Trends in IT 2007/2008

AU G U S T 2 0 0 7
Introduction

Each year The Standish Group determines the Top 10 trends/

issues for CIOs. We start with calls to CIOs and IT executives
to compile a list of possible subjects. We then execute our
monthly Demand Assessment Requirements Tracking Studies
(DARTS). We review the DARTS results and further consider
our list. We make some more calls and then we brainstorm.
Finally, as we do with all Standish research, we then form
our educated opinion. The end result is this report, Trends in
IT 2007/2008.

The research unveiled in this report is based on our DARTS

surveys and other research instruments. All DARTS par-
ticipants must satisfy a qualification process and join our
Standish User Research Forum (SURF). All data and informa- Trend 1: Security
tion in this report should be considered Standish opinion,
Trend 2: Readiness
and the reader bears all risk in the use of this opinion.
Trend 3: Investment
The first trend IT organizations and CIOs are facing is Trend 4: Compliance
security – protecting the corporation against danger or loss. Trend 5: Project Management Leadership
Trend two is readiness – ensuring that the corporate computing
Trend 6: Service Delivery
assets are available, and preparations are in place in case
of disaster. Trend three is investment – making use of the IT Trend 7: Optimization
budget in ways that are most beneficial to the business. Trend 8: Standard Infrastructure
Trend 9: Service Oriented Architecture (SOA)
The fourth trend is compliance – meeting government or
Trend 10: Green Computing
industry-mandated regulations, whether they are vertical
or horizontal initiatives. Trend five is project management
leadership – guarding against CHAOS. Trend six is service A trend is a general direction or movement to
delivery – finding the best ways to deliver services to the new technologies, standards methodologies,
customer, which may mean augmenting in-house staff with processes, and/or performance. Trends result
outside resources. from one or more drivers. A “driver,” the way
Standish defines it, could be a government
mandate, market-driven events, business fads, a
Trend seven is optimization (the Holy Grail of IT) - ensuring new discovery, or vendor-led initiatives.
that the whole organization functions at its highest level of
service and productivity. Trend eight is standard infrastructure
The Trends in IT 2007/2008 report is based on the
– driving faster delivery of services through standard com-
DARTS (Demand Assessment Requirements Tracking
ponents. This leads right into trend nine, service-oriented
Studies) and other research instruments. All DARTS
architecture (SOA) -- loosely coupling software components
participants must satisfy a qualification process and
to avoid dependencies on underlying technology platforms.
join our Standish User Research Forum (SURF). All
Trend 10 is green computing – reaching a higher level of data and information in this report should be
social consciousness and responsibility to the environment. considered Standish opinion and the reader bears all
risk in the use of this opinion.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 1: Security

The Trends in IT 2007/2008

“There is no security on this earth, there is only opportunity.”
~ General Douglas MacArthur

IT assets are critical to business success and they must be secured.

Assets can be physical, such as servers, PCs, and storage subsys-
tems, or intellectual property, such as customer information, pat-
ents, formulations, etc. Intellectual property is, of course, much
more essential than the physical assets.

One of the major security drivers is the need to maintain criti-

cal information electronically, often in multiple physical locations.
Another driver is the need to secure information that commonly
moves across networks via e-mail, backups, transactions, and other
interactions, thus complicating security. In implementing a security
policy, organizations must first prioritize the assets’ required secu-
rity level. They must also determine the current risk exposure for
high-priority assets. Then, solutions and processes that reduce the
risk should be implemented. The process can be very complex as
organizations commonly deploy hundreds of assets.

About one-third of companies this year plan to increase their invest-

ment in security-related services and technologies. The Standish Percent of Security Services Performed By…
Group’s latest research shows the biggest area of spending is on
skills, where 59% will spend heavily to moderately. Services come Internal Personnel 81%
in at a close second (58%). Fifty-six percent of companies plan to External Service Provider 17%

AUGUST 2007
Software as a Service (SaaS) Provider 2%
spend heavily to moderately on security-related software, and 43%
plan to invest similarly in hardware.

