The motto "to protect and serve" is a good one for IT. There seems to be this expectation that IT exists only to create new IT in response to the demands of the business. It's not true. The Finance department doesn't exist solely to find the money for whatever the business needs ("serve"). The Finance department also exists to look after the health and safety of the organisation's wealth ("protect"). Sometimes the Finance department will resist new initiatives simply because the organisation can't afford them. This then becomes a decision escalated to the Executive or the governors (the Board) to decide whether to proceed against the advice of the CFO. In exactly the same way, the Information Technology department exists to protect the IT interests of the owners of the organisation whilst also serving IT's customers and users. The two don't always align.