Skip to Main Content

blogpost

Efficient police patrol work schedules―By design

09.04.19

Read this if you are a police executive, city/county administrator, or elected government official, responsible for a law enforcement agency. 

“We need more cops!”  

Do your patrol officers complain about being short-staffed or too busy, or that they are constantly running from call to call? Does your agency struggle with backed-up calls for service (CFS) or lengthy response times? Do patrol staff regularly find themselves responding to another patrol area to handle a CFS because the assigned officer is busy on another call? Are patrol officers denied leave time or training opportunities because of staffing issues? Does the agency routinely use overtime to cover predictable shift vacancies for vacations, holidays, or training? 

If one or more of these concerns sound familiar, you may need additional patrol resources, as staffing levels are often a key factor in personnel deployment challenges. Flaws in the patrol schedule design may also be responsible, as they commonly contribute to reduced efficiency and optimal performance, and design issues may be partially responsible for some of these challenges, regardless of authorized staffing levels.
 
With community expectations at an all-time high, and resource allocations remaining relatively flat, many agencies have growing concerns about managing increasing service volumes while controlling quality and building/maintaining public trust and confidence. Amid these concerns, agencies struggle with designing work schedules that efficiently and optimally deploy available patrol resources, as patrol staff become increasingly frustrated at what they consider a lack of staff.

The path to resolving inefficiencies in your patrol work schedule and optimizing the effective deployment of patrol personnel requires thoughtful consideration of several overarching goals:

  • Reducing or eliminating predictable overtime
  • Eliminating peaks and valleys in staffing due to scheduled leave
  • Ensuring appropriate staffing levels in all patrol zones or beats
  • Providing sufficient staff to manage multiple and priority CFS in patrol zones or beats
  • Satisfying both operational and staff needs, including helping to ensure a proper work/life balance and equitable workloads for patrol staff

Scheduling alternatives

One common design issue that presents an ongoing challenge for agencies is the continued use of traditional, balanced work schedules, which spread officer work hours equally over the year. Balanced schedules rely on over-scheduling and overtime to manage personnel allocation and leave needs and, by design, are very rigid. Balanced work schedules have been used for a very long time, not because they’re most efficient, but because they’re common, familiar, and easily understood―and because patrol staff are comfortable with them (and typically reluctant to change). However, short schedules offer a proven alternative to balanced patrol work schedules, and when presented with the benefits of an alternative work schedule design (e.g., increased access to back-up, ease of receiving time off or training, consistency in staffing, less mandatory overtime), many patrol staff are eager to change.

Short schedules

Short schedules involve a more contemporary design that includes a flexible approach that focuses on a more adaptive process of allocating personnel where and when they are needed. They are significantly more efficient than balanced schedules and, when functioning properly, they can dramatically improve personnel deployments, bring continuity to daily staffing, and reduce overtime, among other operational benefits. Given the current climate, most agencies are unlikely to receive substantial increases in personnel allocations. If that is true of your agency, it may be time to explore the benefits of alternative patrol work schedules.

A tool you can use

Finding scheduling strategies that work in this climate requires an intentional approach, customized to your agency’s characteristics (e.g., staffing levels, geographic factors, crime rates, zone/beat design, contract/labor rules). To help guide you through this process, BerryDunn has developed a free tool for evaluating patrol schedules. Click here to measure your patrol schedule against key design components and considerations.

If you are curious about alternative patrol work schedules, our dedicated Justice & Public Safety consultants are available to discuss your organization’s needs.

Related Industries

Related Services

Consulting

Related Professionals

Read this if you are a City/County Administrator, Building Official, Community Development Director, Planning Director, Development Services Manager or work with customers providing a service for a fee.

Planning and development service fees are, for many municipalities, often discussed but rarely changed. There are a number of reasons you might need to consider or defend your fee structure―complaints from developers, rising costs of operation, and changes in code or process are just a few. 

But when is the right time for a formal review of your service fees? There are several key organizational factors that should prompt an in-depth study of your fees, either internally or with the assistance of an objective advisor. It may be time for an update if:

  • You’re considering a new permitting system. New technology may streamline your workflows, simplify processes for your customers, or necessitate changes in your staffing. All of these secondary changes can impact the cost of your services. In addition, if you’re anticipating significant changes to your fee structure or methodology (e.g., moving to full cost recovery), you’ll want to configure your new system to support that going forward.
  • You have an enterprise development fund. Development fees are collected to cover the cost of providing a service. The methodology you use to charge fees should be based on defensible formulas that can withstand the scrutiny of your customers and cover the cost to provide the service. In addition, reserve funds should be adequate to ensure your development service is funded through the completion of the project. 
  • The regulations in your municipality are changing. Perhaps your organization is moving to a unified or form-based code or making changes to the International Building or Fire Codes. Changes in the process and requirements for development may require a reevaluated fee structure.
  • It’s been a while. Even if your organization is not experiencing any significant or sweeping change, small shifts can accumulate over the years, resulting in significant fee adjustments that may be tough for you to implement and for your customers to understand. Periodically reviewing service demand and benchmarking your individual fees against those of neighboring communities can help to avoid sticker shock.

If any of these scenarios sound familiar, you may want to consider a fee review, which may consist of benchmarking against similar jurisdictions. Not sure what level of review your organization needs? Our dedicated government consultants include former planners and community development leaders who have walked in your shoes and can talk through the considerations with you.
 

Blog
When time is money: Reviewing your planning and development service fees

Read this if you are a state Medicaid Director, State Medicaid Chief Information Officer, State Medicaid Project Manager, State Procurement Officer, or work in a State Medicaid Program Integrity Unit.