The latest figures on skills spending make sense when we take

into account our further findings showing that most security
Less than 10% to 26% to Over
services are performed by internal personnel (81%). These fig- None
10% 25% 50% 50%
ures additionally coincide with an industry-wide trend toward
Domestic 49% 21% 16% 12% 2%
skills improvement across several technology areas.
International 84% 7% 6% 4% 0%
Despite the focus on internal staff with respect to security, the
outsourcing trend has also affected the security environment
Last year’s research results found that 57% of companies out- Percent of Security Activity Being Outsourced Domestic
sourced at least some of their security activity (an average 7% of = within your country
security activity). This year that number has increased to 68%, with International = Outside your country
the average service usage per company at around 12% of security
activity. For those companies that do outsource a portion of their
security services, domestic offerings are favored at a ratio of 3:1
over international services. Although these two charts may seem contradictory,
they are in actuality very supportive of each other.
While 81% of security services are performed by
Standish Definition internal personal, more than 50% of the organiza-
tions outsource some aspect of security. However,
of the 75% of the firms that outsource some secu-
“Security” is the condition of being protected against dan-
rity services, more than 75% of that activity is done
ger or loss. This means IT assets that are critical to business internally. This is in part due to internal corporate
success, both physical and intellectual property, must be IT staffs handling most of the applications security,
secured. In the general sense, security is a concept similar while a high degree of WAN management, intrusion
to safety. IT is generally responsible for preventing breach- detection and firewall security is being outsourced,
es of computer security. particularly by those organizations that have many
global locations.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 2: Readiness

The Trends in IT 2007/2008

“Doubt is not a pleasant condition, but certainty is absurd.”
~ Voltaire

The most challenging transformation taking place during the last

few years is the movement to uninterrupted business operations. A
large part of the burden in making readiness possible falls on the
shoulders of the IT organization. Today’s IT organizations are look-
ing to be more fault-preventive and agile in their responses to prob-
lems. Uninterrupted operations means that the organization must
always be in a state of readiness in order to deal with a network,
application, or infrastructure failure, or a natural or man-made di-
saster. Most organizations have implemented some level of disaster
recovery and high availability for one or more critical applications.
The current challenge is to act with an enterprise view.

A readiness program is based on a comprehensive approach. When

fully implemented, a readiness program covers systems, people,
processes, applications, data, and interdependencies.

Standish Group research tells us that most IT executives feel fairly

confident about their organization’s ability to maintain critical sys-
tems for high availability and disaster recovery. Twenty percent of
companies categorize themselves as “highly skilled” in this regard,
with another 73% considering themselves as skilled to moderately Who Offers the Highest Availability?
skilled.
Internal Operations 55%
Given this, it’s not surprising that 55% of IT executives surveyed Software as a Service (SaaS) Provider 26%

AUGUST 2007
rate internal operations as offering the highest level of application External Service Provider 13%
availability. We do find, however, that 26% of companies rate Soft- Other 5%
ware as a Service (SaaS) providers as offering a
higher level of readiness, and 13% give external
service providers the crown.

When it comes to disaster, the answers were not

quite as certain. Over half of our respondents
indicted their IT organization is not ready to
somewhat ready to deal with incidents of disas-
ter. Numbers are slightly better when it comes to
specifics such as networks.

In focus groups we often find that for many busi-

ness executives, disaster considerations only
become a priority once a catastrophe has oc-
curred. And at that point, there is typically much
head scratching and amazement at how they were not better pre-
pared. Like life insurance, it’s something many would rather not
think about, hoping that death, or in this case information disaster,
never occurs.
Standish Definition
“Readiness” programs are based on a comprehensive ap-
proach to uninterrupted operations and “never having to
never say you’re sorry.” When fully implemented, the pro-
gram covers systems, people, processes, applications, data,
and interdependencies (such as vendors). It is enterprise-
wide, including not only IT, but also business operations.
A readiness program should cover natural disasters, man-
made disasters, and run-of-the-mill mishaps and mischief.
Readiness in Case of Disaster
With all the money and effort going into disaster
recovery and business continuity planning, you
would think that our SURF members would rate
themselves highly, but only 7% said their IT or-
ganization is extremely ready for a disaster, while
56% said they are not ready to somewhat ready.
Couple that with the 45% who think that someone
else can provide greater availability. We saw the
most dramatic increase in general disaster recovery
numbers in 2002/2003. These numbers are steadily
increasing each year, but the increase is slower
than expected as we move away from the impact
of 9/11.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 3: Investments

The Trends in IT 2007/2008

“You create your opportunities by asking for them.”
~ Patty Hansen

Currently the vast majority of IT money is going toward maintaining

the status quo or legacy systems. This leaves little money to radically
change the business of IT. The drivers that will change this are com-
modity hardware, open source software, and enterprise licenses. It is
certain that for the next few years we will see greater virtualization,
consolidation, and centralization. Further savings will come from
service consolidation and elimination of marginal services. This will
free up money for more projects and stakeholder education. How-
ever, more focus will be put on the total cost of ownership (TCO),
return on investment (ROI), and risk to justify investments.

