Yesterday when I visited a customer I was reminded about something that I wrote about last year under "who can you trust?". The question is simple: can you trust your IT department to always do what you want them to do (yesterday I heard the expression: no creativity..just hard work ). The IT department has an enormous power within any given organisation and their failures have a direct impact if you can do your job or not. On the other hand, when things runs smoothly no-body thanks them…
I often say that people have to much access to information...and that is certainly true for people at IT departments. They are often by definition power users and can access more information (and do stuff) then anyone else in the organisation. It is essential for the management to make sure that the rules and regulations regarding access as are applied also for the IT department. I usually recommend the two-hand principle for anything that has vital implications...an example of this is that one person handles the LDAP system...and other person handles the access system.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment