IT scope of responsibility

Tags:
Compliance
Development
Hardware
Laws
Networking
Regulations
standards
Tech support
I Have a question concerning the scope of IT support. To what extent should the IT Department support vendor items purchased that perform a specific funtion for other departments. Specificaly items that require the support of the third party vendor. For example we have a time and attendance application running on a dedicated PC the application recieves data from a finger print reading device which is connected to our network. Currently the HR department is responsible for registering users to the device and configuring the TA system based upon the HR policies. IT was responsible for providing the dedicated PC, supervising the software installation and providing network connectivity. It is clear to me that if any problems occur related to the network and the PC IT would be responsible. What is not clear is that if the problem is with the vendor. Who should coordinate the resolution? Any thoughts would be appreciated.

Answer Wiki

Thanks. We'll let you know when a new response is added.

This is a common question. It is also one that is not easily answered. A lot depends on the strength of the IT Manager and hisher relationship with other managers. The short answer is that if it is connected to the network or is supplied by IT, then IT should co-ordinate all activities related to it. This isn’t to say that, as in the case of your example, that HR should not be involved. This should be a co-ordinated team effort. IT should at least be on hand to monitor the activity of any third party related to anything IT. Don’t make this a difficult thing, but rather approach it as a team exercise as IT has the knowledge to understand things from the vendours perspective and can help to prevent others from getting “taken to the cleaners”.
Maybe on the other hand, you don’t want to be involved. I would suggest that you get involved and stay that way as IT is ultimately responsible for everything attached to the network.