The Centers for Medicare & Medicaid Services (CMS) issued a Payment Error Rate Measurement (PERM) Final Rule on July 5, 2017, that made several changes to the PERM requirements. One important change was the updates to the Medicaid Eligibility Quality Control (MEQC) requirement. 

The Final Rule restructures the MEQC program into a pilot program that requires states to conduct eligibility reviews during the two years between PERM cycles. CMS has also introduced the potential for imposing disallowances or reductions in federal funding percentage (FFP) as a result of PERM eligibility error rates that do not meet the national standard. One measure states can use to lessen the chance of this happening is by successfully carrying out the requirements of the MEQC pilot. 

What states should know―important points to keep in mind regarding MEQC reviews:

  • Each state must have a team in place to conduct MEQC reviews. The individuals responsible for the MEQC reviews and associated activities must be separate from the state agencies and personnel responsible for Medicaid and Children’s Health Insurance Program (CHIP) policy and operations, including eligibility determinations.
  • States can apply for federal funding to help cover the costs of the MEQC activities. CMS encourages states to partner with a contractor in conducting the MEQC reviews.
  • The deadline to submit the state planning document to CMS is November 1 following the end of your state’s PERM cycle. If you are a Cycle 2 state, your MEQC planning document is due by November 1, 2019. 
  • If you are a Cycle 1 state, you are (or should be) currently undergoing the MEQC reviews.
  • There are minimum sample size requirements for the MEQC review period: 400 negative cases and 400 active cases (consisting of both Medicaid and CHIP cases) over a period of 12 months.
  • Upon conclusion of all MEQC reviews, states must submit a final findings report along with a corrective action plan that addresses all error findings identified during the MEQC review period.

CMS encourages states to utilize federal funding to carry out and fulfill MEQC requirements. BerryDunn has staff with experience in preparing Advanced Planning Documents (APD) and can assist your state in submitting an APD request to CMS for these MEQC activities. 

Check out the previously released blog, “PERM: Prepared or Not Prepared?” and stay tuned for upcoming blogs about specific PERM topics, including the financial impacts of PERM, and how each review phase will affect your state.   

For questions or to find out more, contact the team

Blog
PERM: Does MEQC affect states?

Read this if you are an Institutional Research (IR) Director, a Registrar, or are in the C-Suite.

In my last blog, I defined the what and the why of data governance, and outlined the value of data governance in higher education environments. I also asserted data isn’t the problem―the real culprit is our handling of the data (or rather, our deferral of data responsibility to others).

While I remain convinced that data isn’t the problem, recent experiences in the field have confirmed the fact that data governance is problematic. So much, in fact, that I believe data governance defies a “solid,” point-in-time solution. Discouraged? Don’t be. Just recalibrate your expectations, and pursue an adaptive strategy.

This starts with developing data governance guiding principles, with three initial points to consider: 

  1. Key stakeholders should develop your institution’s guiding principles. The team should include representatives from areas such as the office of the Registrar, Human Resources, Institutional Research, and other significant producers and consumers of institutional data. 
  2. The focus of your guiding principles must be on the strategic outcomes your institution is trying to achieve, and the information needed for data-driven decision-making.
  3. Specific guiding principles will vary from institution to institution; effective data governance requires both structure and flexibility.

Here are some baseline principles your institution may want to adopt and modify to suit your particular needs.

  • Data governance entails iterative processes, attention to measures and metrics, and ongoing effort. The institution’s governance framework should be transparent, practical, and agile. This ensures that governance is seen as beneficial to data management and not an impediment.
  • Governance is an enabler. The institution’s work should help accomplish objectives and solve problems aligned with strategic priorities.
  • Work with the big picture in mind. Start from the vantage point that data is an institutional asset. Without an institutional asset mentality it’s difficult to break down the silos that make data valuable to the organization.
  • The institution should identify data trustees and stewards that will lead the data governance efforts at your institution
    • Data trustees should have responsibility over data, and have the highest level of responsibility for custodianship of data.
    • Data stewards should act on behalf of data trustees, and be accountable for managing and maintaining data.
  • Data quality needs to be baked into the governance process. The institution should build data quality into every step of capture and entry. This will increase user confidence that there is data integrity. The institution should develop working agreements for sharing and accessing data across organizational lines. The institution should strive for processes and documentation that is consistent, manageable, and effective. This helps projects run smoothly, with consistent results every time.
  • The institution should pay attention to building security into the data usage cycle. An institution’s security measures and practices need to be inherent in the day-to-day management of data, and balanced with the working agreements mentioned above. This keeps data secure and protected for the entire organization.
  •  Agreed upon rules and guidelines should be developed to support a data governance structure and decision-making. The institution should define and use pragmatic approaches and practical plans that reward sustainability and collaboration, building a successful roadmap for the future. 

Next Steps

Are you curious about additional guiding principles? Contact me. In the meantime, keep your eyes peeled for a future blog that digs deeper into the roles of data trustees and stewards.
 

Blog
Governance: It's good for your data

Federal contractors with the Centers for Medicare & Medicaid Services (CMS) have begun performing Payment Error Rate Measurement (PERM) reviews under the Final Rule issued in July 2017—a rule that many states may not realize could negatively impact their Medicaid budgets.

PERM is a complex process—states must focus on several activities over a recurring three-year period of time—and states may not have the resources needed to make PERM requirements a priority. However, with the Final Rule, this PERM eligibility review could have financial implications. 

After freezing the eligibility measurement for four years while undergoing pilot review, CMS has established new requirements for the eligibility review component and made significant changes to the data processing and medical record review components. As part of the Final Rule, CMS may implement reductions in the amount of federal funding provided to a state’s Medicaid and Children’s Health Insurance Program (CHIP) programs based on the error rates identified from the eligibility reviews. 

