This positions the original department to better tackle its emerging burdens, and clears work for which it was not optimally suited.  Many organizations shuffle burdens, resources and people during major reorganizations, and reorganizations are necessary from time-to-time.  But what we’re talking about here are things that can be achieved between departments, without a lot of research and analysis.  These are things that are large enough to be viewable through a common sense lens.

Often times organizations find that they’ve placed work, not according to where it is supposed to reside, but rather where the organization “found” someone willing or able to do it (perhaps forcing the issue).  Over time, these sorts of placements wobble out of balance as personnel change or move up in the organization – the original good-hearted person who took on the work, or perhaps had a natural talent for it, is no longer in the position.  That’s a problem.  These placements of work are not even prudent at the outset – placing work based on personalities, or a reason other than appropriate business discipline, is shortsighted and does not build a solid foundation.

We know there’s going to be a steady advance in the burden for maintaining business.  The general, collective, advancing burden in maintaining our Weave requires up-to-date knowledge; best, vetted, practice; and intelligently applied effort for maximum affect and return.

Let’s also take this opportunity to mention that we don’t mean to imply a negative connotation to “burden” here:  we’re talking about the weight, or load, of work – it is work we’re discussing, after all – so by all means let’s talk about burdens.  In the face of tight resources, possible reduction of resources, and expansion of need – what can we do regarding the non-stop advance of burdens?

We can be bold:  When we can offset a zooming consumption of resources in one area by virtually eliminating the consumption of resources in another, we can achieve an overall parity between the onset and offset burdens.  We can even get ahead of the game.  This is going to be very important in the coming years as you balance your ever-changing Business-Technology environment’s consumption of resources.    Consider this:  In most organizations, there is a natural resistance to change, coupled with inefficient change management and action.  There’s inertia.  This inertia exhibits itself in individuals, and in the organization at large.  Why does it exist?  Often, a “go-slow” (or even a “no-go”) approach is considered safe.  Frequently a go-slow approach is necessitated by ignorance:  no one is qualified to go at a better speed.  In these circumstances, the organization has created a self-fulfilling requirement for the go-slow approach.  How can you be bold when you’re ignorant?  How can you sustain confidence in a changing Weave?  You can’t.

The Divide between That Which You Must Do, and That Which You Can Do:  When you combine this go-slow situation with new requirements that constantly stream into the face of business/technology, you have a divide.  That is, the organization struggles to close the gap between what it is able to do, and the seemingly constant elevation of what it must do.  This is often because the organization finds itself performing relatively obsolete chores, or chores in a manner that deliver appropriate return for “yesterday.”  Concurrent with this inherent lag in the fixing or tuning of wasted, inefficient, or outdated efforts, is the forced assumption of new burdens.  In the absence of planning on your part, new burdens don’t bother to align with your condition of awareness or preparedness.  These new burdens may be necessary in the advance of business – or they may be necessary just to keep up.

Burden Management:  Burden management can be an umbrella concept for the modern organization:  it entails the review of work, resources, and returns.  The essence of burden management goes on to some degree everywhere, by various names and reviews, in various formal and informal manners.  Those things should continue – but burden management here is an aggressive, but responsible, effort to identify and stamp out foolishness.  Just as there are false solutions to problems, there are “false burdens.”

The False Burden:  False burdens present real burden – but they are false in the sense that they are falsely assigned and falsely borne.  They are false in the sense that they have no merit – they don’t deliver, or protect, or advance anything.  Many of us have discovered thick reports that are generated on a regularized basis, delivered to some location, and thrown away without any sort of attention.  Many organizations conduct mandated training that is poorly attended, or which delivers little in the way of real knowledge.  Cloaked criticism – that which is delivered as valid or justified criticism, is more of the ‘busy-work’ variety, and its attendant destruct of efficiency yields a false burden.  And of course we have probably all experienced the wasted effort of projects that go nowhere, and even of implementing the burdens delivered of the False Solution (a “solution” that does not solve or serve).

