Slashdot Mirror
Hunting Bad CIOs In Their Natural Environment
onehitwonder writes "Bad CIOs are a blight on the IT profession, the organizations that employ them and the IT staff who toil under them (usually cleaning up their messes). Yet bad CIOs manage to migrate largely undetected — like the mythic Big Foot — from company to company. In the process, these bad CIOs lay waste to businesses and information systems, destroy staff morale, pillage budgets and imperil shareholder value. To help rid the world of this scourge, CIO.com has compiled a list of behaviors common among bad CIOs that recruiters, hiring managers and IT staff can use to identify them during the recruiting process."
Pointy hair
No, you missed the point. Improving security is a primary goal of the CIO. But the way he approaches it the sign. The example in TFA has the CIO fear mongering to get a larger budget then he actually needs. Most companies today don't need new firewalls to improve security, they need to rethink the process. Putting security in the hands of software and hardware alone is a path to disaster. The CIO should be able to itemize what he really for security explain the tradeoffs to management, and tell the shortterm and long term effort it will require.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Hey, I think I work for this guy!
[anonymous for job security reasons]
It may be tagged humour, but I see too many signs pointing at our CIO... -.-
Is it for sure that we can't shoot them?
home
FTA: Young and old flee the CIO's flock. Unusually high levels of staff turnover in the IT department after the new CIO has joined... Ya think? Some departments empty out like rich people leaving the Titanic once you bring in someone new, which is usually a bad sign. A good, sensible leader will often spend the first part of his/her tenure just watching and learning, before making any huge changes (unless they're hatchet men, in which case I'll be the one wearing a dress floating off in the lifeboat)
"Beware of bugs in the above code; I have only proved it correct, not tried it." -- Donald Knuth
then a sublist....
Behaviors observers should note when the CIO has settled in his new habitat.
and then there is a sublist within that second main list (in case you werent confused yet):
MORE SIGNS OF BAD CIOS
Why are programmers non-productive?
Because their time is wasted in meetings.
Why are programmers rebellious?
Because the management interferes too much.
Why are the programmers resigning one by one?
Because they are burnt out.
Having worked for poor management, they no longer value their jobs.
"Beware of bugs in the above code; I have only proved it correct, not tried it." -- Donald Knuth
Blake Edwards said it best when receiving his oscar for life-long achievement: "I want to thank my enemies too. I couldn't've done it without the enemies...."
I reported to a bad CIO for years. First off, the mind of a politician isn't much different from that of a corporate-climber. I found the same mind in my experiences with attornies. It's enough to make anyone appreciate the misanthrope Jonathan Swift. At the core of all these folks is a basic deceptiveness invented, grown and maintained with one single goal: power.
I've read Ringer and I've read Lewis. Ringer says, "Look out for number One." Lewis rebutes (although he wrote this before Ringer by decades), "a life devoid of virtue is simple a life looking out for number one.... and void of its purpose...." Or something to that effect.
I could write a novel containing my thoughts and experiences on the bad CIO, but in short I believe being absent any real talent, being totally goal-oriented and power-hungry, they practice basic machievelian manipulations and mob psychology to intimidate people into staying in line.
In my experience, any true and honest person that happened into an officer position at a corporation is quickly devoured by the meat-eaters.
If you want a life and job filled with honest work, non-game-playing individuals and good sleep at night, then read the signs and minds of those around you, build yourself, bend the questionable intentions of those around you into tools that form who you are, and, as Shakespeare put it, "to thine ownself be true." Eventually, you'll find that job and slowly realize "yes, I'm here. I can just do a fulfilling job and get paid."
Trust me, it happens....
"All great things are simple & expressed in a single word: freedom, justice, honor, duty, mercy, hope." --Churchill
These are not characteristics of a bad CIO, but characteristics of a bad manager. TFA reads like headunter-scum puffery. It would point at any incompetent boss.
"Nothing to see here folks. Move along." -- Leslie Nielsen in Naked Gun
Likewise, when you recount a CIO's (or anyone else's, for that matter) behaviour to them, they won't recognise it as "bad". So there's little point in writing an article on recognising bad CIOs and then publishing it in an article for CIOs. They'll all either agree or disagree on the points, but none will see their own behaviour described there.
From a company's perspective, the only questions that really matter are whether the CIO being interviewed has a record of delivering programmes of work on target, on budget. That they can successfully turn around a failing (but not turn around a successful) IT department and that they positioned the IT dept. to allow a company to grow efficiently.
