As the person who has the CIO job, you’d like to think that you have things under control That when the rest of the company has an IT need they’ll come to you, ask your permission to do something, and then live with whatever you tell them. The reality is a bit different. If you tell someone that they can’t do something related to technology, all too often you’ll be contributing to building a “shadow IT” department in your company that you don’t have any control over. Sure sounds like you’ve got to find out what’s going on here…
How A “No” Builds The Shadow IT Department
Welcome to the world in which IT is no longer seen as being some mysterious magical place. Now that everyone in the company understands the importance of information technology and each of them has access to iPhones and iPads, they all assume that solving technology related work problems is as simple as downloading another app. That’s why they no longer understand it when they are told “no” by the IT department when they make a request.
As the CIO what you are going to have to understand is that whenever someone in the IT department tells somebody who is making a request for help “no”, that does not mean that that person’s need has gone away. All it means is that they now know that your department is not going to be helping them to solve their problem. What they do know is that if IT won’t help them, then the shadow IT department will.
We all know what this shadow IT department consists of. It includes unsanctioned devices, services, and applications. A great example of this is the use of Dropbox (the file sharing service) in the workplace. Yes, your corporate users understand that it may not be secure; however, it solves their problem and they know how to use it so they are going to go ahead and make use of it.
It’s Time For Some Governance
In addition to teaching your IT staff to stop saying “no” and start listening to their user’s underlying needs, you are also going to have to establish a governance steering committee in order to evaluate technology requests and the associated risks that come along with each such decision.
The key to a successful governance committee is to make sure that it is made up of representatives from the company’s finance
The output of any governance committee has to be a set of policies that are clear and easy to understand. It can be all too easy to create a set of “legal speak” documents that are correct and complete but which which nobody can understand. Keep your IT policies simple, short, and easy to read.
What All Of This Means For You
On top of everything else that the person in the CIO position needs to worry about, it turns out that if your department becomes known for saying “no” to many times, then you’ll just be helping to develop a “shadow IT” department.
This shadow IT department will be where your users get what they wanted in the first place without any help from you. You can prevent this from happening by training your IT department to stop telling people “no” and instead starting to work with them to understand the problems that they are trying to solve. Ultimately you are going to need some form of governance in order to allow all of the other departments in the company to have a say in what types of IT processes are performed. Make sure that the policies that you ask the company to live by are simple and easy to understand.
Once you realize that your users have real-world needs and that they’re not going to let you stand in their way, you’ll be on your way to changing how the IT department works with them. Make your IT department shine bright and you’ll be able to get rid of your shadow IT department.