Mornings with Paul
As I sit here this morning watching the second round of the Masters Golf tournament when they should be starting the third round (weather delays) my mind wonders into problem solving. The conditions are changing frequently with winds and rain bringing a wide variety of challenges front and center, and these conditions change with each hole and at each hour.
Zooming out, there are many parallels to identifying a path to excellent results, whether you are responding to the changing conditions at Augusta National or the evolving threat landscape for corporate security. Todays topic is about scoping problems which turn into programs or projects.
The Importance of Scope
A common challenge when implementing a program is understanding the scope of the project. Whether you are an engineering manager, security engineer or technical program manager The key is to set the scope accurately, that is, with a high degree of precision. One approach is to think about it as a puzzle, more specifically one that is a blank slate and don’t have the visual cues available.
-
Most people put a puzzle together by doing the outer edges, e.g. the framing. One the surface this seems appropriate because the straight edge makes identifying those pieces easier. For your program, what are those hard edges? These can be stated as outcomes desired
-
Example: It will not be possible for an adversary to do X in Y months.
-
Once the edges are identified, here is a piece that teams seem to skip. Stop! Take a break, let your mind and those of your colleagues absorb the frame. Go for a long walk or however you find your Zen and think about something else as this is where the real magic can happen. Hours or days later you may recognize that the framing is not precise enough. This is the time to iterate, not when you are in execution mode.
-
Now that you have more certainty that the frame is well formed, you must consider with more rigor what the pieces inside the frame. This can be a bit tricky, particularly as you fill in the puzzle, there will be items that look like they belong but probably don’t. This is a trap that leads to scope creep, fight the urge to fix all the things.
-
Security professionals often strive for perfection, however, the business may not need that level of rigor. Now is it time to be thinking about how you and the team balance the needs of both.
-
Metrics, measures and instrumentation. How will you be able to demonstrate progress, perhaps in risk reduction, lessening toil, or elimination of technical debt. If you have not read or taken the Edward Tufte courses, please consider them (I get no benefit from recommending them) as I find the approach on visual representation of data quite effective. TL/DR - Don’t use pie charts :-)
Creating a Narrative
Now that you have a well-defined scope, it's time to create a narrative around your program or project. This is the story you will tell to stakeholders, executives, partners and your team.
- Be clear and concise in your storytelling. Use data and metrics to help illustrate your points.
- Outline the problem you are trying to solve or the outcome you are trying to achieve.
- Add in details. What are the major milestones and how will you measure success?
- Don't forget to address potential roadblocks, risks, or challenges. Providing solutions or contingency plans shows you have thought it through.
If done well, you will soon find others repeating your narrative, which is a good indicator of support and future adoption. With these steps in mind, you can successfully tackle any problem and achieve excellent results.
Ciao!