Positive internal audits

Credit: http://www.independentaudit.com

Disclaimer: Honestly, I really wanted to write this post a long time back but I keep having difficulty framing this one idea. Not because the idea wasn’t very clear in my mind but because I don’t want to look like the guy who bit the hand that fed him for the last 4 years. Secondly, I have huge respect for all my ex-team members who had worked with me during that period and again, didn’t want to end up looking like a guy who criticized them for the job that they did.

I remember my first internal audit engagement at one of my firm’s clients. I was given a checklist of specific things that needed to be checked, an-indepth discussion with my seniors on how each item/ process was to be reviewed and what were the potential gaps in the process I could be expected to find. I spent a total of 3 weeks at the circle (telecom companies have different circles or geographical regions which are responsible for operations in that specific state) and basically wrote a report on all the stuff that the client needed to improve on with respect to that specific process. And then we gave them an overall rating on how the level of control implementation. Then I went on to the next circle and the next area and repeated the same. It was a hectic period and by the end of it all, there were two things I realized even about myself: One was that I had learnt an incredible amount of stuff about telecom operations on a relatively steep learning curve and the second was that I had personally become a lot more observant but a lot more critical about how things worked in general.

The next year, the process repeated and I started running around in circles again (pun intended). But this time, one comment from the head of the Customer Service (CS) team (who was the auditee) stopped me short. “Why do you guys always write negative things in your report? What about all the good things that we have done in this circle?” I blinked my eyes for a bit and then mumbled an explanation about how audits were exception based and reports were designed in a way that if exceptions in a process were not reported, then it meant everything was fine within the process.

But I couldn’t get his words out of my head. He was absolutely right. They obviously had an SOP (Standard Operating Procedures) manual to follow, but there were several times, I had seen some brilliant processes or activities that were being implemented which was not required by the SOP. For example, one of the circles came up with the idea of a brilliant IT-based tracking system that drastically improved their controls over the distribution network. However, it required the corporate IT team to develop it rather than the circle IT team. Now, the typical process for a product like this was that the circle CS team raised a request to the corporate CS team, who then approved and forwarded it to the Corporate IT team. But because of the general lack of harmony between the various corporate teams, this always got delayed. To bypass this, the circle CS team sent this request to the circle IT team which forwarded to the corporate IT team. Now, since the IT team was outsourced, release of such products gave the IT firm the credit for the product launch/ idea informally. So it became a priority for the corporate  IT team. And got launched really really fast at the circle.

The problem? 6 months later, I had gone to another circle to perform another internal audit and saw that the product was still not being used there. Why? Because despite the sales team breaking their heads asking to launch the product in their circle, it was still not being released by the corporate team. It was ridiculous. But what really struck me was that none of this reflected in my report – either in the original circle report where they had launched this nor in this circle report as a serious requirement not being catered to (it had be later modified to be included as a recommendation). Why? Because we did not track intra-client, inter-circle benchmarks. Rather, it was only about whether a risk was controlled or not; not comparing the amount of effort it took between two different methods to do the same. And since we were one of the very few independent parties that actually commented on the efficacy of the process, there was no other external, non-partisan process by which these brilliant ideas and products were being communicated across various circles of the client. So there were two takeaways: First, no credit for positive exceptions (Where the circle team had done something really outstanding and drastically improving the efficacy of the process) and the second, not checking whether other teams were actually taking advantage of the fact that some creative people in their organization had come up with something really impactful

Somehow, I feel that there has to be a positive aspect of internal audit beyond playing the devil’s advocate. I’m not saying it can be done with the same team strength and the same time-frame that internal audits are conducted in today. In fact, looking back at the hours I put in and the hours that some of my friends are currently putting in, I’m saying it cannot be done with the same resources. But it can be done. Simply put, there needs to be some kind of process by which interesting, creative and real problem-solving activities done through the circle’s initiatives are accumulated, classified, deployed and checked across other circles:

Accumulation of data: Identify the activities that are gone beyond what the SOP has documented.  Detail the activity performed, date of launch, expected impact, observed impact and the personnel involved in the product design. I think this step shouldn’t be too difficult especially given that people would love to tell you all the creative stuff they have done if it results in visibility to the top management.