In Maxims for Revolutionists, George Bernard Shaw says of reason:

“The reasonable man adapts himself to the World; the unreasonable
one persists in trying to adapt the World to himself. Therefore all
progress depends on the unreasonable man.”

When budgets are tight it’s all too easy to get sucked into the as- Have you centralized and restructured your internal IT
sumption that whatever the project may be, it will be faced with an infrastructure to pool resources so you can offer on-
immediate “no.” Yet if the story is good and the return is clear, the demand capacity for important applications?
funds may just materialize. Standish research shows that if a new
Yes, and I am glad we did 28%
project shows a good ROI, 68% of respondents find they can get
Yes, and I am sorry we did 7%
new funds to support it, 21% can divert funds from other projects

to support it, and 2% will cancel other projects to make it happen.
Prioritization is not just a buzzword; it’s the new mindset of those in
charge of IT investment dollars.
AUGUST 2007
No, but we plan to in the future 22%
No plans 43%

If prioritization is the key to getting software projects approved, re-

structuring is the key to increasing capacity. Companies are realizing
that the easy solution (throwing more hardware at the problem) is
not always the best and certainly not always the most cost-effec-
tive way to handle resource needs. Centralizing and restructuring
internal IT infrastructures can allow for on-demand capacity for vital
applications. Likewise on-demand grid services can offer relief for
intermittent processing peaks. Have you ever used an on-demand grid (such as Sun’s
or IBM’s) to provide resources for a temporary peak in
processing?
Doing more with less and prioritization are essential elements of
strong IT investment management going forward. Yes, and I am satisfied with the service 15%
Yes, and I am not satisfied with the service 8%
No, but we plan to in the future 16%
Standish Definition No plans 61%

“Investments,” in the context of IT, are the actions of putting
resources into solutions to enrich the organization through
increased services. IT investment is one of the fundamental
decisions of IT management, and it drives most of all other
decisions throughout the IT organization. IT is more and
more focused on the TCO, ROI, and risk to justify invest-
ments versus technology capability.
Thirty-five percent of organizations centralized and
restructured their internal IT infrastructure to pool
resources to offer on-demand capacity for important
applications. Eighty percent of these organizations
that centralized and restructured their internal IT in-
frastructure to pool resources are satisfied with the
outcome. The other 20% are sorry they did. On the
other hand, only 65% of organizations that use an
on-demand grid provider are satisfied. When digging
deeper into these results, the majority of the 35% that
are not satisfied have issues with costs for on-demand
capacity and the training of staff to partition work-
loads appropriately.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 4: Compliance

The Trends in IT 2007/2008

“...with love and sweet compliance, which declare unfeigned
union of mind...” ~ John Milton quotes

While the overarching driver for compliance is government mandates,

there are others as well. Standards compliance may be fueled by the
company’s desire to work with government agencies, which either re-
quire, or look more favorably at, compliant companies. It can also be
a credibility positioning tool when competing for funding.

Certainly the American Institute of Certified Public Accountants

(AICPA) needs to improve its damaged credibility through tough en-
forcement of compliance rules, leaving little to no wiggle room. And
software vendors are adding more and more features to help firms
become compliant with various regulations. Many firms have found
advantages in complying with new rules, such as improved processes
and accountability. This has spread to other firms voluntarily adopting
compliance standards. Start-up firms, for example, are looking to be
compliant from inception so they do not have to go back and restruc-
ture the organization to meet new rules.
Has your IT organization taken the lead in implementing
Given that most data is managed electronically, IT is often a driving IT services to meet Sarbanes-Oxley compliance?

force toward ensuring that compliance measures are in place. Still, Yes, fully 25%
for those IT departments struggling to be recognized as a key as- Yes, with help from finance 46%
set to business, compliance projects are often viewed grudgingly as No, finance is taking the lead 29%

AUGUST 2007
something that “must” be done. It’s true that compliance projects may
not be an exciting way to show the value of IT, compared with a new
business service that increases competitiveness. However, compli-
ance projects can be used to show how vital IT is to the corporation
through the many ways financial data retention, collection, integrity,
security, and authentication can be automated.