When we become practiced at making objective, successful, arguments for doing away with wasted work, we find that we can maintain headroom to tackle unforeseen changes with aplomb and efficiency.  Zeroing and reducing burdens provides a yield:  It means that we can fill any new “slack” in resources with support to the emerging demands of the Weave.  It also should grant time for research into those things necessary for a better business-technology future.

Use the zeroing of burdens principle to grant space to your efforts so that you can make more fully informed and therefore more intelligent, more accurate, forecasts and planning.  Seek to size burdens appropriately (new and old), to seize and implement best practices as soon as possible in order to resize (reduce) burdens, and to even eliminate (zero) burdens as we can.  The result will be more accurate implementations and supports to the Business-Technology Weave.

Next:  Zeroing and managing burdens the right way.

NP:  Bix Beiderbecke – streaming audio.

_________________________________

Good afternoon, Karen.  What, in your view, is “Agile”?

A:  Hi Dave.  Agile is the marriage of scientific empiricism and social psychology.  It is an umbrella term for several project and product management frameworks.  Agile works well when the work to be done is complex and the methods necessary to accomplish the work are not yet fully understood.

Agile “chunks” functionality so that small bits of business value are delivered to the customer on a schedule; typically a one-to-four week schedule.  This schedule provides the customer and technical team with ready opportunity to validate the product, and incorporate change, based on timely feedback, as well as experience.  This process allows the business to better forecast the time required to complete complex features based on their ongoing experience.

Shared ownership, transparency and small cross-functional teams are a few of the cultural underpinnings of the Agile frameworks, such as Scrum, Lean and eXtreme Programming.  Consequently, knowing how to collaboratively make decisions, and how to deal with interpersonal conflict constructively, are foundational skills in an Agile shop.

What inspired you to write this book?

A:  Well, when talking with different teams, both co-located and distributed, in different companies, I asked “What books have you read on Agile?”  A dozen or more team members all gave me the same answer: “None.”  When asked why, they justified this with “I’ve got one on the shelf but haven’t gotten around to reading it yet,” or, ”we don’t have to read about Agile because we’re doing it,” or, “I don’t know which one to read, there are so many.”  I decided that what was needed was an obvious entry point – something engaging and easy to use.

I see; then what is your book’s main argument?

A:  A to XP is basically a job aid.  Like any ABC book, it’s an introduction to literacy.  What I’ve done is arranged about 100 Agile concepts around 26 themes, so that things hang together.  For example, I talk about pairing and swarming behaviors in context with Continuous improvement and Emergent Design, all under the theme of Planning, accompanied by an illustration that shows the iterative nature of the framework.

And who is your target audience?

A:  Everyone using or interested in using Agile practices.  Agilists such as Scrum Masters, Product Owners, Coaches or Teams, Business stakeholders, and C-level or other management.

What is unique and original about your book, and your thinking?

A:  That’s the question!  It is unique.  It would have been easier to write 10 pages on each of the 26 themes, which would have resulted in a traditional book.  But I wanted something that could be read in 30 minutes, and skimmed in 5.  I wanted something that could serve as a quick and handy “cheat-sheet.”  I wanted each of the themes to be absorbable at a glance.  So I decided to use three methods of communication – 1) a simple illustration of the concept, 2) a heading like a proverb that was pithy and memorable, and 3) a rational paragraph or two that would provide more substance.  What I tried to do was to access the metaphorical mind – our right brain, or narrative mind as Steve Denning calls it.  I pair this with branded formatting:  Unique illustrations, memorable hooks, and the rational argument to support each concept.  In this way, readers actually LEARN the concept.  In other words, I wanted to walk the Agile talk by providing just enough information, in easy to understand chunks, so that the concepts on each page would be DONE when you turned the page.

How specifically can your book help an organization; an individual?

