Skip to main content

Tag: BPM

Business Process Changes During a Pandemic

What a difference a couple of months can make! I visited a doctor’s office in early March to treat a broken finger before the covid-19 shutdowns had begun across America.

Like any other clinic, no one wore masks. There were no social distancing measures in place. My doctor extended his hand to shake mine (I gave him an elbow bump in return). There was hand sanitizer available, but that had been the practice over several years of flu outbreaks.

Fast forward two months and consider a follow-up appointment of mine in mid-May. Walking into the clinic was comforting because all the staff and other patients had masks on (but also a little disconcerting). Extensive signage told us the rules, such as waiting in line 6 feet apart. Several chairs in the waiting area were blocked off to enforce social distancing. There were boxes for sanitized and for “used” pens to reduce the spread of germs.

Another change from March was the presence of a “scribe” to assist the doctor with recording notes and observations. This procedure is still relatively new to medicine and may or may not have been precipitated by the pandemic. Still, it was a noticeable change from March, and given my love of process, I even mentioned it to the two of them. My non-expert view is it may reduce the spread of germs since the doctor does not need to handle a computer during a visit.

By now you may be wondering what this has to do with process change. Consider the following five categories for any business which must interact in person with its customers, whether or not they may be ill.

1. Increased risk and liability.

When governmental shutdowns and sheltering in place began, medical facilities closed too. My original follow-up appointment in April was cancelled because of the shutdown. Running a business during a pandemic increases the risk that customers and employees may infect others or may become infected themselves. Visiting or working at a business during a pandemic, whether a clinic or grocery store or gas station, involves some risk.

But what about a medical clinic or emergency room in which a visit is not exactly optional? If an establishment is lax in their procedures or can be shown to be negligent in protecting patients, then a lawsuit may be the result. In short, heightened risks during a pandemic are strong incentives for strengthening business processes to avoid liability.

2. Procedure complications.

The clinic I attended in May had some visible procedure changes and I am sure there were many I could not observe. The physical space was altered with extensive signage and floor markings to encourage social distancing. Simple procedures to provide “clean” and “used” pens for patient safety were small but thoughtful (and appreciated) steps added to the clinic’s daily routine. When I had an x-ray in March for my finger, they simply plopped my hand down on the machine. Two months later a staff person was there to sanitize the surface for my x-ray and undoubtedly before the next patient. Those were just some of the noticeable changes. I am sure the clinic, like airlines, drug stores, or post offices to name a few, must perform additional cleaning and sanitizing not needed pre-pandemic.


3. Increased communications.

Before my visit I received numerous texts and emails explaining what to expect and what was required during my visit. Most of the messaging pertained to wearing masks and distancing which was not done two months ago. It was comforting to me as the customer to get this communication during the pandemic.

My wife and I recently had some electrical work done at our house. The electrician’s company also sent out several texts and emails about their procedures for protecting us and our house from possible germs. We appreciated that and called to clarify one point.

Setting up the communications for the clinic and the electrician may have been a one-time event, but I am sure it still took many hours to perform. As conditions change, so will the communications need to be altered. Having developed and overseen a great deal of customer communication in my career, I know it is a regular part of business. However, having an external trigger like a pandemic represents opportunity costs and delays other kinds of productive work.

4. Added expense.

The additional processes and procedures mentioned earlier will increase the expense of the business who must perform them. Unless an organization has excess capacity in its workforce, they either need to pay overtime or hire additional employees or contract laborers to do the cleaning and sanitizing. Adding scribes in a clinic to help control germs is an added expense.

The supplies needed to operate in a pandemic also increase expenses. Our local grocery store has added plastic barriers in addition to supplying employees with protective masks and sanitizing supplies. They spray and disinfect the check-out lanes between each customer, adding to their expense.

5. Reduced revenue and profits.

With an increase in cost and potentially a decrease in revenue, profits are bound to decrease. Some examples include:

  • Reduced number of patient appointments in a medical clinic to maintain distancing.
  • A national warehouse store we shop at limits the number of customers in their store at any one time to minimize spreading of infections. They still have a steady stream of people waiting to get in, having waited in line with scores of others 45 minutes to access the store recently.
  • Training companies like ours will need to limit attendees to in-person classes to allow proper distancing or will be forced to conduct virtual-only classes.

Any business that limits the number of customers for safety reasons will expect a decrease in revenue. That can be mitigated by online sales for retailers or training companies, but some organizations like chiropractors, beauty parlors, or barbershops cannot replicate what they do in an online fashion. Along with an increase in expenses, profits will decrease which in turn will cause other detrimental effects such as layoffs or closures.

