BPM in Action

Earlier this month, IBM announced that it has integrated its FileNet BPM offering with Cognos 8 (which IBM also owns) and its business intelligence features. The company has also transformed its January acquisition of AptSoft into IBM WebSphere Business Events, a “BPM Suite” designed to ease and speed the integration of BPM, BI, and event processing.

Whatever one wants to say or argue about whether or not this is a suite or a portfolio, and whether or not it represents a new set of solutions or old wine in new bottles, this is a meaningful development. It demonstrates that:
1. IBM is serious about integrating its FileNet technologies with BI solutions;
2. IBM is serious about integrating event-related features and processing with BPM and BI; and
3. IBM is committed to integration of BI, BPM, and event processing with/via service-oriented architectures (SOAs).

This mirrors the continuing evolution of The Big Mash-Up in enterprises of all sizes and types. Increasingly, by my lights, anyway, users are seeing BI, BPM, and analytics as tools for answering questions about “who, what, where, and why,” event-driven features and event processing as tools for answering “when,” and SOAs as answers to “how.” A construction that may be a bit inelegant, but begins to shed light on some of the forces driving The Big Mash-Up.

And IBM isn’t the only vendor heading down this path. BEA Systems, for example, is talking increasingly about the “Event-Driven SOA.” Oracle offers an “Event-Driven Architecture Suite,” an element of what the company calls “SOA 2.0.” And there’s more to come, from familiar and emerging vendors.

This is a big and growing deal. If you’d like to read more about it, check out my Aberdeen Group Analyst Insight, “Building Event-Driven Architectures: Many Paths, One Mountain.” And if you haven’t yet done so, check out my Benchmark Study, “Performance in a Service-Oriented Architecture World,” while it’s still available at no cost for a now-VERY-limited time, as the marketeers like to say. (If you’re quick and have 10 minutes to spare, you can still take my survey on application and infrastructure monitoring and management, which entitles you to FREE copies of the SOA performance study AND the report to be based on the survey when that’s published. Such a deal, as we former Brooklynites like to say!)

Posted by mdortch in BPM • Business Knowledge Management • Current Events • Enterprise Information Integration • Event-Driven Architecture • IBM • IT Infrastructure Management • SOA • The Big Mash-Up  |  Permalink  | Comments (0)  | TrackBacks (0)

Dennis Byron, my new ebizQ BPM “blogmate” and one of my favorite pundits, wrote recently about Appian and Enterprise Rent-a-Car. I love the idea of “renting BPM,” and agree with Dennis completely that it’s something we could sooner rather than later, and not necessarily just from Appian.

I found another recent announcement equally interesting. In February, Vitria announced M3O, an environment it claims “empowers business users to directly model, manage, monitor and optimize their business processes.”

If you talk with senior executives at other BPM companies, as I have done recently, you hear several terms and variations repeated with increasing frequency. A distillation of what I’ve heard, without quite so much release-related rigor, comes out very close to the Vitria announcement.

That is to say, what users apparently want and need – or at least what vendors think users want and need now – is the ability to model processes, then execute those model processes immediately and directly, with as much IT cooperation as available and as little required IT intervention as possible.

A single view of the process, the data it accesses, and its effects, in a secure “sandbox” that allows near-real-time manipulation and optimization, without disrupting business operations. Rapid collaboration between and among the businesspeople driving processes and the IT people managing the infrastructures that enable those processes.

You get the idea. Think of it as a kind of “BPM Live.”

Now, Vitria’s not the only vendor of BPM or related solutions pointing in this general direction. I expect to see more such announcements soon and frequently, especially as more “rental”/software-as-a-service (SaaS) alternatives for BPM and related functions appear. I think you should expect the same, as part of what I, Joe McKendrick and other members of the “punditocracy” appear to be predicting with greater frequency – something I’m calling, at least for now, “The Big Mash-Up.” That’s BPM, plus event-driven architectures (EDAs), enterprise information integration (EII), information lifecycle management (ILM), master data management (MDM), and service-oriented architectures (SOAs), among other significant IT initiatives.

