An Objective is something toward which a party (its owner) directs effort (an aim, goal, or end of action). Typically, the realization of an objective can be observed in terms of results, e.g. products that have been produced, services that are being provided, a situation or state (e.g. happiness) that has been continued etc. A party that has an objective does not necessarily produce these results itself; it may also seek to realize them in order to use (consume) them - thus, production and consumption of results are the two different perspectives from which an objective can be perceived.
The ownership of the objective is implied: it is the party that owns the knowledge of which it is a part. This party also (consciously or unconsciously) creates, maintains and enforces the rules (rights and duties) that determine how the objective is pursued (managed and/or governed). And it will (consciously or unconsciously) have a means in place to resolve any (internal) disputes that may arise. Thus, the party qualifies as a jurisdiction, the legal system of which has the rules and mechanisms to manage and govern the objectives it owns. The risk associated with an objective is owned by the objective's owner. Typically, parties will also have objectives, the pursuit of which ensures that the overall (residual) risk they bear becomes and remains acceptable.
Objectives cannot be shared, i.e.: have more than one owner. If that were possible, then all owners would necessarily, at any point in time, agree e.g. to whether or not the objective was realized, what risks are associated with it, etc., In other words: when one changes its mind (i.e. changes some attribute of the objective in its knowledge), the same change would necessarily take place in the knowledge of all other owners, which contradicts with the postulate that every party has full autonomy over its knowledge.
In order to communicate its objectives, a party typically uses a text - a description of its intention, the aim, the goal, etc. In practice, people are known to confuse this description with the objective itself, which may cause them to think that two parties shared the same objective because these parties happen to use the same descriptive text. As mentioned before, that's not possible. However, it may be the case that two parties each have an objective that is similar to a very high degree. However, as each party can autonomously change the descriptive text, (the specification of) the results and any other attributes, it is obvious that what might seem to be the same objective is actually a set of (very) similar objectives.
- Organizations (specifically those with a rather large scope of control) are known to classify their objectives according to (business) topics such as finance, (information) security, safety, quality, legal, human resources etc. This allows them to specify objectives that are particular to such topics, and define equally specific management and/or governance processes for their realization.
- Organizations that realize that their departments (and sub-departments) are actually parties that each have their owns set of objectives, may require such departments to specify their own objectives and associated management and/or governance process(es). The organization would, however, need to specify objectives that state what it expects of such departments, and an associated governance process to ensure the expected results are produced.
- Organizations are also known to create objectives for (primary and/or secondary) business processes; such objectives can be grouped around a process, or cluster of related processes, for efficient and effective management. Examples include compliance objectives (i.e. objectives of a compliance process), and risk objectives (i.e. objectives of a risk management process).
- Organizations may classify their objectives using the formalization of objectives (and the governance and management pattern), e.g.
- expectations, i.e. objectives the result of which is consumed, but not produced by the organization. Such objectives are not managed but governed, and hence require communications with the parties that produce the expected results;
- obligations, i.e. objectives the result of which is produced by the organization and consumed by (at least) one other party. Such objectives are managed, and also require communication with the consuming parties, e.g. in terms of advertising the results so that consuming parties will request the produced results, or in terms of responding to parties that request to produce certain results;
- controls, i.e. objectives the result of which is produced and (only) consumed by the organization itself. These objectives must be managed and governed by the party that owns them, and any 'communication' would be between actors of that party.
The ability to distinguish between (non)objectives is relevant as objectives are the drivers behind the reasoning and decisions that parties make, the policies and working instructions that they specify so that its agents know what to do, when to do it, and how to do it. Moreover, objectives are 1-1 associated with risks. Finally, objectives must be known in order to obtain (personal) data according to the GDPR.
