You took the time to engage your stakeholders; you planned; you tested; you began to execute; and then the implementation went awry. It happens to the best of us. There are just times when something doesn’t go according to plan.
In the article “3 Ways to Implement Your Security Needs in Collaboration with Business Stakeholders,” I outlined critical steps to ensuring you had stakeholder buy-in for security initiatives.
Now, despite your planning, the security implementation has gone bad and stakeholders are angry at the productivity hit they have all taken. So, how do you come back from such a place?
Don’t let a situation gone bad fool you; you can turn this around and make it a positive experience.
It seems simple but putting it out there that you understand stakeholder frustration (and perhaps felt it, too) helps recognize that you understand their pain and the business impact you caused. Doing this personally is the best approach. Sit down with your stakeholders and listen to their complaints and how you have impacted them.
This servers two purposes: it shows your commitment to understanding the business and it gives you the opportunity to learn how to interact with your colleagues in a productive, collaborative fashion. You may even find a future champion of your cause based on these interactions.
Outline what happened.
Hopefully, you have a standardized process in place for incident reports that include a thorough outline of what happened. Additionally, the report should have a root cause analysis statement, a mitigation section and a “how we plan on avoiding this issue in the future” component.
Not everyone will read the full report, but having an executive summary and lots of data/detail will help to demonstrate that you did your homework before the change and during the actual incident.
You may have to take two steps backward before you move forward again.
It is human nature to shy away from future change based on past experience. Therefore, you should consider making a few much smaller changes as your next steps to show that the changes can be done without end user impact.
Rebuilding confidence with your stakeholders, while keeping them highly engaged in the process and planning, will help to provide the credibility you need to make your next big change.
It is never easy to admit that despite your best planning some implementations don’t go off seamlessly. By showing your authentic concern, however, you can rebuild stakeholder confidence. Furthermore, by producing data that can trace back the issues, you provide credibility that it was a well-planned change.
Lastly, by pushing forward, albeit at a more conservative pace and scope, you continue the movement to a more secure ecosystem.
Title image courtesy of ShutterStock