IT as the Whipping Boy: Mistakenly Confusing ‘Enterprise IT’ with ‘Consumer IT’

By Joe Peppard

As users of digital technologies in their personal lives, many executives pine for their internal IT systems to give them a similar experience and to be just like IT is in their daily lives. They point to the simplicity, ease of use and hassle-free nature of the digital services they use and question why corporate IT makes it so complicated. Apps on their smartphone make services available at the push of a button. Software can be easily installed and configured at the click of an icon. Plug a printer into a USB port on a laptop and it is ready to print. If they want to use a Tablet there is no problem; they just buy one from the local electronics store, connect to the internet via Wi-Fi and don’t have anyone cautioning them about the potential security risks or possible compatibility problems. Some executives even point to the fact that they have set up their own home router for broadband internet. In the consumer IT world everything just seems to work.

Unfortunately, most executives mistakenly confuse ‘consumer IT’ with ‘enterprise IT.’ Expecting everything to be just like consumer IT shows a lack of understanding of the challenges and issues that IT poses within a corporate environment, particularly what it takes in achieving expected business outcomes. More worrying, their experience with consumer IT is also giving these executives a strong argument for opting out of any involvement in decisions regarding IT. After all, Apple doesn’t ask them for their input to iTunes but it is so easy to use and it syncs seamless with multiple devices; and most people are not really too concerned with where the jurisdiction of the server that stores their family photos is located when they use Dropbox.

Expecting everything to be just like consumer IT shows a lack of understanding of the challenges and issues that IT poses within a corporate environment.

Because enterprise IT is not like their experience with consumer IT, the chief information officer (CIO) and IT organization effectively becomes the ‘whipping boy’ for all the perceived ills with corporate IT.[1] The fact is, in the enterprise IT world, executives cannot be just passive users; they must be active participants in many of the decisions that they today leave to the likes of Apple, Google, Vodafone and Yahoo in the consumer world. With enterprise IT, business executives play the pivotal role.

In the consumer world, all digital services are vanilla versions: the exact same service is available to all users. Sometimes, you can opt for either cheaper or more expensive versions with less or more functionality. But as a customer, you have no input as to what is offered; you either take it or leave it. There is nothing wrong with this; if the service doesn’t quite fit with what you want, you just have to live with what’s available or don’t use it. In the corporate world, expecting users to “just live” with a new way of working or new process is the downfall of many IT projects; giving them the option to not use an application is just not an option. The functionality, user experience, logic and workflow decisions of exactly how the application will work, and thus how we as users should experience the service, are made by the software vendor or app developer. In the corporate world this is akin to professionals working in the IT organization deciding the application logic, functionality, level of service, quality, availability, etc. for users without their input. While a vanilla version of a software application can be adequate, and many corporations use standard versions of ERP software from the major vendors, any choice should be a business decision made by business managers for operational and strategic reasons. Crucially, these decisions are not technical choices.

With consumer IT, the services on offer are, for the most part, ‘point’ solutions delivered from the “cloud”, operating in an asynchronous mode. Consider that you wish to travel to another city to see your favorite band play a gig. When you book a flight with a particular airline, you select your preferred flight and time and enter your name, address, phone numbers, and credit card details to make the purchase, unless of course, you are a regular flyer with the airline and this information has been previously entered and stored. Choose another airline, and all this data will have to be rekeyed; and, they will also probably have a different booking process with its own procedures that will likely differ from what you are familiar with. When you book the hotel room, you will probably have to again re-key in all this same information and follow the hotel’s unique booking process. Aggregators like Expedia and some airlines will argue that they do allow you to book both flight and hotel from the same portal, but what if you wish to stay at a boutique hotel that in not a partner? And can you really be sure that you are getting the best deal by using an aggregator anyway? You then still need to log-on to Ticketmaster to reserve your concert tickets and will again have to rekey much of the same information. And, of course the rental car still has to be booked.

While an irritation, we accept this practice in our personal lives; for sure, it is considerably better than it was pre-internet days. But operating this way today is a big no-no in the corporate world. Imaging your internal IT organization building systems where data had to be entered several times, with no sharing of data across multiple applications, or processes carrying out similar functions and tasks working differently with different interfaces, screen layouts and passwords. Just think of the inefficiencies, confusion and opportunities for errors.

