• Save
#BFM2013: Knowledge-based organizational change
Upcoming SlideShare
Loading in...5

#BFM2013: Knowledge-based organizational change



This book is an extensively edited and updated reprint of what was posted online between 2003 and 2005, as part of an online magazine called "Business Fitness Magazine". ...

This book is an extensively edited and updated reprint of what was posted online between 2003 and 2005, as part of an online magazine called "Business Fitness Magazine".

Therefore, sharing the eBook version of this book on Slideshare is an appropriate “thank you” note to past readers, supporters, and customers- but you are obviously invited to buy the paper version on Amazon (in that case, the Kindle edition is free).

The Amazon version will be available from 2013-10-31.

By design, as it is process-oriented, this book lacks an index (but contains an extensive table of contents).

You can always find the (free) edition of my business books on http://www.slideshare.net/robertolofaro (sometimes full books, sometimes key chapters useful for your own publishing, consulting, training and overall change activities).

The (low price, of course!) printed and Kindle versions are available on http://astore.amazon.com/getarothewor-20

Aim: spread ideas, and collect feed-back (visit my profile http://www.linkedin.com/in/robertolofaro)



Total Views
Slideshare-icon Views on SlideShare
Embed Views



2 Embeds 5

https://twitter.com 4
http://www.draugiem.lv 1


Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    #BFM2013: Knowledge-based organizational change #BFM2013: Knowledge-based organizational change Document Transcript

    • BFM2013 Knowledge-based organizational change Roberto Lofaro
    • Copyright © 2003-2005, 2013 Roberto Lofaro, aleph123int@gmail.com All rights reserved. ISBN: 1493581074 ISBN-13: 978-1493581078
    • “In general, commanding a large number is like commanding a few. It is a question of dividing up the numbers. Fighting with a large number is like fighting with a few. It is a question of configuration and designation”1 Divide et impera has had an universal appeal since humanity tried to create complex organizations. In our XXI century, complexity is not simply related to structural issues, but also to the flexibility (somebody would say instability) associated with an endless and unforeseeable number of communication channels. Coping with complexity isn’t enough: you need to breed a culture that is built on prioritization about your own “core” values, or otherwise you will waste endless resources to play “catch up”, moving from crisis to crisis. Therefore, being able to see your company as a forest composed of trees, instead of focusing on each tree individually, is a first step toward a proactive management of complexity. Your knowledge (and how you configure and designate it) is your key asset, and what really differentiates your company from your competitors. Know where you are, what you stand for, and choosing where to go will become based on a longer-term perspective. Quoting again Sun Tzu: “Thus is said that one who knows the enemy and knows himself will not be endangered in a hundred engagements. One who does not know the enemy but knows himself will sometimes be victorious, sometimes meet with defeat. One who knows neither the enemy nor himself will invariably be defeated in every engagement.“2 1 Sun Tzu, “Art of War”, Sawyer edition, 1994 Westview Press, page 187 2 Ibidem, page 179
    • PROLOGUE Why this book? Because between 2003 and 2005, as part of a programme to return to Italy, I started publishing an online magazine that had over 800 subscribers (mostly senior managers) from more than 500 companies. The publication of the magazine was halted when I understood that, having lived abroad since 1998 and worked with foreign companies since 1986, I was too “foreigner”. So, in 2005 I started a resettlement and repositioning programme, aiming to settle in Brussels (by invitation)- but to phase out existing business relationships in a responsible way took up to spring 2008. Despite valiant efforts to become local, it took only from spring 2008 to fall 2008 to understand that I had to scale down my expectations, and therefore simply decided to move online everything that didn’t find buyers locally. Aim: to have others re-use what I could not use (never waste experience), and keep skills alive (for future uses). As resettling in Brussels as an employee did not work, despite passing a Dutch language exam, I had to start (again) a repositioning programme. This book is part of that “Plan B”, which included a first book published on Amazon in January 2013, to design and test publishing processes3. Few more books will be published in 2014, always on change management. This book, updating on the 2003-2005 material, is offered as a free eBook to more than 3,000 online contacts (former subscribers and others). 3 #BerlinDiaries, the process and marketing history is described on Slideshare: http://www.slideshare.net/robertolofaro/berlin-diaries20130917marketingpresentationandsample
    • ACKNOWLEDGEMENTS & RATIONALE This book is an extensively edited and updated reprint of what I posted online between 2003 and 2005, as part of an online magazine. Since 2008, online articles published on http://robertolofaro.com/blog covered a variety of subjects, from the perspective of a change (cultural, organizational, technological) consultant with experience also in politics. Writing this book, and the articles between 2003 and 2005, would not have been possible if it weren’t for opportunities that I have been given since the early 1980s to share knowledge, deliver conferences, and work with people (notably senior managers while I was in my early 20s). I certainly invested a significant amount of time to continuously improve my knowledge and skills, but that would have produced no significant results if it weren’t for the foresight, patience, and willingness to coach of countless senior managers that I met across Europe. Being able to work in a different industry each day was a significant challenge and opportunity that I was offered in Italy by business units of Andersen Consulting, in the late 1980s. I have to be equally grateful to other managers (my CEO in Italy and the Paris-based Marketing Director, from Lebanon) of CGI, as well as fellow consultants and customers that I met while working for my longest-running customer, Cedacrinord, whose CEO offered me the opportunity to change their way of working and thinking in December 1992- and continued until 2006 to provide new challenges, pivotal in being able to deliver activities in other countries and industries between mid-1990s and 2013. Therefore, sharing the eBook version of this book on Slideshare is an appropriate “thank you” note- but you are obviously invited to buy the paper version on Amazon (in that case, the Kindle edition is free). By design, as it is process-oriented, this book lacks an index (but contains an extensive table of contents).
    • CONTENTS Prologue .................................................................................................................. iv Acknowledgements & Rationale .......................................................................... v Contents .................................................................................................................. vi 1. Introduction....................................................................................................... 11 Genesis of an e-zine ...................................................................................... 12 Positioning and defining the “format” ...........................................13 Content provisioning and management ................................................. 14 E-marketing on a shoestring before Facebook .................................... 15 Reaching the audience ................................................................................ 16 2. Improving the use and control ...................................................................... 17 Knowledge management vs. knowledge retention ..................................... 18 Introducing knowledge retention .................................................................. 19 ISO9000 and knowledge management ......................................................... 20 Public and knowledge production ................................................................. 21 Knowledge snippets and traceability ............................................................. 22 Downsizing and knowledge configuration................................................... 24 Knowledge Configuration Management & Knowledge Costing.............. 25
    • Knowledge management and participation.................................................. 26 Knowledge and embedded security............................................................... 27 Guidelines for action ....................................................................................... 29 Timeframe for delivery .................................................................................... 31 Closing................................................................................................................ 32 3. Strategic Outsourcing....................................................................................... 33 Outsourcing as a magic wand ......................................................................... 34 What is outsourcing ......................................................................................... 36 Controlling the process ................................................................................... 38 Framing vs. frameworking .............................................................................. 41 The content of outsourcing ............................................................................ 44 Consequences of outsourcing ........................................................................ 46 Strategy and outsourcing ................................................................................. 48 Outsourcing and “internal outsourcing” ...................................................... 52 Strategic outsourcing........................................................................................ 54 Costing outsourcing ......................................................................................... 57 Outsourcing contracts ..................................................................................... 61 Managing outsourcing ..................................................................................... 64 Conclusions ....................................................................................................... 66
    • 4. Business Continuity Governance ................................................................... 67 A knowledge-based definition ........................................................................ 68 Business Continuity as a project .................................................................... 69 Business Continuity vs. crisis management .................................................. 70 Coping with uncertainty .................................................................................. 71 Managing expectations .................................................................................... 74 Perception and reality ...................................................................................... 75 Self-protection and threshold levels .............................................................. 77 Raising awareness and “controlled crises” ................................................... 78 Systemic approach to Business Continuity and Risk .................................. 79 Cultural approach to Business Continuity.................................................... 80 Setting priorities ................................................................................................ 81 Business continuity and Outsourcing ........................................................... 82 Business Continuity Management ................................................................. 83 Continuous improvement ............................................................................... 86 Dynamic Corporate Governance................................................................... 88 From BCManagement to BCGovernance.................................................... 90 Introducing BCGovernance ........................................................................... 91 Conclusions ....................................................................................................... 92
    • 5. Business Perspective on E-Government ..................................................... 93 Introduction ...................................................................................................... 94 E-government in perspective ......................................................................... 95 Why e-government........................................................................................... 98 Defining e-government ................................................................................. 100 The economics of e-government ................................................................. 102 Past forecasts, current realities ..................................................................... 103 The hidden costs of e-government.............................................................. 105 Converging transparency initiatives............................................................. 106 Business side-effects ...................................................................................... 107 Costing e-government ................................................................................... 108 Deploying e-government in your organization.......................................... 111 Increasing e-government benefits................................................................ 113 Conclusions ..................................................................................................... 114
    • BFM2013: Knowledge-based organizational change 1. INTRODUCTION The book that you are about to read has a story probably as useful as what you will read in the next few chapters. What you will find in the next chapters is a revised collection of an ezine on cultural/organizational change and knowledge management that was published online between 2003 and 20054, and whose readership included over 800 managers from more than 500 companies. Along with this collection, a completely new book, again focused on change, will be available on Amazon in 2014, along with a new version of the website and community. The next sections of this chapter will share the case history of the repositioning programme started in 2003 and halted in 2005, of which the magazine and the associated research & marketing campaign were just one work-stream, hoping this introduction will inspire your own knowledge-sharing and “positioning” activities5. 4 http://www.businessfitnessmagazine.com 5 Comments, etc: http://www.linkedin.com/in/robertolofaro 11
    • http://www.linkedin.com/in/robertolofaro Genesis of an e-zine The e-zine was called “Business Fitness Magazine”, as the content was “licensed” for free to my own company6, based in UK, that I had set up in 1998 to support customers around Europe. What was the aim of the magazine? To reach a larger audience for my services on cultural, organizational, and technical change, while supporting my relocation back to Italy, as after five years abroad working in few European countries I had few new opportunities to share my business experience with Italian partners and customers. When you plan an online publication, you have to assess the resources needed to keep up with your own schedule7- in business communication, inconsistency isn't a virtue. Nonetheless, knowing “how often” you are able to communicate (something that could be altered by adding more resources) still leaves to be defined “what” you are going to write about, and “who” is going to be your audience8 But in this case, I had also to think about how to evolve it. And how can you evolve something if you haven't yet defined its audience, and seen how what you are already offering is perceived? It seems a “catch-22”, but it is much simpler: you need a “pilot group” of readers that will get access to a “pilot issue”, enabling you to both tune your material and have already something online before you start looking to increase your audience and readership. 6 Business Fitness Consulting International Ltd, now closed 7 See, in Italian but with links to the English version, http://www.dirittodivoto.com/index.php/strumenti 8 Refer to the articles listed under note 3. 12
    • BFM2013: Knowledge-based organizational change Positioning and defining the “format” The first step was obviously to identify a “target audience”, in my case by using the experience and data obtained by previous “lead generation” and market assessment activities. Along with the obvious “domain experts” (e.g. organizational development directors, knowledge managers, ICT managers, anybody involved in IPR), also those who could influence their activities (i.e. direct or indirect stakeholders) were to be included within the target, as the e-zine wasn't just a vanity publication. The idea was to produce something that, eventually on a quarterly basis, would share experience (through case studies and lessons learned) and inspire action, not necessarily through my or my partners' involvement. White papers are fine, marketing-through-newsletters is fine: but neither was my purpose. The first use of the magazine was to share with customers some articles, to be read before brainstorming sessions, as a quick way to give ideas and inspire doubts without challenging directly their own perceptions of their own environment: change begins with an assessment of where you really are. Then, as discussed in the next few sections in this chapter, the real marketing and “reach the audience” campaign started. But even before the first issue was completed, a publication schedule covering one year had been prepared, along with a “format” and an online publishing framework that enabled to have an online publication that could be read also with the slowest connection you could think about. 13
    • http://www.linkedin.com/in/robertolofaro Content provisioning and management Talking about content: also if you assume, as I did with Business Fitness Magazine, that you can produce each issue independently, it will eventually make sense to have contributors, or even to hire staff producing material based on your own “style” and “content branding”. Across my career (actually, also while in High School), I had some “ghost writing” activities- in business on behalf of senior managers or board-level executives, and my role in each one of those cases was first to collect samples and profile who I was writing for, to ensure the production of consistent material. If you “ghost write” once in a while or just once for somebody, it makes sense to do this in the same way. But if you want to do something more structured, e.g. to ensure that enough material is always available, it is better to build your own “format”- i.e. the “how”, “what”, etc. of your content, to ensure consistency, along with guidelines on how to produce new content. In my essay-oriented blog9, or even the articles on structuring your content that I referred to in a previous section10, I kept referring to three sources that could inspire your own “format” definition: - Bernays’ “Propaganda” (available for free online) - the movie “Thank you for smoking” - last but not least, Roddenberry's “The Making of Star Trek” The common thread between the three? They describe how to apply whatever “format” that you will find suitable (and any mix of channels) to your communication. 9 http://www.robertolofaro.com/blog 10 http://www.dirittodivoto.com/index.php/strumenti 14
