SEARCH

Technology Life-cycle As I observe the current state of Artificial Intelligence (AI) and the rush surrounding its deployment, I find myself reflecting on a pattern that has repeated throughout technological history—a life-cycle we should follow or ignore at our peril. Understanding this cycle will be crucial as we navigate the turbulent waters of machine intelligence in the coming decades. Technology Birth: The Age of Polymaths At the start of something new, technology emerges from the minds of individuals who must be both theorists and builders out of necessity. During this nascent phase, technology represents the promise of future benefits—a tantalizing glimpse of what could be possible if we can unlock nature's secrets. But here's the thing: these pioneers cannot simply theorize; they must also engineer the very methods and means to test their theories and conduct their experiments. I think of figures like Alan Turing, who didn't just conceive of computation as a mathematical abstraction but had to grapple with the practical challenges of building machines that could embody his ideas. Robert Oppenheimer, who couldn't rely on existing infrastructure but had to orchestrate the creation of entirely new engineering capabilities to transform theoretical physics into reality. Niels Bohr, whose quantum insights required him to work hand-in-hand with experimentalists and instrument makers to probe the atomic realm. These pioneers are remembered not as narrow specialists, but as polymaths who had no choice but to embody both scientific curiosity and engineering necessity in a single person. They were forced to be polymaths because the specialized infrastructure we take for granted today simply didn't exist. They had to build their own tools, design their own experiments, and create their own methods for testing the boundaries of the possible. At this stage, the technology exists primarily in the realm of possibility, but that possibility can only be explored through ingenious combinations of theory and practice. The science dominates the vision, but the engineering dominates the day-to-day reality of actually making progress. We explore uncharted territory where both the map and the vehicle must be invented simultaneously. Technology Maturation: The Great Separation This pioneering phase, however, cannot sustain itself indefinitely. As we look at the evolution of any transformative technology, science and engineering eventually must part ways to serve the technology's evolution. This separation marks the beginning of true maturation—when technology transitions from promise to realizing that promise. During this critical phase, we see the emergence of engineering as a distinct discipline with its own methodologies, constraints, and objectives. While scientists continue to push the boundaries of what's theoretically possible, engineers focus on the art of the practical: How do we make this work reliably? How do we scale it? How do we manage its complexity and cost? This separation isn't arbitrary—it's a natural evolution that allows each discipline to flourish. This is where engineering truly comes into its own. The theoretical insights gained during the science-dominated birth phase become the raw materials for solving real-world problems. We see the development of standardized practices, specialized tools, and systematic approaches to implementation. The technology gains structure, reliability, and predictability. Technology Industrialization: The Commodity Phase The maturation phase gradually gives way to something entirely different. As we look at the next phase of the technology life-cycle, mature technologies enter their final phase: widespread adoption through scaling and refinement. At this stage, technology becomes a utility and commodity, much like electricity or telecommunications today. The focus shifts from fundamental innovation to assembly, component refinement, and optimization. This transformation has its purpose. The cutting-edge science becomes background knowledge. The specialized engineering practices become standardized procedures. The technology that once required polymaths, scientists & engineers, now operates through well-understood processes and established infrastructure. This is precisely where I believe Information Technology finds itself now. The days of inventing new information technology paradigms have largely passed. Instead, we are in an era of integration, standardization, and incremental improvement. Agile is a perfect example of this, as we care less about engineering the technology stack rather than using it. The science is well-established, the engineering principles are codified, and the primary challenge becomes efficient deployment at scale. History Repeating As I look at the current state of artificial intelligence, I see clear parallels to this historical pattern. We are witnessing the emergence of our modern equivalents of Bohr, Oppenheimer, and Turing—visionaries who are simultaneously advancing the science of intelligence while grappling with its practical implications. The field remains dominated by scientific discovery, with engineering practices still in their infancy. However, I am already seeing early signs of the great separation beginning. As AI moves beyond pure research, distinct engineering domains are starting to crystallize. We are beginning to see the emergence of specialized practices around model deployment, safety engineering, human-AI interaction design, and scalable training infrastructure. This mirrors exactly what happened with previous transformative technologies. The science-engineering split is starting to happen, though many haven't recognized it yet. The Critical Mistake We Must Avoid Here is where I believe we are making a fundamental error. Too many organizations and leaders are treating AI as if it were already in the commodity phase—ready for immediate, large-scale adoption with minimal specialized expertise. This represents a dangerous misunderstanding of where we actually stand in the technology life-cycle. This misconception has real consequences. AI should not be rushed into the utility and commodity stage while skipping the crucial engineering maturation phase. Just as we wouldn't have expected the early pioneers of computing to immediately build data centres, we shouldn't expect AI to seamlessly integrate into every business process without first developing robust engineering practices. The consequences of this premature commoditization are already becoming apparent. We see systems deployed without adequate safety measures, unrealistic expectations about reliability and performance, and a general underestimation of the specialized knowledge required to implement AI effectively. Purpose in the Process As I think about the path ahead, I am convinced that respecting this technological life-cycle will be essential for realizing AI's full potential. We must allow the engineering phase to unfold naturally, developing the specialized practices and institutional knowledge necessary for responsible deployment. This requires a fundamental shift in expectations. This means accepting that we are still in the early stages of a much longer journey. The scientists continue their essential work of expanding the boundaries of what's possible, while a new generation of AI engineers is already emerging to bridge the gap between laboratory breakthroughs and real-world applications. The technology life-cycle teaches us that shortcuts are illusions. Each phase serves a purpose, and attempting to bypass any stage risks undermining the entire enterprise. As we stand at this critical juncture in the development of artificial intelligence, I believe our patience and respect for this natural progression will determine whether AI becomes a transformative force for good or another cautionary tale of technological hubris. The future of AI—and perhaps the future of human progress itself—depends on our wisdom to let this life-cycle unfold as it should, rather than as we wish it would. About the Author: Raimund Laqua, P.Eng, is a professional computer engineer with over 30 years of expertise in high-risk and regulated industries, specializing in lean methodologies and operational compliance. He is the founder of Lean Compliance and co-founder of ProfessionalEngineers.AI , organizations dedicated to advancing engineering excellence. As a Professional Digital/AI Engineering Advocate, Raimund champions proper licensure across the entire spectrum of digital engineering disciplines. He actively contributes to the profession through his leadership roles, serving as AI Committee Chair for Engineers for the Profession (E4P) and as a member of the Ontario Society of Professional Engineers (OSPE) working group on AI in Engineering, where he helps shape the future of professional engineering practice in the digital domain.

