Saying no--the right way--may be the most powerful skill a CIO can learn. A smart "no" can set boundaries and enhance your leadership position. A stupid "no" can diminish your authority and make enemies.\n\n\nHow a CIO gets to no depends on the context, of course. Telling the CEO he can't connect his iPad to the corporate network is different from letting down an employee keen to be promoted.\n\n\nDespite the old saw that IT has to stop being the Department of No, reasons to say no abound: a strict bring-your-own-device policy means some devices won't be supported. A new piece of technology won't conform to internal standards. A proposal makes no sense. A proposal makes sense, but there's already too much work and not enough money. The CEO doesn't like it. A request doesn't support corporate goals. A big idea is too much for a risk-averse culture.\n\n\nFew decisions are black-and-white. But now, as the CIO role shifts into new areas such as revenue generation, turf lines are less clear. CIOs don't want to step on toes, but they also have to offer a clear position on strategic issues. "It takes finesse to look like a firm decision maker," says Bill Deam, a former CIO at Quintiles Transnational and ACNielsen. He was a management consultant at the time he was interviewed and is now CTO of Mapi Group. "You have massive amounts of politics."\n\n\nRudy Puryear, who leads the global IT consulting practice at Bain and Co., knows of a financial services company where the CIO was asked to leave after three years of consistent negative responses.\n\n\n"Too many decisions came back with a 'no' from IT, without well-thought-out reasons," Puryear says. "Hard feelings and disappointment led the business community to press the CEO for a change in leadership in IT, and it was too much of a groundswell to ignore."\n\n\nAn artful "no" is plainly difficult to master. Cleaning up after a predecessor's bad attempts is especially difficult. But veteran CIOs find that by using tools such as skillful conversation, deep governance and sense-and-respond intelligence, denial doesn't have to kill a career.\n\nWhen 'No' Hurts\n\nDeclining what seems to be a quick, simple technology request, such as to build a new analytics tool for the marketing staff, may not be the power play others suspect. CIOs know that new technology carries a 10-year ripple effect of maintenance and improvement costs. It's a CIO's job, Puryear says, to explain that. CIOs have long struggled to avoid infamy for leading an IT group that too often comes up with reasons to not do something.\n\n\nA reputation for denying requests and dismissing ideas isolates you and your staff from peers and can take you out of key strategy discussions. Shadow IT, we know, is a response to disliking the CIO's answers.\n\n\nBut even worse is when IT is seen as an obstacle to growth, says Tom Phillips, CIO at Elavon, a payment processing company owned by the $20.3 billion U.S. Bancorp.\n\n\nIT may point to sound reasons for delaying or declining, say, a marketing or sales project. Perhaps staff and money are assigned elsewhere. But that doesn't mean marketing or sales will take it well. "When we say no, it can either directly--or in the eyes of business executives--mean we are inhibiting business performance," Phillips says. "It becomes quite an emotive topic."\n\n\nCIOs get a lot of heat, but it helps to remain open-minded, he says. If a proposal to use a certain technology must be rejected, acknowledge that there's value in the concept and offer an alternative, he advises. "It's your responsibility to listen to new ideas, even if you do have to say no."\n\n\nFinding oneself frequently declining requests signals a misalignment between IT and business, according to Deam. A CIO with an effective intelligence operation should pick up on budding frustrations outside IT. Key to good intelligence gathering are business analysts embedded in functional departments, such as finance and human resources, as well as in business units. These IT staff members should know exactly how the company makes money and be able to offer suggestions for streamlining the flow of vital work, he says.\n\n\nFix those trouble spots, and rarely will you need to issue a big, fat, political "no," Deam says. "There's no way you should have someone running in with a sudden $30 million request."\n\nWho's the Decider?\n\nMany CIOs are stretching into untraditional areas, including creating new information-based products and services. As lines blur between functional domains, just who has authority over which decisions gets murky. When IT tries to go too far in defining business needs, or business goes too far into making a technology call, problems arise.\n\n\nA key exercise for the C-suite is to identify the 10 most important decisions the company will make this year and name who will make each call, Puryear says. Many people may influence the discussion, but where does the buck stop?\n\n\nDelineating those responsibilities and rights leads to more effective decision makers. The company can move faster because people accept the outcome and move on, he says.\n\n\nHelen Cousins, Lincoln Trust's CIO and a member of its board of directors, advocates a strong hierarchy. If, after being fully informed of the facts and risks in a given situation, the CEO or peer makes a choice that Cousins disagrees with, she goes with it. "It's my responsibility to support the decision 100 percent, and to get my staff to support it. I can't show to the outside world I don't agree," she says. As long as they're not unethical, she says, "you rally behind decisions made in a company."