An objective is something
- that is owned by a single party;
- toward which its owner directs its efforts: an aim, goal, or end of action - this action is related to the the owner producing the associated results (management) and/or consuming the results (governance);
- that can be realized, and this realization can be seen in terms as the coming into existence/continuation of results e.g. products, services, a situation or state (e.g. happiness);
- that comes with a risk (the severity of which can be expressed in a risk level)
An objective may have additional attributes. Here are some examples (including the multiplicity with which they can occur):
description[0..1]: a descriptive text, typically the size of a sentence or short paragraph, that represents and identifies the objective within the knowledge of its owner.
consumer[0..n]: the set of parties that will be using the results associated with the objective.
producer[0..1]: a party that is committed to produce its associated results.
grouptags[0..n]]: short texts that enable objectives to be grouped, and specific such groups to be treated in a specific way.
ground[0..n]: justification(s) for owning the objective (ground, warrant).
riskLevel[0..1]: the extent of discomfort that the owner of the objective perceives as a result of uncertainties related to the realization of the objective.
resultCrit[0..n]: criteria, used to determine the extent in which the intended delivered/produced/realized results exist.
ffpCrit[0..n]: criteria, used to determine the extent in which results are fit for the purpose(s) for which the consumers will (be expected to) use them.
effCrit[0..n]: criteria, used to determine the efficiency by which the results are produced (performance indicators)
implSpec[0..1]: design specification that describes how the production mechanism of the results will be implemented.
operSpec[0..1]: specification for operating the implemented production mechanism.
maintSpec[0..1]: specification for maintaining the implemented production mechanism.
- generically: anything that, according to a party c.q. its way of thinking, is important to be realized or maintained, qualifies as an objective (and identifies its owner as that party).
- most people have an objective that could be described as "to stay alive".
- the equivalent in organizations is 'continuation of its existence' (many organizations operate 'business-continuity processes' to realize this, and to identify and mitigate any associated risks).
Here is a visual representation of the formalization of this concept, using the following notations and conventions (the figure does not show all of the optional attributes):
Figure 1. Parties and their objectives.
This party may describe the objective, typically in terms of a text (or speech), using its own wording. This description identifies the objective in the context/knowledge of its owner, implying that it may be misinterpreted by others. In particular (and specifically if the description is limited to a single phrase/sentence), parties may (or may not) be right in thinking they have a similar objective, or even erroneously think they share that objective in the sense that they both own the objective, which is not possible in this way of thinking.
Whether or not an objective is realized should be determinable, also by other parties, by the results that must (continue to) exist. Such results can be products that have been produced, services that are (continuously) being provided, a situation or state (e.g. happiness) that has been continued etc. Results are typically auditable, and depending on the kind of result an auditor might establish their existence (and as the case may be: their (proper) design and/or operation). But it is not necessarily the owner of the objective that has produced them, as we shall see.
An objective can be seen from two different perspectives. In the governance perspective, a party ensures that the associated results become (or remain) available so that the party can actually use them. In this perspective, a party does not care who produces the results, nor how they are being produced. We say that the party governs the objective, and will be consuming the associated results. In this governance perspective, a party will typically determine which (possibly other) party will be producing (and/or providing it with) these results. Also, it may think of a fallback scenario, e.g. select alternative producers it may contact in case the producer fails to deliver. However, it can (try to) communicate with the producing party, and see if the properties of the results it requires (so that they are fit for the purposes for which they are going to be used) match the properties of the results that are provided.
In the management perspective, a party ensures that the associated results become (or remain) available by producing them (or obtaining them in some other way), and making them available to (possibly) other parties that will be using them. This means planning (of budgets and other resources, timelines, etc.), specifying the results that it will be producing, organizing (the efficiency of) the actual production, instructing its agents that do the actual production, etc. Managing these results also includes marketing thereof, trying to find parties that will actually want to use them. And it can communicate with (prospective) consumers, and see if the properties of the results it will be producing match the properties required by its customers.
Chaining, Managing and Governing Objectives,
Figure 2: Chaining Objectives - results produced in one objective are consumed in another
The figure shows four parties (Red, Yellow, Blue and Green) and their associated scopes of control. Within these, they owns the objectives (the figure shows 6 objectives owned by red and one for each of the other parties). The figure in the top right hand corner of the rectangle that represents an objective, is the party that the owner of the objective expects to produce the objective's results. It is not necessary that such a party is known all the time (e.g. objective Obj-1a).
- expectations, because such kinds of objectives can only be governed as managing them (i.e. the production of the associated results) is out of their scope of control.
- obligations, because such kinds of objectives must be managed to take requirements into account that make them fit for the purpose that the parties that consume such results want them to serve. This requires communication with such parties to obtain the 'fit-for-purpose criteria' that the results need to satisfy.
- control objectives, because these kinds of objectives are to be governed as well as managed. The process for managing the production and governing the consumption of the associated results are best integrated into a risk management process.