6 legal ‘gotchas’ that could sink your CIO career
The IT department I was assuming responsibility for was doing poorly. I knew that there likely was no way I could reverse the bad morale and improve performance without probably firing her, and I had an abundance of documentation that illustrated her inability and unwillingness to do her job.
Mindful that she was the wife of a vice president, I worked hand in hand with HR. I documented performance issues in great detail, and HR and I held a number of joint meetings with the individual. Unfortunately, the poor behavior and performance never changed. Eventually I had no choice but to terminate her employment.
The individual then threatened a lawsuit for wrongful termination and gender discrimination against me and the company. She eventually dropped the threat, but I came away with a lesson learned: Always comprehensively document when you have performance issues and discussions with employees. If it is necessary to meet with the persons involved, engage HR in these meetings so you have a second party witness to your conversations.
6. Make corporate security your personal business
When CIOs are sued or fired, it’s often because of a significant cybersecurity breach. The reason for this is because CIOs are ultimately responsible for safeguarding corporate information. When a breach occurs, it is always perceived as being on the CIO’s watch, and the repercussions can be severe.
To reduce risk and to perform responsibilities, the CIO should meet regularly with his/her CISO and/or security team leader to review weekly security monitoring reports, budget for and schedule timely security audits, ensure that appropriate security frameworks and tools are in place, and that employees, the CEO and the board are properly briefed and trained in sound information security policies and practices.
CIOs should be personally engaged in this process, because ignorance when you are ultimately in charge is not a defense in a security breach suit.