by Robert D. Austin, Richard L. Nolan and Shannon O'Donnell

Book Excerpt: The Adventures of an IT Leader, Part 4

Mar 11, 20096 mins
IT LeadershipRisk Management

A new CIO works to restore his credibility, and that of his team, after a confrontation with his CEO. Read the final installment of our exclusive series.

The story so far: Jim Barton, the head of loan operations for financial services company IVK, has been tapped as the CIO by the company’s new CEO, Carl Williams. The previous CIO has been fired, and Barton must restore Williams’s confidence in IT while he learns on the job. In his previous role, Barton had argued against a security upgrade. After an apparent data breach that may have compromised customer information, Barton has narrowly escaped being fired. And his IT department is under extra scrutiny by the company’s leadership team. Read the first, second and third installment.

More on

Book Excerpt: The Adventures of an IT Leader, Part 1

Book Excerpt: The Adventures of an IT Leader, Part 2

Book Excerpt: The Adventures of an IT Leader, Part 3

Wednesday, August 8, 9:38 a.m….

Jim Barton slammed his office door and slapped a notepad hard onto the desk. “Why,” he asked of no one in particular, “does every interaction with those guys have to be like a trip to the dentist?”

The leadership team meeting had just broken up. Much of it had to do with IT. Most of that had amounted to listening to people complain. Since the security event in June, people seemed less willing to assume that Barton and the IT group were doing things for good reasons.

He needed to turn his attention to the final item that had come up in the meeting: Web 2.0. Bernie Ruben, director of the IT department’s Technical Services Group, had forwarded him an e-mail on the subject a couple of days before.

Barton located Ruben’s e-mail and clicked on the attachment. He found his way to the bottom of the report, which listed some of the people within IVK who were participating in the so-called “Web 2.0 revolution.” Some items in the list were links to blogs. Barton clicked on one and found himself reading about one guy’s experiences working in the customer support center at IVK.

To his dismay, there was a description of a day when the systems at IVK went down. The author even speculated, jokingly, about the cause of the outage; his lighthearted list included viruses and hackers.

“You’ve got to be kidding!” Barton cried out before he stood and went storming down the hall in search of answers.

Tuesday, August 14, 11:35 a.m….

“Three questions,” said Ruben. “One: What should we do about this blog entry?”

“Nothing,” said Raj Juvvani, director of customer support and collection systems.

Ruben nodded and continued: “Two: What should be our policy about blogging on inside information from within the company?”

“Tons of implications here: legal, protecting proprietary info and more,” said Tyra Gordon, director of loan operations and new application development.

Ruben, still nodding, continued: “Three: What should be our process for spotting emerging technologies and seeing how they might be relevant to us?”

Barton spoke: “My first inclination would be to put in place a rather restrictive policy on blogging. That’s what Williams would say.

“Have you discussed it with Williams?” braved Gordon.

I can barely get him to meet with me, thought Barton. He said: “If he learned that there was a description on the Web of the outage we experienced, he’d probably fire all of us.”

Paul Fenton director of infrastructure and operations, spoke up: “A lot of this Web 2.0 stuff can come to companies whether they like it or not. Ask Nintendo. When the wrist strap on the company’s gaming remote turned out to be underengineered, movies of TVs obliterated by flying remotes started showing up all over the Web.”

“Can you write up a few of those examples?” said Barton. “I’ll use them as a basis for raising this issue with Williams.”

Juvvani interjected: “When you take these issues to Williams, I want us to be sure that Web 2.0 technologies don’t come out looking like the enemy. There’s serious business potential in this area.”

Wednesday, February 20, 11:10 a.m….

Barton sat back in the blue chair at CEO Carl Williams’s office table. The relationship between the two had been better since the first of the year, for reasons Barton didn’t completely understand.

The time had come to decide what to spend on some major upgrades. All involved cost-versus-risk trade-offs. Only the CEO could decide how much risk was reasonable to bear, but Barton had been unsure he’d get the help from Williams that he needed.

About ten minutes into the meeting, as Barton explained that things could still go wrong no matter how skillfully they deployed prevention measures, Williams started talking about poker.

“Sure, I get it,” he said. “Even when you’ve got a strong hand, things can go against you. The flip side is also true. Sometimes you make a questionable decision and things turn out okay. Like they did for us after the hacker attack. Occasionally you win by counting on luck.”

“But not too often, I guess,” Barton said, surprising himself.

Williams laughed. “Exactly right!” Then, to Barton’s delight, the poker game analogy grew into a larger frame for the conversation about risk.

“So, Carl, that is a great context for the decisions we need to make. Our highest priorities are risks that are likely and can generate big costs. We can decide not to do the things that generate those risks or we can decide to take the risk and invest in mitigating it.

Barton handed Williams a thin binder and they dived into discussion of specific project proposals.

At one point Williams hit Barton with a stunner—a remark made in passing without further elaboration: “You know, it wouldn’t surprise me a bit if you turned out to be the next CEO of this company. I won’t be here forever, you know.”

Barton had no idea how much stock to place in this remark. All Barton could do was his job, trying to make the IT department, and IVK, as ready as possible for whatever might happen.


Excerpted from The Adventures of an IT Leader by Robert D. Austin, Richard L. Nolan and Shannon O’Donnell, Harvard Business Press, April 2009. Austin is a professor at Copenhagen Business School and an associate professor (on leave) at Harvard Business School. Nolan is a professor at the Foster School of Business at the University of Washington, Seattle, and a professor emeritus at Harvard Business School. O’Donnell is a PhD fellow at Copenhagen Business School and a former director and dramaturg at People’s Light and Theatre in Philadelphia.