    • BFM2013: Knowledge-based organizational change E-marketing on a shoestring before Facebook Since mid-2000s Google became part of the toolset of anybody trying to market anything- and not just necessarily online. In the early 2000s, it was more touch-and-go (I registered my first Internet domain, prconsulting.com, in 1997, but it was online as a website much earlier, hosted on other websites). Anyway, that e-marketing campaign was based on lead generation and “market size identification” activities first delivered in late 1980s as part of pre-sales. As the target was senior management, also if, at the time, there would have been around the tools that are available now, I still believe that at least a “personal contact” would have been needed. In this case, the web helped, by providing access to databases and lists of companies and their key managers. But instead of a traditional email, or letter, I used a different approach, that worked well whenever the “target audience” was holding senior management positions, and expected to be treated accordingly. The concept is simple: prepare scripts that will guide through a Q&A while mimicking a conversation, thanks to a script based on “traffic lights”, i.e. identifying the level of interest shown by those who are called. It is obviously critical to have the right people making the calls, to ensure that, while not necessarily being experts (it would be too expensive), they are able to qualify the contact, and provide information that is consistent with what can be delivered, at a later stage, by somebody able to answer open questions (a subject matter expert) 15
    • http://www.linkedin.com/in/robertolofaro Reaching the audience As the magazine was anyway going to be accessible online through a website, but only to registered users, the website had to be available, up-and-running, and with some content in before we started the campaign to obtain subscribers. A characteristic of the magazine was that, eventually, it became more than a positioning tool for consulting services, as other partners joined up, and plans included a multi-party merger in Italy: the UKbased company and the magazine (in English and Italian) were to become shared resources. Few rounds of “prospecting”, by industry and by country, where launched: in a short while, one person working on a list and series of data-collection forms and scripts was able to confirm over 800 subscribers (mostly senior managers) from more than 500 companies. If your idea is to create a “layer of services”, starting from a free newsletter, up to customized and paid services or products, including the traditional “premium services”, paid publication, etc., this has to be decided from day 1: converting the same services from unpaid to paid is never an easy transformation to manage, and comes with significant “attrition” (i.e. loss of subscribers). In my case, the magazine reached its audience when… I contacted them to announce that a new issue was available online (a way to remember the company and address). In your case, if you aim for a much larger audience, it might make sense to study and identify also “outreach” channels, as I did for a non-profit startup between 2008 and 2010 (it included online presence, “clubs”, and events). 16
    • BFM2013: Knowledge-based organizational change 2. IMPROVING THE USE AND CONTROL This first issue was focused on methods and solutions that could help in improving the way an organization accumulates knowledge, as a way to increase control on core processes, while reducing the use of external experts to where they can add value. It is a simple statement, but a complex predicament. How do you convert this concept into something practical, without first dropping endless amounts of money into “knowledge management”? Interestingly, some organizations that misused Knowledge Management tools and methodologies found themselves with an increased use of external consultancies, used by some organizational units as a way to circumvent rules that were applied only to internal knowledge production. A caveat: what follows is a set of guidelines that could help to define your own roadmap or even blueprint of a “transformation programme”, but its feasibility is a function of two key elements: an understanding of your own corporate culture, and the clearness of the mandate that will be assigned to those involved- no amount of resources would deliver sustainable results without both of them. 17
    • http://www.linkedin.com/in/robertolofaro Knowledge management vs. knowledge retention Knowledge Management is quite often confused with tools and methodologies related to knowledge management. Anyway, almost any system works according to the “Garbage InGarbage Out” (GIGO) principle. GIGO? Usually, any transformation process does not improve the quality of its inputs- at best, it can minimize the additional “background noise” introduced by the transformation process. Any tool that tries to build a general description of activities across the functional divide assumes a specific reference set of accepted processes, results, and ways to manage change: we will define this set of assumptions the “Embedded Corporate Identity” (eCI). ERP, CRM, and Knowledge Management tools share the same pitfall: unless you know already where you are, you risk that the tools will insert into your organization their own “Embedded Corporate Identity”. The reality will then be discovered “on-the-job”, and changing both the tools and your own Corporate Identity will start; few million dollars, you will discover what happened (at an official ERP conference sponsored by a supplier, a customer reported that the overall cost of a botched ERP transition had been on the tune of more than 40 million EUR). We suggest that Knowledge Management is introduced once you have already a working policy for collecting, structuring, distributing, maintaining knowledge: what we call “Knowledge Retention” (KR) policy. Knowledge Management cannot work without Knowledge Retention, and it is greatly enhanced by the use of tools to manage the processing of knowledge. 18
    • BFM2013: Knowledge-based organizational change Introducing knowledge retention As a first step, we suggest that you identify what is the current behaviour in your organization when it comes to knowledge retention: do not be surprised to find wide differences between organizational units, or within each organizational unit. The early XX century “Scientific management” à la Taylor was originally based on sound knowledge of management practices, to ease the training of managers without the need to start from the shop floor and rise up into management, as training was supposed to replace experience. Thanks to PCs, the widespread use of computers tools like the spreadsheet allowed to replace the transfer of “fuzzy” knowledge (people skills, etc.) with a more structured and quantitative approach, easing the replication and communication of knowledge. Or so it seemed. In reality, the 1990s saw the sharp rise of spreadsheet-toting consultants, focused on quantifying everything, quite often discarding the unquantifiable as irrelevant, or coercing reality into a convenient set of values that allowed classifying everything. Admittedly, successive generations of quantitative-focused managers and consultants increasingly drifted away from business common sense. While assessing the current status of your “Knowledge Retention Policies” (KRP), we usually suggest to identify a set of qualitative parameters and some levels of compliance used to benchmark each organizational unit. Using these parameters, a simple “radar” chart will become the basis for a brainstorming on possible initiatives to improve the status of each organizational unit. 19
    • http://www.linkedin.com/in/robertolofaro ISO9000 and knowledge management ISO9000 is just an example of a “standard” that can have significant impacts on your way of doing business- and therefore it is worth spending few words about it. In the 1990s, ISO9000 certification became a “condition sine qua non”, a cost of staying in the business- as having a telephone. Eventually, customers practically merged ISO9000 and Knowledge Management, but while the latter has the purpose of reducing the cost of increasing, distributing, and updating knowledge, the former is focused on different premises. ISO9000 originally simply stated that you were going to be assessed vs. what you stated that would be your quality level- not vs. some “common” or “standard” quality level. Often knowledge producers became the “bottleneck”, as they were required to produce variants of the same set of information for different destinations - ISO9000, Knowledge Management, etc. If your organization has already ISO9000 and Knowledge Management initiatives in place, we are not suggesting to trash what you already have: our approach is to find a way to restructure knowledge so that each item can be reused to be “published” for a different public. Public: yet another concept that is quite often discussed along with Knowledge Management, and quite often distorted into a simple format conversion. Tailoring your content to a different public is not just a matter of changing layout, or graphical format: often, you have to consider also the different knowledge and experience background of each segment of your audience. 20
    • BFM2013: Knowledge-based organizational change Public and knowledge production While a technical approach to knowledge management sometimes could benefit from a “big bang”, this usually produces just a technological implementation. But who will maintain the processed knowledge stored inside the knowledge management system? Certainly not the knowledge producers, as it will be completely different from the source. Each document has (or should have) a destination public, i.e. an intended audience. If you cannot define the audience, chances are that your document will not achieve the intended results. But do you really need to write the same item time and again? The risk is that your knowledge producers will spend seven hours reporting in slightly different formats what they spent one hour doing. While knowledge production obviously should stay with those who own the knowledge and are able to make it evolve, knowledge retention and communication might involve a differentiation of roles based on your own specific organizational culture and structure. As an example, consider the differentiation between “knowledge producers” and “knowledge consumers”: what the former produce might require somebody belonging to the organization from the latter and able to “convey the message”. This is probably already part of your practices, as e.g. you would not expect to communicate with the CEO as if (s)he were a production engineer: but data management tools often took over common sensealso if there is an alternative, i.e. to use both tools and common sense. 21
    • http://www.linkedin.com/in/robertolofaro Knowledge snippets and traceability Two simple actions could simplify both the interaction with the “thesaurisation and compliance organizations” (e.g. methodology, quality assurance, knowledge management) and those charged with knowledge production: writing “knowledge snippets” along with each item, and defining “building maps” for the basic documents to be generated by the knowledge producers. Traceability is a simple concept, and it is more a matter of common sense than a completely new concept. Simply, partition your document into “atomic” (i.e. not further divisible) items, and whenever producing an update, take note of which existing item you are updating. Managing traceability is slightly more complex, but it is built around this same basic rule. Not everyone is keen on documenting in a traceable way, or interested in restructuring documents according to different sets of requirements. The knowledge producers should retain control of the knowledge they originated, as they are the only ones able to update it in a meaningful way. Obviously, this implies that the knowledge producers operate according to your own rules- and this applies both to your own staff and any external supplier: as you pay, they have to use your methodology, not their own. As it will be discussed in a later issue, you can outsource/delegate the execution, but not the responsibility. While outsourcing, you focus on the results and not the process: in that case, the knowledge ownership balance might be altered. 22
    • BFM2013: Knowledge-based organizational change If you define clear "roadmaps" to assemble and store knowledge items, then the thesaurisation is just a by-product of your normal activities. Then, the knowledge producers can delegate the actual collection and formalization to resources focused on those task, usually belonging to the “thesaurisation and compliance organizations”. Knowledge producers usually need to get through some trial-anderror before they can identify the proper size of the “knowledge snippets” for their own processes, but there is a low-cost option. Ask them to define “knowledge snippets” so that they can enforce traceability. They should start by looking at their own business processes, and check what is the minimal traceable “knowledge snippet”: probably the actual size and configuration of a meaningful knowledge snippet is different across the organization. It is critical that this “traceability identification” is defined by knowledge producers, to ensure that it is consistent with their actual “real” processes, as often processes contain both a visible layer, operating through the formal organization, and an invisible layer, managed through the informal organization. And this awareness becomes even more critical in case of knowledge thesaurisation activities that are a step toward restructuring (e.g. downsizing, merger, acquisition, asset/business line disposal) or outsourcing activities. 23
    • http://www.linkedin.com/in/robertolofaro Downsizing and knowledge configuration A common problem in any organization is that through downsizing, BPR, re-organization, outsourcing, probably the organization removed as much organizational redundancy as it was previously available, therefore leaving scarce (if any at all) cross-functional expertise left in-house. This implies that quite often “knowledge configuration” (KC), where existing in-house knowledge components are re-used across the organization, is increasingly difficult, or it is delegated to external resources- who happen to be the only ones still working across the functional divide (with further side-effects on business continuity). Using “knowledge snippets” along with traceability reduces the cost of knowledge production and retention (including its maintenance). Also, this allows your organization to introduce “knowledge configuration management” (KCM), ensuring consistency of behaviour across the organization. KCM is linked to another concept: “versioning” of knowledge. The basic concept is that any item of knowledge depends from one or more other items, produced in the same or other organizational units. Knowledge management tools can become obviously useful- but you need first to have in place a culture able to process knowledge. The next step is, obviously, seeing how you can monitor your knowledge stock and benefit from it. Incidentally: “knowledgebase”, or “knowledge base” are avoided in this book, as two often they are used to describe both “knowledge collections” and “knowledge thesauruses”- basically, “static” vs. “dynamic” knowledge11. 11 See chapter 4 in this book 24
    • BFM2013: Knowledge-based organizational change Knowledge Configuration Management & Knowledge Costing When “Knowledge Configuration Management” is in place, quantitative analysis of your “knowledge stock” becomes again possible. Obviously, the parameters must be tailored to the specific categorisation of “knowledge snippets” that will have been negotiated with knowledge producers. Why introducing again quantitative analysis, after criticizing it in the previous section? Consider this as possible side effect, not a mandatory element of a “knowledge retention” policy. Introducing quantitative analysis after adopting the new approach could be useful to actually share the costs of producing and maintaining a specific “knowledge snippet” with all its users. And it is not only useful for "Internal Transfer Pricing" (e.g. to identify how other parts of your organization should contribute to the investment on knowledge production), but also when spinning out a unit or negotiating a joint venture, and in IPR management. Obviously, also if the demonstrated value or cost of an item is X, corporate policy realities could result in a lower transfer price, considering the balance as “overheads”, paid by the organisation as a whole, e.g. for processes that, while being managed by a specific business unit, are actually the reason for the organization to exist. The risk? If you forget what is “core” to your business, some excessively entrepreneurial elements of your organization might quarrel about considering their support processes as “core business”and ask others to contribute to their own costs. 25
    • http://www.linkedin.com/in/robertolofaro Knowledge management and participation If you introduce Knowledge Management after Knowledge Retention and Traceability, the actual knowledge producers will be more active partners in setting up and negotiating the separation of roles and structuring of the knowledge infrastructure. This increased participation will result in a greater control on what is inside your “knowledge store”, as the knowledge management organizational unit will not be the only organizational structure in charge of all tasks related to knowledge management. If the Knowledge Management organization is in place before the rest of the organization is able to provide usable knowledge, the net result is usually an “ivory tower” approach. Should this be the case, the Knowledge Management organization, for lack of contacts with sources that understand its “lingo”, starts generating knowledge and assumptions, instead of structuring knowledge produced by the actual Knowledge Providers. In turn, this will give less incentive to the other organizational units to become part of a process that adds overhead but whose value (i.e. knowledge that can be extracted and reused) is questionable. Of course: a better alternative is to clearly “phase-in” such an organization, by assigning it an advisory role to business units during the first phase of its activity. Knowledge Management based on Knowledge Retention also simplifies the identification of “core” knowledge items, whose understanding should be kept inside your organization. These “core” items are those relevant to ensure that any “outsourcing” activity does not affect your business continuity. 26
    • BFM2013: Knowledge-based organizational change Knowledge and embedded security Once the knowledge production is structured, it becomes easier to define a knowledge control/security policy, by assigning a different level of access and responsibility to different organizational units. A positive side-effect of this definition is: identifying the “knowledge boundaries” for each organizational unit limits the need of crossfunctional meetings to those where the subject is new or clearly spans across “knowledge boundaries”. As each item is classified while being defined, it becomes possible to delegate without losing control12: this will reduce the number of resources needed to cope with a larger number of projects, using external resources only when and for how long is really needed, and without any loss of knowledge. As described above, adopting a sound Knowledge Management policy based on Knowledge Retention makes investment on knowledge and knowledge costing possible. Why the title of this issue13 links “knowledge retention” to “embedded security”? Knowing which items of your knowledge thesaurus are “core” and should be maintained inside your organization ensures that you can improve your business continuity capabilities, also when delegating to third parties one or more processes. What is “embedded security”? Security management is quite often considered an additional set of processes, almost an afterthought. 12 See chapter 3 in this book, originally issue 2 of BFM 13 The original title was: “Improving the use and control of knowledgeembedded security”- too long for this book! 27
