What do self-driving cars have to do with IT governance?
As it turns out, quite a lot.
Start with (self-promotion alert #1) the phrase “IT governance.” As long-time (and, I hope, short-time) readers know, in KJR-land there’s no such thing as an IT project — an idea so important Dave Kaiser and I named our soon-to-be-available book after it.
You’d give a perfect self-driving car your destination and let it figure out whether the best solution is to drive you there, to fly … at which point it would book your tickets and drop you at the airport … or make some other arrangements. Self-driving car governance should be transportation governance, just as IT governance should be business change governance.
More important than even this is how badly many designers of all forms of corporate governance ignore one of the most basic elements of delegation.
The element in question is the difference between delegating goals and delegating tasks. You’ll find (self-promotion alert #2!) what you need on this subject in Leading IT: <Still> the Toughest Job in the World. Put simply, the most effective leaders only delegate tasks when they can’t trust the person they’re delegating to enough to delegate the goal and leave the details to the delegate.
Look at it from the perspective of a self-driving car’s owner, who, even if the current state of the art doesn’t include booking tickets for some other mode of transportation, should be able to enter the destination and let the car handle the rest.
Except that no self-driving car is reliable and adaptable enough to handle all the details without human supervision. Humans metaphorically delegate driving tasks to the car but … and this is the essential point … can’t trust the car to handle the job without oversight.
Take a look at business governance as usually practiced and you’ll find distrust is baked into the heart of it. Governance is all about controls. Some controls are useful — they make sure processes are … well … in control.
They’re fine. But then there’s the other kind — approvals, to make sure those who have a job to do lack the authority to screw it up by just doing it, by requiring one or more signatures first.
This doesn’t mean organizations should become free-for-alls. No, organizations should prescribe their processes and practices clearly enough, and educate their managers and supervisors enough that those responsible for doing stuff know when there’s a corporate recipe in place because, for example, legal and regulatory requirements don’t leave room for creativity.
They should prescribe processes and practices in detail when the company’s systems and process management would be messed up if everyone accomplished similar goals in radically different ways.
That’s all fine. What isn’t so fine is when what’s prescribed is, in self-driving car terms, turn-by-turn directions, each turn of which requires someone’s signature.
Because that’s what controls end up looking like — the need for outside approval of each step managers, supervisors, and employees need to take to get their jobs done.
Governance by controls, which is what we’re talking about, has three major disadvantages. The first: it slows things down, because each approval takes actual time, which incurs delays.
The second: It adds to the workload of already up-to-their-eyeballs-in-more-important-matters executives. This doesn’t have to be overly onerous, so long as the executives in question are willing to just rubber-stamp the decisions in question. But if they rubber-stamp everything, what’s point of requiring their signature?
The third disadvantage? It’s demoralizing. I worked with a company a number of years ago that wanted to revamp its capital approval process. Something my team learned along the way was that the smallest decisions required the most signatures (six), and each signatory except the last resented being second-guessed.
What we heard, over and over again, was the same complaint: “If the company doesn’t trust me to make a decision like this, why did they hire me?”
Which might (and, I hope, did) lead you to ask, if governance isn’t to operate through controls, what’s the superior alternative?
The self-promotion-opportunity #3 answer: As Scott Lee and I point out in The Cognitive Enterprise, culture is (or should be) the new governance.
That is, for self-driving cars, culture provides, metaphorically, the lane markers. Controls are the guardrails, something self-driving cars that stay in their lanes will never make contact with.
The parallel? Governance bodies should spend most of their time instituting a culture that makes most controls unnecessary.
Oh, and I hope I didn’t hurt your feelings by comparing you to a car.
All that you state is “true”, but doesn’t address the root issue (IMHO):
Upper management never attempts to (or is unable to) devise/impose the necessary cultural ‘lane markers’.
In my experience this is due to two major factors (and many ancillary ones):
Lack of experience in managing via the method you propose and a total focus on maximizing the bottom line to the exclusion of almost all other concerns. I believe the first factor could perhaps be mitigated if we could wean corporate culture off the second somewhat. Unfortunately, most c-level managers would see managing in the manner you suggest to be an abdication of the responsibilities (control) they have acquired, and think they need.
Have to share one of my all-time favorite leadership videos:
https://youtu.be/psAXMqxwol8
Ignore the cheesy submarine sounds, and grab the culture / philosophy in the video. It’s excellent, and ties in to what this column is about.
I like it – thanks for sharing the link.