System Safety: Seven Friends of Intervention

In this short series, I highlight seven foes and seven friends of system safety, both for explanation and intervention. Each is a concept, meme, or device used in thinking, language, and intervention (reinforced by more fundamental foes that act as barriers to thinking).  They are not the only foes or friends, of course, but they are significant ones that either crop up regularly in discussions and writings about safety, or else – in the case of friends – should do.

In this post, I outline seven friends of intervention. To keep it short (because I usually intend that, but rarely succeed), I limit each explanation to an arbitrary limit of 100 words.

In this series:

  1. Seven foes of explanation in system safety
  2. Seven foes of intervention in system safety
  3. Seven friends of explanation in system safety
  4. Seven friends of intervention in system safety (this post)

whereisemil CC BY-NC-ND 2.0

1. Acceptance of uncertainty

Whether one is intervening* to try to understand a situation or intentionally to bring about change, it is important to accept that one probably does not and cannot fully understand a complex situation or sociotechnical system. Once one accepts this, unwarranted confidence reduces, and the need for competency, time, and information becomes clearer. With competency, time, and information, the form of practical arrangements for understanding the system at all stages of its lifecycle become clearer, including during implementation, where surprises that result from intervention actions will tend to emerge.

2. Competency, expertise and involvement 

If you want to intervene in a system, you need expertise in system safety. It is astonishing how often this simple fact is neglected. Suitably qualified and experienced persons (SQEPs) are needed with recognised multidisciplinary competencies and perspectives, such as from safety science, safety engineering, human factors/ergonomics, psychology, anthropology, and related disciplines. Such expertise is often missing (e.g., HF/E competency in healthcare). And of course competency is needed from those who do the work. Learning teams and action research are examples of the use of competency in intervention.

3. Research

When intervening in a system for understanding or intentional change, an important initial step is to get knowledge. For system safety, this may include original research for new knowledge, or summaries, reviews or syntheses of existing sources of knowledge. The knowledge may relate to a topic within a safety-related discipline (e.g., in scientific journals), a sector (e.g., aviation, healthcare), or an organisation (e.g., history of interventions). In system safety, this important step is often missing in practice, resulting in ineffective interventions. Greater attention to research provides data, concepts, theories and methods to guide practice, benefiting safety and effectiveness more generally.

4. Listening and observing

Two fundamental methods for understanding systems are observing people at work and listening to people talk about their practice – how and why they intentionally make and transform the world – including the context of practice. These activities, while often lacking in practice, are vital to increase congruence between work-as-imagined and work-as-done, via appropriate alignment rather than simple compliance. Accepting the equivalence of failure and success in terms of their origins in ordinary work, we try to understand not only unusual events, but work in all its forms, whether the outcome is expected or unexpected, wanted or unwanted.

5. Human-centred, activity-focused design 

Human-centered design (HCD, e.g. ISO 9241-210) is a design philosophy and process that aims to align systems with human needs. It is relevant to anyone involved in the design or modification of procedures, equipment, or other artefacts. HCD requires that stakeholders are involved throughout design and development, which is based on an explicit understanding of people, activities, tools, and contexts. The process is refined by iterative user-centred evaluations and learning cycles. A strong focus on activities helps to understand not only how the world should adapt to people, but how people adapt to the world.

6. Multiple perspectives and thick descriptions

There tend to be multiple perspectives on situations, events, problems and opportunities. Each may be partial, but together can give a more complete picture. Shifting between different perspectives illuminates different experiences, perceptions and understandings, and how these interact. Different aspects of systems and situations come to light, along with the trade-offs, adjustments and adaptations that are or were locally rational. Multiple perspectives help generate thick descriptions of human behaviour. Facts, along with commentary and interpretations, explain work-as-done in context, such that it becomes more meaningful to an outsider, and possible implications of situations and proposed ‘solutions’ come to the surface.

7. Systems methods

Systems methods help to understand system boundaries, system structure, and system interactions across time and scale. They can make patterns of system behaviour visible, and can reveal previously unknown or unforeseen influences and interactions between parts of the system. Methods can be used for describing, analysing, changing, and learning about situations and systems. Common methods include system maps, influence diagrams, causal loop diagrams, multiple cause diagrams, stock and flow diagrams, activity theory/systems, FRAM, AcciMaps, and STAMP, among others. Such methods can help to go ‘up and out’ to the system context instead of just ‘down and in’ to components, ‘causes’, or events.

* A note on intervention: The term intervene comes from the Latin intervenire, from inter- ‘between’ + venire ‘come’. To intentionally try to understand a situation, or take action to change it (e.g., improve it or prevent it from getting worse) is to intervene. While there may be no intention to change a situation while observing or measuring, that is very often an unintended consequence. 

If you want to learn more about how complex systems fail, in the most concise and easy-to-digest form, read this by read Richard Cook.

Posted in Human Factors/Ergonomics, Safety, systems thinking | Tagged , , , , , , , , , , , , | 1 Comment

System Safety: Seven Friends of Explanation

In this short series, I highlight seven foes and seven friends of system safety, both for explanation and intervention. Each is a concept, meme, or device used in thinking, language, and intervention (reinforced by more fundamental foes that act as barriers to thinking).  They are not the only foes or friends, of course, but they are significant ones that either crop up regularly in discussions and writings about safety, or else – in the case of friends – should do.

