Forms

You have to believe that forms are necessary.

New software, new access, anything at all on your computer? Fill out a form. The thought is nice, this way they can keep track of what software and accesses you have.

I cannot think of any reason why it matters what software or access rights you have, nor why they need a periodic review by both your immediate manager and the dedicated “software and access periodic review team”. Such functions employ a large amount of people and, unsurprisingly, the more people are hired into these functions, the more reviews begin to take place, thus requiring more and more people to oversee and periodically review everything.

Software Forms

Since we can only download software from an in-house repository, this form-filling process is only superficial. There is no incentive to reject any request where someone has fought the uphill battle of filling out the form, as people might not like having to engage in that tedious exercise again.

The setup is probably familiar: An internal website with nothing but a top bar, which at first glance looks like it is very user friendly. However, clicking on the one dropdown menu in the top bar leads to a new dropdown menu of thirty more dropdown menus, many of which should overlap each other, but for some reason do not. Once you find the correct dropdown menu, you get another dropdown menu where you finally choose which software or access you are attempting to get. Software, for some bizarre reason, has different owners providing different versions of the same free and open source software package, and cobbling together a working product after accidentally installing incompatible tools is time consuming and probably warrants its own article one day. That said, it is nothing compared to trying to gain systems access rights.

Access Forms

Systems are codified and are, for some reason, abbreviations of up to six characters. This means that requesting access to any system means that you have to know beforehand what the correct abbreviation for that system is when you are requesting access. This begs the question: If you already have to know the abbreviation, why do you need to pick the correct one out of a dropdown of hundreds of abbreviations? The big mistake here is that unless you know for a fact that you are clicking on the correct system abbreviation, you will select the wrong one. That means that the access form you wind up filling will be for the wrong system and it will be rejected, since in the free text field of the form, you must specify the system to which you are requesting access.

Permission Audits

I am convinced that whenever someone comes up with a new administrational or “governance” or “auditability” tool, process, or structure and manages to push it into wider use, it will inevitably bloat into a mess of unnecessary bureacracy where every single conceivable permission-requirable thing will end up. The interesting thing is that while constant audits and reviews take place for all the people who have requested software and accesses over the years, no one has thought to clean up the actual administrative tool that houses all this stuff.

You might think that once you’ve filled out your form, that will be the end of that form. The next form you have to fill in will be sometime in the future, cross that bridge when you get to it.

Not quite.

I once found myself in a situation where an administrational task had gone awry, and when that happens, it is not the administrator who has the power to fix it. The only way to fix an administrational error, is to have every person involved in the administration chain start over. This makes complete sense of course, because if an administrational task could be fixed in any part of the chain of administrators approving forms and whatnot, there would be no need for a chain of administrational tasks. So you see, there is a need for excessive administration after all.

Anyway, this problem concerned accesses to a system we had been working on. This work was, by the way, a breath of fresh air because it was the first time that year that I had a real job to do. Everything was progressing like a charm, so needless to say, it was time to put a hard stop to all the work and focus on administering administration. There was a pressing need (that no one was aware about) to change the abbreviated names of certain access groups. Once these names were changed, everyone’s accesses were effectively revoked, so naturally you had to log into the nightmare that was the form submission tool, and fill out a new form with the name of the system being slightly altered.

As fate would have it, we were given the wrong new name and were asked to fill the forms out yet again. Thus, I ended up filling out the same form for the same system a total of three times. Not a big deal, but administrational chains tend to be compounding, so the time and effort that actually goes into this can balloon quite a bit.

Now, once you’ve filled out your form and clicked “submit”, the form proceeds to your line manager. Your line manager is likely less interested in reviewing your access form for codified system names that they will never use than you were interested in filling it out, so obviously they will just click “OK” and send it forward.

It then proceeds to some peculiar “central acceptance office”, where yet another person clicks “OK”. Only after these necessary clicks, does the form loop back to the original person who was tasked with changing this codified abbreviation in the system and he can now drag and drop your username from one folder to another.

Of course we asked if we could just bypass all this administration and have the administrator just do the drag and dropping directly, but we were promptly told that such an action would be impossible. As explained by the contextual logic of administration, I cannot help but agree.