    • http://www.linkedin.com/in/robertolofaro But this externalisation of security implies that you try to build up walls (virtual or real), without actually involving those who produce the knowledge and therefore should know its operational sensitivity. It is true that those above them know how, within the “formal organization”, that knowledge impacts on other areas of business: but also if those managers are promoted from the rank-and-file, eventually they will lose knowledge of the current, real, “informal organization”, and its informal communication flows (more appropriately, “back channels”). Security (both physical and logical) does not come cheaply, and 100% security is simply impossible. Our concept of “embedded security” is quite simple: instead of adding security after your processes, try to focus on identifying who is responsible for each specific knowledge subset, and involve them in the definition of the related security profile, with the support of your security experts or “internal audit”. Maybe you will discover that some of the security can be “embedded” in the actual processes involved in producing the knowledge, minimizing your security overhead. Knowledge-based security profiling increases the accountability of knowledge producers, while ensuring compliance with your own internal policies. Further additional layers of security would just (expensively) increase the perceived security, while impeding the knowledge distribution that is needed to actually generate value, and creating a false sense of security in knowledge producers. 28
    • BFM2013: Knowledge-based organizational change Guidelines for action All the basic items now clarified, how long would it take to achieve these results? It depends on your expectations- and how you manage them. As noted above, a “Big Bang” approach is possible if you focus on technology, but then maintaining the knowledge will be more expensive, as the producers will need constant help both to trace back and update the “thesaurised” knowledge. In any change management activity, you need to change the behaviour of knowledge producers as a whole. A simple presentation is not enough to produce the change: you also need to reinforce the message with consistent, individual actions. We suggest a staged approach, using the results from the parameterdefinition activities shown above, to build up a schedule of intervention that could produce the first results in few months. Lowering the expectations (better, managing them) implies identifying which organizational units could produce results faster. Then, a “viral” model could be used to both improve your knowledge retention policy and spread the activity to other organizational units. Whenever you want to “evangelise” on something new, identify a first structure with a high chance of success. Once successful, this structure should “spread the message” to others, reinforcing the message: usually, the growth is not simply linear. 29
    • http://www.linkedin.com/in/robertolofaro How do you operate? Realistically, identify a homogeneous area to “tune” your approach, and identify the actual “stakeholders” involved in knowledge management processes: production, collection, distribution, and maintenance. This approach allows finding if there are any further organizational units that should be involved, while negotiating both a process and the associated roles; e.g. organizational units that have already been assigned similar tasks, or that defined their own knowledge retention policies that are worth considering “best practices”. Just remember: this approach has to be tailored to both your own corporate culture and your aims. As an example: often, while taking over or merging units, or defining a joint-venture, “promoting” processes already adopted by some units prior to this organizational and cultural change could actually increase resistance to change. Finally, no knowledge retention policy should allow “loopholes”, e.g. using external resources to bypass standards, using as an excuse that they follow their own rules. The message to both internal and external resources is quite simple: you delegate the execution of activities, not responsibility, and therefore any organizational unit using external resources should “price” the cost of converting the externally-generated knowledge in order to make it comply with the internal rules, and obtain something whose lifecycle can be managed internally. Quite often, these additional costs would reduce or remove the economic viability of externalisation, at least for recurring activities. 30
    • BFM2013: Knowledge-based organizational change Timeframe for delivery A first project could usually take one-two months to assess the parameters and give an overview, using brainstorming sessions to identify the targets and the first organizational units to apply the process to. The collection and first structuring, with the building of a reference catalogue, would probably take another four months. Unless you have already a knowledge retention policy in place, the cultural change management usually would require another six months, with oversight from either the first organizational unit carrying out all the activities, a new structure, external resources, or a team composed by a mix of resources from the three. Again, staffing choices have to be tailored to your own current and proposed environment. Thereafter, a “viral spreading” approach (like the one used in Business Intelligence and similar activities) is suggested to deploy the process across the organization. As for the project team size: the initial team should be as small as possible, while a single resource should be responsible for the first catalogue building, to ensure consistency. Once the first phase and second phase of the first project have been carried out, and the working rules have been defined, the team could be expanded to activate parallel projects. Anyway, consider these first phases as part of a long-term cultural and organizational change programme, if you want to produce selfsustainable results. 31
    • http://www.linkedin.com/in/robertolofaro Closing In conclusion, knowledge retention is not rocket science, but the benefits it can deliver are quite sensible. Moreover, you can do it yourself. With different levels of detail, this approach has been applied time and again, both internally and for customers across Europe. As usual, use the information at your own risk and adapt anything you read to your own environment. While we had consistent success in applying this approach, we cannot guarantee that it will work for your organization. 32
    • BFM2013: Knowledge-based organizational change 3. STRATEGIC OUTSOURCING This issue was focused on methods and solutions to manage outsourcing choices, while retaining the capability to keep the evolution of business processes on track. Outsourcing and BPO (Business Process Outsourcing) are often considered mere economic or technical choices. Instead, a wrong outsourcing decision could negatively affect your organization's ability not only to carry out business-as-usual activities, but also to evolve. As discussed in the previous issue14, if you don't know what is really “core knowledge” of your business, and the associated formal and informal organization, outsourcing could not be the best choice, unless it is a mere output-oriented activity. 14 See chapter 2 in this book, originally issue 1 of BFM 33
    • http://www.linkedin.com/in/robertolofaro Outsourcing as a magic wand Since the late 1980s, a constant drive to downsize, rightsize, sliceand-dice businesses pushed many companies toward considering “externalisation of non-core activities” as a routine affair. Outsourcing became a magic wand to convert fixed costs into variable ones, while improving the level of services received vs. what was previously delivered by internal resources. But outsourcing is a business process to achieve change, and like any other process it requires a clear definition and understanding of your current position before you can introduce any change. While introducing change inside your own company without sufficient knowledge could be “fixed” later on, outsourcing is usually supported by water-tight legal writs (this usually wasn't the case with early 1990s contracts). The previous issue15 described how every company works on its own eCI (embedded Corporate Identity), i.e. what is the accepted behaviour within a company, as expressed by processes, organisation, etc. As the Cheshire Cat in “Alice in Wonderland” said: you need to know where you are heading to before you can decide which way is the right one to go. Once you know where you are, you can define the destination, and start thinking about the “how”. 15 See chapter 2 in this book 34
    • BFM2013: Knowledge-based organizational change Outsourcing is more than just a solution to the “how”, and unless you are able to identify and communicate effectively the current status of what you outsource, all that you obtain is just a long-term restructuring of costs. Some companies simply outsource out of despair, seeing outsourcing as an easy way out of a history of mismanagement and spiralling costs, while others simply are unable to find the human resources they need on the market. As it will be discussed later, defining the priorities is obviously a bonus when short-listing outsourcing suppliers- and building the right list of priorities requires a clear understanding on the purpose of the outsourcing: what are the issues that should be solved by outsourcing? Actually, the way most outsourcing contracts are built, if you do not document correctly the current status, you can expect a short-term decrease in costs, to be more than compensated by unexpected costs whenever you and your supplier find some “extras”. “Strategic Outsourcing” requires a contract built to ensure the economic viability of the outsourcing activities, as explained in the next section. 35
    • http://www.linkedin.com/in/robertolofaro What is outsourcing Over the years, as the “outsourcing” concept (including the use of software solutions covering different vertical processes, e.g. ERP or CRM) was considered quite appealing and easy to explain, the meaning of the word has been bent and shaped in many ways, both from suppliers and customers. Some activities often called “outsourcing”: - facilities management - the delivery of a service from a supplier, usually using a mix of your own and their resources, and with an high degree of control on the results, the process to achieve them, and the resources required; the main difference vs. typical body-rental agreements is that a common management team is designed, with a set of service level targets agreed to - joint venture - the delivery of services and products using resources from both companies, but under the management control of a new structure; the revenue is usually generated by a short-term transfer of the existing customer's budget, eventually to be offset by the delivery the services to third parties; there are two main risks: 1.under-documented existing level of services; 2.constant struggles between partners over business priorities - shared services - usually it is a hybrid, but under the control of the customer, with neither external management or market; the risk is that of a company internal spin-off, with all the disadvantages of a joint-venture but without the same structural independence - outsourcing - the focus is on the outputs, with a clear definition of the inputs, but with a general framework for the service level agreement (SLA) and any additional activities. 36
    • BFM2013: Knowledge-based organizational change All these approaches contain the same risk: transferring a vertical process usually results in loss of knowledge, as operational knowledge ceases to be thesaurised inside the customer organisation. Obviously, sometimes this is an intended consequence, e.g. for companies that want to expand into new markets they have no operational knowledge of, like cash-based businesses (retailers, insurance companies, etc) entering the retail banking industry to convert their own cash-flow into an additional revenue stream. As described in the previous issue16, this risk can be easily managed by adopting a thesaurisation process that is more common sense than rocket science, i.e. by identifying “knowledge snippets”. What you outsource is the production of a set of knowledge snippets whose “how” (i.e. the production method) you do not need to keep inside the company. More on this aspects will be hinted at in the “Strategy and outsourcing” section, and in the next issue of BFM17 (focused on “Business Continuity Governance”). 16 See chapter 2 in this book 17 See chapter 4 in this book 37
    • http://www.linkedin.com/in/robertolofaro Controlling the process Outsourcing is quite often considered a financial decision (converting a fixed cost and the related investments and maintenance into variable costs), but quite often the decision-making process does not subject the decision to the same level of scrutiny of a financing decision. Knowing the content of the outsourced services and processes is required not only to ensure a successful outsourcing, but also to avoid signing a contract that could result in substantial financial penalties... to obtain the same or a lower level of services! “Outsourcing” comes in many forms and shapes- and my favourite example is what happened when in UK tax offices where given in outsourcing through a “leaseback”. It is still a popular idea: sell your buildings, get the tax revenue, pay a fee to rent them back. The idea? As a State, you get immediate cash, plus taxable income from what you pay to the new owner, while cutting down the costs by removing the need to carry out maintenance and “manage” buildings. Nice idea, but... the company was revealed to be based offshore (goodbye taxation), and eventually said that it needed more income to cover the costs- or otherwise those buildings would be sold. Can you imagine how it ended? 38
    • BFM2013: Knowledge-based organizational change When outsourcing services that are delivered without technology, customers analyse all the details, sometimes up to a full due diligence. Which details? How many people are involved, how many events, what are the qualifications of the people involved, the time and materials required, processes, etc. Usually the quantitative analysis is less well developed when technology is involved, e.g. almost no company checks if every software component or database is properly documented, assuming that if it is working, there is obviously everything needed to make it working. Controlling the process of outsourcing implies: - being able to transfer knowledge to the new organisation - identifying why you are outsourcing the service. Cutting costs is the classical motivation for outsourcing, but “cutting costs” has different dimensions: - are you planning to reduce existing costs? - do you want to avoid required investments or regulatory hurdles implied in keeping the service in-house? - does the company need to expand, but your do not see how you could manage the expansion? - etc, etc. Outsourcing requires a clear definition of the boundaries of the contract, as you can outsource the execution of activities, but you cannot outsource the responsibility of either the activity or the definition of its boundaries. As previously hinted, some companies outsource complete processes that are not relevant to their own core business, keeping control only of core processes and communication with the outsourced ones. 39
    • http://www.linkedin.com/in/robertolofaro These companies retain in house the knowledge required to oversee the outsourcing supplier(s), to the degree of detail required to ensure that the SLAs (Service Level Agreements) are respected and that the processes not outsourced are still working properly. Unfortunately, most companies usually carry out different rounds of outsourcing, constantly enlarging the boundaries of the outsourced activities, but without updating accordingly the knowledge required to retain control. Retaining the capability to dialogue with the outsourcing supplier is useful also when the customer wants to be able to manage the evolution of the SLAs according to business needs. Therefore, selecting the right outsourcing supplier requires a clear understanding of what are the real capabilities of your own company to retain the knowledge required to manage the relationship. Outsourcing suppliers that originate from the same market of their customers (usually as a shared supplier between customers) are able to fill the void left by the loss of knowledge inside the customers, at a price: it becomes like any other utility, and you risk losing influence on the content (and degrees of freedom) of the services delivered. While apparently a larger, generalist outsourcing supplier could seem to be the best choice, in our experience understanding the mix of skills available inside the outsourcing supplier is the major factor enabling a successful outsourcing. The most critical requirement is: the supplier must have internal resources that understand your own business, to deliver “backbone” services- otherwise, the supplier will outsource to a third party outside your own control. 40
    • BFM2013: Knowledge-based organizational change Framing vs. “frameworking” Sometimes the financial analysis of outsourcing activities is stretched too far, forgetting that any outsourcing supplier in the end needs to deliver services: a case of over-negotiation. Any failure in delivering the agreed level of service will impact directly on the public perception of your own company, maybe affecting your business. “Beauty contests” between outsourcing suppliers, where customers ask them to underbid each other are dangerous if the customer lacks the required in-house knowledge of the activities they are trying to outsource. Usually, the outsourcing supplier that “bites the bullet” either is planning to gain in the long term, or quite simply lacks the knowledge to understand the real costs of the outsourcing contract. If your outsourcing supplier lacks the resources required to understand the evolution of your business and proactively support your business, probably either you or your supplier will use third party resources to fill a temporary (?) void- usually with unpredictable impact on quality. A contract is the typical “framing device”- but is having a contract enough? Financial penalties are not going to recover any business lost due to the failure of an outsourcing supplier that is unable to deliver the service agreed. 41
    • http://www.linkedin.com/in/robertolofaro Contract definition is usually quite complex, but if the “technical” annexes are properly detailed, this is usually a good sign that one of the following three events is happening: - “the good” - both you and your supplier understand the requirements, and the contract allows to deliver the services you need now, while covering also the management of possible evolutions; yes, this is a “win-win” - “the ugly” - your supplier understands the contract better than you do; probably, you will end up paying more than you expectedalso to obtain the services that you assumed to be included - “the bad” - you understand the contract, while the supplier does not; if you are lucky, the net result is that your supplier will deliver services at below the market price; if you are not so lucky, this will have an impact on the long-term viability of the contract and probably a negative impact on the relationship with other outsourcing suppliers, as well as maybe affecting your business. If a contract is no protection, another device that is becoming more and more widespread is, of course, an insurance policy. But what do you get from insurance? An insurance policy is built around an assessment of the risk to determine the premium to pay the insurer, so that if any of the negative events covered happen, the insurer pays the agreed amount. With this (limited) definition, it is quite clear our approach: if a set of penalties embedded in a contract is no safeguard, while should insurance be any different? 42