In this post, I outline seven friends of explanation. To keep it short (because I usually intend that, but rarely succeed), I limit each explanation to an arbitrary limit of 100 words.

In this series:

  1. Seven foes of explanation in system safety
  2. Seven foes of intervention in system safety
  3. Seven friends of explanation in system safety (this post)
  4. Seven friends of intervention in system safety
heathrow 1

Tim Caynes CC BY-NC 2.0

1. The [degraded] system

The ‘system‘ in system safety does not operate as designed or as prescribed. It is neither fully understood nor fully understandable, and only slithers of performance can be measured. There are degraded resources (staffing, competencies, equipment, procedures, time) and – often – inappropriate constraints, punishments and incentives, whose effects are not as imagined. There are also gaps between these elements of the system, and people – the flexible system element – have to stretch to bridge these gaps, resolving the unforeseen pressures and dilemmas that result. While we are mostly successful, sometimes the reality of the system surfaces in unwanted ways.

2. Goal conflicts 

Safety is just one of several goals, among cost-efficiency, productivity, capacity, security, and environmental factors such as noise and emissions. Safety is rarely of highest priority in any permanent sense. Instead, there are almost always conflicts or tensions between goals, presenting stakeholders with dilemmas. As situations change over time, different goals and relative priorities will be perceived differently by different individuals and groups. Goal conflicts will also look different in hindsight, when one has access to more information, including the outcome. While the solutions to goal conflicts may seem ‘obvious’ looking back, they were gambles when looking forward.

3. Work-as-done

We often base safety-related work on work-as-imagined, -prescribed, and -disclosed. In doing so, we often neglect the real thing – work-as-done. Work-as-done is what people do to meet their goals during expected and unexpected situations. It is characterised by patterns of activity to achieve a particular purpose in a particular context. It may look messy, but in fact it is the environment that is messy. The work is adaptive. Work-as-done varies between people and situations, and much of it is in the head. So any understanding – gained via listening, observing, recording, and modelling – will only ever be partial and approximate.

4. Trade-offs and adjustments

People work not in order to ‘be safe’, but to meet demands. Constant performance adjustments and trade-offs are required order to meet variable, unpredictable demands, and to resolve goal conflicts. When we look at human performance, even when simply walking in a crowd, all we do is adjust and adapt to a dynamic, uncertain environment. We have to make trade-offs and choose among (often sub-optimal) courses of action, and make adjustments to our plans and responses as situations unfold. This is mostly very successful, and needs to be understood from an inside perspective, whether the outcome is as expected or not.

5. Local rationality

Work-as-done is guided by the local rationality principle: people do things that make sense to them given their goals, the evolving situation, and their understanding of it at a particular moment. Our rationality is not only bounded by human limitations, complexity, and time available, but local to the situation and our experience. Everyone has their own local rationality. We need to understand how people make sense of situations and how they choose to act. This requires empathy and careful discussion and observation to understand work-as-done (in the head and the world) and what helped and hindered it.

6. Interactions and patterns

In a system, everything is connected to something. While we often attend to components, it is the nature of interactions, along with goals, that characterises the system. These interactions – between human, social, organisational, regulatory, political, technical, economic, procedural, informational, and temporal components – should be a focus of attention, whether considering the past, present or future. Viewing the system as a whole, emerging patterns of activity – including flows of activity and information – become evident. These wanted and unwanted patterns can be understood using systems methods, which help to reveal influence in the system, and possibilities for intervention.

7. Strengths and assets

Systems operate successfully, for the most part, because of strengths and assets in the system (especially human strengths such as flexibility, creativity, learning, collaboration, pattern recognition, curiosity, insight, and perspective-shifting). Strengths and assets are often almost missing from system safety research and practice. In any discussion or analysis, we should start with what’s strong, not what’s wrong. Instead of focusing only on perceived deficiencies, we must find out what capacities ensure that system goals are balanced appropriately. If we don’t explicitly appreciate what we have, how can we know if interventions – including efficiency-focused cut backs – are wise?

If you want to learn more about how complex systems fail, in the most concise and easy-to-digest form, read this by read Richard Cook.

Posted in Human Factors/Ergonomics, Safety, systems thinking | Tagged , , , , , , , , , , , , , , | Leave a comment

System Safety: Seven Foes of Intervention

In this short series, I highlight seven foes and seven friends of system safety, both for explanation and intervention. Each is a concept, meme, or device used in thinking, language, and intervention (reinforced by more fundamental foes that act as barriers to thinking).  They are not the only foes or friends, of course, but they are significant ones that either crop up regularly in discussions and writings about safety, or else – in the case of friends – should do.

In this post, I outline seven foes of intervention. To keep it short (because I usually intend that, but rarely succeed), I limit each explanation to an arbitrary limit of 100 words.

In this series:

  1. Seven foes of explanation in system safety
  2. Seven foes of intervention in system safety (this post)
  3. Seven friends of explanation in system safety
  4. Seven friends of intervention in system safety

Michael Coghlan CC BY-SA 2.0)

1. Haste

When responding to an unwanted event, there is often an urge for urgency to choose a solution. This meets a need to reduce anxiety associated with uncertainty. It often results in premature choice of intervention, without properly understanding the problem situation(s), the system components, interactions and boundary, and the context, and without considering other possible interventions. Effort is then focused on implementation, bringing relief that something is in progress. The intervention itself may be built on false assumptions about the problem and the evolving system in which it exists or existed.