Research I’m conducting at Aberdeen Group is unearthing high levels of interdependency and “cross-pollination” among such efforts. You can read more about it in the recent Aberdeen reports I wrote on EII and SOA performance, both of which are available at no cost at the Aberdeen Group Web site for, as they say, a limited time only.

More to come on this. Lots more. Stay tuned – and make sure to make Dennis feel welcome, too!

Posted by mdortch in BPM • Business Knowledge Management • Current Events • Enterprise Information Integration • Event-Driven Architecture • Information Lifecycle Management • SOA • Software as a Service  |  Permalink  | Comments (0)  | TrackBacks (0)

Appian announced today that Enterprise Rent-A-Car has gone live with an Appian-Enterprise-based business process management (BPM) solution for Enterprise’s IT department. A couple of things surprised me about the announcement.

First, Enterprise is bigger than Hertz and Avis. The reason is that they get most of their business renting to those of us whose car is in the shop or when we otherwise need a car near our homes. Being the furthest from the gate in big airports hasn’t hurt them at all. The new solution, called Request Online, is dedicated to 1500 IT guys that fulfill product and service requests from Enterprise’s more than 65,000 employees worldwide.

Second, Appian is doing well in its strategy to widen the circle of industries it supports. Despite its Vienna, VA location, it now has a lot more than just U.S. government business.

Which led me to think maybe the way to grow BPM usage is the way Enterprise grew its rental car business. Go where the real need is rather than just to the airports. So I caught up with Malcolm Ross, Appian’s director of product management, to learn more.

From its legacy in the portal/knowledge-management (KM) space, Appian has built its functionality into a full blown BPM suite. In turn, it's built on a Java base following the Unified Modeling Language (UML) and the XML Process Definition Language (xPDL). (These are solid standards all, and which seem to be doing what standards should do without the interference of the European Union and Document Freedom Day groupies--see my recent rants about the ODF-OOXML battles). From an open source perspective, Appian comes with JBoss out of the box but of course works with WebSphere and WebLogic. It makes use of Lucene search engine as well. Not open source but Appian’s doing some real interesting stuff with KX Systems Kdb.

But the good news is that users don’t have to worry about all that technology stuff that I like to obsess about. Appian’s Form and Rules Designers and other real-user-facing components all work vis a straight Web interface (no need for Flash, plug-ins, etc.). That’s important for security requirements, which is key to many of Appian's government customers. But it is also good for ease of use for any customer. More important are the ease of Appian BPM implementation templates developed over the 10 years since it was founded. Examples are available for procurement in federal government, for wealth management with rules for credit scoring, a program with Instill to build a quality management solution for the food/service industry. Industry by industry, the Enterprise deal looks like it might be the entrée to a powerful IT Help Desk template.

And why stop with IT help desks? The web-based interface also feeds into Appian’s Software as a Service (SaaS) offering called Appian Anywhere. Depending on how Appian decides to grow its business, based on its SaaS capabilities, maybe we could be renting BPM down the line.

-- Dennis Byron

Posted by dennisb in Current Events  |  Permalink  | Comments (0)  | TrackBacks (0)

Let’s see, what have I missed lately?

Oracle and BEA: In January, the two companies finally reached agreement on Oracle acquiring BEA. As my Aberdeen Group colleagues wrote, the deal has multiple implications, not the least of which involve the synergies between BEA’s BPM strengths and Oracle’s SOA-related offerings. The BEA AquaLogic platform is basically a mash-up of an SOA platform and BPM tools. Oracle’s SOA solutions and emerging Fusion Middleware should combine well with BEA’s offerings. Now, all we need is a road map for how BEA’s Project Genesis and its focus on “Dynamic Business Applications” links up with Fusion Middleware – and those actual applications Oracle sells these days…

Sun and MySQL: Also in January (busy month), Sun acquired MySQL. As my Aberdeen Group colleagues and I wrote, that deal has some interesting implications for the BPM-related areas of business intelligence (BI) and analytics. That’s because Sun can combine MySQL software with its Open Solaris operating environment, its high-performance hardware, and offerings such as those from partners such as Greenplum. (Sun and Greenplum have already developed a pretty nifty data warehousing/BI appliance.)

