In my previous article “The importance of trust in organisations” I introduced the importance of trust in workplace nowadays. Here I will describe some negative impacts that toxicity, inquisition-like questions, and the absence of trust create on different aspects of organizations, no matter if posed to a full time employee, contractor or partner.
It diminishes the work done from HR and legal.
Everyone is assumed to be vetted, cleared, checked and so worthy of trust before the company signs a contract. If we say that a company doesn’t trust the people, partners, vendors, entities, providers with whom contracts are signed then the company is not reliable. In that case customers shouldn’t trust a company with such doubts.Perhaps legal is OK but someone thinks that is not enough.
Well… Solve the concerns with legal and let the developers work.
Full time employees, collaborators, partners, vendors, including the handymen are the frontline of branding reputation. Always be kind and respectful. Put in place the right process but don’t bother people with your arrogance.They are citizens and people with rights, feelings, opinions and social influence.They will tell their daily experience to friends, family, co-workers of the same or other projects. They are the ones filling the questionnaires that determine your Net Promoter Score.They will compare their experience with other employers and make it public on Glassdoor, Reddit, Stackoverflow, Github, Google review, their blog, and thousands of other communities and meetups. Online and offline.
Stop harming yourself.
Developers provide transparency to everyone and in particular to their key stakeholders not only keeping the backlog items they work on always up to date but they do more. They dedicate time to status updates on a daily basis (daily standups), on a sprint basis (sprint review and planning), on a release basis.Using extra time and budget to require them to continuously prove the legitimacy of their work, fragment their days, it slows down their activities, it kills their productivity, focus, confidence, engagement, it stops business innovation, puts deliveries, business, customer relations, revenues at risk.Loss due to context switching and distractions is high and not reversible.
Do not disturb developers. Trust them. Let them do their job. They are amazing at it, that is what they are paid for.
Human factor is considered the weakest ring of the security chain. I usually see two common antipatterns or biases.When security has a fixed mindset, they suspect everything and everyone. Everyone except whoever is in their team of course. This is evident when there are double standards and undocumented exceptions.
The second is that they convince themselves that it is their job to go around patrolling everything and everyone. Again, except whoever is in their team of course. They tell you never to share your password with anyone but they are the ones who send passwords by emails, because the internal doesn’t allow resetting the password by the user. Every software proposed by others needs a business case and a hard-to-pass security screening. Unless it is proposed by one of theirs.
This type of black spot with many other biases is one of the major dangers when we talk about company security. And that is the weakest ring according to studies and industry security reports. Biases in people from security even more than others.
There is a third factor too often ignored.
Security breach chronicles and news tell us that people that leak information or cause damage to company assets are the ones who have not been treated well, not treated properly, and not trusted. It is not important what you did but how you made them feel.
I am not saying that those who have a bad day will automatically think of revenge.
Voluntarily or not, people that are not engaged are more prone to make mistakes. People that are not trusted, aren’t confident enough and make more mistakes (overconfident people make mistakes too).When they make mistakes, if they aren’t confident they tend to hide the errors, rather than shout about it. If you work in security you know that is not about “if” an incident will happen. It is about “when” it will happen. Recognizing and responding immediately is paramount.
Showing everyday arguable behaviour and ridiculous questioning, unreasonableness, bureaucracy means building up a culture of fear, untrust, silence, low cooperation. It is security building up its own worst enemy. Unsecure environment. Culture of scapegoating, blaming, mocking, shirked responsibilities, discouraging bridging, shooting messengers. If you work in security and you are reading this, make yourself a favour. Make your company a favour. Make your customer and users a favour. Make the world a favour. Build a culture of trust and safety.
Of course do also your due diligence, properly manage access, implement governance policies based on roles/projects/resources. Make your risk assessment matrix, document a light-weight transparent process, put in place automated logging, auditing, warnings, sentinels, whatever…
Inspect process and tools but let people do their job. Your job is not to block or delay production activities. Your job is to safely support their acceleration. Build confidence.
If your organization has still development on one side and operations out of the team, and you think it is OK then you can just skip reading. Apologies for telling you this now. This article is meant for people who understand software development nowadays (2021), in a world where teams need to release multiple times a day.