Classification: Segregating the activities based on system, non-system based process, department, high impact/low impact, etc. This is where the independent, expert, non-partisan view of an internal auditor kicks in. In fact, if this is a separate report, a rating system (similar to the rating in normal IA reports) can be developed to recognize the efforts of various circles’ various departments.

Deployment: Discussions with corporate teams on which activities need to be implemented on an immediate basis, which one year later, and time lines for the others. Discussions with the circle process/product developers on pros and cons of the process/ product and the process of covering up pending deficiencies with corporate support. Communication to the remaining circles with clear instructions on implementation guidelines and probable areas where issues may arise. Finalization of rewards/ incentives for really really innovative stuff.

Checking: This is part of the current internal audit itself. So not only does the IA team actually check if there are risks which are not controlled leading to a revenue loss but also the status of implementation of these activities (simply -  implemented or not implemented; no need to comment on phase-wise status). And it would be a rolling implementation i.e. what was supposed to be implemented in year X is audited in year X+1.

And that’s it!

I think this seems to be a much better way to do things. After all, no organization has the manpower to actually implement the whole thing I described above in-house. Hence, they need consultants to build this process out.Even if companies do build an intranet module to accumulate and categorize suggestions, the deployment stage is usually where everything begins to fall apart. (Flashback: I remember this one circle where they had actually implemented a website (on the intranet) wherein people from various departments contributed various ideas to improve their processes and were rewarded for the same. The best part? That site was accessible only to people of THAT circle. Not even to others in the same department of other circles of the SAME ORGANIZATION! I can imagine some consultant came in, checked that site and used some of the suggestions to design best practices as well . I did the first two steps. It made for incredible reading !) Further, they need process experts who may be able to riff over the new process and making it even better. So consultants/ IAs can either build it into their existing service or as part of another engagement, whichever works better.

The funny part or the real proof of concept? People actually engage consultants for business process re-engineering engagements to help them implement the best practices (sorry for the jargon!) that are followed by their competitors or the leading players across the world. This without checking their own innovation cupboards to see if they have the equivalent of a “next practice” or what would be an even better way to do things! So you can even put the accumulation, categorization and deployment stages as a BPR engagement and the checking stages as the IA part.

It just seems that internal audits tend to take a bad rap as being too documentation-oriented, too rigid and basically too its-in-the-outdated-SOP-so-if-you-don’t-do-it-it’s-a-gap mentality (especially from me! ). Not all IAs are like that (and definitely my ex-organization didn’t practice it that way) but some aspects are. And I think this is a better way to move away from that perception/reality than justifying it by saying they play the devil’s advocate

P.S: Those who know me well enough may read this as a softening of my “documentation-of-processes-is-crap” stand. It isn’t. It’s more of an example of this method . It’s one step forward to my final “documentation-is-crap” post (whenever that gets written).

How to learn

First of all, I’m a huge fan of David Heinemeier Hansson, the creator of Ruby on Rails and partner at 37Signals. But more recently, I’ve been reading this post of his over and over again. It’s truly truly brilliant and I really identify with what he says given this break I’ve taken to learn coding.

Let’s be honest. There are only two kinds of students in school today. Those who study to get good marks and make their parents proud and those who don’t give a shit. None of them really know how the stuff they learn is going to help them out in the future. Hell, I’ve even heard students not knowing why they would study algebra or geometry – your basic pillars of mathematics. And since, they don’t have a context in which to place it in, they don’t understand the application and hence, they can’t possibly appreciate the nuances of the subject. And this applies to every subject they teach during a kid’s formative years. And let’s be clear about one thing: the proliferation and the success of science-based channels such as National Geographic (predominantly biology and geography), Discovery (across sciences), the History Channel (History) and Animal Planet (zoology) are clear indicators that said sciences are interesting and are consumed if only explored correctly.

