Monday, April 26, 2010

How to overcome a recalcitrant staff member or Wally like behavior ?

CIOs often come across situations where they realize that certain individual(s) in their team are unable to deliver even basic results. Typically, such individuals may have survived multiple bosses, or been in the company for a very long time like Wally (from the famous Dilbert series). All efforts to bring about change may have yielded microscopic results. Let me use a couple of examples to illustrate such cases.

You go into a management meeting along with some of your team members; the expectation is to gain consensus on the way forward on a difficult project. All is going well, till silence falls with uncomfortable stares. Or the meeting is halted because one of your team members blundered and lost all gained ground.

Another case is a review meeting with the CEO on what IT is doing. You get started, and then get hit on the head—one of your staff members has not kept promise despite reminders and follow-ups. It was something that you did not focus on, considering the task’s facile nature (which any idiot would find difficult to go wrong on). But then, you are now at the receiving end.

In both cases, you may feel like strangling the person. But, that’s not the corporate way of dealing with frustration!

So the first response seems to indicate that you “fire” the person. That’s an easy solution, but should be the last resort. Instead, here are some other alternatives that you could review:
  1. Assign a coach to the person with daily/weekly feedback without holding anything back.
  2. Give the truth as it is, along with advice for improvement.
  3. It could be professional arrogance (“I am better than others”) that translates into negative attitude. Introduce him to others who are better and show him the reality.
  4. Put him on a PIP (Performance Improvement Plan). Make it clear why he is on PIP—that it’s not because of work, but attitude.
  5. Assign him away from the “critical” nature of the work, which works at times to demonstrate that he is not irreplaceable. It may moderate his behavior.
  6. It could also be a genuine case of incompetence. Try training.
If all these steps don’t work, then the choice is obvious. But that’s also a difficult act to execute!

It’s important to take action sooner than later, as you may risk polluting the contributors and good staff. Delay will encourage the person to continue his (mis)contributions to the department. I have observed procrastination becoming the nemesis of many CIOs, so all I can say is, ACT NOW !

Monday, April 19, 2010

Third Degree CIO (Do degrees matter to become a successful CIO)

During lunch with a group of CIOs, a question was suddenly raised by a non-CIO, “Which college did you acquire your MBA degree from?” To this query, a CIO answered that he did not have a MBA degree. The second CIO echoed the same answer. Yet another CIO mentioned that he was better off without an MBA—not that he despised that tribe, but he believed that typically MBA types were removed from reality, or had unrealistic expectations. In another gathering, a similar question was doing the rounds. “Are you an engineer?” Guess what? A large number of those present weren’t. Does that imply that educational qualifications and formal business education are not critical towards being successful as a CIO?

There have been many discussions on this subject, specifically around whether a management degree is important for the CIO to be successful towards the holy grail of “IT business alignment”. Most concluded with attributing higher probability of success when the CIO is equipped with management qualifications. It is generally accepted that an MBA is likely to get higher visibility. The same set of people also agrees that success is defined by deliverables and outcomes. So if a non-MBA performs better, he will find growth over the management graduate.

If we look around us at successful first generation entrepreneurs, the landscape is filled with an equal share of drop-outs and post graduate degree holders. In fact, the technology world shows us a higher success rate with the former. However, when we look within an enterprise, the same entrepreneurs want to hire from Ivy League schools—as if to make up for their unflattering educational qualifications. One can also argue that the talent they induct creates the fabric for success. But as I see it, they bring in the machinery to run the operations; the vision, direction and opportunity is created by the owner.

Someone had asked a question a long time back. “What is the measure of an effective leader?” The answer after many attempts was “results”. For the CIO to be visibly successful, he has to deliver results that matter to the enterprise. There is no debate on whether IT matters, or if it’s essential to run day-to-day operations. Positive or adverse impact due to technology is typically acknowledged, and the IT leader gets credit. Now, there may be cases where the CIO may not get the due benefit. This may be due to the CIO’s inability to communicate, or the CEO’s ability to understand how IT makes a difference within his enterprise.

Time to get back to the question: Is there a third degree that makes a successful CIO?

I believe that it’s the passion to make the difference, balanced with business acumen and enabled by sound technology that matters. A good leader chooses the right balance of skills within the team, which can work together to deliver results that matter. Initial qualifications provide the platform for launch; the person’s drive gets them to the checkered flag. So I would acknowledge that the engineering or MBA degree could provide a foundation that may enable the CIO to explore alternative decision points which elude others.

Tuesday, April 13, 2010

(IT) Security and the CIO

Last month, many CIOs (including me) were subject to a barrage of security events—as if the world suddenly needed a lot more protection than it had in the past! CEOs, senior vice presidents and thought leaders suddenly seem to have descended upon the CIO, challenging the security postures of enterprises.

Questions challenging the efficacy of currently deployed solutions were very similar across almost all vendors. Many data points from a multitude of surveys were bandied around in an attempt to make CIOs succumb to the FUD (fear, uncertainty, and doubt) factor.