Good Luck
Paul

Discuss This Question: 18  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • DesertNomad
    Thanks Paul, I really appreciate your reply. It is a the middle approach. We are a new organization that is still pretty much in the establishment phase. I am a new IT manager who has just made the leap from the world of tech to the world of management. As such, it is my responsibilty to create policies for the IT Department. This issue wasnt clear for me because the vendor was selected and the product is being used by HR. The involvement of IT in its selection was only to make sure it was compatible with our network, and assist in its setup as it related to our hardware and software i.e. providing a dedicated PC with windows XP and a network jack. Then when one of the control panels burned out and my tech went to HR for them to call the vendor. A whose problem is it issue arose. I guess this is one way policies become policies. Based on your reply I think the responsibilty regarding the contacting of third party vendors for product support will fall first on IT because we of course are the first to determine the problem to be related to the vendor if this is the case. But I think I will specify in the policy that the department that selected the vendor and uses the product be second to contact the vendor if IT for some reason is unable(we are a small organization). This I think is consistent with "team" culture. If anyone else disagrees and has other suggestions I would like to know. Thanks
    0 pointsBadges:
    report
  • 170383
    Hi, since the device was installed and maintained by the IT department it is and for that matter all the probs relating to system H/w or S/w would be in the scope of IT since they keep track of these assets of an org.
    0 pointsBadges:
    report
  • 170383
    Hi, since the device was installed and maintained by the IT department it is and for that matter all the probs relating to system H/w or S/w would be in the scope of IT since they keep track of these assets of an org.
    0 pointsBadges:
    report
  • Sauravsen
    The first contact should be from the HR Department, who are responsible for operating the system and maintaining the user registration. They should also inform IT at the same time, so that IT can verify that it is not a PC hardware, software or networking problem. It is not clear to what level the vendor provides support. The vendor is presumably responsible for making sure that the device works properly and interfaces with the software that is used with the device to match against the user records of fingerprints. The vendor is unlikely to provide support for any problem beyond the device, its drivers and the database software.
    10 pointsBadges:
    report
  • JPPLOU
    You must have a team attitude because the company's interest is that everything goes well. But you have to share the problem into two parts : 1/ the functional problems are the responsability of the HR department in term of what they wanted to obtain from this sytem. They choose it because it was cooresponding to their needs. If not they have to decide to ask for amendments or to change the system. 2/ the technical problems (hardware, software, connexions) are the responsability of IT. Furthermore IT must assume the relationship with the vendor because he is acknowleged to do it and this is one of its tasks in the company to act as a consutant for others departments.
    125 pointsBadges:
    report
  • Chippy088
    I think the question is pretty muched covered. However, now you are in an ideal position to make the policy of "departments deciding the functionality, but IT deciding on the hardware to be used, and supported." I'd point out politely the pitfalls of not having IT in the loop. This is a good example. (Hope this isn't teaching granny to suck eggs.) Good luck in your new position.
    4,625 pointsBadges:
    report
  • Larrythethird
    A little more on such "department" applications/hardware. Having worked in the IT industry for almost 20 years, these type of things pop up daily. An over zealous HR manager listens to his buddy and goes out and signs a contract for an application. IT is EXPECTED to support this application and the hardware it resides on. Problems almost always arise in these situations. Although HR may know a lot about human relations, I guess that's why it's HR, they usually know very little about information technologies, maybe that's why there's an IT department. Any application/hardware/solution not implemented as a "company" is bound to fail. All parts of any company "should" work as a team. There should be a change control boards accountability in decision making and checks and balances as to what goes into a corporate environment. A solution usually looks really useful when presented by the vendor, but the proof is in the implementation of said solution. If all parties involved are not on board from the start the the decision making cycle, chaos prevails. Too many times, one person in a department acts as a department IT person. That is one of the main causes of friction between IT and the rest of the corporate world. The end users feel that IT doesn't give a hoot about their needs and IT feels it us against them. The reason that people work in the department in which they are working is usually because they are trained in that particular discipline. If everyone does the job they are hired to do, the entire company prospers.
    0 pointsBadges:
    report
  • Tommski
    Being the IT senior support this is a common problem. While tring to form a good answer I really agree with DrillO. While we end up with things we don't like it is ultimateley the responsiblity of IT to support EVERTHING attached to the network.
    0 pointsBadges:
    report
  • Muneanya
    I don't know how big your IT department is and if it includes Information Security. Systems like the one you have described, even if IT was not involved in the initial decision to purchase and use, should be taken over completely by IT for the inherent security issues that might arise from the application. For instance, if configuration and upgrades etc are done without IT involvement, IT would never know if there is a security hole in that application from where malicious attempts can be mode on the network. However, HR should be the business contact, and so, any problems that might arise from the application, must be channeled through HR to IT and vice versa.
    0 pointsBadges:
    report
  • Cfrishman
    I would say as a new IT manager, do all you can to work with othewr department heads, even if it is not your job. Take the initiative to help, and do not use politics at this point to define your job. Make good relationships now and strengthen them through your career.
    0 pointsBadges:
    report
  • Cfrishman
    I would say as a new IT manager, do all you can to work with othewr department heads, even if it is not your job. Take the initiative to help, and do not use politics at this point to define your job. Make good relationships now and strengthen them through your career.
    0 pointsBadges:
    report
  • Rapple
    If you are new to IT management, then you have an interesting voyage ahead. The answer to your question, as a couple of the replies indicate in some way depend on a negotiated solution. Irrepective of your own views or the opinions of any others reading this thread your solution has to fit with your own organisation. This will involve investigation, proposals, negotiation and finally agreement between yourself and whoever are the other stakeholders in the organisation. I would suggest that as a new IT manager you start to investigate some of the Industry standard practices and methods used to manage IT provision. There is no easy solution but a good starting point is ITIL (odd name I know) which is a set of best practice for service delivery and service support. Start at http://www.itil.co.uk/faqs.htm and then branch out with some Internet searches. This is widely adopted (or more accurately adapted) by thousands of businesses worldwide. You've probably come across Microsoft's flavour even without realising it. It is not meant to be prescriptive and isn't always easy to set up if you've no experience as it requires a certain way of approaching IT provision & support but if you achieve 50% of it you will certainly reap the benefit. The central theme is that all IT is provided as services to a customer for his business purposes and is used by users to achieve the aims of the customer. A service could be A desktop PC, a network connection, a desktop office suite. It all depends on what the customer needs to