As a personal example, I need to take up the example of coding. Man, I really sucked at it ! I mean, during engineering I could not understand the difference between passing a data type as an argument or as a return value. I could not understand why a function using a “printf” command in Java did not require a return value if the function required some text to be displayed. Frankly, I couldn’t care much. All my exams in CP (as we called Computer Programming) involved writing the algorithm, the flowchart (I was good at these two), write the “include stdio.h” for the code (C++ exams), write a whole load of crap on the paper which I could not understand and wasn’t even sure that was correct syntax and then prayed for partial credit. Result? Let’s say I never failed the exams but the marks were clearly in the category “By the grace of God!”. My marks were like a movie where the hero just scrapes through a vertical shuttering door. With the bruises and the marks intact. So when I decided to start building my own application, it was one hell of a moment. There was enough fear psychosis in me to believe that I just didn’t have the talent to build this. But one false start after another, crossing each mental and psychological hurdle, I finally hit my Shift+F6 and ran the application to get the correct results. It took me 4.5 months to write and re-write the entire application prototype which included the basic Java application, the servlets, base webpages, JDBC connection pools and mySQL scripts, things I had never done and in fact, had never anticipated to do when I started off. The funny part was that there were issues whose resolution I couldn’t find on the Internet and kept wallowing around in the code to finally figure it out ! And, even if my prototype is  just a little more than 50% complete from a commercial perspective and frankly, a lot slower than it should be, there are few concepts in Java that I don’t understand now.

I’m not trying to put this down as some random source of inspiration B.S. The point I’m trying to make was one of context: That I knew exactly what I needed the application to do and basically whatever I learnt after that was in the context of what I wanted to create. I knew I wanted to store pairs of mobile numbers that could be extracted into an SQL query. That’s how I learnt about ArrayLists and then learnt about how ArrayLists worked to give me the results I was hoping to get. I needed an array which would replace the location of an existing mobile number with its new location. That meant taking that original entry of the mobile number, deleting it and replacing it with a new one. That’s when I learnt about the Key-Value pair concept, the HashMap and the iterator concepts. It was all in a context.

What I’m trying to say is if you start teaching Civil Engineering students, concepts like pile foundations calculations, structural engineering concepts, etc. without them able to put it in a context, it will not only disassociate the concept from its application, it also creates the disconnect between the application and the end result. The ideal way would be to show them a picture of the leaning tower of Pisa, explain (hypothetically) why it should fall, then get into each aspect of the structure (including concepts like centre of gravity, material sciences) and finally explain why it doesn’t fall and why it may be expected to fall in the near future.

Think about it. We love stories that guides tell us when we tour some ancient monuments like the Taj Mahal or the Amer Fort (I quietly stalk guides leading other groups to get some of the interesting snippets as well). If there is an inherent interest in these monuments, then why don’t the way we study our texts reflect that? In a world of digital videos, audio and connectivity, why do we relegate these sources as copy-paste for our projects/ assignments and then, 15 years later, go back and watch the videos on Youtube? Because, there never was any context to the subject when it was originally learnt. In that sense, what teaching should be is an equivalent to a story-telling session or a drama while what is captured is a rough draft of a screenplay with only the basic sketches laid out.

Frankly, it’s funny that even in places where there is adequate context to build on, very little of that is brought into relief against what is being taught. Corporate training sessions anyone? Whether it’s web-learning or face-to-face mandatory training sessions, most people look at it as something to accomplish as part of their goal-setting, balanced-scorecard-filling activities. A one-day training does very little to accomplish much given that, despite the fact that personnel and their seniors should track the impact of the training periodically, such tracking is mostly subjective.  Further, formally declaring such one- or two-day sessions as irrelevant is considered blasphemy in the corporate-world. What ? You don’t support learning and training in your organization? You isn’t a learning organization? Funnily, what I’ve really learnt and absorbed during my work has been on the field – understanding telecom concepts, leading teams (as against leadership training by some external consultants), handling clients (as against training sessions on personality development) and mentoring my counselees (formally) and junior team members (informally).  The context and the impact is quite direct and people can easily understand what is required!