Compliance projects sometimes also offer a chance to update aging

computer systems (such as the case with Y2K), or to procure addition-
al storage and/or server space (often needed for Sarbanes-Oxley).
In 2004, Standish research found that only 22% of those organiza-
tions required to be SOX compliance were compliant. That figure is How much additional storage are you using or will you
require for meeting Sarbanes-Oxley compliance?
now up to two-thirds and should by close to 85% by the end of the
year. Eleven percent of those organizations know they will not pass Zero 21%
certification. Under 10% 52%
10% to 25% 24%
Over 25% 3%
Standish Definition

“Compliance” generally means federally regulated compli-
ance to government mandated regulations such the Sar-
banes-Oxley (SOX) Act or the Health Insurance Portability
and Accountability Act (HIPAA). IT is then responsible for
building systems to ensure that employees and other peo-
ple or organizations comply with the current relevant laws
and regulations. There are typically other compliance needs
for organizations as well, such as state, local, and industry
rules and regulations.
The top chart shows that in 71% of the organizations,
IT will be leading or co-leading the effort to
implement and maintain compliance. Certainly IT is in
the best position within most organizations to provide
this leadership. Twenty-nine percent of the organizations
claim finance will lead. This is like having the “fox”
guard the “hen house.” IT is in the best position to be
the guardian of financial information, which is what
SOX is all about. The IT organization holds the keys to
process change, application and network security, and
financial transactions.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 5: Project Management Leadership

The Trends in IT 2007/2008

“The key to being a good manager is keeping the people who
hate me away from those who are still undecided.”
~ Casey Stengel

The main driver for project management leadership comes from

project failure. This has caused more and more organizations to re-
quire Project Management Institute (PMI) certification to manage
projects. Project Management Offices (PMOs) are becoming more
the norm than the exception. There is a growing conflict between
PM processes and agile processes, however. These trends will con-
verge around a process to manage agile projects. The big PM trend
over the next few years will be the education of the non-PM people
within an organization to understand the role of the project manager
and to improve the overall project management ecosystem and man-
agement of project portfolios.

Standish Group research tells us that 84% of project management

services are performed using internal personnel. Organizations often
may struggle to train and then retain effective PMs. The most com-
mon troubles are in the areas of team building, detailed tracking,
and interpersonal communications. Areas that cause the most pain
have to do with thorough leadership, project ownership, and PMI Optimal number of simultaneous projects that one
certification. project manager can handle:

With the drive toward more agile methods of project management, Under 3 48%
3 to 6 45%
those organizations that are moving in this direction face the addi-
Over 6 7%
tional problem of retraining experienced PMs toward a more flexible

AUGUST 2007
and less structured approach then they may be
used to. A wise person once said, “Weeks of pro-
gramming can save hours of planning.” Being ag-
ile doesn’t mean throwing out all the hard lessons
learned about proper planning and the rewards of
sound project management principles, but it does
mean applying them in different ways.

We know from our CHAOS research that

sometimes a really good project manager can save
even a really bad project. The number of com-
panies requiring PMI certification or the equiva-
lent has steadily been on the rise in recent years.
Standish DARTS data shows us that while in 2004
only 16% required such certification, in 2006 that
number had risen to 29%!

Percent of companies requiring PMs to have PMI

Standish Definition certification or equivalent.

“Project management leadership” goes well beyond the

basic project management skills as outlined in the PMI’s
PMBOK. The entry fee for project management leader-
ship is qualified PMPs (Project Management Professional).
Organizations that want to be leaders in the profession of
project management invest corporate resources in educa-
tion, training, research, and development. Project manage-
ment leadership advances the profession and creates an
environment where such expertise is recognized, valued,
and rewarded. Project management leadership requires the
knowledge to communicate bad news along with good,
and the sense to know when a project should be killed.
Our respondents were almost evenly split regard-
ing the number of projects a project manager can
support: 48% said fewer than three, while the rest
said three or more. Correlation of this data shows
that those who said fewer than three tend to have
larger projects and more failures and overruns. Those
who said over six have very small projects and enjoy
greater success. We also find that those firms that re-
quire PMP certification have a 12% greater success
rate. However, even a great PM can fail without ex-
ecutive sponsorship and backing, proper resources,
and good user participation.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 6: Service Delivery

The Trends in IT 2007/2008

“A man cannot be comfortable without his own approval.”
~ Mark Twain

The options for delivery keep expanding. If you live in San Jose,
you might think the only method is SaaS, but there is much more.
However, when we asked SURF members “What percent of your
strategic business applications are managed by an SaaS provider?”
The response in 2006 was 8%, but in 2007 it when down to 6%.
Internal services are the preferred method for most organizations,
but most of these organizations do hire out some portion of their
IT services.

