Johnson & Johnson (J&J) is a large biomedical device manufacturer, healthcare and pharmaceutical company, originally founded by 3 brothers in 1886, Robert Wood Johnson, James Wood Johnson and Edward Mead Johnson in New Jersey, USA. Inspired by an advocate for antiseptic methods in surgery, Joseph Lister, the Johnson brothers publish "Modern Methods of Antiseptic Wound Treatment," which quickly became one of the standard teaching texts for antiseptic surgery, helping to spread the practice of sterile surgery in the U.S. and around the world, and subsequently pioneering the first commercial first aid kits in 1888. Right up to 1900, J&J subsequently pioneered Johnson’s Baby Powder, sanitary napkins for women and dental floss. J&J continued to focus on healthcare by publishing first aid manuals, and humanitarian contributions to natural disasters in Texas and San Francisco. With expansion to the UK, Brazil and Argentina, J&J continues to grow as a global decentralized family of companies, with the succession of the son of the founder, Robert Wood Johnson II (known as ‘the general’) who wrote J&J’s Credo as a guiding philosophy for the company.  Â
In 1944, J&J is listed on the New York Stock exchange. Over the next couple of decades or so, J&J embarked on a series of acquisitions, with McNeil Laboratories (US), Cilag Chemie (Germany) and Janssen Pharmaceutica (Belgium) joining the J&J group of companies. Between 1989 and 2002, under Ralph Larsen’s leadership as chairman and CEO, J&J continues its expansion with the acquisition of Neutrogena Corporation, Kodak's Clinical Diagnostics business, Cordis Corporation and Centocor. In 2002, William Wheldon becomes only the 8th person to lead J&J as chairman and CEO since its founding. In 2006, J&J acquires Pfizer Consumer Healthcare, bringing in well known consumer brands such as LISTERINE Antiseptic (first formulated in 1879) and others. Today, J&J is consistently ranked by Forbes amongst America’s top 10 most reputable companies, even coming top and third respectively in 2010 and 2011 (1).  Â
Its operations are organized into three business divisions: pharmaceutical, biomedical device and consumer. J&J’s pharmaceutical products include drugs for contraception, gastroenterology, oncology, pain management, neurology etc, are sold under brands such as Janssen Pharmaceutica, Ortho-McNeil Pharmaceutical and Centor. The medical devices segment includes surgical and patient care equipment and decides, joint replacements, diagnostic products and disposable contact lenses. J&J’s consumer segment is very well known and its products include Johnson’s baby care products, Reach oral care products, Band-Aid bandages, Mylanta gastrointestinal care products and Pepcid AC acid controller. J & J generates a large proportion of its revenues outside the US (around half), through its more than 250 operating companies in 57 countries and its marketing division which sells in more than 175 countries. Being such a diversified, multinational business conglomerate can present many unique challenges to management. These are recognized and J&J’s operations are strategized accordingly:
1.  Being such a diversified business with so many concerns in so many countries under its umbrella provides J&J unique local insight into emerging healthcare and customer needs, scientific and technological developments. This knowledge can be transferred to biomedical breakthroughs, marketing strategies and manufacturing expertise across the full range of its business concerns.Â
2.  Being such a conglomerate can present major challenges but the approach to management is one of decentralization. This was very much the legacy of ‘the general’ with each of the operating companies given autonomy for its own operations and functions as an independent small business. This structure encourages an entrepreneurial character and innovative thinking yet have access to the expertise and resources of a Fortune 50 company. Each company can operate in an advantageous environment where it can have dozens of strategic partners within the J&J umbrella.