2. Overreaction

A single unwanted event (such as this example), set against perhaps tens of thousands of successes, can trigger a system-wide change that makes work harder for many stakeholders, and perhaps riskier. When overreaction and haste are combined, efficiency is favoured over thoroughness, and critical understanding is missing. Secondary problems are common, and may well be worse than the original one. Because risk assessments often have a component focus, the secondary problems are not foreseen. The result can involve large compensatory adjustments.

3. Component focus

System safety concerns interactions between micro, meso and macro components or elements of socio-technical systems – human, social, organisational, regulatory, political, technical, economic, procedural, informational, and temporal. Everything is connected to and influences something. The system is more than the sum of its parts, and does something that no component can do. But organisations are formalised around functions and silos, and interventions are often at the level of components, instead of interactions and flows. Acting on individual components blindsides organisations to the interactions between components, suboptimising the system by changing system-wide patterns, and creating unintended consequences elsewhere.

4. Over-proceduralisation

Work-as-prescribed – rules, procedures, regulations – is necessary to guide work-as-done and keep variation within acceptable limits. But work can rarely, if ever, be completely prescribed. Work-as-done takes work-as-prescribed as a framework for human work, adjusting and adapting to situations, drawing from and connecting disparate procedures, in a dynamic and creative way. But from afar, there can be a fantasy that work-as-done and work-as-prescribed are closer than is the reality, and nailing down more details and tightening regulatory requirements is a favoured intervention strategy. The result is more pressure and fewer degrees of freedom for necessary human performance adjustments.

5. Scapegoating

Blame – whether individual- or system-focused – is a natural human tendency following unwanted events or situations, in all aspects of life. Feeling or assigning some moral responsibility is natural and – in some cases – necessary. It is fundamental to the rule of law, especially to prevent or punish intentional affliction of harm. But scapegoating singles out and mistreats a person or group for unmerited blame. This relates to component focus, above, since one component is unfairly blamed. The result may satisfy outrage or displace responsibility, without solving a wider or deeper problem, leaving the system vulnerable to similar patterns of dysfunction – a moral and practical problem.

6. Never/zero thinking and targetology

Never/zero thinking and targetology involve conflating a measurement and a goal, (or anti-goal, in the case of accidents). With never/zero thinking, the implication is that there can be zero harm/zero accidents, while non-zero targets may refer to a maximum number of unwanted events in a given time frame, often with consequences for breaches. One intention is to motivate people to be safe and to avoid accidents. This misunderstands the nature of accidents, measurement, and human motivation. Unintended consequences tend to be hard to see from afar (e.g., under-reporting), resulting in blunt-end Ignorance and Fantasy, perhaps reinforced by green-light dashboards.

7. Campaigns

Organisational campaigns are a favoured top-down means of change, often triggered by new management. They are characteristic of the ‘done to’ and ‘done for’ modes of change and may concern, for example, safety culture, error management, team/TRM training, ‘hearts and minds’, behavioural safety, or high reliability organisations. This is often done via external training consultants. Unless the activity helps to understand work-as-done (including the messy reality) in the context of the system as a whole, the effects visibly wear off shortly after the campaign ends. Staff know this dynamic well; it has been done to/for them many times.

A note on intervention: The term intervene comes from the Latin intervenire, from inter- ‘between’ + venire ‘come’. To intentionally try to understand a situation, or take action to change it (e.g., improve it or prevent it from getting worse) is to intervene. While there may be no intention to change a situation while observing or measuring, that is very often an unintended consequence. 

If you want to learn more about how complex systems fail, in the most concise and easy-to-digest form, read this by read Richard Cook.

Posted in Human Factors/Ergonomics, Safety, systems thinking | Tagged , , , , , , , , , , , , | Leave a comment

System Safety: Seven Foes of Explanation

In this short series, I highlight seven foes and seven friends of system safety, both for explanation and intervention. Each is a concept, meme, or device used in thinking, language, and intervention (reinforced by more fundamental foes that act as barriers to thinking).  They are not the only foes or friends, of course, but they are significant ones that either crop up regularly in discussions and writings about safety, or else – in the case of friends – should do.

In this post, I outline seven foes of explanation. To keep it short (because I usually intend that, but rarely succeed), I limit each explanation to an arbitrary limit of 100 words.

In this series:

  1. Seven foes of explanation in system safety (this post)
  2. Seven foes of intervention in system safety
  3. Seven friends of explanation in system safety
  4. Seven friends of intervention in system safety

Ken Douglas CC BY-NC-ND 2.0

1. Human-error-as-cause

‘Human error’ is a vague, ambiguous and poorly defined bucket concept that tends to combine psychological variables (such as intention and expectation) and outcome variables (unwanted, by someone). From a psychological perspective (concerning departures from one’s own intentions or expectations), the concept is less problematic, but focuses on the head to the expense of the world. As an explanation in a complex system, the concept it widely misused and abused, especially to infer causation. 

2. Causal chains

The idea of causal chains, including domino or ‘5 Whys’ approaches, implies a linear ordering of cause and effect. Causal chains force people to think of complex socio-technical systems as if they were ordered technical systems, with clear, linear cause-effect relationships between components. In reality, complex socio-technical systems are defined more by non-linearity, temporariness of influence, and emergence.