It doesn't matter if they name-drop or brown-nose. Anyway a hiring CIO just wouldn't recognise the pattern of behaviour - whether they, themselves, are good or bad.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
This is really quite fascinating. I speak to between ten and thirty CIO's every day as part of my job. The exact number, obviously, depends on how generous their PA's are feeling, and their availability. Part of my job involves speaking to these executives to find out about their current priorities for the department over the course of the next financial year. After reading this, it's frankly astonishing how many of the individuals I've spoken to are guilty of these. Obviously, you can't qualify all of the points discussed in the article through one phone call. The one which stands forward most clearly in my mind was the CIO who crowed at me for a couple of minutes about what his budgets were like, and how he'd just cleared his server room to six blade servers because he'd virtualised so much of the infrastructure and blah blah blah. I spoke to his GM of Infrastructure, who told me that the CIO in question spent almost all of his time in the office, door closed, and would only pop his head out of the office to go to vendor meets or crow about who he was playing golf with that weekend. This GM was doing more of the IT to Business communication that the executive that he directly reported to was doing. I hear stories like this all the time.
"We are Samurai, the Keyboard...Cowboys"
A lot of these behaviors seem like they should be red flags for any candidate for any position, no?
In practice, because shareholder elections are a farce, most boards are compromised by being populated by other executives, typically leading companies in the same or similar industry as the executives they are supposed to oversee. This frees executives from shareholder control, essentially giving them reign over other people's assets. Lavish stock grants entrench executives by giving them share ownership which in turn increases their control over the board.
Freed from oversight, executive goals diverge from shareholder goals. The limits to this divergence are mostly appearance based. You can't appear to be diverging from shareholder goals too much. Image is everything. To achieve this, executives typically vet those they hire based on loyalty. Many employees, while they profess to understand this, do not. So I repeat. To achieve the goal of appearing to promote shareholder values, executives hire first and foremost on the candidate's ability to be loyal to the hiring executive. This results in the typical knuckle dragging tribal culture found leading today's corporations.
Saying that solving this problem is hard, is a major understatement because you are talking about making America's ruling class accountable. Solutions like co-determination do exist, however, but would require the right political climate to implement.
Politicus
Those using pirated Tinysoft signatures(TM) are a real threat to society and should all be thrown in jail.
I formerly worked at ATMI, and they employed the dumbest CIO they could find. He has no IT training or knowledge, claiming his managerial accounting background will allow him to do the job. The CEO is a guy that surrounds himself with yes-men, and Kevin Laing is his personal puppy of a CIO.
Kevin hired an infrastructure director, who was trying to gown up in our clean room and couldn't find any left handed rubber gloves. It's no wonder the companies stock has been flatlining for the past 5 years.
Those poor bastards still working there will never get an annual bonus, because the CIO blows the budget horribly every year. The Help Desk manager has run off all the competant staff with full blessing of the CIO, I just don't see any upside to this guy at all. If the CEO and CIO were fired tomorrow, I'd guess there would be a jump in the stock just because they would be gone.
Key attributes of Kevin LaingKevin
Irrational Diversions
Bah. The correct way to recruit, for any position not just CIOs, is to look around and identify top talent, then *invite* them to your company. Posting an ad and then trying to decipher resumes is really not an intelligent way to hire anyone, let alone CIOs. You should, of course, post an ad and have a brief look at resumes in case there's some talent out there who has no connections to you or is invisible, so that they have a chance to reach you. But in general, most good talent is visible in some way, so you can watch them from a distance, identify their weaknesses and strengths, and then invite them when you need them (this of course doesn't guarantee that they will come, but it is for this reason that you should always keep a list of multiple potential CIOs that you could invite rather than just 1).
As for the article... it suggests CIOs who change company too often might be bad. That's not an indicator of anything. That's not even a good heuristic. They may change employers for a great number of reasons, only some of them having even the slightest to do with their own performance, and many times the performance of a person is contingent on their environment. A resume cannot tell you anything about a person or their future performance. Academic degrees, even from top tier schools, mean nothing, and you cannot even trust references as you never know how and why a person recommends another, and basing your decisions on past employment record is not useful if you can't know what they were doing while being employed there (they could be playing chess all day thanks to them being the son of the company's president, etc).
