IT service management: The only way is ethics

The words, “Do unto others as you would have them do unto you” are of course taken from the Bible, but very similar sentiments are found in other religions, in Humanist teaching and in many non-religious areas. It’s fairly common to hear words and phrases like ethics, code of conduct, conflict of interest, values, and standards. The news seems to be full of government officials accused of doing something they shouldn’t, whether claiming expenses or benefitting personally from official business.

The corporate world seems little better, with people in the most senior positions leaving under a cloud of unreasonable behaviour and some spectacular and devastating failures. Many organisations around the world have been required to adhere to new legislation such as Sarbanes Oxley (SOX) or the Bribery & Corruption Act. It is now very common for professional bodies and membership organisations to have codes of ethics and standards of conduct.

Is it important?

The Institute of Business Ethics (IBE) was established in 1986 to encourage high standards of business behaviour based on ethical values. Corporate subscribers to IBE include a long list of well-known companies, including many associated with IT service management, and within their publicly available literature they provide some excellent guidance. The main purpose of a code of ethics is to provide guidance to staff. Unlike a code of conduct which is generally “do this or else” in tone, a code of ethics will usually be predominantly aspirational and supportive. The code illustrates how the company’s values translate into concrete policies, procedures and standards and is designed to promote mutual respect and integrity, trust and responsibility. The benefits can include greater customer and employee satisfaction, and a reduction in unacceptable behaviour such as bullying, harassment and violence – usually leading to risk reduction, efficiency improvement and cost benefits.

Do we have a problem?

At the time of writing, there are people in the UK giving evidence to a judge-led inquiry into media culture, practices and ethics, following phone-tapping allegations which seem to go far a beyond a couple of rogue individuals. In the IT world there are discussions around sustainability and green IT, which often include conversations about balancing ethics and profitability. Many service providers, whether outsourcers, managed service providers, companies delivering government IT projects, consultants, trainers or others, are suffering from reduced credibility and questions about the quality of their work. There is a distrust of many in the IT service management area too, with tools and vendors being accused of pretending to share best practices while really just delivering a sales pitch. Even if many of these examples can be challenged and proved incorrect, perception is important, particularly when we need to be able to trust those we work with, deliver to and rely on.

What are we doing to address these issues?

An effective ethics programme is likely to include policy and values which the organisation takes action to embed into their organisational culture, covering the entire workforce and all activity. The code of ethics and conduct gives guidance for staff on the expected standards of professionalism and the business principles the organisation has adopted. There is usually a defined communications and engagement approach to ensure individuals understand what is happening and why. Training is typically included in induction activity for new starters and reinforced for existing employees. A code of ethics will not stop all breaches and unacceptable behaviour, but it can reduce the risk. There are many examples of organisations, including several in and around our community, that have taken steps to address these issues. One such organisation is the SFIA Foundation, which produces the Skills Framework for the Information Age, containing several references to professional standards in version 5 (released December 2011).

What’s happening in IT service management?

The IT Service Management Forum (itSMF) has a code of ethics and standards of conduct, rolled out globally by itSMF International to the national chapters, and which all members are required to abide by. Every itSMF UK management board meeting includes a standard agenda item, which is to declare any potential conflicts of interest. The Professional Recognition of IT Service Management scheme (priSM) promotes professionalism, and upon application for a priSM credential, applicants are required to sign up to the itSMF codes mentioned above. Credential holders are subject to disciplinary action if found to have breached these – typically this would include the credential being taken away. The new mentoring scheme utilises additional ethical guidance for coaching and mentoring activity. There are similar initiatives in place within ITIL and the ISO/IEC 20000 certification scheme.

In conclusion

The majority of people within our industry try to act professionally and ethically, and they want to do a good job. Well-designed codes and procedures are there to keep us all honest, protect others, minimise the risks, and provide a mechanism if things do actually go wrong. At times, we may need to raise ethical issues, refuse to deal with certain companies or individuals, and turn down offers which we consider to be inappropriate. We shouldn’t have any fear or reluctance to act ethically and accept professional standards of conduct.

Sometimes people make genuine mistakes, and they may just need some guidance and encouragement. Generally, if it is pointed out sensitively and is a genuine oversight or unusual behaviour for them, they will take the observation in the right spirit and do something about it.

Conflict of interest should be taken very seriously, with all interests and potential conflicts declared openly. If in any doubt we should always raise a potential issue and be completely open about it, as this will enable better-informed decision making.

We should understand our obligations under any codes which may cover us. We should encourage positive and appropriate behaviour in others. We might also want to consider publishing details of the codes of ethics and conduct that we abide by - after all it is a positive message that we take professionalism seriously.

Matthew Burrows is a management board member of the IT Service Management Forum (itSMF UK), the UK's largest service management user group, and managing director of BSMimpact.