Did you watch the TEDx talk I linked in the last post? How did you go thinking about your purpose?
Why you get up each day to work in BC,
why you do what you do –
and why anybody should care?
As Simon Sinek says repeatedly in that video …
“People don’t buy what you do, they buy why you do it.”
If Executives are not buying perhaps we need to stop trying to sell the ‘what’ and the ‘how’ parts. Perhaps it is simply that BC folks are poor at sales and marketing.
Lets continue this review of different prescriptions for future practice starting with an offering from 2009.
In the December 2009 issue of Continuity Magazine (the linked content won’t work on an iOS device) the cover article is “The multi-purpose BCM manager” written by Rick Cudworth and Chris Apps. The article questions whether business continuity is doing enough to attract the right talent and skills to grow into the resilience sphere.
The #1 skill they list that will be needed for this future practitioner is “Communicating and influencing”. Which we might also read as being able to sell and market our purpose!
Cudworth and Apps saw this skill area as critical to establishing a new role as “trusted business partners and facilitators”.
Next they flagged the need for broader technical knowledge. As they didn’t see the future as being simply the “compliance police” it was critical that practitioners have better knowledge in key technical areas such as Security, IT and Info Sec.
Yes, you read that correctly they said future BC practitioners need a better grasp of IT!
Imagine if that 2009 advice was followed, the contribution that BC practitioners could make to Cyber threat today.
Interesting segue, the next one speaks to “sound analytical judgement”. This isn’t actually talking about people making bad professional development decisions, it had to do with being able to deal with ambiguity and that no universally applicable standards could apply.
They round out their skills audit by including being a “Jack of All Trades” highlighting that it was unlikely that any one person would possess all the skills – and again lamenting the decline in IT expertise given the increasing technical complexity of the IT domain.
And finally they flagged Project and Programme Management. This was about using these disciplines to deliver BC, again bringing in other established management skills into the practice. One way to improve on the over promise and under deliver risk that Lyndon flagged in his ‘New Dawn’ article.
Overall they felt the future was bright. I wonder how they would look at it today?
Sure we have bright young things coming in – but I am not sure we are doing much to retain them. Rather than collaborate with and include these wider management skills, too often they seem to be redefined as having a different flavour when applied within BC. And, of course, we still have those 30 year old ‘past practices’.
Two of the last three winners of “BC Newcomer of the Year” have already moved on to other fields. You can hear one of them tell his story in this podcast.
Fast forward 2 years to 2011. Luc Klein challenged us to consider “Is Business Continuity Management a Misnomer?” and that article came with the subtitle “Business Continuity Management at the Crossroads”.
Like the articles from Nat and Tim I cited in the last part, Luc flags that contemporary BC practice was best described as “Operations Continuity” and then only intended for use in response to a major incident or disruption. It was based on 4 types of plan;
- Crisis Management
- Emergency Response
- Business Continuity
- Disaster Recovery
BC is argued to be difficult to understand as it grew out of IT DR (and is often confused for that, still being an IT problem), practitioners are often unable to make a business case for resources as the ROI is poorly defined and finally the Global Financial Crisis meant Executives were becoming acutely aware of the things that might stop their businesses continuing – and BCM didn’t address them.
Luc compares Enterprise Risk Management (a top down discipline that spans all areas of strategic and operational risks, and considers both the cause and consequence) with Business Continuity (a bottom up discipline that only covers the operational area, and only considers consequences).
The choice for the future was to rename to Operational Continuity and keep doing current practice, or expand the remit and embrace broader risks areas. Perhaps making the practice more interesting for many. A big risk factor seemed to be the disconnect between the conversations about this inside the BC discipline, compared to those being conducted outside the discipline.
To a large extent Luc’s risk has been realised, for many that broader risk awareness practice is becoming labelled as Resilience. Remarkable how there is a great desire to make it only about “Operational Resilience” already.
Many see the focus on the idea of resilience, rather than response & recovery, as a reaction to the greater degree of uncertainty in the modern world. Uncertainty that is fuelled by increasing volatility and complexity in our environments.
In 2015 Geary Sikich published an article entitled “Is it time to rethink business continuity”. Again this article presents the BC contrast to ERM that Luc used.
More importantly it flags that complexity must trigger a rethinking of many of the paradigms that the BC practice is based upon. In effect engineering thinking and metaphors require mathematical solutions and certainty in order to be relevant.
In a world of uncertainty and complexity, where cause and effect are not always clearly evident, perhaps we need a different science. An issue that I also explored in “A Fork in the Road” with the following example;
“Consider the recent, ongoing, economic crises.
How could this occur when organisations have invested so heavily in ‘Best Practice’ and quality management systems? Nobody set this outcome in their vision statement or goals; nobody did a gap analysis, deﬁned this as the desired future state and steered their organisation to this result.
There is surely a contradiction between the model of management that asserts Executives choose a vision/destination and exert control over direction and the variable outcomes we observe.”
New skills and new science as prescriptions for the future, or is that the present?
These days my main interest at conferences is promoting wider skills – not the narrow “science” of response and recovery planning.
Perhaps I should add another ingredient into the ‘new’ mix, new risks and threats. If we want to be considered strategic and relevant then we need to be focussed on more than the Low Probability events. Remember Simon Sinek’s comment;
“What you do simply serves as the proof of what you believe.”
Worth remembering that Martin Luther King is remembered for the “I have a dream speech”. I would imagine the “I have a detailed plan” speech, or my personal favourite the “I will soon be publishing an ISO” speech would not have had the same impact.
Some very short homework, a 3 minute video by Dave Snowden explaining the idea of Complex Systems in terms of a Children’s Party and a 2001 blog post that provides an introduction to Snowden’s Cynefin Framework.