Security
March 10, 2015

Architects, wordsmiths, parrots, duckers and naysayers

I wrote about accountability more than a year ago. Recently, a colleague whispered to me that it is time to write again. She heads a central procurement group; we work in quite different environments, and I was exploring how she does it, and the differences.

Talking about delegation of authority, she said that (quite contrary to my experience) in her organization the professional procurement people have no authority to sign contracts. It is the program managers who, having made the decision to spend money using procurement, have all of the authority – using, mind you, procurement processes and designs developed by the procurement pros.

Her striking words: “Why should I and my staff sign contracts? The last person who signs is the one who is accountable – why should I take that on?”

Why, indeed?

Most of us have worked with lengthy approval chains for many types of files. Each step in the chain has to “signed off” before the file can move forward, and at each step various people are almost certain to be encountered.

Meet the Architect, the reviewer who needs to interject personal perspective into the file. For construction contracts this is sometimes referred to (with varying degrees of bitterness) as the reviewer-wanting-to-become-the-architect. It does not matter whether this reviewer actually knows something about the file: simply by being higher in the chain the Architect feels qualified to opine about anything.

Do you know a Wordsmith? These people have supreme faith that their way of wording something is certainly better than the wording submitted to them. Interestingly, when a document moves through a number of approvals by multiple wordsmiths, with everyone making changes, the end result is often pretty much the same as the original text. More than that, the Wordsmith, having made his/her mark on the words, often glosses over the content altogether. Real value-added? I think not.

You may also encounter the Parrot, whose mantra is, “If good old Charlie signed off on this it must be OK”. Cries out for a bypass process.

How about the Ducker? This person actually starts off on the right foot, seeing issues to be resolved (risks, if you will) but for a number of reasons close both eyes and signs off. Yoda would say, “Helpful it is not.”

Then there is the Naysayer, who believes that his/her main role in the world is to say “no” to anything. Naysayers tend to be devious, because a constant stream of negativity would mark them as not being a team player, and could derail their steady progression toward Ultimate Placement (if that reference escapes you, read The Peter Principle, by Laurence J. Peter). What they do instead is find a whole bunch of nit-picky and non-substantive reasons why the file cannot progress. And when they see a file for the second time, they will often find more and bounce it back again. Double jeopardy – you lose.

There are others but these are sufficient to make my point. Any one of them in your approval chain will inevitably contribute little but delay and frustration to the process – more than one, and you will be pushing on a string.

Perhaps the greatest danger is that the people who are higher in the chain than these characters will assume that the signature they see, when finally affixed, means something relevant and useful, and will make their review and approval decisions accordingly. Unfortunately, the signature they take as due diligence may be not much more than confirmation that the bureaucratic process wrapped in red tape has been followed. Think, then, of the damage our cast of characters can do.

What does all of this have to do with accountability?

Let’s accept that the last person who signs is accountable, because if not, his/her signature is meaningless. This accountable person must be able to rely on the completeness and accuracy of the information he or she is given to approve. Every signature in the review process, then, should be a confirmation that a specific component of the file has been validated, with that signer being accountable for that component. If something later goes “boom,” you should know exactly where to direct your questions.

Any signature with no value added should be removed from the approval chain. If you are one of the signers, as Vince Lombardi said, “Autograph your work with excellence.”

Oh – don’t get me started on Teflon.

About this author

0 comments

There are no comments for this post yet.

Be the first to comment. Click here.

Security
 
In the show today, J. Richard Jones talks with Rick Howard,...
 
The mixed and varied reactions to Facebook’s announcement of a new...
 
Data is a crucial part of an organization’s success, whether it...
 
For a few years now, there’s been a throwaway metaphor bounced...
 
Governments around the world are increasingly relying on cloud-based IT services...
 
For a few years now, there’s been a throwaway metaphor bounced...
 
According to a 2018 study led by Dr. Michael McGuire, Senior...
 
Cloud technology is a game changer! Successful implementation in both the...
 
For over two days at the end of January this year,...
 
Earlier this month I had the privilege of testifying as an...
 
Canadian Government Executive Media, (CGE) publisher of Canadian Government Executive magazine...
 
In the last few years, we’ve seen various federal governments warning...
 
Canadian Government Executive is excited to announce the agenda for TechGov...
 
In the wake of the WannaCry outbreak, corporate executives, IT professionals,...
 
Facebook Pages can be an essential tool for businesses and charities,...
 
