Information Technology Reference
In-Depth Information
their upcoming CMMI assessment, we monitored any changes closely to
ensure we weren't damaging the Agile culture that had gotten them their
rapid growth and success so far.
Key to our success at BOND was a strategy I have referred to as
“
formalizing
informality.”
If something is working well, you don't have to change it for CMMI. How-
ever, you do have to document it so it can be taught and shared with others.
It might sound odd to say this, but you can formalize informality, and we did
it at BOND successfully. What I mean is if you have a process that works
such as a risk management process, but it is “informal” in certain ways, you
can teach what you do just like you do it, and document it just like you do it.
I have found there almost always seems to be a strong tendency by process
professionals to assume when working a process improvement effort, what
people currently are doing must be wrong if they have no formal docu-
mented processes. This view rests at the heart of why we often find in large
supposedly process mature organizations a large disconnect from what the
people actually do, and what their processes say they do.
An Example of Formalizing Informality: “Doorway” Risk
Management
Let me give you an example of formalizing informality. At BOND, one of the
reasons the company was so successful was because risk management was
an ingrained way of working. People lived risk management daily. When
they had a risk they were often in the doorway of a Senior Manager's office
strategizing the risk mitigation. They were doing it immediately, not waiting
until a formal risk management meeting. Because of this informality, they
were able to initiate risk mitigation almost instantly, thereby keeping poten-
tial risks from becoming real problems. Effective risk mitigation stood at the
heart of why this organization was successful.
Rather than try to add unnecessary paperwork to this process that was
already working effectively, we just described in the newly documented Risk
Management Process exactly what the expectations were of how risks were
identified, assessed, and categorized in the organization. We did add a small
degree of documentation that wasn't going on before by adding a risk slide
to the periodic senior management briefs, but we emphasized in the Risk
Management training the existing culture that was expected to continue to
effectively manage risks. We actually taught this informal “doorway risk
management” approach.
