May 21, 2021

Last Updated on January 12, 2024

Many CFOs, COOs and CFOs have some “bad memories” of failed IT projects that went way over budget, blew out their schedules and/or never delivered the hoped-for benefits. So, what can you do differently to make the best go/no-go choices around IT investments?

On a recent episode of The Virtual CISO Podcast, business coach John Sheridan, author of the best-seller, The Perfect Business: Master the 9 Systems to Get Control, Work Less, and Double Your Profit, offered business leaders fresh insight on how to communicate more effectively with your IT counterparts (and vice versa).

As a long-time senior exec, John observes, “I think like many others in my chair I have a healthy skepticism about anything [IT-related]. So, my advice is to ‘embrace your skepticism,’ but ask great questions.”

Here are the top 3 questions John recommends. Yes, they’re pretty generic—but asking them is key.

#1: What are the top 3 to 5 things that are most likely to go wrong here?
Knowing what might go wrong and anticipating obstacles is fundamental to any kind of planning. If there are vendors or third parties involved, tap into their experience also. What have they most often seen go wrong? And how have they dealt with it?

#2: Can we take a look at an implementation plan?
If your team hasn’t created an implementation plan yet, then start by looking at some other company’s implementation plan for a similar project. Your goal is to feel comfortable that the proposal has been comprehensively thought through, and that the assumptions underlying what you’re hearing are reasonable.

#3: What changes will this make to business processes and peoples’ everyday activities?
“Never underestimate the pain involved with the change from a human standpoint,” advises John. Who will be impacted? What training will be required? Will staffing changes be needed?

“I think if you cover those bases, then you can get to a level of understanding where you can make a sound judgement about the risk/reward and the cost justification,” offers John.

Of course, a lot depends on your working relationship with the person in front of you. Based on your track record together, do you trust them? Even if you do, “trust but verify” is the direction to lean in.

“Prove it to me, prove it to me, prove it to me,” John counsels.

As an IT/security or business leader looking to improve communication and business outcomes, be sure to catch this show with business coach and author John Sheridan.

To listen to the podcast now, click here. If you don’t use Apple Podcasts, you can peruse all our podcast episodes here.

ISO 27001

ISO 27001 is manageable and not out of reach for anyone! It’s a process made up of things you already know – and things you may already be doing.
Get your ISO 27001 Roadmap – Downloaded over 4,000 times