The IT Triumphs and Trip-Ups of 2005

By Elizabeth Bennett  |  Posted 2005-12-05

Good management is what separates winning projects from losing ones, and 2005 served up some telling examples.

Good management allowed Sunny Delight to wean itself from Procter & Gamble's technology infrastructure after the beverage company was spun off from the consumer products giant.

And management's ability to think on its feet enabled New Orleans-based vacuum cleaner manufacturer Oreck Corp. to recover quickly after Hurricane Katrina's big wallop.

In contrast, the Federal Emergency Management Agency's communications and logistics problems during and after the late August storm were blamed on FEMA's managers.

Department of Homeland Security Secretary Michael Chertoff hammered home the importance of management on Oct. 19 in remarks before a House committee on the Hurricane Katrina response.

"Any technological advancements we make would be meaningless if FEMA did not also have the necessary staff to manage these systems and operations," he said.

Here's a look, by the numbers, at some other 2005 information management successes and shortcomings.


50: Days it took Oreck Corp. to return to its headquarters in New Orleans following Hurricane Katrina's landfall.

Most business continuity plans just didn't account for disaster on the scale of Hurricane Katrina, as Oreck found out.

The New Orleans manufacturer's business continuity plan was straightforward. If its New Orleans headquarters were hit by a hurricane, it would shift its management operations to its manufacturing facility in Long Beach, Miss., 76 miles away.

But Katrina's path of destruction blew through both of the company's sites. "I don't think any of us anticipated a single storm taking out both locations," said CEO Tom Oreck.

The Long Beach site was intact with minor damage, but lacked communications and electricity. Nevertheless, Oreck was determined to get the plant running again. Oreck and his management team worked around the clock to secure generators for the Long Beach facility, and they streamlined the business to focus on essentials such as supporting its retail stores. Some parts of the company's disaster plan held up.

Story Guide:

Winners and Losers: Good Management Makes the Difference

a While">

Oreck successfully transferred call-center operations from Long Beach to Denver. But the company had to rely on quick thinking to get its financial, distribution and technology systems running.

Oreck, a longtime IBM customer, moved to a Big Blue disaster recovery site in Dallas. It also outsourced its supply chain management to United Parcel Service because Long Beach lacked communications.

The lesson: The crisis takes over, and business continuity plans can fall short and management has to work on the fly to keep the business going. Oreck managed to open its Long Beach facility on Sept. 9 with backup generators, spotty communications and a big assist from UPS for logistics support and supplies such as food and water for Oreck's employees.

On Oct. 18, Oreck became New Orleans' first major corporation to return to the city, which will take years to rebuild. CEO Oreck, home at last, notes, "I never seriously considered not going back."

6: Number of in-house technology staff needed to run Sunny Delight's $600 million global business.

When Cincinnati-based beverage maker Sunny Delight was spun off from parent Procter & Gamble in August 2004 to private equity firm J.W. Childs Associates, the consumer products company was given one year to wean itself from P&G's technology infrastructure.

To pull off the transition, Sunny Delight, or Sunny D as it's known to parents and kids, coaxed chief information officer Greg Winholt, a former P&G finance executive, out of retirement.

His goal: run a $600 million global business with an in-house technology staff of just six. His plan: outsource everything, from financial accounting software to billing, invoicing, production planning and forecasting, and inventory.

When Baselinelast checked in with Sunny Delight ("Cutting Ties," March, p. 65), the company was gearing up to pull the plug from P&G on its North American operations by April 1 and its European operations by Aug. 1.

The company hit both deadlines and outsourced the bulk of its SAP-based infrastructure to a Phoenix outsourcing firm, OneNeck IT Services.

Winholt says the company had to overcome a number of hiccups as its North American and European operations were switched over, including data errors as Sunny Delight connected interfaces between its new financial software, billing and invoicing, and production and planning.

But Winholt met his deadline, and he was happy with the results. And the company's entire technology infrastructure is being run with just six full-time employees, including Winholt, whose primary responsibility is managing Sunny Delight's outsourcing pacts. Now Winholt thinks he'll put off his retirement a little longer, forgoing the golf course for project management.

