Organisations have failed their IT like bad parents

Fed up with the modern failures of IT being all IT's fault, I thought it was time to do something about it. So here is a white paper aimed at educating the business world to their responsibilities for IT. The world has really messed up owning IT (Information Technology), like a bad parent messing up a child's upbringing, letting them develop bad habits. We need to do better. We can do better. We need to do it soon, as modern IT requirements become ever more complex. [The white paper was slightly edited for version 5 in June 2012]

IT is in bad shape, struggling to meet escalating demands for more complex automation, more data, more complex technology, and dispersed control (internet, Cloud, Agile, mobile, social media BYOD…).
This isn’t entirely IT’s fault. They have been left to make their own way with insufficient guidance, support and resources.
If this continues, more IT departments will fail to enable their organisation to remain effective and competitive. We must help them out, and soon.

Those who run and govern organisations have an accountability and responsibility to manage and govern IT, just as they do every other aspect of the enterprise. This is true in the public and private sectors alike. It is not a new message but only now is it catching on.

This white paper (pdf) hopes to continue spreading that message. Feel free to distribute it - it is released under a Creative Commons licence.


See also Why does IT have to do business's job?


Keep refining this message.

I have always struggled for good analogies to explain the challenges of running an IT Organization. This one works just fine. The main idea here is that "the business" needs to provide governance, and get involved with the details that are not technical.

Most of the corporate governance I've seen amounts to 1) more capability desired, 2) everything is high priority 3) reduce the overall spend. When that lines up with IT executive leadership that tells the business what it wants to hear, then a burned out IT staff is the best possible outcome. Worse outcomes can result in re stolen data, business interruptions, loss of stockholder equity, and so on...

Skep, I know I can count on you to stay on this message. I will do the same. Thanks for this excellent work.


Updated "bad parents" paper

I know it is a bit late, but I've updated the I.T. Needs Better Parenting paper with a new version. The text hasn't changed except for fixing a couple of typos and putting a better segue at one point. I've just improved the appearance a bit and added lots of pictures - you know, for those special executives who move their lips when they read. [It's a joke, Aale].

I do get jokes, at least sometimes...

I remember how David played Gollum with his new iPad, but you did not get my point, or points actually. I had two and it seems I need to explain them better:

1) The Governance section requires a lot of inside knowledge, only an ITSMlogist can understand a word of it.

2) Jokes about stupid business people are not a good idea. I found this lovely site to illustrate my point

Who just learned a lot of new things about the Kiwis (joke joke)

I'm not making jokes about

I'm not making jokes about stupid business people. I'm making jokes about individual consumers and our lust for technology.
Years ago Charles Wang said FUD is actually FUDGE; you can also sell on Greed and Envy. I'm mocking a human foible.
What do others think who have read the paper?
P.s. I know most of those kiwi jokes because I tell them.

The premise of your White Paper is all wrong

ITskeptic. Sadly we are beginning to believe that your blog is read by Vendors and Consultants in the gravytrain of ITIL only.

Are we missing something, or have any "real IT People" who do IT for their company, employed directly by their company to deliver service to the people in the business who generate the revenues that enable their wages to be paid, actually commented on this thread (or blog in general).

Further, if they have (which we have not found) do any of them agree with your premise?

The following (which was the result of a discussion with some junior deployment grunt consultants currently taking the cream off our IT budget) says it all.

We do thank you though for being sporting and allowing us to debate with you and your colleagues.


You don't debate

You don't debate you just spray abuse and then link-drop.

The Future Whether We Like It Or Not

Firstly, we like the new look. Good work.

Secondly, sorry for appearing to 'link dump and leave' (sounds like a Koala Bear!), that is not what we are about or here for.

Please (ITSkeptic and all) see this article:

With specific reference to this paragraph:

"Part of that new mission means figuring out what it means to be an IT department at a time of DIY technology, when everyone and anyone can purchase and use their own devices or online services."

There is no point moaning or taking a shot at the business for making use of readily available technology. Afterall, we in IT within the firewall are simply a provider of service which sustains our business, just like outsourcers and providers of cloud facilities.

The fact that Cloud is unmanaged or outsourcers charge for every change or that we appear to lack cost efficiency to our customers in the business is our problem.