    • BFM2013: Knowledge-based organizational change The issue is not one of reality, but of perception: unless an insurance company invests in some companies that are able to actually “supply” the services the insurer covers, the business risk is not reduced. As usual, insurance providers spread across the system the financial risk linked to the policy using re-insurance. Therefore, while obviously contracts and insurance policies could reduce the financial burden due to the failure of the outsourcing supplier to deliver the service agreed to, we suggest focusing your negotiation on the actual definition of the SLAs. Reason? If you halt your business due to a continued failure from your outsourcing supplier, no matter how much you are paid by the insurance company- your business is gone. 43
    • http://www.linkedin.com/in/robertolofaro The content of outsourcing In our experience, if you decide to outsource the execution of a service, then the actual details of the execution should rest with the outsourcing supplier. Defining the results is certainly the easiest way, but it is not so easy to implement: do you really know all the “outputs” produced by your own processes? By “outputs” we mean not only results from IT-based processes, but also results produced by other processes- including items as number of rooms cleaned, phone calls answered per minute, etc. If you define the boundaries of your outsourcing contracts and SLAs around outputs, it becomes easier to quantify the level of service and negotiate the price of the contract (i.e. by number of incidents or “time slots required” to execute a process). And, of course, the price of any additional services that may be required at a later stage. Some companies outsource only whole processes, A-to-Z, top-tobottom: if your outsourcing supplier understands your business, probably this approach is less resource-intensive (for you) than the output-based approach we suggest. However you build the framework for your outsourcing contract, it is important that you thoroughly analyse your business needs. When you will first transfer a service to an outsourcing supplier, probably you will rely on partially structured and organized information to build the framework of the contract. 44
    • BFM2013: Knowledge-based organizational change Some companies instead rely on the outsourcing supplier to build the framework. In our experience, this is the worst choice, as neither you nor your supplier will really have the knowledge required to manage the outsourcing contract. Our approach is to carry out a “due diligence”: both the prospective supplier and the customer document the framework, to confirm that what the customer perceives is what is assessed by the supplier. Usually, such an exercise is quite expensive, and progressively suppliers started steering away from prospective customers that have a history of “serial proposals”, i.e. requiring new proposals whenever an assessment of internal processes is required- but always ending up giving the business to existing suppliers, or delivering with internal resources. A common approach is to shortlist prospective suppliers on a limited set of parameters, and then pay the shortlisted prospective suppliers a "fee" to carry out the detailed assessment. Sometimes, the cost of such an assessment is credited by the supplier if awarded the outsourcing contract. 45
    • http://www.linkedin.com/in/robertolofaro Consequences of outsourcing So far, we discussed outsourcing assuming that it is possible- but it is really always possible to outsource? In our experience, outsourcing should not be considered if the set of activities or outputs outsourced is too linked to other processes that are not to be outsourced. If you outsource such an activity, your business evolution could be impaired, notably when your supplier is delivering just economies of scale, but without any capability to manage the service and its evolution. Whenever this is the situation, we suggest instead either to: - keep inside the company the process and outsource the technology to support it, e.g. using applications delivered via Web or virtual machines - use external resources to supplement the skills lacking inside your own company, but ensuring that the knowledge required on a day-by-day basis is transferred to your people. Sometimes, outsourcing can still be considered, but would require a focused monitoring to avoid counterproductive side-effects. Typical examples are call centres, account management, sales management outsourcing, and other sometimes described as “hiring a team of expert resources”. Why counterproductive? In this example, because the typical mistake is to leave external resources manage the relationship with your own market using their own processes. 46
    • BFM2013: Knowledge-based organizational change The result? The actual improvement of the sales/account managers market visibility and Rolodex, and reduction of your own understanding of your own market. A proper management of the services outsourced can avoid these negative side-effects, e.g. by requiring the external sales/account managers to report all the information, and then managing through either internal resources or another company the collection of market feed-back. As described in the previous issue of BFM18, another consequence of some forms of outsourcing (e.g. ERP, a de-facto adoption of external business processes) is the introduction in your eCI (embedded Corporate Identity) of processes that work fine- but only if your company behaves as somebody else has decided that your company should behave. The focus is to identify which parts of the activities can or cannot be outsourced- and not just those whose outsourcing is economically viable. Consultants should suggest the best solution based on their own experience and knowledge, but then execute the solution agreed with the customer. Consultants should plan for their departure from day one, with a clear visibility of the planned knowledge transfer to the customer. Outsourcing services should be considered for activities that require constant update (e.g. tax law) but that are not used frequently enough to both justify the investment and ensure that the internal people involved are able to be highly efficient (and informed). 18 See chapter 2 in this book 47
    • http://www.linkedin.com/in/robertolofaro Strategy and outsourcing The first issue is the difference in timescale: while outsourcing is considered mainly an operational issue, strategy definition usually is considered an exercise that delivers longer-term results and impacts. The resources released through outsourcing could benefit from the increased focus on core business processes. But outsourcing should satisfy business needs, not be a task in itself. Business strategy definition and appraisal should also identify a framework to define guidelines about what can or cannot be outsourced by your organization. Once defined, it must be routinely reviewed and revised, to ensure that service contracts are tailored to your business- and not the other way around. Our experience is that the lack of understanding of the strategic impacts of outsourcing could seriously impair the conversion of your carefully planned strategic initiatives into operational realities. Assuming that your outsourcing supplier understands the costs involved in outsourcing, you could end with an economically efficient outsourcing contract that doubles as a straitjacket for your business development. The results of any negotiation are strictly related to the understanding of the assumptions of the negotiating parties, and a successful longterm outsourcing contract requires a degree of empathy and willingness of both parties to see beyond the short-term cost/revenue ratio. 48
    • BFM2013: Knowledge-based organizational change Also, avoid contracts that have a “dumping” upfront, to keep the price lower and win the contract, as this is usually followed by a “spiking up” of the cost once the customer is acquired. As an example, consider your product and service portfolio, and call centre and account management requirements: did you know five years ago the level, type, and quantity of services required? The suggested solution is quite simple: partition your knowledge of the activities to be outsourced into levels of linkage to your own strategic guidelines, and add into the framework of the outsourcing contract specific SLAs, i.e. targets linked to the flexibility required to cope with the unforeseeable. A simple device to obtain an outsourcing contract that closely matches your strategic requirements is to “layer” your outsourcing agreement, separating the SLAs according to the level of knowledge available and the degrees of freedom required. If your history of internal management of the activities shows that planning assumptions constantly conflict with reality, then probably using just your own planning assumptions to enter into an outsourcing contract is not the wisest choice. As previously described, we assume that an outsourcing contract is built around the outputs to be produced and inputs, or the processes to be carried out; we do not consider outsourcing the transfer of internal resources (people, software, assets) to a supplier that then delivers the same services using them- this is facilities management. Anyway, most outsourcing contracts start as hybrids, where the supplier takes over resources from the customer, using the value of these resources toward part of cost agreed for the contract; these resources are eventually phased out or absorbed by the supplier. 49
    • http://www.linkedin.com/in/robertolofaro If you require a continuous facilities management for part of the activities that you want to outsource, then ensure that the contract clearly separates outsourcing from facilities management. We saw too many contracts called “outsourcing” that were actually facilities management in disguise: and usually in the end this is a loselose situation (hint: look at communication channels- if everybody talks with everybody, it is doubtful that that is really an outsourcing). Finally, you should clearly include inside the outsourcing contract the “skills mix” required to service the contract, e.g. the level of skills that both parties should have inside their own organization to ensure that that the long-term management of the contract is feasible, at least for key resources (people acting as communication channels on contractual issues, managers, subject matter experts on continuous availability, etc.). Formally: no SLA without a matching OLA (Operational Level Agreement), stating what your resources should to do provide: inputs, processes outputs. Also the rules for monitoring, audits, inspections should be written within the annexes. Whenever you outsource the execution of a process or the production of outputs, you should remember that you are still responsible of the long-term viability of the processes involved. While it is tempting to remove all the resources that used to take care of the same process within your own organization, you should control your cost-cutting instincts, and consider if you can dispose of internal knowledge by replacing it with external knowledge. 50
    • BFM2013: Knowledge-based organizational change As hinted above, if your company is entering a new business, and you find a supplier that is able to provide everything to allow you to take care only of the day-by-day activities with minimal additional resources, then you probably can avoid the investment, and use the services provided by the external supplier. The same applies if you are, say, transferring your IT department to an external company, but not necessarily if you transfer just part of your IT systems or sales processes. Making your DBAs, Systems Managers, and credit managers redundant is the best way to lose control of critical parts of your market presence or ability to make your processes and systems evolve. As discussed above, usually customers roll out outsourcing progressively. But is there a suggested “speed of outsourcing”? Beside this “how fast you should outsource”, we will discuss also internal and external outsourcing: sometimes, the first step toward outsourcing your services is... to delegate the execution within your organization. Reason? E.g. to be able to really identify the scope of the activities that you would like to outsource. 51
    • http://www.linkedin.com/in/robertolofaro Outsourcing and “internal outsourcing” Most customers are afraid of the “Big Bang” approach to outsourcing, and try a step-by-step approach. Interestingly, few companies have in place what is required to carry out a step-by-step approach. As discussed in the previous issue of BFM19, if you have KC (Knowledge Configuration) Management in place, you have defined the basic elements that are required to outsource parts of your processes and outputs. The key issue is always the same: you cannot outsource what you do not know- and a step-by-step approach, seemingly the most costeffective approach, could actually be the less cost-efficient. A quite common mistake is to transfer to the outsourcing supplier the required internal people before the customer builds its own internal support and management structure. Therefore, planning the rolling out of outsourcing should be based on knowledge boundaries, to ensure that you still retain internal resources able to control the interfacing with the outsourced activities. Outsourcing is usually supposed to involve external suppliers- or this is the common wisdom. 19 See chapter 2 in this book 52
    • BFM2013: Knowledge-based organizational change Actually, consolidation activities are the most common type of internal outsourcing, but almost never planning activities recognize the similarities. Our approach is to consider internal consolidation activities as overall outsourcing activities, both to ensure that the “outsourcing” organizational units still keep control of their own knowledge and that the consolidation is based on a sound economic and financial assessment. Managing the consolidated activities as “outsourced” also clarifies the boundaries, as quite often the originating organizational units tend to “forget” that they are now supposed to focus on the outputs, not on the way they are produced (they mix up outsourcing and facilities management or body rental). We suggest adopting sound guidelines to identify if the real solution is selecting an external outsourcing supplier, or “internal outsourcing” is the safest choice. While talking about Business Continuity Governance in the next issue we will also discuss the concept of “maturity levels”. Before adopting a “best practice” from somebody else (including standards or an ERP), you should assess if your own organization has the “structural maturity” to comply with rules that assume that everybody works as a “cog in the wheel”. If that is not the case, then some adaptations will be needed. 53
    • http://www.linkedin.com/in/robertolofaro Strategic outsourcing “Strategic outsourcing” requires a clear understanding and knowledge of both the outsourced activities and the outsourcing relationship. What is the difference with other outsourcing activities? Outsourcing is not just a variable cost: usually, to ensure profitability and economic viability for both parties, it is a multi-year agreement with a “phase-in” and a potential “phase-out”. If you therefore consider the outsourcing costs as an overhead within a specific profit centre, it becomes easier to manage both its own viability, and to identify how to cost and manage any change (e.g. who should pay for what within your organization, and on according to which algorithm the costs should be allocated and spread between various organizational units). Any change on the outsourcing arrangement has to be clearly related to company strategy and linked to the organizational structure of the company, also to avoid that the outsourcing supplier builds a parallel, unsupervised structure, maybe even with “custom” cross-functional communication channels within your own company. This process requires that both the customer and the supplier accept to be actively involved in managing the relationship. While the customer should keep the connection to the internal organization and structure, the supplier should assess with the customer the impact of any change, and maybe even help to identify how the associated costs should be partitioned within various parts of your organization. 54
    • BFM2013: Knowledge-based organizational change A strategic outsourcing partnership will eventually result in a proactive management of both the content and scope of the outsourcing contract from all the parties involved. Managing the relationship requires identifying a way to assess the quality of the services delivered by the outsourcing company, and usually this is done by adopting one or more SLAs (Service Level Agreements), as well as a communication strategy focused on measuring trends in customer satisfaction. In our experience, most outsourcing contracts lack the structure to actually allow a quantitative monitoring: parameters, timescales, agreements to deliver continuous process improvement. Again, a preliminary extensive activity should be carried out by both the supplier and the customer to identify the parameters and phase-in the outsourcing contract, ensuring that no knowledge is lost in the process. Introducing strategic outsourcing requires a frank assessment of the current status of the activities to be outsourced, with a sensible planning to ensure their proper management. A typical sign of an outsourcing contract that has not been thought through and documented properly is the constant change of the resources in charge, both on the customer's and the supplier's side, and the number of meetings required at every change. Our suggestion is to be realistic: if your outsourcing supplier gives you unbelievable short timescales, look for checks and balances to show progress. 55
    • http://www.linkedin.com/in/robertolofaro If they are mostly qualitative (or qualitative disguised as quantitative), then probably the supplier is investing on the relationship, looking forward to long-term gains, or simply does not understand the contract. In both cases, you are increasing your operational risk: until when the supplier will sustain an unworkable agreement? Therefore, introducing strategic outsourcing requires that you first understand and explain your own strategy to your own people (at least those that will select and/or manage the relationship with the outsourcing supplier), and then shortlist suppliers that fit the profile, before negotiating with them, aiming for a long-term proactive relationship. Planning and structuring the outsourcing contract and the relationship with the suppliers is only part of the picture: strategic outsourcing requires also a more structured approach to costing an outsourcing contract. 56
    • BFM2013: Knowledge-based organizational change Costing outsourcing Most outsourcing contracts describe the cost of the service delivered by the supplier, but there is a limited assessment of the costs still left inside the customer organization. Moreover, often contracts that compare outsourcing vs. internal costs do not analyse the history of the development of costs, but just the costs to be replaced. Studying the history of the internal costs and their relationship with organizational structure and strategy could actually give a fair view not only of the “instantaneous” costs, but also of the speed, acceleration, and level of absorption across time. If you build this “history”, represented by a simple chart, and then compare it with the models (usually, financial plans) offered by different suppliers, you can also focus the negotiation on specific differences to be inserted in the contract- and maybe also assess the compatibility between their corporate culture and your own (outsourcing is a marriage, not a date). This inclusion is quite important, because when outsourcing the contract to an external company, the costing model they offer is representative of their eCI (embedded Corporate Identity), and any discrepancies that are not managed usually result in additional costson either side (who bears them is then a matter of negotiating power). We are coming again to the same point: you need to understand where you are before you can outsource. 57