"It's been a wild ride and we faced a lot of pressure," he said, "but I also learned a lot over the past year. The bottom line is, I'm having fun again."

Story Guide:

Winners and Losers: Good Management Makes the Difference

' Astonishing ROI">

2,736.1%: Return on investment garnered by American Express for developing project management software.

Gold charge cards and travel services are phrases usually associated with American Express, but how about software pioneer?

The New York-based services company is going where few commercial software makers have gone before: It has developed and deployed a Web-based tool that automates the process of requesting and allocating project dollars.

The IOS (Investment Optimization System) was conceived by American Express' International Payment Services group five years ago, when 35,000 Microsoft Excel worksheets kept track of annual investments across the company's 10 business units and geographically dispersed markets.

Each unit used its own system to calculate return; there was poor version-control of budget models and requests and no way to enforce standards such as foreign currency exchange rates and product profit margins. Perhaps most important, there was no way to easily make strategic investments.

Business managers financed a project based on its individual merit or who in the company "made the most noise," not on how the projects fit into the company's overall goals, according to Anand Sanwal, director of corporate finance.

With IOS, the spreadsheets were uploaded to an SQL server, where they were read and analyzed by Microsoft Reporting Services.

The improved analysis led to the reallocation of tens of millions of dollars for more optimal investments. With a return on investment of 2,736.1%, the first generation of IOS was the grand-prize winner of the Baseline 2005 ROI Leadership Awards (Great Gains). The second generation is a Web-based product built in Microsoft .NET by Los Angeles software maker, Solver.

So far, 800 employees in four business units enter budget requests, forecasting and other financial data into an online form. IOS calculates the information and assigns a risk level to the project. The request is passed through a chain of approvers until a final decision is made.

Solver is now offering the software to the masses for anywhere between tens of thousands to millions of dollars, depending on project size and scope.

And there is yet another generation of IOS in the offing. Bigger benefits will come next year, Sanwal says, when Amex's project tracking system, which consolidates project results and actual return on investments, is integrated with IOS.

Story Guide:

Winners and Losers: Good Management Makes the Difference



336: Hours between Hurricane Katrina's landfall and the resignation of Federal Emergency Management Agency director Michael Brown.

On Sept. 2, Wal-Mart had a convoy of nine trucks with water and supplies headed toward hurricane-ravaged New Orleans and emergency relief staging areas in the surrounding region.

By Sept. 4, Wal-Mart was handing out supplies at the Lake Charles Civic Center and Monroe Civic Center in Louisiana, which housed Hurricane Katrina evacuees.

Lowe's, Home Depot and Anheuser-Busch also had supplies en route shortly after the storm made landfall on Aug 29.

FEMA, the agency charged with responding to natural disasters, lacked the communications systems to get reports from the field, couldn't move supplies fast enough and lagged in its response in getting supplies to the Morial Convention Center, which was a refugee outpost largely without provisions until the military arrived in New Orleans on Sept. 2.

Brown stepped down as the director of FEMA on Sept. 12; R. David Paulison was named acting director the following day.

Department of Homeland Security Secretary Michael Chertoff, in testimony before a House committee, outlined the key information technology snafus that delayed FEMA's response:

—FEMA's system for moving supplies into a disaster area was "not adequate" and "antiquated and inefficient" for a Katrina-sized disaster. According to Chertoff, FEMA must partner with the private sector to overhaul its logistics system. "FEMA needs to have a 'just-in-time' inventory and delivery system that allows it to quickly assess inventory, deliver those goods and replenish its stocks," he said.

—FEMA's business processes also need to be revamped to handle disaster assistance functions: answering the phone, registering people for assistance and getting them the benefits they need. "We need to strengthen FEMA's management of the toll-free disaster registration hot line, including figuring out ways to rapidly expand call-center capabilities," Chertoff told the House committee.

—The agency could also use some business intelligence. Chertoff wants to evaluate the processes and databases that keep tabs on how people register for aid.

Katrina and Rita didn't just wipe out data centers; they wiped out a lot of disaster plans, too. Check out: and's coverage of the disasters, and the efforts of CIOs to save the data on which their companies depend.