Since the issuance of the Final Rule in July 2017, Cycle 1 states are the first group of states to undergo a PERM cycle, including reviews of the data processing, medical record, and eligibility components. These states are wrapping up the final review activities, and Cycle 2 states are in the early stages of their PERM reviews.

How can your state prepare?

Whether your state is a Cycle 1, Cycle 2, or Cycle 3 state, there are multiple activities your Medicaid departments should engage in throughout each three-year period of time during and between PERM cycles: 

  • Analyzing prior errors cited or known issues, along with the root cause of the error
  • Identifying remedies to reduce future errors
  • Preparing and submitting required questionnaires and documents to the federal contractors for an upcoming review cycle
  • Assisting federal contractors with current reviews and findings
  • Preparing for and undergoing Medicaid Eligibility Quality Control (MEQC) planning and required reviews
  • Corrective action planning

Is your state ready?

We’ve compiled a few basic questions to gauge your state’s readiness for the PERM review cycle:

  • Do you have measures in place to ensure all eligibility factors under review are identifiable and that all federal and state regulations are being met? The eligibility review contractor (ERC) will reestablish eligibility for all beneficiaries sampled for review. This process involves confirming all verification requirements are in the case file, income requirements are met, placement in an accurate eligibility category has taken place, and the timeframe for processing all determinations meets federal and state regulations. 
  • Do you have up-to-date policy and procedures in place for determining and processing Medicaid or CHIP eligibility of an individual? Ensuring eligibility policies and procedures meet federal requirements is just as important as ensuring the processing of applications, including both system and manual actions, meet the regulations. 
  • Do you have up-to-date policy, procedures, and system requirements in place to ensure accurate processing of all Medicaid/CHIP claims? Reviewers will confirm the accuracy of all claim payments based on state and federal regulations. Errors are often cited due to the claims processing system allowing claims to pay that do not meet regulations.
  • Do you have a dedicated team in place to address all PERM requirements to ensure a successful review cycle? This includes staff to answer questions, address review findings, and respond to requests for additional information. During a review cycle, the federal contractors will cite errors based on their best understanding of policies and/or ability to locate required documentation. Responding to requests for information or reviewing and responding to findings in a timely manner should be a priority to ensure accurate findings. 
  • Have you communicated all PERM requirements and updates to policy changes to all Medicaid/CHIP providers? Providers play two integral roles in the success of a PERM review cycle. Providers must understand all claims submission requirements in order to accurately submit claims. Additionally, the medical record review component relies on providers responding to the request for the medical records on a sampled claim. Failure to respond will result in an error. Therefore, states must maintain communication with providers to stress the importance of responding to these requests.
  • Have you begun planning for the MEQC requirement? Following basic requirements identified by CMS during your state’s MEQC period, your state must submit a case planning document to CMS for approval prior to the MEQC review period. After the MEQC review, your state should be prepared to issue findings reports, including a corrective action plan as it relates to MEQC findings.

Need help piloting your state’s PERM review process?

BerryDunn has subject matter experts experienced in conducting PERM reviews, including a thorough understanding of all three PERM review components—eligibility, data processing, and medical record reviews. 

We would love to work with your state to see that measures are in place that will help ensure the lowest possible improper payment error rate. Stay tuned for upcoming blogs where we will discuss other PERM topics, including MEQC requirements, the financial impacts of PERM, and additional details related to each phase of PERM. For questions or to find out more, please email me
 

Blog
PERM: Prepared or not prepared?

Law enforcement, courts, prosecutors, and corrections personnel provide many complex, seemingly limitless services. Seemingly is the key word here, for in reality these personnel provide a set number of incredibly important services.

Therefore, it should surprise no one that justice and public safety (J&PS) IT departments should also provide a well-defined set of services. However, these departments are often viewed as parking lots for all technical problems. The disconnect between IT and other J&PS business units often stems from differences in organizational culture and structure, and differing department objectives and goals. As a result, J&PS organizations often experience misperception between business units and IT. The solution to this disconnect and misperception? Defining IT department services.

The benefits of defined IT services

  1. Increased business customer satisfaction. Once IT services align with customer needs, and expectations are established (e.g., service costs and service level agreements), customers can expect to receive the services they agreed to, and the IT department can align staff and skill levels to successfully meet those needs.
  2. Improved IT personnel morale. With clear definition of the services they provide to their customers, including clearly defined processes for customers to request those services, IT personnel will no longer be subject to “rogue” questions or requests, and customers won’t be inclined to circumvent the process. This decreases IT staff stress and enables them to focus on their roles in providing the defined services. 
  3. Better alignment of IT services to organizational needs. Through collaboration between the business and IT organizations, the business is able to clearly articulate the IT services that are, and aren’t, required. IT can help define realistic service levels and associated services costs, and can align IT staff and skills to the agreed-upon services. This results in increased IT effectiveness and reduced confusion regarding what services the business can expect from IT.
  4. More collaboration between IT and the organization. The collaboration between the IT and business units in defining services results in an enhanced relationship between these organizations, increasing trust and clarifying expectations. This collaborative model continues as the services required by the business evolve, and IT evolves to support them.
  5. Reduced costs. J&PS organizations that fail to strategically align IT and business strategy face increasing financial costs, as the organization is unable to invest IT dollars wisely. When a business doesn’t see IT as an enabler of business strategy, IT is no longer the provider of choice—and ultimately risks IT services being outsourced to a third-party vendor.

Next steps
Once a J&PS IT department defines its services to support business needs, it then can align the IT staffing model (i.e., numbers of staff, skill sets, roles and responsibilities), and continue to collaborate with the business to identify evolving services, as well as remove services that are no longer relevant. Contact us for help with this next step and other IT strategies and tactics for justice and public safety organizations.

