A New Approach for a Changing World?
The hardships and privations of 15 months (and counting) of pandemic lockdown in many developed countries has forced leaders in government, politics, industry, manufactures and commerce to adopt unfamiliar and, in some cases, unwelcome changes in approach. The most obvious example is the industrial age requirement for all workers, regardless of occupation, to work from a fixed and known location. One client I have worked with found the experience enlightening and made the decision to close the majority of their offices in the UK and allow almost all staff to choose whether to work mainly from home. Not many observers of this company would have seen that coming as they are known for being deeply conservative. This example may seem off topic, but I believe it shows that even organisations which could be characterised as averse to change can fundamentally review and adapt the way they consider their staff.
Many colleagues I have worked with in leadership and management positions in the past have, when being candid and speaking off the record, felt that working from the office was the ideal because they could see how busy their people were. The lockdown experience has shown the fallacy of this argument. I can see more and more organisations looking at output and outcomes as being more important indicators of productivity than hours at the desk – and believe this change is long overdue.
This opening of our minds to new patterns of working can be, and in many cases is accompanied by deep reflection on the purpose of our organisations being broader and more socially aware than simply increasing value for shareholders. In fact, the B Corporation movement (see https://bcorporation.net or https://www.bcorporation.uk for more information) exemplifies not only the potential of this change of focus but also the commercial, societal and environmental successes that arise when the needs and aspirations of all stakeholders are given equal priority.
The stories of successful B Corporations clearly show that business growth and solid profitability are aided and sustained by putting more emphasis on the needs of staff, customers, communities and the environment. The scale of the movement (more than 4,000 organisations and growing every week) implies that this is no coincidence and has statistical significance.
So, what is the final piece of the puzzle?
The outsourcing movement has, over time, put a great deal of negotiating power in the hands of service providers, not always to the benefit of their customers. Many purchasers of such services have experienced this and, having worked in both supplier and customer organisations, I can attest to the strains this puts on personal wellbeing and professional relationships, not to mention the bottom line on both sides of the fence. In disciplines such as cybersecurity, where there is a globally acknowledged lack of capacity in the talent pool, these strains can be even more pronounced as the customers often see themselves as having no choice but to outsource rather than trying to build internal capacity.
Since this situation is unlikely to change dramatically in the near future, I believe there is a need for the relationship between customers and their service providers to evolve rapidly to the point of embodying the true essence of the much-misused partnership model. That will require development of far deeper trust that currently exists between these inter-dependent communities. Many suppliers are changing their language and behaviour to ensure that they only contract to provide services where they have the real capability to deliver, acknowledging that no supplier is the best option for all services. Many customers are taking a more mature view of the procurement process and focusing on capability, long-term plans and customer satisfaction as being at least as important as the stated price. A few customers have successfully implemented bi-directional service reviews on a quarterly basis which can adjust service fees down or up to reflect performance of both parties. This last example has been in operation within a UK central government department for at least the last 10 years and all parties have benefited from it.
Clearly, service providers need to be profitable to deliver high quality services over the long term. Equally clearly, overpriced services negatively impact a customer’s ability to be profitable (or to deliver on its purpose). Financial penalties, including service credits and liquidated damages, have formed a central pillar of contract governance for decades, but financial and non-financial incentives are taking far longer to gain traction. Hard-nosed negotiating tactics, to quote comedian Joe Lycett wildly out of context, doth butter no parsnips – overly hard negotiation leads to overly rigid contracts which leads almost inevitably to conflict. Conflict resolution approaches are then deployed to bring all parties back from the brink of extreme measures.
What then?
Long, and often painful, experience of service procurement, contract negotiation, transition and delivery has brought me to the conclusion that as an industry we need to adopt a more profound sense of community – with our colleagues, our suppliers, our customers, our societies and the environment as a whole. We need to acknowledge the sense of honest communication about what we can and cannot deliver and we need to listen when we hear things we do not wish to hear… like “we don’t do that (very well)”. We need to adopt procurement processes that give weight to direct experience, subjective measures like customer satisfaction and alignment of purpose as well as claims of compliance with specified requirements.
For example, I have been directly involved in recent times in the procurement of managed security services. One case involved an expression of interest, a long list of 10 suppliers received a 50-page request for information and a short list of 3 received the 80-page request for proposal, 2 went forward to make a best and final offer and after 8 tortuous months, a supplier was selected. Negotiating the 400-page contract took another 9 months. Neither party was entirely happy with the resulting contract, or the service delivered. The second case involved identifying a short list of 5 potential suppliers from the direct personal experience of a small group of stakeholders. Each supplier received a 3-hour briefing and a 10-slide summary of the risks to be addressed and the outcomes and benefits to be delivered. They were given 2 weeks to prepare a short (no more than 20 pages) response outlining how they would meet the stated objectives. The selection process took 4 weeks, contract negotiations took 6 weeks, and the service went live 2 weeks ahead of schedule. All parties were satisfied that the contract had sufficient flexibility within agreed constraints as to be satisfactory, and a bi-directional service review process along the lines described above was a core element of that outcome.
This last example shows that when the procurement process takes into account the requirements of the purchasing organisation, the aspirations of their people and the intentions of the supplier it can deliver satisfactory, economically viable and sustainable results. Fast. Building strong trust relationships and deep understanding.
It can be fun too.
Oscar O’Connor is an internationally recognised expert and speaker in information/cyber security and resilience, working with clients to deliver value and societal benefit from their investments in technology and cybersecurity.
The opinions expressed by guest bloggers are their views and do not necessarily reflect the opinions of Corix Partners.
Contact Corix Partners to find out more about developing a successful Cyber Security Practice for your business.
Corix Partners is a Boutique Management Consultancy Firm, focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation & Governance challenges.