A Business Technology Place

More or Less?

Truth.

There will always be more work to do than is possible to accomplish by my team.

Think more. Whine less.

Earlier this year I penned some thoughts about thinking through resource contention, Do more with what you have!, because I was looking for better ways to address resource contention than to simply say more people are needed. Getting stuff done is as much a mindset as it is a collection of work output. I’ve learned that when I am overwhelmed with size of the backlog of tasks then the frequency of my output decreases.

In the book, ReWork,  Fried and Hansson address the value of staying lean with less,

“I don’t have enough time/money/people/experience.” Stop whining. Less is a good thing. Constraints are advantages in disguise. Limited resources force you to make do with what you’ve got. There’s no room for waste. And that forces you to be creative. “

Do I believe that? The words do inspire me to look at my backlog through a different set of lenses. One thing I know is this. If I’m able to produce consistent output that adds value to the customer and mission of my team then conversations about the priority of the backlog are easier.

In the book Blue Ocean Strategy, Kim and Mauborgne say it this way,

“instead of getting more resources, tipping point leaders concentrate on multiplying the value of the resources they have.”

The Theory of Constraints management paradigm teaches us to first find the constraint within a process and then to exploit the constraint by shifting resources, managing work queues, and possibly adding capacity. With this lense, value is unlocked by first examining the underlying process instead of trying to add more people.

More or less?

As I sit writing this, I’m led to these conclusions:

More is contentment with less because having less allows me to get more done.

Less is obsession about more, because having more often leads to getting less done.

Onward and upward!

JIT Action Items for the Office Worker

Just in time.

Picture this. You are reviewing a list of tasks that was assigned to colleagues in your business. You remind one of the task owners their action item is due tomorrow and they respond, “I have it on my list, but I’m operating just-in-time.”

This happened to me recently. The word choice “just in time” (JIT) is from a Lean concept in which production output is managed by when the customer requests delivery rather than when the producer can complete the task. Most office workers today don’t match-up their behavior with Lean Principles. But even if you aren’t a Lean practitioner, there is tangible value to considering the JIT approach.   One of the primary goals of JIT is to eliminate waste by not working or storing excess inventory. For this blog post, I’m writing about assignments, tasks, and action items for office personnel. Think of excess inventory as assignments that are completed but never used or maybe action items that are started but never finished. That is considered waste and our time is too valuable to spend it producing work that doesn’t add value for the customer.

Three ways to structure a task list for JIT delivery in the office:

1. Purge non-value added activities.

 

 

So often we spend our time prioritizing tasks to stack rank them for the order they should be worked. With ‘Lean’ thinking the first question should be “do the results of this activity add value for the customer or is it a necessary non-value added activity?” (i.e. compliance task). My experience with tasks prioritized low is over time they eventually fall off the list because they are no longer needed. This most often means it was never a value added activity and just clutter on the backlog (unnecessary inventory). It’s a good idea to review the backlog of tasks on some recurring interval to purge non-value added activities.

2. Group items into buckets already covered by standard work activities.

 

 

Some action items may fit into already established recurring work activities where standards and time allotments exist. If that is the case, then it’s not necessary to create additional time for one-off production of work output. An example of this recently happened to me. A compliance control required the review of at-risk vendors and documentation of the results. I already had time assigned on my calendar for a quarterly review of security and risk related items as part of a security committee agenda. Rather than add a new task for myself, this compliance control was added a responsibility of the Security and Risk Committee. The concept for this idea is to examine recurring activities already part of standard routines. Some assigned tasks may naturally fall into those routines and intervals.

3. Use a calendar of due dates to help with priority sequencing.

 

 

Putting due dates for action items on a calendar provides several nice features for structuring work. It enables the ability to preview the calendar for upcoming work (Daily or Weekly) which triggers work execution. The concept of JIT relies on keeping inventory of unused work at a minimum. With this thought in mind, try to avoid having active progress on work that isn’t due because it may take away time from working on tasks that are due.  The challenge with this method is estimating how long a task will take to complete and being able to work through unplanned interruptions.