We in IT Service Management and IT Operations need to grow up. We should be offering fit for purpose solutions to our customers, then we would not risk being outsourced or, compete with the Cloud.

If the business needs a new service rapidly, and are prepared to do without end-to-end management security, then we should be capable of offering that to them instead of them going to the Cloud.

We should not bemoan the fact that our customer is always asking for more, we should recognise that this is the nature of business today. Remain competitive or die. Die means eithe the company fails or the company goes around us. Either way we lose our jobs.

It is we in IT who need to grow up.

Our business should not be expected go govern IT. If we employ someone to do a job, we do not then expect to have to micro-manage them over their shoulders to make sure they are doing their job properly. We have employed them because they are capable of doing that job.

We do however have a responsibility to inform the employee that we have changed our strategy for which they "may" need to change what they do.

Conversely, the employee we have hired has a responsibility to make sure that they are in tune with what we're doing.

Simple example: We employ a gardener to mow the lawn and tend my existing flower garden. We then decide that we want to transform a section of the lawn into a vegetable patch.

We would approach our gardener and present our plan. We would expect our gardener to tell us that they could do the work and let us know if there is any additional cost (investment) and resources required (from additional FTE hours to seeds). If they were incapable of performing the work themselves (lack of expertise) we would also expect them to tell us that they needed to hire specialist FTEs to delivery the work to plan.

We see IT as no different to the above. You say "Failure to govern IT. It is like a wayward unsupervised teenager."

IT is not run by junior people. IT needs to take responsibility as a service provider and effectively maintain its provisions to the business requirements, especially when they require rapid change.

You say: Failure to take responsibility for activities that aren't IT's job.

We say, we do not know about Gardening. We employ the gardener to know about gardening. If we want certain quantities of vegetables, we are not equipped to write the design, change, release and project plan for how to garden to that requirement.

We give the gardener our requirement and the gardener should design his plan. Clearly if we do not tell the gardener that we need the Potatoes in the Northern Hemisphere in January, then producing potatoes under Glass with Heaters will not be in his plan. So that is our bad. However collaborative discussion with an expert in their field (a gardener would know that some people like veg throughout the year) should elicit that information.

One doesn't simply dump a requirement over the fence and then expect it to be delivered. We're all mature folk, surely we should receive a requirement and then brainstorm that we have understood the requirements correctly (Oh, you want it by Friday and you have colorblind users, need double-byte , and need multiple timezone support!).

Get a grip. We bring you back to our original point: IT is/are not children. IT is a professional service provider. IT should act like a professional service provider.

When you talk about a "Failure to Respect IT", listen to yourself a you respect anyone who doesn't listen to you or argues against you and your requirements when you are the person with the money?

Think of a car salesman - you are going to buy a car and you want the car tomorrow. You agree a spec with the salesman but the salesman then tells you that you can't have the new car today because the car takes 3 months to deliver. Now, you want the car tomorrow because your old car has died, but the salesman has not asked you why you want the car tomorrow. Whether he asked you why you want the car tomorrow or not, if you say you want the car tomorrow, he should be saying "3 months to order to your specific spec or I can give you this similar car off the Lot today. It doesn't have the spec you want or the warranty or whatever...but you can have it today, your choice"

And that is the point with delivering IT services. The customer asks for a service. They will have a reason for needing that service. It is our role to do what we can to facilitate that service, not be a problem.

We lose the respect of our business quite rightly when we do not react to their requests or, worse, put up roadblocks as to why we cannot do what they want, when they can walk into any consumer store and get for their own personal use exactly what we tell them we cannot deliver.

You say "Non-IT people can never expect to understand the complexities of enterprise IT". YES!!! That's why they employ us. To know how to garden for them so they don't have to. We are "the Fixers".

To our original perspective on IT and ITIL, ITIL assumes that people do not know what they are doing. People, we in IT should know what we are doing.

When one is employed, one is employed because (a) one is allegedly capable of executing the role we have been employed for and (b) one will be a responsible corporate citizen, acting on the best interests of and additive to the business.

We are not employed as controlled drones, we are employed as human expertise. ITIL creates and demands drones. Drones cannot react to change, they need controllers who program them for the change.