A typical session begins with “Top 5 technology priorities”, and since the presentation was being made by security vendors, IT security figured prominently in these lists. To the hapless CIO, statistics reveal a scary world full of crackers and nefarious elements (who want to take away customer data, send spam, phish users, attack end computing devices, and sniff network traffic). It did not matter if the audience agrees with these or not. Irrespective of whether the displayed data is from the same geography or industry, the ground is set for discourses on why your enterprise is not secure if it hasn’t deployed the specific vendors’ solutions.

Almost all cases are built upon the premise that data is only stored electronically, and leakage can only happen in electronic forms. The exercise of data classification is touted as the starting point—except that beyond a point, this classification becomes irrelevant, as the imposed controls make conducting business a painful task. Mobile workers appear as the villains who will lose a laptop or connect to unsecured wireless networks compromising valuable data.

Yet another cry is a ban on social media. This does not acknowledge the fact that business also uses these channels for connecting with customers. The mantra is “you cannot trust these gullible ignorant employees, they are the weakest link”.

Yes, people are indeed the weakest link in security compromises; but they can also be the strongest. The biggest tenet of any business operation is trust. If the enterprise cannot trust its employees to be prudent in their usage of various communication modes or protect the data that matters, then I don’t believe that a technology solution is the answer.

Information security can be effective with help of education, continuous reinforcement by the management, a “zero tolerance” policy towards adverse incidents, periodic reviews, and finally the technology stack which is dependent on the business operations. Exception management is fraught with danger, and should be aggressively discouraged. Many mature organizations have found that making an example of truant employees enhances levels of security, and builds trust with customers in the long run. Attempts to hush such cases, or not taking strict action which may already be defined in the policy sends a message of tolerance, which can significantly compromise the enterprise.

Vendors need to listen as they engage (see Irrelevance of vendor presentations) the CIO in discussions on how they can help their customers in sustaining and improving their information security postures. This has to be based on an assessment, and not based on inane survey data that may be far removed from reality for the audience. Else, they face the risk of alienation from their prime customer, the CIO.

Monday, April 05, 2010

Succession Planning for the CIO

Over the weekend, I was returning from a trip along with a score of other CIOs when an interesting debate started as the aircraft was taxied for take-off. In jest, a fellow CIO raised the question, “What would happen to the industry, our companies and the IT world at large, if the plane were to have a mishap? Apart from loss of 20 of the IT industry’s brightest minds, what other repercussions would the industry see, or our companies feel?” It set off a chain of thoughts which required serious thinking.

Every mature organization gives a lot of focus to developing layers of management. These organizations encourage its leaders to identify high potential talent, which can be groomed to take on higher responsibilities. Such an exercise is of help when the organization faces attrition at senior levels or expands, creating new opportunities for existing leadership teams. In such situations, the next levels of leaders are able to take on the mantle with minimal disruption to operations and strategic directions.

However, life does not always follow a pattern. Thus, there are disruptions when employees leave suddenly, or the planning process has not been able to groom a pipeline of leaders. Hiring from outside normally creates a gap, and learning curves can be counterproductive. This does not imply that organizations should always promote internal talent, but a move to provide the opportunities internally does definitely offer continuity.

Coming back to the IT organization, CIOs have come to the fore over the last decade. CIOs have taken on business challenges, and proved themselves by engaging the enterprise beyond usual technology solutions. Their contributions have been recognized, and many have permanent positions within management teams. In a few cases, they are also invited to join the Board.

As the CIO’s stature grows, so does the teams’ aspirations. Gaps in business understanding, communication, and team management are narrowing across IT staff. However, grooming a successor requires a different approach very similar to Boards grooming the next CEO. The CIO should consciously work towards creating the next level of leaders who s/he can depend upon in cases of exigency, and also provide additional bandwidth to take on sudden increases in demand or business growth.

Nurturing high potential talent to become a CIO does not necessarily have to be from within the IT function. Aspiring and talented individuals from other functions could also be good candidates. This is borne out by the fact that some enterprises have appointed CIOs from business functions in the recent past. The CIO needs to recognize that lateral hires can be as effective as technology staff, while taking a dispassionate view.

A common grievance is that the high potential next level CIOs seek opportunities outside more often, so why go through the rigmarole? If opportunities for growth are not aligned to the aspirations of the next level of IT leaders, they will seek to create their career growth outside. This can be managed to some extent by setting the right expectations, communication, and finally the CIO challenging the CEO to explore growth. Unless the CIO takes on new opportunities including lateral movement, the retention challenge will be difficult to address.

Are you grooming your next level to challenge your position? Are they ready to take on your role, should you decide to move laterally, or out of the organization? If not, start now. You owe it to yourself and the company, because your growth depends on this.

Fortunately, the flight landed safely. As we collected our luggage, I had some solace that the talent pipeline was strong.