    • http://www.linkedin.com/in/robertolofaro Properly managed outsourcing relationships could add value to your company, as the supplier could add a new perspective on ways and means to deliver services- and improve delivery. Whenever outsourcing, you should insert clauses to retain inside your company the knowledge required to develop your own business. If Knowledge Management is introduced after outsourcing then probably the most effective way is to involve your outsourcing suppliers in the process, so that they can help you in identifying the knowledge boundaries. The clear definition of where the outsourced activities are linked to the knowledge distribution inside your own company allows moving from a quantitative approach to outsourcing to a qualitative one, but built on reality, not expectations. Quantitative analysis is able to assess the outsourced activities vs. previously agreed measures of compliance with already known activities, but gives limited indications on the evolution. Deriving from the quantitative measures new KPI (Key Performance Indicators) that can be used to monitor the evolution of the outsourced activities is a useful exercise. Anyway, such KPI exercise requires full co-operation from both parties: you can "slip" that requirement into the outsourcing contract, but without the full and willing compliance and understanding of the outsourcing supplier, you will be better off by focusing on just the quantitative measures. 58
    • BFM2013: Knowledge-based organizational change A more detailed description of this decision support approach will be contained in the next issue of BFM, focused on Business Continuity Governance20. Sometimes, this structured quantitative and qualitative approach is not feasible, e.g. for lack of resources. A typical example is when a first outsourcing company obtains an outsourcing contract that is actually a facilities management activity. This being the case, probably your own current outsourcing/facilities management supplier will be unwilling to sustain the additional costs required to “map” the current status, understanding that you are scouting for a new supplier. Manage your communication properly to ensure a smooth transition, e.g. by allowing the current supplier to provide a proposal for the new service, but based only on information about existing services that they released and shared with you (and therefore potentially with other prospective suppliers). Whenever involved with customers that have de facto lost control of their own knowledge, we suggest to identify knowledge boundaries, as described in Issue01 of BFM21, and then start developing a roadmap to “get back in control” (which, sometimes, could imply a whole programme of activities, not necessarily all visible to the outsourcing company, and involving also some crisis management). 20 See chapter 4 in this book 21 See chapter 2 in this book 59
    • http://www.linkedin.com/in/robertolofaro Eventually, either the external supplier will accept the new structured approach, or their degree of freedom will be so limited that their own unwillingness to cooperate will become the main reason to replace them with another supplier that is able to co-manage a proactive outsourcing. Every business relationship could turn sour, and also strategic outsourcing does not protect you from a failing supplier or a change of business strategy that makes the existing arrangements untenable. For critical activities, we always suggest customers to keep at least an internal “knowledge presidium” (a subject matter expert) to keep abreast of the knowledge transferred to external suppliers. Ideally, as discussed in the next issue of BFM on Business Continuity Governance22, each business should define the minimal level of service required to pass through a time of crisis or to fill the void left by a failing supplier. Some companies include in their own contracts redundant facilities, to ensure disaster recovery, as well as “on demand” contracts to cope with short-term business needs that cannot be managed by either internal resources or the existing suppliers. Beware of using “on demand” external suppliers that are called only when there is a crisis: the risk is that they will optimize their own resources allocation- and have just “sandbagging” staff available, while waiting for the real experts to be released elsewhere. In the end, all the processes suggested can be simplified by properly managing the outsourcing selection process. 22 See chapter 4 in this book 60
    • BFM2013: Knowledge-based organizational change Outsourcing contracts Assuming that your company really wants to outsource an activity to an external/internal supplier, you should first identify if this is a oneoff event or could be the first step of a series of outsourcing contracts, with the same or a variety of suppliers. If you insert outsourcing as an option inside any new business development or project activity, then outsourcing becomes another tool to build your own strategy, but you need to adopt a structured approach to simplify the assessment of both internal and external proposals. The first step should be obtaining proposals from companies that are actually able to deliver the activities you require with a cost structure that is acceptable, now and for the length of the outsourcing relationship. Also, you should carry out some market research to identify outsourcing suppliers that are able to understand your business. Do not ask for detailed proposals immediately: the cost of assessing proposal coming from companies blatantly unable to deliver the service could be staggering. From the first (internal and external) prospective outsourcing suppliers, a short-list of companies that could be invited to the next round should be derived, using a vendor evaluation process to quantify the compliance with your expectations. The short-listed prospective suppliers should then be invited to supply the detailed proposal. 61
    • http://www.linkedin.com/in/robertolofaro Currently there is a trend toward absorbing part of the costs for all the short-listed suppliers, as anyway the customer will receive a better understanding of its own activities. Do not limit the assessment only to the documentation provided: short-listing is useful also to reduce the prospective suppliers to a limited number, so that you can visit their premises, check with some customers, and interview them to understand if their eCI (embedded Corporate Identity) is compatible with your eCI. Also, we strongly suggest that you identify and define the profiles of the resources to be provided by the supplier, notably the person who will manage the relationship (as described in previous sections), to avoid suppliers that deliver their best people only in the pre-sales phase. The actual definition of the contract is a somewhat more complex activity, and resources are available on the market to help structure the details. Beside the structure and content of the contract, the other issue to consider is its duration. A proper definition involves also a financial plan linked to the phasing-in plan, so that the supplier can structure the proposal according to the cash flows. The effective duration of the first contract, and the plan for the contract extension, should be tailored for the specific business requirement; e.g. a 1-year ERP outsourcing contract is probably a loss-maker, while a 5-year contract could justify the investment required to understand the current status. 62
    • BFM2013: Knowledge-based organizational change Try to link the contract duration to the investment plan: outsourcing a part of your infrastructure that requires a 20-year investment plan on a 3-year non-renewable basis is not exactly going to generate real interest in outsourcing suppliers that know how to manage their business... Finally, did you think about the consequences of what you included within the contract? While a legal writ spanning hundreds of pages would be formally water-tight, it would require months just to be understood, and probably the actual resources involved on both sides to manage the contract would not understand all the details- and use informal agreements. 63
    • http://www.linkedin.com/in/robertolofaro Managing outsourcing By outsourcing activities you do not remove the need to manage their results and their integration with other activities that have not been outsourced, or that have been outsourced to other (internal or external) suppliers. Outsourcing contracts should contain also the management structure to be used not only to authorize any changes, but also to manage the day-by-day activities; while the execution can be outsourced, the responsibility cannot be transferred. In our experience, meetings with a fixed schedule, e.g. weekly or monthly, should be used only at the beginning of the contract, as after some time meetings would become just a social event. Instead, a proper process should be defined to report any problem and monitor the SLAs (Service Level Agreements), with a limited number of scheduled meetings linked to specific budgeting activities. A properly managed strategic outsourcing contract should be considered like yet another element to be considered (another cost centre) within the normal budgeting process. Besides managing the current outsourcing contract, you should use the budgeting process and the results from monitoring activities to negotiate the evolution of services- outsourced and in-house. If the selection process has been properly carried out, your supplier should be able to deliver not only quantitative information, but also a qualitative assessment that you will be able to compare with your own internal qualitative assessments. 64
    • BFM2013: Knowledge-based organizational change Any discrepancies could be analysed to identify either new needs, or a need to improve the services, or even just (re)training needs. The business environment, technologies, regulations etc. will probably add another set of changes, that should be properly managed to maintain the agreed level of service, and only if your supplier understands your business you will be able to delegate most of the change activities. As discussed at the beginning, knowing the reasons of the outsourcing is mandatory to ensure a proper understanding of the priorities. Defining the strategic outsourcing properly will also reduce the risk that the management costs of the relationship with your supplier could exceed any savings obtained by outsourcing your services. If the suppliers understand the process, probably they will be able to give you feed-back not only on the activities, but also on ways to improve them. A properly managed outsourcing contract will turn your supplier into an internal consultant that will deliver to your organization feed-back derived from the delivery of services across your industry. 65
    • http://www.linkedin.com/in/robertolofaro Conclusions Outsourcing costs, and generates results only with long term agreements; if you do not invest, do not expect the outsourcing suppliers to do it for you. The first step toward a successful strategic outsourcing is understanding: your business, your needs, your suppliers' capabilities. Before outsourcing, verify that you understand the “knowledge boundaries” of the outsourced activities and that you are able to convey this information to your suppliers. Measuring the performance should not be limited only to quantitative assessments, but also to the actual fulfilment of business needs. A continuous reassessment should be carried out also of the qualitative parameters used to monitor the evolution of both your services and the overall relationship with your suppliers. If your suppliers understands your business and their integration in your business cycle, then they can become proactive long-term partners, supporting your continuous service improvement activities. 66
    • BFM2013: Knowledge-based organizational change 4. BUSINESS CONTINUITY GOVERNANCE This issue of BFM was focused on “Business Continuity Governance”: how to ensure that a business will be able to cope with unforeseen events with minimal disruption and minimal additional costs, via a continuous, knowledge-based reassessment of business needs. Adopting a perspective focused on cultural and organizational change allows to create a set of guidelines that are flexible enough to evolve as your own business environment changes, while enabling the long-term structural sustainability of your business. 67
    • http://www.linkedin.com/in/robertolofaro A knowledge-based definition Our approach is that Business Continuity should be considered part of a common framework of processes focused on ensuring the longterm viability of your business, and not just an add-on rulebook. The remaining sections of this chapter are just an introduction to our suggested approach to Business Continuity: future issues will deliver a more detailed description of the subjects outlined here. Some Business Continuity initiatives results in manuals based on the assumption that everybody will behave as planned when it will be required, and that all the details will be magically remembered by everybody involved. A knowledge-based approach should start from a clear identification of the existing behavioural constraints, i.e. what is considered “normal” within your own specific environment. Then, beside defining your own “business continuity model”, you should also identify a “convergence roadmap”, focused on adapting either your existing behavioural constraints, or your business continuity blueprint, or both. Aim: to obtain a behavioural change that will ensure that the required level of readiness will be in place. After a first implementation, a continuous improvement approach will monitor and reinforce the level of readiness achieved, to ensure that your Business Continuity assumptions are realistic. 68
    • BFM2013: Knowledge-based organizational change Business Continuity as a project The most common approach adopted to business continuity in private companies derives from the typical IT systems project activities, i.e. you select the requirements that are to be considered inside the system (within “scope”), and plan the deliverables accordingly. What do you get? A continuity project carried out by external resources with minimal involvement of internal resources, where instead a continuity service (whose key actors should be internal resources) is what is required. A software can be designed to deliver a certain set of results based on constraints it receives from a carefully designed environment. Unfortunately, as discussed in the previous issue of BFM (Issue 02 Strategic Outsourcing23) almost no business can imagine to achieve the same level of control on its business and human environment. The risk inherent in adopting a typical project approach? That, in order to ensure compliance with the design, complexity will be obviously reduced by ignoring elements that are “outside scope”. A more appropriate approach? Business continuity as a programme that creates a set of services, services whose “delivery agents” will be their users24. 23 See chapter 3 24 E.g. you could use MSP and ITIL, but within the context of the “corporate culture” framework described in this book 69
    • http://www.linkedin.com/in/robertolofaro Business Continuity vs. crisis management Another Business Continuity approach focuses more on disaster recovery, to reduce the impact of any unforeseen event and shorten the time required to return to the pre-crisis level. Crisis management stems from the need to ensure that the fabric of society is kept in place after unforeseen events whose consequences, if not managed properly, could generate damages possibly greater than the original disturbance. A typical example is managing the aftermath of an earthquake, or trying to activate an evacuation plan. Eventually, also the private sector started adopting a crisis management approach, extending disaster recovery from the use of redundant facilities kept available “just in case”, to the building of less-than-optimal supply chains, more resilient that a global just-intime that ignores geo-political realities. The main problem with this approach is that it relies mainly on special rules to be applied in special cases: this implies that significant additional costs could be required to maintain the required level of readiness. Another pitfall is due to the perception that “crisis management” is a choice to surrender. In reality, crisis management is a side-effect of assuming that some risks must be managed, and neither prevention nor avoidance are viable choices. 70
    • BFM2013: Knowledge-based organizational change Coping with uncertainty Business Continuity is perceived as a challenge because since the XVIII century we constantly prized (the illusion of) absolute knowledge. Since the advent of “scientific management”, we tried to “bean count” any event, often adopting the un-scientific approach of excluding information that did not fit our carefully designed models. As our technology improved, adding more and more layers between every day, intuitive activities that we can carry out and the working of instruments and processes in our complex societies, we developed a defence mechanism to avoid accepting our impossibility to cope with a gazillion of details: we “layered” our approach to reality, assuming that layers we do not cope with are managed elsewhere. While the increased fragmentation and specialization increased the efficiency, it reduced the strength of our governance, as we were unable to have a comprehensive view of the reality, and nobody had real operational responsibility. An excessive focus on individual trees, with almost nobody caring even for her or his own forest: for an urbanized population, it is normal to assume that there are experts readily available for any need. Our companies extended supply chains and increased complexity by outsourcing to third parties- often forgetting that maybe also our suppliers would apply our approach, and that a chain (including a supply chain) is as strong as its weakest link. Using a spreadsheet we de facto outsource to the hardware and software supplier our computational skills: how many people are still able to carry out basic business computations in their own mind? Most people trying to cope with Business Continuity focus quite often on something akin to an asset logging system. 71
    • http://www.linkedin.com/in/robertolofaro What they try to do is not to control the purpose and identify alternative processes, but instead to maintain the current level of support and activity- crystallizing the “status quo”. Our suggestion is to recover the way to have a grasp of the overall picture, partitioning the organization like a puzzle, and focusing on the knowledge interfaces between parts. The adoption of this knowledge-fractioning ideas leads to the ability to define alternative paths to produce the same results, while stating the minimal level of activity that is required to cope with the unforeseen loss of a piece of the puzzle. Except the military and organizations that are required by law to add redundant resources to ensure business continuity (e.g. banks, utilities), few organizations can afford the luxury of adding more than minimal disaster recovery facilities. A technique that we used in various “knowledge and organizational mapping” assignments is to first recover the capability to visualize information, before we ask to start to collect and chart data. As an example, for organizational design and database design in the early 1990s we applied some simple tests to see if managers and others were still able to think visually (nowadays, white-collar staff is mainly exploiting logical and verbal capabilities). If not, we asked them to bring a pair of scissors, a pencil, and a notepad; after identifying some relevant idea, we asked them to write on a piece of paper each idea, and then cut them out, and try to rearrange them physically. Once the optimal positioning was found, then the first draft was drawn on paper or using software tools for organizational design and mind-mapping. 72