Blog
The definition of success: J&PS IT departments must define services

“The world is one big data problem,” says MIT scientist and visionary Andrew McAfee.

That’s a daunting (though hardly surprising) quote for many in data-rich sectors, including higher education. Yet blaming data is like blaming air for a malfunctioning wind turbine. Data is a valuable asset that can make your institution move.

To many of us, however, data remains a four-letter word. The real culprit behind the perceived data problem is our handling and perception of data and the role it can play in our success—that is, the relegating of data to a select, responsible few, who are usually separated into hardened silos. For example, a common assumption in higher education is that the IT team can handle it. Not so. Data needs to be viewed as an institutional asset, consumed by many and used by the institution for the strategic purposes of student success, scholarship, and more.

The first step in addressing your “big” data problem? Data governance.

What is data governance?

There are various definitions, but the one we use with our clients is “the ongoing and evolutionary process driven by leaders to establish principles, policies, business rules, and metrics for data sharing.”

Please note that the phrase “IT” does not appear anywhere in this definition.

Why is data governance necessary? For many reasons, including:

  1. Data governance enables analytics. Without data governance, it’s difficult to gain value from analytics initiatives which will produce inconsistent results. A critical first step in any data analytics initiative is to make sure that definitions are widely accepted and standards have been established. This step allows decision makers to have confidence in the data being analyzed to describe, predict, and improve operations.
     
  2. Data governance strengthens privacy, security, and compliance. Compliance requirements for both public and private institutions constantly evolve. The more data-reliant your world becomes, the more protected your data needs to be. If an organization does not implement security practices as part of its data governance framework, it becomes easier to fall out of compliance. 
     
  3. Data governance supports agility. How many times have reports for basic information (part-time faculty or student FTEs per semester, for example) been requested, reviewed, and returned for further clarification or correction? And that’s just within your department! Now add multiple requests from the perspective of different departments, and you’re surely going through multiple iterations to create that report. That takes time and effort. By strengthening your data governance framework, you can streamline reporting processes by increasing the level of trust you have in the information you are seeking. Understanding the value of data governance is the easy part/ The real trick is implementing a sustainable data governance framework that recognizes that data is an institutional asset and not just a four-letter word.

Stay tuned for part two of this blog series: The how of data governance in higher education. In the meantime, reach out to me if you would like to discuss additional data governance benefits for your institution.

Blog
Data is a four-letter word. Governance is not.

If you’ve been tasked with leading a high-impact project for your organization, you may find managing the scope, budget and schedule is not enough to ensure project success—especially when you encounter resistance to change. When embarking on large-scale change projects spanning people, processes and technology, appointing staff as “coaches” to help support stakeholders through the change—and to manage resistance to the change—can help increase adoption and buy-in for a new way of doing things.

The first step is to identify candidates for the coaching role. These candidates are often supervisory staff who have credibility in the organization—whether as a subject matter expert, through internal leadership, or from having a history of client satisfaction. Next, you need a work plan to orient them to this role. One critical component is making sure the coaches themselves understand what the change means for their role, and have fully committed before asking them to coach others. They may exhibit initial resistance to the change you will need to manage before they can be effective coaches. According to research done by Prosci®, a leading change management research organization, some of the most common reasons for supervisor resistance in large-scale change projects are:

  • Lack of awareness about and involvement in the change
  • Loss of control or negative impact on job role
  • Increased work load (i.e., lack of time)
  • Culture of change resistance and past failures
  • Impact to their team

You should anticipate encountering these and other types of resistance from staff while preparing them to be coaches. Once coaches buy into the change, they will need ongoing support and guidance to fulfill their role. This support will vary by individual, but may be correlated to what managerial skills they already possess, or don’t. How can you focus on developing coaching skills among your staff for purposes of the project? Prosci® recommends a successful change coach take on the following roles:

  • Communicator—communicate with direct reports about the change
  • Liaison—engage and liaise with the project team
  • Advocate—advocate and champion the change
  • Resistance manager—identify and manage resistance
  • Coach—coach employees through the change

One of the initial tasks for your coaches will be to assess the existing level of change resistance and evaluate what resistance you may encounter. Prosci® identifies three types of resistance management work for your coaches to begin engaging in as they meet with their employees about the change:

  • Resistance prevention―by providing engagement opportunities for stakeholders throughout the project, building awareness about the change early on, and reinforcing executive-level support, coaches can often head off expected resistance.
  • Proactive resistance management―this approach requires coaches to anticipate the needs and understand the characteristics of their staff, and assess how they might react to change in light of these attributes. Coaches can then plan for likely forms of resistance in advance, with a structured mitigation approach.
  • Reactive resistance management―this focuses on resistance that has not been mitigated with the previous two types of resistance management, but instead persists or endures for an extended amount of time. This type of management may require more analysis and planning, particularly as the project nears its completion date.

Do you have candidates in your organization who may need support transitioning into coaching roles? Do you anticipate change resistance among your stakeholders? Contact us and we can help you develop a plan to address your specific challenges.

Blog
How to identify and prepare change management coaches

Your government agency just signed the contract to purchase and implement a shiny new commercial off-the-shelf (COTS) software to replace your aging legacy software. The project plan and schedule are set; the vendor is ready to begin configuration and customization tasks; and your team is eager to start the implementation process.

You are, in a word, optimistic. But here comes the next phase of the project—the gap analysis, in which your project team and the vendor’s project team test the new software to see how well it fulfills your requirements. Spending sufficient time and energy on the gap analysis increases the likelihood the resulting software is configured to support the desired workflows and processes of the agency, while taking advantage of the software’s features and benefits. Yet this phase can be stressful because it will identify some gaps between what you want and what the software can provide.