That’s why I love the stuff I attended at the Indo-American society at Fort. People who came there were constantly asked to speak in English and to speak loudly no matter what they wanted to say and how low their grasp of English was. Every day, there were practice sessions which were in context of the job that they worked in. This added an immediate sense of “This is how I need to act when at office” or “This is how I need to speak next time I give a lecture or a training session at my office” and so on…..

Further, there are some pretty awesome faculty I have had to study under during my MBA. These guys were Legal Heads at FMCG companies (teaching us IPR), working with NGOs on the field in the areas of Information and Communication Technology (teaching us ICT For Development) and consultants in the design field who have ACTUALLY BUILT PROTOTYPES ( how to design instrumentation for the Indian rural environment). Invariably, they first set the context of what they are doing in the real world, what are their objectives for the session, and most importantly, there was an expectation from the faculty that we would actually contribute to their objectives (mainly in the ICT courses) based on what we learnt. This is how learning should happen. It was like looking at the cover of a jigsaw puzzle to understand how the final picture should look like and then getting the pieces to build it. As against getting pieces of the jigsaw without even knowing what the end result should look like. You don’t even know whether you have all the pieces/ got extra pieces that you don’t require. And yet, somehow, it’s the second kind of learning that seems to permeate our schools.

I don’t want to start a blame session now about who is responsible for this. But, if more people graduate from such learning processes, it’s going to create a much slower learning set of people since they would once again have to re-learn the entire fundamentals once they actually need to start implementing said knowledge. When I say re-learn, it’s not in the positive context of how we should challenge everything we have considered as sacred till now. After all, how can we challenge, enhance or destroy that which we have not understood ?

Sir Ken Robinson on Education

Business is getting less intense……

………and more desperate.

I want to talk about the gap between what you can deliver (competency) vs. what you’re expected to deliver (Brand). Here, I’m not talking about the quality of the work (irrespective of the gap, you’re expected to do a top-notch job) but the type of work that you end up doing because of this gap.

When you’re building a competency base, what you can deliver is always less than what you’re expected to do. For example, in consultancies, you are expected to understand all areas of the sector you’re in and understand both the intricacies of each process and the links between various processes. However, there is more often than not is a gap between these and it seems that this gap seems to be affecting businesses differently than before.

Competency gap:

What you can deliver is only what you understand and what you can pick up. Hence, it holds you back from more specialized and lucrative assignments. This is a competency gap

Then you hit the sweet spot:

Wherein you have built up the talent pool and the knowledge base to deliver whatever is expected to be delivered from a company of your standards and reputation. It would fit the needs of the client perfectly and hence, ensures that the client always thinks of you for the next similar assignment.

Competitive advantage:

How could I write such a thought-provoking post without establishing my MBA credentials using multi-syllabic jargon  right? Ok, so here goes. The scenario arises when a client makes a specific requirement. During the assignment, you observe multiple other weaknesses in other parts of the company. You convert these weaknesses into further opportunities for client relationships and business. The reasons: 1. You got to the client before anyone else and hence have access to the data. 2. You know something is wrong. The client is blown away by your ability to root-cause the problems to other departments and gives you more and more business

Desperation:

This is where it gets ugly…… you’ve been doing great so far. Existing clients giving you business and now since not many other guys in your organization are doing well, the bosses crank up the heat and raises your targets to sky-high levels. Your competency becomes a problem cos’ you can do any kind of work in your given specialty and you do! Given business, you would stray away from what you’re expected to do (as a brand) and just get revenue (based on your competency). Another source of this desperation is that at one time, you had a distinct monopoly on the technical aspects of your work. But now your competitor is playing the same desperate game not from a revenue but a brand-building perspective (I can do this too!) So you take up assignments just to cock-block him. Now, team morale takes a hit and so does your reputation in the market. The revenue may come in but the guys below you who actually execute are not happy. Everyone’s looking for a way to move out. And finally the client’s pissed cos’ the work’s not getting done the way he expected (brand vs. competency with an unexpected dash of indifference and misery).

