Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
The Accountability Trap
Accountability without authority is a recipe for failure. Here's how to make sure it doesn't happen to you.
June 27, 2008 — CIO — Allison was recently appointed Chief Compliance Officer in the IT department of a huge financial services company, and was set up to fail from day one.
The set-up was pretty obvious to an outsider, but not to her. She enthusiastically told me of the importance of regulatory compliance in their industry and the stature of her position as the one person accountable for the compliance of the entire IT function.
"The regulators require a single point of contact," she explained. "We need to ensure consistent processes and metrics throughout the organization. And our CIO gave me the authority to make it happen."
I was reminded of past discussions with Chief Security Officers, quality managers in the pharmaceuticals industry, and business continuity managers. All these people had been made accountable for other people's compliance, and believed they had the authority to control other people's behaviors.
Sigh. I hated to burst Allison's bubble. But time and again, history has proven that this approach doesn't work. Here's why:
Executives have businesses to run, and they're not going to let a compliance officer tell them how to do it. Sure, they'll comply when it's easy or when they really have to—with the big, visible initiatives. But on a day-to-day basis, Allison has three factors going against her:
1. Others are not being held accountable for their own compliance—she is. Why should they put effort into something that's outside their own personal performance objectives?
2. Executives are held accountable for business results, and they aren't going to let Allison cause them to fail at that. They're not going to change their processes or disrupt their operations to help with her objectives.
3. Allison is the one who's accountable. So if others mess up and bad things happen, she'll take the fall.
Allison may as well have been given the title, "Chief Scapegoat."
The Path of Accountability
The trap of the scapegoat occurs in many situations beyond compliance. It may be that ITIL "process owners" are tasked with implementing changes in the way the rest of the IT organization works. Or perhaps IT is asked to implement ERP and takes responsibility for changing clients' business processes.
The organizational principle that applies in all these situations is straightforward: Accountability and authority must flow down through the solid lines of the reporting hierarchy. It must never flow sideways such that someone is given accountability or authority for peers' behaviors.
The Business Case for Web Application Firewalls, by Ken Tyminski, former VP and CISO for the Prudential Insurance Company of America
BlackBerry in the Regulatory Spotlight - A White Paper by Day Pitney LLP
Stop mobility from jeopardizing PCI compliance with these best practices.
Operational Excellence Is Key to Maximizing IT Investments
Learning from BPM Leaders
Optimizing Infrastructure Control
Endpoint Security: Compliance at the Endpoint
Paving the Way for Trusted Collaboration
Find out what Forrester says about mobile endpoint security and its management.
Grassroots Data Governance with SAP MDM
The CIO's Guide To Harnessing Enterprise 2.0
What's Next? Real Answers for Tough Times
A crystal ball won't provide the answers you need.
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Microsoft Releases Next Wave of Windows Live Services
Report: Former AOL CEO Miller Trying to Buy Yahoo
Sierra Wireless to Buy Wavecom
Zoho Releases SQL-Based Data-Access Service
Open-Source Developers Set Out Software Road Map for 2020
VMware Expands Desktop Virtualization Capabilities
IE Share Slips Under 70% as Firefox Surges Past 20%
Filing: SAP Co-CEO had Concerns About TomorrowNow Deal
Windows Market Share Drops Below 90% for First Time
Apple Quietly Recommends Using Antivirus Software
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
