Posts Tagged ‘risk’

« Older Entries

3 Traps That Cause CIOs To Make Bad Decisions

Wednesday, August 17th, 2011
Image Credit
CIOs Often Don't Realize That They've Made A Bad Decision Until It's Too Late!

CIOs Often Don't Realize That They've Made A Bad Decision Until It's Too Late!

How do you make decisions? We’d all like to think that we carefully weight the available evidence and then use our past experiences to make the right decision each time. However, the reality is actually quite different.

As CIOs we are asked to make some very big “bet the company” types of decisions. If we don’t know why we sometimes make bad decisions, it may cause us to hesitate and wait too long before making a decision.

It turns out that there are 3 different reasons why a CIO can end up making a bad decision. We’re going to take a look at each of these hidden decision making traps and show you how to identify them and, even more importantly, how to avoid them…

The Anchoring Trap

John Hammond is a researcher who has looking into why CIOs make bad decisions. His research has revealed that CIOs (along with other decision makers) struggle to make complex decisions.

We’ve developed ways of coping with making the “big” decisions. We use what are called heuristics which are basically little unconscious routines to reach a decision. Normally this works just fine. However, it’s when they don’t work that we run into troubles.

Is the population of the United States greater than 100 million? What is the population of the United States? It turns out that if I had asked you if the population of the United States was 50M in my first question, most of you would have guessed a much lower number in answer to my second question.

The reason that we do this is the same reason that CIOs can make bad decisions: we give way too much weight to the first information that we receive on a topic that we’re going to have to make a decision on. We say that this first blast of information “anchors” our following thoughts on the subject and clouds our judgment.

CIOs can deal with this problem by taking the time to try to view each decision that they have to make from multiple perspectives. Also remain open minded – see the thoughts of others in your organization who may be better positioned to view this issue from a different angle.

The Status-Quo Trap

Let’s all face it: we like things the way that they are. When it comes to making decisions this bias does not go away.

When we have to make a decision, we prefer to choose those options that will keep things pretty much the way that they are as opposed to introducing radical change.

The researchers who have looked into why we fall into the status-quo trap report that this is a deeply engrained part of who we are. We are actively looking for ways to shield our ego from anything that could result in damage to the way that we see ourselves.

In order to overcome this decision making trap, while making a decision CIOs need to remind themselves about what their goals are: what do they really want to accomplish. Sticking with the status quo might be the right way to go, or maybe it isn’t.

Make sure that you don’t allow yourself to be fooled by what you might think your switching costs are. It’s never easy to move from the status quo to something else, but it might not be as hard as you are imagining it to be.

The Sunk-Cost Trap

A sunk cost is something that we’ve spent either time or money (or both) on in the past that we can never hope to get back. The problem that CIOs run into is that once the cost has been realized, it can cloud our future decision making.

Specifically, once we’ve committed ourselves to investing in a project or an employee, we find it much easier to continue to invest in them as opposed to cutting off the flow of funds and / or time.

The reason that we make this kind of mistake is very simple: we don’t want to admit that we made a mistake in the past. By admitting that we made a mistake, we will be publically opening ourselves up to criticism and nobody wants to do that.

In order to avoid falling into this decision making trap, we need to work hard to mentally set aside decisions that we’ve made in the past when we are making new decisions. This is also a great time to find others in the organization who were not involved in the previous decisions and ask for their views.

What All Of This Means For You

An important part of the job of being a CIO is to be able to quickly make the right decision, no matter how big the question is. It turns out that this can be harder to do than we might think: there are three decision making traps that CIOs often fall into.

The three decision making traps that CIOs often fall for include placing too much weight on the first information that they receive, trying to perpetuate the current status quo, and making decisions that justify our past decisions.

Being aware of these decision making traps will allow us to detect when we are starting to fall into them. CIOs will always be asked to make important decisions, we just need to make sure that we are able to make the best decisions possible.

- Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™

Question For You: How do you think that you can make decisions without being influenced by seeking out evidence that supports the way that we currently see the world?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

As a CIO you are going to be called on to make decisions. A lot of decisions. Do you have any thoughts on

Let’s face facts shall we? Cloud computing appears to be the real deal. It can no longer be considered just yet another IT fad. It sure looks like every company will be using cloud based computing resources eventually. Since this appears to be inevitable, what should CIOs be thinking about right now?

