Dilution can be defined as "the process or action of making something less strong or valuable." Over the years I have experienced this effect at work when it comes to compliance systems in support of quality, safety, environmental, and regulatory objectives. The following are steps that many companies follow in hopes to strengthen their compliance but all too often results in the dilution of compliance instead.
Step 1: Company decides to adopt a compliance management system
As always it begins at the beginning with good intentions to use a management system to raise the standard for a particular set of obligations. This is often triggered by the occurrence of a significant incident, but not always. It may also be legislated, or strongly encouraged as part of membership in an industry association. An organization may just be proactive and choose to raise their standards on their own (wouldn't that be something!). Whatever the motivation might be resources are rallied behind the decision and implementation begins in earnest.
Step 2: System elements are mapped to existing functions and activities
The next step usually involves learning about the chosen system standard followed by a reductive analysis where each part of the system is divided up and mapped to existing functions and activities within the organization. This is a component-first approach as compared with a system-first approach. The goal of the component-first approach is to divide and conquer, utilize existing practices, identify and address procedural gaps, and realize early wins (i.e. low hanging fruit). All of these goals are good in and of themselves. However, together they seldom lead to an operational system as we soon shall see.
Step 3: Company focuses on the elements and loses sight of the system
After the elements have been incorporated into the organizational structure sight of the system and the original purpose is often lost. People go back to their "day jobs" and management processes take on the task of managing the various parts of the compliance system. Reports and scorecards are updated to add such things as key performance indicators, and objectives. It is here that we can start to see the "dilution of compliance." This is the forest for the trees problem.
The failure in implementation (which is to come) was not performing the "synthesis" step to work on the interactions of the elements to function as a whole. The performance of compliance systems depends on how the parts interact, not on how the parts perform separately. The parts on their own can never fulfill the purpose of the system. This lack of understanding now sets in motion the "dilution process". Failure is soon to follow.
Step 4: The system fades away and only the elements remain
The "dilution of compliance" process is now at work. The compliance system as a whole is now lost and perhaps was never really there since it was never implemented. Only the parts and probably only some where incorporated, many just were lost in action management systems.
This can be observed by the lack of accountability for the system expressed in the organizational structure. There is no person who has the scope, authority, or resources to contend with ensuring that the overall system is operational and is performing at the levels needed to improve outcomes. At best silos exist for the elements, at worst, the components are fractionated, and dispersed beyond their ability to produce any real value towards system outcomes.
Step 5: With the system out of sight even the elements start to fade away as people forget why they were even there
The dilution of compliance is now complete.
We might still believe that if we double down on audits we might get back to having an operational system. The problem is that we never had one to begin with and dynamics have been set in motion to produce failure. It's just a matter of time.
Here is a video animation that stitches all these steps together:
When an incident comes (and it will) you will ask yourself how it happened. You will launch an investigation, review findings, and mandate corrective actions. You will try to fix the problems unknowingly with the same behaviours and practices that caused the failure to begin with. You will try to fix the parts of a system rather than the system itself. What makes it worse is that you never had an operational system to start with.
This is the trap that many organizations are caught in which we call The Reactive Uncertainty Trap.
The good news is that you don't need to repeat this pattern. You can escape this trap and achieve a much better outcome.