There should always be a reason why certain processes exist in a company and others do not. The justification lies in the business goals the company has set for itself to achieve. When these goals change, the processes have to change as well.
This sounds logical, but it is not intuitive to many companies. Once an elephant has been shaped, it is very hard to move it around with the agility needed to react to certain changes in the environment. Here is a nice visualization:
5 Monkeys & a Ladder Experiment
Read more below on how to avoid this behavior.
There are several important elements when setting up an organization: the main ones are the company’s Mission, Vision, Strategy, and Values [Figure 1]. They are defined by the company’s Top Management, they come in written form, they are widely communicated and adopted, they are regularly monitored, not so often updated, and are the basis for everything else that the company does. (See a video explanation by Erica Olsen here.)
Let’s say this green rectangle is the company’s environment. Where Sam is (yes, he has a name ) – this is where the company currently is in its development, determined by e.g. a SWOT analysis.
The Mission equates to the company’s overall purpose, i.e. this is the green surrounding line. The Mission statement aims at answering the questions of “Who are we?” and “Why do we exist as an organization?”. Once defined, the Mission statement cannot change. It should be a concise and inspiring message, as its main goal is to create a sense of identity for the company’s employees. The Mission statement also provides the needed clarity on how the company serves its other stakeholders: customers, partners, suppliers, shareholders, investors, etc. (See a video explanation by Dan Heath here.)
The Vision statement is a declaration of where the company wants to be in the future, what its aspirations are. The Vision statement describes a world that does not yet exist, but which is possible to achieve via realizing the company’s purpose, i.e. Mission. Sometimes the Vision statement can only be a short tag-line, e.g. the company’s slogan. Like the Mission statement, once defined, the Vision statement cannot change. It is like the North Star: it provides the direction of the company and it aligns its employees behind one common goal.
Examples of Mission, Vision, Strategy, and Values statements:
• Toyota Global Vision & Guiding Principles
• The Coca-Cola Company
• Whole Foods Market
• Netflix Culture
The Strategy is the long-term plan, which will take the organization from where it currently is to where it wants to be in the future, i.e. to the company’s Vision. The Strategy encompasses the goals and objectives of the company: the products or services it wants to deliver and the customers or markets it wants to deliver them to. The Strategy is used to make decisions about prioritization and allocation or optimization of company resources. Even though not often (because it is a long-term plan), the Strategy can change due to market conditions, stakeholder expectations, or other. Apart from ensuring the company’s Vision is achieved, the Strategy also has to be aligned with what the company stands for: its Mission and Values.
Values are the beliefs, in which the organization is emotionally invested. The Values define what the company stands for; they shape the company’s culture and help with decision-making. The Values determine the approach the company takes in reaching its Vision, i.e. how it will conduct its business and essentially all of its everyday activities.
Each process definition or description starts with Process Purpose and Process Outcomes [Figure 2]. They give a high-level overview of why the process exists and what it is aiming to achieve. They also define how the company’s Strategy will be executed.
The main element of a process is its Process Purpose. The Process Purpose is the reason WHY a process exists. There is a strict correlation between the company’s Strategy and the processes the company has: If a company is in the Automotive industry, for example, one would expect the majority of its processes to be connected to manufacturing cars and car parts or producing software for those cars. Just as like, if a company has a chain of coffee shops, one would expect the majority of its processes to be around producing and/or handling coffee. It will be rather surprising to see an automobile manufacturer having company processes for making the best cup of coffee in town, because this is not the primary way of how the company is doing business. And that is exactly the reason why the Process Purpose must always be aligned with the company’s Strategy – and when the Strategy gets updated, all company processes have to be revised too. This is how we avoid the trap presented by the 5 monkeys & a ladder experiment: always explain the reason WHY.
The Process Purpose then breaks down into Process Outcomes. The Process Outcomes are the main things that a process is aiming to achieve, i.e. the WHAT part. The Process Outcomes should not be confused with Process Outputs. The Process Outputs are what the process produces as a result of its activities (e.g. documents, records inside an IT system, SW code, reports). Those Outputs are then used by the subsequent process(es) in the overall system of processes. The Process Outcomes, however, are the benefit that the Process Outputs bring to the organization, its customers, and other stakeholders (e.g. establishing a controlled environment, maintaining employee and customer satisfaction, increasing revenue).