3. J&J while focusing on the business fundamentals, also has a long term view in mind, making sure each of its companies balance short term and the long term in their business and operating strategies. It invests in promising new areas, while maintaining leadership positions in high growth businesses.  The areas of sustainability, economic environmental and employee health and safety indicators are of major interest to ensure J&J are on the right path to future success.Â
4. People and values are J & J’s greatest assets, who are the main drivers behind every invention, product and medical breakthrough that has impacted on human healthcare. J&J strive to attract and keep the most talented values-driven people all over the world, as embodied by its Credo. Â
J&J’s Credo is a guiding philosophy which has served as a strategic and moral compass for generations. It focuses on the needs and well being of people it serves first. It also emphasizes the responsibilities to its employees, communities in which we live and work and its shareholders.Â
Businesses have long been interested in harnessing the value of extensive data they have collected and stored about customers, markets, competitors, products, people and processes. Central to J&J’s success is that of managing of its resources and assets, and key among these are its people as mentioned in its Credo. Individuals are the ultimate source of organizational knowledge and provides the company with competitive advantage. Hence the added focus on individual and organizational creativity in recent years to adapt to disruptive change (2). With the explosion of technological advances in information systems and the internet, there is now extra attention from organizations to focus on leveraging on it for competitive advantage. Indeed Carr (3) simplistically but controversially states that IT is everywhere, it should be de rigeur to implement it for a business to even stay in touch with the competition, and not even to serve as source for strategic advantage. Porter (4) puts it succinctly when he says ‘the winners will be those that view the Internet as a complement to, not a cannibal of, traditional ways of competing.’Â
Central IT Infrastructure
In 1996, then chairman and CEO Ralph Laursen wanted J&J to become more clever about how the company was using technology (5). J&J’s major challenge was for the company which had become a multinational behemoth with numerous loosely knit business concerns flung across the globe through acquisitions in its over a century of existence, to evolve with the times and be more agile in its strategies. J&J had spent unknown millions on IT yet gained little business insights from it. JoAnn Heffernan Heisen, then Chief Financial Officer, was subsequently appointed J&J’s first Chief Information Officer with the task of improving IT, which ultimately became a monumental task of reshaping the company. With ‘federalized planning’, she faced enormous difficulties even getting J&J’s diverse business unit to even specify what IT systems they were operating. Management experts deem ‘federalized planning’ to be the only way for large organizations with a plethora of applications, old and decentralized systems and a need to preserve their profitable business units which are averse to change. Decentralization was the strategy for many companies such as J&J to globalize in the 70s and 80s, yet this was a double-edged sword which posed a hurdle to cost cutting and change especially with advances in information technology and the internet in the 90s. The benefit of federalized planning is that it formalizes cooperation between business and technology managers working like the US federal government – individual states have a say into government policies, yet with power to implement those policies in ways that are specific to its locations. Change management is not determined by Heisen, but via close-knit advisory task forces and strategy groups made up of IT and business managers who report to her, yet are given autonomy for adapting to a particular area of expertise or concern. This requires strong management skills by Heisen, the CIO, as it asks questions of people in a large company : are they ready to surrender control of their domains for the good of the whole? What should be surrendered and what should stay local? Heisen embarked on a fact finding mission initially by traveling to many of J&J’s businesses to assess the situation for herself, only to confirm that Larsen had been right :  a decentralized IT was causing J&J to spend more than the industry average. But cultural differences also didn’t help with the standardization nor was it wise to force change.   Her strategy then was to phase our change-averse staff and hire more business-minded people, then trained all her IT personnel to think more about the overall corporate business interests.   Leadership 21 programme was her brainchild in which IT staff were required to address real-life business issues , and promotion given to those skilled in IT and good at communication with the business managers.Â
J&J had a long history and was weighed down by legacy systems and this crucially was recognized by Heisen. Her next steps were to forge relationships between business and IT to achieve common goals. After much soul searching between the two groups, Heisen’s team identified 6 business areas that critically relied on IT : globally manage its companies involved in areas such as woundcare where they had a significant market share and know-how, speeding time to market, improving ties with business partners, and encouraging innovation. Methodically, Heisen next defined what IT strategies would be required to enable execution of these six imperatives and these are: data-sharing, infrastructure, human resources, information security, technology applications, knowledge exchange, ecommerce, purchasing, governance and finance. After much investigations involving IT staff from all around the world representing various business units, it was decided that security be more centrally managed, and standardization on Windows desktop operating system Windows 2000, and its Network Computing Systems (NCS) organization with Michael Shea installed as president, put in charge of operating J&J’s entire IT infrastructure, including mainframes, networks etc.  R & D would remain decentralized but many questions remained about how widely should a particular ERP system or a data definition by used. Technology strategy at J&J, like in many organizations, is likely to be an iterative process, one of constant change and incremental improvement.