Many have contractors who write code. Others have consultants

who do requirements or specialized implementations. And still
growing rapidly are Third World outsourcing organizations in In-
dia, China, and Eastern Europe. Basically, no one does it alone any
longer. Rather, the question is, just how much do you hire out ver-
sus do yourself? This trend is a seesaw; and our upcoming in-depth
report on service delivery covers this phenomenon at length.

Using our latest research findings, The Standish Group estimates
that, on average, 12% of an IT budget is spent on outsourcing
domestically and another 5% on outsourcing internationally. The
money is being spent, on average, to outsource 11% of overall
Percent of your staff reduced due to outsourcing:
None 47%
Less than 10% 37%

AUGUST 2007
10% to 25% 12%
IT activity to domestic resources and another 6% to international Over 25% 5%
resources.

Limitations in resources, funds, skills, and time all drive compa-

nies to seek the unlimited availability of outsource services avail-
able in the market today. When companies face the choice of hir-
ing and training new staff or diverting existing overworked staff, or
sending work outside the company to be done on their behalf, the
attraction is clear. Still, outsourcing is not a panacea.

Domestically, issues regarding project management style differ-

ences, requirements and design communication, and cultural
barriers can all come into play. When working with international
resources these issues can be compounded by language barriers,
security concerns, and quality control. Organizations must care-
fully weight the risks versus rewards, have a clear plan for concise
communication and, of course, realize that some trial and error
can make all the difference.
Standish Definition
Percent of savings from overall IT budget by using
outsourcing:
None 27%
Less than 10% 36%
10% to 20% 30%
Over 20% 6%

“Service Delivery” is the use of different delivery meth-

ods from various organizations bundled into relevant
groups for the convenience of customers and stakehold-
ers. These methods may be internal services, SaaS, out-
sourcing, contracting, and consulting. Services may be
performed in a combination of different methods or a
single delivery method.
Fifty-four percent of organizations that outsourced
saw some reduction in headcount. However, for
69% of these organizations it was less than 10%.
Overall the IT budget faired much better, with 73%
of organizations saving money through outsourcing.
Further, 50% of the organizations have a greater
than 10% savings over the entire IT budget.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 7: Optimization

The Trends in IT 2007/2008

“He who will not economize will have to agonize.”
~ Confucius

The goal is to provide the best value for the highest level of service
and function. IT optimization comprises procedures used to make
these systems, applications, processes, and people as effective and
functional as possible, at the best possible value, with the least pos-
sible risk. Optimization combines maximizing service-level agree-
ments (SLAs) and generally increasing the value of IT. Today, IT or-
ganizations are trying to optimize their server utilization through
virtualization, using specialized services, and taking a hard look at
project requirements. In our June research report, Trends in Optimi-
zation, we identified 10 drivers in the optimization process.

A complete overall optimization approach may comprise several dif-

ferent methods, and brings with it a mindset to view opportunities
across the breadth of IT. This may include server and application
consolidation, the reduction of underutilized resources, project pri-
oritization, and the use of outside resources.

The number of servers, databases, applications, and networks that

IT organizations deploy has been growing. Further, application What percent of your budget has increased to deploy
complex¬ity has increased with parallel, multitier, and heteroge- optimization tools?

neous platform implementations. Moreover, organizations are ex-

Under 10% 50%
pected to deliver more, with decreased budgets. As a result, more

AUGUST 2007
10% to 15% 13%
and more applica¬tions experience degraded performance on a Over 15% 10%
regular basis. No Increase 27%

The consequences of performance problems can vary. In general,

when application performance degrades, employee productivity
and/or customer satisfaction suffer, affecting the bottom line. Further,
when performance is poorly managed, organizations are not well
po¬sitioned to deal with rising demand (volume). Therefore, per-
formance management is important for improving system resource
efficiencies, maintaining quality of service (QoS), meeting SLAs, and
aligning resources with business priorities.