While some of the gaps may be resolved by simple adjustments to software configuration, others may not—and can result in major issues impacting project scope, schedule, and/or cost. How do you resolve these major gaps?

Multiple Methods. Don’t let your optimism die on the vine. There are, in fact, multiple ways to address major gaps to keep you on schedule and on budget. They include:

Documenting a change request through a formal change control process. This will likely result in the vendor documenting the results of the new project scope. This, in turn, may impact the project’s schedule and cost. It promotes best practice by formally documenting approved changes to project scope, including any impact on schedule and cost. However, the change request process may take longer than you may originally anticipate, as it includes:

Documenting the proposed change
Scoping the change, including the impact on cost and schedule
Review of the proposed scope change with the project team and vendor
Final approval of the change before the vendor can begin work

Collaborating with the vendor on a solution that fits within the confines of the selected software. With no actual customization required, this may result in a functionality compromise, and may also involve compromise by the project team and the vendor. However, it does not require a formal process to document and approve a change in scope, schedule or cost, since there are no impacts on these triple constraints.

Collaborating with the vendor and internal project stakeholders to redefine business processes. This may or may not result in a change request. It also promotes best practice, as the business processes become more efficient, and are supported by the selected software product without customization. This will require a focus on organizational change management, since the resulting processes are not reflective of the “way things are done today.”

Accepting the gap—and doing nothing. If the gap has little or no impact on business process efficiency or effectiveness, this method is likely the least impactful on the project, as there are no changes to scope, schedule, or cost. However, the concept of “doing nothing” to address the gap may have the same organizational change ramifications as the previous point.

Of course, there are other methods for addressing major software gaps. The BerryDunn team brings experience in facilitating discussions with agencies and their vendors to discuss gaps, their root causes, and possible solutions. We leverage a combination of project management discipline, organizational change management qualifications, and deep expertise to help clients increase the success likelihood for COTS software implementations—while maintaining their vital relationships with vendors.

Blog
Grappling with software gaps

People are naturally resistant to change. Employees facing organizational change that will impact day-to-day operations are no exception, and they can feel threatened or fearful of what that change will bring. Even more challenging are multiyear initiatives where the project’s completion is years away.

How can your agency or organization help employees prepare for change—and stay motivated for an outcome—many years in the making?


Start With the Individual

Organizational change requires individual change. For the change to be successful and lasting, an agency should apply organizational change management strategies that help lead people to your desired outcome.

With any new project or initiative, people need to understand why the project is happening before they support it. Communicate the reasons for the change—and the benefit to the employee (what’s in it for them)—so each individual is more inclined to actively support the project. Clearly communicating the why at the onset of the project can help employees feel vested in, and part of, the change. As Socrates said, “The secret of change is to focus all your energy, not on fighting the old, but building the new.” A clear vision can inspire each employee’s desire for the “new” to succeed.

Shift to Individual Goals

It’s a challenge to maintain your employees’ motivation for an organizational change occurring over the long haul. Below are some suggestions on how to sustain interest and enthusiasm for multi-year projects:

  1. Break the project down into smaller, specific milestones. Short-term goals highlight important deadlines and create tangible progress points to reach and celebrate. The master project schedule should be an integration of the organizational change management plan and the project management plan so any resource constraints you identify in the project management plan also become an input when identifying change management resources and activity levels. This integration also highlights the importance of key organizational change management milestones and activities in an effort to ensure they are on a parallel tack as traditional project tasks.
  2. Effectively communicate status updates and successes. In large, agency-wide projects, there are often a variety of stakeholders, each with different communication expectations and needs. The methods, content, and frequency of communication will vary accordingly. Develop a communications strategy as part of your organizational change management plan, to identify who will be responsible to send communications, when and how they will be sent, key messages of the communications, and what feedback mechanisms are in place to continue the conversation after initial delivery. For example, the project team needs a different level of detail than the legislature, or the public. Making the content relevant to each stakeholder group is important because it gives each group what they need to know so they don’t drown in a flood of unneeded information.
  3. Create buy-in by involving employees. A feeling of ownership naturally results from participation in a project, which helps increase enthusiasm. Often the time to do this is when discussing changes to business processes. Once you determine the mandatory features of the future state, (e.g., financial controls, legal requirements, legislative mandates) consider including stakeholder feedback on decisions more focused on preference. It is important for stakeholders to see their suggestions accepted and implemented, or if not implemented, that there was at least a structured process for thoughtfully considering their feedback, and a business case for why their suggestions didn’t make it into the project.
  4. Conduct lessons learned assessments after each major milestone. The purpose of conducting lessons learned activities is to capture what worked and what didn’t. Using surveys or other feedback systems, such as debrief meetings, allows stakeholders to voice their thoughts or concerns. By soliciting feedback after each milestone, leadership can quickly adapt to challenges, address any misunderstandings or concerns, and capitalize on successes.
  5. Reinforce how the project meets the goals of the agency or organization. Maintaining enthusiasm and support for a long-term goal takes a constant reminder of the overall organizational goals. It is important for senior leadership to communicate the impact of the project on the agency or organization and to stakeholders and keep the project at the forefront of people’s minds. Project goals may change during the duration of the project, but the project sponsor should continue to be active and visible in communicating the goals and leading the project.

Change is difficult—change that is years in the making is even more challenging. Applying a structured organizational change management process and using these tips can help keep employees energized and help ensure you reach the desired project goals.

Blog
Change management: Keeping employees motivated during multiyear projects

Good Practices Are Not Enough

When it comes to IT security, more than one CEO running a small organization has told me they have really good people taking care of “all that.” These CEOs choose to believe their people perform good practices. That may be true, but who defines good practices and how they administer them? And when? If “security is everyone’s job,” then nobody is responsible for getting specific things done. Good practices require consistency, and consistency requires structure.