Every compliance decision your organization makes is either systematically building competitive advantage or destroying value. There is no middle ground, and the stakes are higher than most executives realize. The visible compliance costs—$10,000+ per employee annually for training, audits, and regulatory activities—represent only the surface of your true investment. The hidden multiplier lies in operational design choices that either create integrative business capabilities or construct expensive bureaucratic overhead that constrains growth while failing to manage risk effectively. The data is clear:  Organizations with strategic compliance-design, outperform market indices by 7.8-13.6% through three proven mechanisms: increased operational margins that absorb unavoidable risks, systematic elimination of costly waste from preventable failures and misalignment, and enhanced stakeholder trust that commands premium market valuations. The opportunity is now:  Companies making this transformation early will establish sustainable market leadership, while those that delay will find themselves competing against superior operational capabilities built by more strategic competitors. This guide provides the business case, methodology, and action plan for transforming compliance from oversight burden to operational capability aligned with organizational success. The Strategic Reality Every C-Suite Faces You already know compliance consumes significant resources. What you may not realize is that the visible costs—UConn research documents $10,000+ per employee annually in healthcare, financial services, and manufacturing for training, audits, and regulatory activities—represent only the surface of your true investment. The hidden multiplier lies in operational design . Every compliance decision you make either builds integrative business capability or constructs expensive bureaucratic overhead. The difference determines whether your organization joins the proactive out-performers or remains trapped in reactive cost multiplication. The data is clear : Ethisphere's World's Most Ethical Companies consistently outperform market indices by 7.8% to 13.6% over five-year periods. McKinsey research shows organizations with strategic compliance approaches achieve 10-30% improvements in customer satisfaction while reducing administrative overhead by 20%. This isn't correlation—it's causation through operational design. The Hidden Cost Multiplier Most Executives Never Calculate Traditional compliance approaches don't just consume the visible $10,000 per employee. They systematically multiply your true investment through: Operational Fragmentation: Separate systems requiring dedicated staff, manual reconciliation, and constant coordination across departments. Each silo demands its own technology stack, reporting processes, and management attention. Process Inefficiency: Extended cycle times for business decisions waiting for compliance approvals. Multiple hand-offs creating delay and error opportunities. Duplicated assessments across functions that should be integrated. Executive Attention Waste: C-suite time diverted from strategic growth to crisis management. Board meetings dominated by compliance issues rather than market opportunities. Management bandwidth consumed by problems that integrated design prevents. Opportunity Cost: Resources locked in defensive postures rather than competitive advantage creation. Innovation constrained by processes designed around limitation rather than enablement. The strategic question isn't how much you're spending on compliance—it's whether your current approach is building operational capabilities that contribute to business performance or constructing barriers that constrain growth while failing to effectively manage risk. Why Traditional Approaches Guarantee Poor Performance Most compliance programs operate on what Lean Compliance founder Raimund Laqua identifies as " The Reactive Uncertainty Trap "—waiting for audits, incidents, or regulatory action before improving posture. This creates a vicious cycle where organizations work frantically while remaining "one mishap, one violation, or one incident away from mission failure." The fundamental design flaw is that traditional approaches treat compliance as an oversight function rather than operational capability. This creates artificial separation between risk management and value creation, forcing choose-or-lose decisions where alignment would optimize both by improving the probability of intended outcomes and reducing the probability of unintended consequences. Academic research from Harvard Business School and University of Pennsylvania demonstrates that this separation creates measurable business disadvantages: Reduced operational efficiency through duplicated processes Increased decision latency through fragmented approval chains Diminished stakeholder trust through reactive rather than proactive positioning Constrained innovation through defensive rather than enabling frameworks The competitive impact created by organizations maintaining traditional approaches is that they systematically under-perform across customer satisfaction, employee engagement, operational efficiency, and financial returns—not because they lack resources, but because: their compliance design multiplies costs while constraining performance. How Leaders Transform Capability into Value Total Value Chain Analysis Organizations achieving competitive advantage don't spend more on compliance—they design it differently. The breakthrough methodology centres on operational alignment : embedding compliance capabilities directly into business processes rather than maintaining them as separate oversight functions. Effective compliance programs create total value advantage through three strategic capabilities : Increase Margin to Absorb Irreducible Risk: Compliance excellence boosts operational productivity, creating financial and non-financial cushions against unavoidable risks—the chance events and natural variability you cannot eliminate but must prepare for. Organizations with superior compliance capabilities maintain higher margins that enable strategic flexibility during market disruptions, regulatory changes, or operational challenges. Buy Down Reducible Risk by Reducing Waste and Non-Value Activities: Strategic compliance drives down reducible risk that generates costly waste: defects, non-conformance, violations, incidents, injuries, fines, penalties, and other preventable consequences caused by epistemic uncertainty (lack of knowledge) or operational negligence. This isn't just cost avoidance—it's systematic elimination of value-destroying activities that constrain growth and profitability. Add Value in Stakeholder Perception and Market Positioning: Organizations that pursue operational excellence—operating safely, securely, with integrity, and delivering consistent quality—earn greater trust from customers, investors, regulators, and communities while commanding higher market valuations. This stakeholder confidence translates directly into competitive advantages: preferred customer relationships, lower cost of capital, regulatory cooperation, and community support for expansion initiatives. These capabilities are strengthened by operational compliance design principles: Value Chain Alignment: Using Lean Compliance's Total Value Chain Analysis (their adaptation of Michael Porter's framework for risk and compliance), leading organizations map compliance activities across primary business processes—inbound logistics, operations, outbound logistics, marketing/sales, and service—creating horizontal capability rather than vertical bureaucracy. Technology Enablement: Modern compliance platforms provide real-time monitoring, predictive analytics, and automated workflows that eliminate manual processes while improving accuracy and responsiveness. This creates what systems theorists call "emergent properties"—capabilities that arise from system interactions rather than individual components. Proactive Certainty: Rather than reactive problem-solving, proactive approaches enable "staying between the lines and ahead of risk" through continuous monitoring and predictive intervention. The operational result is that compliance becomes a business enabler and stabilizer rather than business constraint, reducing total cost of ownership while simultaneously increasing margin resilience, operational efficiency, and stakeholder value creation. The Board-Level Business Case The compounding benefits from this approach include: Financial Performance: Academic research consistently demonstrates that organizations with integrative compliance programs outperform peers across revenue growth, cost efficiency, and shareholder returns. The "Ethics Premium" tracked by Ethisphere shows sustained out-performance over multiple economic cycles. Risk Mitigation: Proactive compliance reduces both regulatory risk and operational risk while building stakeholder trust that creates market advantages during periods of uncertainty or crisis. Market Positioning: In an environment where 80% of company value derives from intangible assets—brand reputation, stakeholder trust, operational excellence—compliance capabilities directly impact market valuation and competitive sustainability. Talent Advantage: Organizations known for operational excellence and ethical leadership consistently attract and retain superior talent while reducing the costs and risks associated with