The 27-year company veteran is Big Blue's chief information officer, a post that makes him responsible for maintaining one of the most complex computer systems on the planet. But his vast information technology network serves another crucial role, as the ultimate test bed for IBM's many products--a responsibility that goes well beyond that of top technology officers at other companies and one that weighs heavily on Thompson's shoulders.

When industry insiders use the term "legacy system," they are generally referring to the billions of dollars of mainframe computers sold by IBM that are still in daily use at America's largest companies. Not only does Thompson need to keep his own legacy systems running, but he also must update them with new IBM technologies that have yet to stand the test of time.

Thompson, who has 350 executives reporting directly to him, is overseeing a massive process to revamp the computer systems in the company's myriad business units, using new Web-based technology to make everything from online purchasing to long-distance phone calls more efficient. Re-engineering is a major theme at IBM these days, especially given lukewarm demand for new products from customers preoccupied about softness in the economy.

As if all this weren't enough, Thompson serves as a sort of roaming ambassador for IBM, meeting with more than 500 customers a year around the globe to espouse his company's technology. This is no routine assignment, considering that he represents a cultural institution virtually synonymous with Yankee ingenuity to the rest of the world.

What's it like managing the digital empire of a $125 billion company? Surprisingly, Thompson says, it's less crazy than one might think. He recently told CNET News.com how he manages to make it all work and still finds time to evaluate new technologies.

Q: You have an unusual title. Can you describe your responsibilities at IBM?
A: In addition to re-engineering all core processes associated with each of IBM's core business units, I'm responsible for the development and deployment of all of our infrastructure: basically, the CIO's function for all of our IT, LAN, WAN, telecommunications, mainframe/midrange, desktop, server operation, all aspects of physical infrastructure--and, in fact, I would stress that a bit further and say I'm the owner of the entire enterprise architecture, which deals with the process layer, the application layer, the data layer and then the physical elements. I govern all of that, and there's a reasonable budget for getting the work done to fully enable each business unit.

You're a busy man.
Oh, yes. But most days it's fun, and I enjoy the challenge.

How many people do you oversee?
If you look at the people working on the total IBM account, it's about 20,000 people, of which about 350 are direct reports to me, with high-level design, strategy and branding. And then we drive a relationship with IBM Global Services for day-to-day operations around the world.

So you have outsourced your internal operations to Global Services?
Yes, that's correct. We have a service agreement with them that we manage much like many of our customers would. The main difference is that we don't have penalty clauses in our contract.

Your role in IBM's infrastructure, then, is more involved in defining infrastructure, looking at advanced technology and making sure Global Services does what you need it to do to keep things humming?
Absolutely. Right on the mark. In addition to the day job of what I just mentioned, I have a very intense night job, meeting with in excess of 500 customers a year, excluding major events like CIO conferences, CFO conferences in Asia-Pacific, EMEA (Europe, the Middle East and Africa) and here in the U.S.

Why are you involved in that? It's not a typical CIO function, is it?
Well, it's not. There are many things that we do that are leading-edge or bring a great deal of practicality to what is being done in thought leadership in the space of the CIO. When I meet with them, it's to share some of the lessons learned and some of the things we have done that many of them are considering doing. They are looking for proof positive that this stuff really does work, and that it does deliver value.

You are the showcase for IBM, then?
Exactly. Case in point: When the dot-coms were imploding, we were silently still generating perhaps the largest revenue engine in e-commerce. We have $27 billion of e-commerce floating through our systems at an operating cost point that is giving us leverage for enhanced profitability.

Could you tell me about your budget?
I can't give you a dollar figure, and I can't say what we will spend in the next 12 to 24 months. Our spending has been relatively flat, but in 2001 we had some level of increase. In fact, this year, the increase is not enough to write home about, but it shows a sustained commitment that is quite high.

Now, let me explain why that is the case. Many companies manage their IT organizations as a cost center. And so they are always looking for some incremental cost reductions, only to the IT budget. We have a different view of that. We treat our IT expense as an investment, not as a cost center. And so to the extent that the IT investment can be used to yield higher return on investment in an organization, that's what we want to do. In fact, in 2001, we had a budget increase because the organizations knew exactly where they were going to get increased revenue or increased profitability as a result of IT transformation projects we were going to implement. Because of that, they said they did not want to cut their IT expense.