So being a JIT employee isn’t quite like being a Jedi employee. But then again, if you can consistently deliver action items in the expected time frame, it won’t take long to reach Jedi status in your office.

Onward and upward!

Photo Credit: Philip West via Creative Commons.

Revisiting – What are you known for?

Deja Vu

I recorded a few rambling thoughts one day after work this week. That’s how many of my blog posts originate. Things happen through the course of a day that stick with me into the evening. When I jot down my thoughts, I see interactions with people, process observations, desires for a better solutions, and things I want to change.

This week I looked over my notes and thought, “What do I want to be known for?” It’s a question I knew I had asked myself in the past. Three years ago, I wrote a post entitled What are you known for?  In that post I expressed my desire to be known more for providing solutions over following processes. I’m a practitioner of following processes, but the process itself isn’t bigger than the results it provides.

Dr. No

Fast forward to today. The Information Technology landscape is increasingly burdened with applying more security and availability controls to keep customers data safe and to achieve compliance with standards. But compliance is never convenient. The IT guy is caught in the cross hairs of a battle between making the work environment more secure and the extra burden it places on other employees. Burden in this context means restrictions. Lots of them.  

Traditionally, IT has been known as Dr. No. There are restrictions on what hardware employees can use and what software they can install; Internet sites are blocked, software can’t be downloaded, etc. This is the seed that birthed Shadow IT where departments arrange and install software outside the approvals and processes of their local IT group.

A better way

I’ve had too many experiences in my career watching people telling someone else they can’t do something for one reason or another. It’s not only frustrating; it drains the energy and motivation of those involved.

But it doesn’t have to be this way in every situation.

A better partner explains the constraints of the problem and solution. Instead of ending a discussion with ‘no’, he or she will offer alternatives for a solution.

 

“We can’t do that for you, but what we can do is this…..”

“That’s not possible, but I know a way that is….”

“We are prohibited by policy/contract/compliance control from doing that, but there a few different ways to accomplish something similar….”

 

Of course, the person on the receiving end has to be able to compromise and think about the solution in different way as well. It takes two to make the partnership happen.

If you are a solution provider, don’t stop at the word ‘no’.

If you are a solution receiver, be open to alternative ways of doing things.

What do you want to be known for?

Onward and upward!

 

Level loading straight talk

Listen to the clues.

This week was not unlike many others. I had multiple conversations with colleagues about the amount of work expected of them. Common phrases include:

“We don’t have enough resources.”

“I’m overworked.”

“We are working hard, but are we working smart?”

“I’m drowning.”

“Are we working on the right things?”

“I plan my day with important activities, but then urgent activities take my time.”

Thoughtful answers to this classic dilemma usually involve some form of level loading to try to even-out and prioritize the work expected from employees. Last year I wrote about one technique my group uses to try to control the volume of input on our development team leads.  One the biggest challenges in controlling work inputs is a concept I call organizational entropy. I define organizational entropy as a measure of disorder or randomness by which work is created within a company.  This ultimately causes workers to be out of alignment.  The misalignment isn’t necessarily with organizational goals; rather it’s more so a timing alignment with other workers and expected delivery dates for projects.

It’s chaotic in the middle of it all.

A common scenario helps add color to my thought. Jane is a manager of a team that provides customer service functions. Jane is asked by HR to complete a new required training by a specific date. Jane is asked by a process improvement analyst to participate and own tasks in a customer service improvement project. Jane is asked by a Sales manager to participate in a project to onboard a new customer. Jane is asked by a compliance analyst to update a process because new compliance regulations require it. Jane is also asked by her manager to complete managerial and process tasks related to her day-to-day operational jobs. The chaos ensues when the due dates conflict with each other.

Unfortunately, situations like this are not uncommon. All the colleagues that asked Jane to complete work by a certain deadline do not know if their due dates overlap or cause conflict with Jane’s schedule (and truth be told, they usually only care about their project deadlines). So it’s very easy for Jane to quickly become over-tasked. If Jane is late on a task, then the project leader may escalate to management. Escalation does have a purpose, but it also can easily promote more organizational entropy.