A:  Having a common glossary of terms, or shared understanding of concepts, is central to smooth operations.  We all think we think the same, but often discover we don’t – at inopportune times. The Agile ABC Book gives everyone a common-understanding from which to start.  What’s more, the How to Use this Book section provides a workshop format for teams to practice Agile meetings, where they can further explore their mutual interpretation of any one of the 100 concepts.  This guides them toward creating their own Action Plan for improvement.

How does it help specific IT areas or individuals?  And conversely, what are the perils in not following a proper Agile agenda, or a poor one?

A:  Management might be interested in the cultural implications of doing work in an Agile way, yet may not really understand what stresses it will bring to bear on their typical operational structure.  The themes Why, Team, Quality and Greatness all speak to that cultural mindshift.  Other themes such as Whiteboards, Scrum and Information Radiators communicate more behavioral information.

What happens in some Agile adoptions is that very superficial and often modified, or incomplete, frameworks are put in place, that subsequently fail to deliver on the Agile promise of high productivity.  Agile simply doesn’t work if you pick and choose.  It would be as if you chose which bits to use when assembling a piece of furniture; it might end up looking good, but functionally it would be unsound.  It pains many Agile coaches and Agile consultants when the enterprise sets itself up for difficulties with this à la carte mentality. I provide a cohesive model of proper Agile that outlines the transformation agenda – a balanced diet, so-to-speak.

What does following your book’s principles mean beyond IT – that is; to business and related successes?

A:  Glad you ask that, Dave, because although Agile in general, and Scrum & XP in particular, are closely associated with IT, Agile also speaks to the business mind.  A CFO or a business manager can use A to XP as a primer in preparation for conversations with the technical folks.

One of the reasons the short proverbs and images work so well with the Agile concepts is that all of us, business people and engineers alike, have a basic understanding of these principles from life experience.  Let’s face it; people tend to overcomplicate things.  Granted, the technology we are using and the products we want to create can be complicated, but execution should be incremental, output should be cohesive and business value should be clear.  Everything has to fit together in a way that is flexible and sustainable.  Agile provides a conceptual language that does that.

What Agile is about at its core is GOOD DECISION MAKING PRACTICES – and my book speaks to this.  It’s about seeing the forest and the trees… the greater picture, the long-range implications, along with the pragmatic step-by-step work that needs to be done.  It’s about aligning strategy with tactics… but it’s about more… it’s about Value Driven Leadership and Respect for the Individual.

Well thank you Karen, for “being” here with us today – is there a nice summary you’d like to wrap with?

A:  I’d like to say that if you’d like a “Cliff Notes” version of Agile, if you want something that you can actually use, even on-the-fly, to spark meaningful conversations with your colleagues, if you need help in your Agile Adoption or Agile Transformation so that you make better collaborative decisions, then get multiple copies of A to XP and use them to develop your, and your organization’s, literacy. This is a book that is meant to be used.

Thank you Karen:  Today’s guest has been Karen Spencer, author of A to XP: The Agile ABC Book (ISBN: 978-0-9883358-0-6) available at Agile Kindergarten.

“I’d just like to say that tomorrow is my brother’s birthday. Lieutenant Colonel John Smith, of Oshkosh, Maryland is 50 years old.”

It’s interesting to note that we have a fair amount of info for piecing together… identity theft:

Name
Rank
Date of Birth
City and State

If you think this is being a little paranoid, remember this saying: Just because you’re paranoid, it doesn’t mean no one is out to get you. The real trouble here is the efficiency involved. It’s one thing to mention this information to a small group of people – perhaps some of whom you don’t know well. It’s quite another to divulge this information nationally, to millions of people (and that is this particular show’s audience numbers).

With a little diligence, an identity thief can cruise past this person’s mailbox, and steal even more critical identifying information. As a start, the info above is enough of a foundation to make that cruise a good investment in time. Also, “spoofing” then becomes more easily leveraged; the contact of this person, either via e-mail, USPS mail, or even in person.  One example is a spoof whereby someone poses as the representative of a veteran’s organization, and asks to “verify” information:

“Hello Colonel Smith, we have your city and state as Oshkosh, Maryland – is that correct?  Thank you.  We also have your date of birth as 12/16/62 – is that correct?  Would you please provide your Social Security Number for verification?  Thank you Sir.”  You get the idea.  It happens quite frequently.