3. Root cause(s)

At face value, the idea of a root cause “that, if removed, prevents recurrence” is obviously nonsensical; why-because arguments can go on ad infinitum. The oft-used stopping point “that management can control” is convenient and easily abused.  The concept encourages the idea of a single root cause, ignoring causal loops, emergent, synergistic or holistic effects, and often even multiple, jointly necessary, contributory causes. It is, of course, an efficiency-thoroughness trade-off by the analyst, but hidden behind an illusion, that going ‘down and in’ will get you to the ‘real cause’, which is actually a social construction. 

4. Causes, generally

The way we think of ’causes’ in the analysis of complex work situations is often at odds with the conceptual and theoretical basis of causation. While the concept may seem unproblematic when it comes to physical cause-effect relationships, such as a hand pressing a button or pulling a lever, the same cannot be said for relationships involving less visible, less tangible system components. As one goes up and out into the system and context or environment, or – at a psychological level – down and in to the human mind, it more advisable to refer to interaction and influence.

5. Loss of situation(al) awareness/crew resource management

‘Situation(al) awareness’ is an aggressive concept that emerged from the pilot community, and subsequently human factors engineering, before taking on a life of its own, gobbling up more useful and theoretically valid concepts with long histories in psychological research, and which better define and specify the cognitive processes. CRM has a similar heritage. Both are often used counterfactually as a proxy for ‘human error’, individually or collectively. In the case of loss of SA, it refers to the ‘loss’ of awareness – of past, present, or future (!) – with implications for individuals and system safety.

6. Violations

The term ‘violation’ has an intensity of connotation and implication that – especially in the context of its more common uses – makes it inherently violent. It is one of a few terms in safety that tends to prejudge and label work behaviour without really understanding why work-as-done is not always in accordance with work-as-prescribed, and very often is not and cannot be completely so. Rather than truly understanding these differences, we tend to classify the violations. The term itself acts as a barrier to discussion and reporting of messy reality situations. 

7. Monolithic explanations, generally

Monolithic explanations act as proxies for real understanding, in the form of big ideas wrapped in simple labels. The labels are ill-defined and come in and out of fashion – poor/lack of safety culture, lack of CRM, human error, loss of situation awareness – but tend to give some reassurance and allow the problem to be passed on and ‘managed’, for instance via training and safety campaigns. Often, the same term in reverse may be used to ‘explain’ success, meaning that almost all wanted/unwanted outcomes are due to the same one thing, absent or present.

If you want to learn more about how complex systems fail, in the most concise and easy-to-digest form, read this by read Richard Cook.

Posted in Safety, systems thinking | Tagged , , , , , , , , , , , | Leave a comment

HindSight 28 on Change is out now!

HindSight Issue 28 is now available in print and online at SKYbrary and on the EUROCONTROL website. You can download the full issue, and individual articles. HindSight magazine is free and published twice a year, reaching tens of thousands of readers in aviation and other sectors worldwide. You will find an introduction to this Issue below, along with links to the magazine and the individual articles.


“Welcome to Issue 28 of HindSight magazine. The theme of this Issue is ‘Change’. Changes in aviation – in organisations, in industry and in society generally – affect us all, and can affect the safety of air traffic management. The pace of change is increasing. Change is necessary to adapt to the changing world, and we need to adapt to these changes as individuals, teams, and organisations. In this issue, we have articles from the front-line, as well as from safety, legal, leadership, human factors and psychology specialists. All HindSight articles are written and selected to be interesting and useful to the primary readers of HindSight: air traffic controllers and professional pilots, and hopefully to all others who support operational work. Let us know what you think about this edition and about the magazine in general. And tell your colleagues about it, whether the paper version or HindSight online, at SKYbrary. If you need more copies for your Ops room, then please let us know. This Issue starts with a section on the nature of change and some fundamental issues and implications. The following sections consider various types of changes, to airport operations, equipment and tools, airspace, procedures and traffic flows, jobs, and laws and regulations. The regular feature on ‘Views from Elsewhere’ includes articles from shipping, healthcare, banking, and psychotherapy for front- line professions. The articles cover many different types of change: large and small, systemic and individual, long- and short-term, obvious and subtle. The authors address a number of questions, such as: Why is there a need for change? What needs to change? Who makes changes, for whom? How should changes occur? When should change occur, and over how long? What influences whether change is successful, or not? What happens after change? How do we adapt to changing situations? Throughout, there is an emphasis on front-line involvement in change. The next Issue of HindSight is on the theme of ‘Goal Conflicts and Trade-offs’. Safety is the focus of this magazine and is obviously critical to air traffic management, but it is one of several goals, including cost-efficiency, CO2 emissions, noise, capacity, and security. How do these goals interact? What kinds of trade-offs are made as a result? Let us know, in a few words or more, for your magazine on the safety or air traffic management – HindSight.”

HindSight 28 Articles




Fundamental Issues

Changes to Airport Operations

Changes to Equipment and Tools

Changes to Airspace, Procedures and Traffic Flows

Changes to Jobs

Changes in Law and Regulation

Change Management

View from the Air

Views from elsewhere

In Conversation

Online Supplement

See all editions of HindSight magazine

Posted in Human Factors/Ergonomics, Safety, systems thinking | Tagged , , , , , , , , , , | Leave a comment

Work and how to survive it: Lesson 3. Encourage the whole self

Much of my practice is informed by counselling and psychotherapy as well as humanistic psychology more generally. One of my problems with these fields, however, is that insights and discussions are largely kept within the world of psychotherapy. What a waste! The vast majority of people are not engaged in psychotherapy and for the most part, psychotherapy pays little attention to applying itself to the mundane issues of everyday life, outside of counselling rooms. This is the third in a series reflecting on excerpts from Life and How To Survive It, by the psychotherapist Robin Skynner and the comedian John Cleese, with some reflections on work and organisations. 