cultural misalignment. The Strategic Opportunity The choice facing every C-suite is clear continue viewing compliance as necessary burden while competitors systematically build operational advantages, or recognize compliance transformation as one of the most significant opportunities for business excellence and market differentiation available in today's competitive environment. The window for competitive advantage through compliance excellence is narrowing . Organizations that successfully make this transformation early will establish sustainable market positioning. Those that delay will find themselves competing against superior operational capabilities built by their more strategic competitors. The question isn't whether compliance can drive business value—the research proves it can and does . The question is whether your organization will capture that value through strategic transformation or continue multiplying hidden costs through operational fragmentation. The companies that recognize and act on compliance as competitive advantage will define the next generation of market leadership. The companies that don't will find themselves systematically disadvantaged across every metric that matters to long-term success. Your Strategic Plan for Compliance Value Strategic Plan for Total Value Advantage Assess Your True Investment and Value Creation - Identify compliance costs beyond visible budget items: dedicated FTE costs across departments, technology investments, process inefficiency costs due to uncertainty, and opportunity costs from constrained innovation. Simultaneously conduct Total Value Chain Analysis using Lean Compliance's methodology to evaluate how compliance activities affect every primary business process and identify alignment opportunities for compliance capabilities to enhance rather than constrain operational and organizational performance. Design for Total Value Advantage - Establish the three strategic capabilities of effective compliance: increase operational margins through productivity improvements that create financial cushions, systematically eliminate reducible risks that generate costly waste (defects, violations, incidents, penalties), and build stakeholder value through operational excellence that earns trust and commands higher market valuations. Transform compliance from external oversight to embedded operational capability aligned with business decision-making and value creation. Implement Integrative Technology and Governance - Deploy predictive technology platforms enabling real-time monitoring that support organizational and operational alignment. Establish cross-functional teams with compliance expertise embedded in operational decisions while ensuring proactive obligation and risk management. Focus on systems that provide business intelligence for strategic decision-making while achieving regulatory requirements as a natural outcome of operational excellence. It’s time to prioritize compliance as a competitive advantage over operational overhead. This demands CEO-level strategic vision and organizational commitment to integrative design, not partial optimizations across silos adjacent but not aligned to the value chain. The Total Value Advantage Program Lean Compliance's The Total Value Advantage Program™ represents an integrative approach that combines LEAN methodology with proactive compliance strategies to transform how organizations meet all their obligations, including regulatory requirements, voluntary commitments, and production obligations. Organizations implementing this program experience measurable improvements across multiple critical areas including enhanced safety protocols, strengthened security measures, improved sustainability practices, elevated quality standards, robust legal adherence, and reinforced ethical conduct.   These outcomes extend beyond traditional compliance metrics to encompass the full spectrum of organizational outcomes, delivering improvements in compliance efficiency, reduced operational waste, and enhanced operational confidence.  This program is designed for organizations seeking to transform their compliance function from a necessary burden into a competitive advantage that supports broader business objectives, organizational mission, and the complete range of regulatory and voluntary commitments.

Three Dimensions of Strategic Alignment in Compliance I've spent enough years in regulated industries to see the same pattern everywhere: compliance programs built as add-ons to the business rather than integral parts of it. We layer on requirements, create parallel procedures, and train people to navigate multiple systems, then wonder why our efforts don't translate into better business outcomes. The missing piece isn't better documentation or more training—it's strategic alignment. After watching countless organizations struggle with regulatory complexity and stakeholder expectations, I've come to believe that compliance effectiveness comes down to three fundamental alignment challenges that must be tackled simultaneously. These aren't sequential steps—they're interdependent dimensions that only work when addressed as an integrated whole. Get this right, and compliance becomes a strategic advantage. Get it wrong, and you're stuck with expensive overhead that creates the illusion of protection while actual risks pile up in the gaps. The Three Dimensions: A Systems Challenge These three alignment objectives work together as a system: Internal Program Alignment (within) - Aligning program functions, behaviours and interactions within each compliance program. Cross-Program Alignment (between) - Aligning program functions, behaviours and interactions across and between each compliance program. Value Chain Alignment (together) - Aligning program functions, behaviours and interactions integrated with the Value Chain. Each dimension shapes and constrains the others. You can't achieve one without the other two, and attempting them sequentially inevitably fails. They must be developed as an integrated capability. Internal Program Alignment: Getting Your House in Order Let's examine the first dimension - aligning the pieces within each compliance program. I've seen safety programs where Engineering designs to one standard, Operations follows different procedures, HR trains to yet another protocol, and Quality audits against something else entirely. Everyone's working hard, following their piece of the process, but the program as a whole creates more confusion than clarity. This isn't an organizational chart problem. It's a value definition problem. Until everyone understands what success actually looks like—not just avoiding incidents, but enabling reliable performance—the individual functions will optimize for their local metrics instead of the overall outcome. When we consider what managers think about this, they usually nod knowingly. They've lived through the frustration of having different people show up each asking for the same thing but in a different way. They are not working together. The fix isn't more coordination meetings. It's designing the program so information and work flows naturally from risk identification through assessment, mitigation, and monitoring. When someone identifies a safety concern on the floor, that insight should inform training priorities, design decisions, and operational procedures without requiring three separate reports to three separate systems. This might sound obvious, but most compliance programs are built like relay races—hand off the baton and hope the next person runs in the right direction. What we need are programs built like jazz ensembles, where everyone understands the theme and can improve their part while staying in harmony with the whole. Cross-Program Alignment: Breaking Down the Silos The second dimension can be messier: getting different compliance programs to work together instead of against each other. Most organizations I work with have separate kingdoms for safety, quality, environmental, security, ethics, and regulatory compliance. Each kingdom has its own procedures, metrics, meetings, and reporting requirements. This creates obvious waste—multiple audit schedules, overlapping training requirements, redundant documentation systems. But the real damage is subtler. It's the cognitive overload imposed on the people trying to do actual work while navigating multiple, often conflicting compliance frameworks. It's the missed opportunities when programs compete for attention instead of reinforcing each other. Here's what I've learned: a quality system that prevents defects means nothing if the security system allows data breaches that destroy customer trust. An environmental system that reduces emissions provides limited value if the ethics program fails to prevent conflicts of interest that damage stakeholder relationships. Systems that succeed individually can still fail collectively to protect what the organization actually values. The goal isn't to merge everything into one mega-system—that usually creates a bureaucratic nightmare. It's to design the means to work together that create positive reinforcement instead of competition. When safety practices support quality outcomes, when quality practices enable environmental compliance, when all of these contribute to ethical business practices, you get capabilities that exceed the sum of their parts. Value Chain Alignment: The Make-or-Break Dimension Here's where I see most compliance