Agile Culture Part 5 - Enhancing Safety
So far we have looked at four of the five aspects of agile culture:
Striving for quality
Becoming a Learning Organisation
If an organisation can embrace those four they will truly be an agile organisation. So if all they need are those four, why is there a fifth? The fifth aspect, Enhancing Safety, is in the list because without it none of the others can happen. Without a sense of safety, you won't get supportive leadership, you won't get a focus on quality, you won't get learning and you certainly won't get enabled people. What you will get is what you probably have now - people doing exactly what they are told, not asking questions, not challenging, not pushing boundaries, not setting challenging goals and escalating all decisions upwards. You will get an organisation that is risk averse (that's not a good thing BTW... a lot of organisations brag about being risk averse, what they really mean is that they manage risk carefully; being risk averse means being afraid to take any risks at all, like new products, innovation of any kind, process improvements...), ossified and incapable of change.
Before I go on, I had better define what I mean by safety. I'm not really talking about physical safety here, although that is important. I'm assuming here that everyone reading this is working in an office and those, for the most part, are pretty safe environments. If you are working in a factory or mine or construction site where there are physical dangers, you absolutely need to have those under control. In an office though, short of falling into a filing cabinet and giving yourself a fatal paper cut, physical danger really isn't that something we need to worry about that much. What I'm talking about is psychological safety - an environment where people feel safe to express themselves freely. You may think that you have this already, after all, you have told people that they are free to speak up and express themselves. But are they really free to speak? Or are there things hidden in plain sight that stop them and make the environment unsafe? I'll look at some of those hidden in plain sight things shortly but first I'm going to tell you some stories about some environments that weren't safe and what that lack of safety lead to.
On 28 January 1986, space shuttle Challenger lifted from the launch pad on STS-51. It was the 25th space shuttle launch. It was carrying a crew of 7 including, for the first time, a civilian, as part of the Teacher in Space program. 73 seconds after launch the shuttle exploded in mid air, killing all seven on board and grounding the shuttle program for years. The commission of inquiry established to look into the cause found that the physical cause was the failure of a sealing O ring on one of the shuttle's solid fuel boosters, that allowed hot exhaust gasses to leak out the side of the booster and eat into the side of the main fuel tank. The main fuel tank carried 629,340 kg of liquid oxygen and 106,261 kg of liquid hydrogen. When the tank failed, those mixed and exploded. The crew were almost certainly still alive and probably conscious when they hit the ocean nearly 3 minutes later. The commission did not stop there though. The root cause of the failure was laid squarely at the feet of NASA management and a culture of fear and intimidation caused by a "must launch" attitude. The launch had already been delayed once and there was intense media interest due to the teacher in space so there was enormous pressure to get it off the ground. The weakness of the O rings had been known since the second shuttle launch but, in the absence of a fix, and the non explosion of the next few missions, NASA management discounted the O ring problem. The weather on the day of launch violated several launch constraints. Most importantly, it was well below the minimum temperature the shuttle was rated to fly in, and everyone knew that the O rings became weak and brittle at low temperature. But the pressure to launch was intense. A conference was held the night before to establish launch readiness and the contractor responsible for the boosters tried to have the launch delayed, but was essentially bullied into submission by NASA management .Essentially they had to justify that the shuttle was not safe to fly, instead of what was supposed to happen - justifying that the shuttle was safe to fly. The commission found that the estimates of reliability given by key NASA engineers differed by almost a thousandfold from those given by NASA management. Information on safety issues was being suppressed by layers of management.
On 1 February 2003, Shuttle Columbia started re-entry after a successful mission. Unbeknown to the crew, it had a large hole in the leading edge of one wing after being struck by a piece of insulation foam during liftoff. That hole allowed the re-entry plasma at over 3000 degrees to enter the wing and eat into the main aluminium wing spar "like a blowtorch into a block of butter". The wing collapsed, the craft tumbled and disintegrated. All seven on board were killed. The commission of inquiry found that NASA engineers had known about the foam issue for decades but again, safety concerns had been suppressed by layers of management and NASA had developed a culture of accepting serious flight risks on the basis that they hadn't caused a serious problem before. This is exactly the same cultural problem that that lead to the Challenger disaster 17 years before.
On 6 August 1997, Korean air flight 801 to Guam was making an instrument approach under poor weather conditions. The pilot somehow managed to lock onto the wrong navigation beacon. The flight engineer tried repeatedly to warn the pilot and was repeatedly yelled at by the pilot for contradicting him. The co-pilot who could have taken control at any time sat silent and watched as the pilot flew the plane into the side of a hill killing 228 people. The crash investigation laid the blame on the toxic and hierarchical cabin culture within Korean airlines that lead to the pilot ignoring the warnings of his crew and the co-pilot's reluctance to take control even though there was a clear problem.
So you may be thinking about now that "we don't fly spacecraft or land aircraft, what does this mean for us?" That may well be true, but look at the hidden cultural factors present above - hierarchies, pressure to launch (or ship your product), a willingness to accept operational risk because it hasn't caused a problem yet. There may not be lives involved, but how many failed projects, or bad customer experiences are out there in your organisation right now, hidden by those factors? How often has an engineer been forced to justify why a launch should be delayed to fix a bug rather than the organisation having to justify why the launch should go ahead with the bug not fixed? How many times has operational risk been identified and accepted? How real are the status reports you read? Are they a true reflection or are there layers of management sanitising the figures to make themselves and their departments look good? Is the engineer who identifies a problem that delays a release rewarded? Or are they met with looks of disapproval? Do they get shouted at or pressured by the product manager to "just make it a minor so we can ship and meet the date"?
Are those hidden cultural factors working against your message of empowerment an openness? Have a think about that and we'll look at how to enhance safety within your organisation next time.