achieve their goals. Service level Management is the controlling process once a service is up and running. Its aim is to AGREE with the customer what is acceptable (and this contrasts to IT saying we need to control or the customer-say HR director demanding that what he wants overrides all other considerations), sign up to all the conditions and requirements on both sides and then continuously monitor performance of the system and the people providing the service, review this regularly with the customer and then take actions to address shortcomings. This provides a framework for discussion on cost of provision, security of provision, realistic targets, DR etc. Support and change also have their place and controlling processes. Take a look and see. As ever it cannot just be put in place, internal politics and needs will affect the ease with which anything like this gets accepted but the ultimate goal is to provide cost effective, appropriate IT continuosly monitored and reviewed to adapt to the business changing requirements. If you achieve that, what customer could complain? Oh yes, also relevant to your question, it includes a topic on supplier management and when to use contracts, when SLAs, etc. I would also add, that you seemed concerned by an external supplier contracting to your HR department. It's not ideal perhaps but is it really that bad? Agree with them who is responsible for what, draw your lines on security, PC recovery when disaster strikes, network connectivity, that you will deal with hardware realted issues and that they and the supplier deals with the rest. Lock down the PC as much as possible to support this. Then sit back and let them manage the supplier, sort out when it is and isn't an application problem, pay the supplier extra maintenance fees perform all of the admin. One less thing for you to worry about and if they feel that it is cost effective, they are the customer! You could of course when you have some of that spare time observe, calculate what it would cost you to support maybe partially, maybe all so that when the question comes in their next round of budget cuts you can offer to help more likely than not on your terms...
    0 pointsBadges:
    report
  • Stormesixx
    It's not a surprise anymore that everywhere now, IT seems to be responsible for everything from fixing a rogue hub to providing content for a web page! As someone said earlier, ultimately, anything and everything connected to the network is IT's responsibility BUT there must be a limit or it'll be ridiculous. I'm in IT in higher education and here we have a defined list of "things" we will support - Microsoft, Dell, Adobe, Macromedia, Cisco, HP, etc. From the various workorders we have received, we have compiled a list of 3rd party equipment found in the Institution that we have listed on our IT website as the responsibility of the department using it to provide their own support and/or arrange for support from their vendor. If they do not have a computer literate person to work with the vendor, we can help by providing a tech to play interpreter but that's about it. If they absolutely require us to step in, we bill them - just like providing a SLA. On a different note, we do have a strict security policy that requires anything to be connected to the network meet certain minimum requirements and even then, we have to approve anything to be connected to the network. Also, any IT purchases over $50,000 have to approved by our CIO before the Purchasing Dept. will process. I don't know how your organization is set up but I would suggest implementing some sort of support policy right away. AT the very least, you need to make public what your IT dept. will definitely support. HTH ...
    0 pointsBadges:
    report
  • Rshore
    I work in a hospital and we run into this dilemma often. IT is supposed to be involved with any software/hardware purchase, if nothing more than to make sure the department is getting everything needed and will work with our network. Specialized software is supported by the individual departments. An IT analyst is assigned to each project as a backup. The departments are to contact the vendor first for support. IT often ends up working with support if instructions/questions are beyond the users scope of experience. Our directors feeling is we do what ever it takes to provide excellent support.
    0 pointsBadges:
    report
  • Snowmonkey1
    A difficult question, indeed. In my company, the IT department is only responsible for the server, the base OS and AV software. Any third-party apps are up to the business unit that requisitioned the server. We encourage them to work through us. We can assist them in setting up support contracts with vendors. In the event that they do not, we make them contact the vendor and arrange a technical meeting with us. Once they have had to go through the wringer with a vendor, they think twice about buying and installing apps without calling us first. Now, if your company has no such delineation, you will need to initiate the call, but have the HR people there. They are probably the only ones who know what they want the app to do.
    0 pointsBadges:
    report
  • Stevesz
    IT is ultimately responsible for everything on the network. Whether a particular department or individual has gone through the proper channels, which include the IT department, or not, it will ALWAYS become your problem when it breaks. IT needs to be in on any addition, software or hardware, that will impinge upon the network. Having said that, the practicality of the issue is that it all comes down to politics. Being the new guy on the block, so to speak, you will need to build your political strength carefully and quickly. First, you will need to get an inventory of all devices and software connected to your network, and take control of them from whomever may be doing so on a departmental level. next attempt to set a policy that all purchases of equipment and software must go through IT as part of the process. Anyone who makes an end run around the new process, well, problems go to the bottom of the priority list, unless they are affecting the network, at which time the device or software is isolated from the network until such time as one may have to get around to looking into it. One of my clients have such a problematic department. Such actions were causing them to come around to the proper way of doing things until a new president came on board. The new president hired a new IT director, taking the position away from a long time employee (who is still at the business doing non-IT work). Since then things are going down hill, and the speed seems to be increasing. The department head got the immediate ear of the new president (brought in from outside) and her boy, and it has been hurting the rest of the company and the network. Service levels are down and problems abound. The two IT guys are pretty much taking a laissez-faire attitude toward the whole thing, and privately placing the blame where it lays. The new IT director has brought in some of his friends as consultants, and things have not improved. Don't know how long the golden boy will last, but I do keep in touch with the IT guys and the old director and do pass them information on the side, so long as it is quick and easy to come by. In turn, they keep me in the loop, so I know what is going on. I'm sure you do not want or need the mess that these people now have on their hands. Take control and take it quickly.
    2,015 pointsBadges:
    report
  • Unicornswan
    Often this depends upon the size of the company and company polices. Most of the time it is IT's responsibility to over see care and support. If it is something beyond the scope of the department then the vendor should be contacted for assistance and/or training of the product. Many companies want (and expect) the IT department to provide all service as it is more economical to the company. I hope this reply and some of the others I saw help you.
    0 pointsBadges:
    report
  • Maldin
    The one thing that has not been mention in any of the responses is money. Does your company have the manpower (time and money) to set a PC Support or Help Desk member aside from other duties? If so, then this person can be set as the point of contact for the dedicated machine as second level support and contact the vendor for third level. I believe this sort of scenario is good for small companies or companies with small IT support staff where IT policies and procedures often have to be creative at best and the staff members have to wear many hats of many positions.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following