What it all means (at least so far): Beyond the specific companies mentioned and their current competitors, these deals are also evidence of the continuing convergence of BPM with BI, analytics, and SOA-related efforts. These are also increasingly affected by the growth in range and functionality of open source technologies such as MySQL, OpenSolaris, and the core of Greenplum’s database management software, PostgreSQL. BPM decision-makers must pay close attention to relevant developments, in the marketplace generally and within their own enterprises. Alignment of these efforts is a sure step towards maximizing the business returns of all of them – and failing to align them almost guarantees frustration.

More soon. Really.

(P.S.: I’m writing a survey-driven Aberdeen Group study on SOA performance. If you’re involved in SOA decisions or initiatives, please take 10-15 minutes to take my survey, and help yourself to some free Aberdeen Group research. Thanks.)

Posted by mdortch in BPM • Business Knowledge Management • Current Events  |  Permalink  | Comments (0)  | TrackBacks (0)

Aside from its sterling reporting and analysis, one of my favorite features of The Economist is that it names columns about regions after figures important to that region’s history. So the column on what is now called the European Union (EU) is named Charlemagne, after “one of the continent’s great unifiers,” and the first crowned Holy Roman Emperor, according to the Economist.com Web site.

Always good to begin with a digression thinly disguised as background. But I…well, you know…

Anyway, the Nov. 17 edition of the Charlemagne column, “A dissertation on Romanian pork,” seemed to me directly relevant to the art and craft of business process management. In brief, it turns out that the animal-welfare requirements stipulated for EU membership fly in the face of long-held traditions among Romanian farmers. The farmers are allowed to kill pigs at home for personal consumption, as they have for some time – but only if they use an EU-specified animal-stunning device, something most of Romania’s millions of subsistence/family farmers can’t afford. (It’s also risky to combine electric stunning devices with the snow and wet ground common to Romania during winter, when the traditional ritual pig-killing takes place.)

Anyway, the Romanian farmers appealed for exemptions similar to those granted by the EU to Jewish and Muslim butchers, but were turned down, according to the column. The reason? That exemption applies only to religious rites, while the EU says the Romanian tradition is, well, “only” a tradition. Even though the pigs in question are traditionally killed around the end-of-winter feast of Saint Ignatius and Christmas holidays, which seem more religious than mere traditional associations to this admittedly distant observer.

Of course, this whole thing involving human beings, compromise is being sought. One possibility is having veterinarians screen the pigs for trichinosis and “throw in pig stunning free,” as The Economist so pithily put it. Meanwhile, at least some of the same farmers who are struggling to comply with the animal-welfare strictures are welcoming greater restrictions on potentially harmful pesticides. And so it goes.

The Take-Aways:
1. No process is ever developed, managed, revised, or retired in a vacuum.
2. No person or team is ever smart enough to predict the consequences of every such action completely accurately each and every time.
3. Unintended consequences are at least as difficult to plan for/around as they are to avoid.
4. Unintended consequences CAN be managed around, however, given clearly defined goals, clear consistent communications, and active inclusion of and participation by all affected stakeholders.

Please adjust your collaboration, communications, documentation, and/or process management tools and policies accordingly.

Posted by mdortch in BPM • Business Knowledge Management • Collaboration • Current Events  |  Permalink  | Comments (0)  | TrackBacks (0)

So if you run more and larger data centers than almost anybody, and you have an IQ above ambient air temperature, you’d already be looking for ways to cut your energy costs. And if you were really, really clever, you might figure out that some of the things you’ve learned and/or developed, or are learning and/or developing, might have value beyond your corporate borders.