\n\n\nFor several years, Lincoln Trust sanctioned only BlackBerry devices on the corporate network. But when the CEO and head of marketing and sales wanted to use their iPhones for work, Cousins made it happen.\n\n\n"Now BlackBerry has lost tons of business and iPhones and iPads are the thing," she says. If IT had not figured out how to make Apple devices safe for corporate use back when iPhones were the exception, Cousins says, "we'd be behind the curve now."\n\n\nEver logical, CIOs will often insist that if they provide a colleague with all the right facts, he will come to the same conclusion they did. Dispassionate analysis will win the day. Well, not always. It's then you need to understand the nuances of the situation, says Becky Blalock, who spent nine years as CIO of Southern Co., a $16.5 billion utility, before her retirement in 2011. Perhaps there's history or personal bias in play. Or maybe it's plain old whim.\n\n\nDiscuss controversial topics in person, not over email, says Blalock, who is now managing partner at Advisory Capital, a consulting company. People are more rational when they sit down together. "With some executives I've seen, [decisions] are about control and their being right," she says. "Make it so someone's not losing face when you say no."\n\n\nCIOs sometimes have to do unpopular things, such as shutting down technology that doesn't meet corporate standards, denying requests for upgrades or ending a perk where the company pays for home computers. One of the most memorable for Blalock was having to strengthen password criteria. Many workers complained. "Whoo-ee! Those things do not make employees happy."\n\nUse the Force\n\nCIOs need to do a good bit of foundational work with peers to form trust and build personal and professional credibility for the inevitable day when "no" must be the answer. So when presented with requests along the way, you don't want to turn them all into simplistic yes-or-no transactions, says Jackie Sloane, an executive coach at Sloane Communications. Rather, use these opportunities to have a conversation about priorities and goals.\n\n\nPerhaps the request is too costly or doesn't support the company's established goals. Don't answer right away, Sloane advises, but ask your own questions to learn why the request emerged. What's the real problem? Why does the person think IT can help? What are the alternatives? In other words, talk about it. Then, she says, position your response the same way a marketer positions a consumer product. "You say, 'Based on what I know matters to you, my suggestion is this is not something you want to do,'" she advises. "People love it when you know what matters to them."\n\n\nWhen iPhones first came out, many employees at Southern Co. wanted to use them for work. At the time, Southern paid for employee phones, but iPhones were not on the list of authorized devices, Blalock says. The IT group had to decline these requests. But Blalock cautioned her team to use a positive approach. "We used 'Help me understand' rather than 'No, you can't do this.'"\n\n\nIn such conversations, CIOs will also reveal information about themselves: their style, thought process and leadership philosophy. By doing this over time, Sloane says, CIOs can build a personal force field so others understand their expertise and value their decisions. New CIOs, in particular, tend to want to approve or decline a request immediately, even when there's no need to do that, she says. "Successful people make a lot of requests, so you need to make a lot of requests, too." Being reactionary, she says, "is a legacy from a lower-level role."\n\n\nA defining moment for Blalock in building her own force field occurred some years ago. She faced what she calls a "corporate bully" situation that she took up the disciplinary chain. She declines to reveal details but says the incident, while painful, reinforced her belief that you must teach people how to treat you. "They won't mess with you if they know you have your facts straight and you have the company's best interest at heart," she says. "You need to correct people who don't know those two things."\n\nGovernance Machine\n\nWhile trying to eliminate a negative atmosphere, CIOs can build the foundation for a positive one, where significant decisions travel through a strong, clear governance process. As CIO of Amgen, Diana McKenzie knew she wanted to tackle demand governance. She wanted to elevate IT decisions from a project-by-project basis, where there are too many opportunities for conflict, and instead encourage discussions of a portfolio of work related to specific corporate goals. But to get there, she realized, IT had to understand much more about operations at the $16.6 billion biotechnology company.\n\n\nIn 2012, she started a mapping project, asking business executives to show IT's business analysts on a map how their unit or department works. They then rated, on a maturity scale of one to five, the strategic importance of each unit's key capabilities and how each one was functioning. This gave IT a working knowledge of each area, provided and endorsed by business peers.\n\n\nMaking the maps took a year, but now interactions concerning technology requests have matured from yes-or-no replies to conversations about where the request fits on the map and how important it is to the company as a whole.\n\n\nIn September, the maps, which were once viewed as an IT tool exclusively, were used in a workshop by the CEO, CFO, business unit leaders and other top executives to define Amgen's long-range improvement initiatives, she says. Such clear governance means she doesn't worry about saying yes or no anymore. "If a project comes forward from a business partner, we can then ask where it fits on the map."