To ensure this doesn’t happen, some sort of architectural integrity is required and executives must guide and shape such a blueprint. Unfortunately, too often this doesn’t happen; it is akin to a construction company building a house for a client room-by-room without their input or having any architectural blueprints. Each room might have different ceiling heights, different size wall fittings, different window styles, different pipe sizes for plumbing, different voltages and plug types for electricity. While meeting their immediate need, ongoing maintenance and remediating will be expensive.

In the corporate world integration is not only required, it is mandatory; it is how efficiencies are achieved and the smooth flow of information facilitated.

With enterprise IT, organizational architecture, clearly describing how the enterprise will function and defining how all the pieces fit together to help it achieve operational and strategic objectives, is critical. With enterprise IT you would never accept the rekeying of data or the need for manual reconciliation – and where it does exist, efforts are made to eliminate it. Companies generally insist that processes to achieve similar outcomes be standardized and similarly designed and if they are to be different there should be a good business or regulatory reason as to why this is so.

In the corporate world integration is not only required, it is mandatory; it is how efficiencies are achieved and the smooth flow of information facilitated. Just think of the inefficiencies and opportunities for errors in the above simple example for one individual going to a gig; now imagine a company with tens of thousands of employees engaging in millions of different transactions. Information is the lifeblood of any corporation, and if it doesn’t flow smoothly the business will soon grind to a halt. IT may be an enabler, but it requires clear direction from business executives as to how it should be harnessed.

With their ERP systems from vendors like SAP and Oracle, organizations do seek enterprise integration. However, history has taught us that this is not easily achieved, even from on-premise data centers, particularly for large companies operating globally. And the barriers are usually not technical but often down to culture and politics.

While the cloud is promoted by vendors as transformative, caution should be exercised in interpreting what this really means. Yes, applications can be provisioned rapidly, without any hardware or software purchase, available for use from any browser from most devices, and payed for on an as-you-go basis. Unless you buy from a “full stack” provider, most solutions available from the cloud are point solutions and can be a challenge if an organization is seeking integration. provides automation to help a field salesforce manage its clients. Workday provides applications for human capital management (e.g. compensation management, absence management).

Interoperability across different cloud vendors can be difficult to realize. Data portability, the ability to seamless move data to another provider, is also contentious in a cloud computing environment, heightening the risk of being locked into to one particular vendor. It is for this reason that so called “shadow IT” can be dangerous. Even where applications run on a private cloud (and the vast majority of cloud implementations are of this type) there are still interoperability challenges to overcome.

The security and privacy issues are also different in the enterprise IT world. As a user of digital services in our personal life we take responsibility for the protection of our own personal data: how we use it, where we put it, and for the rights we assign to others to use it. In the corporate environment, executives are dealing with other peoples’ data, particularly those of customers, employees, patients, and citizens. They have responsibilities defined by law and need to worry about protecting and safeguarding this data and ensuring that it is not used in any inappropriate way. Furthermore, as custodians of a business for shareholders, executives need to make sure that data or systems are not compromised in any way that will affect either the performance or reputation of the business. There are also data retention requirements to contend with. These responsibilities again rest with corporate officers and cannot be abdicated to the CIO and IT organization.

Moreover, with consumer IT, users don’t have to deal with the legacy and complexity of the IT estate that afflicts the corporate world. This is just a reflection of the unfortunate characteristic of technology: today’s leading edge is tomorrow’s legacy. This legacy can also be the result of dysfunctional decision making regarding IT and shadow IT, leading to the accumulation of diverse IT assets with particular capabilities. The consequence of the resultant complexity, what is often referred to as technical debt, is that it essentially shapes what the organization can and cannot do, and the strategic options open to it, at least in the short to medium term. It also impacts the cost base.

But complexity can also occur during the normal course of business activity, for example, acquiring a company usually entails also acquiring its IT systems, application suites and the process logic that it facilitates. Global companies operating in different geographies are faced with different maturity levels of national IT infrastructures and in meeting local regulatory and sometimes customer requirements. Strategic moves by competitors can also warrant an immediate response, meaning that new systems often have to be built rapidly, without necessarily fitting the corporate architectural blueprint.

