Answering the phone after half past four on a Friday is always risky, and sure enough, when I picked up, Bruce one of our longer serving internal auditors, asked if I could join him and Matt, our IT Director in a meeting room for a quick chat. It’s never clear if the “Friday Afternoon Quick Chat” is an invitation to play therapist, or referee a bout of boxing. Either way, I’m far too nosy to decline.
When I arrived, I could see the vein on Bruce’s forehead throbbing, so I knew it was getting emotional.
Matt explained he was going to conduct this year’s flagship IT delivery as an Agile project. “What a great opportunity to demonstrate the improved quality and working practices and bring the IT department into the 21st century”, he said.
Bruce was now grinding his teeth. Our organisation has been a Waterfall shop for as long as I’m aware. The internal project management bible is a well thumbed door stop of a document with a long and rigid list of detailed controls. It’s also Bruce’s magnum opus. A stickler for structure, Bruce wrote this bible back when he worked in IT. It was his stepping stone to a promotion to the Internal Audit team; a role where his eye for doing things right was more appreciated.
“You can’t possibly permit this!” Bruce suddenly exploded. “There’ll be no documentary evidence if they just… just stand around chatting about the work as they go along! How will we know they’re developing the right stuff? If things go wrong, how will we know who to…” he tailed off.
“...blame…?” I offered.
“There’s just too much risk involved...” Bruce was looking desperate now.
I could see Matt smiling to himself. I wonder if I’d got the measure of him before. He may be one of those people who gets a kick from winding up auditors and their kin.
“The thing is,” said Matt, “the current developer team is working well below capacity and delivering something that could at best be described as acceptable quality. Certainly they are not going to win any awards. The whole floor is despondent. There’s no passion. I’ve identified three bright young devs - and I know some more I’d like to bring in - and we won’t retain them unless we change. To be honest, there won’t be much point retaining them if we don’t change - for a technology led organisation, the technology is quite far from being market leading. We’re at risk of being overtaken by two men and a dog in a garage.”
I gave them both a long look. They both had valid points. They both seemed entrenched in their positions too.
“We’re not going to resolve this here and now. Let’s do the matter justice and get together for a couple of hours next week to have a proper chat.” I told them. “We can all put our views across more fully and I’m confident we can find a solution we’re all happy with.”
Truth is, I’m not sure at this point that we can find a solution, at least not a happy one. Experience tells me we can usually find a way forward that irritates everyone equally though!
Change can be difficult. Poor Bruce, I know he’s going to find this hard.
To be continued...
Who is the Secret Risk Manager?
The Secret Risk Manager is a senior risk professional working in the City. Over the years, they’ve seen a variety of risk practices - good, bad and ugly - across a variety of industries.
Like many risk professionals, the Secret Risk Manager’s CV has a large unspoken element. They are called upon to be in turns, therapist, coach, detective, mediator, behavioural scientist, parent, mind reader, futurologist, story-teller, philosopher and diplomat.
These articles do not pretend to constitute advice, but only to provide a frank and hopefully thought provoking look into the often frustrating world of those people who help organisations manage their risks. The subject matter is experience based, but fictional.
Any resemblance to actual incidents or persons living or dead is purely coincidental. But let’s face it, there’s not much new under the sun so you’ve probably seen it before.