Harvard Business Review published an article this week about how boards can prepare for unexpected calamities such as pandemics, natural disasters or cyber-attacks. The authors provided a three-pronged approach for dealing with both true black swan events as well as the more common black elephants (a low probability significant threat which leaders are aware of but don't wish to address proactively). While the strategies provided apply to board members who are looking after the health of their companies, after reading the article I felt they could be adapted to apply to projects as well.
Boards play a key governance role in the successful running of companies. Steering committees play a similar role when it comes to projects. A common mandate for a steering committee is to help guide projects in the right direction by providing ongoing support to the sponsor and project manager. Some steering committees merely play an advisory function whereas others might be more directive. If the sponsor or key risk owners are ignoring looming threats, the steering committee could push them to do more and can encourage these stakeholders to take a more proactive stance. Steering committees can ask these stakeholders the tough questions which project managers or team members might be afraid to ask. To do this, committees need to be staffed with a diverse group of leaders.
Boards are often actively involved in the succession planning process for leadership positions, helping to cue up the best candidates for key leadership roles. Executive teams can play a similar role with projects by identifying who possesses the right risk appetite to be the best sponsor for a project. They can also plan for the future by creating leadership development programs incorporating effective risk management lessons. And, capacity permitting, they can act as mentors for senior stakeholders on critical projects, helping those leaders to plan for the threats they'd rather not think about.
The article also recommends that boards can design or adjust leadership compensation programs to compensate leaders for taking steps which will protect the company from unplanned disruptions. These programs can also be tuned to penalize leaders who prioritize personal short term gains over long term organizational resilience. The same ideas can be used when defining performance plans for sponsors and other key senior project stakeholders. Incorporating project success within the performance plans for these leaders is a good start, but ensuring that the measures also assess how the leaders are going about ensuring success and what they are actively doing to protect against threats is equally important.
The authors close the article by reminding us that building up organizational resilience is a long game. If senior leaders fail to plan for black swans and elephants they will plan to fail when those are realized.
It would be an understatement to say that project managers have had to deal with a lot of change this year. Projects have had their budgets vastly reduced or been cancelled outright, and remote work has become the norm rather than the exception. We are still far from the end of the pandemic, but in those areas where they have successfully flattened their first waves, some companies are starting to encourage their staff to return to the office.
For PMs who now have to adjust to being in the office with their team members, things are not as simple as winding the clock back a half-year or so. They will face a number of challenges including:
So how can a PM prepare for the transition and what should they do once they get back?
When the pandemic hit, many project teams were caught off guard. Project managers should heed the adage "Fool me once, shame on you. Fool me twice, shame on me".
Scott Adams does a good job above of illustrating one of the many perils of low levels of psychological safety within a team. Dilbert is trying to raise reasonable doubts with his leader, the Pointy-Haired Boss, but his concerns are met with the threat of losing his job. How likely is it that Dilbert will raise such concerns in the future?
While this scenario has been dramatized for comedy purposes, it sometimes ends with tragic results. In those cases, lives are lost and the post-incident investigations often reveal systemic repression of raising any information which would refute established plans. The March 1977 collision of two Boeing 747 jumbo jets in the Canary Islands is a textbook case of what can happen when staff don't feel safe challenging assumptions.
But most of us don't find ourselves in situations where sticking with the wrong plan will result in loss of life or limb. However, there can still be negative impacts including:
Invalid assumptions are often a source of risk which is why assumptions analysis can be an effective method of identifying project risks.
If assumptions remain unstated because team members don't feel comfortable sharing them, the team loses the opportunity to challenge those assumptions. When they don't feel safe, team members will keep their concerns to themselves, valuing short-term security over long-term benefits. And if the risks are realized, they are likely to say something to the effect of "But they never listen to us" or "I was worried about losing my job".
On the other hand, when the members of a team feel safe, they are less likely to worry about the short-term negative impacts of having made a mistake and will be comfortable proactively speaking up when they are making an assumption about something. That provides an opportunity for the rest of the team to assess the assumption and identify any risks associated with that assumption being invalid. Then, if the severity of the risk is sufficiently grave, they can define when that assumption should be verified and even have a contingency plan to implement if that assumption is proven to be invalid.