transformations fail, and it's the most important point I want to make: without programs being an integral part of the business, mission success simply won't happen. You can perfect internal program mechanics and eliminate cross-program redundancies all you want, but if your compliance systems remain fundamentally separate from how value is actually created and delivered, you've built sophisticated overhead, not strategic capability. Many organizations spend years optimizing compliance programs that work beautifully in isolation but have no connection to how the business actually operates. They can produce impressive metrics about training completion rates, audit findings closure, and policy compliance, but they can't tell you how any of that contributes to better business outcomes. Real integration means compliance programs aren't parallel to business processes—they're embedded within them. Safety isn't something that happens alongside production; it's how production happens reliably. Quality isn't a separate verification step; it's built into every value-creating activity. Environmental stewardship isn't a compliance add-on; it's part of how you design sustainable operations. When this works, compliance stops being a cost centre and becomes a competitive differentiator. You can take on opportunities that competitors can't safely pursue, move at speeds they can't sustain, and build relationships they can't replicate because they can't demonstrate the same consistent capability for responsible performance. Staying "ahead of risk" means your compliance programs anticipate and shape business conditions rather than just responding to them. "Between the lines" means understanding not just what's required today, but where stakeholder expectations are heading. "On-mission" means every compliance activity reinforces rather than distracts from what you're actually trying to accomplish. Without this alignment, even the most perfectly designed compliance programs remain peripheral to what determines organizational success. They might prevent failures, but they won't enable the kind of sustained, responsible performance that creates lasting advantage. The Bottom Line: It's All Connected Here's the key insight that took me years to fully grasp: these three alignment objectives aren't sequential—they're part of a system. You can't fix internal program alignment without understanding how programs need to work together. You can't align across programs without knowing how they connect to the business. And you can't achieve value chain alignment without having coherent programs that reinforce each other. I've seen too many organizations try to tackle these one at a time, thinking they'll build internal alignment first, then work on cross-program coordination, and finally connect to the business. It doesn't work that way. The alignments are interdependent—each one shapes and constrains the others. Strategic alignment in compliance isn't about organizational charts or reporting structures. It's about building capability—the organizational ability to simultaneously align compliance functions with business reality, integrate programs with each other, and connect compliance capabilities with value creation. These happen together or they don't happen at all. The three alignment objectives I've outlined provide a framework for building this capability, but remember: they're not a checklist to work through sequentially. They're interdependent dimensions that must be developed together. Value chain integration might be the most critical, but it's impossible without programs that are internally coherent and mutually reinforcing. In my experience, organizations that master this alignment don't just comply better—they compete better. They move faster, take on bigger challenges, and build stronger stakeholder relationships because they've developed the capabilities necessary for responsible growth and sustainable success. That's the promise of Operational Compliance : not just meeting obligations more efficiently, but transforming compliance from a constraint on value creation into a catalyst for it. In a world of accelerating change and increasing uncertainty, this might be the most important competitive advantage you can build.

Organizations spend a lot of time talking about culture. Safety culture, quality culture, risk culture. We create frameworks, run training programs, and hang mission statements on walls. These efforts come from good intentions, but what happens when culture breaks down? What I have learned is by the time you notice a culture problem, simple fixes probably won't be enough. Culture Shows What We've Actually Done Culture isn't what we say we believe. It's what our past actions have created. The culture in your organization today came from hundreds of decisions and actions made over time. Not the words in your policy manual, but the real choices people made when facing day-to-day pressures. In compliance work, I see this regularly. Companies build detailed programs with clear procedures and comprehensive training. They launch everything with genuine commitment. However, months later, they wonder why things haven't really changed. The reason is straightforward, although perhaps not simple: culture forms through what people actually do, not what they're told to do. All those decisions and actions add up over time. How problems get handled. What gets prioritized when deadlines are tight. Which rules get bent and which don't. These create the culture you end up with. When culture problems show up, they're rarely isolated issues. They're connected to how the organization really works. This makes them harder to fix because the problems run deeper than any single policy or training program can reach. I've seen companies try to train their way out of culture problems. It rarely works because training assumes people just need more information. But if the culture actively works against what you're teaching, the training won't stick. So what should you do? Leadership Has to Fill the Gap You can't fix culture by rewriting your values statement. Those documents are nice, but culture lives in the space between what we say and what we do. When culture fails, leadership needs to step in and provide what the culture should be providing naturally. Think of it as temporary scaffolding while you rebuild the foundation. This is similar to compliance programs. When culture naturally supports good practices, compliance happens quietly in the background. When that support breaks down, you need much more active oversight and intervention. The formal system has to do work that should happen informally. Leaders have to actively guide behavior that should be happening on its own in a healthy culture. How much leadership intervention you need depends on how far things have drifted. If problems have been building for years, even strong leadership might struggle to turn things around quickly. I've worked with organizations where the issues were so embedded in systems and relationships that gradual change wasn't enough. Sometimes you need more dramatic intervention to break established patterns. Why Did This Happen? The key question isn't just how to fix your culture, but why these problems developed in the first place. This usually reveals some uncomfortable realities. Most culture problems happen when what an organization actually rewards is different from what it says it values. Maybe you talk about safety but consistently approve schedules that cut safety time. Maybe you emphasize quality but accept defective work to meet shipping dates. Maybe you call compliance important but treat it as expensive overhead. These contradictions don't always happen on purpose. They often result from competing pressures or systems that accidentally reward the wrong things. But understanding how they developed helps prevent the same problems from coming back. How to Approach Change At Lean Compliance , we treat culture problems as system issues. Bad culture doesn't just happen—it develops for specific reasons that can be identified and addressed. We start by understanding what actually happens versus what's supposed to happen. How do decisions really get made? What behaviours get rewarded in practice? What makes it hard for people to do the right thing? Then we focus on specific changes rather than broad concepts. Instead of "improve safety culture," we ask: what specific behaviours need to change? What decisions should be made differently? What conversations need to happen? Finally, we work on systems that support better choices. Remove barriers to good behavior. Create ways to catch problems early. Make sure consequences actually match your stated priorities. The Reality Culture change takes time and sustained effort. Leadership might not see results for months. Things often get messier before they get better as hidden problems come to light. But the alternative is staying stuck with whatever culture accidentally developed through years of mixed signals and inconsistent choices. Culture can change because it's made up of human decisions, and people can decide differently. When culture fails, leadership has to be the temporary solution until a healthier culture can grow. It requires leadership that's willing to make different choices consistently over time to change the direction that culture is heading. There's no way around the hard work this requires, but organizations that stick with it usually come out stronger.

