The Accountability Trap
- 09 July, 2008 11:39
- Comments
Allison was recently appointed Chief Compliance Officer in the IT department of a huge financial services company, and was set up to fail from day one.
The set-up was pretty obvious to an outsider, but not to her. She enthusiastically told me of the importance of regulatory compliance in their industry and the stature of her position as the one person accountable for the compliance of the entire IT function.
"The regulators require a single point of contact," she explained. "We need to ensure consistent processes and metrics throughout the organization. And our CIO gave me the authority to make it happen."
I was reminded of past discussions with Chief Security Officers, quality managers in the pharmaceuticals industry, and business continuity managers. All these people had been made accountable for other people's compliance, and believed they had the authority to control other people's behaviours.
Sigh. I hated to burst Allison's bubble. But time and again, history has proven that this approach doesn't work. Here's why:
Executives have businesses to run, and they're not going to let a compliance officer tell them how to do it. Sure, they'll comply when it's easy or when they really have to — with the big, visible initiatives. But on a day-to-day basis, Allison has three factors going against her:
- Others are not being held accountable for their own compliance — she is. Why should they put effort into something that's outside their own personal performance objectives?
- Executives are held accountable for business results, and they aren't going to let Allison cause them to fail at that. They're not going to change their processes or disrupt their operations to help with her objectives.
- Allison is the one who's accountable. So if others mess up and bad things happen, she'll take the fall.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
-
Social networking security in the workplace
-
Facebook stock slumps for third day
-
Dell's profit shrinks in the first quarter
-
How to design a successful RACI project plan
-
Technology top for CEOs
-
Justifying Business Intelligence Applications
This white paper explores the decision criteria used in a build vs. buy scenario when considering the Oracle BI Applications. The major benefits of the BI Applications will be discussed in the framework of an overall buy vs. build argument. -
Seven Ways Business Activity Monitoring (BAM) Makes Your Supply Chain More Efficient
webMethods Optimize for B2B offers a set of technology capabilities commonly described as Business Activity Monitoring (BAM). To appreciate the value of Optimize and how it operates in conjunction with webMethods Trading Networks, it is helpful to understand the basic concepts behind BAM and how the technology is applied in a business setting. Read on. -
Shedding Light on Backup and Availability Challenges in Virtual Environments
This IDG white paper explores specific backup and availability challenges organisations must surmount as they move to virtualise their business-critical applications. It then shows how attaining proper service levels for these applications requires a high degree of visibility into the VMware virtual environment.
-
Linux System Commands
-
Free Software for Dummies
-
Software Reuse
-
Visual Basic .Net! I Didn't Know You Could Do That...
-
Search Engine Optimization (Seo) Secrets
-
Firewall Architecture for the Enterprise
-
Practical System Reliability
-
Games on Symbian OS - a Handbook for Mobile Development
-
Cissp for Dummies, 2nd Edition
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment