Trust is one of those things, like air, that people only tend to notice by its absence, It's vital for personal relationships and for business to function. This post explores the role of trust in IT and at work, and what can be done if it is lost.
Trust and computers
One of the things that makes IT interesting is the requirement to formalise things that are only loosely defined in everyday life. The most obvious example of this is programming; the act of telling a computer, in a human-readable language, exactly what it is you'd like it to do. IT also requires that trust be formalised, particularly in the sense of being able to trust a person is who they say they are.
The human capacity for recognising other people is huge, and surprisingly flexible. We can recognise people from the appearance of their face, their voice, and even from their gait, in very different circumstances to that which we've seen them before. We take for granted that we can successfully identify the people we see everyday without making conscious effort. Indeed, when this capability isn't present, or breaks down, it can be debilitating for the person with the condition and distressing for those around them, as in the case of people with prosopagnosia.
Computer systems, unlike most people, start from a place of not recognising their users, or at least not automatically. We have to identify ourselves to the computer, typically using a username and a password, the latter being necessary because the computer can't actually recognise you in the way another person can. Interestingly, recent research is starting to look at a data-oriented approach to determining identity. Instead of using passwords, it takes into account the devices you use regularly, tokens (e.g. keys, cards) you hold, the way you type, the way you look on a webcam, and your geographical location. This is much more like the approach to security our real-world institutions take. If you want to know more about the relationship between trust and formal systems, then I really recommend you check out the work of Bruce Schneier, who writes on security issues which span from individual computers to the whole of society.
Trust and behaviour
Once identity is established, trust starts to get a lot more complicated. Even authorised users of a system might behave in unwanted ways, because they're unhappy, being coerced, or are mistaken about the need to take action. Typically, business use contracts to ensure that people behave in the ways they expect. These can be both a blunt instrument and a potent way of exerting power. Despite many consumer laws, abusive Terms of Service are still prevalent in the IT industry, particularly when agreeing to 100-pages of dense legalese to use a simple service.
A common criticism of contracts goes like this: "You only need a contract if you make a deal with with someone you don't trust, and you shouldn't make a deal with someone you don't trust, therefore you don't need a contract." I disagree, however, that contracts are useless. Much like a programming language, the provide a formal way of detailing the agreement between two parties. It's all very way to say "I will do this if you do that", but when you get down to details of implementation, really significant differences can occur. As both parties typically had a good idea of what they thought they were agreeing to in their heads before they started, this can have a really negative effect on trust.
Trust and the organisation
When trust in a relationship is eroded, the usual reaction is to want to leave the relationship behind. In a business context this is possible where two companies are buying from one another and there's not much to lose on either side. It's much harder when the two parties have more invested in the relationship, for example between an employee and management. At this point, it's important to note that trust in this context is a two-way thing, existing between the employee and the organisation. It's best thought of as something that's constructed and maintained on both sides for it to function at all.
Symptoms of loss of trust
The first step of tackling issues with trust is to identify that it has been depleted in the first place. It's not always the first thing people think of when they start to become dissatisfied, or the first thing a manager thinks of when performance issues begin. However, some common themes emerge when there's an absence of trust which can be used to identify the root cause of a problem.
Firstly, people don't trust others with information. The most obvious form of this is when management don't share information with staff in a timely way, or only share a highly-edited, glossy version of the real situation. However, it can operate between peers too, creating silos of knowledge which are hard to break and staff who don't feel comfortable challenging others, or who hoard vital information as a way of protecting their position. If an organisation has a highly active rumour-mill, there's a good chance this is related to people not being trusted with the right information.
Secondly, people don't trust people to do their job. This can manifest in the form of micro-management, baroque sign-off processes, or complex work-tracking programmes. It could, for example explain the lack of a work from home policy as staff aren't trusted to work away from management supervision. At a peer level this lack of trust can result in attempts to distort process in order to get issues "the necessary attention" with other groups, or results in hostile rule-setting for hand-off between work units.