Taiichi Ohno's Secret to Delivering Total Value To understand this approach, we need to return to the origins of LEAN manufacturing when Taiichi Ohno first introduced it at Toyota in the 1950s. While Ohno is widely known as the father of LEAN who taught waste removal, standard work, and continuous flow, there's a crucial element of his approach that often gets overlooked. Ohno's transformational insight (not really a secret) was that the production leader should "break" the standard by continuously improving it. When you achieve an improvement that allows you to remove your best person from the production line, what that person does next becomes the key to exponential growth rather than incremental gains. These freed-up resources didn't disappear—they worked on creating further improvements that resulted in even more people being removed from the line. Through this compounding effect, Ohno eventually had enough people to start an entire second production line. Instead of achieving fractional improvements, he was able to double his capacity using existing resources. As Ohno explained: "Making an improvement that can take one person out results in just one person's cost being saved. If you take that person and have her make improvements, you start getting savings of two, three, four, and five people and so forth. Taking out the best person and making her improve the rest is really effective." This same principle applies to creating Total Value through productivity and compliance programs. You begin by reducing waste, standardizing work, and streamlining workflow—but that's only the foundation of what's possible. The real transformation happens when freed-up resources from reactive, unproductive activities are redirected toward proactive, productive work. These resources can then anticipate changes, address root causes, and introduce new capabilities that keep the organization ahead of risk, operating between the lines, and staying on-mission. By following this approach, organizations can double their capacity to meet not just regulatory obligations, but all their obligations—using the resources they already have. The capacity for dramatic improvement often already exists within organizations; it simply requires a more holistic approach to unlock it.

Applying Lean to Digital Waste The digital transformation has fundamentally changed how work gets done, but it has also created a new challenge for operational excellence. While LEAN methodology has long focused on eliminating waste in manufacturing and physical processes, the rise of digital operations has introduced new forms of waste that are often harder to see and understand. Today's organizations increasingly operate through layers of software, automation, and algorithms that obscure the reality of what's actually happening in their processes. This digital opacity creates a fundamental problem: you cannot improve what you cannot see. As more organizations cross the threshold where digital processes outnumber physical ones, the need to identify and eliminate digital waste becomes critical to maintaining operational excellence. The Visibility Problem in Digital Operations Speed, efficiency, and effectiveness are not synonymous. When organizations prioritize doing things faster through automation, they often inadvertently conceal the very waste that LEAN methodology seeks to eliminate—over-processing, excessive movement, and other forms of operational inefficiency. More critically, automation buries operational reality within layers of code, making processes invisible to the stakeholders and decision-makers who need to understand them. What actually happens becomes locked away in digital black boxes, inaccessible to those responsible for improvement and oversight. The rise of AI has both amplified this challenge and brought it into sharp focus. As organizations face new obligations for transparency and explainability in their AI systems, they're discovering that the visibility problem extends far beyond artificial intelligence. This need for transparency was always essential once we entered the digital era—we simply didn't recognize its urgency. The critical difference today is that many organizations have crossed a threshold where digital processes outnumber physical ones. While this shift doesn't apply to every industry, it represents the new reality for a significant portion of the business world. This makes the LEAN principle of visibility—the practice of "walking the Gemba" to see what's actually happening—more important than ever. You cannot improve what you cannot see, and in our increasingly digital world, automation has made it easier to operate blindly. The challenge isn't just maintaining visibility; it's actively creating it in environments where the real work happens behind screens rather than on factory floors. The Eight Digital Wastes To address digital waste, we must first identify it. Here are the eight traditional LEAN wastes translated into their digital equivalents: 1. Overproduction → Over-Engineering/Feature Bloat Building more features than users need or want. Creating complex solutions when simple ones would suffice, or developing features "just in case" without validated demand. 2. Waiting → System Delays/Loading Times Users waiting for pages to load, API responses, system processing, or approval workflows. Also includes developers waiting for builds, deployments, or code reviews. 3. Over-processing → Excessive Processing/Computations Using more computational power than necessary to achieve desired outcomes. This includes deploying large language models for simple text tasks that simpler algorithms could handle, running complex AI models when rule-based systems would suffice, or using resource-intensive processing when lightweight alternatives exist. The massive compute requirements of modern AI often exemplify this waste. 4. Inventory → Technical Debt Accumulated shortcuts, suboptimal code, outdated dependencies, architectural compromises, and deferred maintenance that slow down future development and increase system fragility. This includes both intentional debt (conscious trade-offs) and unintentional debt (poor practices that compound over time). 5. Motion → Inefficient User Interactions Excessive clicks, complex navigation paths, switching between multiple applications to complete simple tasks, or poor user interface design that requires unnecessary user movements and interactions. 6. Defects → Bugs/Quality Issues Software bugs, data corruption, system errors, security vulnerabilities, or any digital output that doesn't meet requirements and needs to be fixed or reworked. 7. Unused Human Creativity → Underutilized Digital Capabilities Not leveraging automation opportunities, failing to use existing system capabilities, or having team members perform manual tasks that could be automated. Also includes not utilizing data insights or analytics capabilities. 8. Transportation → Non-Value-Added Automation Automating processes that don't actually improve outcomes or create value—like automated reports no one reads, robotic processes that move data unnecessarily between systems, or AI features that complicate rather than simplify user workflows. The automation itself becomes the waste, moving work around without improving it. Apply LEAN to Reduce Digital Waste Understanding digital waste is only the first step. Organizations must actively work to make their digital operations as transparent and improvable as physical processes once were. Here's how to apply these concepts: Create Digital Gemba Walks: Establish regular practices to observe digital processes in action. This might include reviewing system logs, monitoring user journeys, analyzing performance metrics, and sitting with users as they navigate your systems. I mplement Visibility Tools : Deploy monitoring, logging, and analytics that make digital processes observable. Create dashboards that show not just outcomes, but the steps and resources required to achieve them. Question Automation : Before automating any process, ask whether the automation truly adds value or simply moves work around. Ensure that automated processes remain observable and improvable. Address Technical Debt Systematically : Treat technical debt as you would physical inventory—track it, prioritize its reduction, and prevent its accumulation through better practices. Optimize for Actual Value : Regularly audit your digital systems to identify over-processing, unnecessary features, and inefficient interactions. Focus computational resources on tasks that truly benefit from them. Design for Transparency : When building new digital processes, make observability and explainability first-class requirements, not afterthoughts. The path to eliminating digital waste begins with increased transparency. Organizations must prioritize making their digital processes observable and understandable, creating the visibility necessary to identify, measure, and systematically eliminate these new forms of waste. Only through this enhanced transparency can we unlock the true potential of digital operations while maintaining the continuous improvement capabilities that drive lasting operational excellence.