    • BFM2013: Knowledge-based organizational change Alternatively, in more recent times, a whiteboard and phone camera replaced paper-and-scissors. Without these kindergarten-level exercises, endless time would have been spent drafting and re-drafting, due to the inability to think visually. Eventually, the people involved recovered the ability to visualize knowledge and connections, and therefore to see each part of the corporate puzzle. A visual approach enables to spot discrepancies faster than with the typical bean-counter approach. But even while coping with uncertainty there are times where actually some number crunching (e.g. radar charts to compare “organizational maturity/compliance profiles”, scatterplots to identify “behavioural clusters) enables to “visualize” the interactions of dozens of entities. 73
    • http://www.linkedin.com/in/robertolofaro Managing expectations In modern physics, quantum theory required a paradigm shift, as the old deterministic cause-and-effect model wasn't enough. Interestingly, while in the normal, physical world of our everyday experience this does not apply (i.e. observing does not interfere with the observed phenomenon, in normal conditions), human relations result in what is called the Hawthorne effect: observing humans influences their behaviour. As stated in previous issues, as any other activity that involves communication and the management of knowledge, Business Continuity requires not only planning in order to achieve the intended results, but also managing perception from the intended public and any other potential stakeholder, to ensure that the message is delivered correctly. This is a “degrees of freedom” issue: as both the human observer and the human observed have their own value systems, and multiple “community memberships”, the sheer observation can result in unpredictable side-effects. That's why the “double blinding” methodology is used for clinical tests- to avoid that even those leading the experiment influence the subjects involved. Therefore, introducing a Business Continuity approach adopting models derived from environments like the military is counterproductive, as those models assume that all the “human resources” have been moulded (i.e. “brainwashed”), and even in those “controlled human environments” all that behavioural training does not necessarily generate the desired responses (otherwise, we would not need to have trials about violations of Geneva Conventions). 74
    • BFM2013: Knowledge-based organizational change Perception and reality Managing expectations to generate the intended behaviour requires understanding the relationship between messages and their perception. The “human resource” concept is fine as a definitional element, provided that the assimilation of personnel to other assets is not stretched too far. An example of a stretched analogy: if human resources are indeed assets or liabilities that can be managed like any other asset, then given a certain set of inputs, they always produces a defined set of outputs. As discussed before, we have nowhere close to 100% control on either the environment or the value system of our “public”, and therefore a certain stimulus could result in unexpected feed-back. In the past, this was limited to people-to-people circles, but since mid-2000s (i.e. after the original version of this material was published), online social networks brought to the fore a completely different social dynamics- something that, in complex, regimented, organized societies we had forgotten. You can read some articles on political and social advocacy and marketing25 posted online, or you can simply head for the nearest bookshop and... pick up old, pre-Internet books studying cultural anthropology and behaviour in tribal societies. Yes, all the technological development since mid-2000s made most of the commentators forget lessons that anthropologists kept repeating. 25 http://www.dirittodivoto.com/index.php/strumenti, in Italian but with links to the English version of each article 75
    • http://www.linkedin.com/in/robertolofaro If you have some spare time, Stanford University released on YouTube a course on “Human Behavioural Biology”26 that is worth watching if you are working in HR or cultural and organizational change: a faster way to move onto the subject that dozens of books; see an alternative, book-based approach to the same concepts on LibraryThing.com27. A business example: the yearly salary increase and related emoluments will produce diminishing returns in motivation, as it will be taken for granted and become a “floor”. Obviously, unless you can build an inflationary system where each year the increase is greater than the one delivered the previous year. Varying stimuli, e.g. tailoring prize/reward to the specific performance issue, will produce a constant conscious re-assessment of the environment. Management approaches focused on building the right mix of perception and reality have to be carefully monitored, to avoid excessive manipulative practices that could easily backfire, or overinvestment, if compared with the specific needs of your organization (e.g. optimal level of turnover, if your industry has seasonal staffing levels). 26 http://www.youtube.com/playlist?list=PL848F2368C90DDC3D 27 http://www.librarything.com/catalog/aleph123 76
    • BFM2013: Knowledge-based organizational change Self-protection and threshold levels Our brain is tailored to ensure our survival, and while our sensory system allows a fine degree of perception, our brain “shuts off” irrelevant perceptions that are unsuited to our environment, to avoid overloading. Consider the following example: the basic elements inside our eyes are able to discern a single lighted match kilometres away in pitch darkness/black (or so they say). Side-effect: our brain and sensory system cooperate to avoid overloading during the day. The main concept is: an increase in a specific stimulus that stays at the increased level for a considerable length of time results in reduced sensibility to the continued presence of that stimulus- i.e. at that level, it is considered a safe part of the environment, almost background noise. This observation stands true not only for physical aspects, but also for other parts of our interactions with the environment; why should our brain build different schemas? It would be simply too inefficient (and we have already enough inefficient left-overs from evolution, without our brain and body). At the same time, repetition reduces the need to make a conscious effort (e.g. remembering a process) to produce a specific reaction to a stimulus. The risk? If you have just a hammer in your toolbox, every problem becomes a nail. 77
    • http://www.linkedin.com/in/robertolofaro Raising awareness and “controlled crises” The basic suggestion is: avoid building conditioned reflexes, unless you mean it and are confident that you can manage the consequent reduced flexibility. The “fire drill” is the typical reflex building schema, as the purpose it to ensure that a stimulus (the fire alarm or fire/smoke presence) will generate a predictable behavioural pattern (reach fire exit, etc.). Why it works: - you build the stimulus-based conditioned reflex - you do not overuse the stimulus to the point of becoming part of the environment (i.e. it is still unusual) - the stimulus and the associated actions are simple and intuitive, and pictorial aids help to ensure the result. The less control you have on your “public”, the more you have to rely on controlled crises to raise awareness, as this would be the only way to avoid endless discussions on the actual need to solve the problem you want to raise awareness to. As with any other activity, try to avoid building a routine around the awareness-rising activities, like scheduling drills at regular intervals, and focus on specific areas of intervention. Example: in Italy, during the early 1970s oil crisis the Prime Minister had one street light out of two switched off- years later, he said that it was pointless, but really aimed at raising awareness about the need to cut down on electricity consumption, and the individualist inclination of Italians ruled out a traditional appeal to “national interest”. 78
    • BFM2013: Knowledge-based organizational change Systemic approach to Business Continuity and Risk Outsourcing, Business Continuity and Risk Assessment/Management all require a perspective that considers the impact on the organization as a whole, not as a sum of parts: a so-called systemic approach. Adopting a systemic approach could start with a simple change: it is a discovery and mapping journey according to priorities, not just a traditional analysis. If you were to explore an archaeological site, you would have to identify and design a set of priorities: - how to proceed with the discovery and “digging”, with a modicum of disturbance of the site - how to document whatever you find, on the basis of your priorities and on the initial findings - how to report and maintain the results, as the “site” could be subject to other disturbances - how and when to involve experts that could improve your understanding of specific artefacts. If this seems far-fetched, just consider your current Business Continuity activities and the relationship with SLAs agreed with your suppliers. Do you have a “mapping” of the coverage not only by each supplier/SLA, but overall of your Business Continuity needs? As shown in the previous chapters, we consider insurance a risk management tool whose efficacy is in covering the financial risk of any activity, not a replacement for a sound priority-setting that should identify which part of the activities could create a "domino effect", and therefore where continuity resources should be focused on. 79
    • http://www.linkedin.com/in/robertolofaro Cultural approach to Business Continuity A first practical step is to map “buffer zones” between activities, to allow the design of alternative processes (“fall-back procedures”) to be adopted if the standard ones fail. Identifying the buffer zones requires a clear understanding of the weaknesses inherent in your processes, and identifying the “subcultures” inside your organization. While we consultants talk about “Corporate Culture” as a whole, in reality any large enough organization will develop sub-cultures with distinctive traits, often through the interaction with external subcultures and stakeholders (private and corporate). As an example, consider a typical company delivering consumer products to the market. Such a company would have different roles demanding different approaches- and different behavioural profiles. These differences are blatant in conglomerates, and are actually the reason of the practical failure of quite a few mergers, mostly between IPR-based companies: the cultural clash results in the newly acquired expensive IPR walking away through the door inside the head of the people leaving the company. If you identify the “sub-cultures”, you can design Business Continuity processes tailored to the specific strengths and weaknesses of your organization. 80
    • BFM2013: Knowledge-based organizational change Setting priorities Priority-setting should be built around business priorities, i.e. the internal administrative processes are probably the easiest ones to temporarily replace with alternative paths, but shouldn't resources be focused on below par revenue-generating processes? While processing time-reports can usually wait few days, ensuring that the supply chain is properly fed so that your production line is not stopped has certainly a higher priority. Once you identify sub-cultures, you could easily map for each subculture its own buffer zone vs. the organization or external suppliers/customers, and ask each sub-group to map their own priorities, by designing a simple set of parameters to classify their own processes. You can also leave priority setting to each part of the organization, but then you will just obtain the relative priorities inside each part, not a set of priorities that refers to common values- better to add then a mapping toward a shared framework. A “priority setting & buffer” approach simplifies also management when changes will have to be reported. This should not be confused with an assessment of the preparedness level- two parallel tasks. Our basic suggestion is: leave the reporting and updating at the operational level, but define a set of easily understandable common parameters, to ease finding trouble spots. 81
    • http://www.linkedin.com/in/robertolofaro Business continuity and Outsourcing Assessment of the preparedness is something more akin to an “audit” activity, and in most organizations priority setting could be supported by a central “internal consulting” organization. Using the same organization to deliver both consulting and audit requires sound management and monitoring: otherwise, one of the two will suffer. As discovered by many a government, outsourcing sometimes clashes with Business Continuity. Why? Because often the contract has not been structured with a proper definition of the structural SLA levels, i.e. ensuring that the supply chain adopted by the outsourcing supplier is really able to comply with the agreed SLAs. Last issue28 described our suggestions on how to negotiate, structure, manage, and implement the governance of outsourcing agreements, to ensure long-term ability to deliver. If you start analysing outsourced activities using the archaeological methodology described above, do not be surprised to discover that some outsourced activities could be actually impossible to replace. After some time, it is quite common that unused knowledge is lost, as internal resources have no incentive in spending time (and budget) to keep the knowledge up-to-date, and your outsourcing supplier becomes a de facto component of your organization. 28 See chapter 3 in this book 82
    • BFM2013: Knowledge-based organizational change Business Continuity Management Once you define the Business Continuity profile of your organization, the next element to consider is how to keep up-to-date your newly defined map. Adopting a “buffer zone” technique and identifying the internal subcultures are key elements of Business Continuity. The buffer technique will allow focusing on the “inputs” and “outputs” of the outsourced activities, so that you can build emergency procedures to be used short-term, should the outsourcing supplier become unable to fulfil the SLA. There are two basic ways to manage knowledge: building a collection or building a thesaurus. As described in the first issue29, in our experience a thesaurus is actually a collection that keeps a connection with the source of the knowledge, as only that can ensure that the information is up-to-date. If the connection is lost, the thesaurus becomes a collection, and any decision taken on this information will progressively increase the risk level, as any decision taken on misleading information. Once the thesaurus and map are in place, managing the Business Continuity requires the typical structuring activities. Incidentally, this has a side-effect on human resources management. Often, managers promoted “from the ranks” are appointed to their new position not only because they are the most appropriate candidate, but also to ensure “knowledge continuity” with their former colleagues. 29 See chapter 2 in this book 83
    • http://www.linkedin.com/in/robertolofaro Unfortunately, after a while, their “thesaurus” becomes a “collection”, detached from reality, also if, quite often, they do not acknowledge that what they still assume to be current knowledge, a “knowledge base”, is frozen in time. Moreover, if they fail to acknowledge this issue, they risk “shortcircuiting” decision-making processes, taking on and by themselves operational decisions based on their own past experience, ignoring the current operational realities. Yes, generalist managers, whose key expertise is in management science, have their own shortcomings, but neither choice (from the ranks, or from an MBA) is fool proof: as in any other activity involving humans, also Business Continuity requires a constant oversight from human resources, in support to management, to validate that the people appointed to coordination roles in this domain have the appropriate combination of skills and potential. First and foremost, a proper communication path has to be defined, a path that has to be structured and maintained- also in this case, it is something closer to a programme than a mere project. Any information affecting the Business Continuity delivered to the “thesaurus management” function of the organization must be propagated back to the organizational units that could actually be affected, for their own information and consideration. Usually, the lack of this two-way communication structure results at best in duplicated and uncoordinated efforts to keep up-to-date, at worst in simply adopting a "wait-and-see" attitude. If the management structure and processes are defined, then Business Continuity Management could become another tool to support the definition and implementation of strategy. 84
    • BFM2013: Knowledge-based organizational change In the early 1990s, as part of a cultural and organizational change initiative, this “Business Continuity management” approach was used with a customer to minimize the number of meetings required to ensure that all the required information to develop cross-functional system in a banking environment was available to all those whose systems or organization could be impacted by a proposed change, be it of an organizational or technological nature. At the time, before Internet, the tool used was Lotus Notes (the collaboration suite); in mid-2000s, a Wiki-like use of an Open Source platform called DotProject provided the same ability to manage multiple initiatives at the same time anywhere, anytime. Today, there is no limit to the number of tools available, but the process and culture should drive to the right tool, not the other way around. 85
    • http://www.linkedin.com/in/robertolofaro Continuous improvement Instead of suggesting yet another “life-cycle model” for continuous improvement, we suggest that you consult the website dedicated to the Capability Maturity Model, sponsored by the U.S. Department of Defense and produced and copyrighted by the Carnegie Mellon University (in short: CMMI; a cross-checking between CMMI, ITIL, Six Sigma, Lean is available as a free 22-pages Acrobat document30). Level Name Typical activity 5 Optimizing Continuous Process Improvement 4 Quantitatively Managed MBO, KPIs, etc. 3 Defined Methodology Introduction 2 Managed Basic Project Management 1 Initial Self-organized CMMI Model- capability levels If you have been involved in ISO9000 or other certification activities, you probably are familiar with the levels of maturity. Most companies with a formal project management and documenting methodology in place could easily reach level 3 with a modicum investment in formalization and training. 30 http://resources.sei.cmu.edu/asset_files/Presentation/2008_017_001_22 517.pdf link checked on 2013-10-25 86
    • BFM2013: Knowledge-based organizational change As we previously discussed BFMagazine31, knowledge production and maintenance have to be carried out at the level where knowledge is produced and understood, not from some central “ivory tower”. Instead, a “central exchange” can and should be managed, at least to allow information propagation and alerting. A continuous improvement approach allows any organization, no matter how small, to empower a limited set of people with specialized skills to actively participate in multiple projects. Adopting this approach results in a reduction in the number of meetings and document exchanges, as your resources will be confident that they will receive all the information they would need to make informed decisions, and they will have a shared communication path and protocol to “launch” information requests across the organization, to be informed by their colleagues of any potential impact from or to other parts of the organization. The use of “agile” and “lean” methodologies increases the frequency of organizational and technical updates, as systems and organizations are constantly “tuned” to current and future business needs: hence, managed communication is critical. Business Continuity can start as a simple map, but Business Continuity Management requires at least a level 3 organizational approach. You can have processes in place, but limit the documentation to a few lines and tracing knowledge ownership, but a good Business Continuity Governance needs at least a 4 on organizational maturity. The higher your organization maturity level, the less you need your operational people to “pull” knowledge from the organization (i.e. to carry out their own fact-finding, and the more you can simply introduce a “push” or “alerting” approach . 31 See chapter 2 in this book 87