So if you were, say, Google, maybe you’d do all of this in a way that not only bought you cost savings, but brought you a great amount of good press, by positioning your company as a committed explorer and developer of green/alternative energy. Which is precisely what Google has done.

The great thing about many environmental challenges is that they present opportunities for corporations of many sizes and types to “do well by doing good.” That is to say, a company can “go green” in ways that not only try to help the environment, but generate and/or boost revenues as well. Which is precisely what Google has done.

According to the rapidly growing bushel basket of stories already posted online, Google, hot on the heels of the Climate Savers Initiative it announced with Intel in June, is investing bushel baskets of money in alternative energy. Google plans to invest hundreds of millions of dollars, initially focused on geothermal, solar, and wind power, under the rubric “Renewable Energy Cheaper than Coal,” or the charmless, clunky abbreviation “RE

Anyway, Google’s created a new R&D division, to be run by its Google.org philanthropic non-profit. And even if the initiative never produces anything usable by the world at large, it is a great example of the combination of good process, and process done well.

The Take-Aways:
1. If they don’t already exist at your organization, argue, lobby, and work for policies that encourage and support:
+ awareness of energy-related and other environmental issues, and addressing of those most beneficial, challenging, and/or potentially threatening, to the organization and its ecosystem;
+ identification and exploitation of opportunities to “do good” organizationally, especially if and when such efforts can also contribute to revenues and/or reputational enhancement; and
+ sharing and promotion of your organization’s most positive policies and initiatives, across and beyond the organization, and including the communities in which it lives and does business wherever appropriate.

(By the way, some IT-enabled tool or set of tools for process capture and management and collaboration might possibly aid and abet such efforts. I’m just saying.)

2. If such policies are in place where you work, find as many ways as you can to nurture and grow them across and throughout the organization – and count yourself very, very lucky, professionally and personally.

Posted by mdortch in BPM • Collaboration • Current Events  |  Permalink  | Comments (0)  | TrackBacks (0)

(Once again, sorry for the long darkness since my last entry. No excuses; I’m still swamped, but have almost bailed myself out …)

Issue the First: Within the past week or so, both Citigroup and Merrill Lynch have jettisoned their leaders. But perhaps even more interesting is that according to several published and broadcast reports, neither company has a strong candidate successor waiting in the wings.

If this isn’t evidence of failed or inadequate business processes, I’d be very surprised. Effective corporate leadership succession, as Bette Davis famously said about old age, “is no place for sissies.” With shareholders increasingly appearing to demand higher returns every quarter, month, or week, management time cycles are compressing significantly. This means leaders barely have time to effect meaningful change before they’re on the hot seat. Outsized challenges such as the sub-prime mortgage market meltdown only accelerate and exacerbate these challenges.

The lesson for BPM and IT decision-makers: select and begin mentoring your future leaders now, and put effective and well-documented processes into place for identifying and working with those people. With every enterprise almost entirely dependent upon IT to do business, let alone to thrive competitively, no company can afford to miss a beat or make a misstep where IT leadership is concerned. And with more and more experienced IT people retiring, this is definitely a non-trivial challenge.

Issue the Second: Yahoo! has apologized publicly for misleading Congress, and giving the Chinese government information that helped lead to the jailing of dissidents. The company claimed that it had no choice but to comply with orders to deliver to the Chinese government e-mail records and other information that led to the dissidents’ arrests.

Sigh.

The IT-enabled globalization genie is out of the bottle for sure, and ain’t getting back in any time soon. However, as country musician Aaron Tippin said in his first hit song, and as many have said before and since, “you’ve got to stand for something or you’ll fall for anything.” Yahoo! – and every other company doing business beyond the borders of the country in which it was started – must decide what its corporate values are, and live by and up to them, wherever it does business.