Third, people don't trust others when things go wrong. This is frequently described as a "blame culture", in which individuals end up accountable for systematic problems, and are made responsible for things which they had little or no control over. This can take the form of direct recrimination, public or private censure, or can be manifested in further reductions in people's freedom to do their jobs by the creation of new rules or unrealistic scrutiny.
Finally, and perhaps most importantly, people don't trust changes. This can be because they don't believe the intentions behind the change, or they don't trust others to correctly implement it. Eventually, it leads to all change within an organisation, even change that appears to be entirely positive, being resisted, simply because it is change and change is distrusted. This leads to a negative cycle in which the organisation can't respond appropriately to changes in its environment which then erodes trust further, and so on. Such a situation and its associated problems can lead to an organisational death spiral, which as it sounds, is a Very Bad Thing for all involved.
Regaining trust
Fortunately, there are simple steps which can be adopted to address the very real and potentially existential risks created by loss of trust in an organisation. Unfortunately, they may be simple by that doesn't mean they're easy, particularly as they require the very change that may be prevented by low trust levels.
All have a stake in organisational trust, but it is leaders who need to take the first step toward its rebuilding. This is because it is the behaviour of the leadership, and the individuals who make up that group, which sets the culture for the entire organisation. That's not to say that any group of leaders can act alone in rebuilding trust, or that there's any magic bullet which will fix issues easily, but it is they who must take the leap of faith necessary to start the process. Non-trivial problems require non-trivial solutions. Rebuilding trust happens over time, as a series of interpersonal transactions which start to turn the negative cycle in the opposite direction, making it a positive one.
The first step of the rebuilding process is to establish the integrity of the leadership team, This requires clear, totally candid communication and the keeping of promises, even where these things are extremely difficult. Without it, no-one can have faith that actions are well-intentioned or will be consistent. It's the first step in making the organisation trustworthy. One of the best places to start with this new approach to candour is around topics which are happening right now, are demonstrably true, but are difficult to deal with.
This change allows staff to behave so that they can build integrity too. By responding positively to challenges to ideas or changes in the light of new information, and avoiding shoot-the-messenger syndrome, management can foster an environment in which staff start to feel safe to be candid with
them. Integrity in particular can be a brittle construct. One incident of regression to previous habits from a manager will likely be perceived as return to underlying disposition, which will reset trust to zero and make it even harder to build the next time.
Once integrity has been established, the next step is to start accepting responsibility. Again, this must be done by management first, then to allow staff to develop their own responsibility in a safe way, and to gain the associated authority from doing so. As the leadership group are responsible for the culture of the organisation, one of the best ways to start on this journey is to publicly accept that there are shortcomings in the culture which need to be addressed. The approach taken to blame reflects the fact that many people in an organisation have limited control over outcomes, and failures are frequently systematic. One of the most damaging features of a blame culture is it prevents the organisation from addressing its underlying systematic issues, and those will never come to light at all if staff don't trust management enough to feel safe raising them.
The final step is to use the rebuilt integrity and responsibility to have a frank, two-way conversation about the shared goals which everyone in the organisation has. This is only possible once there is already a good degree of trust, as the process will be undermined by informational silos and micromanagement. Once shared goals have been agreed, then the leadership can make a clear communication of the purpose and vision of the organisation. This gives everyone something to aim for and a context within which to work.
At this point, the process is about maintaining, rather than rebuilding trust. This frees up everyone to focus on more meaningful work, guided by the shared goals and vision which has been produced. The competitive advantage for the organisation here is huge, as staff are empowered to create far more value than they otherwise could. This, in turn, lets the leadership focus on their big goals, which drives future success. These successes, properly acknowledged and celebrated, further deepen the trust within the organisation.
Trust is, then, an enabler of IT process and of wider business process. Without it the relationships necessary to enable effective work don't function properly, and can be a truly miserable experience for all involved. The rebuilding of trust has to start with management, but involves all in the organisation. If done properly, the rewards are well worth the effort.
