The IT Risk Manager
371 FOLLOWERS
A blog by Chris Matts about IT risk management. Chris delivers trading and risk management systems in investment banks. His goal is to deliver business value.
The IT Risk Manager
1M ago
You might think that escalations were needed to ensure that the constrained resources of an organisation were focused on the highest priority investments. The true purpose of escalations is to validate and confirm the status and importance of senior staff and executives, and re-enforce a high power distance index. Escalations are yet another sign of ..read more
The IT Risk Manager
1M ago
Karl Weick’s Sensemaking is a powerful frame to understand how organisations work. It can help us better understand Failureship. Paraphrasing, he identifies four stages of understanding: Weick describes sensemaking in organisations as the process of moving things from “Inter” to “Generic” so that others can become part of the organisation and act using the thing ..read more
The IT Risk Manager
6M ago
Many of the agile techniques are effective risk management tools that make problems and risks transparent and leave the solution to be determined based on the context. It is common for people to use an agile technique to reveal a problem or risk, and then ignore it when they find it… reveal a serious issue in a retrospective and then simply put an item in the improvement backlog, or turn off a failing test rather than fix the bug that it reveals. It is so common that agile practitioners have a term for it “Agile Kabuki”, an elaborate process where people make extreme gestures but fundamentally ..read more
The IT Risk Manager
6M ago
One of the main strategies to avoid responsibility for delivery, and to avoid risk management of a process is to allow the system to be swamped by work, often shadow work that is not aligned to the goals of the organisation. Incompetent risk averse managers in a failureship culture engage in classic “child” behaviour of blaming stakeholders for forcing them to do more work than the system can cope with (“They made me do it, its not my fault”). In reality, it is exactly the fault of the person who allowed more work to be pushed onto the system than it can cope with in order to gain individual f ..read more
The IT Risk Manager
6M ago
The process of knowledge work is pretty simple.
Decide what to build or fix.
Assign a person to build or fix it.
Provide the person with the support they need to build or fix it.
The person(s) builds it or fixes it.
Learn, reflect, and go back to step 1.
One of the key risks in knowledge work is the “Key man dependency” or “bus count”. The bus count is the number of people in the team at a bus stop that a bus would need to take out in order for the team to be unable to support the system. A “key man dependency” is where one or a very small number of individuals are vital for the development ..read more
The IT Risk Manager
7M ago
Quality only emerges if people care. That was one of the conclusions of Robert M. Persig’s “Zen and the Art of Motor Cycle Maintainance”. In organisations, there are two types of people. Those that care more about the organisation more than their career, and those that care more about their career than the organisation. It is clear that those who care more about their career rise faster in organisations. Between the owners at the top of the organisation and the workers at the Gemba, there is a layer of people commonly referred to as the “frozen middle”. Communication between the people at the ..read more
The IT Risk Manager
7M ago
The best metaphor for a new leader in an organisation with a failureship culture is Doctor Who (New Leader) and his relationship with the Tardis (The organisation). Doctor Who frantically rushes around the Tardis altering controls and pulling levers, none of which has any impact and the Tardis takes Doctor Who wherever it wants him to be. Unless a new leader creates transparency to make sense of the risk averse organisation, it will simply take the leader where it wants them to be and give them the comforting illusion that they are in control. This is particularly risky for super smart new lea ..read more
The IT Risk Manager
7M ago
When leading a failureship on the journey from a risk averse to a risk managed culture, there are two entangled parts of the culture that need to be addressed… “Uncertainty avoidance” and “Power distance index”. How these are addressed will determine whether the leader achieves the transparency they need in order to identify and address the real issues in the organisation.
Any leader new to an organisation wants to find the “dead bodies” as soon as possible so that they can be rightly identified as the consequence of the previous regime. They know that after a certain period of time, they wil ..read more
The IT Risk Manager
7M ago
One of the most profound discoveries during the study and practice of failureship has been that Eric Berne’s transaction analysis is ideally suited to understand the failureship dynamic. Whereas previously I thought the “leadership” of an organisation determined whether a leadership (risk managed) or failureship (risk averse) culture emerged, our study of failureship has revealed that it is the interaction between the leader and the organisation that determines the culture. Understanding that transaction analysis describes these interactions gives us a clue as to how to address a failureship c ..read more
The IT Risk Manager
9M ago
Nigel Thurlow wrote a linkedIn post stating that the Kanban used in Agile Software Development is not the same as the Kanban used in manufacturing. Nigel is the most knowledgeable person I know on Kanban in manufacturing, based on his many years as a practitioner in Toyota. Nigel explains that his knowledge of the Kanban used in software is based on training software.
Nigel is correct. This is my “Yes, and…”
Kanban in Manufacturing
As Nigel states, the purpose of Kanban in manufacturing is to ensure that supply meets the demand of customers. In front of each work station is a pile of input goo ..read more