CIO Insights: Marcus Frantz, CIO OMV Group, in an Interview About Digital Transformation
“Whatever I do, whatever I touch, I need to think about information security and provide built-in protection against cyberthreats.”
The last year has been challenging for OMV Group, an international, integrated oil and gas company based in Vienna, Austria. It’s one of the country’s largest industrial companies, with more than 24,000 employees and operations in not only Austria, but also Germany, Hungary, Romania, the North Sea, Middle East and Africa.
The new CEO, Rainer Seele, earlier this year announced a major new strategy. His stringent plan calls for OMV to focus on improving cash flow. That will be done mainly, Seele says, by optimizing the portfolio, reducing overall investments, and cutting exploration and appraisal spending. CIO Marcus Frantz has seen OMV through both the highs and the lows, having joined the company in 2004. He was appointed to his current CIO position in early 2013.
Given OMV’s new strategy of strengthening cash flow, what are your new priorities for the digital business?
We’ve identified three key focus areas. First is enabling business strategies. Second, strengthening user productivity. And third, enhancing IT efficiency.
So what is IT doing to enable business strategies?
We’ve started by having discussions with the business. We want to know how, given the latest technologies and trends, we can support them as a
business to be more productive. For example, one technology we’re looking at is predictive analytics, which we could use for measuring and predicting the flow of our pipelines. Another interesting technology is 3D printing; some of our competitors already use it in the field to print new design connectors.
We’re also looking at other industries. Are they using technologies we could adapt for our own use? One example is smart fabrics used by athletes. Possibly, we could use this technology for our gas line inspectors.
How will you help to strengthen user productivity?
We have a very distributed footprint across different countries and some potentially harsh environments, including the middle of the desert and beneath the ocean. So we want to build up the ability to work wherever we have to work. Mobilization helps us transfer or exchange more and more information into a digitized format. For us, mobility is like an umbrella.
And IT efficiency?
We’re focusing on optimizing our run costs. So the question is: How do we squeeze the run-related dependencies? Also, how do we change our operating model to be better positioned regarding operating costs?
We’d also like to transfer some of the money we save into new, innovative projects. We need to consider the future; we can’t just cut. So while we need to work on our operating model, we also need to reinvest for the future. That could mean sometimes investing more in IT in order to generate additional savings for the business.
In all this, what’s the role of cybersecurity?
All this has to be done in the context of security. Whatever I do, whatever I touch, I need to think about information security and provide built-in protection against cyberthreats. To do this, we’ve been using an enterprise information risk-management methodology. From our risk simulations, we learned that one of our organization’s top 10 risks was IT.
So in 2013, we initiated a program called Blackout. One of its goals was to reduce IT risk by 80 percent by 2015. This project included strengthening our physical security and logical access, launching an information campaign and providing training. So far, we’ve reduced our risk by 74 percent.
Does the new strategy change your role and that of IT?
We have an internal shared supplier, based in Romania, that provides about half of all IT services for the overall group. I’ve been asking whether we need to do all these parts on our own. Are we really as good as the IT delivery currently assumes? Or would it be cheaper and even better to move it outside?
We do have some external vendors, so I would call our setup partially managed services. For example, our service desk is two-thirds staffed by our own people in Romania and one-third staffed by additional people from a third party. Because we pay them on a ticket basis, our service desk operates on the assumption that the more tickets we have, the better it is. But what if service could be automated to dramatically reduce the number of tickets? Would it be cheaper and better? Right now, we don’t know. But we do intend to figure it out.
Many IT executives find it challenging to hire staff with the right skills. How about you?
Yes, the skills are changing. For example, if we’re really going to refocus on managed IT services, then we’ll need people who can do high-level service management. That’s a different skill set from what we have now. So do we train people or find new people? Similarly, if we automate more functions (such as the service desk), then some people will no longer be needed. We’ll want to retrain them for the future. For all this to work, we will need people who can follow up and take ownership of data.