Can We Really Change Organizations? Cultural Engineering and Information Governance

“It was a profoundly man-made disaster — that could and should have been foreseen and prevented. And its effects could have been mitigated by a more effective human response . . . For all the extensive detail it provides, what this report cannot fully convey — especially to a global audience — is the mindset behind this disaster.”

Kiyoshi Kurokawa, Chairman of the Fukushima Nuclear Accident Independent Investigation Committee, July 2012

“In the first minute after the autopilot disconnection, the failure of the attempt to understand the situation and the disruption of crew cooperation had a multiplying effect, inducing total loss of cognitive control of the situation . . . A review of pilot training did not provide convincing evidence that the associated skills had been correctly developed and maintained.”

French air investigator’s final report on the 2009 crash of Air France Flight 447, resulting in 228 deaths, issued July 2012. ˆ

“’Someone was in danger,’ explained Mr. Lopez . . . ‘I wasn’t going to choose my job over someone in danger. My job is to help people in distress. It was a moronic rule in my opinion that they set up. I understand the liability issues, but . . .’ He breached protocol by running to an area outside his beach zone without waiting for his supervisor to arrive to cover his station, posing a potential liability problem.”

Lifeguard Says He Chose Saving Man Over Saving Job, New York Times, July 5, 2012

The most powerful earthquake in Japan’s recorded history. A Tsunami with 130′ waves that penetrate six miles inland. Thousands of lives lost. Reactors in a coastal nuclear power plant start to melt down.  Radioactive gas is released into the atmosphere.  It’s a nuclear disaster. The cause? Obvious: forces of nature.

Wrong. Organizational culture.

On an Air France flight from Rio de Janeiro to Paris, instruments designed to measure airspeed fail, causing some autopilot systems to fail. The crew, confused about their speed and angle of flight, put the plane into a stall and it crashes into the ocean, killing everyone on board.  The cause? Obvious: mechanical failure.

Wrong. Organizational culture.

A young lifeguard in Florida is fired. Why? Because he disobeyed company procedure to rescue someone he thought was drowning. The procedure had a single purpose: protect his employer from legal liability. He mistakenly believe that he had a single purpose as a LIFEGUARD: guard lives.

I picked each of these three stories from Section A of the New York Times this morning, not because I was looking for them, but because the thread connecting them resonated with me, and some thinking I have been doing about the role of organizational culture in information governance. These are from one section of one newspaper on one day, picked out by someone jostling for a seat on a sweaty F train ride. Not exactly random, but not exactly exhaustive research either.

The hardest part of information governance is changing (or at least challenging) organizational culture.

This is such a glib statement. Borderline tautological. Almost axiomatic. But, there is truth here, somewhere.

For the past twelve years, I have made my living as a subject matter expert. But lately I’ve been wondering which subject matter really matters. Over the dozen years I have thought of myself – and marketed myself – as an expert on a variety of topics (not necessarily at the same time): information security, electronic evidence, privacy, software product marketing, content development, records management, compliance, IT governance, electronic content management, taxonomies, ghost-busting, information architecture, e-discovery,  information governance. I’ve always been this way, I guess. In high school I started an business fixing cars. In university I made extra money teaching university-level classes on HTML and hand-coding webpages for professors.

However, I have never thought of myself — nor marketed myself — as an expert on organizational culture.  I never set out to become an expert. But, after witnessing the gooey inner workings of dozens and dozens of organizations large and small, in multiple industries, I seem to have learned something.  I don’t directly sell what I know corporate disfunction to clients, but it might be the most valuable thing I offer.

Organizational culture is the rocky, rugged shore upon which the bravest barques crash. I have concluded that it is nearly impossible to fundamentally change organizational culture. Not completely impossible, just very difficult.

And yet, the success or failure of most multi-million dollar enterprise software implementations ABSOLUTELY DEPENDS on thousands of individuals changing their behaviour. CRM or sales force automation software mostly fails if sales and marketing people don’t change they way they do their jobs, in dozens of tiny ways, every day. Content management and collaboration software fails if thousands of employees don’t change they way they find, create, and communicate information – assuming you can get them using the platform at all. Enterprise social media fails unless most employees see the rewards of total transparency at work.

This is no secret – those who sell the software will tell you this. For example, here’s a quote from a recent OpenText blog post:

“What’s the biggest barrier you’ll face when deploying collaborative or social software (or even straight document management)? It’s swaying people’s attitudes and behaviors towards their information, knowledge, and content.”

Organizational culture isn’t much easier to engineer than national culture. Despite being forced by Canadian cultural content laws as a teenager to listen to Rush, Corey Hart, Gowan, and Kim Mitchell, I still think they all suck (sorry, Tamir).

Cultural Engineering is hazardous work. In fact, it is so hard that a certain breed of startup software company is choosing to avoid it altogether by chucking the bitter controls that big companies need to function and focusing instead on the sweet candy users want – willfully ignoring the long-term effects on the organization. What are the long-term effects? At minimum, the creation of new toxic silos of disorganized, neglected, disconnected information bristling with all kinds of business and legal jagged edges. At maximum this strategy sends the customer blissfully skipping down a gilded path that can only lead to loss and theft; privacy disasters; millions of dollars spent in unecessary electronic discovery costs and lawyer fees; and fines and penalties for failing to comply with any number of the thousands of laws and regulations affecting a large corporation’s information.

You don’t have to move very much soil in a large company to find the fossilized relics of systems past that were earlier incarnations of this myopia. To whit: a manufacturing client with 34,000 Lotus Notes databases that nobody knew what to do with — the legacy of an earlier generation’s blind bliss of “empowering users” through self-provisioning and finally, once and for all, freeing them from the machinations of their evil IT overlords. The 34, 000 Lotus Notes databases that were the sweetest e-discovery honey hole for every plaintiffs attorney east of the Mississippi; the glorious user-empowered, next generation environment that caused my client to settle case after case because it was cheaper than extracting data from the wonderful, self-provisioned mess. The amazing, hands-off application building environment that they couldn’t afford to keep around, but that was too expensive to get rid of.

Some observers are criticizing today’s startup software companies for focusing on trivial problems (Nicholas Carr, for example: “An app for making vintage photos isn’t exactly a moonshot”). There’s even a parody website on the subject. I don’t know if this is true, or if it just seems this way (the topic has the smell of a “trend piece,” like the rise of Satanic cults in the 1980s). If it is, maybe there are BIG IMPORTANT sociological reasons for this. But one thing is certain: building software that provides real value to a big organization is hard, if only because cultural engineering is hard.

So, what are the enterprise startups working on? Well, here’s one category: shared drives in the cloud. It just makes me — I don’t know  — tired? that some seem to think that putting a shared drive in the cloud is innovative. Or even edgy and “disruptive.” Conceptually, there is nothing innovative about it. Yes, the mobile and the multi-device user gives it legs. But it’s still just a damn shared drive — a great way to share information, but terrible for almost anything else. What happens after that glorious moment that the content is shared? Does the content just disappear? Are we keep supposed to never think about it again? What if we want to keep some information and throw some away? What if some of it needs special treatment because of some pain-in-the-ass law? Why are we pretending that shared drives in the cloud are immune from the problems of old-fashioned Windows networked shared drives? Shared drives stand in the way of every big company’s effort to do something meaningful with their pile of unstructured content. Do you spend millions cleaning them up? Millions migrating them to SharePoint? Even with the best “automated classification tools,” this still costs a large company millions — IF it can get the lawyers to bless the plan in the first place.

A few days before Microsoft purchased the company, I saw a senior executive from Yammer speak. It was a product pitch with the self-laudatory axiom, “adoption is the new ROI” as its centrepiece. Yammer (which some have called “FaceBook for the enterprise”) built its company in large part by offering the service to corporate users for free, then charging IT administrators to manage the resulting mess. The axiom was proven out by the company, as user counts no doubt were a central metric used by Microsoft to justify its $1.2B investment, but as an axiom for enterprise software it is gibberish. And cynical. Companies in this space also seem to love marketing slogans like, “75% of the Fortune 500 use our software,” which tells you about as much about their enterprise penetration as it would if Rovio, the maker of Angry Birds, claimed that  “100% of the Fortune 500 use our software.”

Are these companies thinking big? Do they have an enterprise moonshot? Are they tackling the truly complicated information problems of the large enterprise?

Many companies, both old and new, are tackling complicated problems. Bringing Internet scale to enterprise data. Layering massively powerful analytical tools on top of the data. Empowering the messy, risky big decisions that must be made about vast pools of we create. Refusing to be cowed by legal FUD. Cleaning up mind-boggling volumes of junk. Investing the time and money it really takes to understand vertical, business unit, and departmental problems, and deliver unsexy, but truly valuable software and process. Empowering users in a way that balances shiny new toy syndrome with the complex realities of a real-world operating environment.

But, perhaps even these companies are focusing their attention on enterprise problems that do not require cultural change or engineering. Problems that do not require any change in what a user does or does not do. Billions of dollars of enterprise software have been sold over the years because the person writing the checks believed that changing user behaviour was possible. The engineering of organizational culture has been the sine qu non of enterprise software.