Somehow, the more number of people I talk to, the more number of businesses this seems to be happening- this WE WILL DO ANYTHING can’t be really good in the long-term

Jerm IX

May sound lazy but ’nuff sai. More of JermIX’s work here

From the Wooster.

Ted Talks – Larry Lesig

Lawrence Lessig is the foremost authority on copyright law. His two books: Code 2.0 and the more popular Free Culture talks about an out-standing, far reaching consequence of excessive copyright protection which is:

1. Does a customer have the right to modify the content of a media he has purchased

2. Does this type of self-expression or what Larry calls “read-write culture” violate notions or the intent of copyright beyond what the law states

Also see Lessig’s old blog here. The ideas are still fresh and relevant

Mixtapes – how Hiphop has overcome the record industry barrier

Image Credit: This is my House

The point I’m going to try to make in this post is how hip-hop did something that was brilliant in terms of promoting their music and how they have incredibly leveraged that idea on the net. Ladies and gentlemen, welcome to mixtapes.

The history of mixtapes can be traced to the late 60′s which were originally sold as 8-track tapes (way way way before cassettes) and were sold on the streets or at flea shops. With the rapid advance of technological advances in recording media, it broke the barrier between who could release music and who couldn’t. 8-tracks recorders and reel-to-reel tapes gave way to low-prices cassette recorders and cost barriers crashed to the point where casual and amateur users could record their own songs using recorders.

The basic point of these mixtapes was that while, having a record label to support them was nice and sweet, there was no reason, a talented MC, songwriter or singer could not have his works spread to the street. Hence, using blank tapes and a few synths and other musical instruments, a “musician” (Musician, in this context, refers to anybody who creates or assists in creating music) would record his music or rhymes (over an existing track if he so chose), pressed the covers at Kinko’s, made duplicates at Discmaker’s and then hustled these tapes for low prices (around $4 – $5).

These mixtapes also gave the artists some serious “street-cred” along with the rap battles at which these MC’s performed frequently.

The best part was that those who were accomplished and generally, the top-of-the-charts producers also realized that the best way to identify talented artists was by keeping their ears to the street, listening to the latest relased mixtapes and then subsequently, signing them up if they felt that the artist measured up. Hence, this was one genre (other than rave and house which also flourished with the same model). Snoop Dogg became Snoop Dogg because a homemade rap album was pushed to Dr. Dre by Warren G. Make no mistake. The mixtape business was cut-throat what with disses being spit on various songs against other gangs and death threats screaming through verse after verse. A lot of these disses and beefs were partly to push the marketing levels which also worked. They were not necesarily original tracks but even rapping over previously released commercial beats and synths

Now Web 2.0 came in and blew mixtapes out of the street and onto the Net. Mixtapes went digital (even the cost of making digital copies hit rock bottomBlogs such as Poisonous Paragraphs and Wake Your Daughter Up propped up all over the place. These blogs have some serious following especially when they did not limit their reviews to commercial releases but also to new mixtapes that were released online. The raw, uncensored vocals over mad beats were enough to spread the word for the talented, unsigned artists. Since, most mixtapes were for free online, there was nothing to stop these reviewers from pointing sites where these works of art could be downloaded. Further, artists jumped on to MySpace and Facebook and hammered out singles one after the other to maximum impact.

As mentioned above, mixtapes also helped artists gain serious street cred. Hence, even produced artists like Li’l Wayne and Eminem put up mixtapes to help them judge the response of the public. Similarly, songs like “Warning” may not have been appropriate to put up as a single or in an album and were hence released as mixtapes. Funnily, in many cases, the response to the mixtapes have been significantly more positive than for commercial releases. Now,we have torrent sites which are specifically for mixtapes alone shouting out about new releases which have only catalyzed the adoption of these tapes.

