“Yet another useless meeting”, that’s what I remember I often heard from my fellow engineers. We have just attended a management meeting on rules and processes.
I still consider the task of gaining support of employees in the implementation of rules and policies being one of the hardest management challenges.
Way too often, “processes” are seen as barriers and bureaucracy rather than helping guidelines. But first, let’s separate wheat from chaff: the words “processes” and “procedures” are often used interchangeably although they mean very different things.
Processes ≠ Procedures
They have different focus:
- Processes focus on satisfying the customer
- Procedures focus on satisfying the rules
They produce different outcome:
- Processes take input from a number of sources, manipulate them and produce outputs: a product or a service; they are driven by achievement of desired outcome
- Procedures define the sequence of steps to execute a task; they are driven by completion of the task
ISO 9000x and COBIT frameworks document many more formal differences between the two categories, but the above ones, in my opinion, are the most important. So, I guess it’s nothing wrong with processes; it is procedures that so often give engineers (and not only them) a trouble.
That’s what I sometimes feel about policies and procedures cut in stone; you can easily predict the level of adoption and compliance:
My personal list of top attention points with the implementation of policies and governance:
Reason #1 – Lack of employees support. When people don’t share your vision on why procedures should be followed, they will try to bypass them. This is closely linked to the next item: ability to self-improve.
Reason #2 – Lack of procedural governance, i.e. evaluation on how helpful, convenient, and appropriate the procedure is. Without it, procedures become bureaucracy and treated as inevitable evil. While recognizing the importance of the formal metrics, I talk here about opinions of those who use procedures.
Quote: Good policies and procedures are non-intrusive: they appear logical for those who have to comply with them, i.e. they do not create unnecessary resistance.
Reason #3 – Procedures do not match the company culture.
Reason #4 – Lack of automatic control points, allowing to easily check whether the policy or procedure has been followed and policies implemented. That’s the feedback for improvements, and “automatic” is a key word here.
Governance ≠ Management
The implementation of processes and procedures is not static and should not operate only on the management layer; in order to properly close the circle the governance layer must exist. Here is how COBIT suggests to separate the two:
“The good processes and procedures get called culture”
Alex Mavrin, founder at Apteriks
Cisco CCIE #7846