13
Org Design—Just Show Me the Answer

There's no one-size-fits-all IT org chart, but Figure 13.1 shows an example of a design I've had success with.

Schematic illustration of Sample IT Organizational Design

Figure 13.1 Sample IT Organizational Design

Application, Operations, and Infrastructure are all standard CIO direct reports, and I won't delve into those areas. In smaller companies, operations and infrastructure are often combined under one leader. With more and more infrastructure migrating to the cloud, these roles are transforming rapidly.

Support

Back in the early 1990s, one of my mentors, Les Duncan, introduced the idea that the support team (IT help desk and desktop support) should report directly to the CIO. As with many of Les's ideas, at first I scoffed, only to later see the genius of his ways. Nothing influences the perception of IT inside a company more than your help desk and your desktop support team. This is the only interaction many of your business partners have with IT.

Most of these interactions occur at the most stressful times because computers like to break during the least convenient times. In retail, the help desk is responsible for supporting store systems. Have you ever been shopping, and the register went down? Now imagine being placed on hold with IT and trying to explain the situation while angry customers are lining up. Seconds feel like minutes, and minutes feel like hours. Being told to “reboot and call us back” is not sufficient.

More than anyone in IT, the help desk can empathize with the field employees. They are the window to your internal customers. Staying close to support is key to building an Amazing IT Department. Therefore, the head of IT support should be a member of the IT leadership team and a direct report to the CIO.

Cyber-Security

The case is often made that cyber-security is more comprehensive than just technology, and therefore the CISO should not report to the CIO. In my LinkedIn poll, one-third of the respondents said the CISO reported somewhere outside of IT. In her 2018 article “What's the Best Reporting Structure for the CISO?” Stephanie Overby discusses CISO reporting options in depth.8 Personally, I believe the CISO should report to the CIO for three reasons:

  • The CIO needs to champion, fund, and execute the cyber-security program.
  • The CIO is much more skilled at translating cyber-speak to business-speak.
  • The CIO needs to own the incident response when something bad happens.

Portfolio Manager

I am not a fan of a centralized project management office (PMO). Instead, I deploy the following model: for teams that have multiple, ongoing projects, I embed a project manager (PM) or scrum master (SM) on the team. This person is a project management expert in the methodology being used by that team (e.g., Agile, Waterfall, Lean, Kanban) and a subject matter expert in the domain. For teams that don't always have project work, I prefer contract project managers who are also subject matter experts in the specific domain. They come in, do the job, and move on. Whether internal or external, each project needs to fund its own project manager.

I include a portfolio manager on the IT leadership team. The portfolio manager is an individual contributor responsible for the methods, processes, and ceremonies (fancy Agile word for meetings) needed to properly execute the entire portfolio of IT projects. The portfolio manager runs IT prioritization committee meetings and is also responsible for ensuring that projects are being managed consistently across the organization. The portfolio manager coordinates with the embedded project managers in a matrix arrangement providing tools, guidance, and coaching. As tempting as it is, resist the urge to allow your portfolio manager to manage projects. Once you head down that path, it's hard to go back.

HR Partner

I remember the days when HR was divvied up into specialist roles. You went to one person for employee relations (that means something bad happened), another for career development, another for compensation discussions, and so on. This model has evolved, and HR Departments are deploying generalists so that each department head can work with one business partner across all HR disciplines. If you're fortunate enough to work in this model, simply add that person to your extended IT leadership team. Ask them to attend your annual team-building events, offsite planning exercises, weekly staff meeting, and department meetings. When you take your team out to lunch, the HR business partner is invited, too. When you make your HR partner part of the IT leadership team, your team will transform for the better. This is a people job, and HR partners are people experts. In Chapter 32, “Love Your HR Department, Just Don't ‘Love' Your HR Department,” we'll explore all the benefits of working collaboratively with HR.

Finance Partner

“Money makes the world go 'round,” and there is no place this is truer than in business. I've seen IT organizations with an IT controller as a direct report to the CIO. I like that model and see many of the benefits. However, the drawback is that your IT controller may become disconnected from the CFO's org, which is not in your team's best interest. Matrixing a finance person into your team in the same manner as the HR partner is my preferred structure. Yes, they get to go to the team lunch, although they may argue there's no budget for it.

Executive Assistant

We've all moved past Mad Men,9 right? It's not your executive assistant's (EA) job to light your cigarette and get your coffee. Your EA should be a fully contributing member of your IT leadership team.

Here's what to look for in an executive assistant:

  • Confidentiality
  • Expert-level scheduling skills
  • Grammar/writing skills (every writer needs a great editor)
  • Basic graphic design skills
  • Relationship skills
  • Event planning

Your assistant represents you both internally and externally. If it's your goal to be professional, ethical, thoughtful, caring, intelligent, and available, then you need to make sure you have an EA with these qualities. Your assistant should know where you are and where you should be at all times. The more often these two things match, the better your credibility.

Notes

  1. 8.  Security Roundtable (Palo Alto Networks), https://www.securityroundtable.org.
  2. 9Mad Men refers to the fictional AMC TV series that portrays the advertising industry in the 1960s.