The newscaster could have said, merely, “I’d like to wish my brother a Happy Birthday… tomorrow is his birthday” – and left it at that. However, if it were me, I would say nothing. In the first place, a national news audience doesn’t particularly care, and while the mention “on air” might please his brother, it’s really not worth it. It’s not that big a deal in personal terms – being that it’s likely that a phone call will be made (or can be made, in lieu of the on air greeting) later.

It’s time to think very carefully about what you do: What you reveal; to whom; where; and when (are others nearby who can overhear? Online – are systems truly secure?).

In divulging personal information, regardless of the reason, always ask yourself:  Is this something that I have to provide? If it is truly necessary, is this the superior way to do it?

What this newscaster did is fine… for the ‘50s, ‘60s, ‘70s… etc. – maybe. But in today’s times?

NO. WAY.  Be careful out there.

Or perhaps you’ve wanted to be an investor yourself:  Getting in early, when the gettin’s good.  A relatively small investment, with big payouts to come once a company or idea really takes off.

But again, perhaps you’ve lacked what you considered to be the necessary capital.

Well, the opportunities for everyday people, investors large and small, are changing due to the phenomenon of crowdfunding.

Crowdfunding of sorts has been around forever.  Whenever groups of people contribute to a common cause – whether a business startup, political campaign, building fund, or a healthcare endeavor for a sick friend or acquaintance, for example – we’re leveraging the strength of numbers (the crowd), in garnering small, but powerful, accumulations of resources.  In many cases, we not only “fund” with money, but also with other resources:  Time; attention; focus; and work.

However, with today’s buzzword branding of “crowdfunding,” we’re speaking of equity-based funding:  contributing to a company’s start, with you the funder, subsequently owning a small piece of that company.

“Funding Portals” provide a rich dynamic whereby potential investors can find and begin partnerships with entrepreneurs – websites and related entities already exist, and more are coming.  However, recognize that the Securities and Exchange Commission (SEC) will be regulating these portals, as well as activity within crowdfunding – in protection to both investor and startups.  Much of the legislation is contained in the JOBS Act (Jumpstart Our Business Startups Act), of April 2012.  However, also recognize that the area of crowdfunding is in a relative flux, and due diligence in this area will remain challenging as further legislation and changes manifest themselves.

When considering crowdfunding, whether as pitchman/woman or potential investor, recognize that crowdfunding is undertaken for more than equity.  You may see a startup idea that is poised to deliver something to market that you’ve been waiting for, or just have a vested interest in, by virtue of the fact that you’ll use it to good advantage:  “Why hasn’t someone invented a way to _______?”  “Why can’t someone invent something that _________?”  Now you can help bring a certain something to market, and capture its best use to your own advantage – whether for personal pursuits or as a business lever.

Crowdfunding is a great way to uncover ideas that, ‘till now, may have been hidden.  Consider:  The Wright Brothers invented the airplane by virtue of their knowledge, intelligence, and perseverance – same for Edison and his light bulb and myriad other inventions; but they also had the means, and the time.  How many people, 50 years prior, 100 years prior, had valid ideas, of all sorts, but lacked the resources to develop them?  How many sparks of ideas self-extinguished because the intelligent people behind them spent their days tied to more mundane work – perhaps plowing a field all day in bringing food to their family’s table – unable to climb into a position to devote time to development… and delivery?

Given the leverage of today’s social media, and funding portals, we can say:

Get ready for a big change…

IT security in any realm involves logical security and physical security.  Logical security is the integrity of data (content), precision of associated processing, and the delivery of coherent, accurate, content.  In other words, data that reflects reality; data that does not mislead or distort various actuals by virtue of distortion/errors of input, process, and output.