Companies are realizing that fostering a mindset toward optimiza-

tion often requires a bit of encouragement. In 2006 Standish research
found that 10% of companies tied staff performance evaluations and
salary increases to the continual optimization of applications and
infrastructure. In 2007 this number rose just to 26%.
Standish Definition
“Optimization” is a complete approach that, when fully
implemented, covers systems, people, processes, appli-
cations, and data – in other words, the whole IT organiza-
tion. IT optimization comprises procedures used to make
systems, applications, processes, and people as effective
and functional as possible, at the best possible value with
the least possible risk.
What percent of your budget has or will decrease by
deploying optimization tools?
Under 10% 30%
10% to 15% 11%
Over 15% 7%
No Decrease 52%
Considering these numbers, we estimate that it is
costing organizations 5% of their budgets to deploy
optimization tools, while they are only saving 3%.
This equates to a negative 2%. Optimization tools
and their uses will need to improve quickly for this
trend to continue. If there is no improvement, IT
budgets will begin to suffer as organizations pur-
chase and implement more of these tools.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 8: Standard Infrastructure

The Trends in IT 2007/2008

“The true mystery of the world is the visible, not the invisible.”
~ Oscar Wilde

Here the standardization process is around more commoditiza-

tion and enterprise software licenses. Drivers in this trend include
new applications, application migration, application consolidation,
and technology leadership. There is a big push to adopt more open
source software and reduce the number of vendors. Voice over IP
(VoIP) can help consolidate and lower the cost of communications
while further reducing the number of vendors. Then there are the big
three: virtualization, consolidation, and centralization. More and
more organizations are looking to decrease the operating costs and
staff supporting the infrastructure. However, the largest benefit to a
standard infrastructure is the reduction in project effort and the abil-
ity to do micro projects and adopt SOAs.

The move toward a standard infrastructure is by no means new. The

Standish Group has been touting the benefits of this approach for
many years. Cost, time, and resource savings are all driving forc-
es toward standardization, as is decreased risk. When it comes to
software, the problem for many companies is that with the industry
“standards” changing all the time IT executives can feel like grey-
hounds chasing the tasty looking white rabbit. Standard Software Infrastructure

Highly Skilled 19%

Open up the covers of many of the “new” standards approaches,

AUGUST 2007
Skilled 42%
however, and the contents may look very familiar. You can change Moderately Skilled 24%
the name, and put a fancy collar and a hat on the rabbit, but the Poorly Skilled 14%
rabbit is still a rabbit underneath it all. Most of today’s products mar-
keted as SOA servers are built on the standard middleware products
of yesteryear. Those organizations that went through the process of
building up a standard software infrastructure years ago can there-
fore more easily adapt to new standards-based products as they ar-
rive to appreciate new benefits.

Building on top of a standard infrastructure with open source com-

ponents and taking advantage of outsourcing makes the process of
delivering new applications faster and less painful than ever before.
Doing less really is more.

The latest Standish Group research indicates that, on average, 18%

of software, including server applications and infrastructure, desktop
applications and infrastructure, and networks and database infra-
structure, will be open source by the end of 2007. This shows a 2%
increase over the previous year and indicates a rising trend.
Standish Definition
Open Source Focus
Highly Skilled 2%
Skilled 23%
Moderately Skilled 36%
Poorly Skilled 39%

“Standard infrastructure” means having the same set

of IT components throughout the organization. You
may have multiple sets of different types of activities,
but they are generally vertically specified. The verti-
cally specified components will include such prod-
ucts as server platform, database, and middleware.
There are also horizontal standard infrastructure
components such as management systems, storage
solutions, and network appliances.
The top chart shows the SURF members response
to the question “How would you rate your organi-
zation’s ability to maintain a standard software infra-
structure?” The bottom chart shows the response to
“How would you rate your organization’s ability to
focus on maintaining open source standards?”

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 9: Service-Oriented Architecture (SOA)

The Trends in IT 2007/2008

“We are what we repeatedly do.”
~ Aristotle

IT is under enormous pressure to deliver business solutions faster

and faster. That, in a nutshell, is the main driver for SOA. Not having
to create and recreate the same code over and over again speeds up
delivery. The other driver is the ability to take advantage of the exist-
ing applications and services that traditionally have been stovepiped
by cutting across these applications and services through the use of
SOA. SOA is all about velocity. Many vendors, including BEA, HP,
IBM, Oracle, and Sun, are pushing SOA to sell more software, hard-
ware, and professional services.

