Emerging Tech

The dangers of unintended consequences

Sometimes IT, with its tendency to build rules and validations, can also generate inflexible systems that leave users ill-equipped to do their jobs.

I recently read a fascinating article about a law in a major U.S. city requiring that fast-food restaurants prominently post caloric information at all their outlets. While many fast-food restaurants do this as a matter of course, the information might be in a pamphlet behind the counter, or on a poster in a disused corner of the restaurant, in the tiniest of fonts. This law specified that the information be front and center, with the reasoning that people would make healthier food choices once equipped with easy-to-spot nutritional information.

A few years after the law was implemented, an interesting thing happened: Calorie consumption went up on average, especially in low-income areas where it was assumed the reduction would be most dramatic once this information was easily accessible, especially as these areas also had a high incidence of obesity. As the causes for this increase were investigated, it was discovered that people were most certainly using the nutritional information, but rather than making a decision to eat healthier foods, were making a somewhat sophisticated cost-benefit decision, and purchasing the most calories for the least cost. The noble intentions behind the law missed some critical facets of human nature, and the rather basic concept that most people buying food at fast-food outlets don't do so for nutritional value. In areas where time and money are in tight supply, speed and "bang for the buck" obviously trump caloric concerns.

Similar situations happen daily in enterprise IT. As a junior developer I was often encouraged to make systems "idiot proof," building rules and validations that would presumably help users navigate complex screens and transactions. However, these rules and validations also generated inflexible systems, or worse yet, created a "just push the button" attitude among IT and training staff that left users ill-equipped to perform their jobs. Nearly everyone in a corporate job has heard the local IT representative ask "Have you created a help desk ticket?", a well-intentioned way to track work that's become the brunt of Dilbert-esque jokes about IT around the world.

In IT management, we're even more exposed to unintended consequences. I've worked with several IT organizations that carefully craft a program management process that is a thing of beauty, mapping out the entire project delivery process from conception, to business case development, implementation, and value capture. However, the process is so unwieldy or poorly "marketed" internally that business colleagues perceive IT as obstructionist and a necessary evil, rather than a strategic partner.

The best weapon against unintended consequences is to spend anywhere from a few moments to a few days in your constituents' shoes. It's not too far a mental stretch to picture someone trying to grab food for their family while working two jobs, and going for the most calories for the buck as they try to make ends meet. It's similarly easy to understand frustrations with IT when you call your help desk and spend 30 minutes on hold, or receive a 16-page form when you call someone to talk about a potential collaboration with IT. For better and worse, most IT departments do not have the force of law behind their edicts, although we can be equally inconsiderate of what our constituents face when we create requirements without considering the impacted parties. While we generally don't have to face voters for reelection, in most cases our jobs are less secure than the politicians who passed the fast-food law without considering the risks of unintended consequences.

About

Patrick Gray works for a global Fortune 500 consulting and IT services company and is the author of Breakthrough IT: Supercharging Organizational Value through Technology as well as the companion e-book The Breakthrough CIO's Companion. He has spent ...

7 comments
Marc Jellinek
Marc Jellinek

I've been working in data warehousing and business intelligence for many years, and have often been called in to build systems that capture and evaluate productivity. Years ago, I worked within a call center. The business determined they needed more productivity from the call center personnel, as measured by the number of calls per hour answered by the CSRs. It was "determined" that the optimal call length was 90 seconds. The concerns was that if the call were any shorter, the customers would not get answers and any longer, the call center wasn't "efficient". When the CSRs were told this, they did what should have been forecast at the beginning: if at 80 seconds into the call, the issue wasn't "resolved", the call was transferred to someone else or "accidentally" disconnected. While the numbers showed an "efficient" call center, customer retention numbers showed something was drastically wrong. Who got blamed? IT... for implementing the performance tracking and analysis system. IT very often does what it's told. It's when priorities come into conflict (security vs. BYOD; maintaining bandwidth utilization and availability vs. allowing YouTube; efficient and stringent management of corporate PCs and laptops vs. allowing "unapproved" devices and software) that troubles being. Ever watch/read Arthur C. Clarke's 2001?

