You are instructed not to read this post. Reading this post will result in the most severe penalties known to IT personnel -from restrictions on your Internet access, constant monitoring of YOUR Internet activity, not being allowed to speak, message or even think of things that do not pertain to your job. Repeat offenders will have the most dire of consequences – the substitution of tofu in your diet to replace bacon.
If you made it this far in the post, you are a rebel (like 99% of the working population) and likely knew I could threaten you with all kinds of evil and vile things, but would have absolutely no way to enforce these rules. You are smart enough to figure that out, so why do you think differently of your users, or if you are a manager, your team?
I have come into two organizations where the “rule book”, A.K.A. the “IT policy manual” is filled with arcane rules that could not ever be enforced. These rules typically fell into one of two categories. They were created when “somebody” abused common sense (e.g. calling home to their overseas parents on a daily basis from their work phone) and instead of reprimanding the person, they created a rule (i.e. NO personal phone calls!). The second category of rules are the ones created for the sheer benefit of the IT team, not the end user. (e.g. NO service if you don’t jump through several hoops, I don’t care if your monitor is on fire!).
There are a third category of policies and processes that are legitimate, but they tend to get lost in the “silly” rules.
There is hope.
I would suggest that you review your IT policy manual. Not just you, but collect a group of willing users and strike a Silly Rules Committee (SRC). Together, you can review each policy and determine why it makes sense to leave in the binder. If you cannot pass the “reasonable” test, turf it. You will save a lot of trees and create happier users and employees.
If you treat your team like the adults they should be (Nerf wars aside), and give them a common sense structure to work in, you will be amazed at what a small group of dedicated people can accomplish (Thanks Margaret Mead).
I’m not against rules, but if you want an innovative organization that can be responsive, create your SRC to get rid of the silly rules, then put in the policies and structure to allow your organization to be nimble, to be secure, and be in compliance with regulatory requirements.
The large organizations are using Six Sigma to build efficiency into their processes. Use Six Sigma tools if you have them, but a SRC is a good start.
What are the first “policies” a SRC would tackle in your organization?
While I'm currently the CIO for Appleby College in Oakville (the best IT job in Canada), I've had a great ride in a number of positions in various locations. I've lead a team of more than 100 staff at Sheridan supporting a constituency of 50,000 users, I've been part of the founding team building a brand new medical school in Northern Ontario based completely around distributed education, I've started 3 companies, consulted internationally, drove my gorgeous wife crazy moving around all over, raised 2-1/2 great kids (I'll round it up when the final one leaves home), and occasionally scratch the ear of our butt ugly dog. My craft is not IT, but building IT organizations that support challenging and new ways to do things. I am utterly convinced that we as IT leadership need to dramatically change how IT is delivered, before we get relegated to a costly overhead department. In the midst of all this fun, I've had the distinction of being awarded the inaugural 2010 IT Leader of the Year (SME) Award from Computerworld Canada for my work at Appleby College. I'm humbled by the honor and thankful that some of my ideas actually make sense to someone.