Trust and computers
One of the things that makes IT interesting is the requirement to formalise things that are only loosely defined in everyday life. The most obvious example of this is programming; the act of telling a computer, in a human-readable language, exactly what it is you'd like it to do. IT also requires that trust be formalised, particularly in the sense of being able to trust a person is who they say they are.
The human capacity for recognising other people is huge, and surprisingly flexible. We can recognise people from the appearance of their face, their voice, and even from their gait, in very different circumstances to that which we've seen them before. We take for granted that we can successfully identify the people we see everyday without making conscious effort. Indeed, when this capability isn't present, or breaks down, it can be debilitating for the person with the condition and distressing for those around them, as in the case of people with prosopagnosia.
Computer systems, unlike most people, start from a place of not recognising their users, or at least not automatically. We have to identify ourselves to the computer, typically using a username and a password, the latter being necessary because the computer can't actually recognise you in the way another person can. Interestingly, recent research is starting to look at a data-oriented approach to determining identity. Instead of using passwords, it takes into account the devices you use regularly, tokens (e.g. keys, cards) you hold, the way you type, the way you look on a webcam, and your geographical location. This is much more like the approach to security our real-world institutions take. If you want to know more about the relationship between trust and formal systems, then I really recommend you check out the work of Bruce Schneier, who writes on security issues which span from individual computers to the whole of society.
Trust and behaviour
Once identity is established, trust starts to get a lot more complicated. Even authorised users of a system might behave in unwanted ways, because they're unhappy, being coerced, or are mistaken about the need to take action. Typically, business use contracts to ensure that people behave in the ways they expect. These can be both a blunt instrument and a potent way of exerting power. Despite many consumer laws, abusive Terms of Service are still prevalent in the IT industry, particularly when agreeing to 100-pages of dense legalese to use a simple service.
A common criticism of contracts goes like this: "You only need a contract if you make a deal with with someone you don't trust, and you shouldn't make a deal with someone you don't trust, therefore you don't need a contract." I disagree, however, that contracts are useless. Much like a programming language, the provide a formal way of detailing the agreement between two parties. It's all very way to say "I will do this if you do that", but when you get down to details of implementation, really significant differences can occur. As both parties typically had a good idea of what they thought they were agreeing to in their heads before they started, this can have a really negative effect on trust.
Trust and the organisation
When trust in a relationship is eroded, the usual reaction is to want to leave the relationship behind. In a business context this is possible where two companies are buying from one another and there's not much to lose on either side. It's much harder when the two parties have more invested in the relationship, for example between an employee and management. At this point, it's important to note that trust in this context is a two-way thing, existing between the employee and the organisation. It's best thought of as something that's constructed and maintained on both sides for it to function at all.
Symptoms of loss of trust
The first step of tackling issues with trust is to identify that it has been depleted in the first place. It's not always the first thing people think of when they start to become dissatisfied, or the first thing a manager thinks of when performance issues begin. However, some common themes emerge when there's an absence of trust which can be used to identify the root cause of a problem.
Firstly, people don't trust others with information. The most obvious form of this is when management don't share information with staff in a timely way, or only share a highly-edited, glossy version of the real situation. However, it can operate between peers too, creating silos of knowledge which are hard to break and staff who don't feel comfortable challenging others, or who hoard vital information as a way of protecting their position. If an organisation has a highly active rumour-mill, there's a good chance this is related to people not being trusted with the right information.
Secondly, people don't trust people to do their job. This can manifest in the form of micro-management, baroque sign-off processes, or complex work-tracking programmes. It could, for example explain the lack of a work from home policy as staff aren't trusted to work away from management supervision. At a peer level this lack of trust can result in attempts to distort process in order to get issues "the necessary attention" with other groups, or results in hostile rule-setting for hand-off between work units.