There is only one way to know whether a person will perform well: you have a set of requirements, and the person in front of you claims they can satisfy them. The way to know rather than guess their future performance is to *test* them, in real or near-real environments.
How to test a CIO? You first have to identify what a CIO has to do within your company. Oftentimes, CIOs design processes and rules for information sharing, protection, and processing. So, if in your company you find that your CIO will likely spend their time coming up with improved processes and monitoring them, then why not get them do exactly that during the interview instead of trying to guess the unguessable from a resume or asking stupid interview questions with no meaning? One thing you could do is to have them manage a small team composed of employees in your company for 15 mins or half an hour or so, asking the wannabe CIO to devise rules that would enable the team to finish a simple virtual job quickly over the company's LAN, then simply hire the CIO who were able to make the team work faster during these 15 mins. This may cost some money, though, so you could build a computer simulation to do the same: the simulation would model some essential business processes, and the wannabe CIO would have to think of ways to let the simulated business components share information in the most effective way, then you would configure the simulator to run the policies the CIO suggested (or chosen from a multiple choice menu), and you would keep the time. Assuming the simulator was built in an intelligent way to capture the essential parameters of reality (which isn't an easy task, of course, which is why I recommend using real human teams for testing if you can spare some time), the CIO who thought of a policy that led the simulation finish faster would get hired. This doesn't even need to be done during the interview, it can be done remotely, eg over a Web-administered pre-hiring test, so you would need to invest absolutely no time and money in testing wannabe CIOs from the moment you build the test. One word of warning, though: the test must be built as to encompass emergent characteristics and complex noninear behaviours, just like real life, so that no one can predict the simulator's run time from the initial parameters.
And another word of warning: Some talent dislikes being tested too much, which is why you shouldn't ask them to be tested for more than 15-30mins at a maximum, and only once.
The absolutely worst IT executive I ever had the displeasure to work for was a woman. Arrogant, rude and completely unqualified. It turns out that she had quite a horrid reputation in her prior jobs. Made a complete mess of things and then moved along to another (local) company where she proceeded to make the same mess. I will give her points for consistency. This all appears to be simply a matter of empty suits finding one of their own for critical executive positions. To my regret I was out the day that IT became a political space and not a technical one.
The cult of personality CIO is probably the most destructive and wasteful of all of them. They're particularly dangerous in government. The last big contract I worked had one. He brought in "his" people to manage projects. Some of them were, in my opinion, charity cases. A couple had qualifications that included boarding their horses at the same riding academy. They had unproductive jobs and were bossy and abrasive on top of that. I watched them waste millions of dollars, produce nothing tangible or productive, then get promoted. The talented people took other jobs and left.
It's very demoralizing when you're trying to do the right thing for the customer and be cost effective, then see someone ride in with his toadies, blow millions on something that never had a chance of working in the first place, then get moved up the chain. Makes you question if there's a margin in being practical and productive. I always thought that if you made good business decisions in IT, the customer would eventually come back to the value proposition. But it doesn't always work that way and I'm starting to question whether that's naive.
I certainly have several first-hand experiences where the incompetent, impractical and wasteful have flourished.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
- Implemented a strict dress code that applies at all times including weekends and nights. Facility operates on a 24/7 schedule
- Not allow for Hawaiian shirts on Fri even though it is a military tradition
- Not permit flex scheduling like leave early on Friday's
- Schedule an all-hands meeting for 3 or 4 on Friday afternoon and did that routinely.
- Implement strict rules on Internet surfing such as not allowing you to change options on IE. Firefox and Netscape not allowed. The options does not allow you to bypass pop-up commercials.
- Put in a boat load of offices and cubicles in the basement but did not put in matching capacity for bathrooms. People complained and his response that if you didn't have to wait more than 20 minutes to use the toilet, then it is considered sufficient.
- On the subject of bathrooms, when he went to use the toilet, he would kick everyone else out.
- Implemented a traffic safety hotline where you can get reported for speeding and then get disciplined when you got into work. He tried to implement a vehicle inspection program since he complained about modified vehicles such as trucks and his pet peeve was dark window tinting. Luckily he was shot down on that.
Overall, this person thought he was so important.In other words, security is a process. Security is not strictly a hardware and software solution.
You hit that right on the head. If you look at the most recent scandals in Finance
Societe Generale's 4.9 Billion Euro loss was attributable to someone who allegedly still
had access to middle-office systems after moving to the front office, along with
the skills to BS senior managers over his positions. Failure in process.
