A How-to on Partnering within the Enterprise for CIO’s and CFO’s

Unfortunately, in many organisations, the IT department is still seen as something of an obstacle to progress – slow, reactive, easy to blame for less-than-desired productivity and perennially unlauded for the 99% of invisible activity that protects, strengthens and maintains the information environment.

Where the CIO sees risk and requires proof of concept before altering policy or the production environment, other departments straining to acquire new tools to aid their mission see their progress blunted.  In such companies, IT is seen as a siloed department to be tolerated, argued-with and worked-around.

How then, to change that perspective and move to a state of partnership and enablement with other departments, while still maintaining information security?  In this article, we will make the case for why integration of IT with other departments is a model that can enhance security and efficiency of spend.  We will also provide advice on practical steps to achieve it.

They call it “Shadow IT” for a reason

In an innovative, high-performance culture, staff at all levels are motivated to reach their goals.  When IT policy blocks access to information, productivity tools, reporting, processing speed, collaboration or the like, there can be a sense that, as long as a particular workaround is not blocked, it is reasonable to pursue it without seeking further approval.

Thus, Shadow IT is born.  It is facilitated by users accidentally or wilfully ignorant of the information security and cost efficiency mandates of the IT department and driven by an overriding commitment to achievement of their individual goals.  Where IT is seen as a blocker, the individual or group is motivated to find a way around the obstacles to obtain, process or share information.  The workaround is often kept a secret, less because the user explicitly knows they are doing something wrong – more because the lack of prohibition of their use case is interpreted as tacit endorsement within the organisation.

Of course, as you know, experimentation without cost-efficiency and security considerations creates risk for the organisation.  Shadow It is a symptom of an ineffective IT ecosystem.

So how can you combat Shadow IT?

The solution is found in communication and collaboration between the IT department and others. 

To deliver that change in relationship can require a change of personal policy within the senior management of IT and a recognition that experimentation and innovation is a key part of goal attainment across the enterprise.

For the IT department to drive a change in perception from obstacle to enabler, and simultaneously communicate why individual workarounds expose the company to risk, IT must engage with other departments, typically Sales and Marketing, Operations and Administration, and become their key enablement partner.

When innovation is embraced and enabled by IT rather than blunted, workarounds will change in nature from private to public as part of a shared mission to make the enterprise more effective.  When IT is seen as the key productivity partner of each department, information security and productivity procedures will naturally become more aligned.

What does the solution look like on a practical level?

Another way to phrase this core question is: “what does it take to be seen as, and to act as, a partner to other departments within the enterprise?”

1. Mindset change.  If your IT department is viewed as an obstacle to innovation, and Shadow IT is clearly in operation within your enterprise, it is almost invariably a sign that IT is not seen as aligned with the goals of other departments.  That disconnection is typically the real-world result of core values and beliefs of the people in charge of the IT department.  So, the first part of the transition from “siloed” to “partner-oriented” is to ensure the senior management of the IT department undergo a change of mindset around the role of IT in protecting information and enhancing productivity and change in the organisation. 

In today’s modern enterprises, the role of the IT Department is to align with and enhance the achievement of the goals of other departments while simultaneously protecting the organisation from multi-variate risks associated with the confidentiality, integrity and access to information.  The two components of that role are not, in fact, at odds with each other, but rather, complementary when viewed through the dual lens of cost efficiency and risk reduction.

2. Stakeholder interviews at multiple levels of the enterprise and joint plan development.  It is not enough to liaise with department managers and share a written set of goals.  That is not going to create organisational alignment, even when discussed at length.

To borrow a phrase from author Simon Sinek, you must understand, and be seen to understand, the “why” of the departments you serve, from top to bottom.  What are their goals and why do they have them?  Are they articulated correctly, in a way that IT can clearly respond to?  Are overall goals broken down into milestone objectives, and brought to life with strategies and the tactics that give real-world effect to them?  It is only when you understand the why and the proposed how of goal achievement that an IT department can play a truly effective role in helping them come to life.

3. Begin to sell the role of IT as a partner to the other departments.  Not as a standalone department, but as an integrated component of each of the others.  This is done by changing the language of the IT department within the organisation.  For instance, at meetings, describe integration efforts as “collaboration” and “partnership,” and reflect that you understand the goals and tactics of other departments and are delivering on your components of the plan.  When delivering this adapted collaboration approach through others, ensure they understand why they are being asked to work differently in this endeavour, so they can adapt their own language.

4. Integration with the Tech Roadmap.  Formalise the integration of IT with other departments by capturing the goals of integration in the organisation’s technology roadmap.  It is a very public signal that the IT department is no longer siloed, but an embedded partner with shared goals. 

5. Reporting.  Reporting on the evaluation, licensing or release of new software (or hardware) solutions within the organisation is an important reinforcement to the message that IT is an enabler of productivity while retaining a risk mitigation mandate as well.  It reminds all staff that Shadow IT is a thing of the past and that workarounds should now be viewed as productivity enhancements, to be publicly scheduled, tested and endorsed in partnership with the IT department, not in isolation. 

Following-up on the deployment of innovation to provide a revised cost-benefit analysis to the organisation provides further evidence of IT’s commitment to partnership and the benefits that flow from it.

6. Ongoing collaboration.  The mindset change described in step one is not intended to be temporary – it is a permanent change to the way the IT department and the rest of the organisation view their relationships.  This change, from “proscribe and dictate” to “engage and collaborate” will take time to bed down and become the norm.  It is, in essence, the adoption of a new framework for how IT will work in the enterprise – once committed, it requires permanent change and will deliver benefits that outweigh the cost of adoption.

But that is going to require a very real change to the way we work, and possibly extra staff!

Yes, that is correct.  It may take significant personal values adjustment and then the development and delivery of an intensive change to the function of the IT department that, at first, seems in conflict with the ability to keep business-as-usual conditions stable.  It is important to remember, however, that the solution steps described above can be implemented incrementally, with little more than your existing staff footprint.  Indeed, they will need to be incremental, as potential distrust of the motivations of the IT department in seeking a new, integrated approach will take time to dissipate.  The true benefits of change may take a while to appear as you wait for other departments to drop their guard and reveal their current shadow IT workarounds and desired future state.

Implementing the new framework may, for a time, also require the recruitment of new internal or external assistance, to help you through the “onboarding” stage of inter-departmental alignment, for want of a better word.

The permanent benefits of the temporary increases are these:

1. Minimisation of Shadow IT
2. More trust in the IT department and greater understanding of how your department contributes to the attainment of organisational goals
3. Enhanced information security from a reduction of unsafe practices
4. Greater efficiency of overall IT spend, because innovations in productivity can be shared more widely and faster in the organisation.  They can also be more centrally controlled.
5. Very possibly, faster innovation and achievement of return on investment in IT, thanks to your new collaborative mindset and new decision and deployment framework.

The final word

It is hard to capture, in just 1,500 words, both the challenge and the benefits of transitioning from a siloed IT department that has a centralised view of its role in the organisation to one that operates both as that central control point and a true partner to each significant department.  But there is no denying that today technology moves too fast for a centralised department to keep up.  Continuing to pursue the old model will lead to slower innovation, frustrated user groups, more shadow IT workarounds and a worsening security profile.  IT must adapt to the new reality to help the enterprise succeed.