Search
Calendar
June 2025
S M T W T F S
« May    
1234567
891011121314
15161718192021
22232425262728
2930  
Tags
BEA CTO DBunit Devoxx Eclipse EJB Groovy GWT Hibernate IntelliJ IDEA Java JDBC Jetty JMS Jonathan Lalou JSF JSF2 JUnit Kotlin long tweet Maven Maven 2 Maven 3 MS-DOS Mule Mule ESB Oracle Oracle Coherence PyData2024 Python recommendation Security Sonar Spring SQL Tibco TibcoRV Tomcat tutorial Unix VivaTech Weblogic Weblogic 10 XML XSD
Last posts
Archives

PostHeaderIcon Why Project Managers Must Guard Against “Single Points of Failure” in Human Capital

Author: Jonathan Lalou

In the world of systems architecture, we’re deeply familiar with the dangers of single points of failure: a server goes down, and suddenly, an entire service collapses. But what about the human side of our operations? What happens when a single employee holds the keys—sometimes literally—to critical infrastructure or institutional knowledge?

As a project manager, you’re not just responsible for timelines and deliverables—you’re also a risk manager. And one of the most insidious risks to any project or company is over-reliance on one individual.

The “Only One Who Knows” Problem

Here are some familiar but risky scenarios:

  • The lead engineer who is the only one with access to production.

  • The architect who built a legacy system but never documented it.

  • The IT admin who’s the sole owner of critical credentials.

  • The contractor who manages deployments but stores scripts only on their local machine.

These situations might feel efficient in the short term—“Let her handle it, she knows it best”—but they are dangerous. Because the moment that person is unavailable (sick leave, resignation, burnout, or worse), your entire project or company is exposed.

This isn’t just about contingency; it’s about resilience.

Human Capital Is Capital

As Peter Drucker famously said, “What gets measured gets managed.” But too often, human capital is not measured or managed with the rigor applied to financial or technical assets.

Yet your people—their knowledge, access, habits—are core infrastructure.

Consider the risks:

  • Operational disruption if a key team member disappears without handover

  • Security vulnerability if credentials are centralized in one individual’s hands

  • Knowledge drain when processes live only in someone’s memory

  • Compliance risk if proper delegation and documentation are missing

Practical Ways to Mitigate the Risk

As a PM or senior tech manager, you can apply several concrete practices to reduce this risk:

1. 📄 Document Everything

  • Maintain centralized and versioned process documentation

  • Include architecture diagrams, deployment workflows, emergency protocols

  • Use internal wikis or documentation tools like Confluence, Notion, or GitBook

2. 👥 Promote Redundancy Through Collaboration

  • Encourage pair programming, shadowing, or “brown bag” sessions

  • Rotate team members through different systems to broaden familiarity

3. 🔄 Rotate Access and Responsibilities

  • Build redundancy into roles—no one should be a bottleneck

  • Use tools like AWS IAM, 1Password, or HashiCorp Vault for shared, audited access

4. 🔎 Test the System Without Them

  • Simulate unavailability scenarios. Can the team deploy without X? Can someone else resolve critical incidents?

  • This is part of operational resiliency planning

A Real-World Example: HSBC’s Core Vacation Policy

When I worked at HSBC, a global financial institution with high security and compliance standards, they enforced a particularly impactful policy:

👉 Every employee or contractor was required to take at least 1 consecutive week of “core vacation” each year.

The reasons were twofold:

  1. Operational Resilience: To ensure that no person was irreplaceable, and teams could function in their absence.

  2. 🚨 Fraud Detection: Continuous presence often masks subtle misuse of systems or privileges. A break allows for behaviors to be reviewed or irregularities to surface.

This policy, common in banking and finance, is a brilliant example of using absence as a testing mechanism—not just for risk, but for trust and transparency.

Building Strong People and Even Stronger Systems

Let’s be clear: this is not about making people “replaceable.”
This is about making systems sustainable and protecting your team from burnout, stress, and unrealistic dependence.

You want to:

  • ✅ Respect your team’s contribution

  • ✅ Protect them from overexposure

  • ✅ Ensure your project or company remains healthy and functional

As the CTO of Basecamp, David Heinemeier Hansson, once said:

“People should be able to take a real vacation without the company collapsing. If they can’t, it’s a leadership failure, not a workforce problem.”

Further Reading and Resources

Posted in en-US | Tags:

Leave a Reply

(c) 2008 Jonathan Lalou's blog
All Rights Reserved.

Powered by WordPress and WordPress Theme | Host-euro.