Ask 10 IT users what the definition of SOA is and you are likely to get
10 different answers. Ask 10 industry vendors what the definition of
SOA is and you might get twice that many answers. One thing that
we can all agree upon (we think) is that SOA is an architecture that
supports the invocation of services through automated logic. Like
all good software infrastructure designs, the goal is a loose coupling
of logic to avoid dependencies on underlying technology platform
variances. SOA Savings 2007

In general terms, the SOA design model is about creating applica-
tions through combining services. Services know how to interoper-
ate with each other through the use of an interface definition lan-
No Savings – more expensive 12%
Savings under 10% 51%
Savings from 11% to 30% 32%

AUGUST 2007
Savings over 30% 5%
guage (like WSDL) that is independent of development platforms,
standards, or language specifics.

Being a good software infrastructure design approach, SOA promotes

reuse through a high level of abstraction. Business requirements can
be met by combining services without the need to know (or care)
about what technology is underneath. If that sounds eerily famil-
iar, it should. Many modern infrastructure design models had/have
similar goals. DNA, CORBA, .NET, and EJB all promised many of the
same benefits, which they all can deliver. SOA, however, is one layer
higher of abstraction – in an SOA model a .NET application and an
EJB application can join together as web services. Imagine service
invocation across companies for chain management without secu-
rity concerns; imagine merged companies being able to share ap-
SOA Savings 2006
plications written to different infrastructure standards through web
services, etc. The rabbit just got a fancy gold chain around its neck. No Savings – more expensive 23%
Savings under 10% 34%
Savings from 11% to 30% 36%
Standish Definition Savings over 30% 7%

“SOA” is a business strategy to achieve business agility

through the ability to recognize, precisely document,
store, categorize, discover, and increase the efficiency
According to DARTS, only 6% of organizations im-
of the organization’s business processes. SOA depends
plement SOA for operational cost savings. The major
on business process management and modeling. SOA
motivation is either an integration solution for dispa-
is not a technology, it is not a service bus, it is not the
rate applications or an increased responsiveness to
new “object technology” – though software can help
business requirements. A little less than 20% said it
implement the strategy. Done right, SOA can achieve
was for faster development. However, looking at the
efficiencies both within organizations and across enter-
data from 2006 and 2007, we see a marked increase
prise lines.
in organizations claiming a savings.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 Trend 10: Going Green

The Trends in IT 2007/2008

“It’s not enough that we do our best; sometimes we have to do
what’s required.” ~ Sir Winston Churchill
Reducing power consumption is high on the list of concerns for IT ex-
ecutives. Right now it is more of a budget issue than an environmental
one, but to quote former United States Secretary of the Interior Bruce
Babbitt, “We’ve proven that you can protect the environment, use it
wisely, and grow the economy, and that there is no conflict between
the two.” Very few CIOs today have “going green” as a top priority,
but we think this will change as both economics and saving the planet
converge. Look for more and more IT organizations to have a formal
green plan for using fewer resources and to recycle more.

Living green and computing may not seem synonymous, but the evo-
lution toward greener computing is here. Enviro-computing is about
using computing resources more efficiently and, when feasible, mak-
ing use of more environmentally friendly products. Leading technol-
ogy vendors such as IBM and HP already have green initiatives and
policies in place and are now expanding them. Major vendors are
offering credits on new purchases when trading in old equipment,
and new boutique “green” vendors are starting to sprout up offering
refurbished pre-owned (read as recycled) products.

Standish research shows that for a typical corporation, commodity
hardware products such as laptops, desktops, printers, servers, etc.,
have a shelf life of about three years (and less). This high turnover of
equipment results in countless tons of hazardous waste every year.
When it comes to power usage, IT is a leading power user and the
Domestic Outsourcing
None 21%
Less than 10% 47%
10% to 25% 23%

AUGUST 2007
electric bills prove the point. Higher electric prices coupled with in- Over 25% 10%
creased awareness about environmental issues and the marketability
of greater corporate awareness have many companies evaluating their
options for going green.