Posts in the series:

Systems thinking and humanistic psychology have something important in common: holism. In Lesson 2, I noted that we need to look at the whole of work when it comes to understanding safety, and not just the relatively small fragments of failure. This has been a theme of other posts. In the whole picture, I reflected on the need for multiple perspectives in order to move toward a more holistic understanding of a given situation or system. In organisations and the ghosts of failures past, present and yet to come, I reflected on how failure is a partial and ineffective form of feedback, when used in isolation of the work as a whole. But there is a third aspect to this, which is our whole selves.

In Life and How To Survive It, Robin and John talk about very healthy people, and families:

Robin … The better I’ve come to understand these findings, the more I’ve come to think that healthy people live more fully because they’re able to use more of themselves. They seem able to handle comfortably parts of their personality that more ordinary, mid-range people are scared of, and therefore suppress, keep under tight control, keep the brakes on. I once suggested to the Timberlawn researchers that perhaps one big difference in very healthy people is that they can be more comfortable with their ‘madness’ than the rest of us. But of course, for them it isn’t ‘madness’, but just the wilder, more spontaneous reactions that we keep under tight control in case they get out of hand. They can handle it all, and put it all to use. (p. 29)
John … my experience of therapy is that the bits of myself I thought were ‘slightly strange’, and therefore better kept nailed down and out of sight, turned out to be just those qualities I needed and always thought I lacked.

John asks Robin about how this might relate to upbringing.

Robin It’s presumably because there’s been so much trust and confidence and mutual support. When you’re given a lot of freedom and encouragement, yet also feel contained and supported, you learn to express your energy outwardly, fully and freely, without fearing the consequences.

In this post, I look at the issue of the whole self through three lenses.

Gifts, skills and passions

As a child and teen I was a writer, an observer, a listener, a thinker, and an artist. If my mother were alive today, she would say that these were my ‘gifts’. Over time, I became interested in people, relationships, and experience, and decided to study psychology instead of art and design. After graduation, I became interested in work in particular, and began work in human factors and ergonomics.

What I found, working in very technical safety-critical contexts, was that the work was not very ‘human’. Most of my work, and that of my colleagues, was very analytical – reducing humans to components (factors of humans) and analysing their micro-interactions via cognitivism and engineering. The ‘person’ was not really relevant. In effect, some of the five postulates of humanistic psychology were sacrificed.

I spent many years analysing (breaking down) failure (see Lesson 1) and analysing micro-interactions with other people, and (especially) technology and procedures. I became skilled at this, and turned this work into a PhD.

But didn’t get much joy or meaning from it. It was a skill, but not a gift or passion. Over the years, as a practitioner and academic, I became dissatisfied with human factors and safety, and decided instead to train as a counsellor. During the training, I found that, really, I was distressed at discarding so much of my whole self at work for the sake of a skill. It is only in the last few years that my natural gifts and passions have been fully brought to my work in human factors and safety.

I know that many people feel or have felt similarly restricted at work, lacking the opportunity to express anything other than narrow aspects of their selves. Many people have gifts and passions but no opportunity to exercise them, perhaps because they are not known, or not valued enough to create space for them to flourish.

What are your first memories as a child when you remember yourself feeling joy? What were you doing? The chances are you were engaged in a passion, using and perhaps giving your natural gifts. There would have been sheer pleasure in the doing. Left to our own devices, as children we would often do the things that came naturally to us. Looking back on our lives in this way can give us insight into our natural strengths, interests and abilities.

Image: clement127 CC BY-NC-ND 2.0

Norms and subpersonalities

In work, as in families and in other social contexts life, we tend to split ourselves off into different ‘selves’, comparable in some ways to sub-personalities (see Rowan, 1990). Subpersonalities are found in many approaches to psychotherapy and can be seen as patterns in the way we perceive, feel, behave, see ourselves and bring aspects of ourselves into particular situations.

We may experience ourselves, and others may experience us, quite differently in different contexts: work, partnership, family, friendship, alone, etc. Of course there are some ways of behaving that are more appropriate for certain contexts, and we understand these norms. Walking on a beach in a bikini or swimming trunks is completely unremarkable. Walking down the high street in the same clothing is highly irregular!

But in our desire to keep our many selves separate, we can form rigid boundaries around expression and experiencing, restrict our way of being in accordance with expectations, norms, roles and stereotypes, to the detriment of performance, well-being, and joy.

In a study cited by Skynner, senior nurses (matrons) adopted a strict and fearsome demeanor. This had a function of preventing mistakes and ensuring things were done properly. Student nurses, on the other hand, were more in touch with the playful sides of themselves, while restricted from exercising responsibility. We can become trapped in particular roles and ways of being, suffering dissatisfaction because we can only express parts of our selves.

This has a parallel, I think, for many in that their ‘professional self’ crowds out other aspects of their self. This phenomenon seems to be increasing, especially with technology and social media, to the point that, for some, the professional self is at the forefront of much of one’s experience. 

Congruence and full functioning

In some ways, this resonates with Carl Rogers’ notion of realness, congruence, genuineness or authenticity. Rogers – a pioneer in the person-centred approach to counselling – emphasised the need for congruence in the therapeutic relationship, and more generally. “By this I mean that when my experiencing of this moment is present in my awareness and when what is present in my awareness is present in my communication, then each of these three levels matches or is congruent. At such moments I am integrated or whole, I am completely in one piece” (Rogers, 1980, p. 15), “without front or façade” (1961, p. 61).

Rogers made many remarks about wholeness in On Becoming a Person: A Therapist’s View of Psychotherapy (1961) and A Way of Being (1980). He said that congruence “is a fundamental basis for the best of communication” (1980, p. 15) and is “a basis for living together in a climate of realness” (1980, p. 160). Rogers encouraged more open expression of feelings, and not acting “as though I were something that I am not” (1961, p. 16).

Also related to the whole self, Rogers wrote about the ‘fully functioning person’. He listed seven characteristics. which we might consider in a work context. To what degree do we feel we can exercise these in a work context, which is, after all, much of our lived experience?

  1. A growing openness to experience
  2. An increasingly existential lifestyle
  3. Increasing organismic trust
  4. Freedom of choice
  5. Creativity
  6. Reliability and constructiveness
  7. A rich full life

We are often not very congruent at work and there can be many barriers to full functioning within professions and organisations. This is especially true in tight knit groups and command-and-control style management regimes. In both of these, there tend to be tight constraints on expression, mostly of the soft, unwritten, unspoken variety. They are observed and often communicated indirectly or unconsciously, or self-imposed based on acculturation. We do need to exercise some sensible limits to our expression. But perhaps we can also have a little more courage to be truer to our whole selves, instead of wearing only the ‘professional’ cloak.

When it comes to my own way of being and my own practice, I feel called to bring more of my whole self and my individuality to my working life. I find that being open and authentic has more advantages than disadvantages. More to the point, it simply feels right, and restricting my expression and self feels unnatural, artificial, and ultimately intolerable. Over time, expressing my true self at work has become less of a choice and more of an imperative. Perhaps being truer to our whole selves at work can allow us to give, and receive, gifts of joy, meaning, connection, and responsibility

Look out on for my conversation with David Murphy on learning form psychotherapy and psychology in a forthcoming post and in HindSight Magazine Issue 28, to be published in February 2019.

Posted in Humanistic Psychology | Tagged , , , , , | Leave a comment

Learning Teams, Learning from Communities

Image: Oliver CC BY-NC-ND 2.0

Over the last decade, I have spent a lot of time listening to operational, technical, specialist, support and managerial staff in small groups around Europe. The conversations – aimed at learning about safety – have changed over the years. What started off as strongly facilitated workshops to interrogate safety culture questionnaire results, became only loosely based on questionnaire results, and more on what mattered to participants, but still with predetermined issues in mind. Finally, the conversations became much more open still. In small groups, we sat in a circle to understand the issues that mattered to the participants, concerning safety and the effectiveness of work more generally. 

This latter transition has occurred alongside an increasing interest that I have developed over the last few years in natural communities. It is rare that organisations and professions try to learn from communities, and yet there is much to be learned from how healthy communities work. 

Descriptions of healthy communities can be found in asset-based community development (ABCD). ABCD is an approach to understanding and developing communities from the inside based on that they have– assets. As well as being asset-based, it is citizen-led, relationship-oriented, place-based, and inclusion-based (Russell, 2017). 

This interest has paralleled the development of Safety-II – learning from ‘what goes’, including how things normally go right, as well as how thing occasionally go wrong (see EUROCONTROL, 2013). Both resonate with a longstanding interest – humanistic psychology, which is more interested in human potentials than deficits.

Having listened to thousands of people in person, what people most often said was critical to safety was relationships with direct colleagues (including direct managers). This is backed up by quantitative data from tens of thousands of completed questionnaires. Years ago, we would gratefully accept this finding, and ask few more questions of it, focusing only on deficits. Now I find relationships to be fundamental assets – just as people said – worthy of much deeper understanding and development.

A major figure in the history ABCD has been Professor John McKnight. He has worked in activist organisations and civil rights agencies, and learned the Alinsky approach to community organising before developing ABCD, along with John Kretzmann. McKnight went on to create university departments to support urban change agents. Another major figure in community development has been Peter Block, known for work on organisation development, community building, and civic engagement. He works on building the capacity of community to value its gifts and see its own possibility. The work has been developed and applied further by Cormac Russell, a faculty member of the ABCD Institute, who has worked with communities in over 30 countries and has brought ABCD to many. Cormac and I have worked together with 20 or so small group Learning Teams, bringing insights from ABCD to working groups.  

In this article, I refer to some of the ideas and writings of ABCD to reflect on Learning Teams, and small group conversations and action more generally in organisations. I highlight four lessons from ABCD for Learning Teams, health and safety professionals, and their host organisations. The lessons do not form a complete set, and there are of course other lessons from outside of ABCD, but I hope that the lessons are of value to those work with Learning Teams, or plan to. 

Lesson 1: Talk about everyday work

ABCD is about everyday life in communities, and the capacities and potentials that exist and are used (or could be used, or extended) to improve community life. Everyday life is rich, with many values, goals and activities jostling for attention. There is no singular focus. Health, safety, security, education, housing, mobility…all are important, all interact, though each can be more important at particular times for different people. 

