Ever wondered what performance management, policies and procedures, monitoring and evaluation have in common and why designing them based on that common denominator is vital?
NOT YET? IT’S HIGH TIME THEN THAT YOU READ ON!
It is said the devil is in the details but here, well, it’s something obvious yet very subtle, and yes that’s the catch.
Another question might be the best way to answer the core question…. what do we try to achieve by designing and having a performance management system, policies and procedures, and a monitoring and evaluation mechanism? Why do we need to have them?
To answer this second question first we need to understand that performance management, policies and procedures, and monitoring and evaluation mechanisms are not an end…..they simply can’t be….because they’re means to an end! Here’s why:
- Performance Management system aims to gear teams and team members towards giving their best performance in their tasks and in furtherance of risk mitigation.
- Policies and Procedures aim to delineate Dos and Don’ts and guide tasks required to be performed and resources allocated so that risks are mitigated.
- Monitoring and Evaluation mechanisms aim to check conformance with requirements and help improve it further so that risk mitigation is optimized.
So, what’s that end these all aim for? That’s the answer to our core question. You might be wondering that by now you have solved the riddle….its Risk mitigation or management.
Well, unfortunately, it’s not! And that’s not what only I believe…. it’s also what ISO believes!
And although you might have a different opinion on how and why ISO has placed clauses pertaining to risk first in its Annex-SL-based clauses for management system standards (like 9001), the ISO 31000 Risk Management does give a definition for risk that’s undisputedly the best one could come across and grasp!
Risk under ISO 31000 is defined as “the effect of uncertainty on objectives”. The goodness of this definition doesn’t stop on the obvious which is the potential for the objectives to remain unaccomplished. It stresses that as the effect could be negative, it may as well be positive! It’s an effect; that could go either way. This essentially means that risks could also be upside risks rather than only being downside.
So if you’ve been following through keenly, the common denominator we’ve been trying to unearth is the business objectives! And when you understand this, you’ll find it is the one thing that sits at the core of pretty much everything; why do we need to have policing and procedures? why monitor and evaluate compliance? and why manage employee performance? For sure businesses are for pursuing their objectives; isn’t it?
So now that the riddle is solved, how do we harness the power of the common denominator so that we don’t have to rethink the design philosophy again when finalizing our policing and procedural requirements and again when monitoring compliance, and again when finalizing performance targets?
Let’s go through the building blocks based on my own experience. The analogy to keep in mind for this design process is the famed COSO Cube; COSO’s Enterprise Risk Management framework which transformed to a helix structure from the original cube back in the 2017 revamp. The original cube aligned the various objectives an entity would have with the requirements to fulfill them and that’s partly how the risk registers are built……another application of a single framework!
The Building Blocks?
- Vision and Mission Statement of the Entity
- Stakeholders and their interests
- Operating Environment and its Influences through PESTEL
- Alignment of the three and derivation of objectives from these
- Classification of objectives under the ERM cube
- Allocation of the objectives to functional domains
- Classification of areas needing policing and procedures to fulfill grouped objectives, and their development
- Performance targets for teams and individuals aligned with the objectives of their functional domains
- Classification of Monitoring and Evaluation systems to check and improve the fulfillment of objectives
Further applications will allow setting Key Performance Indicators, Key Risk Indicators, development of Risk Registers with Heat Maps, objective criteria for evaluation of performance and compliance, so on and so forth…..guess what? Even though I’m not done stretching it further and journey of evolution continues to amaze me!
That’s how a framework for all approach promises the integration of an entity’s systems and processes and works as a cohesive force. So next time you think of developing performance targets or developing a policy, first think about what is it going to achieve and where is it to be placed in the multiverse….aka framework!