From an audit perspective, a control not written down does not exist. Why? Because it can’t be tested, measured, or validated. An IT Auditor can’t assess controls if they were never defined. Verbal instruction carries by far the most risk. “I told him to do that,” doesn’t pass the smell test in court.

Why Does it Matter?

Because it’s not IT’s job to write policies. Their job is to implement IT decisions made by management. They’re not at the right level to make decisions that impact the entire organization. Why should small organizations concern themselves with developing policies and procedures? Here are two very good reasons:

1. Regulatory Requirements
2. Lawsuits

No matter how small your organization, if you have a corporate network (even cloud-based) and you store credit card transactions, personal health information, client financial information or valuable intellectual property, being aware of state and federal regulatory requirements for protecting that information is vital. It is the responsibility of management to research and develop a management framework for addressing risk.

Lawsuits happen when information is stolen and/or employees are terminated for inappropriate activities. If you have no policies that mandate what is and isn’t acceptable, and what the penalties are for violations, your terminated employee has grounds for a wrongful termination lawsuit: policy should not be written by the IT Department.

If confidential data you are responsible for is stolen and clients sue you, standing up in court and saying “We don’t have any written policies or procedures,” is a sure way to have both significant financial losses and a negative impact on your reputation. For a small organization, that could mean going out of business.

Even if data is stolen from a third-party vendor who stores your data, your organization owns the data and is responsible for ensuring the data is secure with the vendor and meets organizational requirements. Do you have a vendor management policy? If you work with vendors, you need one.

Consider, too, that every organization expects to grow its business. The longer management doesn’t pay attention to policies and procedures, the more difficult it becomes to develop and implement them.

Medium and Large Organizations Need to Pay Attention, too

A policy document provides a framework for defining activities and decision-making by everyone in the organization. A policy contains standards for the organization, and outlines penalties for non-performance. The organization’s management team or board of directors must drive their creation.
Policies also maintain accountability in the eyes of internal and external stakeholders. Even the smallest organization wants their customers and employees to have confidence the organization is protecting important information. By defining the necessary controls for running business operations that address risk and compliance requirements (and reviewing them annually), your management team demonstrates a commitment to good practices.

Procedures are the “How”

Procedures don’t belong in a policy. Departments need to be able to design their own procedures to meet policy requirements and definitions. HR will have procedures for employee privacy and financial information, finance must manage credit card, student, banking or client financial documentation, and IT will need to develop specific technical procedures to document their compliance with policy.

If all those procedures are in a policy, it makes for unwieldy policy documents that management must review and approve. Departments need to change and update their procedures quickly in order to remain effective. For example, a policy may mandate the minimum number of characters in a password, but IT needs to develop the procedures to implement that requirement on many platforms and devices.

What is a “Plan” Used For?

Consider that organizations commonly have a Business Continuity Plan as well as an Incident Response Plan. How is a “plan” different from a policy or procedure?

A plan (for example, an Information Security Plan, or Privacy Plan, etc.) is a collection of related procedures with a specific focus. I have seen these collections called “programs,” but most organizations use “plan” (plus, the Federal government uses that term). The term “program” implies a beginning and an end, as well as tending to be a little too generic (think “School Lunch Program”).

Three Ways Not to Develop Policies, Procedures and Plans

1.

Getting templates from the Internet. Doing a Google search delivers an overwhelming number of approaches, examples and material. Policy templates found online may not be applicable to your organization’s purpose, or require so much editing they defeat the template’s purpose. 

2.

Alternatively, going to organizational peers can endlessly replicate one poorly developed approach to documentation.

3.

Writing policies and procedures totally focused on meeting one regulatory requirement frequently necessitates a total re-write as soon as the next regulation comes along.

Consider the Unique Aspects of Your Organization

What electronic information does your organization consider valuable? During an assessment with a state university, we discovered that the farm research the agriculture school was performing was extremely valuable. While we started out with questions about student health and financial information, the university realized the research data was equally critical. The information might not have federal or state regulations attached to it, but if it is valuable to your organization, you need to protect it. By not taking a one-size fits all approach to our assessment, we were able to meet their specific needs.

Multiple Departments or Locations? Standardize.

Whether your organization is a university, non-profit organization, government agency, medical center or business, you frequently have sub-entities. Each sub-entity or location may have different terms for different functions. For example, at a recent engagement for another university, Information Security “Programs,” “Plans” and “Policies” meant different things on different campuses. This caused confusion on the part of all stakeholders. It also showed a lack of cohesion in the approach to security of the university as a whole. Standardizing language is one of the best ways to have everyone in the organization on the same page, even if the documents are unique to a location, agency or site. This makes planning, implementation, and system upgrade projects run more effectively.

Demonstrate Competence

No matter what terms your organization chooses, using consistent terms is a good way to demonstrate a thoughtful approach. Everyone needs to be talking the same language. Having documents that specify management decisions provides assurance to internal and external stakeholders. Good policies, procedures and plans can mean the difference between a manageable crisis and a business failure.

To receive IT security updates, please sign up here.

Blog
Policies, procedures, and plans—defining the language of your organization

As more state and local government workers enter retirement, state and local agencies are becoming more dependent on millennial workers — the largest and most educated generation of workers in American history. But there is a serious gap between supply and demand.

As noted in a 2016 report by the Bureau of Labor Statistics titled 
Household Data Annual Averages 15, only 25.6% of current
government workers are between the ages of 18 and 35.

