www.flickr.com
This is a Flickr badge showing public photos and videos from Chief Architect. Make your own badge here.

Search ...

Powered by Squarespace
« Strategy & Management Bookshelves | Main | The CIO should kick the tires... (part 2) »
Thursday
Apr192007

RACI considered harmful...

As Chief Architect I had a responsibility for defining the security architecture.  We had a virus attack on some remote devices due to a supplier failing to install anti-virus software and then carrying out an upgrade using contaminated discs. What was my Responsibility or Accountability for this incident?

Formally, according to the RACI chart, I was in the clear.  We had delivered the policy.  The supplier had the "R"  for implementation, the internal infrastructure team had the "A".

My reaction was that we, the architecture team, had dropped the ball. We had let the business down and the subsequent loss of trade was in part down to us.  I had failed personally to ensure that the architecture was delivered, and my team felt the same way.

There were two things that, in hindsight, we could have done better.  We should have made sure the implementation plans were complete. And we should have made sure they were carried out.

What did we do to fix things?  The reaction from the team was instantaneous.  They got out there and made sure the situation was fixed both short term and long term. Was this "architecture"?  No, it was closer to incident management, problem management, and to project management. Did we ask permission?  No. Did we step on other people's toes?  Yes. Did we violate the RACI?  Yes. Was it the right thing to do? Absolutely!

Was the RACI chart wrong? No. If we were to get the RACI to cover every situation then we would be working on it for ever. And we would tie ourselves up in bureaucracy trying to deliver it.

There is something for more important than the formal RACI statements. It is pride in a job done well.  It is the personal contract with yourself. It is the expectation that you have of yourself. A high performance team develops a shared expectation.

Why is RACI harmful? It devalues pride. It allows you to point the finger at someone else when in reality you could have done something. It allows you to abdicate your collective and corporate responsibility to do the right thing, to be helpful, to be a good citizen. It encourages the worst kind of institutional politicing.

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments (5)

If there was a failure on your part, it was during the development of the RACI chart, or in choosing to ignore the RACI Chart when you felt it was time for heroics. If successful implementation was your R, then that should have been captured in the chart. But, the developers of the chart (and presumably your team had a hand in developing the chart)decided that the implementation R and A belonged to others, not you. If you choose to use (or are compelled to use) documents that define who is R,A,C,I then you should work to actually follow those definitions.

In this particular case, the architecture team jumped in, fixed a problem that was not theirs to fix. What if all of the other groups has jumped in to fix the issue as well? Duplicated effort at best and multiple incompatible solutions at worst.

July 24, 2007 | Unregistered CommenterChuck Fitzpatrick

Thanks for your comment, I appreciate it.

There is some background missing in that all members of the senior management team were empowered to sort out critical issues so I was using this authority. The team did inform everyone that we were taking charge which avoids the potential for duplication.

As a retailer, every minute lost was lost revenue so the business imperative was to resolve the issues. The guidance to my team was always – “work out what the right thing to do is, then work out how to get it done, if it means do it yourself then do it”.

If I had a deferred to those who had formal responsibility then I would have been kicked around the block by the CIO for losing the company money and playing politics.

July 26, 2007 | Registered CommenterAlan Inglis

Two thoughts...

1) RACI helps ensure that all activities are taken in hand by someone. So, I absolutely disagree with your assertion that RACI is harmful.

2) Your RACI was definitely missing an activity - QA. Contemporary versions of RACI incluse S (Support) and V (Verifier) - R's in the older system. A group having the V role would have the responsability to do a QA pass on your systems AFTER the supplier had completed their delivery.

May 10, 2008 | Unregistered CommenterSteve

RACI is really only as good as you want it to be, and if there is pride in one's work, then there would be pride in the one responsible for the activity. If I am on a team and there is an activity that is not being done by the responsible problem, then the RACI is not at fault. It is perhaps that the individual is not trained or is just not able. In which case it is the Accountable role who needs to step up and perform their activity. If in your case there was blame, that is a teamwork issue, not a RACI issue. Although the RACI would clearly identify the role responsible (which is one of it's main reasons for being there), it allows blame only if one wants to blame. RACI does not in any fashion, that I see, devalue or harms pride. I can be responsible and do a sub par performance in my duties. RACI would simply say that the one accountable can be "held accountable" if those he assigns responsibility to fail to perform.

On the contrary, it provides an opportunity for those talented and willing individuals to take their responsibility seriously and ask for more responsibilitiy during the design of the RACI. It will also help some organizations that are already role/employee related to offset activities to another more capable department.

phil

February 2, 2009 | Unregistered CommenterPhillip

Question for you: was your RACI definition part of your service contract. what were the contractual/monetary implications of your RACI? If you had the A, then it would be your butt on the line for anything that goes wrong, and in business contractual relationships it is essential to clarify everyone's obligations. So from this perspective RACI is a tool, but how you use it is up to you. You can have defined your RACI roles differently. But I would really like to know if you included the RACI as part of the contract SOW and what penalty implications were associated with it.

March 26, 2009 | Unregistered CommenterAsif

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>