The mixtape industry is the ultimate symbol of “Going your own way”. They did not wait for labels to identify them prior to releasing their works. While they wanted to get signed up by labels, they did not wait for it. They marketed their talents through sheer gutsiness, stick-to-it-iveness and rap battles. The mixtape story is one tells the other genres “It’s not about the score, it’s about the game!”

Update: Just was going through the history books when I came across this gem on blogs destroying hiphop. Read Rob’s comments:

Remember how Hip-Hop (as a community) went crazy for those pre-Interscope 50 Cent mixtapes? It was new, it was different it was out of the box and there was no middleman (i.e. the record label). Mixtapes were a way for fans to have a direct connection with their favorite artists and blogs are now providing the same access. Is all of the material leaked on blogs superior? Of course not, but neither was all the mixtapes being released 8 years ago. Still, it was a movement that empowered our artists and our culture.

The Matrix :4 – The Remix

First there was the Matrix. Then Matrix Reloaded. Then Matrix: Revolutions and now, it’s back. From the highly acclaimed yousibtube and Big Difference(Bolshaya Raznitsa / Большая Разница), comes the next episode in the Matrix series: Matrix: Remixed starring the long since dead incredibly talented Sir Charles Chaplin in this brilliant silent movie parody.

From: Matt Mason

This is what the Pirate culture is all about. I wonder who owns the rights to Charlie Chaplin’s movie and I really do wonder what is going to be the response of Warner Bros. who own the rights to the Matrix movies

Further, also watch Matrix: DeZionized. This is a brilliant remix of the last two movies by matrix fans who were sick of the whole Zion-perspective story. So they just removed it . Watch the trailer below:

You won’t get the movie from Amazon or Barnes and Noble obviously. Google it and download it from Rapidshare or search for torrents. A must watch

Brilliant Mini graffitti

Like the Wooster says: KR + Mini = Awesome

From Wooster Collective

The Bubble Project

This is one of the most brilliant projects I’ve ever seen in street/ urban art and funnily, it was started by an ad man in South Korea, Ji Lee. In simple terms, speech bubble stickers (like the one above) are stuck over advertisements plastered across cities. People can then enter whatever they feel into these bubbles which are then photographed and then uploaded here. This is another example of subversion as mentioned in the Pirate’s Dilemma (I know I’m obsessed with this book. Will up a detailed review soon). Not only do they subvert corporate plastered ads but also other street art projects like the taped public phone receiver as shown below. As per their own manifesto:

Our communal spaces are being overrun with ads. Train stations, streets, squares, busses, and subways now scream one message after another at us. Once considered “public”, these spaces are increasingly being seized by corporations to propogate their messages. We the public, are both the target and victim of this media attack.
The Bubble Project instantly transforms these annoying corporate monologues into open public dialogues. They encourage anyone to fill them in with any expression, free from censorship. More Bubbles mean more freed spaces, more sharing of personal thoughts, more reactions to current events, and most importantly, more imagination and fun.

.
The project is now live at:
New York, USA
Milano, Italy
Buenos Aires, Argentina
Amsterdam, Holland
London, UK
Birmingham, UK
Skopje, Macedonia
San Francisco, USA
Paris, France
Lausanne, Switzerland
Belgrade, Serbia
Geneva, Switzerland

See the complete gallery here: The Bubble project on Flickr
Some of the ones I found increasingly funny, moving or subverting are below:

Can you see my nipples - Starbucks logo

I steal Music and I'm not going away - Apple iPod

Slim Line = Flat Line

Please save me from objectification - Chanel

Date me please - Apple

Asshole ! I told you to tap the phone, not tape it !!!

It’s now a book as well ! I definitely am going to get one of these mamas !