The cost of control

I saw a great post by Ron Ashkenas on how controls create complexity.  We’ve been struggling with this issue in our transformation program.  We have put stronger controls and more frequent communications in place.  However, these controls and communications shouldn’t create double or triple work.

Askkenas captures what drives these issues in his opening paragraph:

Have you ever noticed that organizations are great at creating controls and policies to prevent incidents that have already happened? Once the proverbial cow escapes the barn, they adeptly make sure it won’t happen again by, say, authorizing only certain people to man the exit and constructing barn-door status reports. 

Sometimes this needs to happen and usually it is straightforward to figure out what a “new normal” approach should look like.  But the rest of the program or business can get left behind and needs to be brought along to the new reports.  There is nothing more frustrating than reconciling “old program” status reports to the “new project” control paradigm.


At least acknowledge the “school solution”

“School solution” is a military-phrase for the standard way in which one would approach a problem or scenario.  While the phrase often is applied pejoratively, it doesn’t have to be so.  In fact, sometimes I wish I heard more folks at least make a gesture towards such standards.

This concept came to mind when I reviewed a proposed risk management process for our transformation program.  While the basics were OK, there were a few indications that the author didn’t know the school solution.  For example, every response was assumed to be “mitigation”.  The proposal also assumed that the risk evaluation would be a “one and done” process… he seemed surprised that we wanted reviews more frequently than quarterly.

There are valid reasons to structure a risk process in a way that doesn’t go strictly by the book.  For example, I can see using a different review cycle for risks where mitigation is the response than those risks one is accepting.  But please show me that you’ve read the book before you propose that we re-write it!

Psychology and Risk

Continuing the risk theme from yesterday’s post

I saw a nice little post (here), that uses an example from the world of NCAA basketball office pools to great effect.  Many of us are willing to brush off easy opportunities to lock in gains — insuring winnings via a hedge in this case — while at the same time spending precious time to pinch a penny or two. 

Jeff summarizes how our thinking betrays us here:

Our experience, observing scores of friends and pool participants in these situations, is that they stick with their original entry. They may think that it is “unlucky” to hedge — a silly notion since they are locking in a set amount. They may think that it does not matter, since they are in for a nice prize either way.

True enough. The $300 difference may not seem like much when viewed in terms of the overall prize. In a few days, however, when the contest has been forgotten, the result of the game will have a net effect of $300 in actual spendable money. A week later, the winner will be making decisions about saving a few bucks in amounts much smaller than $300.

Getting out from under in projects

Excellent short post by Stacey Douglas on Exit Strategies as part of Project Plans.  Here is how she closes the post:

The inability to gracefully shut down one project when it needs to be shut down is a huge risk to your overall portfolio and to the company itself. Most of the time, the plan may be very simple, but working with your sponsor and stakeholders to identify how to recognize when the project needs to be shut down and what the process is very sensible, holistic risk avoidance for all involved.

She makes a perceptive point about mitigation plans and other risk responses.  When preparing risk responses, we tend to focus on how we will manage an individual risk event — most risk responses are aimed at ensuring that the risk event won’t happen or the impact will be lessened.  In other words, most approaches are aimed at preventing project exits.  It is rare that any contigency or mitigation plan looks at what to do if the project is stopped, never mind advocating termination as a risk response!

We address this topic in our project closure process; but we don’t account for project stoppage explicitly enough.  I’m taking an action item to take a fresh look at how we handle this within project and programs; as well as how we drive project termination in our portfolio monitoring and controlling process.

Corner Cutting Survey Results: Risk Monitoring

The corner cutting poll’s third answer (at a low 12 percent) is “On-going risk monitoring and control”.  That result was quite a surprise to me.  Neglecting to perform risk activities beyond initial identification and analysis is one of the most common project mistakes that we see.  Surprise at when risks become issues — or when they become so likely to happen that they should be managed as issues — is a consistent marker of troubled projects.

In our experience, we get a great start in risk management and start our projects with an excellent list of risk events.  Furthermore, we usually will have done good quantitative and qualitative analyses, though appropriate risk response planning is less systematic (which is why it was a poll question).

Any ideas why this came in so low?  Maybe it’s just that Crossderry readers are very sharp and would never miss something so critical :-)   That shameless pandering aside, I’m wondering whether this result was driven by some characteristics of the poll:

  • Was it clear that multiple answers could have been given?
  • Did respondents understand the implied distinctions drawn among the various risk management processes?
  • Was the answer worded well?
  • Was there another risk-related answer that would have worked better?

Is operational proficiency overvalued?

Great Fire -- Narragansett Pier Casino

Great Fire of 1900 -- Narragansett Pier Casino

Most of the tips in The Intelligent Leader blog’s Management Tip of the Day are thought-provoking.  However, Wednesday’s tip (here) got under my skin a bit.  And not just because the idea that “risk taking” wasn’t a valued trait seems quaint considering how intensely the Wall Street Casino is burning right now.  And I think most of us will agree that raw ambition is a mixed blessing and that inspiration is a virtue in leaders.

However, I believe that a strong understanding of operations and initiative management must be part of the package a leader brings to the table.  To that end, I can’t let the perceived swipe at operational proficiency go by without some comments about how it fits into leadership and hiring. 

  1. Execution makes “opportunities” real.  How else do openings identified in confusing and ambiguous times get exploited?  Strategy + Execution — one without the other is useless.  The hiring executive should ask the “operator” to give an example of how he/she made strategy concrete via execution.
  2. Policies and procedures have their place.  They can, of course, stifle innovation and initiative if they monitor and control too closely.  Or even, they can focus on the wrong topics.  Again, interviewers should ask probing questions about how the candidate operationalized innovation, especially focusing on lessons learned about over-control and its consequences.
  3. Risk taking is an essential part of the leadership package.  Risk management is a blind spot Continue reading
%d bloggers like this: