"Those who are skilled at executing a strategy," Sun Tzu wrote, "bend the strategies of others without conflict." This fundamental principle helps to explain why some CIOs are now having more success than others at executing strategy.

The IT department that once held a monopoly over its company's IT is gone, and with it the control-based, IT-centric strategy conceived for the mainframe era. Changes in the business environment have rendered such strategies un-executable.

With the advent of Web 2.0 and the bizarrely named "shadow IT," CIOs know that their span of control over IT decisions is more limited by the day. Instead, the executives, managers, staff and customers at their companies all have their own "de facto" strategies for exploiting IT. Faced with this challenge, CIOs are exploring their options, which include abandoning the idea of an IT strategy, sticking with the old way (but often only on paper) or forging a new generation of IT exploitation strategies.

Wrapped up in this decision is the ultimate destiny of the CIO role itself, which in some companies is becoming marginalised as a quasi-supplier of technology services and in others is disappearing altogether.

The CIO's strategic challenge now is to capture and channel the energy of individuals' personal strategies for exploiting IT. Backed by a corporate purpose to maximise total value, innovate, constrain overall cost and mitigate risk, effective CIOs must focus on, as Tzu might say, "bending" some of these personal strategies toward a better conclusion or - in the case of individuals who are pursuing goals not aligned with the company strategy - into a dead end. Many personal strategies can simply be encouraged, or strategically ignored.


Why IT strategy is no more

Two critical inflection points have directed us to where we are today. The first was the switch from dumb-terminal to client-server computing that started 20-odd years ago and went global with the Internet.

The second was the business executive's response to Y2K and the dotcom boom. Business people stopped believing the IT hype and techno-speak, suspecting that investments were being driven more by suppliers' strategies rather than their own. They took control of the IT agenda at the big-picture level and focussed on two things they understand very well - cost, and business innovation.

These two inflections put IT decision-making in the hands of non-technologists at both operational and strategic levels. Yet formal strategies for IT have largely remained the province of IT departments and vendors. Few non-IT executives and managers have defined their strategies for investing in and exploiting IT; such strategies are, therefore, de facto. CIOs can make a tactical choice to either let these de facto strategies be, to rely on an orthodox IT strategy or to take the initiative and lead a business-defined strategy for exploiting technology.

So far, CIOs' responses to this changing environment have been mixed. Some have continued with an orthodox IT strategy - although I've noticed that many do not stick to what they promise, thereby defaulting to a de facto strategy of their own. Others have abandoned having a strategy for IT, which is a reasonable proposition if the company is an expert consumer of IT and can bend the de facto strategies that its IT vendors and partners will attempt to impose.

Some CIOs (and I have been fortunate to work with a number of them) have taken the third approach. They are collaborating with their executive colleagues to formulate, ratify and execute a corporate strategy for exploiting IT. This is very different from the traditional IT-centric strategy that consists of tens or hundreds of pages of technically oriented diagrams and prose and can take months to develop. The business-defined strategy can be formulated in a few days and summarised on one page. It's easy for executives to understand, explore and remember, as well as apply to their everyday decisions.

A strategy for the future

This simple strategy has three sections: the strategic promise (the business outcome the strategy will achieve), key principles (fundamental truths that apply to every IT-related decision) and core tactics (the main things the company will do to execute the strategy, given the environment in which it must succeed).

Although each corporate strategy for exploiting IT is unique to the company it belongs to, all have some comparable features. Each is a bona fide corporate strategy, not that of a technology supplier or a group of technicians. With a promise to create maximum value from exploiting IT (not just deploying IT that enables value to be created), its first principle recognises that IT, on its own, creates no value. To have a standalone IT investment budget is therefore illogical, so a core tactic is to integrate IT investments with the business plans that need them and proactively manage the big picture.

Such a strategy focuses primarily on the community of technology users, who, far from being shadow technologists, are the "new IT." Whereas traditional IT strategies were mainly about the IT department and its suppliers, the new strategy focuses on the people who shape, source and exploit their company's IT investments. Calling those people "shadow IT" exposes a mindset that is dangerously at odds with today's reality and risks further marginalising the IT department from everyone else.

What will happen to the corporate CIO

Strategies for exploiting IT are already becoming integral to broader business strategies, and in this new context the value of having a corporate-level CIO needs to be discovered all over again. The role will adapt and evolve, potentially into something very different and even more valuable.

I was recently with a U.S.-based multinational company, helping it define its strategy for optimising the portfolio of businesses it has acquired over the past few years. The promise of this strategy - its value proposition - is to enhance bottom-line performance by better sharing common capabilities and without building a shared services monolith.

One dimension of this strategy concerns the company's processes, systems and technologies. To address this, it is adopting Web 2.0-style collaboration-based thinking (though not necessarily Web 2.0 technologies) to create a community of business unit CIOs who share and exploit their local technology investments for both business unit and corporate gain.

The company set out with the idea that it might need a corporate CIO, but everyone is struggling to see the value of having one. Instead, the solution it is now exploring is to have a global CTO responsible for technology services and reporting to the COO. In place of a corporate CIO it is looking to appoint a VP of investments in change, accountable for the total return the company gets from all the changes it invests its resources in, whether or not these changes involve technology.

Similar models are emerging elsewhere, as executives realise that their historic problems with IT investments are a symptom of fundamental problems within their culture when it comes to investing in change - problems that many CIOs do not appear motivated or qualified to resolve. For example, in the United Kingdom, two major retailers - the Alliance Boots pharmacy chain and the department store group House of Fraser - have recently axed their corporate-level CIOs. House of Fraser has split the role into two, separating "services" and "developments," while Alliance Boots has outsourced much of its IT delivery and decided it no longer needs a corporate-level IT function.

These are strong signals for CIOs to focus the strategic IT conversation on exploiting technology investments in the context of value-creating business change, and to keep the technology strategy both meaningful and simple. In this way, the CIO can emerge as her company's strategic investor in change, rather than become marginalised or obsolete - provided, of course, that CIOs today grasp and bend the golden opportunities that their increasingly technology-savvy colleagues and developments such as Web 2.0 offer.

Chris Potts is director of Dominic Barrow, a London-based consultancy specialising in corporate strategies for exploiting IT.