Have we now reached the point where it is simply old fashioned to believe that it is possible or desireable to dicate, or at least motivate, a user to do something, or to not do something? Perhaps, but any number of corporate programs, from safety to sales practices to performance reviews, rely on this dynamic. At the same time, it’s obvious that culture engineering adds significant friction to the process of selling and implementing enterprise software, so providers are logically looking for ways to minimize or avoid it altogether.

Engineering organizational culture is engineering human behaviour itself, on a large scale. In that sense, it is not mysterious. Show the value of the change to the individual. Use incentives and consequences to create social pressure –  the true motivator. Rinse and repeat. Despite the challenges, I don’t think we have moved past the need for organizational change in the world of Information Governance.

Author: Barclay T. Blair


  1. Conni Christensen

    Hi Barclay,
    Having been through the same thought processes as you, I too think about organizational change and wonder how to “breakthrough” established habits and attitudes. Our Lest we Forget site ( records major breakdowns in information governance, particularly ongoing tales of systemic failure (search Child Protection!). We do this to try and provide ammunition for change, but sometimes I wonder who really cares, particularly when fresh episodes breakout with monotonous regularity.
    I am influenced by words from a truly wise Australia (Hugh Mackay) On the subject of changing attitudes and then behavior, Mackay said that it was easier to change behavior first and attitudes will follow. I think he’s right. Behavioral change is forced with legislation, rules, social pressure, incentives and penalties. Australian examples include OSHA, seatbelts, gun control, recycling, climate change, etc. Over time, our attitudes have changed because we were forced to change our behavior.
    In our company good information governance is mandatory. Information governance is built into job descriptions and on the job training. Non conformers are soon shown the error of their ways (use your imagination here.). There is no question of doing it any other way, and our staff expect newbies to follow suit.
    But concurrently, we have invested in our systems, to make it information management easier, automating tasks and integrating technologies. Our policy is data entry /information capture only once, and connect eveything that can/should be connected to make it easier to use/find. After all we still have to make a living and productivity is paramount. But then we believe that performance and conformance go hand in hand.
    Kind regards

  2. Tom Sohal

    It’s Saturday morning, grey and wet outside. After a lazy breakfast just switched on my laptop and a link from somewhere I can’t at all remember directed me to your article. Intrigued, I read it and then re-read it. I spend my days professionally engaged in business transformation and I’ve totally lost count of the number of times everyone from CEO’s to newly recruited graduates in business ask me the very same question: how do we get this to change? Top-down, bottom-up, by consensus, by design, through think-tanks, through away-days, outward bound – how many wonderful, varied and often expensive ways there are, but what will work? Do ERP systems assist? Or Business Warehouse? Or Cloud solutions? Or Social Networking software? Anyway, thanks for your sharing your thoughts, I’ll ponder upon what you’ve said as I potter about doing the chores this weekend, I’ve been reading about Steve Job’s passion for focusing on simplicity. I think there’s merit in simplicity being the underpinning engineering for any corporate change programme.

    • Barclay T. Blair


      Good to hear that the post has you ruminating – me too. I was at a conference yesterday where there was some discussion around this issue. Like many of these conversations, the dynamic was something like this: six or seven people weighing in on the different dimensions of the problem and its complexity. Then, someone, with great gravity, interjecting the “the voice of wisdom” that “we can’t boil the ocean” and “we have to keep it simple,” then proposing a couple of self-evident tactics that might get you through about the first few months of a project that takes years (and actually isn’t really a project, but a process). Okay, now what? Were the “simple” things you did the right things to do? Were they the most important things? Who knows, because the naive desire for “simplicity” blinded you to the simple fact: changing organizations is complex. It is messy.

  3. J.Hagmann

    thanks Barclay for this excellent post again. Based on my over 20 years experience in the information and content mgmt business my major concern and question with Conni is also: who really cares ? – imagine a company with > 10 b revenues and without any ECM system (sic !) just eliminates a small records center (2 associates!) at its headquarter (a service built up through years) . Or another case: a data warehouse burnt down in Switzerland some years ago and as a consequence the provider only lost one customer (most clients stated that the evidence they lost was not very important or just due to disposition). Or a big ECM campaign in Germany two years ago (ECM NOW!) just created some wind without any success. What is so hard about? Sure it’s the culture but every following point also has its impacts: information handling illiteracy, misunderstandings of notions and concepts (misnomers incl. the CIO); Technology domination; Insight deficits (analytics) under big data; strategic functions fail (Forrester); C-level perceptions and finally operationalizing info governance for business value (sound metrics), and information economics (why do information assets (intangibles) not appear in any balance sheet as the fourth production factor?). … hearing the echo -> we cannot measure it, so if you can’t bill it you can kill it.
    A lot of experts and specialists are desperately searching for arguments and reasons why user adoption of ECM fails etc. the reality is different: How to successfully sell something that nobody wants.
    Finally there is no royal way to solutions, just permament advice and suggestions and we have to imagine Sisyphos as a happy person.

