Compliance is fundamentally at odds with innovation and con…

Operational practices have an emergent nature to them. They’re affected by people, their expertise, their relationships, their team goals, role perceptions and also member needs as humans and professionals.
In this entangled mess of variables, aspects practice-as-done are

Constantly morphed as a response to economic pressures (deadlines, business demands), workload demands (as people tend to automate or agree patterns to reduce cognitive load of tasks and become more efficient) and understanding of safety and security related barriers.

All of these tend to be fluid and non fixed. In this continuous interaction with the environment and different pressures acting on it, there are numerous opportunities for improvements which have local relevance and emerge out of local needs and interactions of elements. However

In order to do so, and to support innovation and continuous improvement the practices need to have a requisite level of variability so practitioners exercise their Fingerspitzengefühl (fingertip feel) for what works and what doesn’t, within their constraints and pressures

Adaptive cognitive work requires the ability to experiment and experience the results of that experimentation (observability) into how practices are support the attainment of local goals

The problem with Compliance approaches, is they tend to overconstrain the processes they wish to assure making it impossible to accommodate this requisite variability that could lead to huge heaps of business benefits and innovation. But doing so, would imply a non-compliance

Now some could argue that Compliance processes themselves can be the target of continuous improvement, but you’d be missing the point. Innovation and insight happens at the practice level, not on the Compliance office. In Safety, this is often referred to as the Blunt end

The governance structure affecting the system but divorced from what it takes to get the job done or actually how the daily variability of work is responsible for the success of the operation. Using analogy, this Compliance improvement would be akin to aiming for improvements

By shouting “hot tips” from the stands on a football match. The real world doesn’t work like that.

But is there an alternative ? I think there is, but requires re-thinking the problem. Here’s my suggestion:

Instead of Compliance based on “expectedly thorough” procedures, let’s help teams document broad guidelines and task sequences which govern their actions. Let’s write down in our procedures we don’t have the expectation of them being followed to the “letter” and that we expect

Some variability to deal with local pressure demands.
Let’s talk with experienced practitioners to help us determine where they believe boundaries of security exist, in their own context.
- what are indicators that warn you should really pay attention ? How can we help in

Helping you identify what those boundaries can look like and establish effective feedback loops on when it’s time to move that boundary, based on open communication ? How can we establish resilient constraints which are permeable (allowing for context optimisation) as opposed

To rigid constraints which expect an ideal operation free of outside pressures which increase the likelihood of emergence of covert work systems which hide “work as done” from Compliance teams because teams have “work to be done”?

Considering these when developing policies and procedures and expecting deviation decreases the likelihood of creation of policies and procedures as “business liabilities” which you find yourself in when you don’t consider “work as done”

Innovation and continuous improvements requires being free from “too rigid” constraints so this room for innovation exists. It’s about time our policies and procedures do what they’ve been promising for 30 years. Be supportive of business goals, not hindrances to evolution

@threadreaderapp unroll