I was with a client today who brought up the term “credit card IT” – that is, the purchasing of IT solutions with corporate cards. This was an emerging concern for them – how or should this model of IT purchasing fit within their organisation?
Annual subscriptions for many IT options are well within financial delegations for most executives. And who wouldn’t be tempted just to sign up for a service, and ask for permission later (if at all), if it made your business run smoothly or solved a pain point?
One of the positives of credit card IT is that it places purchasing decisions firmly in the hands of the business, not the IT department. It’s broadly agreed that business users are best placed to make these decisions, and IT departments should be supportive of business-led IT. However, consumption-based computing (cloud computing) in particular raises a number of additional risks, especially if personal information is involved or the service is hosted outside Australia.
On the other hand, how do you control IT spending when it’s done via a credit card? How do you even know what IT is being purchased? One great advantage of a centralised approach is that duplication can be avoided, and organisation-wide economies of scale can be realised. In a similar vein, how (should) a CIO seek to capture credit card IT solutions for the purposes of IT planning?
Like most issues in the IT world, there’s no straightforward answer for this scenario. Too many restrictions will hurt relationships between IT and the business. A lack of direction creates a complex and uncontrolled environment that is difficult to manage and support.
What’s your take on this? Is credit card IT a business enabler or bringer of chaos? How should organisations manage this sort of information?
I’d love to hear from you.