Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
How to Set IT Policies the Right Way
Your rules for running IT should derive from the people who have to live with them.
November 01, 2007 — CIO — Danny was military, and he makes sure you know it. His colleagues grumble that he acts like he's the commander. Danny likes discipline and controls, especially when he's the one with his hand on those controls.
As assistant to the CIO, Danny was put in charge of policy. He was dubbed the "policy czar." Danny set about violating my Golden Rule of Organizational Design: Never separate accountability from authority. In doing so, he set himself up as a policy decision maker rather than, as he should have been, a policy facilitator.
Who Decides IT Policies?
Policies are constraints on the way we work— a "how to" procedure or "you must" requirement. The dictionary defines policy as a definite course or method of action selected from among alternatives and in light of given conditions to guide and determine present and future decisions.
A policy, once established, narrows one's choices about what to do, how to do it or which alternative to choose. Danny, as you can see from the following exchange, enjoyed his authority to prescribe choices for the rest of his organization.
During a leadership-team meeting that I attended as a consultant, I asked Danny which policies he felt he was responsible for. His answer was, "All." (I was disconcerted that he neglected to add "sir" to the end of his terse reply. I thought that was policy.)
"All?" I asked incredulously.
"All," he replied assertively.
"Even those that apply to a single line of business, like the policy on what gets connected to the network?" I queried.
"Absolutely," Danny answered. He seemed annoyed that I'd had the insolence to ask.
Undaunted, I pressed on. "How do you go about setting policies?" I inquired.
Danny described a process that was essentially this:
- Danny decides which policy to work on next, setting priorities from among a list of potential policies that he generates, as well as considering requests by others within the department.
- Danny drafts the policy, perhaps drawing on his peers as subject-matter experts.
- After a private briefing by Danny, the CIO approves the policy (in some cases with the input of a steering committee representing the business units).
- Danny enforces compliance.
The Problem With Top-Down Policy-Setting
I looked around the room at Danny's peers, and then asked one final question. "Danny, you said you are responsible for all policies, even those that affect only a single line of business. Who here is accountable for the safe, reliable, efficient operation of the network?"
Tying Employee Development Activities to Corporate Strategy
Beat your competition to the punch with faster, more cost-effective product lifecycle management.
Service Dependency Mapping
Business Process Utility: Accelerating Change Through Standardization
APM Solutions: A Window into Complex Web Applications
The Link Between APM and Customer Satisfaction
Remote Infrastructure Management - What Your Peers are Thinking
The Power of Telepresence
IT Risk Management: Preparing for the Perfect Storm
Constructing Partnerships That Work
IT Cost Transparency & Performance Management for Optimizing IT
CIO Viewpoints on Exchange 2007 Risks and Mitigation Strategies
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Judgment Favors Novell in Ongoing SCO Case
Spyware Case Finally Closed for Teacher Julie Amero
SAP to Bring Unified Interface Across Apps Suite
Symantec Sees Spike in Dangerous Microsoft Attacks
Palm Lays Off Workers
U.S. Needs More Broadband Competition, Expert Says
Microsoft to Launch IE8 in First Half of '09
VMware Security Chief Leaves to Run OpenDNS
Confidential Customer Details Exposed on Qantas Site
'Vista Capable' Lawyers Want Ballmer to Testify
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