The lesson for BPM and IT decision-makers: ensure that values at your workplace and across your company are clearly articulated and consistently enforced. This will not only make recruiting and retention of key staff and leaders easier, it will make it easier for you and your colleagues to sleep well at night – barring unforeseen IT crises, of course...

Posted by mdortch in BPM • Current Events • IT Infrastructure Management  |  Permalink  | Comments (0)  | TrackBacks (0)

Before I being the current tirade, my abject apologies to everyone at ebizQ, especially all of you readers out there – all five of you – who’ve been wondering where I’ve been. (My even more abject apologies to those who didn’t even miss me, for returning.) Let’s just say settling into a new job is challenging and time-consuming, promise it won’t happen again without more warning and faster recovery, and leave it at that. And now, back to business…processes, that is!

So The TJX Companies, owners of TJMaxx and Marshalls, among other retail chains, loses credit card information and other private data for thousands of customers. The company goes to court, and hammers out a settlement that basically offers gift certificates to victims of its failure in multiple business processes, notably those related to IT and intellectual property (IP) protection and security.

So in effect, in exchange for losing my personal data and forcing me to cancel and replace all of my credit and identity cards, I’m welcome to come back to the store with the new ones, and spend more of my time and money? If all of this happens again, am I officially permitted to stop referring to it as isolated incompetence, and to begin instead calling it a business practice?

Wal-Mart, meanwhile, has embarked on a campaign to reduce human-to-human customer interactions, according to reports on National Public Radio and elsewhere. The company has removed from its Web site its former customer service number, saying that answering the volume of calls it was receiving was getting to expensive.

So it’s too expensive to help those people who are unable or unwilling to go online, but who are able and/or willing to make their way down to a Wal-Mart store and spend time and money there. Next, Wal-Mart will be telling those same customers to stop using cash and checks, because those transactions cost too much to process.

Or, maybe both companies will come to their collective managerial senses, and realize that one can squeeze operational costs out of an environment in ways that create costs and risks elsewhere. Like the costs associated with reputational risk, when a retailer is seen as insensitive to the people it depends on for its revenues.

What can we learn? If you’re a business and/or IT decision-maker, don’t summarily change or remove something just because you decide it will make things work better, even if it will. Just because a change makes things work better doesn’t mean it will compel the people using those things to work better, not without clear communication with and inclusion of those affected.

Posted by mdortch in BPM • Business Knowledge Management • Current Events • IT Infrastructure Management  |  Permalink  | Comments (2)  | TrackBacks (0)

Frank Van Buren is a businessman who has loyally carried an Exxon Corp. credit card, issued by Citibank, for 17 years. His card was about to expire, and he contacted Exxon to request two new cards.

He got them. Shortly followed by a box of 1,000 additional new cards, festooned with Frank's name and account number, but without the activation stickers most new credit cards now carry to help prevent identity theft and unauthorized use.

Frank called Exxon customer service, and was told to destroy the cards. Which he and his shredder spent three hours doing. After which, he received another box of another 1,000 ready-to-use credit cards.

Frank tried to get reimbursed for the time and trouble of shredding the 2,000 cards he didn't request and didn't want. He was first offered $25, which he refused, then $100, which he accepted, albeit grudgingly. Exxon, meanwhile, said publicly that it has no idea what happened. Citibank said it apologized for "any inconvenience."

Yeah, right. Meanwhile, Frank came away feeling victimized by a company with which his business had done business for almost 20 years. As he told the New York Daily News, "Companies are not giving us what we pay for," he said. "The attitude was: 'This is your problem, not ours.'"

So, what have we learned today?

1. Business processes do not stop at the front door or loading dock of your business, but extend to every partner with which you do business. This means that your business is ultimately responsible for anything with it or your name on it, even if a partner is involved in actual delivery.

2. You cannot control the implementation or management of partners' business processes. But you can, should, and must audit those processes regularly, and build into your partnership agreements specific terms and conditions that motivate partners to communicate regularly and clearly with you and your business. Those agreements should also penalize partners that violate or fail to comply with said terms and conditions.