The CIO job role is well documented to be a very challenging one (6), with he/she often just told to ‘fix the problem’ without actually knowing the details of the problem. As stated the CIO has multiple, complex roles : he/she needs to meet changing technical demands of the company, orchestrate successful implementation of IS strategy and maintain proper IS staff (6).  To do this, the CIO needs to intimately understand the business (Heisen went out on fact-finding visits to global business divisions), establish credibility with the systems department (Heisen engaged with IT and business managers alike), increase the technical maturity of the organization (Heisen promoted staff with dual appreciation of IT as well as business strategy) and ultimately have the skills and charisma to create a vision of the future and sell it (6). She had set in motion the wheels of change that are required for a century-old organization with diversified business concerns sprawled across the globe to embrace the technological age. In this respect, Heisen as CIO had performed a monumental task admirably. Subsequent improvements in IT have come about because of her taking the initial difficult steps in winning the hearts and minds of its operating companies.
As a result of successfully federalizing its IT infrastructure, J&J could finally track technology expenditures across its diverse operations around the world through its newly established NCS, using a decades-old set of best-practice guidelines for IT service management called the IT Infrastructure Library or ITIL (7). By the end of 2001, Shea’s NCS division only had control of half of the infrastructure supporting J&J’s global operating companies and mainly focused on the divisions in the US. The European Network services unit had evolved from the Janssen Pharmaceutical IT unit, which over time had evolved to addresses the IT needs of many operating companies in Europe, thus adopting Janssen standards for hardware and software. Therefore the European network services had already been centralized but J&J in the rest of the world was not. Using the ITIL is beneficial in that it describes ways to quantify and measure the quality of IT service delivery with end-user satisfaction a priority. Similar to Six Sigma and other improvement programs which were also being implemented by J&J at the time, ITIL can take years to implement, and even done can only done in small increments. Management has to make changes to the way people work and this can be a major challenge for a company with subsidiaries across the world that have cultural differences or that are too set in their ways.  Admirably, J&J have taken a ‘slowly-slowly’ approach to ITIL, first introducing ITIL certification to interested staff, not across the board. Gradually, more and more people are trained, including Shea and his reporting staff, so that their expectations of their team are more realistic and specific. This also demonstrates senior management commitment to ITIL as the way forward, right from the very top down.Â
As at 2007, about 350 of NCS’s total 1200 IT staff are certified to at least the foundation level and NCS manages 97 percent of J&J’s global IT infrastructure, and have trimmed IT costs from 1.56% of worldwide revenue in 2001 to 1.2% in 2005 as a result of an incremental series of improvements (7).Â
e-commerce (Centralized)
In 2005, Thomas Bunt, director of information security at J&J worldwide had reservations giving access to J&J’s multitude of business partners because they sometimes introduce worms and viruses into the company’s network (8). Also, the process of reviewing business requests for network access between a J&J unit and its intended partner was burdensome, delaying electronic transactions. A large corporation like J&J had to implement security procedures in order - typically J&J examine what the connectivity would entail, and an inspection process is included to determine the security of the network connection. Such stringent measures ultimately reduced worm and virus outbreaks to zero.Â