Physical security is such things as locked doors on computer rooms.  It’s the safety and surety of infrastructure; protection against overheating, for example.  Physical security is often mundane; don’t set your coffee on a server, for example.

Mobile is especially vulnerable within the realm of physical security.  Devices are constantly transported, their owners on the go, and they can be lost or stolen.  Ensure that users make immediate reportage of loss or theft.  Consider strong encryption, as any content risks exposure.

As to logical security, determine whether users access organizational resources via a virtual-private-network (VPN), or the internet.  Also, ensure strong malware protections are emplaced on devices.

In BYOD environments, that last is especially important:  It’s hard to know where users will be surfing, and what manner of personal downloads will be transpiring.  Regularized scanning for viruses, malware, and unauthorized intrusions is imperative.

[Please see Part I and Part II of this series if you haven’t yet]

Let’s discuss some specifics in determining whether your IT structure is optimal, and if not, how to get it on the right footing.  Essentially, you should be able to perform a review according to the simple model below.  You can extend and apply this view to your own organization’s IT structure.  Look for any misplaced work, gaps, uneven distribution of load, and general inefficiencies.

¨      Assess current positions by relevancy and number.

¨      Match your positions to standard “field definitions.”

¨      Eliminate, add, combine, or separate positions as necessary.

¨      Adjust individual positions as necessary.

¨      Redistribute work as necessary.

¨      Ensure a balanced load.

Let’s take a more detailed look at each of these:

Assessing current positions by relevancy and number:  Positions should be surveyed against organizational needs, and against the positions’ standings against standard field definitions.

You, or someone prior, may have apportioned specific duties and loads based on something other than an optimal structure for your particular organization.  Often times the original reasons for distributions of effort no longer apply – if they ever really did.  It’s important to fix any imbalances and inequities.  Compounding problems can sneak up on an organization over time.  Not only do the internal requirements change: the outside field of IT itself evolves around you.  Coming will be new scales of computer hardware and architecture, supporting ever more powerful software applications; new leveraging of the Cloud; entirely new focuses and disciplines.  Evolving supports and disciplines are not only enabling, they establish dependency and vulnerability, and therefore burdens of support.  Too, other equipment or products may reduce or otherwise shift burdens.

As the climate of business changes, your organization’s burden in meeting outside expectations can change radically.  Your environment will need new scales of skill, talent, and imagination in maintaining your environment.  There will be an immediacy that makes new demands of Business – and thus Business’ demands of Technology.  We’ve mentioned the Five-Year Plan in these regards – it should have a template item regarding your evolving burden and type of work, and its influence on your positions and support posture.  You’ll then have a proactive collection of salient facts, coming into sharper relief as the years click forward, and you’ll be less reactive and far better situated to make necessary job and position changes. 

Match your positions to standard IT definitions:  Try to keep your position descriptions within the bounds of accepted IT standard job definitions.  This creates efficiencies in managing and supporting your IT environment and business environment.  It also lends to efficiencies in managing the structures of jobs themselves, and the people in them.  You have ready reference on the Internet to a variety of job descriptions for known job categories, and these can serve as your templates as you fine-tune your own internal job descriptions.  You’ll also have ready access to the standards to which these jobs should be performed – and, you’ll have matching professional training resources for when you need to send people to training.  Too, it becomes easier to replace people as they exit the organization, or move up.  Interviewing candidates for positions is far easier when your positions adhere to known, “industry”, standards.  Staffing is a smooth, efficient, process.  In the modern organization, this must be a tenet:  That which can be routine, must be made routine.  Anything less is inefficient, and therefore, expensive.

The positions should fit together like puzzle pieces to create a seamless structure of support to the Business environment.  Over time, you may start to experience gaps between the pieces (the positions); that’s when you determine the correct course of action to close the gaps (to cover the new area[s] of support):  either through assignment of the work to an existing position, creation of a new position, or the determination that the work belongs in the Business sphere. 