3. Ensure that your business processes, and those of your key partners, include rapid and meaningful apologies to customers who are badly or inexplicably treated – and more than token financial remuneration when those customers are significantly inconvenienced. The customer may not always be right, but is always important, and should always be treated that way.

Posted by mdortch in BPM • Current Events  |  Permalink  | Comments (0)  | TrackBacks (0)

According to an Information Week story posted today, the U.S. Department of Veterans Affairs, otherwise known as the "VA," has updated the details of the lost hard drive announced in January. At that time, the VA said a hard drive lost from its Birmingham, AL Medical Center contained approximately 48,000 veterans' records, with as many as 20,000 unencrypted, despite explicit policies requiring such protection.

In February, the VA said the January numbers were a little off. The lost drive could have actually contained personal information about as many as 535,000 people, and about as many as 1.5 million physicians not affiliated with the VA.

Now comes a report dated June 29 from the VA Office of Inspector General (OIG). According to the report, the IT "specialist" who lost the hard drive deleted and encrypted files on his own system, to hide and to minimize the extent of the information lost with the hard drive. Said specialist only confessed after confronted with information from a forensic analysis the VA OIG had performed.

Further, the report states that the lost hard drive might not have even been lost, had incumbent physical and electronic security policies been followed and enforced. Policies such as encrypting sensitive data, something a local VA administrator apparently decided was unnecessary, if he just asked his workers not to remove the hard drives from the office. Which they did. And to lock them in a safe when not in use. Which they did not. Which likely wouldn't have mattered, since the safe had no access log, nor partitioned access, which meant that every employee who did use the safe had access to every other employee's hard drive. Or at least, the hard drive of any other employees who had bothered to lock their hard drives in the safe.

This laxity in policy enforcement also extended to the unnamed IT specialist. He was also given sufficient access to supposedly private personal information that he could extract information from medical records into a research database. Access he did not need and should not have been granted.

So, what have we learned?

1. Security policies are exactly like business processes. Without consistent documentation and enforcement, and frequent "re-inculcation" among users, they are basically useless.

2. Electronic and physical security policies and processes require close integration and synchronized management, if either is to be truly effective.

3. Enough is enough. That is, don't provide anyone access to more information than they absolutely need to do their jobs. Especially if any or all of that information is considered personal and private.

4. Process management is continuous. Anytime anyone thinks any process is completely managed and requires no more oversight, something bad is about to happen. Especially if there's a poorly managed IT specialist involved…

Posted by mdortch in BPM • Current Events • Security  |  Permalink  | Comments (0)  | TrackBacks (0)

The wait is over. Now, the wait can begin.

There is a standard known as Web Services Business Process Execution Language, or WS-BPEL. It's promulgated by the Organization for the Advancement of Structured Information (OASIS), a broadly supported and widely respected international consortium. WS-BPEL is now at version 2.0. It's very good at providing a framework for orchestrating so-called "composite applications," ideally composed from multiple already-written applications or application elements. WS-BPEL is not very good at providing a framework for human workflows – and those human workflows often have significant, yet difficult-to-predict effects on business processes, as well as application and services workflows.

After a bunch of work for a bunch of time, there is now BPEL4People, a Web Services specification that describes ways to model human workflows. Initial supporting vendors include Active Endpoints (provider of BPEL support tools for SOA developers and architects), Adobe Systems, Inc., BEA Systems, Inc., IBM Corp., Oracle Corp., and SAP AG.

An element of BPEL4People, Web Services Human Task, intends to depict human actions as activities that can be "consumed" by applications and services. This could, then, bridge and significantly narrow the gap between service-oriented architectures (SOAs) and the humans attempting to use the services to do work that makes the business go.

BPEL4People, in essence, intends to help integrate the management of processes that describe and govern the behavior of applications, services, and systems with that of those processes that describe and govern human behaviors. For those of us who have been yammering about and clamoring for human-centric BPM – or "business knowledge management," or "people process management," or whatever you want to call it – this is great news.