A pandemic is a pressing and urgent stimulus for many process changes. Some of the changes will likely disappear in time, such as mask wearing and social distancing. Other changes like increased sanitizing and safety-related communications may be permanent. Organizations hope, of course, that reduced income and profits are temporary and will need to adjust their operations accordingly. You might say there is never a dull moment in process work, but then again, I am a process nerd!

5 Reasons Why Cybersecurity is More Important to Small Business

It’s common to hear about a new cyber attack taking place. Data breaches are incredibly common these days and can impact very nearly any company.

Ironically, small business owners seem to think they are immune to this ever present threat. In 2015, more than half of all small businesses didn’t have a threat to prevent cyber attacks.

Small Business Risks

Large companies, like Amazon or Walmart, spend millions on cyber security every year. They have dedicated staff and managed detection and response services to combat threats. If a threat is detected, it can be quickly identified and addressed, reducing risks.

Small businesses are at a much greater risk. Their information is easier to access and they simply don’t have the funds to track down the cyber criminals responsible. Ask yourself this question; If you were a hacker, which attack would be more likely to succeed?

Small Businesses are Vulnerable

Small businesses are increasingly at risk of an attack. In 2015, 43 percent of cyber attacks were targeted at small businesses with less than 250 employees. Why is this happening? Let’s take a look at five of the major risk factors for small businesses.

The Element of Surprise

According to Phil Goldstein of BizTech, the Ponemon Institute states that 58 percent of small businesses don’t consider cyber attacks a threat. This creates gaping holes in cyber security, making it easy to breach their defenses.

No Policies in Place

Large companies often have extensive policies in place, while only 36 percent of small businesses have any data security policy. This means that small businesses are woefully unprepared in the event of a cyber attack or data breach.


Phishing Schemes Work Better

Employees of small businesses are not trained to identify phishing schemes. Phishing attacks usually occur via email or other software programs and are disguised to look official. They try to trick employees into releasing sensitive information, which is then used for nefarious purposes. Employees of small businesses simply don’t recognize or report the attack due to their lack of awareness.

Ransomware is on the Rise

Earlier this year, ransomware such as WannaCry and NotPetya was used to attack companies and hold their information hostage. Once the ransom was paid, the information was released. However, those that didn’t pay the ransom suffered from devastating data breaches. These major attacks shut down entire governments and put millions of people in danger. This trend is expected to continue and increase in the future.

Small Businesses Go Out of Business After Attacks

Whereas large companies can afford the costs of a breach, most small businesses cannot. The average cost of recovery stands at $690,000. This causes nearly 60 percent of small businesses to fail within six months of a cyber attack.

What You Can Do

Since the cost of recovery often exceeds what a small business can withstand, it is vitally important to be prepared. Preventing an attack in the first place should be a priority. The following tips will help your company survive potential attacks.

Create a Cyber Security Policy

Policies let employees know exactly what to do and who to report to if they suspect a phishing scheme or cyber attack. These policies are in place to minimize the damage of an attack and stop it quickly.

Train Employees

Employees who undergo training, especially in phishing attacks, will be aware of the threat. If an employee is not aware of a threat, they can’t recognize it.

Don’t Rely on Software

Software is a valuable tool, but it is important to have live monitoring and detection to respond quickly to threats and prevent damage.

Small businesses are at a much greater risk than many believe. It is important for a small business to actively prevent an attack for the company to succeed.

Value Stream Management

For the past couple of decades, companies have been trying to do process improvement in knowledge work through projects.

After all, a better process needed a better IT system designed to support it, and the primary way we delivered new IT systems has been through projects, right? But in practice it often didn’t work as well. A project-based approach to process improvement led us to business process reengineering, to expensive and failed redesigns of processes at a large scale, and away from methods such as Lean, Six Sigma, and Theory of Constraints, which had shown their effectiveness in manufacturing contexts.

It also led to a deep separation between business process management approaches and the technology used to implement and support those processes, to such an extent that professionals in business process management and business analysis had distinct job roles and functions, even though business analysts were spending most of their time automating processes! Nevertheless, the realities of implementation forced us in this direction.

In recent years, though, the basics of delivering technology in the enterprise has changed, but business process management and business analysis haven’t caught up to this new reality. In practical terms, we no longer need to develop custom applications to automate most of what a business does—purchases of off-the-shelf or SaaS applications do most of what we need, with the appropriate implementation.