Tags: , , , , , , , , , , , , , ,
Posted in decisions | 3 Comments »

CIOs Are Trying To Do Innovation The Wrong Way

Wednesday, July 20th, 2011
Image Credit Stop looking for that big bang, it's the little ones that you want…

Stop looking for that big bang, it's the little ones that you want…

As the world slowly recovers from its great economic recession, CIOs are gearing up to help their companies do battle with their competitors. Everywhere in this great land you can hear the same words being repeated “I want more innovation!” Umm, ok. It turns out that innovation doesn’t just happen. Instead you need a whole bunch of little changes first. Maybe I should explain…

Innovation Requires Many Little Changes

All too often CIOs believe that their staff just need to spend more time sitting around thinking in order to have more of those “big bang” moments where innovative thoughts just jump in to their heads. Sadly, it turns out that things just don’t seem to work out this way.

Dr. Rosabeth Kanter has been studying how innovation works in companies and she’s discovered something that I think that we’ve all suspected for some time. It turns out in order to make the big innovative changes, companies first need to make a whole series of smaller incremental changes.

What Dr. Kanter has found is that those really big ideas that we all like to spend so much time talking about are really the result of a lot of other work. It’s the incremental changes that were put into place to change how we deal with partners or how we distribute our information that allows a CIO’s team to come up with the big innovation.

It’s All About The Pyramid

Dr. Kanter suggests that that we view innovation not as a stand-alone item, but rather as a pyramid. This pyramid consists of three different, but related, levels.

The broad base of the pyramid is made up of all of the incremental changes that need to be made in order to set the stage for greater things. Making these changes increases an IT department’s level of operational excellence.

The middle layer of the pyramid is the idea factory – this is where new and novel ideas are allowed to hatch and grow. An IT department needs to be able to allow such ideas to flourish and provide them with the resources that they need in order to grow.

Finally, at the top of the innovation pyramid are those few innovative ideas that appear to have the ability to significantly change the company. These are the ideas that need to get the IT department’s full backing and access to the additional resources and talent that will be required in order to allow them to truly transform the company.

What All Of This Means For You

Yes, IT innovation is great stuff – that’s where things like the iPhone and the Kindle came from. However, CIOs who walk around telling their teams to be more innovative are missing the point.

It turns out that in order for innovation to happen, firms have to first take the time to make lots and lots of smaller changes. You need to effectively set the stage for your innovation to happen. By doing this a CIO can create an environment in which the innovation that he or she is looking for will occur.

The “pyramid of innovation” shows that you can’t just get innovation by itself. Instead you need to get a combination package of incremental improvements and that will in turn allow innovation to happen. CIOs who master this will find that perhaps getting innovation out of their IT department is not so hard after all…

- Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™

Question For You: How can a CIO best encourage the IT department to create incremental improvements in order to set the stage for innovation to happen?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

One of the biggest challenges that modern CIOs face is how to do a good job of managing their IT department. The burden of making the right technology decisions, managing budgets, and meeting the needs of the rest of the company is challenging enough, but what can make or break a CIO is how good of a job you do nurturing and growing your staff. The folks at Google have the same issues and they’ve harnessed their immense computing power to come up with a solution…

Tags: , , , , ,
Posted in innovation | No Comments »

First Things First: 3 Questions Every New CIO Needs To Be Asking

Wednesday, February 2nd, 2011
Image Credit
CIOs Need To Have A Plan In Order To Get Started On The Right Foot

CIOs Need To Have A Plan In Order To Get Started On The Right Foot

No matter if you’ve just been made CIO at your firm or if you are joining a new company as its CIO, you are going to be facing the same problem: what do you need to do first? Make the wrong decision and your time as CIO may be very short. Make the right decision, and everything else will be that much easier. Maybe we should take a closer look at what 3 questions you need to be asking right off the bat…

What’s Going On Here?

One the very first day that you become CIO, you need to start to ask questions. The right questions. One of the most important questions that you are going to have to ask is at this company, what is IT’s reason for being?

There are three basic categories of existence that an IT department can find itself in at any given point in time. There is no one “right” answer, but rather any one of these can be applied to the IT department that you find yourself in charge of now.

IT departments can be in sustaining mode, turnaround mode, or realignment mode. If the IT department’s focus is simply on sustaining things the way that they currently are, then you have your work cut out for you – all you are going to have to do is keep costs low and make sure that there are no hiccups.

IT departments can find themselves in turnaround mode because either things aren’t going correctly (problems meeting customer expectations) or because large portions of the IT infrastructure have reached the end of their life and need to be replaced. If this is the situation that you find yourself in, then you are going to have to step in and take charge of the situation. This won’t be the time to get group buy-in for your ideas, instead you need to tell everyone what they need to do quickly.

Finally, an IT department in realignment mode is facing the challenge of changing how they do business today (which is working well) and adjusting to support major new company initiatives. The department may have more time to adjust to this type of change, but the long term impacts of it are going to be dramatic.

What Is IT’s Role In The Company?