But it is only a beginning. Because now, the vendors supporting BPEL4People have to do three things, and they have to do them quickly, transparently, and well. First, they have to attract more vendor support and endorsement of the specification, especially among their software-developing partners. Second, they have to deliver products that make real the promise of the specification. Third, they have to get the specification transmogrified by OASIS into a formal industry standard. Preferably before too many "early implementations" and "enhancements" make interoperability too slippery a slope for too many prospective developers and users.

You can read more about BPEL4People here at ebizQ, and in the Oracle news release. You might then want to contact your top three incumbent and/or prospective IT and BPM solution providers, and find out their plans for support of BPEL4People. I intend to do some of that myself. Let me know what you find out, and I'll share and compare findings in future outings here. Could be good; it's just a question of when, and how good…

Posted by mdortch in BPM • Business Knowledge Management • Current Events • IBM  |  Permalink  | Comments (1)  | TrackBacks (0)

According to a recent story published and posted online by the San Francisco Chronicle, 400 Cathay Pacific Airways passengers sat on a flight for more than seven hours – before the flight was canceled. Several passengers reportedly said that they received no information for at least three of those seven hours, and that when the flight was finally scrapped, there were no airline representatives to help disembarking passengers with rebooking. In contrast, the airline, according to the article, "described the evening as something akin to a well-stocked slumber party while the crew scurried to find a part to fix a mechanical problem."

Well. A slight difference in perception there, eh? Some process alignment might be in order here.

In a similar vein, on June 13, the U.S. Consumer Products Safety Commission (CPSC) announced that RC2 Corp. had begun a "voluntary" recall of 1.5 million wooden "Thomas the Tank Engine" toys that had somehow been decorated with toxic lead-based paints. RC2 – providers of "compelling passionate parenting and play for all ages," according to its Web site – is an Illinois-based company with manufacturing facilities in China, where the tainted toys were reportedly made. (Just today, National Public Radio (NPR)'s "All Things Considered" program reported that an inspection by China's General Administration of Quality Supervision, Inspection and Quarantine had discovered 23,000 cases of bad food and closed 180 factories.

On June 24, the Chicago Tribune reported that a complaint about lead paint on some of the company's metal Thomas toys had been filed in 2006. The person who filed the complaint with the CPSC never heard from that agency, and RC2 says CPSC never notified the company about the complaint, as required by law. Other than that, and saying that it had "reviewed all relevant manufacturing procedures" and found no other products that exceeded safe lead levels, RC2 has basically stonewalled.

My question is, has none of the leaders of either Cathay Pacific or RC2 ever heard about the Tylenol poisoning scandal that made worldwide news in 1982? Cyanide-laced Tylenol capsules killed seven people, but the company recovered. How? New technology – tamper-proof packaging – and big-time, public apologies and active leadership by senior executives.

So what can we learn about BPM from these incidents?

1. Bad processes and bad process management create significant risks – financial, operational, and reputational. Reputational risk is the hardest to quantify, but can be the most significant and damaging overall.

2. Every business process and process management initiative affects one or more constituencies. Those constituencies deserve and require clear, direct communication about what's happening and why, what's expected of them, and what they can expect. This is in addition to any "marketing" and/or "sales" necessary to win support for the initiative.

3. If you break something – or if something breaks on your watch, even if it's not your fault – apologize. Then explain what you can, and take responsibility for fixing it, getting it fixed, and/or communicating frequently about progress toward resolution.

4. Ensure that all BPM efforts include and support goals of accessibility of decision-makers, clear, consistent communication, and transparency. Your life will only be easier as a result. And if things go really well, such practices will find their way into other aspects of your company, if they aren't there already.

Posted by mdortch in BPM • Business Knowledge Management • Current Events  |  Permalink  | Comments (0)  | TrackBacks (0)