Will your budget increase next year?

What are some of the technologies you think will be important in the coming years?
There are several technologies we plan to invest in, others that may be used on a pilot basis, and others that are developing trends that we are just watching. Server consolidation technology is extremely important. We have undertaken over the last several years a continuing diet of consolidations, both physical and logical. We reduced the number of our data centers from 155 down to the present 13.

How was that possible?
More productive machines. But also a rationalization of the workload in the machines, so that we don't have to have multiple instances or images running this stuff, and we can put them in one physical location. And after that you can start to look at whether there is a logical instance that you can consolidate as well, to take out substantial cost.

On the developing trends front, where do you see Web services being useful?
I'm not sure I have any profound news on that...We do have some stuff (from IBM) that works. We have deployed a fair amount of Web services technology internally, and we are continuing that.

It's an important technology, first of all, because an open structure is very important to have the flexibility here. If we allowed everyone to go off and develop a unique set of closed services, then we are going to have problems. Frankly, we are firmly committed to an open structure. We have had our heyday of proprietary, and the customer world has told us that's not what they want anymore. And we look at services, our play is an open play, and that's what's very important to us.

What are you expecting in the business-to-business commerce arena?
If you look at private B2B gateways and connection points we have with customers currently, we have about 95 customers connected to us through a private B2B gateway, because IBM has been heavily involved in standards development, with RosettaNet and UDDI (Universal Description, Discovery and Integration, a technology used to list and find Web services). RosettaNet is very powerful because many of the companies involved have either home-grown purchasing systems or they all have different purchasing systems which require different protocols to communicate. RosettaNet lets you get around (those different systems), and implemented in a B2B gateway concept, we can mitigate or manage that complexity, so we do not have to write unique code to do business with every customer or supplier.

(Then there's) knowledge management and e-learning: In e-learning, there is a savings opportunity here that is generating about $400 million in savings each year. Basically, for every 1,000 hours of classroom time we convert to e-learning, there is about $400,000 of savings. With the size of our company--in 2000 we hired 45,000 people, as this was dot-com heyday time, and last year we hired roughly 20,000--there is a strong need to get people onboard, get them trained quickly.

Additionally, when we do outsourcing deals, many times we pick up the people with the customer and bring them over to IBM...Many of the people--since we require certifications for certain technical fields--have to get that training. E-learning lets them get training when and wherever they want.

And how does that rank in terms of importance?
This is especially important for IBM. Back at our peak in the 1992 time frame, we were sitting at 404,000 people in our traditional business, and our services business basically wasn't even on the radar screen. That traditional business is now down to 160,000. Our company has 320,000, so the remaining 160,000 are in Global Services. These people are spread all over, and they work wherever they can work--in airports, customer locations, closets--wherever they can get it done.

How about wireless? Where does that fit within IBM?
I try to do a segmented view of the audiences we serve in the company. Product-development people have certain needs versus software and hardware people. Consultants on the road have a different set of needs. Manufacturing people working on the shop floor have a completely different set of needs. So we try to do some segmented views of what our constituent populations need.

Our mobile and sales work forces need to be in communication with a number of people for closing business as quickly as they can get it done. We have not found a perfect device that allows them to do that on one device, so people are walking around with pagers and cell phones on their belts. Some of the devices are Web-enabled; they have PDAs. We are in constant search for what is the right thing to give them that doesn't add tremendously to our cost profile but at the same time gives them sufficient value for having the device.

You mentioned voice over IP as something you are following.
Voice over IP for us is, well, there might be some capabilities to integrate PDA functions, like e-mail, calendar. Voice over IP along with universal messaging will give you some capability to use your phone to deal with e-mail transactions or voice transactions. In our case, it is more focused on the cost benefit of what you can do to reduce the cost of long-distance and phone expenses. The cost savings is amazing. It's a big number.

Is this in a pilot phase, or is it being used throughout the company?
We are rolling this out now. We have phased implementations starting first in Asia-Pacific, and we will work our way back through Europe and come into the U.S. There is some small amount of activity already in the U.S. Our priority is in those other geographies.