Finally, when we do need to build custom applications to support the business, we no longer need to deliver them at the end of a multi-year project. Agile methods allow for software to be improved continuously and delivered to the business at the same pace that we can change business processes.

There’s no reason business process improvement should be done as large reengineering projects any more. The governance and technology supports are there for a genuine commitment to continuous improvement in knowledge work. In short, it’s time to combine business process management and agile to drive a new wave of process-centric improvement to business. This is what value stream management looks like: using lean, theory of constraints, and other methods designed to deliver process improvement in combination with story maps and other agile tools to improve the process and the technology together.


This isn’t a big stretch—agile thinking already borrows heavily from continuous process improvement, particularly Lean and TOC (in fact, it takes more from the process improvement concepts of those approaches than it does from the product development experience, but that’s another discussion for another time). We know, from experience, that continuous process improvement works. We also know that agile software development works. What we need is to integrate the two together to address the limitations of each.

Although you’ll find the term used widely in agile literature and in business architecture, the term “value stream” originates with lean process improvement. In lean, a value stream consists of all of the activities required to deliver a product or service to a customer (specifically, an external customer). It can include one or more business processes. The point of identifying something as a value stream is that we can assess all of the individual steps in the stream to determine whether they actually create value as judged by the customer. Any activity that doesn’t create customer value is considered to be waste, and should ideally be eliminated.

That “ideally” is an important caveat. In practice, there’s work that can’t easily be eliminated, even if it doesn’t provide significant value from a customer perspective. Much of it may be needed for other reasons, including regulatory compliance, or practice constraints. However, much of it really is unnecessary work, or what Lean terms “waste”. A review of a typical process will show that about 80% of activities are typically non-value added, and those are the steps you should work towards eliminating. While Lean methods aren’t specifically focused around business agility, removing waste will lower costs and make it easier to introduce improvements and deploy new products.

That’s the key business benefit of properly managing your value streams. A lean, well-managed value stream lowers costs to deliver products and services and is easier to change in response to shifting market conditions. In practice, one of the most significant constraints on improving your value streams is the technology companies use to support them. Old legacy systems tend to have substantial waste baked in. Even processes that might originally have been lean are now burdened with all sorts of workarounds to accommodate contingencies that weren’t anticipated when the systems were designed, and they become increasingly difficult to update.

To manage the modern value stream, we have to stop treating business technology as something that follows the process and work on deploying and modifying it as part of the process. That means the value stream manager must combine process thinking with technology expertise. We need to design value streams using and deploying commercial applications whenever possible, matching them to the process objectives such that it’s comparatively easy to modify through configuration options. We need to be able to guide operational workers and managers and help them understand when custom development is a viable option (in other words, learn when that development effort really does meaningfully affect customer value).

Value stream managers will also need to work closely with external and internal product teams. They support external teams by ensuring that the back-end processes deliver on the needed customer experience and that their value streams can respond quickly to new product demands. With internal teams, they need to help those teams understand the capabilities required by the value streams and help them build systems that are flexible and adaptable enough to support rapid change.

Value stream management represents a significant competitive advantage for companies that can implement it, but it’s going to require that we get past the existing process/technology divide and prepare for a future where they work in unison.

Top 6 Process Modeling Mistakes and How To Avoid Them

There are many examples of very good business process models out there.

They can be found in textbooks, online, tutorials, and product demonstrations. However, in the real world …

Too many business process models fall short of expectations.

Despite significant investments of time and well-intended stakeholder effort, many business process models still end up being not very useful for their intended purposes. Too many don’t accurately enough reflect the business to be useful, or lack sufficient key stakeholders’ buy-in for real decision making, or don’t include the kinds of process information that the model’s readers are looking for, or even confuse their readers with complex or incongruous graphical notation.

Root Causes

None of these types of complaints should be blamed on environmental or project constraints like modeling tools at hand, the level the knowledge or capabilities of business subject matter experts who may be called upon to participate in the model’s development, or even time and effort constraints. Projects are by definition unique temporary endeavours, so these variables are present to varying degrees in all projects. Yes, they influence or constrain any process modeling activity, but a competent business analyst or process analyst is capable of managing and working with or around them.

The root cause of a business process model that does not fit the bill is a business analyst’s or process analyst’s own competence for producing the model while navigating through the typical project dynamics.

Business analysts and process analysts who prepare business process models using ad-hoc methods or past experience are prone to making at least some of these common 6 business process modeling mistakes and having to suffer through their symptomatic process model quality complaints.

