You are instructed not to read this post. Reading this post will result in the most severe penalties known to IT personnel -from restrictions on your Internet access, constant monitoring of YOUR Internet activity, not being allowed to speak, message or even think of things that do not pertain to your job. Repeat offenders will have the most dire of consequences – the substitution of tofu in your diet to replace bacon.
If you made it this far in the post, you are a rebel (like 99% of the working population) and likely knew I could threaten you with all kinds of evil and vile things, but would have absolutely no way to enforce these rules. You are smart enough to figure that out, so why do you think differently of your users, or if you are a manager, your team?
I have come into two organizations where the “rule book”, A.K.A. the “IT policy manual” is filled with arcane rules that could not ever be enforced. These rules typically fell into one of two categories. They were created when “somebody” abused common sense (e.g. calling home to their overseas parents on a daily basis from their work phone) and instead of reprimanding the person, they created a rule (i.e. NO personal phone calls!). The second category of rules are the ones created for the sheer benefit of the IT team, not the end user. (e.g. NO service if you don’t jump through several hoops, I don’t care if your monitor is on fire!).
There are a third category of policies and processes that are legitimate, but they tend to get lost in the “silly” rules.
There is hope.
I would suggest that you review your IT policy manual. Not just you, but collect a group of willing users and strike a Silly Rules Committee (SRC). Together, you can review each policy and determine why it makes sense to leave in the binder. If you cannot pass the “reasonable” test, turf it. You will save a lot of trees and create happier users and employees.
If you treat your team like the adults they should be (Nerf wars aside), and give them a common sense structure to work in, you will be amazed at what a small group of dedicated people can accomplish (Thanks Margaret Mead).
I’m not against rules, but if you want an innovative organization that can be responsive, create your SRC to get rid of the silly rules, then put in the policies and structure to allow your organization to be nimble, to be secure, and be in compliance with regulatory requirements.
The large organizations are using Six Sigma to build efficiency into their processes. Use Six Sigma tools if you have them, but a SRC is a good start.
What are the first “policies” a SRC would tackle in your organization?