Third, people don't trust others when things go wrong. This is frequently described as a "blame culture", in which individuals end up accountable for systematic problems, and are made responsible for things which they had little or no control over. This can take the form of direct recrimination, public or private censure, or can be manifested in further reductions in people's freedom to do their jobs by the creation of new rules or unrealistic scrutiny.
Finally, and perhaps most importantly, people don't trust changes. This can be because they don't believe the intentions behind the change, or they don't trust others to correctly implement it. Eventually, it leads to all change within an organisation, even change that appears to be entirely positive, being resisted, simply because it is change and change is distrusted. This leads to a negative cycle in which the organisation can't respond appropriately to changes in its environment which then erodes trust further, and so on. Such a situation and its associated problems can lead to an organisational death spiral, which as it sounds, is a Very Bad Thing for all involved.
Regaining trust
Fortunately, there are simple steps which can be adopted to address the very real and potentially existential risks created by loss of trust in an organisation. Unfortunately, they may be simple by that doesn't mean they're easy, particularly as they require the very change that may be prevented by low trust levels.
All have a stake in organisational trust, but it is leaders who need to take the first step toward its rebuilding. This is because it is the behaviour of the leadership, and the individuals who make up that group, which sets the culture for the entire organisation. That's not to say that any group of leaders can act alone in rebuilding trust, or that there's any magic bullet which will fix issues easily, but it is they who must take the leap of faith necessary to start the process. Non-trivial problems require non-trivial solutions. Rebuilding trust happens over time, as a series of interpersonal transactions which start to turn the negative cycle in the opposite direction, making it a positive one.
The first step of the rebuilding process is to establish the integrity of the leadership team, This requires clear, totally candid communication and the keeping of promises, even where these things are extremely difficult. Without it, no-one can have faith that actions are well-intentioned or will be consistent. It's the first step in making the organisation trustworthy. One of the best places to start with this new approach to candour is around topics which are happening right now, are demonstrably true, but are difficult to deal with.
This change allows staff to behave so that they can build integrity too. By responding positively to challenges to ideas or changes in the light of new information, and avoiding shoot-the-messenger syndrome, management can foster an environment in which staff start to feel safe to be candid with
them. Integrity in particular can be a brittle construct. One incident of regression to previous habits from a manager will likely be perceived as return to underlying disposition, which will reset trust to zero and make it even harder to build the next time.
Once integrity has been established, the next step is to start accepting responsibility. Again, this must be done by management first, then to allow staff to develop their own responsibility in a safe way, and to gain the associated authority from doing so. As the leadership group are responsible for the culture of the organisation, one of the best ways to start on this journey is to publicly accept that there are shortcomings in the culture which need to be addressed. The approach taken to blame reflects the fact that many people in an organisation have limited control over outcomes, and failures are frequently systematic. One of the most damaging features of a blame culture is it prevents the organisation from addressing its underlying systematic issues, and those will never come to light at all if staff don't trust management enough to feel safe raising them.
The final step is to use the rebuilt integrity and responsibility to have a frank, two-way conversation about the shared goals which everyone in the organisation has. This is only possible once there is already a good degree of trust, as the process will be undermined by informational silos and micromanagement. Once shared goals have been agreed, then the leadership can make a clear communication of the purpose and vision of the organisation. This gives everyone something to aim for and a context within which to work.
At this point, the process is about maintaining, rather than rebuilding trust. This frees up everyone to focus on more meaningful work, guided by the shared goals and vision which has been produced. The competitive advantage for the organisation here is huge, as staff are empowered to create far more value than they otherwise could. This, in turn, lets the leadership focus on their big goals, which drives future success. These successes, properly acknowledged and celebrated, further deepen the trust within the organisation.
Trust is, then, an enabler of IT process and of wider business process. Without it the relationships necessary to enable effective work don't function properly, and can be a truly miserable experience for all involved. The rebuilding of trust has to start with management, but involves all in the organisation. If done properly, the rewards are well worth the effort.
Comments
Post a Comment