For those responsible for management systems you have most likely noticed the elevation of continuous improvement and specifically the use of a Plan-Do-Check-Act (PDCA) cycle in related standards, guidelines, and even regulations. Here are a few examples (API RP 1173, ISO 9001, ISO 22301): The use of improvement cycles has been effective in specific contexts and areas. So it’s not a surprise to see PDCA (or similar) cycles also being applied to management programs and systems. However, guidance on what and how PDCA is to work at the systems level has been few and far between. At a macro level the same acronym (PDCA) is being used however the details of what is to happen within each step is vague, and differs from standard to standard. In some cases PDCA is being used as a process to build the system as if it was a project methodology. In most cases PDCA has been re-defined as the model for the system processes within a given standard. It looks like PDCA is used as magical pixie dust sprinkled everywhere where things are managed. If you are confused by all of this, you are not alone. Research has shown that the inconsistent use of PDCA has contributed to the failure of not only what we might call “ Management PDCAs ” but traditional process improvement as well. It is difficult for organizations to get the benefits from PDCA when it is being re-defined, co-opted, and misapplied. In this article we take a look at “Management PDCAs”and how these compare with traditional continuous improvement cycles. We will try to clear out some of the confusion and find out if Management PDCAs are going to be a hero or end up as a zero – not amounting to very much and perhaps making things worse. History of PDCA There is much written and available on the topic of continuous improvement. PDCA is not new and has evolved over the years. Here are a few of the familiar ones you probably have heard or know about: Deming Wheel Shewhart Cycle Japanese PDCA PDSA PDCA / A3 (Lean) DMAIC (Six Sigma) Kaizen / Toyota Kata Observe-PDCA OODA Build-Measure-Learn (Lean Startup) And others At a basic level, PDCA is a model for continuous improvement that uses iterations to optimize towards a goal. In practice, focusing on smaller improvements with frequent iterations accelerates learning and establishes behaviours that build towards an improvement culture. When this is done well it results in a virtuous cycle where both action and behaviours reinforce each other delivering more and better improvements over time. No wonder management standards and regulatory bodies are looking at harnessing the power of PDCA – it has been a real super power. What all these continuous improvement cycles have in common is that they are all meta processes that stand outside of what you want to improve. You can in theory (practice may be different) apply them to improving tasks, processes, systems, programs, and many other things. Each encapsulates a methodology where the specifics of what happens inside the cycle depend on what you want to improve. For example, some are focused on problem solving, while others on discovery of better ways to achieve a particular target or goal. The majority of them are most effective when applied to incremental changes at the process level and less so at involving system-wide improvements. What is the Problem with Management PDCA? Let's now take a look at how PDCA is being used by many management systems standards and guidelines. We will consider: PDCA as a project methodology PDCA as a systems model PDCA as a new variant for continuous improvement PDCA as a replacement for CAPA (corrective actions / preventative actions) PDCA as a project methodology Many have adopted the practice of viewing all management processes through the lens of P-D-C-A. While PDCA may define a natural process for management where we plan the work, work the plan and then check to make sure the plan was done, this is not the same as continuous improvement and what PDCA was intended for. As an example, ISO defines PDCA in the following way: PDCA is a tool that can be used to manage processes and systems. P-Plan: set the objectives of the system and processes to deliver results (“What to do” and “how to do it”) D-Do: implement and control what was planned C-Check: monitor and measure processes and results against policies, objectives and requirements and report results A-Act: take actions to improve the performance of processes PDCA operates as a cycle of continual improvement, with risk‐based thinking at each stage. On paper this sounds good, but this is a form of linear thinking. in this case PDCA has been flattened out to form a sequence of steps. There is no improvement cycle and the only activity to improve is specified in the ACT step not the DO step where it happens in traditional PDCA. PDCA as a system model Several management system standards have conceptualized their management activities as part of an overarching PDCA cycle. In essence, PDCA has become a system cycle and not an improvement cycle in the traditional sense. To help us understand this we need to consider the difference between management systems and management programs. At a high level when you want consistency you use a system; when you want to change something you launch a program. Management systems, which is what ISO and others provide standards for, are meant to maintain state which means consistently achieving a specific level of performance with respect to such things as quality, safety, security, and so on. This is accomplished by monitoring processes and taking action to correct for deviations in whatever way that is defined. Management programs, on the other hand, are used to change state to achieve new levels of performance. This is a feed-forward control loop that adjusts system capabilities to achieve higher standards of effectiveness. This fits closer to the notion of continuous improvement towards better outcomes rather than deviation from standard. Both feed-back and feed-forward processes can benefit from PDCA but only partially. The benefit of iterations only occurs as often as "defects" are discovered or "standards" are raised. This limits the scope of improvements to those events and mostly to the reactive side of equation when risk has already become an issue. PDCA as a new variant When standards envision their systems as improvement cycles they are creating a new variation of PDCA that works differently than traditional PDCA cycles. The processes that are linked to Plan-Do-Check-Act steps are intended to operate simultaneously. For example, in the case of AP RP 1173 Pipeline Safety Management System, you never stop doing DO'ing operational controls to CHECK safety assurance.There is no sequencing of steps, or iteration happening here. Instead, PDCA is used to describe a function that the set of processes performs. This is different than conducting a PDCA followed by another PDCA and then another until you achieve your goal. PDCA as a replacement for CAPA Continuous improvement in the form of PDCA has been placed on the reactive side and embedded in the system as mostly a replacement for CAPA. All too often I have seen PDCA used to define a process for actions. Again, this is linear thinking applied to managed work. There is no iteration, no striving towards a goal, no incremental improvement. From Zero to Hero What seems to have happened is that we have a conflation of improvement strategies all under the umbrella of PDCA. It's no wonder why there has been confusion and lack of success. For PDCA to be more than words on page (or magical pixie dust) it should follow the principals defined by each methodology. Failure to follow the principals has been reported as a large contributor (perhaps the largest) to why PDCA has not been effective. With respect to Management PDCAs these should: Not be used as a process to build a system. PDCA is intended to improve the system after it has become operational. PDCA is a cycle that is repeated not a linear step of project steps. There are other methodologies to establish systems such as Lean Startup for example. Not be used as a replacement for CAPA . PDCA should instead be a proactive process for continuous improvement focused on staying ahead of risk and prevention not only on reacting to incidents. Be part of the system but not the system itself . Mapping management system processes to PDCA steps misrepresents management system dynamics which will lead to ineffective implementation and operations. Be repeated as often as possible to develop habits and leverage iterative improvements. The power of PDCA comes from proactive actions reinforced by proactive behaviours to establish a virtuous cycle. What most have instead is a vicious cycle – reactive actions reinforced by reactive behaviours. Where best to use PDCA? Continuous improvement needs to occur across all levels but at a minimum incorporate be used to improve processes (loop 1), and improve systems (loop 2): Loop 1: At the process level ,PDCA should focus on improving efficiencies and consistency. This is where Lean practices are most useful. Process level improvements tend to utilize existing capabilities to reduce waste and improve alignment. These improvements can be accomplished using frequent incremental changes over time. Loop 2: At the program level PDCA would focus on improving effectiveness of a system. This could be called a Program PDCA. This should follow approaches that utilize experimentation and system level interventions. System level improvements benefit from step-wise improvements that elevate capabilities to effect better outcomes. It is more difficult to incrementally improve through a maturity curve. What do you think?