RMSx32767
RMSx32767

I once heard of a project manager who insisted all project work be suspended, and all project documentation updated, reprinted and re-distributed for even the slightest request for a change. Probably would have been best to allow the changes to be made concurrently to the docs being updated. Of course this was prior to PMS (Project Management Software) but the consequence was that projects took far longer to complete than originally anticipated.

md_hunt
md_hunt

Though I agree that inflexible rules are no way to run an IT shop, I do have sympathy for shops that are run that way. Having worked in IT for over 20 years now, I can't count the times that "marketing" or "sales" or any other department for that matter has begged, pleaded, and threatened to get software, hardware, or policy changes. Then, as soon as something goes wrong, someone in IT gets fired or demoted. Also, I wonder whose budget the salary for the additional support staff comes from for all these things? I'm not advocating draconian IT policies. I think social media and modern technology are great and add a lot to many business models. However, I'd just caution those that are ready to crucify IT departments, who also are working under mandates from the board and the CEO, perhaps a couple minutes in the shoes of a tech who is held responsible for things he/she cannot control would be in order. Maybe, if other departments where willing to take some responsibility when incidents do happen, IT would not feel the need to block and control everything. IT finds itself in a very similar role to QA in manufacturing. Everyone hates QA. They point out all the mistakes and get people in trouble. But, if a mistake ever leaves the factory, its QA that gets in trouble first. Just my thoughts. ymmv

rgalligher
rgalligher

Know your audience, know your stakeholders - key to every project, as all the examples used in this article could be.

mikegzxzk44
mikegzxzk44

I am retired from Ford. I am a master electrician. Many problems arose because our engineers would *not* get up off his arse, & actually look at the prob. The engineering was OK, but did not fit with the production work flow. One of our electricians actually went & got an EE degree to fix the prob. He did the *best* prints & directions I ever saw. He merely went out on the floor & observed, then delivered the best all-around solution. I write some programs. I *always* interact with the users to see how they can be improved. Many times the users would suggest something I had not thought of, to make improvements.

mikeh
mikeh

As a long time IT admin and support person, I've found so many IT pros say "It's too dangerous" or "It exposes the network" to anything from allowing social media access to RSS feed to implementing tablet/smartphone access. Instead IT should recognize their is a risk, but determine ways to minimize the risk yet allow the required tools for sales/accounting/HR or whatever other partners in the business are needed to keep the business running. IT people need to remember we're one cog in the wheel and not the hub.

jsreilly
jsreilly

Sadly this is the case, even if they don't see it that way. I work in Marketing. Part of my job, as determined by our Board, is for me to use social media to engage with current members, recruit staff, support community events, etc. It is a part of my daily list of activities I go through on a regular basis, not because I want to hang out and play FarmVille, but because I have a job to do. However, despite an endorsement from the Board and from our CEO, our IS team continues to attempt to get access banned. Other problem areas have also come up. They didn't like our old website vendor, so they hired a new one. I'm in charge of updating the website with new messages and products. Our CMS is best used with Firefox or Chrome, and it took six weeks to get those programs. Because it wasn't IE on WinXP SP3, which is the only approved internet browser. Third fun thing. We're supposed to move video in house. We ordered Adobe's video editing software, and a video camera through IS to get started. We shot some video and were told that if we wanted to load the video from the camera IS provided, onto the computer IS maintained, using software IS purchased, we'd need to do it from an IS controlled laptop to make sure there were no viruses. We ordered a bunch of DVDs from IS... which they now won't let us use as they won't allow foreign objects in the computers. These kind of annoyances do nothing to encourage me to want to work with IS. Further, in all the time Marketing has been using FB, we have yet to do anything that exposed our system to attack. I know this because IS told me so! :) The situation I've describe has not been isolated in my experience, and I think that is why IS/IT departments are seen as obstructionist and a necessary evil!

Editor's Picks