    • http://www.linkedin.com/in/robertolofaro Dynamic Corporate Governance A short digression on the evolution of Corporate Governance will better define the context of the Business Continuity. While continuous improvement focuses first and foremost on the internal workings of an organization, organizations like OECD are sponsoring an approach toward convergence on the management of relationships between organizations. The first attempt, the MAI (Multilateral Agreement on Investment), was highly criticized as an attempt to infringe on the sovereign rights of States to policy private citizens' and corporate behaviour. Since 1999, OECD sponsored the “Guidelines for Multinational Enterprises”32, first adopted in 1976 and most recently updated in 2011, clearly stating that: “The OECD Guidelines for Multinational Enterprises are far reaching recommendations for responsible business conduct that 44 adhering governments – representing all regions of the world and accounting for 85% of foreign direct investment – encourage their enterprises to observe wherever they operate.” Progressively, the focus extended toward other areas, and recent extensions to supply chain management renovated requests to extend the Guidelines application beyond the financial arena, adding links to fair trade and extending the "corporate citizenship" sections. Some industry-specific international initiatives moved forward, requesting an explicit improvement of the internal operations of companies, to reduce systemic risks generated through "domino effects". 32 http://www.oecd.org/daf/inv/mne/oecdguidelinesformultinationalenterp rises.htm 88
    • BFM2013: Knowledge-based organizational change Consider the following scenario: what would happen if cash were to suddenly disappear from the market? How many days would be required to bring any industrialized nation to its knees? Few years ago, a strike of employees working for security companies delivering cash forced Belgium to allow supermarket chains to operate as de-facto ATM networks. ISO/EN standards since the 1990s expanded from technical/product issues to process and management activities. Through e-government initiatives (the focus of the next issue of BFMagazine33), governments are progressively urging companies to integrate internal processes with government-mandate processes, e.g. with the progressive extension of “electronic filing”. Major public failures of the old regulatory system, that basically stopped on the “company doorsteps”, allowed government and regulatory bodies to ask for changes in the way internal affairs had been managed by companies, e.g. with new Corporate Governance frameworks. 33 See chapter 5 in this book 89
    • http://www.linkedin.com/in/robertolofaro From BCManagement to BCGovernance Since 2000, events have clearly illustrated the inherent complexity of our society, and therefore is foreseeable that, in order to reduce the systemic risk, e-government will progressively produce a wave of rules and regulations that will change the old Corporate Governance attitudes, and introduce “inherent transparency” as a regulatory requirement to operate in advanced economies. It should now be clear the difference we attribute to the inwardlooking management and governance of Business Continuity: you can have management without governance, but you cannot have governance without management. If you build a cascade of plans (e.g. to create the high-speed railway network), you can keep in line with some general guidelines and targets, and revise the operational plan by managing the maze of resulting projects, so that you can introduce a degree of overall control, while maybe scrapping or delaying a specific project/subproject, or re-allocating resources between projects. Managing Business Continuity still assumes that you can use the basic instruments of management- a plan, a resource allocation and budget, etc. If you aim to move toward governance, you need to use the information derived from preliminary priority-setting to actually refocus management activities according to current needs. 90
    • BFM2013: Knowledge-based organizational change Introducing BCGovernance The normal budgeting process is useful in Business Continuity mainly only to cost and maintain the redundant resource allocation required to ensure the proper working of “skeleton processes” to a minimum and controlled level. Introducing a Business Continuity governance requires a further step: a good manager is not necessarily a good governor, and vice versa. You will probably need at least three types of capabilities (as opposed to acquired skills) involved in any activity (not necessarily three people): governing, managing, controlling. Eventually, you should be able to have a small “Business Continuity Governance team”, composed of managers, while leaving the management activities to each line manager. The controlling team should be independent of any manager, and report only to the Board, while delivering any preliminary report to the “Business Continuity Governance secretary” (somebody that usually delivers status reports to the Board on behalf of the management team). Caveat actor: while implementing Business Continuity Governance, remember to check the specific profile of the “human resources” involved, otherwise you could end up building just another layer of bureaucracy that produces nice reports and radar charts, while being unable to deliver the Business Continuity you are investing on. 91
    • http://www.linkedin.com/in/robertolofaro Conclusions While the suggested approach applies to any organization, as described in previous issues34 a “Big Bang” (i.e. instantaneous change applied across all the organization) is not always feasible. Using a “buffer zone” technique you can easily start your Business Continuity Governance activities in parts of your organization, expanding later on to other sections of the organization. We suggest that after reading this article, you try to visualize your own version of the process. If you are not currently implementing some form of Corporate Governance, we suggest that you refer to the Corporate Governance suggested guidelines appropriate for your country. 34 See chapters 2 and 3 in this book 92
    • BFM2013: Knowledge-based organizational change 5. BUSINESS PERSPECTIVE ON E-GOVERNMENT This issue of BFM was focused on “Business Perspective on Egovernment”: how to ensure that your organization maximizes the benefits deriving from e-government, while understanding its impact on your way of doing business. Since this issue was first prepared, 2004, and published, 2005, egovernment became an everyday reality for any organization. While some of the late-1990s promises still have to be turned into reality, most of the material published a decade ago is at last now obsolete. E-government is following the “snowball” principle: the longer it runs, the larger it becomes. Therefore, instead of refreshing the old material, this updated chapter focuses on few basic principles and their potential impact on corporate and individual citizens. 93
    • http://www.linkedin.com/in/robertolofaro Introduction More than any other issue of BFMagazine so far, this is an introductory issue, as e-government is the tip of the iceberg of different initiatives, with the purpose of using information and communication technologies (ICTs) to change the relationship between citizens (corporate and individuals) and institutions. As e-government and related initiatives are widespread and constantly increasing in number, it is pointless to try to provide a list. Instead, if your business activities are in Europe, it is easier to register on epractice.eu, the social network created by the European Commission to ensure that knowledge generated by EU-financed projects is accessible, notably to potential business users. Once inside the community, register your interest for e-government, search the existing library of case studies, and maybe connect with other users who actually worked on e-government initiatives. In business, we need to get used to alternative ways to ensure “knowledge continuity”, i.e. keeping your “knowledge base” to look more like a “knowledge thesaurus” than a “knowledge container”35, i.e. knowledge connected to current practice. As in other business areas, using Google etc. should become a second nature, a litmus test of the ability of your own staff to keep in touch with evolution of knowledge in their own domain. 35 See chapter 4 94
    • BFM2013: Knowledge-based organizational change E-government in perspective As defined by the OECD in its March 2003 issue of “Observer”, egovernment is more about “government” than about the “e-”: technology has to be seen as a just an enabler toward a common trend on streamlining the interaction between government and citizens (corporate and individuals). Historically, states consolidated government control through harmonization: defining regulations and enforcing them was a mean to an end, i.e. defining acceptable behaviours and sanctioning by law the penalties associated with violation of said rules. Since WWII, the increasing development of market economy accelerated the pace of these harmonization activities, moving the scope beyond the mere national level. An obvious example is WTO: also if a specific “round” of negotiations fails, it is the mere recognition of the WTO as the forum where negotiations should take place and complaints presented that should be considered a success. But it should not be forgotten that computers pervasiveness started quite recently, when the 1950s building-sized computers were converted into penny-sized chips, allowing the development of products that would simply not be feasible using the old mechanic technology. Before computers were introduced, the typical accounting or administrative office looked like shown by films such as K. Vidor's “The Crowd” or “The Hudsacker Proxy”: tens or hundreds of people used mechanical computing machines to produce partial results, collected and then consolidated into coherent documentsand many administrative processes still mirror that approach. 95
    • http://www.linkedin.com/in/robertolofaro Computer technology is pervasive, and it is increasingly being embedded not only in tools and equipment, but also used to externalize business control processes, e.g. controlling stock through the insertion of tracking chips inside products shipped to retail stores. While at first computer and communication technology (henceforth ICT) were used mainly for administrative support, eventually business processes started to be built around computers. A first issue that became immediately visible was: how could information be shared across companies? After physical delivery of shared information (e.g. tapes), attempts were carried out to create electronic exchanges, with different, competing EDI (Electronic Data Interchange) standards. If you were a company with customers operating in three or four industries, you would be asked to deliver electronically information using different communication channels with different protocols. After country-by-country attempts (e.g. Minitel in France), it wasn't until DARPA Internet infrastructure, originally designed to deliver business continuity at the national level, became usable through SGML/HTML/XML for commercial purposes, that widespread electronic communication began to be part of everyday life. Internet delivers different interesting features, but these are the ones that we consider critical to Internet success: - you do not need to set up any custom infrastructure to communicate via the internet, as software and hardware components required are easily available - you can connect to third-party knowledge/services immediately, through hyperlinks - anything that is available online is theoretically accessible without any middle-man being involved. 96
    • BFM2013: Knowledge-based organizational change Since mid-90s, when Internet was first open for commercial uses, the new medium has constantly changed, lowering the cost of activities such as market research. Before Internet, finding information was more art than science, and most newspapers had information offices supporting journalists in finding background information, sometimes open to the general public, e.g. 1970s books described how to set up your own in-house information office. It has been only few years, but already the technology is showing signs of having grown beyond its usefulness. Since mid-2000s, social networks transferred online the old “knowledge networks”, but on a global scale, and merging both academics and businesses. Even generalist social networks such as Linkedin and Facebook gradually introduced various ways to create “knowledge tribes”, built around a specific “niche”- be it a business, or just a private interest. For over a decade, this has altered the way knowledge is shared in business communities- from the obvious (software developers and business users of complex software systems), to the traditionally more secretive (businesses based on knowledge); following the evolution of e-government can benefit from a knowledge of the basic ways to structure “virtual knowledge networks”, a concept that will be discussed in a future book36. A study from RAND, published in 2000, can be a good introduction37 to the concepts related to self-organizing, knowledgebased communities. 36 “BFM2014 Patterns of organizational change”, ISBN 978-1493581146, available on Amazon from 2014 37 http://www.rand.org/pubs/documented_briefings/DB311.html 97
    • http://www.linkedin.com/in/robertolofaro Why e-government If technology is just an enabling factor, then something else should be a motivation, and that something else is quite simple: cost. Since Industrial Revolution, the cost of government has increased, also because, in our complex society, services that centuries ago were carried out by each one independently, are now part of what we expect to be part of the environment. Yes, governments talk about the benefits, added value, etc., but in the end the truth is: the level of government services that we have become used to in Western Europe since WWII is economically unsustainable if delivered by XIX century processes. If you were to try to deliver business services in former-COMECON countries in mid-90s, when they were defined “Transitional Economies”, you would have had a feeling of what would happen in industrialized countries if the fabric and structure of society were to disappear: just moving your product from your warehouse to the distributing centre would have required bartering and bribing. Your writer remembers in mid-90s being told in a former Soviet Union country by a local business man that he had to keep two sets of accounting books, as the taxes had reached an unaffordable... 18% on revenue (including payroll, etc.); the bribes required to have somebody turn a “blind eye” were cheaper than that, and anyway “payments” were due for each step of the supply chain, to the a weak “rule of law”. Wealth distribution meant that almost any job in Western Europe was paid at a level enabling salaried employees to obtain living standards that just two centuries ago would have been unaffordable to more than 90% of the population. 98
    • BFM2013: Knowledge-based organizational change This meant that also the maintenance cost of our industrialized countries started to increase. Added up to the cost of providing health and retiring benefits to an increasingly ageing population, governments had to explore new ways to reduce costs. At the same time, the increased level of schooling implies that citizens are unwilling to see a reduction in services, however it is masked, and after different experiments with privatization, some successful, some not, technology is now perceived as an enabling factor, with at least these benefits: - reducing costs - streamlining government processes - increasing transparency, to improve the capabilities of the authorities to monitor and help economic development (and reduce the risk of corruption) - getting the authorities closer to citizens - potentially improving the communication between States and citizens (a two-ways communication channel). 99
    • http://www.linkedin.com/in/robertolofaro Defining e-government Probably the most famous structured initiative to benefit from the use of technology in government is “re-inventing the government” in USA, launched by the first Clinton administration in 1993, managed by then Vice-President Gore. E-government is generally defined as the use of ICT to transform the relationship between the government and citizens, businesses, and other parts of the government. As a way to simplify the relationship between EU citizens and their governments, EU has sponsored different research projects, to exploit technologies as diverse as Internet, GSM, GPS, to both reduce the cost of governing and increase the services delivered to citizens. One of the most recent examples is the PEPPOL (Pan-European Public Procurement Online) framework38, which is one step further in EU integration, potentially enabling significant savings. A common purpose of EU projects is to increase the visibility and the “valued added” perceived from EU citizens, that until now considered EU as a business related association. Side-effects of EU initiatives as the Schengen agreement include easing mobility across EU territory- up to a point. Most EU and EU-candidate countries are issuing regulations to ensure that any part of the state machinery, be it the local town council or the national health system, fully exploits new technologies to streamline the communication with citizens, while reducing costs and adding new services: and online social networks are increasingly part of the picture. 38 http://www.peppol.eu; you can register online 100
    • BFM2013: Knowledge-based organizational change Also, most UE countries adopted the “subsidiarity" approach also in their internal distribution of powers, e.g. delegating decision-making as close as possible to where the results are produced. At the same time, there has been a constant convergence on the regulatory system governing the behaviour of multinational companies, as discussed in the previous issue39. While the harmonization of these rules at the supra-national level is still in its embryonic phase, regulatory frameworks as Basel II/III and the OECD Guidelines for Governance are trying to shift the focus from a sanctioning system (whose acceptance requires a political mandate) to a common framework of accepted behaviours. These rules try to ensure the smooth working of market economy by enhancing transparency, with rules focusing on governance, product and environmental quality standards, etc. As forecast when this material was first prepared in 2004, it was only a matter of time before also corporations would be required to manage most communications with regulatory agencies and governments via the new technologies. Using the same technologies also to manage the internal processes resulting in communication with regulatory agencies and governments would only make sound economic sense. New staff and junior managers are now, in the early 2010s, wellversed in new technologies, and with a modicum of training and coaching could smoothly integrate your business processes with Government-sponsored systems and other online technologies to maximize the benefits while keeping risk and intrusive practices at a minimum. Unfortunately, the key resistance to change is coming from decisionmakers above them, who often state objections that sound more as a sign of fear of change, than of the changes by and for themselves. 39 See chapter 4 in this book 101