With corporate IT, you cannot simply throw away old IT systems and software and replace with newer versions as we typically do with consumer IT. Consumer IT is all about the individual, meaning we don’t have to deal with the scale and scope of an organization employing possibly many thousands of individuals, across multiple locations, with vested interests, ways of working, experiences, all embedded in the organization’s IT infrastructure. Many companies also significantly customize packaged software, tailoring it to what they see as their unique requirements.

Perhaps the biggest difference is in relation to impact. With consumer IT, making the wrong IT choices or the unavailability of systems or apps might mean inconvenience and frustration. If you cannot connect to Strava, you can still go for your run. Some people might even claim to suffer ‘cold turkey’ by not being connected, should a broadband or Wi-Fi connection not be available. But in general, most of us can work around these nuisances and life goes on.

However, in the corporate world, the majority of organizations are fundamentally dependent on their IT systems and are not able to operate for very long, if at all, without them. For most, the unavailability of certain IT systems can have an immediate devastating effect on their business. A retailer without its point of sale systems (POS) will not be able to process customer purchases at checkout; the unavailability of its reservation system can see an airline grounded; problems with its trading systems will result in a financial institution unable to engage in currency markets or trade stocks. When revenue, profitability and reputation are impacted, it is an executive and board issue. It is for these reasons that they must understand the risks around technology choices as the buck ultimately stops with them.

As all businesses increasingly become digital businesses, IT cannot remain the whipping boy. The CIO and IT organization cannot continue to be blamed for the misdemeanors of business executives. Executives need to accept that how they lead and manage IT impacts their organization’s experiences with IT. To move beyond the current situation, some executives will need to embrace a new perspective; the old one is clearly not working.

 Executives need to accept that how they lead and manage IT impacts their organization’s experiences with IT.

It is not that these executives set out to fail with IT; on the contrary. They firmly believe that what they are doing or prescribing and their level of engagement and involvement is exactly what is required for success. Unfortunately, they are working from the wrong frame of reference. This lens through which they view the world and is a complex set of assumptions and attitudes that are used to filter perceptions and create meaning. We perceive what we consider to be reality through subconscious frames. Because we see perceptions as real, we believe others must also see them as we do. It is as if we are wearing rose-tinted spectacles and naturally believe that the world has a red hue, and consequently that others see it likewise. A frame of reference also influences the decisions executives make and actions they take. Confusing enterprise IT with consumer IT is just one of a number of beliefs that contributes to an executive’s frame of reference and shapes their reality.

Amending somebody’s frame of reference is not easy. Moreover, while an executive may acknowledge there is a problem with IT in their organization they often don’t recognize the paradox that they are, at least, part of the problem! The real issue is many don’t know what they don’t know! Until this changes, it is likely that in many organizations IT will continue to be the whipping boy.

In the enterprise IT world, executives get what they are given if they have not bothered to take the time to define what they want; and when they get it, it is often not what they are looking for because they have not provided the level of engagement required. With their enterprise IT, executives get the IT they deserve!

About the Author

Dr. Joe Peppard is on leave of absence from Massachusetts Institute of Technology’s (MIT) Sloan School of Management. He researches, teaches, and consults in the domains of IT leadership; digital strategy and innovation; the execution of digital transformation programs; the creation of value from IT investments; and the role, structure, and capabilities of the IT unit in contemporary organizations. Findings from his studies have been published in leading academic and practitioner journals including Harvard Business Review, California Management Review, Journal of Information Technology and MIS Quarterly Executive. His most recent book is Taking The Reins as CIO: A Blueprint for Leadership Transitions (Palgrave Macmillan, 2020).


[1] Whipping boys were reputedly established in the English court during the monarchies of the 16th and 17th centuries. As it was forbidden for a tutor to punish a prince, a whipping boy, who was often a friend of the prince, was assigned to a young prince and was punished whenever the prince misbehaved or fell behind in his schooling.


Please enter your comment!
Please enter your name here