They failed to remove access and they failed to follow up on sketchy stories.
Same with the recent extortion attempts at two different banks in Lichtenstein;
former bank employees pulled data and then extorted or attempted to extort
bank customers. This time failure of process that has nothing to do with technology -
you just employed people that ultimately could not be trusted. Their access was
required as part of their job -- what firewall can protect against that?
(Answer: none, firewalls can only allow or deny access,they don't make
context based decisions on intent, i.e. no firewall says "gee normally this guy
pulls 10 customer records, but today he pulled 1,000! What's up?)
Here in the USA at least, it's only possible to check good references.
Nobody dares give bad references anymore, for fear of being sued.
If you disagree with me on social issues, then it's pretty clear that you are a narrow-minded bigot.
So, how can we prevent these hoodlums from ruining our lives and get them either not hired to begin with or canned when we see their complete incompetence?
You can't. Once someone reaches "C" level, they have something akin to diplomatic immunity. Even if they screw the shareholders out of billions of dollars and run the company into the ground, the only thing that might happen is they get fired, get a huge golden parachute, and some other company will immediately scoop them up for even more salary and stock.
If you are not allowed to question your government then the government has answered your question.
> Profiting by fraud/scam is evil and amoral,
Eh? How can something be both evil AND amoral?
If you disagree with me on social issues, then it's pretty clear that you are a narrow-minded bigot.
We don't need a list of what they do! We need a list of who they are! So we can check it when job hunting. Now that would be helpful.
Most companies today don't need new firewalls to improve security, they need to rethink the process.
sorry but replacing that Linksys router with a WatchGuard Firebox is a good idea. MOST companies and Schools have a Joke for their infrastructure. And upgrades ARE needed.
Personally, I would rather be led by a CIO with a Liberal Arts degree than one with a MBA, but that's just me.
:wq
I think a big problem in most organizations is insufficient bottom-up feedback. A CIO may be a great kiss-up to the CEO, but may otherwise be a crappy manager. If a formal process was put in place such that underlings ranked their supervisors, then the bad ones would either have to shape up or ship out.
One interesting approach is a list of about 15 traits, and employees pick the top 3 that the manager needs to improve on. This avoids a "blunt" ranking that many organizations dislike, but at least gives the top layer feedback on the biggest problems.
Table-ized A.I.
An outfit I worked for a few years ago had a good CIO and IT department, when measured against other companies IT departments. But we were (and I stress were) a great engineering and manufacturing company. IT was, in times past, only a tool used in that busiiess process.
At some point, the folks on mahogany row became bedazzled with the culture of information and forgot exactly what it was that we were supposed to be doing. In corporate speak, they neglected their core competencies. The IT department did a great job in standardizing processes and tools and upgrading systems where cost/benefits warranted it. But this was all measured with metrics viewed from the information systems side of the house, not the production side.
Pretty soon, we had cheap and efficient IT systems. But the engineering and production systems suffered where their requirements didn't meet the IT template. Processes that had been developed to give our company an edge over our competition were dropped in favor of using industry standard tools.
I'm certain that our CIO will receive the respect and admiration that he deserves along his career path. He did what he promised, within schedule, budget and with quality. But our profit margins and market share suffered as we became a commodity.
Unless your business is the IT business (Google, Microsoft, etc.) they are just tools folks. Far too many CEOs and BoDs were dazzled by the shinney server racks.
Interesting note: About a decade ago, when we were looking for better ideas and processes, our managers traveled to Japan to see how companies like Toyota and others achieved their efficiencies and profits. Along with lots of good process ideas, they brought back an interesting observation. The Japanese hadn't really bought into big enterprise-wide IT systems. Some of their best processes used clip-boards and paper.
Have gnu, will travel.
Ours got CIO of the Year!
http://www.informationweek.com/news/showArticle.jhtml?articleID=204702770
This was a running joke inside our company as the man was considered woefully incompetent and borderline retarded by all who worked in IT. His true gift was looking like CIO and convincing IT magazines that he was good.
i.e. no firewall says "gee normally this guy pulls 10 customer records, but today he pulled 1,000! What's up?
Yeah, that's a tripwire activity - if you log record access, you can identify common usage patterns and alert when the numbers get out of whack - if 10 is normal, set alerts at 20 and 40. It's still a human process after that; computers are good at filtering, though.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
Keeps a cattle prod in his office.
I see your informative link, and raise you a pithy comment.