When dealing with difficult people I'm often reminded of a snippet of dialog in the BBC series Yes Minister.

Sir Humphrey: "There are four words you have to work into a proposal if you want a Minister to accept it."

Sir Frank: "Quick, simple, popular, cheap. And equally there are four words to be included in a proposal if you want it thrown out."

Sir Humphrey: "Complicated, lengthy, expensive, controversial. And if you want to be really sure that the Minister doesn't accept it, you must say the decision is courageous."

Sound familiar?

Within IT, we can add an additional poison pill: "Security problem." This catchphrase is guaranteed to make everyone nervous because it can be twisted in a variety of ways and spawn an endless list of objections. So it's no surprise that "security problem" is one of Dr. No's favorite phrases.

I've come across several Dr. No types over my career, and it can be tempting to simply tune them out. But for CIOs, it's a better idea to work with them, lest their pessimism drag the team down. In my case, I was usually working to get IT service management off the ground, but these tactics are pretty universal.

Once you do a bit of digging, you realize that when it comes to Dr. No, it's not really about a security (or any other) problem. In my experience, these people are mostly concerned about how the proposed change will impact them personally.

[What percentage of your data center budget will be spent on maintenance vs. innovation in 2014? How about 2015? Tell us and enter to win a 32-GB Kindle Fire HDX.]

Dr. No types typically view change as a threat to their status. In their minds, job security could be at stake. Or perhaps they fear being held accountable for decisions they made that may not hold up under scrutiny. Of course, even broken clocks are right twice a day, so there may be a nugget of truth in the grousing. Here's how to peel away the layers and find out what's really going on.

Is it about job security?
This is the chief concern when Dr. No was the one who implemented or created the process or tools currently in use. With a new proposal on the table, she feels threatened. She worries that her job security will vanish because the business is no longer dependent on the system she created and, typically, still oversees. She may be the only one who knows how the system even works. Thus she argues against touching it.

I've seen this many times within IT. The answer is usually to gain a data-driven view of the business service in question to determine if it really is held together with duct tape and tacks. If so, thank the good doctor for keeping it alive this long, and fix it by ensuring it can scale. This is important since even a simple hardware failure can have serious productivity and profitability implications. Yes, this may result in redundancy in people and process, but this simply means that these resources can be refocused on other parts of the business. IT is creating efficiencies and getting more done. That is not a bad thing.

In this scenario, explain to Dr. No that adding resiliency will actually reflect well on her. The system will look good because it can handle a greater volume of work for the business. Plus, everyone will benefit from repeatable and measurable processes from which they can continue to improve and optimize.

Be sure to tell Dr. No that rather than being perceived as a roadblock, she will be seen as a business enabler. This should resolve any concerns about job security.

Is dodging accountability a goal?
The Dr. No personality is typically not comfortable with any sort of performance measurement, since it's a result he cannot control. For example, the idea of service-level agreements (SLAs) is anathema to Dr. No since he fears it may demonstrate that the existing service is actually very poor.

I recall a company that was asked to implement a 24x7 premium support line to supplement an existing service. IT was using a custom tool that didn't support SLAs, which meant they could not measure and quantify the service they provided. And without these metrics, there was no way to determine the differences between premium and standard support.

With a Dr. No running the show, the proposal was declined. It was easier to say no than to fix the underlying problem and perhaps open the process to additional scrutiny. Ultimately, the business missed out on a significant revenue stream simply because the existing system was unable to accommodate a reasonable request. I find it amazing that these scenarios continue to occur.

This is where management must step in and insist on implementing the right tools so that the business can grow to the next level. If the IT infrastructure is not permitted to scale up, how can you expect the business to?

Is there a failure to communicate?
As with most challenges in business, communication is paramount. Work closely with your Dr. No and figure out the root cause of his resistance. If it's about job security, help him understand how the greater efficiencies of a properly managed service will reflect well on IT. If she's worried about being held accountable for an existing system that is no longer good enough, make it clear that she's a key part of the team for the new tool, that the company is relying on her knowledge of the current system to help roll out the new system.

Recognizing her contribution and value to the team should minimize insecurity.

Trying to meet today's business technology needs with yesterday's IT organizational structure is like driving a Model T at the Indy 500. Time for a reset. Read our Transformative CIOs Organize For Success report today. (Free registration required.)