Where it doesn’t matter anyway
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . .
So, I’m writing today’s article from a resort in the middle of Wisconsin. I want to make sure I’m staying on top of my New Leaf, which is to write weekly. So, if I’m forced to think about cybersecurity, in the middle of a resort, what do you think I’m thinking about?
I have been wanting to meet the manager of this place, to tell that person that Stacey and my stay here has been perfect. I don’t know how they can get every single one of their employees to be so polite and creative in the way they serve their customers. And the way they look you right in the eye, and listen to you, is amazing. Somebody had to teach them listening skills as a part of their orientation. The scenery and the water parks are, of course, amazing. (It’s Wisconsin!). But I’m learning firsthand – it’s the level of service from the staff that makes or breaks the place.
Then paradise waned. I tried to buy a ball to play with Stacey in the giant wave machine, but it took 21 minutes to get through the point-of-sale system failures. And the employee swore. In an effort to help her feel better I explained that I’m able to break almost anything. It actually makes me a good IT auditor, I was saying, when I realized- wow – this is the first time I experienced that one of their amazing employees wasn’t listening to me.
If you think about it, the whole nature of this article is based on my inability to manage availability risk. Let’s face it – I want to make a blog post available to my readers weekly, and I must keep turning over a new leaf in order to make that happen.
Interestingly, priority has always been the excuse. Back when I was doing way too many jobs at once I would blame the lack of posting on the fact that I had higher priorities. “The Client always comes first”, I would say, not realizing that the readers of this blog are my Clients too.
Which makes me have to wonder – is the failure of this wonderful resort’s point-of-sale system due to the fact that management isn’t making the point-of-sale system a high enough priority? Maybe our BIAs shouldn’t be used only for disasters. Perhaps they should be used to prioritize our budgets. Do we even have an “ongoing availability budget?”
And now that I know availability is based in part in priority, and that this blog aligns with Client, I don’t feel bad at all about taking time away from this paradise to complete this post.
The good news is that it caused me to take my mind from this wonderful presence into the anxious energy of being a business owner. In that space, I am always going through a list in my mind of what still needs to be done. That’s what business owners do. Then I realized I was running out of Dan’s New Leaf articles! I broke my Slack silence to check with Bryan, who confirmed, and now I am writing this post.
The point-of-sale systems here need some work. But I am even thankful for that. They also just showed how availability risk can kick me in the butt, and get this post to Bryan, who will take care of the rest and presto – I have kept my new leaf.
Out of any problem arises opportunity, and that includes an unavailable point-of-sale system.
Original article by Dan Hadaway CRISC CISA CISM. Founder and Managing Partner, infotex
”Dan’s New Leaf” is a ”fun blog to inspire thought in the area of IT Governance.”