The one thing that top IT infrastructure leaders do

IT infrastructure leaders have a truly difficult job—keeping all of a company’s systems up and running 99.999% of the time (at a minimum!).

Oh, and they need to keep network access secure, and data secure and backed up, and e-commerce sites highly available and responsive, and operating system patches current, and virus definitions up-to-date, and…just like the Energizer Bunny, the list of responsibilities keeps going and going and going.

And then they wake up and start their day.

But there’s nothing special here.

No accolades for keeping a company’s technology operations running 24x7x365. No special awards for keeping the bad players out, while always ensuring that the right players get in.

Unfortunately, many companies are flying on a wing and a prayer that nothing bad is going to happen. It’s not that they don’t trust IT, it’s that they’re not given the information that allows for a good night’s sleep.

Most IT organizations are not allowing business leaders to manage infrastructure risk, which is really business risk.

For every bad thing that happens inside technology infrastructure, an unequal and exponentially worse business reaction occurs. Unfortunately, the breakage or outage is always a surprise to IT. While the business sits and waits (and fumes), IT scrambles.

But, there is a way for executives to sleep better at night, and the infrastructure leader (and their teams) to get the accolades they so much deserve.

View infrastructure solely as business risk management

The very best infrastructure leaders view their job as a business risk manager. That’s the mindset they bring to work every day. They don’t just simply manage infrastructure, they proactively identify, mitigate, and eliminate business risk.

They also instill a “no surprises” mindset and operational model into their teams.

They take a more methodical and reasoned approach to patches, upgrades, replacements, and even overall architectures. They do this by continually identifying and documenting what is wrong and what could go wrong with infrastructure. Then they assess and prioritize these risks based on impact to the business.

Infrastructure teams have limited people, dollars, and time. (Don’t we all.) The best teams focus their limited resources on managing business risk, versus on simply managing infrastructure.

For infrastructure risk managers to own business risk, they need the information and opportunity to actively manage that risk, and to determine which risks to eliminate, which to mitigate, and which to accept as-is.

Here are the basic building blocks of effective infrastructure risk management:

1) Build an infrastructure risk portfolio

a) Document known infrastructure issues
No matter how big or small or embarrassing, or who created them
Definition: an issue is a situation that is currently impacting performance.
(These are currently documented in the mental sticky-notes of your network, systems and database administrators.)

b) Document known infrastructure risks
Theseare the gremlins lurking throughout your infrastructure, chewing on cables, slowly gumming up switches, and shoveling dirt into databases. 
Definition: a risk is an issue whose time has not yet come; it represents a potential impact to performance.

2) Continually add risks and issues to the portfolio
Find time in a current operational meeting to openly, and without judgment, identify and document risks and issues.

3) Document business impact
Describe the actual or potential impact to the business.

4) Prioritize the risks and issues based on business impact

5) Empower business leaders
Meet regularly with the executive team (at least quarterly) and walk through the portfolio, educating them about the business risks residing within their infrastructure. Give them solid options to address the risks.

For example:

  • Gold – eliminates a risk with an investment of $XXX and will take X days/weeks/months to implement

  • Silver – with $XX investment, reduces the risk of XXXX happening, but XX could still happen

  • Bronze – with $X investment, reduces the risk of XX happening, but XXXX could still happen

Critical success factors

1) Honesty – from IT about what is wrong and what could go wrong with infrastructure

2) Transparency – openly sharing all infrastructure risks and issues with business leaders

3) Language – describing the risks and issues in business terms, not technical terms

4) Engagement – from business leaders in order to understand and actively manage this category of business risk.

This is powerful for business leaders. It gives them the critical information needed to be aware of and actively manage business risk—which they own. You will be empowering them to decide which infrastructure risks to eliminate, which to reduce, and which to fully accept by doing nothing.

Get this right and IT will be cheered on. I’ve seen it happen.

And best of all, everyone sleeps better!  (Except the gremlins.)

John Hughes is a 35-year veteran of IT. As founder and managing partner of Gnu Talent, John, and business partner Brian Donaldson, are solely focused on guiding industry-leading companies in their successful search for influential IT leaders. John and Brian have sat in these seats themselves, are respected industry-wide, and have deep IT connections, making Gnu Talent a powerful, knowledgeable resource for IT leader placements.  John is also author of the book, Haunting the CEO, a leadership fable used by universities in MIS and MBA curriculum, and by C-suite business leaders as a go-to guide for how to do IT right.