How do we find relief?

There are no easy answers to this dilemma, but I have a few thoughts that may drive conversation between employees and managers to reach a better understanding of what is happening and to better load level expected work:

  1. Managers need to acknowledge the employee may have been asked to do more than is possible in a standard week. Seek more input from the employee, examine their workload. Ask for visibility to the situation in a tangible format. You can’t help level load and employee’s work for what you don’t see or acknowledge. This is the best way to help lead your employee and position them for success.
  2. The employee should provide visible proof of the situation and not just say “I’m overworked”.  This means listing tasks, requested due dates, and effort required to complete them. You can’t expect a manager to help level load your work unless you give them specific and actionable evidence. This isn’t a call to make excuses or place blame. It’s a call for an honest assessment of your situation and to make it visible.
  3. Time management techniques like the Eisenhower Method provide good tactical methods for organizing multiple tasks.
  4. As much as possible try to perform level loading before committing to new work. Over extending commitments creates more unmet deadlines, causes irritation with requestors and customers, and creates more process waste. But remember to use the tangible evidence when making your case.

Maybe this topic is proverbial elephant in the room for you and others. I don’t proclaim to have all the answers. But I’m wrestling with the concept and looking for ways to improve.

Onward and Upward!

Photo Credit: Graeme Newcomb via creative commons

Easier password rules

Somebody give these guys a high-five.
Finally. There is a glimmer of hope for resolution to the insanity that has become password complexity rules. The National Institute of Standards and Technology recently revised guidelines for password complexity. The prescribed password complexity recommendations are detailed in Appendix A – Strength of Memorized Secrets. The NIST findings not only acknowledge the impact to usability of the existing recommendations for complex password rules, but they reveal the impact to improved security is not significant. This will make you smile and is sure to get a round of applause from everyone. Here’s an excerpt:

“Humans, however, have only a limited ability to memorize complex, arbitrary secrets, so they often choose passwords that can be easily guessed. To address the resultant security concerns, online services have introduced rules in an effort to increase the complexity of these memorized secrets. The most notable form of these is composition rules, which require the user to choose passwords constructed using a mix of character types, such as at least one digit, uppercase letter, and symbol. However, analyses of breached password databases reveal that the benefit of such rules is not nearly as significant as initially thought [Policies], although the impact on usability and memorability is severe.”

The new advice is to consider the length of the password more important than the complexity. Shorter passwords are easier to break for computer programs. Longer passwords are more difficult to break after they have been encrypted and stored. The NIST acknowledges the over complex password rules we’ve been subjected to only enforce bad behavior when we strive to make the password easier to remember. In other words changing your password from “Password1!” to “Password2!” doesn’t really help the password to be more secure.

Randomly generated passwords are OK as long as they don’t create a usability hassle. Some users, like me, use a password vault tool that can randomly generate passwords to use with specific sites. Again, longer password length is better even when using random characters.

I looked at my accounts.
I used this guidance and examined three financial services sites where I have accounts. Here is a look at the current password complexity requirements from each site:

Site 1
At least 8 characters in length
Has at least one letter
Has at least one number

Site 2
Must contain 8 to 20 characters including one letter and one number.
May include the following characters: % & _ ? # = –
May not contain spaces

Site 3
Minimum of six characters
Must use a mix of letters, numbers, or symbols

The good news is I can use my random password generator to create passwords longer than say 8 characters. It’s no more work for me because I go to my password vault tool to retrieve passwords anyways. But even if you don’t use a password vault tool, you can make your password much more secure by creating a phrase that complies with the existing rules. For example: ILove2seemygrandmother would fit the requirements. It is easier to remember and more secure. Hopefully, the new guidelines will find a place with technology compliance and regulation and we’ll be able to more freely submit password phrases in the future.

Onward and upward!