In a previous article, I wrote about a pendulum swing toward the people side of process.  In that example, the financial organization took a mixed approach.  They used information in their systems, together with knowledge of their processes and their people's experiences, to help them put together a successful strategy for the future.

The focus on people is critically important.  However, just as technology alone isn't the solution, neither is a singular focus on people.  Organizations should be cautious not to become pre-occupied by a single solution but rather focus on the total of all aspects of the organization.

There have been numerous examples of failures of major processes in recent months.  Airport security screening, Toyota's brake manufacturing, and (just last night) an example of baggage screening at a major airport are just a few.  In most cases, it seems that people are blamed for the failure of the process.  It's rarely one aspect that causes failure of process but rather the lack of coordination of people, process, and technology.

When something goes wrong with an organization's processes, the easiest component to blame is the people.  There is a hesitation to blame systems because there is such a massive, long-term investment involved, and processes don't seem important enough to have caused the problem.  When properly investigated, the cause may be a series of unfortunate/unanticipated events that all came together at the wrong time and no one was prepared to respond.

In order to understand the solution, organizations should first understand the concept of complex event processing, as many major problems result from these complex events.

Frank Herbert, American science fiction author 1920-1986, said, "The beginning of knowledge is the discovery of something we do not understand."  So, let's begin with a discovery of complex events.

An event is simply an indication that something of interest has occurred.  Complex events may occur when various events that may seem unrelated are considered together and form a new pattern or piece of information that can be used to identify threats or opportunities.  Or it may be the aggregate of simpler, lower-level events.  Complex event processing as an idea is not complex.  It's the use or creation of the technology to support it that can be complex.

Information on and knowledge of events is available to organizations.  However, it's not always known.  The events associated with the processes won't be formally known unless an organization has its processes defined and documented.  As a result, it may be nearly impossible to predict and manage threats, or perhaps opportunities, as they occur.  Since the outcome of complex events could be catastrophic, it's more important than ever that an organization's processes are already defined and documented.

In a perfect world, each process has clearly-defined events that occur.  The response to those events is called a process.

Generic View of Event & Process

However, we don't live in a perfect world, so what really occurs are events that are often unanticipated.  Because they are unanticipated, a response has not been planned.  In fact these events, taken individually, may not even be considered a problem.  The recognition of the problem happens when there is a realization that several of these unanticipated events are actually related.  The results are often disastrous.

For example, I was watching a movie called "Live Free or Die Hard" and it occurred to me that the story-line in this movie was all about the concepts related to "complex event processing."  (I know ... I need to get a life!)

The basic story-line of the movie involves a three-stage plan of events to disable transportation, communication, and the financial markets concurrently.  The strategy is nicknamed a "fire sale" in the movie, meaning that the entire infrastructure of the U.S. is attacked concurrently.

But as I watched the movie, I couldn't help but think, "Wow!  I wonder if this could really happen?  Does our homeland security have the proper processes, and are they paying the appropriate attention to seemingly unrelated events and analyzing them to determine if there is a pattern that indicates a threat?"

Let me give you some examples from the movie:

• Someone hacks the FBI database.
• Hackers in separate locations begin to die.
• All the traffic signals, rail control, and air traffic control fail across the U.S.
• Telecommunication networks fail.
• An anthrax alert is issued for several major government buildings.
• The financial markets crash.
• The power grid for major cities on the East coast fails.

However, all this was misdirection.  The real target was financial information in a government data storage facility.  The initial attack on the FBI had triggered the download to a government data storage facility of all the financial data from stock markets, corporations, and government agencies.  The plot was to download this information onto mobile hard drives, allowing them to undetectably siphon off billions of dollars.

A Series of Unanticipated Events

The point of all this is to say that seemingly unrelated events are occurring constantly around us, both in our personal and business lives.  But do we recognize these as events that affect each other, or do we view them as individual occurrences?

In order to be prepared for these unanticipated events it's important to understand what most organizations are missing:

• Procedures to define "surprises" at the enterprise level.
• BAM (Business Activity Monitoring) Procedures to determine what is "normal" and "expected" within an organization.
• Procedures to know what is "normal" and "expected" with external event sources.
• BPM (Business Process Management) Procedures to document process, including events, at all levels in the enterprise.
• CEP (Complex Event Processing) Procedures to correlate events across the enterprise historically and in real-time.
• Procedures to react to events as they occur.

There is a need in organizations to develop an all-encompassing approach to be able to respond appropriately to the constantly-changing business environment.  Successful organizations are the ones that combine the best from BPM (Business Process Management), BAM (Business Activity Monitoring), and CEP (Complex Event Processing).  It is the awareness of complex events that is changing the approach to understanding and responding to change.  It's not enough to manage process at a high level or monitor the activities within the process.  Numerous events occur constantly within all organizations.  Recognition of the effect each of these events has on the others, as well as understanding the relationships between the events, is essential.

One area of an organization that will benefit a great deal from this viewpoint is risk assessment.  When assessing risk, organizations normally base their assessment on several factors, one of which is type.  One type of risk might be operational; another might be strategic.  The various types of risk may include:

• Building/Facility
• Tool
• Material
• People
• Information/Secured
• Security

Several "low level" risk events can occur with frequency and be classified with a low priority.  Taken singularly, they do not create concerns.  However, when viewed in aggregate, it's easy to see how a minor risk might become a major, life-threatening event.  For example, a bolt is not tightened properly on a large piece of equipment but it is ignored or not noticed.  A small spring on that same equipment is found to be faulty but not considered a major problem in isolation.  The software that operates the equipment has a small inaccuracy in its programming.  The person who normally monitors the equipment calls in sick.  All seem to be low-risk events.  However, if they all occur at the wrong time, the results could be catastrophic when the bolt comes loose and the spring breaks, the safeguards in the software don't initiate, and the person who knows how to fix it is sick, so the equipment fails and a person is seriously injured or dies.

With CEP, organizations can relate events to expected outcomes and associate a series of events to key performance indicators (KPIs) and other organizational performance metrics.  CEP provides organizations insight into which events will have the greatest operational impact so they can focus their resources to seize opportunities and mitigate threats/risks.

The integration of CEP and BPM must exist at two levels, both at the business awareness level (users must understand the potential benefits of their individual processes) and also at the technological level.  There needs to be a method by which CEP can interact with BPM implementation.

Complex Event Processing is not a complex concept.  However, it is a very complex scenario to implement technology that can monitor events — both internal and external, which are constantly occurring in an organization — and examine them for patterns that would indicate opportunities or threats.

In conjunction with the technology, organizations must also utilize their people's experience and knowledge to properly react and plan using the information.  And finally, none of this will work unless an organization has documented, and is managing, their processes.

# # #