Add, eliminate, combine, or separate positions/duties as necessary.  Take a careful look at each position in IT.  Compare the described duties within each position with standard job definitions.  Many of us have seen network managers who were performing programming on behalf of programmers, seen HelpDesk technicians tuning databases, seen programmers performing HelpDesk calls – not as an overlapping backup between positions, but as a matter of routine. 

A lot of times this happens because individuals within the user body start to develop “favorites” – people whom they prefer for support.  This favoring is independent of what a support person is supposed to be doing in the larger sense, and may mean that the support person has to dig for details or knowledge that are already known by the appropriate support person.  It’s tempting to go to your favorite IT person with every request, whether that person is the primary responder for the type of assistance you’re seeking or not.  This can exert a slow gravitational pull, whereby everyone in IT begins to assume a “jack of all trades, master of none” kind of posture.  SMB are particularly vulnerable here.

Business leaders should help to ensure that calls for help by staff are made through the appropriate avenue.  They should call a HelpDesk number, as opposed to specific individuals, and the HelpDesk can dispatch appropriate help, or escalate the issue as necessary.  The IT leader has to fully explain the process to Business, and the IT leader has to enforce the discipline necessary to ensure an efficient use of support resources. 

At the same time, work may be flowing against the grain of your position definitions for very valid reasons.  Work may actually be settling into a correct alignment, but across the lines of positions (even departments on occasion).  You may very well determine that the manner and flow of work needs to be codified as it is, with new position descriptions that reflect the correct order of things as they already informally stand.  As necessary, get the primary responsibilities where they belong, and defined correctly, so as to manage, document, acknowledge and reward people properly.  This will become increasingly important as each job position takes on new responsibilities within its specific scope.  I aids in planning the future of the position, in seeking better cost efficiency, in contributing to security, and so on.

There does need to be an effective overlap of some knowledge between jobs, obviously – but not to the point of diminished returns and inefficient redundancies. 

We’ll wrap up in the next article.

NP:  I Remember You, Coleman Hawkins, jazz24.org.

Not to sound too forward-thinking, but McAfee just released an interesting report:  In the Dark:  Crucial Industries Confront Cyberattacks.

It’s rather amazing that whole industries, as well as the entities that populate those industries – large, medium and small business – are lagging in the face of crucial threats.

Those threats not only comprise cyber war, cyber attack, and even “inside jobs” mounted by dissatisfied employees, or preventable breaching incidents manifested through human error, but also enterprises face peril from large-scale threats to infrastructure as manifested by terror attack or destructive weather events.

Consider a pre-Katrina business in New Orleans.  Yep – be sure to lock those doors, set the nightly backup, and while we’re at it, let’s minimize all the single-points-of-failure elements we can…  In the meantime, all that care and concern – and business –  washed away in the comprehensibility of a flood  because no one heeded the warnings about under-spec’d levies.

What of sole-proprietorships?  Given all the tornados in the mid-West at the moment, what is a prudent plan for business continuity if the house blows away?  Life does go on… and so must business.

I felt the gap between awareness for potential of large-scale bad events (both internally sourced, and external), and solid security postures, even in Fortune100 environments.  Here, you might expect best awareness and allied practices, but no:  Often, the business element, IT’s governance, would be unwilling to engage, and then only grudgingly make budget available for the thinnest of security standings for recoveries.  It was a vulnerable feeling, I must tell you.

I like to think that I’m a little ahead of the pack.  In the last chapter of I.T. Wars:  Managing the Business-Technology Weave in the New Millennium (Ch:  What’s at Stake) I discuss large perils to enterprises, and what the “local” organization (that is, yours) should begin to think about doing.  I propose regional BizSec teams (business security), comprised of leading minds from a variety of regional organizations.  Solutions always start with discussion by proactive people…

It’s something to think about doing in this, still, new millennium.  Stay safe!

