Policy
|
Many policies are organizational scar tissue — codified overreactions to situations that are unlikely to happen again.
A typical reaction to failure is prefectural overspecification—patching observed holes in an operation with increasingly detailed or tightly targeted rules, that respond specifically to just the latest incident.
Policy is the sheep they’ll hang you for. It is the dominant ideology of modern management theory. Policy, and process, is seen as practically inviolate, or immovable.
Management orthodoxy is predicated on policy and process being the fundamental layer of organisational competence. So, for example, a root cause analysis using the 5 why's method is intended to reveal as the root cause the policy which had not been complied with.
Policy is the mountain; the workers are Mohammed. So calling out substandard performance in the workforce is orthodox business management practice. But calling out substandard process or, heaven forfend, policy — to allege executive failure, that is — is a kind of sedition. Yet history tells us catastrophic failures are far more likely a result of executive than operational failure.[1]
Policy and subversion
But policy is a proxy. It is a second-order derivative of the intractably complex life of a modern organisation. “Compliance with policy” is a quantifiable thing that internal audit can glom onto; can monitor. It requires no qualitative assessment, no subject matter expertise and no judgement. It is a simple enquiry with a binary answer.
“It says here you must do this. Did you?”
“No, but does it matter?” is no defence.
Ignoring policy is for substance to challenge form. It threatens an organisation’s integrity. It subverts its governance. To break its rules. It invites censure by internal audit. A thoughtful employee faced with a situation to which a policy applies will not be prepared to override it.
“No-one got fired for complying with policy”: that’s a truism. “No-one died because someone complied with policy” — not such a truism.
We don’t rigorously follow policy
There is an often-stated but still wildly optimistic idea that all policies are complied with. Not only are they not, but they are disregarded explicitly. All concerned understand that optimal — even basically acceptable performance requires turning a blind eye to the rules. There is no better example than the work-to-rule: a form of industrial action adopted by those who are, by regulation, not permitted to go out on strike. The work-to-rule involves, literally, insisting rigorously on complying with every aspect of every prescribed policy as a means of frustrating the commercial objectives of the organisation.
What does it mean? It means that if people don’t want to or cannot go on strike they say to one another: “let’s follow all the rules for a change!” Systems come to a grinding halt. Gridlock is the result. Follow the letter of the law, and the work will not get done. It is as good as, or better than, going on strike.
The vibe is: “Oh, I see, Mr. Employer, is that it? Are we being dicks about out employment relationship? Well, two can play at that game.”
Why we don’t disclose policy to customers
Policy being a High modernist preference for form over substance, it carries some “transubstantiation” risk. The last thing you want to do is convert an internal heuristic designed as a checklist to keep your organisation straight into a contractual straight jacket that it is bound to follow on pain of 3rd party litigation.
Therefore, you will often see it declared by legal eagles that internal policy must not be disclosed to customers or external parties except where required by regulation.
The risk — somewhat chicken-lickeny but yet compelling — is that by doing so you inadvertently represent that the policy is meant to benefit the customer and find that adhering to it is now a contractual obligation, whereas it was only ever meant as an internal governance mechanism. It was not meant to be a rod for the organisation’s own back, that is to say.
Where a policy is of interest to a customer or a third party, you might create a public summary document outlining the terms of the policy, but clearly noting that it is a non-binding summary, is subject to change without notice and is not intended to create any contractual obligations between Quantessence and the third party.
Policy and the production line
All this assumes that the commercial landscape your policy is meant to cover is a fully-scoped production line where all inputs, all outputs and all contingencies are mapped. No frontiers, no known unknowns are in sight.
Here, a policy is prudent, but — in these artificially intelligent times — policy compliance, too, ought to be coded and automated. There is little for internal audit to see: these processes, by nature, present trivial risks and add limited value.
And therein lies the rub: any fully-scoped process, where we know every possible input, output, and contingency, is necessarily one of limited risk and limited value. Easy wins for internal audit, but nothing much at stake.
Policy and the wild frontier
Where are the big risks? With the big rewards, at the wild frontier. Over the horizon, where “here be dragons”. Where there are known unknowns and unknown unknowns. Where, by definition, we are beyond the comforting porch-light of a fully worked-out production line. Where there is maximum opportunity to add value: in a commercial context, to make, or lose, money. In a social one, to improve, or ruin, lives.
Hypothesis: where there be dragons, a policy is your worst enemy.
We are all familiar with the ghastly tale of Grenfell Tower and its infamous “stay put policy”.
The British Standard Code of Practice of 1962 introduced the first national standard requiring tall residential blocks to provide one hour’s fire resistance so firefighters could fight flames inside the building. Each flat would act as an individual “compartment” containing any fire for at least an hour. This would enable firefighters to put out one fire in one flat rather than face a whole building ablaze. To work, the building must be able to withstand the spread of flames beyond compartments, and there must be clear access so affected residents can escape and firefighters can get in quickly. Part of ensuring that clear access involved discouraging unaffected residents to evacuate, exposing them to risk of smoke, clogging up the firefighters’ access or impeding affected residents’ exit. Opening doors of other flats was expected to undermine the “compartmentalisation”. In 57,000 high-rise fires between 2010 and 2017 only 216 (0.4%) required more than five residents to evacuate. It was a policy that worked in tens of thousands of fires over sixty years with minimal casualties. The Grenfell report describes the policy — unsurprisingly — as an “article of faith” within the London Fire Brigade “so powerful that to depart from it was to all intents and purposes unthinkable”.
Put yourself in the position of the fire service personnel on the ground at Grenfell as the situation was unfolding. There is total confusion. You do not know anything for sure. The fire is not behaving as it should do. There are conflicting reports. Information and communication lines are scrambled. The one thing you do know is that there is a stay-put policy is in place, it generally works — it is an article of faith, after all — and you ignore it at your own peril. When you are in a crisis situation with all kinds of unknowns unfolding around you, what you do not do is question the things you do know. Not only could they not know what would happen if they complied with the advice; they could not know what would happen if they had not complied with that advice.
The point here is not to defend the fire service, but identify what is happening. The fire service is facing a new, unexpected situation. They are unexpectedly at a frontier, whereas they are expected to be on a production line. They are armed with a policy designed for the production line.
See also
- The Unaccountability Machine
- Beware of shorthand
- doctrine of precedent
- elephants and turtles
- The Black Swan: The Impact of the Highly Improbable
- Rework - Jason Fried
References
- ↑ Let me cite some examples from Charles Perrow’s magnificent monograph Normal Accidents: Air New Zealand’s Erebus disaster in 1978. Enron. The Three Mile Island. Chernobyl. The S&L scandal. Theranos. Madoff. List continued on page 94.