\n\n\nThe two years of effort have changed the dialogue for the better, she says. In 2013, for example, one strategic corporate goal was to improve quality and operational efficiency, and IT finished a complex big-data project to detect early signs of manufacturing irregularities. In 2012, one business goal was to expand in emerging markets, which for IT meant supply-chain work and provisioning offices in China.\n\n\nUsing the machinery of governance helps a CIO skirt denials, refusals and other unpleasantries, says Deam, the consultant. He recalls a time at a previous employer when one group asked IT for an expensive new system to house a complex project bidding system. The existing set of spreadsheets had become slow and sometimes unresponsive. "It was a beast. Un-emailable," he says. "People would cut it down in pieces to email and try to bolt it back together again."\n\n\nRather than throw more technology at the problem, Deam urged the group find a way to simplify the process and the resulting data behind the bidding system. The group resisted. "We took it to the governance committee. They said, 'Bill suggested you cut it in half. Why not do that?'"\n\n\nThe essence of the reply from the executive in question was that no one in his group could agree how to do it, he says. To which the committee responded that he was in charge of those very people and should, therefore, take charge of the situation.\n\n\n"We could have done the solution they were asking for," Deam says, "but simplicity is what they actually sought." The magic in good governance is forcing people to make decisions where accountability lies.\n\n\nTo help eliminate the politics that can gum up any governing body, the company would rotate senior executives in and out of committee meetings so it was rare that anyone would be arguing the case for a proposal for their own domain, Deam says. A member attending a given meeting would advocate for whichever idea looked best, regardless of where it originated. The committee published a map each month showing why it picked the one or two projects it did. "The CIO is no longer having to explain him- or herself; the organization has made the choice," he says. "If you want to change what comes out of the hopper, make a better case."\n\nWhen 'No' Pays Off\n\nIt's important for CIOs to teach staff how to say no so that all the good work done at the top isn't negated by unfortunate exchanges below. McKenzie, for example, wants her staff to understand the reasoning behind major decisions--as well as the business background and value of the request.\n\n\n"If you don't understand the business well enough, you might answer the question wrong," she explains. Whatever happens, she says, "Don't leave the impression that IT isn't going to do something because it's hard."\n\n\nBill McCorey, CIO of Universal Parks and Resorts, says he wouldn't be where he is today without a well-contemplated "no," the effects of which reverberated for several years. In 2005, as CIO of now-defunct Circuit City, McCorey put out an RFP for enterprise storage systems. EMC had won the last couple of bids, but McCorey knew he wanted to diversify vendors to keep a competitive landscape. He asked to meet with EMC's area manager.\n\n\n"I brought him in and explained the situation, straight up so not to waste his time or set expectations that could not be met. He was disappointed but understood," he recalls.\n\n\nFive years later, when McCorey was at IBM, he got a call from the EMC manager, who had recommended him for the newly available CIO role at Universal. Although the two hadn't spoken for a few years, McCorey says his former vendor referred him because of the way he had told him he would lose the bid: direct, honest and with facts. "This reminds me of how our reputation is built based on all of our actions," McCorey says.\n\n\nSloane, the executive coach, agrees. "Having the courage to say no is important," she says. "People will wonder who you really are if you're always saying yes to everything."\n\n\n\t\n\nDelivering Bad News to Your IT Staff\n\nSaying no to your staff produces a ripple effect much different from that of saying no to peers. A CIO must avoid demoralizing a staff member who won't receive a desired promotion or can't be given a raise.\n\n\nIn such serious conversations, CIOs should be authentic about the reasons for the decision, says Jackie Sloane, an executive coach at Sloane Communications. Reveal what you can about the tight budget that doesn't allow for a raise, Sloane says.\n\n\nIf someone isn't ready for a promotion, use the meeting to outline clearly the actions he can take to earn one, she says, and in what time frame. The idea is to say no, but offer suggestions or options. "When you lay down the line with people, it can be amazing what you see," she says.\n\n\nEspecially with staff issues, avoiding the "no" just brings trouble, says Becky Blalock, former CIO of Southern Co., and author of Dare: Straight Talk on Confidence, Courage and Career for Women in Charge, in which she tells the stories of 28 women in C-level positions. A common mistake they cited was not firing someone soon enough, she says.\n\n\nThese managers knew the person wasn't performing and had tried to bring him up to speed, but could see it wasn't working, she says.\n\n\n"If he's not competent, he drags the team down." Still, the managers were reluctant to deliver the ultimate bad news. Looking back, Blalock sees that she also made the same mistake during her career as a CIO. "It's very difficult to say, 'No, you're not doing the job,'" she says, "but those things are easier to see in hindsight."\n\n\n\t\n\n\n Kim Nash is managing editor of CIO Magazine. Follow her on Twitter @knash99.\n\n\nFollow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn.