Four dangers to defining your organization’s zones of control

Q: “Whose responsibility is it to do this?”
A: “It’s everyone’s responsibility!”

Many organizational problems stem from unclear ownership. It may be unclear which team owns something, whether the supervisor or the employee owns something, or even which University department owns something. Unclear ownership leads to vague expectations, extra meetings to coordinate work, and neglect.

If you clearly articulate who does what and you give people what they need to “own” those areas, people will be happier, managers will need to do less, and the organization is more likely to have positive outcomes.

People will be happier because they know what is expected of them, they have more control over their destiny, and they have a sense of ownership. If you see something wrong, you can fix it. Motivation improves from having ownership.

Managers will need to do less because responsibilities will be clearer. Part of every manager’s job is clarifying who does what. The more responsibilities are “baked into” the organization, the less time managers have to spend defining jobs and the more time they can spend supporting people doing their jobs.

The organization is more likely to have positive outcomes because people know how they contribute to the overall outcomes and have the ability to make independent decisions to improve outcomes. For example, when call center staff are made responsible for customer satisfaction and are given more discretion to help customers (for example by being allowed to give guest network accounts to valid users having network problems), then staff can use their brains to help users (and improve service levels) rather than escalate issues (and make everyone frustrated).

As simple as it sounds to define areas of responsibility, watch out for these four dangers!

The stuff someone clearly owns is called their “zone of control.” For example, if you have a data center, and the Senior Systems Administrator is given responsibility for the data center, then the data center is within their zone of control.

Danger #1: People are told they have a zone of control, but they don’t

If the Senior Systems Administrator is made “responsible” for the data center–the entire data center–then they are going to need control over some things to own that zone of control:

  • Need to own the process for assets entering and leaving the data center
  • Need to own a budget to maintain the data center
  • Need to control access to the data center and to set policy for data center access
  • Need input into the server procurement process (e.g. to review power specifications)
  • Need to be the negotiator with Facilities/Physical Plant/Campus Security
  • Need to be a key player in any pitches to University leadership about data center improvements (at the very least attending the meetings, if not presenting)

Let me clarify some responsibilities that come along with this control:

  • Responsible if the process takes too long to on-board new assets or dispose of new assets.
  • Responsible for working within the budget and making reasoned arguments for any money requests. As they start to budget, if they are given their budget they are responsible for any “surprise” money needs.
  • Responsible to audit for the data center access procedure. Responsible for any impact to service related to inability to access the data center.
  • Responsible for building data center capacity for new power needs.
  • Responsible for data center safety.
  • Responsible for the effectiveness of pitches about data center improvements, including the clarity of the request.

If you scoff at the idea of a Senior Systems Administrator being given this control–especially the budget part, because higher education tends to be particularly controlling about budget codes–maybe the zone of control is NOT “the data center.” Maybe it’s “data center inventory.” But for whatever the scope is, whoever has the zone of control must have control over all the key areas that affect that area. Otherwise, it’s not a zone of control.

All the key decisions that affect a zone of control must be made by the person who owns the zone of control.

Danger #2: “All risk, no reward” approach discourages ownership

The clearer the zones of control, the more you can trace issues to a person. For example, in the above scenario if the data center catches on fire, it will be clearly within the Senior Systems Administrator’s zone of control. However–this model is not designed to give you someone to blame! Blame is not helpful to improving organizational outcomes. Instead, zones of controls clarify who should “own” problems. These problem owners can then work with others as appropriate to understand the problem and then address it.

When organizations are tough on people rather than the process, and you know responsibility is a target on your head, no one wants responsibility. This is an “all risk, no reward” situation–there’s very little in it for you if things go well, and there are a lot of bad things that will happen if things go wrong. In fact, most large organizations have implicit processes that discourage responsibility (e.g. sign-off/review processes). Not coincidentally, large organizations also have a reputation for moving slowly. When no one owns the problems, no one owns the improvements.

By focusing on the problem rather than the people, and relying on the owner of the zone of control for their expertise and breadth of knowledge, you can solve problems more quickly and more effectively and make more informed decisions. You also let people do their best, by allowing them to take independent action to improve their areas.

Be tough on the process but easy on people.

Danger #3: Supervisors do not allow ownership

The person at the top of the organizational chart (let’s say the CIO, for the purposes of this post) owns everything by default. They then delegate zones of control: the Director of Security owns IT security issues; the Director of Infrastructure owns the data center and systems administration; &c. This makes the CIO’s life easier because they do not own everything. Theoretically, those people then further delegate, until everyone has a clear zone of control. However, supervisors can do two things to prevent clear zones of control:

  • Zones of control not clearly delegated ahead of time
  • Zones of control not respected by the supervisor

For the first, supervisors must make a conscious effort to clarify who on their team owns what. If the Help Desk manager has 5 people on their team, what can each of these people be responsible for, and “own” as their zone of control? Remember: if it’s not delegated, the supervisor owns everything. This delegation should be very clear, and respect Danger #1, above. For example, the Help Desk manager could delegate to a senior Help Desk consultant the process for answering phones.

For the second, supervisors must make a conscious effort to reinforce the delegated zones of control. If the CIO is asked an IT security question, for example, they should refer these questions to the Director of Security rather than answering themselves. If the data center budget needs a last-minute fix, the Director of Infrastructure should resist changing the budget but instead find the Senior Systems Administrator (from above) and have them fix it. Supervisors have 100s of opportunities to undermine their delegated zones of control.

Supervisors need to define their delegated zones of control, and respect those zones once delegated.

Danger #4: People do what’s best for their zone rather than what’s best for the organization

As zones of control are defined, people have a gut reaction to protect their zone of control. People should improve their zones of control, but do so thinking about what’s best for the overall organization. What’s best for the University may not be best for some zones. For the trivial case, think budgets. If every zone of control asked for as much money as they could, and got it, then each zone would be doing great but the University would go bankrupt.

People need to work together and make the best decisions for the organization even if it’s not best for their area. For example, it may be most cost-effective or it may provide the highest-quality service to eliminate a data center. That may not appeal to whomever has the zone of control for the data center. However, they need to make decisions that are best for the University, and conversely the University needs to support and encourage people to make the best decisions for the organization. (In this case, the University needs to find new jobs for and potentially promote the people who make these types of tough decisions.)

People should own zones of control but improve them according to what’s best for the overall organization.