Management Action Plan (Centralized):
J&J’s Technical Resources and Compliance Group (TRC) oversees Safety, Health and Environment (SH&E) issues across 200 operating companies worldwide with regards to manufacture of consumer healthcare products (9), pharmaceutical, medical devices and diagnostics markets. TRC’s mission is to create competitive advantage for the J&J companies through a strategy of going beyond compliance, delivering outstanding service to customers in pursuit of business objectives. Because of the industry that J&J (and all its umbrella companies) is in, that of consumer healthcare, SH&E issus are absolutely crucial, starting internally with communications and measure in effect at all levels and all types of operations at J&J, which creates a safe, healthy and environmentally conscious culture.   This is spoken about in J&J’s Credo which emphasizes the needs and well being of its customers. The ‘beyond compliance’ approach is embraced by senior leadership, and is operationalized in the Management Awareness and Action Review System (MAARS), the global process initiated in 1998 for ensuring SH&E compliance, going beyond regulatory requirements and reducing risk. A suite of tehnically specific assessment and reporting tools feed into MAARS, which allows operating companies to conduct self-assessments annually and develop a Management Action Plan (MAP), based on the results. Results displayed via dashboards make improvement areas identifiable and more easily acted upon, leading to accident prevention, improvement of productivity, and cost avoidance, saving millions of dollars. Â
J&J’s SH&E procedures and guidelines are part of an infrastructure that supports optimal learning and sharing of information, with capabilities for efficient updating as regulations and processes change. E-learning facilitates quick and cost effective training of new and old staff alike.Â
Besides the clearly defined centralized IT outlined above, partial (or regionally) centralized IT is discussed below:
Business Process Management (J&J Hong Kong)
In order to deliver the best customer services and increase efficiency, Johnson & Johnson Medical in Hong Kong (10) has been using an automated business-to-business and Vendor Managed Inventory (VMI) system for years. The system enables J&J to receive and generate data relating to VMI, in addition to automatic and prompt exchange of information including inventory, proposed purchase orders (PPO), purchase orders (PO), and advanced shipping notices (ASN). However, upon realizing that the system was not flexible enough in modifying customer orders, J&J turned to Microsoft BizTalk Server 2006 R2. It is a technically advanced platform that allows flexible integration of J&J’s supply chain with customers’ systems thus improving the management of it. Supply chain management and automation is crucial to the efficiency of a company. Proctor and Gamble, a fellow healthcare and consumer products company, is often seen to have pioneered mastery of its supply chain, partnering with WalMart to achieve a system of continuous replenishment based on ‘pull control’, using sophisticated IT systems incorporated within SAP (11).  Indeed, J&J cannot be far behind, coming in second in the Gartner’s healthcare supply chain top 25 list for 2010 (12).
Spend management (J&J Europe)Â
In order to manage costs across its operating divisions in Europe, J&J had to identify and priorize savings opportunities (13). J&J’s European CFOs decided to team up with Spidre Purchasing Intelligence (SPI) to implement Spidre, a solution for collection, standardization, classification and analysis of sourcing and spend data. Two months after implementation, the identified cost savings was estimated to be around 50million euros. Because the data is refreshed periodically, sustained insight is developed which the company can use to streamline its purchase organization. Subsequently, J&J Europe can share its knowledge with other corporate counterparts in North America or Japan, with J&J Asia Pacific and Latin America also linking up to Spidre.