Testers or operations outside of the team are well known antipatterns. Any 101 modern book, research, report, study about it, would tell you that if you think you are doing devops because you use Jenkins, Bitbucket, Terraform or other tools stop messing around. No, really. That’s not devops.
Devops starts with a strong culture of collaboration, shared responsibilities, team autonomy and self-sufficiency, strong focus on automation and quality and no silos between developers and operators, from design to deployment closing the feedback loop with users.
If you disagree, stop reading bits and pieces of old blogs posts and get some serious structured knowledge about devops. In my other blog articles I suggest books, and I write about devops capabilities. DevOps is the union of people, process, and technology to continually provide value to customers. Devops is about culture. A culture of trust. By adopting a DevOps culture teams gain the ability to better respond to customer needs, increase confidence in the applications they build, they achieve business goals faster and they trust each other.
All the team members work together, using traceable, auditable boards that provide transparency. Be responsible as a team for your own quality. Shift left on security. Be proud of your work. Communication, trust, commitment, courage, focus, openness, and respect.
Trust Trust Trust.
Not trusting people, not enabling them to work, creating a beuracrocatical or pathological culture (Westrum) in the short, medium and long term creates issues in the company. Work engagement and job satisfaction are one of the drivers of organizational performance. Toxic culture in many organizations cost billions of dollars a year. It increases attrition rate.
Many talents just leave if they aren’t trusted or worst they suffer distress and risk burnout. No trust, no safety, no happiness.
If your company seems like a Dilbert cartoon, fix it.
I don’t claim to be an expert in all areas but I think I made my point clear at this stage.
Developers need to stay focused on producing the most valuable increment during an iteration.
Wasting time answering redundant inquisitorial questions is like throwing money out of the window or like being taxed twice. It is inefficient and it has a ripple effect on all production activities. Not rarely it makes the difference between profit and loss. Each simple distraction added to context switching, can determine a measurable loss in productivity. The well known phenomenon is called dual task interference.
The damages produced by a non safe environment, lack of trust, no security, and no innovation are huge. According to many studies the total costs of toxicity, easily top $100 billion in US only every 5 years.
Any CFO who would be informed of someone going around mining the culture of trust and distracting the teams with silly questions should grab that someone to say loud and clear “stop wasting our money”.
Stop working against the company budget. Stop putting at risk our financial goals. Stop!
No matter if you adopt scrum, agile, lean, waterfall or even if you work in IT or car manufacturing or education, aerospace industry or public administration. Absence of trust is the first, the largest, the most frequent and the most expensive of the well-known 5 major dysfunctions identified by Patrick Lencioni. Any team and organizations will suffer a ripple effect and develop more dysfunctions due to lack of trust. The costs and overall negative effect on society are huge!
In the above scenarios, you may not necessarily be a persecutor, rescuer, victim or witness. Yet, if you are impacted by lack of trust and low organizational performance, ask to have clear, short, meaningful policies based on project, roles, and assets to protect.
If you see an unfamiliar face or someone tailgating, alert security. Follow the policy and common sense. Don’t close your eyes.
Trust, double check, trust.
If you need info from the team, ask to PO/PM, SM. Familiarize with agile, scrum roles and responsibilities. Demand and follow lightweight well defined fair processes that encourage transparency, inspection, adaptation. Contribute breaking down walls and silos. Support proactively a generative culture (Westrum) and smooth flow of information.
Secrecy is poison! If you trust, you will be trusted and you will definitely benefit from a safe trusty organizational environment
You may be an employee, a contractor, or a partner for a company or more but you are also a customer for many many more.
You are a user, a person and a citizen. If you read this article, you know how to recognize from inside and outside the companies that are really built on trust.
You can distinguish who talks from who walks the walk.
You will make your choice when you buy your next phone or register on a website.
You have the power to proactively contribute to the success of companies that trust people and let the old thinking medieval inquisitorial mentality die.
Trust is a must!
This article have been published for the first time on danieledavi.com by me, the author Daniele Davi’ on February 15th 2021.
© Daniele Davi’, 2021. No part of this site, danieledavi.com, may be reproduced in whole or in part in any manner without the permission of the copyright owner.
Human, explorer, engineer, author, lifelong learner and passionate agile coach.