Will every IBM employee have access to this, or only select employees?
It will be selective, as a priority, to start. It may ultimately reach everyone, but because of the need to control costs, we will start with a selective group.

What disappoints you about Web-based technologies?
Some of our earlier disappointments back in 2000 were because there was so much hype around the necessity for speed to the Web. I think many of the commercial clients as well as ourselves had young, energetic people who at times wanted to forget about fundamental development principles that have served us well for 30 years. And they wanted to rush off and do something without going through all of the testing that needed to be done. So I think there is a regimen of balanced discipline that can still be executed that doesn't allow you to get into trouble.

The worst thing that can happen is that you hurry up, you get the solution deployed, and you find out the availability or the reliability of the application is not as strong as it needs to be. And your customers will tell you immediately when they have to spend longer in response time--10 seconds or more--dealing with something that should have come back quickly.

These are fundamental disciplines that are tried and true and have worked in defense and commercial programs. In the dot-com fever, I think people wanted to forget about these fundamental things. It was a disappointment to me that those who knew better would let the youngsters get ahead of them and forget about doing the right thing.

What technology lessons did you draw from Sept. 11?

That said, what has IBM been doing on the security front?
It's obviously an important area. For us, I was paranoid before Sept. 11, and the reason was that I ran a few businesses over in the Global Services organization before coming into this job. When I came into this job, the paranoia I had was that I didn't want to be the first CIO in IBM history to have our systems breached. That would just be a career-limiting thing, I think (laughing). It would be one of these things where either I would feel bad or someone would make me feel bad, neither of which I want to experience.

Before that, if you recall, in the 2000 time frame, with the intent everyone had to get through Y2K, I think people were not only concerned about the remediation of code, but also concerned about people who were hacking and causing problems in the name of Y2K and terrorist attacks, even then.

So we got through that phase of it, and then came more Web- and dot-com-related intensity. As people picked up commerce transactions, there was concern about whether it was safe to put your credit card out there, and whether somebody was going to sabotage your network so that you couldn't do business. Another concern was whether someone was going to steal proprietary information. So we have had a very strong regimen and set of comprehensive security policies and testing techniques that allow us to keep ourselves relatively secure. And we do offer some of these services to customers.

What's your biggest technology nightmare?
Security is a worry, but I think we have the means to deal with it. Security is like an insurance policy: At the end of the day, if you live through the day, it isn't of any value to you.

I have a bigger problem than that, actually. For me, there is a bigger process dealing with integration horizontally across all of our business. As you look at legacy systems with new Web-enabled systems, all supporting new transitioning business models to work with business partners and working with large distributors, and our sales force working with other companies--in essence what we are trying to create here is a virtual company that has a number of assets and core competencies in it but also leverages assets outside that we don't have to own.

What's an example?
If you look at our recent decision on the PC business, where we moved the manufacturing of that to someone else, we have to make sure those operations are seamless. I say that all of these things are linked and work--and it's a nice statement--but underneath, there are ducks with their feet underwater, swimming like mad to make this work. We are a very old company, so we have old legacy systems. It's like looking into a router closet and seeing all of the cables on the floor.

What I frequently advise is that the whole notion of having an enterprise architecture, with a very strong focus on the data, is sort of like watching our economy. Watch the money. But here, you have to watch where the data is flowing. Don't get confused with the applications at the top--watch where the data is flowing. In order to get that data model in place, all of the data definitions properly done, that gives you an opportunity to get this integration thing done.

All of your legacy systems won't be replaced overnight. There is a gradual rate and pace to get it done. So our enterprise architecture and all aspects are very, very important.

Last, I would say it brings home the notion of middleware--sort of like what doctors use to clamp the bleeding, so they can sew you up and get you fixed. Middleware is a great thing to do that and lets you keep your focus on things that have an impact on your income and expense statement. This is a daunting problem, mainly because we are old and we are large. But as I talk to hundreds of customers, I find that we all have the same problem. So far we are ahead of the curve, and I tell the chairman that all of the time.

How do you measure success and failure as a CIO?
I measure it in the absolute dollar impact I make on the income and expense statement. My numbers are proud numbers this year, and they were last year, and I hope to keep it that way.

Back to intro