CIOs' Next-Generation Mobile Strategy Checklist


Analyst(s): |

  Free preview of Gartner research


This research provides CIOs with a set of guidelines and questions that can be used to help form or validate their mobile strategies. The emphasis is on evolving a first-generation strategy to one that is more aligned with current mobile technologies and trends.


Key Findings

  • A mobile strategy should evolve to become aligned with and support an enterprise's overall strategy. It describes how mobile capabilities help an enterprise achieve its goals.

  • There is still an opportunity to innovate with mobile technology. Enterprises must migrate from using mobile as an extension of the Web to using mobile as a way of doing things that were never possible with any other technology.

  • A second-generation mobile strategy will expand beyond IT (business-to-employee [B2E]) and marketing (business-to-consumer [B2C] or B2B). It will include a much broader set of decision makers, funding sources and partners. New governance approaches, as well as increased risk assessment and mitigation strategies, will be required.


Develop a mobile strategy that includes four main sections:

  • The demand section describes what capabilities will be delivered to consumers/citizens and employees, and how these meet enterprise goals.

  • The supply section describes what tools and resources will be used to fulfill the capabilities and the experiences sought in the demand section.

  • The governance section describes the stakeholders involved and how decision making, approvals and funding will be managed.

  • The risk section describes the security, financial and competitive risks involved in pursuing the proposed strategy.


For many enterprises, the timing is right to create a next-generation mobile strategy. Although many CIOs have already implemented mobile technology, much of it has been tactical in nature. CIOs and their teams should now pursue a more strategic approach to mobile capabilities. If not, they risk making the wrong long-term investments, or, more importantly, they may miss emerging customer needs that are to become commonplace.

This research provides CIOs with a checklist of guidelines and questions to ensure that the next-generation mobile strategy they pursue includes the major foundational elements that will be important in the future (see Figure 1). We assume that an enterprise has already had some experience in mobile and is moving its first-generation strategy to a next-generation strategy. The structure for the strategy follows Gartner's long-standing framework for developing IT strategy, which includes demand, supply, governance/control and risk sections. See "IT Strategy Template" for the basics on building an IT strategy.

Figure 1. The Sections of a Mobile Strategy
Research image courtesy of Gartner, Inc.

Source: Gartner (April 2012)

As with all IT strategies, the mobile strategy will be aligned to and support the enterprise's strategy. Even though it often exists as a separate document, the mobile strategy will complement other strategies that describe how the enterprise interacts with and serves customers, citizens and employees. For example, on the consumer side, a mobile strategy will become part of a multichannel customer strategy.

CIOs can use this research at the beginning of their next-generation mobile strategy development or as a validation checklist to ensure that their teams have considered all the major areas.

Demand Side of Your Mobile Strategy

Your mobile strategy should start with a section that describes the nature and volume of demand for mobile capabilities from your enterprise's consumers, citizens, customers and employees. Determine how each group will want to transact with, be informed by and be serviced via mobile technologies. Find out what devices the customers own and what habits they have. The same applies to employees in a bring your own device (BYOD) world.

As you develop your second-generation strategy, keep the following guidelines in mind.

1. A mobile strategy should be aligned to the enterprise's overall strategy

Many early mobile strategies we have seen are focused on mobile only, without much connection to other channels, such as face-to-face and the Web. In a next-generation mobile strategy, mobile should be described in the context of how it meets an enterprise's overall strategy. For example, the B2C part of the mobile strategy will address how mobile is part of the customer-facing multichannel strategy. A citizen-facing interaction, such as checking on the status of a refund/disbursement, could occur in any channel (phone, online, mobile or in person). A multichannel strategy will state all the channels to which this service will be made available. If mobile is one of these channels, the mobile strategy will then state how this interaction will occur on mobile devices, smartphones and tablets — it is an extension of a multichannel strategy.

When reviewing your mobile strategy, ask your team:

  • Do we state how our mobile capabilities will help meet the business goals set out in our enterprise strategy?

  • For customers/citizens, does the demand side of our mobile strategy include all the processes/services/interactions that have been identified for mobile in the multichannel strategy? Even if we don't go into the details in the mobile strategy, have we clearly stated how we will link to these multichannel strategies?