Just what does IT do in the company today is another question that you are going to have to be asking. This question basically boils down to finding out if IT is a “utility” that simply exists to support the rest of the company by keeping things up and running or if it has a higher purpose.

An IT department with a higher purpose can take on several different roles depending on just how important IT is viewed within the company. It may be viewed as a “supplier” which means that IT develops the applications that the rest of the company uses. Or it may go one step further and become a “partner” where IT is responsible for creating the strategic innovations that permit the company to move forward faster than its competition.

Just How Risky Is This IT Thing?

Although not talked about as much as that sexy corporate strategy piece is, the role that IT plays in managing the company’s risk and compliance needs to be well understood by the new CIO. These risks can be spread throughout the company and can include such diverse areas as operations, information security, and regulations related to the industry that your company participates in.

As a CIO one of the first things that you are going to want to do is to make sure that you have an up-to-date risk assessment of the various challenges that the company is facing. The last thing that you want to happen as you are coming on board is for there to be a risk related event that you get blamed for.

What Does All Of This Mean For You?

Becoming a CIO is a fantastic and challenging assignment. There is so much that you can accomplish; however, first you need to get a feel for the IT department as it currently stands by asking the right questions.

There are 3 types of questions that all new CIOs need to ask. These questions include what does the IT department currently do, what is IT’s role at this company, and what does IT currently do about managing risk?

CIOs who know how to ask the right questions will be well positioned to be successful. Take the time to get the answers that you need and you’ll then be able to focus on the reason that you were given the CIO job: how to make the company even more successful by using IT to move faster and do more…

- Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™

Question For You: Do you think that a CIO should work to change the role that an IT department plays in the company or is this the job of the CEO?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

When you become CIO you are going to discover one of the realities of IT life: you are not in complete control of the IT department. Rather, you are in charge of determining how to spend the money that the company allocates to IT. It turns out that how and how much money gets allocated is controlled by non other than the CFO. Are you ready for a corporate battle?

Tags: , , , , , , , , , , , ,
Posted in management | 2 Comments »

CIOs Need To Get Involved In Some Risky Business

Wednesday, April 21st, 2010
Image CreditRisky Business Can Be Good If You Are A CIO

Risky Business Can Be Good If You Are A CIO

What You Don’t Know About Risk Might Hurt You

Does anyone besides me remember the movie “Risky Business” from the ‘80s? You know, it’s the one that launched Tom Cruise’s career – he plays a kid who takes some big chances, has an adventure, and then ends up with the girl in the end. Well, CIOs have a opportunity to star in their own version of Risky Business – but their role has to do with selecting and implementing risk management applications that just might save the company…

All About Risk-Management Solutions

The global economic meltdown of 2008-2009 revealed that most companies really have no idea what kind of risks they are taking when they make business decisions. The world has gone global and so just about every decision that a company makes could come back to haunt it. If only there was some way to see into the future.

Sadly, a magical crystal ball that will reveal the effects of a company’s decisions has not yet been invented. However, we’ve already got the next best thing: risk-management systems.

As more and more companies start to investigate how a risk-management system could help them to make better decisions, the opportunity for future CIOs to step up and lead the charge has arrived. Robert Iati over at the TABB Group says that spending on risk-management solutions grew at 11.5% from 2009-2010.

As a future CIO, you may be called on to help sort out just exactly what kind of risk-management solution would work best for your company. Many solutions are designed specifically for financial services firms (this is where this type of application was born after all). However, there are a number of solutions that allow firms to monitor operational risks in their non-financial industry.

How To Use A Risk-Management Solution

The way that a risk-management system works is by collecting information from other systems and then processing it. The CIO is going to play a big role in making sure that the needed data is both accessible and available in a timely manner. Depending on the type of data, the risk-management system may need near real-time updates and this can put a strain on even the best run IT department.

As we in IT are only all too well aware, any risk-management application is only going to be as good as the quality of the data that is being fed to it. This means that there may be additional data scrubbing and / or normalization activities that need to take place before the data is presented to the risk-management solution.

After having gone through the effort of selecting, purchasing, and hooking up a complex risk-management solution the CIO has one more role to play – doubter. We all know how this goes: an application cranks out a pretty looking result and everyone stands around looking at it as though it had just come down the mountain carved into a couple of stone tablets.

The CIO needs to be the one to step back and remind everyone that any risk-management solution is not some sort of magic box no matter how much data you might be feeding into it. Instead, everyone needs to be reminded that the application is telling you what might happen in the future. It will tell you what you should do, but it won’t take the action for you – that’s going to still require human decision making.