This trend isn’t necessarily shocking; many millennials choose higher-paying jobs in the private sector over lower-paying jobs in the public sector, especially when the days of a lifelong government career, and generous pensions, are dwindling. But it is a serious labor problem for government agencies — one that requires creative solutions. To entice these new workers, state and local governments need to adopt new recruiting and retaining methods.

Recruiting Methods

While money matters to millennials, they also want to live a life of adventure, try new things, embrace trailblazing technology, pursue meaningful goals, and gain a sense of both personal and civic accomplishment. In short, these new workers have values that differ from previous generations. You can help entice them by:

  • Highlighting your state and local agency’s mission and greater purpose. Many millennials want to affect change and find careers consistent with their values. Include information in your job descriptions about the positive environmental and social impact your agency makes.

  • Updating your technology. Millennials have grown up with technology (literally at their fingertips), can adapt to change as no other generation before them, and often strive to remain on the “cutting edge.” By updating your agency’s technology, you will not only improve your organization and benefit the public you serve, but also have a better chance of recruiting the best and brightest millennials.

  • Providing them with a work-life balance. Life outside of work is just as important to millennials as their careers. They don’t plan to wait for retirement to finally pursue their interests, so providing them with a level of flexibility is key to recruitment. Consider offering flexible workdays, remote working capabilities, extended parental leave, sabbatical opportunities, and “mental health days.” The more flexibility state and local agencies provide, the more incentive there is for millennials.

Retaining Methods

Recruiting millennials for government jobs is challenging enough, and retaining them can prove even harder, as job hopping is standard practice for many members of this generation. Nevertheless, there are certain methods your agency can adopt to prevent millennial turnover. We suggest:

  • Investing in employee development and training. Training and creating opportunities for promotion and career advancement are motivating incentives to millennials. Professional development excites millennials and investing in them will pay off for the agency — and the employees will be more engaged and likely to stay.

  • Showing employees they are valued. Recognition is the biggest motivator besides money — millennials want acknowledgement for the good work that they do. Communicate achievements and provide awards to recipients in front of their peers. This not only gives them credit, but also motivates others. Continuing to communicate to your employees how their work supports their values reminds them they made the right decision in joining the public sector in the first place.

Make Your Move

Millennials are worthy of your attention! To compete with the private sector — to recruit and retain them — your government agency has to take an innovative approach to capitalize on this ever-growing demographic. If your state or local agency needs help refreshing your technology, reviewing current policies and procedures, or taking a fresh look at your processes, contact BerryDunn. We would love to talk about your commitment to your future!

You may also be interested in: CFOs for Hire; How to Attract and Retain Workers in a Seller's Market

Blog
Getting millennial with it: How state and local governments can recruit and retain a new generation of workers

We humans have a complex attitude toward change. In one sense, we like finding it. For instance: “Now I can buy something from the vending machine!” In reality, we try to avoid change as much as possible. Why? Because it’s frightening. Consider this quote from Mary Shelley’s Frankenstein: “Nothing is so painful to the human mind as a great and sudden change.”

The key word in that quote is “sudden.” Because the more we prepare for change, the less painful it becomes. One crucial way to prepare for change is to assess how ready we are for something new.

Which brings us to you. The fact you are reading a blog post with the words “Readiness for Enterprise Systems” in its title suggests that you have considered, or are considering, changing your institution’s Enterprise Resource Planning (ERP) system or other enterprise software, such as LMS, SIS, CRM, etc. This change is no minor adjustment.

Enterprise systems are complex, impacting institutional activities at many levels, from managing student records, finances, and human resources, to enabling student enrollment and registration. Is your institution prepared for transformation across the organization? To find out, assess your institution’s readiness for change. To help illustrate what an assessment might entail, I’ll outline BerryDunn’s method.

Step #1: Understanding Key Indicators for Readiness
When assisting a client to determine readiness, BerryDunn begins engaging stakeholders from across the institution (e.g., staff, faculty, and students) to understand the current environment. This allows us to address seven key indicators for change readiness:

  1. Stakeholder Buy-In. The key to success in changing an ERP platform is for users to understand the value that the change will bring. “Do stakeholders know how the new system will benefit them? Or, from their perspective, ‘What’s in it for me (aka, WIIFM)?’”
  2. Executive Sponsorship. In order to obtain stakeholder buy-in, leaders have to communicate effectively with various parties about change. They will be required to display strong and consistent leadership when stakeholders are faced with challenges with vendors, timing, scope creep, or other issues. “Are leaders prepared to lead the charge? Are they committed to change?”
     
  3. Vendor Ability. Each institution has specific operational needs and programmatic objectives. ERP vendors will highlight their strengths and may de-emphasize weaknesses that may exist in their products. “Are vendors actually able to meet the institution’s functional needs and align their software with strategic objectives?”
     
  4. Business Process Redesign. As mentioned above, it can be a struggle to align operational needs and programmatic objectives with vendor software. It’s even harder to achieve this while ensuring that, in implementing a new ERP system, an institution won’t lose valuable functionality that had been provided by the previous ERP. “Does the client fully understand the impact of a new ERP system on their processes?”
     
  5. Project Management. Proactive project management is critical when changing an ERP system. Project managers need to engage institutional stakeholders, project sponsors, and vendors to keep them apprised of progress. “Are project managers empowered to maintain strong communication with all stakeholders?”
     
  6. Data Governance. Another key indicator of ERP readiness is how well-defined data management is before implementation. ERP replacement projects are jeopardized when institutions don’t understand their data assets, or don’t know what level of data migration is necessary. “Is the institution prepared for data migration?”
     