As we know, workers are often only marginally interested in ‘health and safety’, and even caricature “elf ‘n’ safety gone mad”as a counter against bureaucratic controls. What workers are interested in is work and worklife. When work is viewed in the whole, rather than through the lens of health and safety (or accidents) alone, many things emerge: the patterns, the goal conflicts, the trade-offs, the dilemmas, the messy details, the joys, the successes, the meanings. Holistic discussions inevitably include health and safety, and other things, all of which are inextricably linked. There are benefits to this broader perspective that extend beyond traditional conceptions of health and safety and connect different values.

Lesson 2: Start with what’s strong, not what’s wrong

Health and safety, like many medical specialities, is one of few professions that views what it wants through the lens of what is doesn’t want – what’s wrong or what could be wrong. This is rather like viewing happiness through the lens of misery. We know that we don’t want people to be harmed in accidents. And so we tend to organise around avoidance. Yet we also know that we don’t get what we want by only avoiding what we don’t want. I don’t want to have an accident on the way to work. One way to guarantee that is not to go work. 

In The Careless Society: Community And Its Counterfeits, John McKnight (1995) noted that “The obvious centre of the medical mentality is the focus upon malady, deficiency, disease, and need – the empty half of the glass. Clearly, the empty half is present. And just as clearly, the half full is present.” (p.75). He also made a remark that challenges many ‘helping’ professions: “The medical system needs the empty half. The healthful community needs the full half …The raw material of community is capacity. The raw material of medicine is deficiency.”(p.76). In health and safety, do we need the empty half more than the organisation and workers needs the full half? Perhaps such a ‘need’ is legitimate, as a counter against an organisational focus on efficiency and productivity. But what are the unintended consequences of a deficit-based approach? How does it affect our view of the world?

In Cormac Russell’s (2018) conversation with McKnight on the heritage of ABCD, McKnight remarked that “many people, and even whole institutional systems, live by inaccurate maps; they have incorrect definitions or perceptions of people, places and things. They judge people and events through the labels they assign them, such as “needy”, rather than through observable actions and verifiable accounts.” (p. 84). 

In health and safety, we can fall into the trap of viewing work, those who do the work, and their behaviour, through a deficit lens. This is easy to demonstrate. Take the content and glossary of any safety report, or the minutes of a safety meeting. The language and terms tend to be overwhelmingly negative. And yet, everyday work is mostly rather effective. Our lens reflects a sort of ‘déformation professionelle’ or ‘trained incapacity’ – a tendency to look at things from our limited professional perspective, developed via professional acculturation, means that our abilities function as inadequacies or blind spots (see Shorrock, 2013).

When we view people through a deficit lens, we tend to view them also in terms of their needs, as we imagine them. But our imagination of the work and needs of others is vastly simplified. It is also wrong in important ways. Imagined work and imagined needs is the wrong way to look and the wrong place to start. We need to startwith their assets, as they understand them. This is the startingplace for ABCD, and is a way of thinking that resonates with Safety-II. It is valuable to focus firston what we have and what is working well, including our gifts, skills and passions, which can be illuminated, connected and mobilised in Learning Teams. Starting on an asset footing results in a profoundly different conversation compared with starting on a deficit footing.

The valuable capacities of people, and other assets, that create safetyneed to be illuminated and connected. I find it helpful to start discussions with questions like, “What is going well for you/us in the day-to-day work”, or “If you had to explain to a neighbour why things work well here, what would you say?”I’m trying to understand the assets (relating to people, environments, activities, processes). I’m also interested in what people perceive to be limits of these. If everyone’s answer is very local to their self or immediate team, I’d have more questions to ask about the organisation as a whole.  

Lesson 3: Find ways to cross departmental boundaries

When we think of a ‘team’, we often think of people who routinely work together doing similar sorts of things. When it comes to Learning Teams, this means that people understand their own work and know the relevant health and safety issues. And there will be bonding social capital, bringing trust, commitment, and reciprocity. But people in teams also tend to be more like-minded, and less diverse. There will be unstated assumptions and taboo topics. Drifts in behaviour may be hard to see. There will tend to be pressure to conform (to opinions, beliefs, behaviour patterns, etc) in order to belong. These latter features of teams are, unfortunately, often the enemies of learning. The ‘divisional’ design of organisations can reinforce this. Divisions and departments, and the teams within them, can make it hard to see how our work interacts with that of others.

John McKnight recalled to Cormac Russell a story about John’s ‘County Labrador Retriever Owner Association’, where people and their Labrador dogs got together. One day, someone with a beautiful dog approached the group. The trouble was, it wasn’t a Labrador. It was a German Shepherd. In a delightfully Monty Python-esque scenario, it illustrated something about the often arbitrary boundaries that we create and maintain. In organisations, we tend to organise around function instead of the flow of work and information. 

Teams exist within a much larger, interconnected network, and a flow of work. ABCD would encourage us to think about the boundaries of Learning Teams. Where are the edges? Is there an invitation to the stranger at the edge? Crossing boundaries requires invitation, participation and connection (see Shorrock, 2017). 