NP:  Blue Rondo à la Turk.  Jazz24.org.  Brubeck – ‘nuff said.

I’ve struck a nerve in this discussion of content, (WikiLeaks:  Lessons of Content and Its Management for the Organization) judging by some e-mails I’ve received.  I know there are a number of IT leaders who struggle with their organization’s lax attitude regarding content control.  Let’s keep this discussion rolling…

Beyond mere accountability, however, the modern and evolving discipline of managed content is more sophisticated and powerful than anything previously established.  Beyond “Wiki-proof,” we make content searchable and relevant to people in powerful new ways, in support of projects and disciplines within the organization. 

We find supporting and illuminating relationships between existing content that were previously hidden because there was no way to find or readily expose these relationships.  We see new clues regarding markets, customers, products, services, trends, activities, and risks.  As importantly, when new content is developed, we want to automate the assignment of key information fields to it so as to make this new content a part of our leveraged information assets. 

Instead of being buried under an explosion of content, we explode content to splay its purpose, relevancy and value.  We then snap content together with other content to form a completed picture.

Imagine this: a scrambled jigsaw puzzle where the pieces reside in various departments, in various physical locations – perhaps all around the world – with individuals and groups working the various pieces in some measure of ignorance for the efforts and work of others.  We now connect all the pieces with an interwoven thread.  The thread guards against loss, and identifies puzzle pieces as relating to each other, among other things.  On demand, an authority pulls a master thread, and all the pieces come together to form as complete a picture as the moment allows: not part of a picture, not a picture with missing pieces, not a picture that requires recreation of missing parts that had already been created – but a 100% collection of parts with corresponding context and fit to the other parts. 

Exciting?  Yes – and the smart organization understands the value in this; implements, supports, protects, and rides the heck out of it.

Tomorrow:  We continue.

NP:  Brubeck.  Time Out.  Vinyl.  Thorens TD-125.

[Note:  You may wish to see Velocity of Risk prior to reading this post]

Recently, a colleague was crafting policy at a satellite organization.  In other words, it was subordinate to a parent organization.  This was not a case of one specific type of company owning another type of company, of a wholly different mission and set of products and services (albeit a common enough occurrence).  This was like-companies providing the same product and service set, but having robust business operations in different physical locations, and one reporting to the higher headquarters.  Futher, headquarters published most policy, with minimal room for local influences or accommodations.

Interestingly enough, the satellite wanted specific policy that was further-reaching than the higher headquarters’ policy.  It involved security.  My colleague was careful to consider that any policy crafted, as a draft, should not violate the “trunk” of the headquarters’ policy.  Further, any additional security measures should be “greenlighted” by headquarters.

And, of course, any satellite policy would have to be approved by the headquarters, wouldn’t it?  “Yes,” replied this IT leader.  Through careful query, I was able to determine that the IT leader felt a liability in his particular environment due to lagging policy on behalf of headquarters, and headquarters’ guidance.  It was his intent to await the next regularized meeting with headquarters to lobby for his local institution of what he felt his superior policy to be.

Absent approval, he at least had a policy that, in the event of a breach or bad outcome, he could pull from a drawer.  Ah ha!  Look what I wanted to do! 

This represents a divide in communication on a couple levels.  1)  He should have called his boss upon completion of the policy.  If the policy had merit, and if he can communicate effectively, he should suggest that the robust policy supplant, or be used to infuse, the headquarters policy for update, with subsequent distribution to the satellites.

Minimally, headquarters should look anew at all security measures:  Solicit input from all satellites.  Collect and evaluate.  Use the occasion to bolster the central headquarters security policies, and distribute.  Consider a degree of local freedom in allowing satellites to make proper adherence of policy to local liabilities and allied protections – all with full knowledge and approval of headquarters, of course.

Why wait?  Velocity is now associated with risk.  Risk does not wait. 

November 4^th:  On this day in 1939, the first air-conditioned automobile was exhibited in Chicago, Illinois.