Recently I did some work with a small distribution company operating from the South of England and Belgium. We looked at their general process set-up in an attempt to understand exactly how well they were organised to manage and improve their processes capability.
I was working with their head financial person who, it appeared, wore many hats. She was responsible for running the whole financial department, approving expenses, managing suppliers, creating monthly reports and even helping recruit and train new employees. It seemed that every question I asked about how the company operated appeared to come back to this single individual.
Alarm bells started ringing in my head immediately for many reasons. As an ex-auditor this situation was prime for an exploitation of 'segregation of duty' control failures. With a little bit of application this single individual could raise a phony invoice from a 'new' supplier, approve the invoice and pay the money directly into her own bank account. A little bit of judicious accounting or an unfortunate 'lost document' or two would leave her tracks completely covered and enable her to continue this for some time.
However this wasn't what worried me most. The fact of the matter was that she was a single point of failure in the company. I asked her the question "Who would take over your role and run this company if you won the lottery and left the next day?". There was no answer to this question. (Actually the question I used to ask in this situation was "How would the company cope if you got run over by a bus?" but this is now deemed to be politically insensitive..) The real answer to this question is that companies will, generally, cope, but their efficiency and effectiveness will suffer in the short to medium term, as will their customer service and, more importantly, their financial situation. Imagine if one individual knows the bank account details, the cheque book locations, the outstanding creditor balances and the key contact numbers at creditor organisations, and then all this information is lost. As bills fail to get paid creditors will start to withdraw lines of credit, causing cash-flow problems. This can lead to further inability to pay creditors and staff and, ultimately, lead to the companies failure. Granted this is an extreme example, but it can happen.
I've come across situations like this before and they are usually a result of rapid expansion in a smaller company where the supporting back-office infrastructure growth hasn't matched the rest of the organisation leaving small groups of people (or single individuals) with lots of knowledge and power. For the companies it is usually easier just to rely on the key individuals rather than to bring in and train additional people to help spread the workload. The results (as we've seen above) can be disasterous.
If we translate this situation into a process one, what we efeectively have is a very human-centric process where multiple workflows route through a single individual. This individual performs key decision making as well as holding knowledge of key business rules (and business relationships). The impact of removing this knowledge is easily imagined.
So how can we make sure this never happens?
1) Ensure every individual in the organisation has a back-up. This person has the same access, information and span of control and can take over the role in an emergency
2) Regularly hand responsibility over the the back-up individual to ensure they can cope with any issues that may arise
3) Re-design your business processes to allow multiple processing routes rather than channeling everything through a single person.
Now look at your own internal processes and imaging what would happen if everyone there were replaced by someone else in the organisation. Would your company survive? If it wouldn't, where are your single points of failure in the process?
Find them and fix them.
(Photo courtesy of Sergis Blog. Released under a Creative Commons Attribution licence)