The top 6 business process modeling mistakes:

1. Undefined Process Modeling Approach
2. Unclear Model Purpose
3. Not Asking the Right Questions
4. Weak Process and Activity Definition
5. Insufficient Key Stakeholder Participation
6. Insufficient Model Validation

If producing a high quality business process model is not key to your role or your project, then you don’t really need to a high level of process modeling competence. Leave that up to the project’s business analyst. But if it is, then you should be expected to bring a high level of process modeling competence to the table so that you can facilitate and achieve a model that is fit for its project’s intended purpose.


How to Avoid These (and most other) Process Modeling Mistakes

Here are the 6 skills or behaviours that demonstrate a high level of business process modeling competence. They will cause you to steer clear most of the common business process modeling mistakes:

1. Have a defined process modeling approach.

Like other types of analysis, process modeling is a journey of discovery. As a competent business analyst it’s up to you to identify the modeling activities you will perform to lead or facilitate your process model’s journey of discovery. If you don’t already have one then you should adopt and practice a defined process modeling approach.

2. Establish a clear mission for each model.

Process models are typically products of business process improvement/management or information technology projects and all projects are by definition unique, temporary endeavours. As a competent business analyst you deliberately identify the purpose of the process model within your project’s lifecycle and other key mission parameters. You use clear mission parameters to guide your process model elicitation and validation activities.

3. Know what questions you will ask.

It’s not nearly as important to ask a lot of questions as it is to ask the right questions. You should know what few but key questions you will doggedly elicit the answers to as you are eliciting your process model’s content. You should understand why you need to ask and answer those questions. You should be able to prepare and communicate your elicitation agenda in advance of engaging key stakeholders in events like workshops or interviews.

4. Know how to unambiguously identify, normalise and define all processes and activities.

You are able to consistently perceive business processes at any scale and degree of abstraction. You should also know how to normalise any candidate process and once normalised write an unambiguous definition. Further, you understand and have a process definition framework that reflects how today’s network enabled business processes work. You are able to perceive processes as assemblies of activities that are initiated by business events and deliver outcomes. This understanding leads you to define processes and activities that lend themselves as reusable services and you are able to explain why. In this way, you walk the service oriented architecture talk.

5. Know who, when and how you will engage key stakeholders

You identify who the key stakeholders in your process model are. You are clear and deliberate about when and how you engage them in process model elicitation and validation activities. You know how to deliberately engage key stakeholders in the elicitation of the model’s content. You engage key stakeholders in model reviews and resolve their feedback before completing your process models. As a result you are virtually guaranteed to have your models accepted by the business.

6. Know how you will validate your model’s quality.

You know how to identify what the most important quality factors for your model are. You know how you will measure them. You know what questions to ask and of whom to ensure they are sufficiently present in your completed model.

Establish or Improve Your Process Modeling Competency

The Universal Process Modeling Procedure is a step-by-step guide for producing a business process model that will meet its project’s intended purpose. It guides a business analyst or process analyst to establish a clear mission for every process model. It provides you clear elicitation agendas so that you can be asking the right questions at the right times in your model’s development. It tells you what to look for and how to accurately and unambiguously identify, normalise and define any business process and or activity. It includes a validation comprehensive and tailorable process model quality criteria. It informs you about key process model stakeholders and how to engage them in the model’s development. It also includes reusable BPMN modeling patterns for the most common types of process model refinements.

Empowering Employees to Drive Continuous Improvement

Does this sound like you?

“I want to engage my staff to get involved in improving the way our business operates, but everything I try just doesn’t seem to have an impact”

If so, you are definitely in the majority. Businesses in almost every industry and sector struggle with getting staff involved in their continuous improvement initiatives, and wrestle with how to better engage their teams in efforts to improve business processes. And even if they do get that figured out and off the ground, it often introduces a new set of challenges; sustaining that momentum.

First, the good news. Your employees WANT to be given the chance to improve your business, to have a voice in process improvement. Now the bad news (or at least the harder news); your management team needs to make it easy for their teams to do so.

So then, how can you make the path improvement easier for your teams? Here are my top 10 tips, tactics and approaches to empower and enable your staff (and you) excited about driving business process improvements, and on to becoming continuous improvement ambassadors for your organization.

1. Acknowledge the Room for improvement

Q: Do you know what the biggest room in the world is?
A: The room for improvement.

Dad jokes aside, sometimes just acknowledging to your staff that there are opportunities to improve, not just the business, but their way of working, can be of great help in getting them on board. Every business faces challenges, and ignoring them, spinning them, and sweeping them under the rug does nothing to help. Acknowledge the problems, see them as opportunities, and meet them head on. To really amplify the message, create a safe environment for your staff to bring opportunities forward, and even contribute to solving them.

