November 05, 2012, 10:52 AM — After I wrote last month's column on why CIOs don't have more influence with "the business," I participated in a fascinating conversation with a group of big-company IT operations directors that perfectly illustrated how we in IT undermine our own influence.
The discussion turned to rogue IT, with a general consensus that it was pervasive. One estimate, which was not greatly scoffed at, was that rogue IT might constitute 15% of the average large company's IT spending.
But while nearly all of the IT leaders agreed that rogue IT was widespread, they showed little interest in exploring why that was. They didn't want to talk about what might drive line-of-business managers to bypass the IT department. They didn't want to try to understand what the experience of their business partners might be like. They weren't interested in examining whether those partners felt a lack of control, a mistrust of the department or the need for speed. By staying silent on these topics, the group seemed to be dismissing the experiences of business managers as irrelevant excuses for bad behavior.
It was another story when they were asked how to manage the situation. Silent no more, nearly everyone was suddenly spilling over with advice like this:
Threaten the vendors. If vendors take meetings with the line-of-business executives without inviting IT, they should get blacklisted.
Require IT sign-off on purchases. Tell the purchasing department to divert any technology-related requests to IT.
Refuse to integrate. Insist on IT taking control of any systems, data and/or people that need to work with IT-controlled systems.
Of course, IT departments have good reasons for wanting to centralize the control of technology assets; among other things, they want to control costs and ensure that data is kept secure and managed responsibly. But notice the theme in the suggested responses to rogue IT: They all involve exercising coercive power and preventing business managers from doing what they want to do. If these IT managers had been willing to examine the experience of their business partners, they might have realized that while these techniques might control rogue behavior in the short run, the long-term effect will likely be quite the opposite.