Published on:

From Interact last year, Cisco’s law department on “mission-critical” services

Since I will be speaking at Mitratech’s Interact Forum next month, I looked back over some earlier presentations. In one of them, Steve Harmon, Senior Director of Legal Services at Cisco Systems, spoke on a range of topics, including the law department’s ongoing efforts to spend the bulk of its attorney time on “core, mission-critical activities.”

What does that portentous term mean? “We define mission criticality in terms of the notion that if we perform one of these tasks poorly, it creates immediate risk to Cisco’s business.” Consider several aspects of that definition.

It is only reasonable that the term recognize some quantum of legal risk. An immediate small risk means nothing to a company the size and clout of Cisco.

It is only reasonable that the term recognized some length of time in which the risk surfaces. “Immediate” is vague. What about long-term risk? Or, Harmon may mean, it immediately creates a risk to the business even if that risk may not ever come to pass.

It is, thirdly, implicit that “poorly” can be very subjective and after the fact. Lawyers can’t spot and mitigate all risks.

It is most likely that legal risks are the yardstick, not financial or operational risks.

To reflect these four points, we might consider a restatement: “A mission-critical matter is one where objectively poor performance by the law department based on the facts as then known creates a material legal risk in the foreseeable future.” Nice legal phrasing, no? Useful? Perhaps.

Harman explained that for everything else, they try to “out-task and outsource, or enable [clients] through self service.”