The "No Guy"

I work as an IT engineer at a relatively large healthcare organization -- about 8,000 employees.  We have our own full time "No Guy" on staff.  His official job title is Provisioning Analyst, but we just call him the No Guy.  His job function is to provision new user accounts and add or remove access permissions on existing ones.  This post explains how those things don't actually happen very often.

When we work with vendors to install, maintain, or troubleshoot one of their products, we often have to give them remote access to some of our systems.  There is a very specific process to request this type of access and it's never the same two times in a row.  The only way to really do this is to request access the same way as the last time you did it and see what happens.  

Now you might think that if you use the wrong request method then your request would be returned to you, but you would be wrong.  If you use the wrong method of requesting access then your request would simply be ignored.  Eventually you would probably inquire as to the status of your request and you would receive a copy of an email notification that was, in all likelihood, sent to an email group of which you were not a member.  Of course the copied email would be accompanied with a stern warning to make sure and use the correct request method and that Mr. No Guy wouldn't be responsible for the results if you didn't.

So what happens if you used the correct request method?  Nothing.  Nothing happens.  Again, you would eventually inquire about the status of your request.  This time you would simply get "I'm working on it."  If you ask for an ETA you get two things.  First you get "No ETA."  You would think that statement would be accompanied by an "I'm super backed up right now so it's going to take a few more days" or maybe "I know you're waiting so I'll try to get to it today" or maybe even a "I'm waiting on approval from legal."  what you actually get is a blank stare completely devoid of emotion or any expression whatsoever.  It's the same look you get when you catch your dog taking a dump on the living room carpet and he's trying to make you think he doesn't know anything about it.

Eventually when you can't wait any longer you have to go to your Manager, who goes to his/her Director, who goes to his/her Vice President, who goes to the Vice President of Information Security.  From there the request rolls down through several more layers of management until it lands back at No Guy.  He will then immediately complete your request and notify someone not even remotely involved in the whole process that it has been completed.  That person will receive the login name in a cryptic email.  The password, of course, will be sent to a different person chosen at random.

More often than not you will later find that the account was provisioned incorrectly and the vendor has access to everything except what was requested.  If this happens then you have to repeat the whole process, but it will take much longer since trouble tickets are handled at a lower priority than new access requests.  During this time No Guy will be pointing to everyone else as the potential reason that the account doesn't work.  It was a bad request, the network guys didn't do something right, it's user error, the server doesn't accept RDP requests, the firewall is configured incorrectly, the phase of the moon is wrong, the pollen index was too high, there was a second gunman on the grassy knoll, alien invasion, election corruption, the planets were not in proper alignment, anti-vaccination protesters, white noise, the four horsemen of the apocalypse.  The list goes on and on.  And on.

The No Guy is only one example of the "No Culture" in our organization.  There are many, many others.  In fact, we have people who have made entire careers out of figuring out new and imaginative ways to avoid doing any actual work.  The whole thing has been so institutionalized that if you get a request for something that you're supposed to do and you just complete it in a timely manner, then you are not considered a team player.  I'll leave it to you to figure that one out.