—Chertoff also reported that FEMA's communications infrastructure failed because of power outages, wind and flooding. The plan is to adapt military and private sector communications technology for emergency use. So what needs to happen now? Chertoff says FEMA needs to act a lot more like Wal-Mart and other logistics-savvy companies. That's a tall order.

And hurricane season begins again on June 1, 2006.

Story Guide:

Winners and Losers: Good Management Makes the Difference


360: Number of yet-to-be-published business wire press releases partially viewed by two Estonian-based stock traders looking for big gains.

It can be quite profitable to know that news is about to hit.

LHV (Lohmus Haavel & Viisemann), an investment banking firm located in Tallinn, Estonia, and two of its employees, Oliver Peek, 24, and Kristjan Lepik, 28, traded stocks based on press releases about to be distributed through Business Wire, according to a civil complaint filed by the Securities and Exchange Commission.

The SEC named LHV, Peek and Lepik in a civil complaint seeking the return of ill-gotten gains and a fine.

The SEC describes Peek as a day trader with a computer science background. Lepik served as head of LHV's trading department. According to the civil complaint, filed in the U.S. District Court for the Southern District of New York, Peek and Lepik viewed more than 360 press releases prior to distribution from more than 200 publicly traded U.S. companies.

And Peek and Lepik used the information to trade stocks between January and October, and pocket $7.8 million, says the SEC. Amy Greer, district trial counsel for the SEC's Philadelphia district office, says Peek and Lepik are under a preliminary injunction, which means they can't trade stocks. LHV's lawyer didn't return phone calls.

The lawyers for Peek and Lepik wouldn't comment. Greer said LHV is cooperating with the SEC on the investigation and is conducting its own internal probe on the matter.

LHV, which signed on as a Business Wire customer in June 2004 but has never itself issued a press release, got access to a secure Web site for Business Wire clients, according to the SEC.

Through a site called Business Wire Connect, customers disseminate public statements, which are edited and moved through a queue and then published on the Web and through Business Wire partners.

The SEC says "LHV, Peek and/or Lepik" launched a "spider," a computer program that regularly grabbed sensitive, secure, password-protected information about client press releases scheduled for public dissemination by Business Wire.

Phyllis Dantuono, senior vice president for Business Wire, says Peek and Lepik entered the Business Wire system through what she described as a "side door" in its information systems, but never got access to full press releases, their contents, the names of those distributing the news and headlines.

Instead, the duo got file names and release dates, and apparently pieced together information from elsewhere to make trades.

"At no point did they get full press releases," Dantuono says. According to Dantuono, Business Wire has found the area Peek and Lepik breached and secured it.

"We found out where they were able to get in and fixed it as soon as the SEC gave us permission," she says. "We've gone over the entire system with a fine tooth comb and feel confident it is secure."

Story Guide:

Winners and Losers: Good Management Makes the Difference

-Child for Security Failures">

162,000: Number of people ChoicePoint has warned about "potential fraudulent data access" since the company revealed a data breach on Feb. 15.

Lax security is the weakness that keeps dinging corporate reputations.

While ChoicePoint has been among the biggest poster companies for allowing consumers' personal identifiable data—including Social Security numbers, driver's license numbers and credit reports—to be breached, it is hardly alone.

In fact, 2005 may go down as the year of poor corporate security.

Security snafus caused headaches for some big corporate names—including Bank of America, LexisNexis, United Parcel Service and Polo Ralph Lauren.

Many of these events came to light because of a California law that requires companies with customers in that state to notify those customers if their personal information is compromised.

And there were enough security issues to go around. Bank of America disclosed in February that it lost backup tapes containing 1.2 million federal-employee records; LexisNexis said in April that it was breached 59 times and lost 310,000 customer Social Security numbers, driver's license numbers and addresses; and the University of Colorado-Boulder spent its summer plugging security holes that left 127,000 student records exposed.

What will 2006 bring? Most likely, more security breach disclosures.

For instance, ChoicePoint in a Nov. 8 regulatory filing with the SEC said it continues to strengthen its credentialing procedures for customers that have access to personally identifiable information, but "believes that there are other instances that will likely result in notification to consumers."