Layers of mediocre management in IT hiding behind their ITIL maturity is the problem, and has led to the lack of value from our management tools and the outsourcing of our resources and the move of the business to adopt the relative freedom of cloud to support the continued innovation of the business.

The Business is not the problem, We in IT are the problem. We are our worst enemy, not because we are teenagers but because we act like teenagers.

We hope this engages debate with you. Tell us how ITIL and Governance and the over Procification of IT helps businesses? Tell us how it encourages entrepreneurialism and creativity in IT people to go that extra mile for the business that feeds them and their families?

Tell us how ITIL is part of the solution and not part of the problem.


A complex world

I'm sorry but I have a new policy of not engaging in debate with those who clearly are indisposed to accept service culture and process improvement as good things. Nothing I say will change your mind - this becomes a religious debate and those are futile.

Ah well, you went to all that effort so I'll go one last time around the block:

IT people aren't teenagers. There is the usual spectrum of maturities. IT as a profession and a culture is immature. As a result, gardening is about the worst possible analogy. The world knows how to engage and use gardeners. Gardeners know what their job is and how to do it and what plants to use and how they work. With IT we don't have a clue about any of that yet. And the plants change completely every few years.

There is every reason for "moaning or taking a shot at the business for making use of readily available technology." Part of the immaturity is in how the family as a whole works (sounds of creaking in the analogy as we stretch it too far): business is immature in understanding how to deal with IT (OK that works for me as a parent. We all need to raise five generations of children to get it right. Roll on immortality). You can't let business units run all over the place doing what they like with technology for really good reasons: data, costs, sustainability, security, continuity... a whole lot of things you don't get.

You're things-focused. You think if you have a need and get a thing that fulfills that need, job done. You use the car salesman analogy because of that immature view that IT ought to be able to deliver new shiny things on demand. The world is exceedingly more complex than that. We crave simple magic solutions like Cloud and Agile and Kanban and Lean (and ITIL before the world started to grow up about that). There are no magic solutions: it is very immature to run after every new shiny noisy thing that drives by.

i absolutely agree that "It is we in IT who need to grow up." You said it. And we won't grow up overnight. It is taking decades and will take decades more, as we explore a new and unfamiliar business environment, and develop the attitudes and behaviours to deal with it. And i don't mean "we" individually developing those attitudes and behaviours: I mean a few hundred million business people worldwide developing a more mature culture as a group. I reckon it will take half this century to work that out.

When i said "respect IT" i meant respect IT as a teen, not as an adult. That means respecting their limitations, respecting the problems they are dealing with right now, and respecting their right to grow and make their own way.

I'm not sure why you want to weave the ITIL debate into this because i don't think the paper mentions ITIL once. It's not about ITIL at all. I'm not going to spend time trying to convince you of the merits of ITIL - that's back to you having a religious position that rational debate isn't going to shift. There is a vast amount of material on why ITIL is a good idea. For a start, there are five useful books you should try reading some time. Because you clearly haven't. If you have had bad experiences with ITIL, then I'm sorry. A dog bit you: that doesn't mean dogs are all bad things that hurt. That's immature thinking.

I.T. Needs Better Parenting

Your I.T. Needs Better Parenting was forwarded to me via a mutual colleague and I must say it may just be the best White Paper I have read in 2012! I have now registered, bookmarked and RSSd your site and you can expect regular pingbacks from me!

Keep up the great work.

Chris J Powell
Krispy's Rants!

No, I'm afraid I thoroughly

No, I'm afraid I thoroughly disagree. This is real head in the sand stuff.

The issues are sociological. And they exist primarily because IT is populated by geeks with relatively poor social awareness. As usual, Scott Adams hits the nail on the head:

The business people who IT deals with are political animals who understand how to play the power game. IT gets beaten like a red-headed step-child precisely because there's often a real naivety from the top down about how to deal with politically savvy business-people. Consequently, business people know how to push the IT group's buttons. And they keep pushing those same buttons year after year.

Your manifesto reads like a plea for fair-play and is a symptom of exactly this problem. There is no fair play in the real world, there's only the power game and how effectively you play it. That doesn't imply that every IT executive is symptomatic of this problem, but it does explain the general malaise you're attempting to explain.

