graham westwoodLast week I met with Graham Westwood, CEO of ProCarta Inc. While many others are giving up on the promise of ‘explicit’, ‘codified’, knowledge to solve important business problems, ProCarta has found a compelling niche for the rigorous codification of explicit knowledge: Areas of high risk.

Graham uses the analogy of a ‘recipe’ to resurrect the reputation of ‘best practices’. Rather than a rigid, invariable series of steps that must be followed precisely to the letter, the procedures, suggestions, caveats and best practices incorporated into the ProCarta applications provide a flexible recipe for effectively and efficiently navigating areas of high business risk. Even a master chef will follow a recipe the first time he or she tries something new. The flexible nature of the software allows the ideas, suggestions, newly-discovered best practices and warnings to be written, wiki-style, into the recipe, providing additional guidance for other users.

The company’s approach to IT is also quite radical: Rather than sending IT consultants out to integrate its risk management solutions into the company’s existing IT infrastructure, ProCarta develops its applications outside the IT infrastructure, as simple, portable, stand-alone solutions. The business processes involved in addressing the high-risk problem is analyzed by the user into Processes, Activities, and Tasks, with each Task assigned to a specific identified Role. The regulatory requirements, best practices, and expert guidance and caveats are then keyed in to each Task. And then with the push of a button, the easy-to-use, non-technical ProCarta software produces a set of web pages with the corporation’s look-and-feel. The resultant website takes users through each step in the risky process, isolates the Tasks in each Role, and even turns out job descriptions.

One area where ProCarta’s solution has received considerable traction has been Sarbanes-Oxley Act compliance. ‘SOX” compliance procedures were developed to prevent a recurrence of the Enron/Arthur Andersen disaster. They address the corporate security environment, division of responsibilities, new oversight and review responsibilities, and the auditor attestation process.

To those who shrug off the value of prescribed procedures and best practices as an unwelcome imposition on the freedom and personal judgement of professional managers, Graham points out that, where at one time ‘corporate cowboys’ were highly respected as individualists, in high-risk areas they can get the entire business into serious trouble, leading to jail time or bankruptcy.

As Drucker has often pointed out, in today’s business world we are all subject matter experts, and almost everyone’s job is unique. We are always to some extent the best at what we, uniquely, do. And for that reason best practices that attempt to capture what someone else does well, have not proven terribly fertile ground for knowledge transfer. “That might be a best practice for his job, but that’s not what I do — my job is different”. But in some high-risk areas, everyone doing something different is not a recipe for flexibility and entrepreneurship, but a recipe for disaster.

This entry was posted in Working Smarter. Bookmark the permalink.


  1. Don Dwiggins says:

    Reminds me a bit of the work on design patterns initiated by Christopher Alexander for architecture, and picked up in a big way by the software development community.At the most simplistic level, a design pattern is “a solution to a problem in a given context”. It looks a bit like a recipe, but it explicitly states the assumed context and the anticipated consequences. Patterns are intended to express the common practical knowledge acquired by practicing professionals, and to improve two things: the ability of the professionals to communicate about their knowledge, and thus improve it and make it more public, and to provide a leg up for apprentices and other learners. There’s a lot more to say about this area; http://hillside.net/patterns/ is a good place to start.

Comments are closed.