Critical EvaluationÂ
Johnson & Johnson is a large multinational healthcare and medical device conglomerate with business operations in many countries around the world. Its infrastructure in 1996 was recognized to be cumbersome, ineffective and poorly coordinated. However, the situation improved when key aspects of its global operations were federalized : some operations were centralized (IT infrastructure) while others remained under the control of its individual divisions (eg R&D) - a key feature of ‘federalized planning’. This arrangement appears to offer the best of both worlds. All operating companies are unified through its IT systems, but remain agile individually to implement further systems to remain competitive. Then CIO Joanne Heisen is seen as key to the change, demonstrating an impressive range of management and personal skills in the process befitting that of an outstanding CIO. This surely had set the stage for a series of improvements and advances utilizing IT, whether globally or within individual divisions, to manage its businesses processes and operations in line with technological advances of the 21st century. However, one cannot help but think achieving control with an even hand of their global operations will continue to be a major challenge. Each of their operating units, for example 340 strong Janssen-Cilag in Australia, also has a ‘CIO’ (by any other name, the associate director of technology) Nathan Wallace, who in 2006 overhauled its CRM system, as well introducing collaboration with a wiki that integrates IT asset management and microblogging in 2008 (14). Wallace admitted it was extremely challenging for have this type of ‘sharing’ environment, however, the real question is how this was viewed by its parent company J&J. (if at all). There should be much sensitivity in how subsidiaries’ own IT directors push the envelope for their own ideas. It can be envisaged that frustrations can occur if the CIO at the parent company should have a change of business strategy. Even a change of CIO could also trigger abandonment of a project previously viewed favourably by the outgoing CIO. Conflicts of personality and/or ideas between the CIO and the IT directors locally may also make an already difficult job impossible to do. Indeed, some have argued that J&J in fact have little knowledge or control of operations of their subsidiaries. One recent example is the saga involving McNeil Consumer Health, the division that is responsible for the Tylenol recalls (15). It seems likely that J&J faced a revolt in 2005 from McNeil and others, due to the unpopularity of MAP (mentioned above as a tool to monitor quality and compliance), which led to it being abolished, drastically diminishing oversight of its operating subsidiaries’ SOP (15). This begs the question – is managing by dashboard, however technologically advanced, practical, easily implemented or even popular ? Are we, in today’s digital age, faced with so much information at our fingertips, able to conjure up and provide even more information? Will it be “information overload†at some point ? It’s no wonder that CIOs today have some of the toughest jobs, and the letters ‘CIO’ is often referred to as ‘Career Is Over’ (6). He/she needs to have a vision for where the company is going in terms of IT strategy, yet have a sense of what can be practically achieved. To have that sense, one must be intimately familiar with the company and its culture (and much much more).Â
Perhaps IT infrastructure centralization is not appropriate for every organization. Take the NHS for example, which recently announced it had finally abandoned efforts to centralize its IT infrastructure (16). From the time an enormous organization such as the NHS decides to centralize its IT (in 2003) to the time it finally goes knee deep into it (in 2010), technology had moved on and connectivity via the internet had become more realizable. So perhaps there is a strong case for a large fragmented organization’s IT to be locally managed, smaller, agile and be nimble to respond to various needs locally, but remain interconnected as a whole. This may not be a bad thing, as security breaches for an organization with centralized IT is likely to have potentially dire consequences. Stories of data breaches at HMRC (17) and DVLA (18) had been in the news.  9 NHS trusts had also suffered 10 data breaches, resulting in lost health records for hundreds of thousands of patients (19).   More could have been lost with a centralized system.   Â
In 2011, J&J continues to expand in growth areas such as China to the tune of $115million leveraging its subsidiary DePuy’s local knowledge (20). A major question for industry watchers and analysts is – despite achieving some success with some centralization of its IT infrastructure, does it really own or control any of its companies? Is IT enough?        Â
Â
* This case study article is kindly contributed by Dr. Heng Yee Meng who wrote it as a MBA course assignment.
References
1. Smith, J. (2011). America’s Most and Least Reputable Companies. 5 May 2011. [online] Available from http://www.forbes.com/2011/04/04/most-least-reputable-companies-leadership-sales-leadership_2.html. [accessed on 15 Dec 2011]
2. Andriopoulos, C. and Dawson, P. (2011). Managing Change, Creativity and Innovation. London : SAGE
3. Carr, N. G. (2003). IT Doesn’t Matter. Harvard Business Review. 81 : 41 – 49.
4. Porter, M. E. (2001). Strategy and the Internet. Harvard Business Review. 79 : 63 – 78
5. Scheier, R. (2001). Johnson & Johnson and Managing IT. 1 Dec 2001. [online] Available from http://www.cioinsight.com/c/a/Case-Studies/Case-Study-Johnson-Johnson-and-Managing-IT/. [accessed 15 Dec 2011]
6. Beatty, R. C., Arnett, K.P. and Liu, C. (2005). CIO/CTO Job Roles : An    Emerging Organizational Model. Communications of the IIMA. 5 : 1 – 10.
