October 2006

Q: One quibble: the August 2006 column’s question includes this: "If they do overtime, I allow them to take time off at their discretion so long as it doesn't leave us too short staffed and we have no major projects due on that day."

This could represent a compilation of issues that you did not address; it is probable that this is not legal. Most all Help Desk staff are covered by the Fair Labor Standards Act and must be paid overtime when they work more than 40 hours per week. And managers need to know that too.

A: Thank you for pointing this out, and you're correct. As a manager, especially a new one, you should meet periodically with Human Resources to make sure that your staffing solutions and other practices are in compliance with labor law, which can vary by state.

Q: I’m in charge of the IT department where I work. We recently had in a security consultant who shredded my security solutions to my boss and who submitted a proposal to "fix" our security. Honestly, I didn't think it was that bad! Statistically, we’re doing better than others that are similar in size and mission, and we haven’t had any problems with security issues, such as viruses, since I was promoted. Now I feel really defensive, that my boss is looking at my security solutions as insufficient. Now what?

A: I see three problems here. One is security, the next is the agenda of the consultant, and the third is the communications with your boss. Taking them in order:

1. I can’t tell you if your security efforts are sufficient or not; I’m absolutely not in a position to know. However, I do know that security – IT or physical – exists as one of a number of requirements. Different environments require different levels of security. You need to be aware of legal requirements covering employee information, customer information, etc., which may in turn drive your security approach. That being said, any manager will have to determine what their resources are, what their priorities are, and how to balance scarce resources against priorities. Even if you have all the resources – man-hours, money, software, and hardware infrastructure – to make your network the most secure possible, you’ll still have to balance out your users’ experience against security. It’s always a balance, and there is very likely always a possibility that you could do more.
   
   
2. Which brings me to the security consultant. If the consultant was hired to audit your systems, I see a strong conflict of interest in him or her providing a solutions proposal. If the consultant was simply providing a proposal, then "shredding' your solutions needs to be taken with a grain of salt.
   
   
3. And on to communications with your boss. It sounds like there's some work necessary there. One of your balanced priorities may be developing your relationship with your boss so that the two of you can discuss situations like this and come up with a solution that's appropriate for your organization. Did you ask for this security consultant or did your boss? What triggered this?

Back to Index of Articles

Manage This! is an advice column for new managers, covering all aspects of figuring out how management works and how to do it better. Questions and comments should come to Manage.This.DCWW@gmail.com. Please be aware that published questions may be edited for content and length.

Emma Cox has been involved with project management for over ten years, and is currently finishing a master's in engineering management with an emphasis in project management.