    • Barclay T. Blair

      Great to hear from you Juerg. Besides the fundamental complexity of implementing ANY enterprise software – and the attendant high failure rates – I think traditional ECM has some unique failure points:

        – It is often purchased by buyers who have too little insight into the business units and departments where they wish to implement it (i.e., poor requirements definition). This is usually not a problem of vision or effort, but of political power, as the purchasers don’t have the power to bring those stakeholders to the table.
        – By the time the software is actually purchased (often a long, complex, draining process), there is no money, organizational momentum or political capital left over to actually implement it.
        – Unrealistic expectations about user behavior and motivation.
        – Unrealistic expectations about business unit and departmental motivation to implement and build solutions on the platform.
        – Focusing too much on big, horizontal enterprise use cases, at the expense of small, vertical, departmental case studies-where measurable value is much more likely to be achieved.
  4. Larry Medina

    And the meat of the excellent post?

    “Show the value of the change to the individual. Use incentives and consequences to create social pressure – the true motivator. Rinse and repeat.”

    The greatest success comes from making them think it was THEIR idea. And the way to make it go viral within an organization is to find someone willing to be the pilot organization, then allow them to hoist it up the organizational flagpole and make everyone else scream “me too! ME TOO!! I want some of that!”

    One of my first experiences as a consultant was with an organization that had been around over 80 years and excelled on doing the right things all the wrong ways for the classic reason of “We’ve ALWAYS done it that way”. I went in as a hired gun from a firm to perform an assessment of one of their “mission critical” systems that they were having response time troubles with.

    There were a large number of problems, but the largest was the layers of management clients were required to wade through to get to the individual/s who controlled the information needed to respond to the inquiries, and how they had each built systems for requestors to comply with before they provided the information they needed. None of the information was classified, sensitive, protected by privacy concerns or anything like that. It was that as successive layers of management were built, they all tended to mimic the bad practices of the layers above them… because they assumed “If it worked for them, it should work for us.”

    I wrote up my analysis findings and prior to it being delivered the client, my VP asked to see the report. Although my research was complete and my recommendations were sound, he asked me to re-write it from a different perspective. He said ” What you’ve done here is inform the patient they are very ill, and there is some foul tasting medicine they need to take. And if they fail to take it they will die a slow and horrible death.” And he was right, that’s exactly what I did. What I failed to take into consideration is they were completely at peace with doing things as they had been until their clients complained.

    His suggestion was to point out that an application of “the medicine” at the highest level would satisfy the clients needs, IF the senior manager made suggestions to lower levels to similarly change their practices. Following an institution of the changes, they could trumpet an announcement to the rest of the organization as a “Management decision made, resulting in a savings of countless hours of staff time and a more rapid response to meet client needs.”

    I was brought back to perform successive analyses. Would this work with selling the concept of Information Governance? Maybe… the biggest issue here is convincing people that they need it, once you can get them to agree on a definition of what it is. Similar to “the Ubiquitous Cloud”, “the Unexampled Information Governance” causes a group of people to furrow a brow when considering it, not at all unlike

  5. parapadakis

    Very interesting article and discussion, thank you. We keep referring to the “organisation” or the “corporation” the or the “enterprise” as an alien amorphous blob. Something that is distant and detached from the individuals that work in it. It isn’t. The organisation IS the individuals, but neither our ROI studies nor our implementation and governance plans reflect that. We carefully calculate the big savings and the growth options and forget the “what’s in it for me?” part for the individuals.

    Most enterprise software, and certainly ECM, bring business transformation. If the individuals – “we, the people” – feel that the transformation is done TO them, rather than with them and for them, they will object. That’s what humans do! Information governance takes discipline. Any parent that has tried to convince a teenager to clean their room, knows that you can’t just dictate discipline and expect it to happen. There needs to be an incentive, a payback or a bribe. No teenager ever cleaned their room “because we need to have a tidy house”. The “what’s in it for me?” has to be part of the business case and part of the change management plan. (curious: how many ECM implementations have you seen with a CHANGE management plan, and rather than an implementation/rollout plan?).

    User behaviour will change, when the user sees personal benefit in doing so. Never because it will increase the earnings per share for the stockholders…

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s