  • For employees, do we know which applications will be extended to mobile? Again, if we don't get into the details, have we clearly stated boundaries or information that helps us describe the nature and volume of the employee-facing applications that will occur on smartphones and tablets?

2. A next-generation mobile strategy will describe how mobile technology will go beyond replicating Web capabilities to describe how mobile-only capabilities can drive innovative uses

Many first-generation and current mobile strategies focus on replicating portions of customer and employee Web portals on a mobile device. This is a logical and necessary first step for enterprises, but it is also not the endpoint. New technology is enabling mobile-only capabilities that the Web could never do. For example, Near Field Communication (NFC) can allow mobile phones to act as a key for hotel rooms or rental cars that are issued to guests on their arrival. If innovation is a key mandate for your organization, then these types of mobile-only capabilities should be prime candidates. When reviewing your mobile strategy, ask your team:

  • Does our mobile strategy leverage mobile-only capabilities, such as NFC, image or video recognition, accelerometers, and location-based services? Are we really pushing innovation with mobile?

  • For the Web capabilities that we are planning on, or have already ported to mobile devices, have we taken the time to really understand what should go to mobile and what shouldn't? Can we reduce the amount of functionality on mobile devices to only those that matter?

Supply Side of Your Mobile Strategy

The second section of your mobile strategy should define how IT will meet the demands detailed in the demand section. Identify which technologies, resources and partners will deliver the mobile experience for each of the constituent groups. At a minimum, each of the following facets of the supply strategy should be addressed:

  • Commercial: Viability of partners and vendors, affordability, licensing model, partner contracts, ecosystem strength, and exit strategy if a technology partner folds

  • Employee-owned devices: Policies, allowances and restrictions of the devices owned by employees who will be accessing the corporate networks

  • Technical: Platform range, architecture, integration approaches, testing approaches, user experience design and features

  • Skills/staffing: Skills requirements, productivity and service partners

As your enterprise progresses to a next-generation strategy, broaden your outlook by considering the following principles.

1. A next-generation mobile strategy will include the technology required to support, secure and manage an expanded set of mobile devices that include feature phones, smartphones, tablets and assets that use machine to machine (M2M) wireless communication

Most mobile strategies started with a focus on feature phones and smartphones. These initial strategies need to be updated to include tablets, other mobile devices and enterprise assets that will employ M2M communication over your wireless network. For example, municipalities are starting to put parking meters and building facilities (such as lighting) on their wireless networks. The mobile strategy should address the parts that affect the mobile network (such as security) and wireless data management, because the enterprise assets will create vulnerabilities and costs on the mobile network.

When reviewing your mobile strategy, ask your team:

  • Have we included all the endpoint devices that will be accessing our mobile network continuously or intermittently?

  • Do we have an approach to deal with the risks in security vulnerabilities and the cost containment of data charges?

  • Have we clearly defined our position on BYOD in a way that is easy for the business to understand and follow?

2. A next-generation mobile strategy will shift the focus from single-development tools to a portfolio of tools that can keep pace with a wide variety of devices and platforms

Many enterprises might start with a single-development tool focus, such as Apple's iOS SDK. Going forward, we expect that many enterprises will expand to use a portfolio of tools and partners to fulfill native application, HTML5, mobile Web and SMS development. When reviewing your mobile strategy, ask your team:

  • Do we and our partners have the tools to address both customer- and employee-facing mobile applications and management?

  • Should these development and management tools be separate for the B2C and B2E parts of our strategy?

  • Do we have the new skill sets (for example, HTML5) to work with these new tools? If not, how are we meeting the gap?

3. A next-generation mobile strategy will support longer-term and more strategic sourcing approaches

Enterprises' first efforts in mobile usually involve partners that are immediately available and capable of fulfilling these projects. These partners often include local mobile development contractors and businesses, niche vendors, and ad agencies. The major vendors and system integrators that were not capable of dealing with these initial requests (usually because of a lack of skill set and resources) have been rapidly gaining these skills over the past 12 months. The second-generation mobile strategy should recognize this shift in the industry by detailing how major vendor partners will deliver components of an enterprise's mobile strategy. IT strategic sourcing practices that are already being used with major vendors will fully apply. When reviewing your mobile strategy, ask your team:

  • How confident are we that our major vendor partners can (or cannot) deliver parts of our mobile strategy?