Government agencies are encouraging green computing through in-

centives as well as standards and regulations. In the United States, the
Federal Electronics Challenge (FEC) is a voluntary program to encour-
age federal agencies to purchase green electronic products, reduce
the impact of said products during use, and dispose of used products
in a responsible way. And President Bush earlier this year signed an
executive order requiring the use of products that meet EPEAT (Elec-
tronic Product Environment Assessment Tool) standards for 95% of
purchases. The United Kingdom this year took a step toward recycling
with the Waste Electrical and Electronic Equipment (WEEE) directive, International Outsourcing
which brings new legal requirements to minimize the impact of elec-
trical products on the environment. The move will affect IT product None 56%
vendors and their business customers by enforcing vendors to be re- Less than 10% 21%
sponsible for the collection, treatment, and recovery of electric and 10% to 25% 16%
equipment waste. Over 25% 6%

Standish Definition

“Green computing” or ”enviro-computing” is making en-
vironmentally responsible decisions when it comes to the
purchase, use, and disposal of electronic equipment. The
goal is reduce the use of energy, encourage the purchase
of products that adhere to environmental standards, and
promote Earth-conscious initiatives throughout the corpo-
ration. But going green isn’t just about adhering to govern-
ment regulations (although that may become part of it). It’s
also about promoting the protection of the environment
through multiple means.
One way of going green is to outsource the func-
tion. We asked SURF members, “Please estimate
what percent of your overall IT activity is being
outsourced?” (Domestic = within your country. In-
ternational = outside your country.) As initiatives
to go green increase, we will see a metamorphosis
of how outsourcing and SaaS will impact IT orga-
nizations. This may not affect personnel, but it will
certainly affect where and how hardware and ap-
plications are deployed.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.
 The Trends in IT 2007/2008

The Standish Group International, Inc. 60 State Street, Suite 700 Boston, MA 02109 www.standishgroup.com
The Trends in IT 2007/2008 report is based on the DARTS (Demand Assessment Re-
quirements Tracking Studies) and other research instruments. All DARTS par-
ticipants must satisfy a qualification process and join our Standish User Research
Forum (SURF). All data and information in this report should be considered Standish
opinion and the reader bears all risk in the use of this opinion.

Future reports include: Trends in Service Delivery,

Trends in Health Care and Life Sciences, Trends in Readiness,
Trends in ECO-IT, and Trends in Service-Oriented Architecture.

Current reports include Trends in Optimization and Trends in SOX Compliance.

Summary

The Standish 2007 Top 10 Trends in IT are indicators of change that is taking place. Trend one is security.
Protecting the corporation against danger or loss is critical in this global environment, where businesses are
interacting with each other and opening portals into each other’s networks for sharing of information. The
second trend, readiness, is about ensuring that the corporate computing assets are available and preparations
are in place in case of disaster. Let’s not forget lessons learned from 9/11, and the consequences of having an
entire company on one floor. The third trend, investment, involves making use of the IT budget in ways that
are most beneficial to the business. More than ever before, IT must provide value and spend its dollars wisely
to be able to support the users’ demands to do more for less.

Trend four, compliance, is a cousin of security. Governing agencies, from local, state, and federal governments,
to vertical industry groups, make rules of engagement that organization must adhere to. Trend five, project
management leadership, helps guard against CHAOS. CHAOS exists; it is real. You must have good to great
project management (and managers) to succeed and compete in today’s global economy. Trend six, service
delivery, involves finding the best ways to deliver services to the customer. This may mean augmenting in-
house staff with outside resources. It is important to create a balance of in-house and outside resources to
have the right skills in the right place at the right time.

Trend seven, optimization, is the Holy Grail of IT. It ensures that the whole organization functions at its high-
est level of service and productivity. Mediocrity does not exist in today’s IT world. Efficient IT operations are
paramount to being competitive and successful. Trend eight is standard Infrastructure, which can drive faster
delivery of services. It allows for providing more for less. Commodity hardware and virtualization require less
training to understand the spider’s web of mixing and matching technology. Trend nine, service-oriented
architecture, is being used heavily by vendors like HP, IBM, and Sybase for the development of their own prod-
ucts. SOA enables developers to get products to the customer faster. However, IT organizations are not sure
what it will do for them, so they are adopting it slowly. This will be a game of wait and see.

Trend 10, green computing, will be moving up the priority ladder over the next few years. It is hard to mea-
sure what the impact of green computing will be. Here’s what we do know: It will reduce IT budget facility
allocations. It will reduce floor space. It will reduce energy consumption. It will lesson our dependency on oil.
Standish will be questioning, monitoring, and reporting on this trend in the IT community as we go forward.

Copyright © 2007
The Trends in IT 2007/2008 Report is protected by copyright and is the sole property of The Standish Group International, Incorporated. It may not under any cir-
cumstances be retransmitted in any form, repackaged in any way, or resold through any media. All rights reserved.