But sometimes the assumptions being made are not ours.
In the Dilbert cartoon, the invalid planning assumptions are those of the Pointy-Haired Boss's. Another benefit of a team operating at a high level of psychological safety is that the team members are more likely to challenge their leaders when those leaders have made faulty assumptions. While that is helpful to the project, getting such feedback in an honest, timely fashion will also help the leaders' decision-making to improve.
Silence doesn't create project and organizational safety, it erodes it.
Articles have been written about the importance of doing just enough planning to develop confidence in what we are proposing to do as well as the perils of either too much or too little planning.
But even a good enough plan can become obsolete at some point and we need the wisdom to know when it is time to jettison it.
A common portfolio management anti-pattern is the inability of gatekeepers to terminate low value projects in a timely manner. There are many causes for this, but one is the inability to easily write off project sunk costs. The same can be said of plans - some teams and especially their leaders can become so enamored with their plans that their confirmation biases cause them to ignore clear evidence that those plans are no longer valid.
So what are some signs that a project plan needs to be punted?
But is it sufficient for us to recognize that a plan is no longer valid? No, because this realization needs to be effectively communicated in a timely manner such that a new plan can be formulated. Doing this requires not only courage but also a sufficient level of psychological safety within the team to reduce the likelihood of team members choosing short-term conflict avoidance over long-term pain. Naohiro Masuda's management of the crisis at the Fukashima Daini nuclear plant in March 2011 provides a good example of how leaders might behave when planning under pressure.
Planning is essential, the value of plans is ephemeral, so let's treat them that way!
I'll admit to being hyperbolic with the title of this article, but a question posed today in one of the project management LinkedIn discussion groups managed to sidetrack what I was intending to write about this week. The author asked what needs to be considered when planning risk responses. The majority of the answers offered focused on characteristics of the individual risks themselves such as their probability, impact, ability to be responded to and so on.
But what we should consider is not just the specifics of a risk but also the context in which that risk exists. Enterprise environmental factors will also affect not just the nature of risk responses but also their effectiveness, and one of the more significant ones is risk appetite.The PMBOK Guide®, Sixth Edition defines risk appetite as the "degree of uncertainty an organization or individual is willing to accept in anticipation of a reward". This definition acknowledges that appetite should be considered from the perspective of multiple stakeholders and not just that of the project team or sponsor.
Stakeholders with a low appetite for a particular type of risk might influence a stronger risk response than is warranted which can impact efficiency. Those with a higher appetite can reduce the effectiveness of the overall project risk management approach. As with so much else in project management, the Goldilocks principle applies to risk response.
Risks can be positive or negative, but risk appetite usually has a greater influence on how we handle threats rather than opportunities. The exception are cases where the realization of an opportunity generates secondary negative risks.
Companies operating in risk-driven industries such as financial services are more likely to have appetite statements defined organization-wide. Such statements can help governance staff to define policies and to provide practitioners with clear examples of the types of risk which might be passively accepted and which ones should be actively managed. However there remains a degree of subjectivity when it comes to risk based on one's own biases, and with ever increasing project complexity and uncertainty, such statements can only go so far in creating consistency.
One way to address this is for a project manager to facilitate a risk response guidelines workshop with key stakeholders early in the life of the project. Take each of the project's constraints and success criteria, define a range of outcomes for those based on the impact of a risk event and ask stakeholders which risk response (e.g. mitigate, transfer, avoid, accept, escalate) should be utilized for each potential outcome. Not only might this help to create some consistency in practice but it would also provide the project manager with insights about the relative biases of each stakeholder to different types of risk. This information can then be captured in the Risk Management Plan.
Finally when it comes to managing risks over the life of a project, it is important to remember that stakeholders' risk appetite will change.
“But doth not the appetite alter? A man loves the meat in his youth that he cannot endure in his age.” - Shakespeare, 'Much Ado About Nothing'