Harvard Business School's Michael E. Porter introduced the concept of a value chain in his book, " Competitive Advantage: Creating and Sustaining Superior Performance ," in 1985. In his book he writes: "Competitive advantage cannot be understood by looking at a firm as a whole," Porter wrote. "It stems from the many discrete activities a firm performs in designing, producing, marketing, delivering and supporting its product. Each of these activities can contribute to a firm's relative cost position and create a basis for differentiation." Porter believed that competitive advantage comes from: (1) cost leadership, and (2) differentiation. Value chain analysis (VCA) helps to understand how both affect margin. Value chain analysis considers the contribution of an organization's activities towards the optimization of margin, where margin is an organization's ability to deliver a product or service for which the customer is willing to pay more than the sum of the costs of all activities in the value chain. Porter argues that a company can improve its margin by the way "primary activities" are chained together and how they are linked to supporting activities. He defines "primary activities" as those that are essential to adding value and creating competitive advantage. Furthermore, secondary activities assist the primary activities to maintain or enhance the product's value by means of cost reduction or value improvement. This the domain of LEAN and operational excellence. An example value chain along with general processes are shown in the following diagram: Value Chain Analysis A Compliance Perspective In recent years, compliance has increased in both complexity as well as demand by regulation and industry standards. It is, therefore, worth taking another look at the value chain in terms of how compliance should now be considered. Porter includes the quality assurance (QA) function as part of the "Firm Infrastructure." At a basic level, this places QA outside of the core processes and considered as means to improve value and reduce cost. The latter, is the more common emphasis as many organizations view quality and other compliance functions as an overhead that needs to be reduced. For the purpose of this discussion, we will use the same primary activities from the typical value chain. However, infrastructure activities are expanded to include other compliance activities such as: quality, safety, environmental and ethics & compliance. Compliance activities can in principle contribute to value improvement as well as cost reduction. Although, the effects may not be direct or immediate. A key role of compliance is to drive down risk which as we know has effects that may be delayed or mitigated. Therefore, instead of margin, it might be more useful to consider the level of risk as the measure to be optimized. It is common for compliance to be organized into isolated functions that are separate from the primary activities. However, we know that these programs are not effective when implemented in this way. Instead, they are more effective when seen as horizontal capabilities that cross the entire value chain. The following diagram illustrates how a compliance chain can be constructed using Porter's value chain as a model: Compliance Chain Analysis By analyzing the relationship between compliance and primary activities (including secondary), it is possible to gain a better understanding of the following: Cost of compliance and non-compliance How and to what degree compliance affects risk Value of compliance (cost avoidance, increased trust, and reduction in: defects, incidents, fatalities, financial losses, etc) Strategies aligned with competitive advantages can then be applied to improve both margin as well drive down overall risk: Cost Advantage Porter argued that there are 10 drivers that improve cost advantage: Create greater economies of scale Increase the rate of organizational learning Improve capacity utilization Create stronger linkages between activities Develop synergies between business units Look to increase vertical integration Improve the timing of market entry Alter the firm’s strategy regarding cost or differentiation leadership Change the geographic location of the activities Look to address institutional factors such as regulation and tax efficiency Differentiation Advantage Porter further identifies 9 factors to promote unique value: Changing policies and strategic decisions Improving linkages among activities Altering market timing Altering production locations Increase the rate of organizational learning Create stronger linkages between activities Develop relationships between business units Change the scale of operations Look to address institutional factors such as regulation and product requirements Compliance Advantage We suggest 10 principles to drive compliance advantage: Keep all your promises ​ Take ownership for all your compliance obligations (required and voluntary) Develop programs and systems that always keep you in compliance Incrementally and continuously improve your compliance Make compliance an integral part of your performance and productivity processes Use proactive strategies to always stay in compliance Monitor in real-time the status and your ability to stay in compliance Audit outcomes of your compliance programs not activity Develop a learning culture around compliance Always strengthen your ability to easily meet and maintain compliance Summary Total Value Chain Analysis Value chain analysis (VCA) has been used successfully to help companies create both cost and differentiation advantage to improve their margins. In today's highly regulated marketplace, tools like VCA can also be used to create a compliance advantage to decrease overall risk. While, this may not result in immediate cost reduction, it can avoid future costs and differentiate a company from its competitors by achieving: higher quality, safer operations, and improved trust from their stakeholders.

STAMP/STPA and traditional PHA methods like HAZOP represent fundamentally different safety analysis philosophies. STAMP/STPA views accidents as control problems in complex socio-technical systems, focusing on hierarchical control structures and unsafe control actions that can occur even when all components function properly.  In contrast, HAZOP operates on the principle that deviations from design intent cause accidents, using systematic guide words (No, More, Less, etc.) applied to process parameters to identify potential failure scenarios. Traditional PHA methods like FMEA and What-If analysis similarly focus on component failures and bottom-up analysis approaches. Research demonstrates these methodologies are complementary rather than competitive. Studies show STPA identifies approximately 27% of hazards missed by HAZOP, while HAZOP finds about 30% of hazards that STPA overlooks.  STAMP/STPA excels at analyzing software-intensive systems, complex organizational interactions, and novel technologies where traditional failure-based analysis falls short.  HAZOP proves to be better for traditional process systems with well-defined physical parameters and established operational procedures, benefiting from decades of industrial experience and mature tooling. For AI safety analysis, STAMP/STPA appears better suited to AI's systemic and emergent risks, but the choice becomes more nuanced when considering AI's integration into traditional process systems.  While STPA naturally addresses algorithmic decision-making, human-AI interactions, and emergent behaviors that traditional failure analysis struggles with, AI increasingly operates within conventional industrial processes where HAZOP's systematic parameter analysis remains valuable.  The real challenge lies in analyzing AI-augmented process control systems—where an AI controller making real-time decisions about flow rates or temperatures requires both STPA's systems perspective to understand the AI's control logic and HAZOP's structured approach to analyze how AI decisions affect physical process parameters.  Rather than viewing these as competing methodologies, the most thoughtful approach recognizes that AI safety analysis may require STPA for understanding the AI system itself, while leveraging HAZOP's proven framework for analyzing how AI decisions propagate through traditional process systems—a hybrid necessity as AI becomes embedded throughout industrial infrastructure.

