It's not easy to love your lawyer, especially when you're a CIO. After all, more than a few lawyers have been known to let business opportunities shrivel up and die while they spent weeks finagling the finer points of a contract.
Consider one of Larry Bonfante's worst memories: For an outsourcing contract at a previous employer, Bonfante, the IT director, says he and the vendor negotiated 95% of the deal in three months. Then he brought in the company's lawyer to make it official and "button up the contract," as Bonfante puts it. Instead, his lawyer engaged the other lawyer in a protracted battle.
"They were getting stuck in the weeds on things that didn't matter that much to the business, on minutiae, [service-level agreements] that didn't amount to a hill of beans," Bonfante says, such as, "What is the penalty for the kind of outage that might happen once in a millennium?"
Bonfante worried that his lawyer was ruining relations with his vendor. Determined to salvage the deal, he turned to his chief executive for help. The CEO forced the lawyer to finish up, and the deal finally closed -- six months after the lawyer got involved.
Most CIOs can tell some version of this tale from personal experience. Some are so afraid of their lawyers that they do whatever they can to avoid them, including signing their own contracts. In past years, that could work. No more. Today's IT organization is fraught with new risks. It exposes the company to lawsuits and crippling fines if it runs afoul of Sarbanes-Oxley or other regulations, if it can't produce subpoenaed documents, if it compromises customer data, or if it fails to monitor what employees do online and somebody needs to find out.
Vendor contracts can be more complicated, too. Consider hosted service applications. An IT organization that rents applications for on-demand usage needs to lock down service levels and penalties for problems that can arise from these types of contracts. CIOs shouldn't cut corners here, but some do. Instead of hiring a lawyer to write up a contract that covers hosted applications, CIOs who don't know any better dust off their traditional software licensing agreements and try to mark them up to fit.
All this means that CIOs need to protect their companies -- and their careers -- by getting to know their lawyers and engaging them early on, before a contract is down to the wire on a deadline or a subpoena has been sitting on a desk for a week. Yet it rarely happens. Most CIOs talk to lawyers "because they're already being sued or because the vendor has already breached contract," says Laurie Orlov, Forrester Research vice president and research director. "Generally speaking, CIOs have not been proactive."
We asked CIOs and lawyers how IT executives can build the right relationships with their counsel and get the legal expertise they need, especially for vendor contracts. Here's what they told us.
This was first published in August 2006