Running around trying to please everyone and begging for understanding is classic social naivety at work. And it's the product of a geek culture which is founded upon a technical focus to the detriment of its people-handling skills. People don't respect IT precisely because they don't have to. And it's the people within IT who are responsible for that.

As one almost insignificant example of the cultural issues: IT departments almost invariably do a poor job of selling their successes. Have a guess why that is.

Stop looking for outside forces to recognise what a special snowflake you are. Things only change when you have the will and drive to fight for a slice of the power pie. Failure to recognise that will perpetuate your situation. If you think of yourself as a service industry, that's all you'll ever be.

stupid counter-productive abusive behaviour

Not once does the paper appeal to fair play. It explicitly recognises IT's naivety. It explicitly recognises the sociological issues. Unlike you it also points out that this sin't going to change overnight - social change takes time.

So the business can continue to abuse IT or it can do something to extract more value from IT by managing and governing it better.

You can continue to cringe if you wish but I think the whole business community needs to realise that the problems with IT are partly because of the very abuse you describe and that isn't IT's fault any more than any other abuse is the victim's fault.

I'm not asking for justice or fair play. I'm asking business to stop stupid counter-productive behavior which is only damaging its own interests.

You're welcome to your interpretation but I think it is a poor one.

Adopting a victim mentality

Adopting a victim mentality is completely counterproductive. Your paper suggests the business should take more responsibility for processes which IT currently manages then makes the complaint that IT hasn't been given the opportunity to make its own way.

You want a reduction in IT's responsibility, but an increase in autonomy? What's wrong with this picture?

You comment on IT being unable to meet the expectations of its organisations. What that really means is that is has not MANAGED those expectations. By trying to play the ever-pleasing lap-dog, it overstresses itself and satisfies nobody.

Your paper seems like a call for abrogation of responsibility which blames everyone else for IT's failure to understand and manage its place within the pecking order. I'm pointing out that going to business people and saying "Please don't beat us" is about as futile a strategy as you can get.

Your response to the Forbes article reveals the narrowly constrained thinking which many IT shops fall into. Rather than simply saying "No, we have security and reliability concerns", you could always offer them what they want, shoot the risk profile through the roof and get them to sign off on reduced reliability, security and response times. As long as you construct a service offering which realistically reflects what you're capable of putting together and you meet the SLA, does it really matter if what you're offering doesn't satisfy the techno-fetishist desire for ultimate security, reliability and availability?

What you're doing is not even giving them the option. You're making the decision for them and then wondering why they don't see you as an enabler.

IT shops often regard themselves as protecting business people from their own mistakes, but all that does is make the IT department come across as obstructive and lacking the will to make things happen. If the business really wants something bad enough, they'll bypass you anyway. It's better to be on the constructive side of that engagement than end up with a business which doesn't feel they can talk to you when they want to get things done.

"Yes" I hear you cry, "but when it all goes wrong, they'll blame us!" - They'll try, but if you've gotten them to sign off on the risks and your IT management is politically savvy, they won't have a leg to stand on. The engagement with the business is more sophisticated than a simple "yes" or "no". And it's that social naivety of IT people who fail to recognise this which is a major contributing factor toward the ills you're railing against.


I'm sorry but I only debate people who argue against what i have said. If you are going to set up strawmen of what you think I have said then this could go for ever.

I said IT should have a narrower range of responsibility: stuff specifically to do with leveraging expertise in IT. And within that range it shouidl be listened to when it advises and should be given aiuthority to make apporpriate decisions.

I specifically said IT has a share of the blame for past problems just not all of it, so no I never "call for abrogation of responsibility which blames everyone else for IT's failure" .

For the Forbes article I explicitly said it is the customer/governor's decision so that's the exact opposite of "you're doing is not even giving them the option".

And what could be more constructive and engaging than seeking governance and management.

And... oh fuck it. this is tiresome.

You're winding me up right? Nobody can misrepresent my content so thoroughly and consistently surely? where's the hidden camera?

I'm arguing very

I'm arguing very specifically against what you said, you just don't seem to like your own arguments when they're laid out in front of you. How this is my fault is beyond me.

You specifically imply that IT is immature and unable to manage its own knitting, that the rest of the organisation should 'take over' some of the responsibility because IT can't be trusted to handle it, then you go on to say IT should have more authority in specific areas. You want less responsibility and accountability but more authority. Sorry, in the real world, this doesn't happen.