Imagine you're a ship captain navigating treacherous waters. Most captains rely on their damage control teams—when the hull gets breached, they spring into action, pumping out water and patching holes. That's feedback control, and while it's essential, it's not what separates legendary captains from the rest. Risk Management is a Feed Forward Process The best captains? They're obsessed with their barometer readings, wind patterns, and ocean swells before the storm hits. They're tracking leading indicators—subtle changes that whisper of trouble long before it screams. That's feedforward control, and it's the secret that transforms risk management from crisis response into strategic advantage. Here's the truth that will revolutionize how you think about risk: Risk management is a feedforward process. Everything else is just damage control. Walk into any company's "risk management" meeting, and you'll see the problem immediately. They're not managing risk at all—they're managing the aftermath of risks that already materialized. These meetings are filled with lagging indicators—the equivalent of counting holes in your ship's hull after the storm has passed. True risk management is feedforward by definition. It's about reading the environment, anticipating what's coming, and adjusting course before the storm hits. When you're reacting to problems that already happened, you've left risk management behind and entered crisis response. This means fundamentally changing what you track. You measure leading indicators: Employee engagement scores before they become turnover rates Customer complaint sentiment before it becomes churn Process deviation patterns before they become quality failures Market volatility signals before they become financial losses Compliance inoperability before it becomes violations Organizations that make this shift see remarkable transformations in their risk posture by changing their measurement focus from "How badly did we get hit?" to "What's building on the horizon?" Consider how this works in practice: instead of tracking injury rates (lagging), organizations can track near-miss reporting frequency and planned change frequency (leading). This approach often leads to dramatic reductions in actual injuries—not because teams get better at treating injuries, but because they get better at preventing the conditions that create them. True risk management isn't about reading storms or cleaning up after them—it's about creating the conditions for smooth sailing. What leading indicators is your organization ignoring while it counts yesterday's damage?

MOC Maturity Index Change can be (and often is) a significant source of new risk. As a result, many companies have implemented the basics when it comes to Management of Change (MOC). This may be enough to pass an audit but is not enough to effectively manage the risks due to: asset, process, or organizational change. For that you need processes that are adequately scoped, have clear accountability, and that effectively manage risks during and after the change is implemented. You also need to properly measure both the performance and effectiveness of the MOC process to know whether or not: (1) there is sufficient capacity to manage planned changes and (2) risks are properly mitigated. We created a quick assessment for you to get an idea of how well you are doing. You can take this free assessment by clicking: here

There are times when leadership sets their gaze on operations in order to better delight their customers, increase margins, or improve operational excellence. This gaze for many companies has translated into a journey of continuous improvement – the playground for LEAN. All across the world companies have embraced LEAN principles and practices in almost every business sector. In many cases, LEAN initiatives have produced remarkable results and for some created a new “way of organizational life.” Continuous improvement has become a centring force as a means for aligning a company’s workforce with management objectives. With this success, the mantra of continuous improvement has expanded, along with the LEAN tools and practices, to other areas of the business such as: quality, safety, environmental, regulatory and other compliance functions. However, in these cases, LEAN has not helped as much as it could and in fact in some cases has made things worse. The problem has not been with the translation of Japanese words such as “Gemba”, “Kaizen”, “Muda”, “Muri”, and others. Instead, the problem is with the translation of LEAN itself. The objectives, principles, and practices that have worked on the production floor where improvement is measured by cycle time reductions has not been as effective when applied to areas where improvement is measured by the reduction in risk. The following are key areas where inadequate translations have caused confusion resulting in a lack of effectiveness when applying LEAN: Value Improvement Uncertainty Objectives Translating Value When it comes to compliance programs the translation of such things as: “value”, “value stream”, “waste” , “flow” and “customer” are not as obvious or as easy to see compared to what happens on a production floor. Some LEAN practitioners chose not to do a translation and instead consider everything only from a “manufacturing” point of view. This means that everything that does not directly “touch a product” is considered as non-value added which makes almost everything else “waste.” Using a “narrow” definition has led LEAN teams to remove essential activities and outcomes such as: evidentiary artifacts needed to verify compliance risk measures needed to protect the value stream activities needed to meet compliance objectives preventive risk controls tasks that are occasionally used (ex. risk assessments) tasks where people have forgotten its purpose critical to compliance activities Translating Improvement Without an adequate translation for value some practitioners choose "simplification” as a guiding principle for process improvement. Unfortunately, after simplification has been completed what often remains is a process that does very little to advance any outcome, let alone those associated with compliance obligations. However, there is one outcome that is advanced and that is the possibility of risk. Over-simplification (a source of improvement waste) can create new or expose existing vulnerabilities that threaten value creation. Companies may end up with more risk than any productivity improvement they might have realized by the elimination of “waste.” Translating Uncertainty The value chain is responsible for creating value in the eyes of a company’s stakeholders and it does so in the presence of uncertainty. Productivity programs serve the value chain by improving margins through operational excellence and LEAN initiatives. Margins are necessary to mitigate the effects of aleatory (i.e. irreducible) uncertainty. It also affords an organization a degree of resilience against disruption. While the removal of waste can improve financial margins, many LEAN practitioners may not properly recognize the use of margins (extra time, extra capacity, extra resources, ..etc.) put in place to contend with uncertainty. As a result any gains in financial margins will be lost (and often more) to address the disruption when uncertainty does become a reality and there is no margin in place to attenuate its effects. Compliance is considered as necessary, but a waste from a LEAN perspective. However, compliance programs serve the value chain by mitigating the effects of epistemic (i.e. reducible) uncertainty. It does this by buying down risk through effective quality, safety, security, environmental, and regulatory systems and processes. Without margins or the buying down of risk companies are less resilient and are more vulnerable to threats to value creation. Translating Objectives LEAN can be applied to all processes provided that effective translations are made to the domain where LEAN is being applied. When it comes to compliance programs it is important to recognize that the primary objective is to eliminate and reduce risk rather than "waste". The following chart contains translations for other LEAN objectives as applied to the compliance domain: LEAN practitioners would do well to consider the impact of risk when engaged in process improvement that involves compliance obligations. Compliance processes will still contain traditional sources of "waste." Therefore, risk specialists would also benefit from applying LEAN to existing risk control processes to improve detection and response times to better prevent risk as well as mitigate its effects. You might say that since every process operates in the presence of uncertainty, LEAN practitioners should all be risk managers. You could say that risk is the cause of the waste which LEAN has traditionally focused on eliminating.