  • Are we applying the same strategic sourcing principles with partners that don't fall into the traditional IT sourcing category, such as ad agencies?

4. A next-generation mobile strategy will identify how the APIs that enable the mobile capabilities will be sourced and managed

What can and cannot be achieved in mobile strategy are often decided by the level of availability of APIs, Web services and integration points to legacy and Web systems. Thus, a mobile strategy should state the current limitations and the plans that have been made, or should be made, to make these APIs available. When reviewing your mobile strategy, ask your team:

  • Do we have the API governance tools that will help access, secure, manage and scale the APIs that our mobile applications and websites will be using? Are we in a position to securely manage APIs that are exposed to third-party developers, so that they can create apps for app stores?

  • For APIs coming from outside our organization (via cloud), have we taken extra measures to manage them securely, or are we treating them as internal APIs?

Governance and Risk Sections of Your Mobile Strategy

The two final sections of the mobile strategy address the governance and risk elements of the strategy. Specifically, they will identify:

  • Who needs to be involved in the decision making and approvals

  • The dependencies on other strategies (for example, multichannel strategy)

  • Who is funding the one-time and ongoing costs of fulfilling the mobile strategy

  • Security, financial and customer risks, and how they will be mitigated

The governance part of the strategy is critical in creating alignment between IT and the rest of the business. As the enterprise evolves its mobile strategy, departments involved will move from a couple of departments, such as IT and marketing, to an expanded set of stakeholders. Sales, customer service, operations, as well as other consumer/citizen and employee-facing departments, will need to become involved. A next-generation strategy will recognize the involvement of these new departments in the funding, approvals and decision-making involvement required to make the mobile strategy successful.

This section will also clearly lay out the risks that the enterprise is willing to accept (and the corresponding mitigation strategies). It will expose the consequences of failing to contain these risks (for example, the data plan cost overruns that sometimes occur in a BYOD strategy) and who pays.

As your enterprise moves to a next-generation strategy, sharpen your governance section by considering the following principles.

1. A next-generation mobile strategy will state how the enterprise will handle a mix of corporate- and employee-owned devices

Many enterprises will evolve from a fully corporate-owned device environment to a mix of corporate- and employee-owned devices. This shift should be complemented with clear communication to individual employees and their departments as to what is and is not allowed (for example, handsets, data plans, operators, mobile apps, network access and roaming). Funding and cost allocations for the handsets, help desk support, maintenance and voice/data plans should be clearly spelled out. It is not exaggerated to think of this agreement as a three-way contract among employees, their department and the IT organization. These guidelines should always be complemented with key messages that highlight the value and freedom of choice that the IT organization is providing the enterprise.

When reviewing your mobile strategy, ask your team:

  • Are our BYOD communications simple to understand and follow? How often do we need to recommunicate them?

  • Who on our team is responsible for updating the BYOD plan and communications as the marketplace evolves with new handsets, plans and device management capabilities?

  • Do we have a solid mitigation strategy against large data cost overruns? Do we have capping agreements with the carriers, and do the business departments clearly understand who pays for these overruns?

2. New mobile technologies and processes will create new risks that go beyond technology risks, such as security

A second-generation mobile strategy will often define a new environment that is not fully under the control of the enterprise, such as employees buying and using their own devices, using third-party APIs for functionality, using third-party file synchronization apps, context-aware functionality that captures sensitive information (such as location), and smaller partner vendors with short histories.

When reviewing your mobile strategy, ask your team:

  • Have we accounted for the financial risks, security risks, privacy risks and partner risks of our strategy?

  • Do we have a mitigation plan for each major risk?

  • Do we have an exit strategy for when a technology or partner disappears?

Recommended Reading

© 2012 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

Contact us online





Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more