In the world of Corporate IT you have to play the game, walk the company line, do what it takes to advance your career, grow your kingdom. You have to ignore those who criticize, attack you for trying to push, perceive you as a brown noser, valueless.
But these are internal issues, ones you can control. One day the people who criticize will be working for you. And then we will see who is brown nosing.
The real enemy is the little guy, the development company that beats to a different drum. They don't have Regulatory and Audit breathing down their necks. They don't have to deal with CIS and Architecture. They don't have to follow the SDLC and environment rules to limit risk. They are cowboys, rebels, renegades.
They can put together an application without a spec. They can minimize testing. They can shortcut process. By nature, they are more agile, regardless of methodology. They can operate without a methodology. They can be faster to completion with less overhead and therefore cheaper.
And unfortunately, for a budget minded business customer, faster and cheaper is better. They don't care that this speed to market carries risks. They are willing to take the risks on the chin for the savings they can enjoy with this renegade process.
There are several ways to combat these cowboys. Convincing the business that they cannot operate this way typically leads to a rift between IT and the user base. So one of the best approaches is to make the vendor a partner to the organization. A preferred vendor with a contract that will ensure proper licensing of their products, payment, etc. And by doing this, by formalizing the relationship (with a smile like the Grinch), you can subject them to terms for which they are not prepared.
By becoming an official vendor of the corporation, the vendor will be forced to abide by the same Audit and CIS rules as Corporate IT. They will be required to build (or in the case of applications already in use, re-build) to the corporate security and architecture standards. They will be reviewed, scrutinized, required to test and document and meet to fulfill their obligations.
And this will destroy the cheaper and faster. This will level the playing field. This will remove their advantage and actually turn the tables. They will be unaware how to navigate the process, how to determine the right approach for those reviewing to give approval. They will be setup to fail. And fail they will. They will be exposed as the wild, loose cannons that they are and they will be found inadequate. Even their business friends will turn their backs on them as they must to save face in their corporate world.
These rogues are the enemy of Corporate IT. They are a plague, a cancer. But, they can be fought and more importantly defeated. This is my story on how I battle one vendor and, assuming I am allowed to fulfill my mission, how I destroy them.
No comments:
Post a Comment