, Business Process Management and Service Management – to streamline different viewpoints and provide the architectural guidance required to build solutions.
* Issue seven: Should we modernise applications?  If so, when? – Many mission-critical, high-risk business functions continue to rely on code developed decades ago by programmers and vendors who have long since left the company. Business applications, which run on hardware and other infrastructure that is reaching or past obsolescence, must be migrated. Strong drivers for modernisation are offset by strong inhibitors, so the debate either rages on or is naively ignored.  The decision on when to modernise will be strongly influenced by shareholder interests and investor confidence. Some applications may need to be replaced, while renovation may be sufficient for others, but the complexity and magnitude of the task far exceed the ability to fund and manage such an effort with existing operating budgets and teams. A one-time restructuring-style budget set-aside will be necessary.
* Issue eight: To whom should business process professionals report? – Gartner recommends that business process experts be placed in a new "hybrid" organisation such as a business process competency centre that reports to a chief operating officer. In this scenario, the competency centre would be made up of relatively few employees but would be joined by the business domain experts, process experts and IT professionals for the duration of a project, only to return to their respective departments upon completion of the project.
* Issue nine: How much formal process is needed for programme and portfolio management? – Many believe that increased levels of process and oversight will lessen an organisation's agility to deliver projects. Those in favour of more formal process and oversight of project-related tasks take the position that such increased discipline will yield far-better results than experienced in the past. The future of Programme and Portfolio Management (PPM) will actually take a different route than either of the opposing sides. In the future, changes in a project will become normal, expected and accepted. Consequently, PPM methods will adopt smaller and smaller units of work to allow such project "midcourse corrections" to take place.
"IT leaders should use this time, before obtaining new post financial crisis direction from chief executive officers (CEOs), to resolve these issues," says McGee. "Resolving these issues will place IT leaders in a far better position to take on the challenges of the new future that lies ahead."