Let’s take the Risk Management process as an example: Its Process Purpose is to successfully manage risks within a given scope.
To achieve this purpose, the following Process Outcomes are identified (based on A-SPICE v.3.1):
- The Risk Management scope is established.
- The Risk Management strategy / process / procedure within that scope is established.
- The risks are identified.
- The risks are analyzed.
- The risk treatment actions are identified.
- The risk treatment actions are implemented.
- The risks are monitored.
And the Process Outputs are things like:
- Risk Management Plan
- Risk Record
- Risk Analysis Report
- Risk Mitigation Plan
- Risk Action Request
- Risk Status Report
The Process Outcomes then break down into Process Activities. Those are the actual steps of the process, the day-to-day execution. They show HOW the process will achieve its Process Outcomes and, thus, realize its Process Purpose. The Process Activities are typically presented in a process diagram or flow and are also associated with a lot of other elements from the process definition, like scope, inputs, outputs, and process interfaces, RACI Matrix, monitoring and measurement, etc.
To continue with the previous example, the main activities in the Risk Management process are:
- Establishing the Risk Management scope.
- Defining the Risk Management process / strategy.
- Identifying risks.
- Analyzing risks.
- Defining risk treatment actions.
- Monitoring risks.
- Taking corrective actions when risk mitigation is not achieved.
If your company has an Employee Performance Management (or Evaluation) system in place, your Personal Objectives should be based on the company’s processes you execute, which in turn are based on the company’s Strategy. All strategic objectives are cascaded down from the highest organizational level to the lowest and, therefore, should also be traceable up to the company’s Strategy. Theoretically, the sum of all Personal Objectives in a company will give the sum of all Process Activities, which in turn will give the company’s Strategy. In addition to the process steps being executed, how they are actually being executed sums up to define the company’s culture, i.e. Values. And, as Peter Drucker famously put it, “Culture eats Strategy for breakfast”.
Sometimes we have too many details in our process(es) and we need a bigger level of complexity to represent all that. The process then ends up being broken down into several nested levels of documents to ensure everybody in the company understands what needs to be done and how [Figure 3].
The company’s Policies & Guidelines are the internal standards that everyone should follow. Note that they can also be referring to external standards and requirements, which the company must be compliant with for legal, business, or other reasons. Both Policies and Guidelines can be present at any level of the process breakdown structure, depending on their scope. The main difference between the two is that the Guidelines are not mandatory and tend to be somewhat informal. They explain how certain steps can be performed: for example, a guideline for using the company-branded templates. Policies, however, are formal and mandatory. They outline requirements that have to be complied with and also highlight the consequences if those requirements are not being met (e.g. disciplinary actions). Example: the company’s IT Security Policy.
The Quality Management System (QMS) (aka Process Framework, Process Landscaping, Workflow Management System, Product/Service Development Lifecycle, etc.) represents all processes and process interactions inside the company. Note that a QMS can also be designed at a lower organizational level, i.e. have a smaller scope: company unit, cross-functional program, etc. The main goal of the QMS is to establish a controlled environment by enabling the Management to identify dependencies and risks, make informed decisions, and overall optimize its activities and use of resources. Example: QMS (source). More info on QMS here.
The Process is a set of interrelated or interacting activities that use inputs to deliver an intended output. The company’s processes are what the Management plans for, executes, and measures, in order to control the operations of the whole organization. Examples: Project Management, Requirements Management, Configuration Management, SW Development, Incident Management, Problem Management, etc.
The Standard Operating Procedure (SOP) provides the specifics in carrying out an activity, process step, or a whole process. Therefore, the SOPs are typically linked to the processes they detail. Example: the Project Management process consists of the following steps: Initiate, Plan, Execute, Control, Close. An SOP for the Control step can detail how controlling is made (e.g. reporting), how often, in which form (e.g. e-mail, meeting, presentation), who the owner and the audience is, what happens when gaps are found, etc.
If needed, an SOP can be furthered detailed in a Local Work Instruction (LWI). Continuing with the previous example: An Instruction for the Procedure of creating the Project Management report will specify exactly where a person has to go (e.g. which tool), where to click, what to copy-paste, and so on, until the report is ready.
Lastly, the LWIs can contain Scripts, which are the lowest level of detail in the process definition. The Script will say line by line what each party in a process step is supposed to do. Example: a Script in a Call Center may look like this or this.