7. Garretson, R. (2007). For Johnson & Johnson, ITIL Means No More IT Tears. 7 Feb 2007. [online]. Available from http://www.cioinsight.com/c/a/Case-Studies/For-Johnson-Johnson-ITIL-Means-No-More-IT-Tears/. [accessed 15 Dec 2011].
8. Messmer, E. (2005). Johnson & Johnson tackles security pain. 30 Mar 2005. [online]. Available from http://howto.techworld.com/networking/1290/case-study-johnson--johnson-tackles-security-pain/. [accessed on 15 Dec 2011].Â
9. Robert W. Campbell Award. (2005). J&J Safety, Health & Environmental Goes ‘Beyond Compliance’ to Create a Competitive Advantage. [Online]. Available from http://www.campbellaward.org/images/uploads/RWC05_JNJ_Text_for_REFpp.pdf. Accessed on 14 Dec 2011.
10.  Microsoft Case Studies (2009). Johnson & Johnson Medical Streamlines Customer Partnerships with Microsoft BizTalk Server 2006 R2. 8 Oct 2009. [online] Available from http://www.microsoft.com/casestudies/Microsoft-Biztalk-Server-2006-R2/Johnson-Johnson-Medical/Johnson-Johnson-Medical-Streamlines-Business-Processes-and-Strengthens-Customer-Partnerships-with-Microsoft-BizTalk-Server-2006-R2/4000007774. [accessed 16 Dec 2011]
11.  Steinert-Threlkeld, T. Proctor and Gamble : Delivering Goods. 1 Jul 2004. [online]. Available from http://www.baselinemag.com/c/a/Projects-Supply-Chain/Procter-Gamble-Delivering-Goods/. [accessed 15 Dec 2011].
12.  Gartner. (2010). The Healthcare Supply Chain Top 25 for 2010. 17 Nov 2010. [online] Available from http://www.gartner.com/resources/209100/209188/the_healthcare_supply_chain__209188.pdf. [accessed 16 Dec 2011].Â
13.  Spidre Purchasing Intelligence (nd). Johnson & Johnson : Insight into spend management from over 80 operations. [online]. Available from http://www.e-procurement.nu/eprocurement/download/inkoopsoftware/johnsonjohnson.pdf. [accessed on 16 Dec 2011].
14.  Gedda, R. (2008). Janssen-Cilag dances enterprise 2.0 jig. 19 Feb 2008. [online]. Available from http://www.computerworld.com.au/article/206668/janssen-cilag_dances_enterprise_2_0_jig/. [accessed 17 Dec 2011].
15.   Edwards, J. (2010). How J&J Allowed Its Tylenol Factory to Rage “Out of Controlâ€. 20 May 2010. [online]. Available from http://www.cbsnews.com/8301-505123_162-42844826/how-j038j-allowed-its-tylenol-factory-to-rage-out-of-control/?tag=bnetdomain. [accessed on 17 Dec 2011].Â
16. Glick, B. (2010). NHS National Programme for IT - the last of the government mega-projects. 9 Sep 2010. [online]. Available from http://www.computerweekly.com/blogs/editors-blog/2010/09/nhs-national-programme-for-it.html. [accessed 17 Dec 2011].
17. Osborne, H. (2007). HMRC : A catalogue of data losses. 17 Dec 2007. [online]. Available from http://www.guardian.co.uk/money/2007/nov/20/scamsandfraud.economicpolicy. [accessed on 17 Dec 2011].
18. BBC News (2007). Thousands of driver details lost. 11 Dec 2007. [online]. Available from http://news.bbc.co.uk/2/hi/7138408.stm. [accessed 17 Dec 2011]
19. Anonymous (2007). NHS Trusts suffers 10 Data Breaches. 28 Dec 2007. [online]. Available from http://blog.absolute.com/nhs-trusts-suffers-10-data-breaches/. [accessed on 17 Dec 2011]
20.  Anonymous (2011). J&J Expands its Asia Presence. 24 June 2011. [online]. Available from http://www.mpo-mag.com/news/2011/06/24/j%2526j_expands_its_asia_presence. [accessed on 17 Dec 2011].