    • http://www.linkedin.com/in/robertolofaro The economics of e-government EU-level initiatives and similar national initiatives resulted in a widening gap between the complexity and thoroughness delivered by these focused project teams composed by experts, and the actual capability of the recipients to process and implement the results within the budgetary constraints. While larger towns have probably staff (and financial resources to hire external resources when needed), smaller local authorities, whose communities would benefit more from implementing e-government, will probably have more difficulties in just grasping the implication of the thousands of pages delivered by all the national and supranational projects, czars, study groups. Theoretically, e-government should simplify and harmonize the administrations' behaviour across countries; practically, it adds significant pressure on communities already fighting with both tight budgets and the reduced funds provided by central governments- a direct result of the distribution of powers to local authorities (yes, “subsidiarity” could have negative side-effects). In effect, local authorities will be required to ensure that eventually any citizen or any business in their constituency will receive the same services, irrespective of the size of their tax-base. And citizens do expect to have access to the same level of services in towns with 2,000,000 inhabitants as in villages with just 200: they are required to pay the same taxes, aren't they? 102
    • BFM2013: Knowledge-based organizational change Past forecasts, current realities The side-effect forecast in 2004? - most technology-only services or the resulting information will progressively be “hosted” remotely on a central, government-sponsored infrastructure, that will increasingly be able to automatically “classify” companies according to their operational behaviour - more and more “one-stop” services will be requested to local authorities, which will try to use them as a way to compete for business investment, as more of their revenue and services will need to be financed locally. In 2013, those are almost everywhere a reality (or becoming so, as shown e.g. in Italy in 2012). The increased de-coupling of national and supra-national authorities from the ones that will have actual contacts with the providers of funding (companies and citizens) is already resulting in some unheard-of alliances between local authorities. As an example, in the early 2000s in UK some local authorities whose ruling council is Labour partnered on e-government initiatives with other that are Conservative, and together negotiated with the Labour government as their counterpart. The same applied in Italy for over a decade, where the Governor of Piedmont (centre-right) partnered with the Turin mayor (centre-Left) to negotiate with the government (centre-right) as counterpart. In mid-2010s... the only difference is that now the government is a centre-left/centre-right coalition. 103
    • http://www.linkedin.com/in/robertolofaro Machiavelli stated that the prince40 was supposed to maintain control of his constituency. Subsidiarity within the country, instead of just between the EU and Member States, implies that governments and political parties represented at the national level are losing some of the power that was related to their capability to award or deny funds, replacing this power with more “national standards”. These “standards” are embedded in rules, and also by linking local authorities' internal processes to the central government through egovernment, to enforce the rules. This approach is also used to avoid the development of de-facto transnational economic enclaves, that would feel limited or no attachment to central governments. 40 Machiavelli, “The Prince”, Chapters IX-X/XX 104
    • BFM2013: Knowledge-based organizational change The hidden costs of e-government Previous initiatives resulted in mandatory audit, ISO9000, EN14000, mandatory electronic filing, etc.; therefore, the typical attitude is to expect some additional costs. Introducing e-government obviously adds the typical costs associated with new methods, tools, and business processes. As happens with any structural and process change imposed from outside on your own business culture, e-government comes with an assumption on how your internal processes should work41, and adapting without proper planning could at best result in the same work being done twice, at worst disrupt your internal processes and affect your business viability. Before outsourcing everything to an external company, replacing internal processes with e-government processes, we suggest that you consider the guidelines delivered on knowledge retention42, and the summary information on strategic outsourcing43. Additional costs for your organization could include making some privileged internal information available to competitors, by improperly linking external e-government processes to your internal production and marketing processes. 41 See chapter 3 in this book, as this is a form of outsourcing 42 See chapter 2 in this book 43 See chapter 3 in this book 105
    • http://www.linkedin.com/in/robertolofaro Converging transparency initiatives Increased transparency is a side-effect of e-government that is already with us. As an example, consider your pricing approach: what would happen to your customer satisfaction if you were requested to publish all the pricing parameters online on a single, government-sponsored website, where any prospective customers could compare in few minutes your prices and services with the ones applied by your competitors, watching their own Digital TV and using their remote control to switch suppliers? E-government, like the governance initiatives spurred by Enron (SOX) and others (e.g. Basel III and maybe a future Basel IV), is just part of a common trend toward transforming Adam Smith's “invisible hand” into a worldwide, shared reality, by using technology to remove asymmetries in information. By “asymmetries in information” we imply that some economic actors, despite all the non-disclosures and rules on insider trading, always had information that was used to make informed decisions before the rest of the market received the same information. Sometimes, they had this information because they were suppliers or customers of the investment target, and were just good observers; sometimes, it was just sheer lack; quite often, these factors were compounded by “back door” information. Increasing transparency will probably remove some intermediaries, as already done by companies like e-bay and industry-wide initiatives to lower the cost of supplies by pooling procurement resources. A properly working market economy requires a level playing field, and e-government will progressively move further deep inside your organization the threshold for the delivery of “public” information. 106
    • BFM2013: Knowledge-based organizational change Business side-effects Different industries received additional impacts by disclosure regulations, like ISO9000, EN14000, Basel II, etc. Sometimes these regulation are self-inflicted by industry, as a way to remove the threat of new, more consumer-oriented legislation, but the overall effect is the same: if your company is certified or not, this is visible; and if your company accounts are subject to compulsory auditing, some information that smaller companies would not disclose is available online. The transparency trend embedded in e-government has an interesting side-effect: as more and more of your strategy-related information has to be disclosed, and becomes easy to access and compare automatically, the capabilities and approaches used to implement the strategy are what make your company unique. New business approaches will be needed, and cost will increasingly become only a short-term competitive advantage, offset by the increased productivity that companies using your business approach later will have by using your company as a case study, and maybe setting up their facilities where they can have a short-term costadvantage, useful until they get enough market share from you, and can afford to enter your own market with local facilities. As an example, if you are a shipyard with a new production management approach, obviously the initial infrastructures and cost of production would make a difference and you will have some time before your competitors will catch up. Eventually, your cost advantage would disappear, as competitors would benefit by a shorter start-up time, avoiding part of the “tuning” costs that you sustained. If you created a new market, then your competitors will not need all the initial marketing investment required to “evangelize” the market. 107
    • http://www.linkedin.com/in/robertolofaro Costing e-government As discussed in a future book44, a different approach on the definition of the market positioning of your organization will be needed. “Organization”, not “company”, as local authorities and countries alike lose/gain through this additional transparency, and, with the extension of subsidiarity, they too will need to find ways to attract investment (and tax-paying corporations). After this extended assessment and evaluation of its qualitative effects, introducing e-government, like any other project, should be assessed for its quantitative cost. Obviously, with “normal” projects you have at least the theoretical option of cancelling the project, an option that is not available with e-government. In 2013, e-government has been confirmed to be more intrusive than it was expected, also if the regulatory framework is still a work-inprogress. The options you should first identify are: - to what extent should e-government be introduced inside your organization - by when you should roll-out each new requirement - is there any flexibility, and for how long - could the e-government-related changes be kept aside from the company, or should be embedded in business processes - how can you compartmentalize information to avoid disclosing sensitive business information 44 “BFM2014 Patterns of organizational change”, ISBN 978-1493581146, available on Amazon from 2014 108
    • BFM2013: Knowledge-based organizational change The minimal cost categories to consider are: - compliance: is the direct cost of producing the information required - infrastructure: is the cost associated to storing and processing the information, along with any new infrastructure cost (e.g. paying a monthly fee, or buying digital certificate) - delivery: is not only the cost to deliver, but also to manage the delivery process (e.g. storing the feed-back, re-sending, managing the production of updated information) - maintenance: is the cost to support the previous three. Let's see an example: electronic filing of payroll information. Law requires delivering a certain amount of information with a stated frequency and keeping track for a certain timespan. Assessing costs should be quite easy in this case, as it is just a normal project to produce and deliver some files, but once you introduce transparency and ICT as a communication medium with government agencies, consider that they could make some assumptions on how your company works to produce that information. A customer in Continental Europe reported some twenty years ago that they were requested statistics on payroll from the government agency collecting the monthly information; problem: the statistics' contents extended beyond the statutory time limits; legally, the government agency could not require the old data, but legally, there was not statute of limitation on the statistics. Once they delivered the payroll statistics, the government agency called back and said: “as obviously you have the underlying information, could you deliver that information as well?”. The reason? A technical and organizational glitch resulted in losing and/or misplacing data tapes, and somebody at the government agency came out with a creative way to solve the problem. 109
    • http://www.linkedin.com/in/robertolofaro In the future, constantly increasing transparency could result in further integration, and therefore when costing the introduction of egovernment consider all the side-effects of related regulations, not each item separately. Also, e-government makes more sense for the government if, once assumed that certain processes are carried out inside the information providers (the companies) and work properly, a certain degree of redundancy is removed by consolidating services, and maybe the government agencies focus on becoming just the “knowledge manager” for the specific set of rules, outsourcing all the data processing to a central unit that, also for privacy/security/etc. reasons, will have no clue about the data they process. As in other projects, the longer the time some resources go unused, the easier is that they come to be considered “redundant”45. More so if on the receiving end you have not one organization that knows the meaning of the information that it is processing, but some low-cost, centralized unit, whose internal budget allocation will be linked to further constraints, and that will make decisions on the basis of the internal knowledge available (documentation, etc.). When introducing e-government processes you have to take further precautionary steps while defining the SLAs (Service Level Agreements), because e-government is, in the end, something whose evolution is outside your control, but the deeper it affects your own internal business processes, the greater the loss of flexibility in your managing the evolution of your own organization. Overall, the suggestion is: outsourcing requires assessing both the financial savings and the impact on business continuity. 45 See chapters 3 and 4 in this book: again, it is a consequence of outsourcing, and e-government is, in this case, outsourcing for both parties involved 110
    • BFM2013: Knowledge-based organizational change Deploying e-government in your organization The first step is therefore adopting the method described in issue01, to identify knowledge boundaries46. Consider the boundaries between your organization and each government organization and institution you have to report to, so that you can streamline communication processes and identify any additional requirements of investment, while defining roll-out priorities. When allowed, institutions themselves apply this methodology, to reduce their own cost of delivery and to focus on real information, instead of collating information that could be easily fixed before being delivered; as an example, the Bank of Italy, that has overall oversight authority on banking in Italy, already in the early 1990s coordinated all the requests related to different regulations into a set of validation tools, delivered to banks or their IT providers that unified the data delivery. Some of the e-government requirements are for immediate delivery, and therefore should be managed as both a stop-gap delivery and a long-term solution. Anyway, consider that e-government will be like ERP and similar “vertical/horizontal process-replacement schemes”: if you drop your own processes and replace them with external ones, you will lose your own uniqueness, and “customization” is not an option with egovernment. 46 See chapter 1 in this book 111
    • http://www.linkedin.com/in/robertolofaro The suggested phases are: - assessment and priority setting: assess impacts and needs to deliver short-term compliance, using this phase to prioritize and identify which core or non-core parts of your own way of doing business are affected - make-or-buy: carry out a make-or-buy decision, i.e. see if it is better to use a standard, external process, whose evolution you would be unable to control, or to interface your internal process with the external ones, or, finally, to embed inside your internal processes the new ones - deliver: according to the results, deliver the processes. Remember: e-government is both a technical and political issue, and therefore you should assume that its evolution mirrors more political “horse-trading” realities than any theoretical framework, all while keeping a face-saving theoretical framework justification for any choice. Do not expect a “logical” evolution of constraints, and therefore avoid “planning ahead”, i.e. building new requirements into processes or software that seem to be expected as the next requirement. As with any political process, e-government might one day jump ahead and run as a leopard, and the following day walk like a crabbackward. 112
    • BFM2013: Knowledge-based organizational change Increasing e-government benefits Is e-government just a cost and a threat to your own way of doing business that you have to comply with due to law? Most of the benefits declared by the governments and institutions proposing e-government are real, but some just are not available unless you invest some time and efforts in determining how to embed e-government in your organization, and re-invent your own way of delivering certain results. Generally, as for any other compulsory compliance, you can see both costs and opportunities, but only if you move beyond the mere afterthought compliance. A simple example of benefits delivered by e-government: if you knew which e-government disclosure rules apply to your suppliers and customers, you could make better informed credit decisions, by including in contracts exchanges of information already mandated by e-government- also if originally you did not consider that information. As compliance to produce that information would be anyway required by law, you would avoid re-inventing the wheel, streamlining your own decision-making processes. Furthermore: e-government will allow both you and governments balance credit and debits; eventually you could expect every government becoming like any other customer/supplier, introducing different ways of paying duties and taxes. 113
    • http://www.linkedin.com/in/robertolofaro Conclusions By now, it should be quite clear that our approach to e-government is quite straightforward: e-government is part of a common trend toward creating a level playing field, as required by market economy. This trend started centuries ago with the creation of financial instruments, and what we are observing is a mere acceleration, due to the spreading of ICT, and the interoperability allowed by internet. What is interoperability? A working definition is: the possibility of every organization to communicate with any other organization at any time, without the need of establishing a custom communication link. E-government is a work in progress, and its spreading will accelerate the trend toward further transparency, with wide impacts on our assumptions on what is proprietary or confidential. To have a coherent idea of what would mean managing a transparent company, we suggest reading an old science-fiction book on how technology could affect privacy47. Consider e-government as part of your own business development activities, by adopting a “monitoring” approach, also in smaller organizations; this approach could extend into lobbying, instead of simply reacting to e-government. Smaller organizations would certainly benefit by coordinating their efforts to present industry consensus at the same level of organizational complexity, making easier to give visibility to their negotiating position while talking with government agencies. 47 Clarke/Baxter, “The Light of Other Days”, 2001 114
    • BFM2013: Knowledge-based organizational change Usually lobbying is seen as something for larger companies, but probably smaller companies could be the ones obtaining more benefits from e-government, as they could use government free services to replace services that are currently delivered by external resources, as they lack the structure to justify building in-house expertise. Therefore, smaller companies will have probably opposite interests, when compared with larger ones, as what would be a benefit for the former (e.g. removing the need for auditors, as anyway their figures are small enough to remove any “creative accounting” value), would be a straitjacket to the latter. The same applies for smaller local authorities: while towns with more than 800,000 residents have both structure and resources, smaller towns will be required to provide the same services, but without the administrative or technical resources required, and therefore could be more interested in giving value not to custom-built applications, but to the use of government-sponsored standard applications, that allow them to use their scarce resources to promote the unique content that their town can deliver to visitors and investors, using “virtual malls” as containers to publish the content. 115
    • 116