The CIO Who Admitted Too Much

Written by Evan Schuman
August 26th, 2005

It has been said that CIOs at large companies today have limited direct power and?more than almost any other C-level executive?need to push the IT/business agenda by persuasion and by maintaining good relations with other stakeholders.

Taking that to heart, the CIO of recently sent off a note to key business partners taking the heat for a wide range of technologies that weren’t working out.

The letter from CIO Shawn Schwegman?which was signed “Humbly”?did not mince words.

“I’ll start by saying that the vast majority of system problems we have are problems related to updates,” Schwegman wrote. “These update problems have been manifesting themselves as inventory update failures, missing orders, missing images, incorrect status synchs, etc.

“At the end of the day, all of these problems boil down to Overstock’s failure (read, my failure) to architect a system that can handle real-time updates properly,” Schwegman wrote.

“I cannot apologize enough for both the number of problems you all have had to deal with and for the length of time you’ve been plagued with these problems. I consider this one of my greatest failures over the last two years and I am terribly sorry.”

Schwegman went on to describe problems with the interactions of the Oracle database and a Vcommerce database, an effort that he labeled “horribly architected.”

“In the current system, inventory updates, orders, image data, status changes, etc., are all written to small files which are then sent back and forth between systems.

“The sending system writes and sends the file and automatically assumes that the receiving system processed the file,” he wrote.

“This ‘fire and forget’ approach is killing us. In reality, a file might not send properly, become corrupted in transfer or produce errors when the receiving system attempts to process it. In most cases, we don’t know when we have problems. The architecture is horribly architected.”

Schwegman then said the one thing every company wants to hear from its distributor’s CIO.

“It’s critically important that I prepare you for the worst,” he wrote as he described a major Oracle upgrade and added that he “expects it to get worse in the short term,” and better eventually.

Shortly after the letter leaked, much to the displeasure of Schwegman, he said that a lot of the memo was simplified because he was writing “to a bunch of non-technical people,” and that simplifications may have been misleading.

That letter was written a few weeks ago and the Oracle major upgrade that he was dreading has been completed, Schwegman said, and his worst fears were not realized. Thus far, he said, it has been been “a huge success.”

I find this incident fascinating in the way that it illustrates the communication challenges that a CIO has to deal with, especially when one’s employer is publicly held.

Technology veterans are, by nature, pessimistic. Present any detailed plan to an engineer and the engineer will quickly project every way it could glitch and start figuring out ways to prevent that glitch.

It’s like the mentality bred with the new homeland security approach. Law enforcement agents are supposed to be creative and anticipate any way that terrorists could strike.

IT directors and CIOs must often have the same mental approach. After all, who other than them will be able to anticipate problems when two wonderful programs suddenly decide to conflict?

CEOs, COOs and CMOs (chief marketing officers) are the opposite.

In the same way the CIO can be considered the ultimate programmer (the best programmer would care about business objectives and design accordingly), the CEO, COO and CMO are the ultimate salespeople.

A good salesperson is genetically disposed to optimism in the same way that a good programmer is disposed to pessimism.

The conflict comes when those communications go external.

Schwegman is not only the CIO, but he’s also a senior vice president. Partners interpret senior executive comments in a certain way and the kind of raw candor that Schwegman’s letter used can be, to say the least, discomforting.

So when IT projects go astray, should a CIO publicly fall on his sword?

I’m envisioning the original “Saturday Night Live” shows and can see John Belushi as Samurai CIO. (Personally, I’d have paid good money to watch a “Samurai CIO Gets Angry At The Bad Product Demo” skit.)

I might feel differently if the confessional correspondence had suggested specific things the partners could have done to protect themselves.

As it was, the letter pretty much came down to: Bad things have happened and worse things are probably going to happen. Sorry about that. Carry on.

As comedian Robert Klein said about the air raid drills at his elementary school, the message the children took away was, “the siren means disaster. It’s too horrible to think about. Don’t even try to save yourselves.” And then, “they had the wisdom to sound a siren every day at noon.”

Non-technical partners rarely want the unvarnished truth when it comes to technology projects.

They want to know that their problems are being heard, but they also want to hear that responsible adults are taking care of the matter and that all will be fine.

In the true tradition of Dilbert, CIOs tend to be honest to a fault and to volunteer problems and possible problems.

When communicating externally, it’s probably best to curb those tendencies.

As our elected officials say: Honesty is a powerful concept. Use it only as a last resort.


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.