Cybersecurity professionals have sounded the alarm for years, and they are...
 
CBC deserves full credit for exposing the presence of IMSI catchers...
 
Security professionals have an obligation to communicate risks and recommendations to...
 
Over the decades, technology has been grafted into governments around the...
 
In this episode, J. Richard Jones talks about being candid about...
 
Criminals have reportedly threatened to take over 250 million Apple accounts...
 
In this episode, hear more about how Canada is a prime...
 
While the incoming administration of President-elect Donald Trump is being buffeted...
 
In the world that we are living in today, free and...
 
The RCMP adopted a new media strategy earlier this month by...
 
What would tomorrow’s cybersecurity look like? That’s an intriguing question to...
 
Terrorism operates with deadly regularity. In June 2016, a gunman who...
 
Just as the federal government has begun consultations on cyber security,...
 
Efforts by the government to counter the radicalization of young Canadians...
 
Canadian healthcare organizations and businesses in the financial industry are the...
 
Global market trends are accelerating to increase the pressure on commercial...
 
A recent report suggests several strategies how governments and the private...
 
The latest information from IBM Cloud covers: Consolidating Complex Environments Consolidating...
 
IBM Cloud is the first cloud provider to use Intel TXT...
 
Signaling a realignment of Canada’s involvement with NATO, Prime Minister Justin...
 
United States President Barack Obama, speaking before Parliament last night, urged...
 
Yes, according to the former head of the Canadian Security Intelligence...
 
Early this morning, Philippine police confirmed that the severed head found...
 
The challenge is clear: a fast-paced industry pressures organizations to simultaneously...
 
As populations grow and age, the demand for services increases. As...
 
The agency responsible for safeguarding the Pentagon and several other buildings...
 
By Michael Murphy Not all assets can and should be equally...
 
Government agencies, international businesses, as well as, European organizations that comply...
 
The Royal Canadian Mounted Police (RCMP) is poised to launch an...
 
One of Canada’s largest integrated oil companies said it is not...
 
Associates of Russian President Vladimir Putin, the king of Saudi Arabia,...
 
Now more than ever, organizations in both the public and private...
 
The Federal Bureau of Investigation announced that it has managed to...
 
IT organizations, especially those in healthcare facilities and government institutions that...
 
Last year, the Canada Revenue Agency rolled out a pilot program...
 
Strong cryptography is clearly required to protect sensitive government, business, and...
 
As the battle between the FBI and Apple continues to escalate,...
 
“I don’t think that backdoors into encryption is going to increase...
 
Hackers are zeroing in on users of SSL/TLS encryption and no...
 
Meet Bob Heart.  He is an outstanding employee who works hard...
 
The CEO of Google Sundar Pichai has come out in support...
 
A new study released yesterday, Securing the C-Suite, Cybersecurity Perspectives from...
 
Application, operating system, and device logs contain essential security information, but...
 
Yesterday, Ontario Supreme Court Justice John Sproat ruled that the Peel...
 
I wrote about accountability more than a year ago. Recently, a...
 
Intelligence agencies have had widespread and long-running programs to gather, analyze...
 
What concerns me is whether or not we’ve got the balance...
 
One of the consequences of the Information Age in which we...
 
In March of 2011, the east coast of Japan was rocked...
 
BYOD is hot! But is it for you? If yes, which...
 
Protecting critical infrastructure from cyber threats is the shared responsibility of...
 
In numerous interviews with senior military commanders over the past several...
 
In early February, James R. Clapper, the U.S. director of national...
 
The widespread adoption of mobile devices as enterprise-level tools is occurring...
 
CGE Vol.13 No.2 February 2007 Public security, once a task relegated...
 
CGE Vol. 14 No.4 April 2008 In recent years, policy makers...
 
The changing face of public and personal privacy in the face...
 
The announcement regarding the establishment of Shared Services Canada (SSC) was...
 
What role should governments and public servants play in safeguarding personal...
 
L’univers de la sécurité des TI évolue rapidement. À mesure que...
 
The world of IT security is rapidly evolving. As quickly as...
 
There was probably a day in spring of AD 72 that...
 
Cyber attacks don’t have to look highly sophisticated. Hackers are purposely...
 
Some title Some author
Some excerpt
 
Some title Some author
Some excerpt
 
Some title Some author
Some excerpt
 
Some title Some author
Some excerpt
 
Some title Some author
Some excerpt
In the show today, J. Richard Jones talks with Rick Howard,...