  7. Software Change Management. As ERP vendors move their products to the cloud, the software they sell will become less customizable, but more configurable. In other words, customers won’t necessarily be able to modify the base software code, but they will have more options in regards to defined fields, workflow, and user interface. Although this sounds limiting, it is actually an opportunity to streamline operations, add discipline to software update timelines, and require organizations to consider how to best complete their administrative functions. It is critical that an institution adapt its software change management practices to meet this reality. “Do the institution’s software change management practices reflect how software is delivered by vendors today?”

Step #2: Establish Agreed-Upon Metrics
Based on our analysis from Step #1, we then score these indicators of readiness based on a maturity scale from 0 – 5, using the following parameters:

0  Non-existent
1  Aware, but not ready to change
2  Aware and open to change, but lack understanding of path forward
3  Accept that change is needed, but clear action plan is not in place
4  Accept that change is imminent and is being planned for
5  Readiness for change has broad understanding, is accepted, and is being executed 

Step #3: Score the Readiness of Your Organization
When you work with a consulting firm to assess your institution’s readiness for change, you should expect tangible takeaways that will inform stakeholders and provide a baseline metric. For example, we prepare a brief report that outlines a score for each of the seven maturity indicators of ERP readiness and provides supporting information for the basis of each score.

Here is an example of a Software Change Management section from a hypothetical ERP Readiness Report:

READINESS INDICATORS

BASIS FOR SCORE

SCORE (0 – 5)

Software Change Management

The University does have an effective software change management methodology, and a standard process for prioritizing requests to its current ERP system. This model may change significantly if a cloud system is chosen, and will require a new approach to configuration and asset management.

3


Finally, based on the weighted aggregate score of the report, BerryDunn determines the institution’s readiness for change, and provides recommendations on how to remediate low scores, and sustain higher scores.

Now for the good news. By setting a baseline early in your readiness planning, the scoring can be revisited over time to measure progress and provide project leadership with a simple, but effective, approach to tracking change management within the organization.

Next Steps
As you can see, implementing a new ERP doesn’t have to be a monstrous experience. You simply need to determine your ERP readiness, and follow a common-sense plan for change management. If you’d like to talk more about this process, send me an email: dhoule@berrydunn.com. I look forward to learning about the great changes your institution has planned.

Blog
Assessing organizational readiness for enterprise systems

Electronic accessibility in every aspect of modern life has increased ten-fold, but government — and courts in particular — has been slow to follow.

History Lesson
The idea that criminal court proceedings are accessible by the public is a pillar of our justice system, rooted in the First Amendment. This public right to unrestricted access in criminal and civil court proceedings has been interpreted by many states to extend to court documents and court records (as long as not otherwise protected).

Traditionally, public access to court proceedings and records has been limited to those taking place in the courthouse, between the hours of 8:00 am and 4:00 pm. In most every other aspect of our lives, we have 24/7 access to everything from live streaming of our home security systems, to ordering our groceries or dinner from our mobile devices — while traveling at 30,000 feet! Government — and courts in particular — has been slow to follow in the rush to 24/7 electronic accessibility.

Part of the rationale behind the hesitation to jump on the electronic bandwagon, are the ethical issues surrounding unlimited electronic public access. So while the First Amendment provides for public access to information, conversely the Fourteenth Amendment interprets the definition of “liberty” to include a right to privacy. Deciding between these two semmingly contradictory rights becomes a challenge for courts when determining what form of electronic access is appropriate for court documents.

The pros
Unlimited electronic access to publicly available documents:

  • Serve a variety of public interests while eliminating the need to travel to the courthouse to research and copy documents.
  • Acts both as a deterrent to violating laws and as protection to those whose rights have been violated.
  • Tends to instill fairness, transparency, and equality of court proceedings.
  • Protects the community and allows the media to report on matters of public interest in a more convenient, timely, and streamlined manner.

The cons
While there are compelling reasons to provide electronic public access, they don’t take into account the potential for it to be used inappropriately. Risks include:

  • Increased chance of identity theft, leading to loss of property, finances, and credit
  • Exposure to sensitive information that may be harmful to all those involved
  • Negative impact on privacy
  • Deter public interest lawsuits for fear of overexposure
  • Mistakes or abuse of legal process can have far-reaching implications on individuals

What can states do?
Allowing unlimited remote electronic access to court documents could compromise the privacy rights and concerns of individuals and increase the risk of harm to those participating in court proceedings. This issue demands the full attention of the courts nationwide, but not with an “all-or-nothing” approach.

Many states struggle with striking this balance. To mitigate some of the potentially damning effects, states have taken different approaches. The National Center for State Courts (NCSC) has brought attention to the issues on several occasions. In 2002, the NCSC and the State Justice Institute funded the project, “Developing a Model Written Policy Governing Access to Court Records” and more recently the NCSC has published the “Privacy/Public Access to Court Records Resource Guide”.

Some states have redacted confidential information from electronic documents and some have limited what information or categories are available on the internet, only posting some combination of the following:

  • Appellate decisions
  • Final judgments, orders, and decrees
  • Basic information of the litigant or party to the case
  • Calendars and case docket lists

Our recommendation
States must agree upon the amount of access they will provide electronically. To tackle this, each state should:

  • Consider forming an access committee(s) to determine what guidelines are needed to balance the free access rights of the public with the privacy rights of individuals
  • Policy decisions should be publicly posted to the judiciary, legislators, and the public at large; and
  • Should be regularly revisited to ensure an appropriate balance is continually achieved

Interested in learning how your state can address this or similar issues? Reach out to BerryDunn's justice and public safety experts and we can discuss the particular issue facing your state and the best practices for approaching it.

Blog
Striking a balance: Public right of access to court records vs. the privacy rights of individuals

This site uses cookies to provide you with an improved user experience. By using this site you consent to the use of cookies. Please read our Privacy Policy for more information on the cookies we use and how you can manage them.