I’ve written about change management in my previous blog and wanted to tackle the topic from a different angle here. Let’s talk about change resistance.
According to Dannemiller, for a change to take place three factors not only must be present, but their sum must outweigh the resistance to change:
C = D × V × F > R
- C – Change
- D – Dissatisfaction with how things are now
- V – Vision of what is possible
- F – First concrete steps that can be taken towards the vision
- R – Resistance
Meanwhile, the phenomenon of employees resisting organisational change is viewed as a widely accepted fact. But why is this the case? And, more importantly, what to do about it?
As with many things, the first step to solving this puzzle is to understand the root cause of it. Yes, it may appear on the surface that people may resist a new policy or technology. But look deeper: what do individuals value in the current state of affairs?
More ofter than not it’s their human relationships. Precisely the social element of the change; the change to these relationships that usually goes hand in hand with ‘technical’ change is something people resist the most.
Unpin the social interactions, pay attention to the moods and you might end up on the positive side of the Dannemiller’s equation.
Information security professionals not only have to deal with change, more often than not they represent change. It might be changing the way a company manages access to its systems, works with third-parties or anything else.
To be effective with the change management process, security professionals should work with the business, demonstrating the value of security.
John Kotter in his book Our Iceberg is Melting tells a story about a penguin colony, which demonstrates basic principles of successful change management:
- Establish a sense of urgency
- Create a guiding coalition
- Develop a change vision
- Communicate the vision for buy-in
- Empower broad-based action
- Generate short-term wins
- Never let up
- Anchor new approaches into the culture