You also specifically say "As we shall discuss, IT shouldn’t own ultimate accountability for much at all: its responsibilities are to fulfil the direction of others, to play its IT-specific part to enable the wider organisation (family) to meet its goals. "

So now we're at increased authority but zero accountability. You also once again case IT as a pure service provider who does as it's told and can't be held accountable if the results don't match business expectations. That IT is incapable of governing itself as a discrete entity and requires hand-holding by the rest of the organisation because doing its own governance is just too hard.

This is in stark contrast to idea of IT as an active, innovative business enabler. Your model would have IT consistently waiting to be told what to do, instead of generating innovation and ideas internally based on a deep understanding of the business and its processes.

Mapping business processes onto an IT solution is very directly an IT responsibility, yet you would do away with this. IT people can learn and model the business processes which generate value, whereas non-IT people don't have the capability to understand how the many technology offerings available can bring value and efficiency to their business process. Trying to drive this capability outside of IT, in isolation, without IT-specific expertise and core knowledge of the existing enterprise architecture and software/hardware infrastructure is insane. How are you going to get a group of non-IT business analysts to understand your architecture? Describe it to them by analogy? I don't think that's going to work.

Your white paper reads as a rant against the idea that an IT unit should accept responsibility for self-governance and its communications and engagement with the rest of an organisation. It refuses to consider the idea that budget, accountability and perceptions of value are driven as much by political realities as anything else - and that they're not a product of decision-making by fiat, but are emergent properties of an IT unit's historical engagement with the rest of the organisation.

You cast IT as weak and requiring "fairness" to survive and thrive. I'm saying IT needs to recognise that it's swimming with sharks and needs political savvy to match its technological savvy. Nothing will be achieved by complaining about the rest of the organisation. Any IT unit which wants respect needs to be prepared to fight for it.

Liked the whitepaper

And even sent it on to my manager. Here is my problem though "how can I, an IT worker, facilitate change in the business?"
Can I even help foster the change?


That, my friend, is the $64,000,000,000 question.

The message needs to be understood in the Boardroom and the executive suites. Telling them won't work. If the government tells them they'll try to evade it. If McKinsey, Bain, Booz, BCG etc tell them it might work. If a magazine tells them it will definitely work.

To a certain extent I feel I'm preaching to the choir: this paper will circulate in IT circles where everyone (with a few notable exceptions in the comment thread here) will agree, but it will rarely circulate up to the levels where it matters. And if it does, Aale reckons it will offend more than it educates. I like to think a little shock value, some humour, and a novel approach are the ways to break through - we'll see who's right.

Will this paper change the world? No. But as it says at the end, there is a rising tide of voices saying this stuff, led by ISACA. One big thing i have learned in recent years is that the auditors are your friends. ISACA are linked in with E&Y, KPMG, PWC, Deloittes et al, so one hopes that will give them a little boardroom leverage to get the message across. I'm just another tiny voice in the mob below.

Help us ISACA! Your our only hope.

ITSkeptic, are you simply against or out to get IT Staff?

ITSkeptic, we find your commentary and white paper offensive to IT Service Management and IT Staff who are working very hard and long hours to deliver quality of service to our customers, hampered by a crazy quest for unsustainable process with no support from service management tools.

We have posted an open letter to you here:

We hope you have the good grace to comment.

In fact, we call for all ITIL proponents to stand up, justify and demonstrate to us, mere IT service management and operations staff, that there has been any value or benefit at all in the adoption of your methods and supporting technologies over the past 5 years.

Thank you.


Get to your bedroom!

Wow, if ever there was evidence for IT acting like teenagers...

tl;dr - "We don't need rules, we want to do things our way, I'll treat this place like a hotel if I want, you're not my real dad..." etc

Oh I could I suppose, but I

Oh I could I suppose, but I won't. Fact is I'm sick to death of debating the merits of itsm with whining techies. I said it once before recently : if you think you can run IT without proper process, good on you. Buzz off and do so. I'm over arguing the point.

Sorry but no

Who would read that? Business people? Come on. Read your Governance chapter again.

Rob, you are in denial, there is more than shiny objects to new technology and that attitude "We wants it Precious" will not help IT-Business relationships.


a joke

It's a joke Aale, you know "ha ha".
I hope people will take it as such. I take your feedback on notice: I'll modify it if I get any other negative feedback.

