Admittedly, we all have a little extra time on our hands this year. Hey, so now’s the time to take care of those important management details that help govern the operation of your business!

Technology-related policies reflect management’s intent to control their information system – the absence of policies usually reflects poorly in court of law and public opinion: if management never communicated a position on a technology governance to employees, customers, or vendors, then “Due Care” obligations could be considered ignored. Thus, it could be seen that management was negligent in their handling of an issue which extends liability, making it difficult to prove that “reasonable” precautions were taken in preserving customer data, securing network resources, or terminating an employee due to cause.

1. Write or revisit your Technology Plan (TP). The TP is a complementary document to your overall business plan and would traditionally be prepared by the executive responsible for technology strategy. It is usually 24 months in scope and identifies how tech spend complements your business strategy. It is an evolving document that lays down principles in how technology will be used and managed within your firm, and how tech relates to your success. This document should help guide your purchasing, management, and deployment of tech indefinitely, and should evolve over time as technology issues continue to shape the macro economy.
2. Write or revisit your Disaster Recovery and Business Continuity Plan (DR/BCP). Think about how critical software and hardware is to the execution of your business strategy. Think about how important the years of electronic data is to your ability to do your job. Now think about this stuff being wiped out in a flood, burned in a fire, or just the victim of bad luck – a hard drive failure. After Hurricane Katrina, more than 20,000 small businesses folded on the Gulf Coast because they didn’t have a way to recover their electronic data to resume business operations. Now is precisely the time to revisit how data is stored, how it is backed up, how it is moved off-site, and services would be restored in the event of an emergency.
3. Write or revisit your Acceptable Use Policy (AUP). The AUP is the most critical policy in your Administrative arsenal. It outlines to employees and others who use your electronic resources what rights and obligations they have in using your resources. It is usually the principal document that is signed at the employee hire that outlines what is good and bad behavior in using your resources, and is the governing document allowing employers to terminate for cause. If an AUP doesn’t exist, it’s difficult to suggest that expectations of behavior was communicated to employees and a wrongful termination defense could be mounted. An AUP should be an evolving document as threats in IT change every 24 months. Now’s the time to really take a look at this again.
4. Write or revisit your privacy policy and legal liability towards protecting personal private information (PPI). Your firm may be subject to federal or state regulations governing the security and privacy of electronic information – of patients, consumers, job applicants, or financial records. Fines are usually bestowed on a “per incident” basis, and if you have thousands of records outside of compliance, the liability is enormous. Further, it’s best practice these days to communicate to stakeholders up front how you manage PPI and secure it. If you don’t have a privacy policy, “Due Care” concerns could be raised that management was negligent in managing the private information of a party, which could result in civil tort for damages. Over 31 states have individual laws governing PPI; that in addition to the federal laws governing protected classes of information demands a thorough investigation in your compliance obligation.
5. Write or revisit your procedures governing employee terminations and audits. Finally, keep in mind the number one security risk for you during these economic times. It’s not hackers, viruses, or malware. It’s employees, and specifically, terminated employees who’ve still access to your confidential intellectual property. Now’s the time – if any – to revisit those procedures and verify that employee access restrictions are performed, documented, and reviewed.

Policies, procedures, work instructions, and plans are Administrative Controls that reflect management’s _intent_. If management’s intent isn’t communicated, and technology is governed by assumption and intuition, then management isn’t “managing” technology – they are hoping for the best without taking on responsibility to effectively govern it. Now is your chance to reflect upon how your intent is reflected in the workplace and how well you’ve addressed technology “Best Practices” and regulatory compliance issues as a management team.

By Russell Mickler

Product Management–what does this mean in a High Tech company? What is the function, and where does it belong? I’ve held permanent positions in a number of high tech concerns, as with PJM Consulting I have worked with many more in a consulting capacity.

Product Management is all over the map in High Tech. Most often it resides in the marketing department. Sometimes, it’s in the engineering/product development department. Occasionally you will see it as it’s own function. And again, what does the term mean in a High Tech company? Sometimes it is used interchangeably with the term “Product Marketing”. In this case, it means responsibility from cradle to grave of the product planning and marketing functions for a particular product or product line. In other words, working with the developers to define the product (product planning), as well as driving the other “3Ps” for the product–setting pricing, distribution strategy and promotional strategy.

In larger companies you will often find this function separated into two distinct jobs: Product Management as the Product Planning portion, and Product Marketing as the function that manages the product once it is released into the market–driving pricing, promotion and distribution. In this case both functions may still reside in the marketing department, or the Product Planning portion is sometimes in the engineering department.

The last variance on this theme that is sometimes seen is that the Product Management resides in the engineering department, but it only vaguely resembles the traditional definition of the term. In this case it is “Product Planning”, but the job and skill set more closely fit the definition of an engineering project manager, with very little weight put on exploring the market to match marketplace needs with engineering capabilities.

In High Tech, the Product Management function is most typically a “matrix” position: lots of responsibility for a product’s success, with very little actual authority to ensure that success. Normally a Product Manager’s success will be decided based upon his/her ability to convince other stakeholders in the organization that the path laid out is the best thing for the company (and the individual stakeholders as well!) People skills are therefore as important as having a technical grasp of the job in a Product Manager’s ultimate success.

In consumer markets, the Product Manager typically holds much more direct power–often much like a mini-GM for his product line. Often product development will even work for him. The term Brand Manager is often used in consumer businesses instead of Product Manager. (In a big High Tech company, a Brand Manager will fulfill more of a Marcom role).

So what’s the best way to structure the Product Management role in your business? Well there really isn’t one best way. It depends upon your business, culture and personnel. But I do have my biases. I believe strongly that most high tech businesses would benefit by structuring the Product Management function to be strong. Tthere is much to gain by putting a strong, experienced Marketer with a strong technical background in a Product Manager role where they are graded and compensated by the results of the P&L of their product line. I wouldn’t go so far as to suggest that Product Development should report to the Product Manager in a High Tech company, but I would give them discretionary budgetary authority on at least a portion of the marketing budget for the product line. I would also make sure they have management backing to deal with the developers from at least an equal position of strength. This lack of product management strength is a huge problem in many High Tech companies, particularly those founded by product developers.

The Product Manager’s mentality should be that of a “mini-CEO” with his product line analogous to the overall company for a real CEO. Too often in technology companies the Product Management/Marketing functions do not have the ability to stand up to Engineering. This leads to a culture of building what suits someone’s fancy, not building what the market will buy–a very dangerous thing in the long term. A strong Product Management function will lead to an advocate for that product line whose sole business “purpose in life” is for his product to succeed. This outlook ensures that the big picture will always been looked out for, eliminating the potential for a product line’s performance to be reduced by turf wars– or sub-optimal tactical moves due to poor inter-department communication. The Product Manager is there to rationalize and orchestrate to ensure the product line has the best chance of success.

By Phil Morettini