Where does security fit in bi-modal IT departments?

1 2 Page 2
Page 2 of 2

“We don’t have a formal separation, but in the past two years we’ve been talking more about the different focus of those two areas,” he says, noting that the company is beginning to review how it budgets and allocates resources to reflect those two IT functions.

Meilen says it makes sense. Operations is driven by efficiency; there’s a constant push to do better but use less time and money. The initiative side is driven instead by the need to enable business requirements and to do so quickly.

IT workers, too, seem to fall into these two buckets, Meilen says, although like the work itself, there’s usually some overlap.

[ ALSO ON CSO: Risk's rewards: Organizational models for ERM ]

“We have a lot of our folks who tilt more in one direction or another, but there are very few folks who do only one or the other. The size of our organization doesn’t lend itself to that,” he says, noting that most of his IT workers tilt 70% in one direction, with the remainder focused on doing work or pursuing interests in the second camp.

Although Meilen says there seems to be a natural split. He says he uses that for planning and tracking purposes, but he doesn’t anticipate drawing a stronger line between the two.

“We are moving toward a harder-line distinction in how we budget for costs and allocate costs to business unit customers. We track time for what people work on and our capital spending, we track operational cost spending. We believe we can get a pretty clear picture on how these two spheres are operating without drawing a hard artificial line on an org chart,” he says.

Stuck with the lights-on group?

Daryl Tschoepe doesn’t feel as though security is pigeonholed into one camp or the other. “I think now security has to be part of every discussion. But I guess it’s operational because it has to be there in every aspect.”

He is a 26-year IT veteran, who now works as a technology support manager at Southwestern University in Georgetown, Texas. He says he sees IT work fall into operational and innovation work, but for small departments like his, “we have both factions within a single org.”

The IT leadership at Southwestern encourages that, he says. His CIO asks the 14-member IT team to think about what technology will be needed three years down the line, or how would the technology look if they had to build a new college from the ground up.

Despite such questions, Tschoepe says not everyone has an equal balance between operational and innovation work. He says management has more responsibilities around innovation and strategy, while individual contributors focus more on keeping things running.

“I would think being on the change agent side and being able to demonstrate that kind of track record; it would be easier to move up in your organization or move to other organizations. Organizations don’t usually staff up or hire people to stay the same,” Tschoepe says.

Tschoepe adds: “But if you have someone who can think outside the box and roll with the punches, they’ll be more valuable especially in a small organization like ours where the day-to-day commands can change dramatically.”

He says being in one group only is not a career death knell. “If you’re very specialized in an operational niche that is very important, you can have excellent earning potential,” he says, adding: “I don’t think you limit yourself, but the challenge is if you’re going to go into the operational niche you must focus yourself very narrowly and you go very deep.”

This story, "Where does security fit in bi-modal IT departments?" was originally published by CSO.

Copyright © 2015 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
Survey says! Share your insights in our 19th annual State of the CIO study