2. Communicate

One of the best ways to build trust with your team members is to be open and transparent with your intentions, your projects, and your progress. Not only will this keep the idea of continuous improvement it top of mind, but your communication tools can be used as a vehicle to accelerate your efforts and impact.

3. Offer employee training

The impact of offering training to your staff is two-fold. First, it ensures your teams have the proper training, ongoing support and the resources they need to get involved with and contribute to, your continuous improvement initiatives. Second, and likely more important (to them at least), is that it also demonstrates a willingness to invest in them and their careers.

4. Make it a part of everyone’s job

“What gets measured gets done.” While the source of that statement is debatable, the sentiment is not. If you want to drive continuous improvement in your organization, make it personal. Establish individual and team performance outcomes and expectations, including KPIs, to obtain the desired effect. The best way to do that is to include continuous improvement objectives in every job description, as well as annual/quarterly/etc. personal development programs.

5. Have leadership set the tone

Most sustainable business transformations start at the top, and trickle down. So, having your organization’s senior management buy-in to continuous improvement, and in more than words, goes a long way in determining success. Their words must be backed up with actions, and those actions and support should be visible to your entire operation. This ensures a strong and visible network of leaders to generate momentum for process improvement initiatives.


6. Make it fun, but appeal to the spirit of competition

Recognizing that staff engagement in process improvement can be difficult to maintain, many companies have appealed to people’s competitive instincts by holding competitions, both within teams and across their entire organizations. Some businesses have even created games such as process improvement sprints and hackathons, in the spirit of competition.

7. Enable collaboration

Take the “One Company” approach to break down existing silos. The best way I’ve found to do this is to use the customer’s perspective on your business. Do you have a lot of segmented processes, a lot of handoffs, and perhaps overly specific and restrictive job descriptions? Guess what…your customer doesn’t care. They want a problem solved or a need addressed. They see your organization as a single entity, and not a collection of individualized departments and silos.

Further, make sure you don’t squeeze the balloon of pain. In a siloed organization, a lot of problems are solved in one business unit by squeezing the pain up or downstream. Not unlike one of those balloons that clowns use to make balloon animals. When you squeeze the middle, the air doesn’t disappear; it moves to the rest of the balloon. So don’t solve a problem by making it someone else’s.

8. Enforce accountability

Sometimes simply giving your staff the autonomy and resources needed to map, review and ultimately own the processes they have to deal with every day is enough to start them down the road of implementing their improvement ideas. That’s not to say they should have the freedom to do whatever they want, whenever they want, to whomever they want. You should enforce timelines, but freedom, to force accountability. This will help identify who is really interested in contributing. Everyone wants to have a say when there are no consequences, but when I need to own my actions, only the team members that really want to try making a difference will step up. That being said, you want to empower but not abdicate; make it clear when your team should reach out for help or approval.

9. Recognize and reward

As a general rule, good work should be recognized and celebrated. And by that, I don’t mean a party every time someone sends an email. But ensure that you are giving recognition where and when recognition when it is due. For example, I used to hold a “graduation” ceremony from my classes of Lean Six Sigma Green Belts. To me it wasn’t about grad caps and cupcakes, but was more about giving the new Green Belts the opportunity to present their work to their leaders, and be recognized for their efforts. I now make this a mandatory milestone for all training classes. It’s important to acknowledge all of the good work, efforts, failures, and completion of milestones (like completing training). It all creates a virtuous cycle of learning and success.

10. Offer bribes

Consider this one an absolute last resort. It is, at best, a short-term tactic to drive motivation and participation in your staff. Providing small but meaningful incentives like pizza parties, extra vacation days, or event or movie tickets, may give you a boost. But a warning…use of these doesn’t actually solve your engagement problem, and may actually serve to negatively impact it when these tactics go away. And a second warning…use cash bonuses as an absolute last move, as

The thinking on business process improvement has shifted in recent years. It used to be one that focused on the application of rigid tools and methodologies, and that discounted the role of staff, to the more modern approach, which is one that is better at harnessing the real drivers of change in your organization: engaged people and teams, who want to do good work, and are driven to improve and succeed.

When you instill a strong improvement culture in your organization, and equip and empower an engaged staff with the right tools, learning, and attitude, you can turn their efforts into real, tangible improvements that make your business more efficient and effective, and improve the engagement of staff. All that leads to significant, positive changes for your teams, your customers, and your bottom line.