What All Of This Means For You

We’re always talking about that IT / Business alignment thing and trying to come up with different ways to make it happen. The global economic crises of 2008-2009 has caused firms to start to seek out risk-management solutions and this opens a door of opportunity for CIOs to help out the business.

There are many different types of risk-management solutions and a CIO can help with the selection process. The system needs company data in order to operate correctly and where that data will come from (and how frequently) is something that the CIO will need to determine.

Opportunities to use IT to help out the entire company like this don’t come along often enough. CIOs need to size this moment and use it to once again show the value of the IT department to the rest of the company.

- Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills

Question For You: Do you think that a CIO should play a role in selection which risk-management solution a company chooses?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

I’m sure that when you picture yourself becoming a CIO in the future you see yourself sitting at the corporate strategy table with the CIO using your deep understanding of IT to help the company move faster and do more. Umm, one problem with that vision – you’re not going to make it to the big table if you don’t solve the problem of run-away IT costs…

Tags: , , , , , , , , , , , , ,
Posted in risk | 2 Comments »

Poisonous Snakes, Sharp Knives, And Angry Natives: How Much Risk Can You Handle?

Monday, October 19th, 2009
CIOs Know That Security Threats Can Strike At Any Time

CIOs Know That Security Threats Can Strike At Any Time

Ok CIO wannabe, we’re right in the middle of a global financial crisis and your IT budget has gotten slashed so much it looks like Freddie Krueger has come back and had his way with it. What are you going to do about your spending on security programs: cut ‘em, hold the line, or spend more. Whoops – that was a trick question: all of the answers will get you in trouble.

What The Other Guys Are Doing

Before making any big spending decision, any self-respecting CIO will do what all leaders do – try to find out what the other guys are doing in the hopes that you can just copy them. Well, in this case you’ll be getting mixed signals.

A survey done by Information Week magazine revealed that 19% of CIOs are cutting their security spending. On top of that, only 27% of the surveyed CIOs are planning on increasing their security budgets – that leaves roughly 50% doing the same old thing.

Its starting to look as though the final remaining sacred cow of IT budgets, spending on securing the enterprise’s IT assets, has finally fallen under the budget trimming axe. This is an excellent opportunity to learn how to be a better CIO: cut too little and the company goes under, cut too much and the company may get sued when your defenses are breached.

What’s Worse: Poisonous Snakes or Sharp Knives?

Here’s another part of your CIO quiz: when your security budget comes under fire and you know that you’re not going to be able to save the whole platoon, who do you pick to live and who do you let die? Tough call eh? That Information Week CIO survey revealed that most CIOs have decided that any security program that deals with compliance in some way, shape, or form needs to be saved.

In the end, CIOs are finally starting to realize that an effective corporate IT security policy consists of just two things:

  • Managing Risk
  • Protecting Data

Don’t Forget About The Angry Natives -
How CIOs Prioritize

If the job was easy, then anyone could be a CIO. The CIOs who get it, those who understand what effective IT security is really trying to do, know that the first thing that they have to do is to determine the company’s overall appetite for risk. If the company has an appetite for a lot of risk, then the CIO can trim the IT security budget to the bone. Otherwise, cut with care!

Successful CIOs realize that the right way to go about setting up an IT security program is to start by realizing that you can’t protect everything to the same level and so you need to identify what IT assets are the most valuable to the company. Once you know this, you need to take the next step and estimate the likelihood that those assets might be lost.

Only after you have both of these pieces of information can a CIO have the IT team start to create security programs and put systems of controls in place to protect what needs to be protected. Although compliance programs are on everyone’s minds in these tough economic times, CIOs need to keep in mind that such programs are not always in line with security best practices.

Final Thoughts

If you want to have any hope of ever being a successful CIO, you’ve got to learn to be able to make the tough calls when it comes to funding corporate IT security programs. Although putting measures in place in order to make sure that the company remains complaint with regulations is good, it’s not nearly enough.

Taking the time to properly value your corporate IT assets and identifying what kinds of risks this data faces is the critical first step that too many CIOs skip over. Take the time to do this correctly and you’ll be well positioned to deal with poisonous snakes, sharp knives, and angry natives. Now if we could just find some way to deal with those pesky rampaging elephants…

What do you think should be a CIO’s #1 security concern: remaining in compliance or dealing with the security threat that comes from outside?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

Ok all you CIOs wannabes, guess what one of your first problems is going to be once you assume control of the IT department? No, not that innovation thing. Nor will it be finding new ways to cut costs. Somewhat amazingly considering that we are living in the enlightened 21st Century — you will need to find more women

http://www.theaccidentalsuccessfulcio.com/wp-admin/

Tags: , , , , , , , , , , , ,
Posted in security | 2 Comments »

« Older Entries