I just think it is totally, absolutely and completely wrong.
I think that the "risk-averse" nature of corporate IT doesn't serve business, it holds it back.
Things like "custom ERP extensions" are excuses. If a business builds it's own software, then it should expect to maintain it.
(WRT the anti-virus thing: yes, I understand this. I also know how this really works in 95% of businesses - the vendor sends a new virus definition file, and IT rolls it out to the business when they get in the next day. In another 4.9% of businesses someone will load the definitions on a SOE desktop, check it reboots and then roll it out. It is only in that 0.1% of businesses (if that!) where IT actually adds any value to the virus definition rollout process at all. In all other cases they remove value by holding back updates until that are run through the "IT process")
I just think it is totally, absolutely and completely wrong.
I think that the "risk-averse" nature of corporate IT doesn't serve business, it holds it back.
Things like "custom ERP extensions" are excuses. If a business builds it's own software, then it should expect to maintain it.
(WRT the anti-virus thing: yes, I understand this. I also know how this really works in 95% of businesses - the vendor sends a new virus definition file, and IT rolls it out to the business when they get in the next day. In another 4.9% of businesses someone will load the definitions on a SOE desktop, check it reboots and then roll it out. It is only in that 0.1% of businesses (if that!) where IT actually adds any value to the virus definition rollout process at all. In all other cases they remove value by holding back updates until that are run through the "IT process")