In my podcast conversation with Cormac Russell (see Shorrock, 2018), he highlighted roles in ABCD discourse that are important in crossing organisational boundaries. ‘Gappers’ link together functions and people at the edges or boundaries, often quite purposively. ‘Connectors’ connect individuals in a special and natural way. Connectors are well connected, see the best of others, are trusted & create trust. They believe in community & move around comfortably between different groups. They get joy from connecting people. You can probably identify people with these informal roles in your own workplace or organisations you’ve worked with. They are as important as ‘leaders’, but rarely recognised as such.

In The Abundant Community, McKnight and Block (2010) wrote of community connectors, “we want to elevate and make more visible people who have this connecting capacity. We also want to encourage each of us to discover the connecting possibility in our own selves … The operating question becomes, who are the proven and potential connectors of our acquaintance? Who sees the gifts of local people and figures out ways to share them? Whom do people turn to when something needs to be done on the block? Who are the people who take responsibility for civic events? Who are the leaders of our local associations?” The same questions could be asked in organisations. But do we?

In working with interdisciplinary Learning Teams, Cormac and I asked each person what they appreciated about the sessions. The responses of the 200 or so people were heart-warming, but also sometimes sad. We heard from many people who said that they work in the same corridor, or do work that affects each other, or passing one another daily for years or even decades, and had a conversation for the first time during these small group conversations. 

Lesson 4: Understand first what can be done BY teams

One parallel for Learning Teams in communities is ‘Listening Tables’ of neighbours and their representative associations, and institutions that want to become friendly with communities. McKnight and Block (2010) remarked that“these initiatives can create a dialogue that begins to redefine the powers and responsibilities of institutions and communities. This dialogue can be framed by three questions: First: What functions can neighborhood people perform by themselves? Second: What functions can neighbors achieve with some additional help from the institutions? Finally: What functions must institutions perform on their own?” 

They go on to say that “the order of these questions is very important. It shows that the basic productive force is the local community. What citizens can do for themselves is the primary question. What institutions can do is a secondary question. A neighborhood doesn’t know what it needs from outside until it is clear on what is has inside.” This message is echoed by Russell (2019), using the question of change done BY, WITH, FOR, and TO people.The question of agency and power in health and safety is important. If we start by asking what can be done TO or FOR people, rather than BY people, we end up disempowering them.

Just as systems and professionals cannot provide health and safety for communities, health and safety professionals cannot provide health and safety for workers. Safety is created at many levels of organisations, and by startingwith what health and safety professionals can do, we end up colonising health and safety, perhaps creating and even believing an illusion that only the professional has the capacity to create safety. As McKnight (1995) remarked, “As you are the problem, the assumption is that, I the professional service, am the answer. You are not the answer. Your peers are not the answer. The political, social and economic environment is not the answer. Nor is it possible that there is no answer. I, the professional, am the answer.”(p.46). 

McKnight went on to say that “the disabling function of unilateral professional help is the hidden assumption that ‘you will be better because I, the professional, know better’”.

He identifies a second disabling characteristic of professionalised remedial assumptions as the remedy defining the need. “As professionalised service systems create more elegant techniques and magnificent tools, they create an imperative demanding their use.” (McKnight, 1995, p.47). By making workers the subjects of systems, rather than co-creators, we disable their capacities – gifts that are essential to health and safety, and effectiveness more generally.

Health and safety professionals, and organisations, can help learning teams by creating space and time for them to convene, illuminate what’s going well, document their dilemmas, state what they want, and what they can offer.

Summing up

I find it hard to think of a more important aspect of organisational life when it comes to health and safety, and effectiveness more generally, than small group conversations and action. Learning Teams are nothing new in this regard (being similar to action learning) but there are some useful orienting insights to be had from fields such as community development. To sum up:

  • talk about everyday work
  • start with what’s strong, not what’s wrong
  • find ways to cross departmental boundaries and get multiple perspectives
  • understand first what can be done BY teams.

Our recent feedback from around 200 people, is that Learning Teams, integrating insights from Asset-Based Community Development, can: 

  • help better understand one’s own work
  • introduce new perspectives on problems and opportunities
  • illuminate the work of others, and how it interacts with one’s own
  • introduce colleagues to one another
  • foster a sense of inclusion, and 
  • give hope and optimism. 

These outcomes relate to health and safety, but go further still to help focus on what matters to those who do the work, to make work as effective as possible and worklife as fulling as possible.


EUROCONTROL (2013, September). From Safety-I to Safety-II. A White Paper. Brussels: EUROCONTROL Network Manager. Retrieved from

McKnight, J. (2008). The careless society: Community and its counterfeits. Basic Books. 

McKnight, J. and Block, P. (2010). The abundant community: awakening the power of families and neighborhoods. Berrett-Koehler Publishers.

Russell, C. (2017). Asset-based community development – 5 core principles. Retrieved from

Russell, C. (2018). Asset based community development (ABCD): Looking back to look forward. Cormac Russell.

Russell, C. (2019). Four modes of change: to, for, with, by. HindSight, Issue 28, Winter 2018-2019, EUROCONTROL: Brussels. Forthcoming at

Shorrock, S. (2013). Déformation professionnelle: How profession distorts perspective. [Blog post]. Retrieved from

Shorrock, S. (2017). Editorial: Invitation, participation, connection. HindSight, Issue 25, Summer 2017, EUROCONTROL: Brussels. Retrieved from

Shorrock, S. and Russell, C. (2018). Learning from communities: a conversation with Cormac Russell. Retrieved from

Posted in Humanistic Psychology, Safety, systems thinking | Tagged , , , , , , , , , , | Leave a comment