Eventually, we will all be poets and philosophers.
As technological progress continues, and the routine or mechanical aspects of jobs become automated, what will employers be paying their employees to do? The simple answer is, “Employees will continue to do the tasks that can’t be automated.”
You may feel that we are a long way from automating everyone out of a job. But if you read books like Martin Ford’s “Rise of the Robots,” you may start to realize that almost everything we need can, and will, be automated at some point. It’s already happening in almost every area of industry. From medical diagnostics to ordering at a McDonald’s kiosk to automated journalism software, the future of job automation is coming quickly.
Every Job’s Key Activity Will Be Making Decisions That Involve Risks
When companies hire employees, they will be looking for measurable value. Optimizing business metrics such as quality, reliability, security, productivity and capacity is becoming easier, as organizations can gather data about not only manufacturing productivity, service use and computer system outputs but employee performance, too.
As employees become more and more of a bottleneck for each management metric of interest to a business, there will be pressure to replace them with an automated system. Before we reach the point of having a guaranteed salary with no manual work required, each business will need to pass through a period in which employees exist in what I call “decision-based job roles” — the last humans left in the organization. The primary purpose of every employee in virtually every job will be to analyze exceptional situations that don’t fit the parameters for automation and then to make a decision. Automation or outsourcing will replace some roles completely, while others will be consolidated into positions with broader responsibilities.
We will increasingly rely on the intelligence and judgment of people with skills and experience in business processes — to produce tangible business outputs but to mediate in unusual or uncertain situations within the processes. When they make an error in judgment, the business may suffer more significant impacts. In other words, there will be little to no room for such errors.
These decisions look a lot like risk decisions. They may not seem monumental, but the most significant risk decisions employees need to make today are whether to click on a link or attachment in an email or whether to follow a requested action from an apparent co-worker. As technologies improve to detect and respond to potential risks in these situations, criminals and malicious nation-states will invest in ways to find and exploit the limitations of those defensive technologies. At some point, a human will need to make a decision that directs a process among several automated (or still manual) workflows or that changes the parameters of a workflow. When the decision uses automation, it will amplify the impact.
The most valuable decisions that future employees will make in the age of decision-based job roles will be whether or not to trust the assertions of other parties (human or systems) or to call for additional non-automated verification methods. Trusting the wrong assertion could be catastrophic, and those decisions must be monitored and corrected as quickly as possible to limit damage.
Real-time Performance Measurement Will Force Compliance Training to Evolve
What do these changes mean for compliance or cybersecurity training programs?
Firstly, compliance training will need to be able to show a return on investment (ROI). For any workflows that can’t be automated, for which humans need to handle information, make decisions or take actions directly, training teams will need to be able to correlate compliance with training. If there is no data on proficiency, the compliance training was a waste of money, except to keep auditors at bay.
Instead, organizations will need to show that any employees who have decision-making responsibilities have taken training that provides them with some proficiency in making those kinds of decisions. This training will include training not only on task-based skills but on foundational skills like diverse hiring, assessing security impacts, or preventing discrimination or harassment.
Secondly, every job role will become more generalized in its need to handle broader risk scenarios that affect the business and its customers, in proportion to the traditional specialties, such as technological diagnostics, design or creative processes. Risk scenarios that provide realistic situations with multiple inputs to evaluate and act upon will be the most difficult to automate, so employees will need to become demonstrably proficient in these scenarios.
Thirdly, rather than having a separate checklist of compliance requirements from each regulatory framework that employees must be trained in, organizations will need to tailor compliance requirements based on their unique characteristics and define job role risk factors with respect to each regulated compliance area. For example, if a job role handles customer information, the compliance training program will need to include not only basic privacy concepts but scenarios relevant to the workflows of that role, integrated with scenarios for information security, discrimination and other important topics.
To achieve compliance in the future, employees will need to be able to do their job within a set of integrated simulations of not only their functional specialty but also the organization’s complex enterprise risk and compliance environment.
Gamified Learning Will Provide a Practical Approach
To successfully address the current and future compliance requirements of decision-based job roles, employees will need to recognize that training and proficiency in areas beyond their specialty are vital to the organization and to their job. We can already imagine the emotions that this understanding will evoke from employees who hate compliance training. How can we tell them it’s about to become a much larger part of their job?
Gamified learning is the best way to ease employees into this new reality. To reach the point where we can teach employees those general risk-based compliance requirements, as well as to exercise their skills and gather proficiency data, we will need to motivate them to not only complete the training but practice the scenarios and demonstrate their success. Fortunately, gamified learning is perfectly suited to providing this kind of experience for employees, and it can align their motivations with the interests of the organization.
To support the ROI calculations the management team needs and provide certainty that the humans are still adding value, we will need to make compliance training more enjoyable using the proven intrinsic and extrinsic psychological drivers found in gamification. With this approach, we will be able to motivate employees to take an expanded and integrated program of foundational training for compliance, awareness and risk management. Ultimately, we will also be able to use the same framework to gather the critical data needed to measure and report on their proficiency.