Book Suggestion


Great article, reminds me of a book by Susan Cramm (Harvard Business Press), '8 things we hate about I.T.'

I will be passing this one on.



Well, except IT leadership aren't teenagers...

Sorry, Skep, not really buying it.

You make some great points. No question about it.

On the other hand, the analogy that IT is like teenagers falls flat with me.

IT management isn't teenagers. And, if they want to be treated with respect then they'll have to not behave like teenagers.

If IT wants a seat at the grownups table, it has to act like a business-within-a-business, not as teenagers that have a driver's license but still have the parents pay for everything and want all the new toys.

Being the parent of actual grownups, there's a big difference between how one treats them and teenagers - because they behave differently, ask different questions, demand different things.

Perhaps the "rest of the business" sees it differently, they are waiting for IT to grow up.

You list some areas where IT is still, very much, acting like young teenagers - self-governance, service catalog, financials, asset management, etc. It's a good start.

not as teenagers that have a

not as teenagers that have a driver's license but still have the parents pay for everything and want all the new toys.

so you expect IT to pay for the systems business uses? actually, the analogy is that only the teenager has the license (parents don't have a license and cannot drive) and knows what kind of a car can be bought for what money.

(non-driving automobile-ignorant) parents on their own decide to buy a truck and ask the teenager to drive it. hey we spent ten times more than the small car you wanted - you have a license but you cannot drive it? after all, it is just a bigger version of that thing you wanted. and you want a truck-driver to move this thing? we may as well hire truck-drivers and fire you.

parents (clueless business) talking to teenagers (IT) about "toys": why do you want that firewall? i have read in a document that a firewall is like any other router. and why do you need these expensive vmware licenses? i have read that all these "cloud" technologies are a fad. what is the matter with you? why do you need these expensive toys? and bladecenters; what is wrong with rack-servers? aren't they cheaper?


it has to act like a business-within-a-business

so should we sell usernames and passwords? or charge users for resetting passwords? or charge per hour for explaining it to the executive that leak-prevention is not a software or an appliance. true, chargeback is there - but that applies only for resources and service management; how do we do that for consultancy?

Perhaps the "rest of the business" sees it differently, they are waiting for IT to grow up.

or they are senile. an executive wants us to trace that hate mail he received from a yahoo/gmail account. another does not want spam at all; we explain that we have a spam filter that filters more than hundreds of thousands of mails everyday, but a couple of mails sneak through. another demands why they see a phishing link and when they click it, it is blocked by the webfilter. another wants an online sales/payment system in a few months and when told of the options and cost freaks out: IT is always demanding money!

i dare the "rest of the business" to swap places for a week. (it is quite probable that IT will probably sort out that messed up business process)

i agree though that IT is not teenager anymore. it is in its early twenties and smarter than too-old-to-learn-new-tricks parents.

it leadership

I disagree
it pro's live in a world where they are looked at as resources on an accounting ledger line item. the cost of an it pro dictates certain behaviour by management who has no clue other than the accounting line item cost.

so go sit at the grown up table. they are people just like it pro's are. they just don't make the big bucks like the other participants.

what is sad is that the grown up table is just like grown up's in the real world - they don't get that IT pro's are detail oriented, task oriented, and objective in their profession whilst the rest of the business is subjective in their mannerisms, profession and just plain old human interfacing.

its the industry that acts like a teenager

I clarified this in a huge comment below, but just to make it clear:
IT people aren't teenagers. There is the usual spectrum of maturities. IT as a profession and a culture is immature. And we won't grow up overnight. It is taking decades and will take decades more, as we explore a new and unfamiliar business environment, and develop the attitudes and behaviours to deal with it. And i don't mean "we" individually developing those attitudes and behaviours: I mean a few hundred million business people worldwide developing a more mature culture as a group. I reckon it will take half this century to work that out.

IT is an immature industry

So you do agree...?

IT is an immature industry, no doubt about it. No consistent standards (think GAAP), no required qualifications or enforced accreditation (think lawyers, doctors, engineers...), wild fads, and a complete failure of critical thinking and common sense. I stand by my analogy.

Syndicate content