A Case In Assessing Your Organisational Culture Risk


That’s how much of our life most of us spend working.1 The only thing we spend more time on is sleeping.

If we spend so much of our life at work, how is it working?

According to the world’s workers, not well.

Gallup finds 60% of people are disengaged at work, and 19% are actively disengaged.

But is that a surprise or a statistical explanation of the obvious?

Work”, according to Oxford Languages, is “activity involving mental or physical effort done to achieve a purpose or result.”

Exerting mental or physical effort to achieve anything is rarely done without stress, worry or pain.

Stress, uncertainty, worry, and some uneasiness will always be a part of the day-to-day job, but the organisation’s bad culture can exacerbate those negative emotions.

So, what makes a job bad?

According to Gallup, one study on burnout revealed the following causes:

1. Unfair treatment at work
2. An unmanageable workload
3. Unclear communication from managers
4. Lack of manager support
5. Unreasonable time pressure

However, one can define “a bad job” as failing to meet an employee’s basic needs, leading to a significant decline in job satisfaction, motivation, and productivity.

Various factors, including poor pay, long working hours, lack of job security, insufficient benefits, limited opportunities for growth and development, high levels of stress, and unsatisfactory working conditions, can characterise a bad job.

These factors can have a detrimental effect on an employee’s overall well-being.

So, what makes a business culture bad?

We know that bad business culture can result in low employee satisfaction, poor job performance, and a negative impact on the company’s overall success.

Various factors can characterise it:

Interestingly, bad organisational culture can also create negative word-of-mouth and reputation, making it harder to attract and retain talent in the future.

Why is it essential for organisations to self-asses their organisation culture risk?

Organisational culture has far-reaching implications for maintaining your organisation’s security integrity, especially regarding Human Insider Threats.

Most organisations move through their business life with little understanding or visibility of how or whether their culture supports their mission and objectives.

Case Study: 

The company in question is a mid-sized financial service firm with approximately 800 employees.

The company has recently experienced a high turnover rate, particularly among younger employees.

Additionally, the company had received negative feedback from clients regarding the quality of service provided.

The leadership team recognised that the culture of the organisation could be contributing to these issues and decided to take action.

Their first step was to identify its existing culture.

This involved a review of the company’s mission statement, values, and strategic objectives. Additionally, the leadership team interviewed employees at all levels of the organisation to better understand the company’s culture.

Through this process, the leadership team identified several prevalent critical cultural characteristics in the organisation.

These included focusing on individual achievement rather than teamwork, a lack of transparency in decision-making, and a high degree of competition among employees.

In the above case study, the organisation took proactive steps to identify its culture before it critically started to impact performance, capability and morale.

In today’s fast-paced business environment, it is more important than ever to clearly understand an organisation’s culture.

Organisations with a healthy culture tend to report above-average results, while those with a toxic culture can significantly negatively impact your organisation’s bottom line.

Despite this, most organisations believe they conduct internal cultural health checks, but what are the pitfalls of doing so internally?

Organisational culture refers to the shared values, beliefs, behaviours, and customs that characterize an organisation and guide the actions of its members. In the context of this article, organisational culture is viewed as a critical factor in determining the overall success of an organisation and its ability to maintain security and integrity.

Obviously, a positive organisational culture can help to foster a sense of loyalty and commitment among employees, promote effective communication, and encourage ethical behaviour.

Conversely, a toxic organisational culture can create an environment conducive to human insider threats and data breaches, which can significantly impact an organisation.

Example: Toxic culture in Uber impacted its ability to innovate and compete

What happened?

In 2017, a former Uber engineer named Susan Fowler published a blog post describing a pervasive culture of sexism and harassment at the company.

Fowler described numerous incidents of sexual harassment and discrimination and a lack of action from the company’s human resources department to address these issues.

Fowler’s blog post quickly went viral and prompted an internal investigation at Uber.

The investigation revealed that the company had a deeply ingrained culture of toxic masculinity, where aggressive behaviour and sexist attitudes were commonplace. In addition, employees who spoke out about this behaviour were often ignored or retaliated against, creating a culture of fear and silence.

What were the consequences?

In addition to the negative press and damage to the brand, the company faced several legal challenges. Several high-profile executives were forced to resign, and the company paid millions of dollars in settlements to employees who had experienced discrimination and harassment. 

The case of Uber provides several important lessons.

One of the key takeaways is the importance of creating a culture of respect and inclusion. By creating a culture that values diversity and encourages respectful behaviour, organisations can reduce the risk of discrimination and harassment.

So, why is conducting an external cultural health check important?

Business culture is considered one of the most critical factors for predicting overall success and internal security.

An external cultural health check conducted by an expert in the field can provide a clear and unbiased understanding of the organisation’s culture.

This understanding is crucial for organisations to identify potential risks to their success and take the necessary steps to address them.

Ignore at your peril

Unfortunately, there are still gaps today where management dismisses the importance of their organisational culture.

Organisations without a clear and unbiased understanding of their culture risk falling behind in a competitive market.

Example: Toxic culture at Capital One caused a data breach that affected 100 million individuals

What happened?

The breach occurred due to a misconfigured firewall in the cloud infrastructure, which allowed the hacker to access sensitive data. However, the breach also exposed flaws in Capital One’s security practices, including inadequate security controls, poor incident response planning, and inadequate oversight of cloud-based systems.

The company’s toxic culture, which emphasised speed and efficiency over security and risk management, contributed to the inadequate security practices and lack of oversight that allowed the breach to occur.

What were the consequences?

The breach exposed the personal information of over 100 million customers, including names, addresses, credit scores, and social security numbers.

As a result, Capital One faced significant financial and reputational damage and had to pay a substantial fine to regulatory authorities.

The importance of understanding your organisational culture 

A positive and healthy corporate culture does enhance employee engagement, increases productivity, and promotes positive outcomes for the organisation.

On the other hand, a toxic organisational culture can lead to low morale, high turnover, and decreased productivity.

More than simply approaching it through Employee Engagement initiatives, a good understanding of the overall culture often amplifies the effectiveness of all other initiatives.

Through an unbiased external assessment, organisations can identify areas for improvement and implement changes to their culture, including things like improving security training and awareness programs.

By doing so, they can mitigate the risks associated with toxic cultures and help prevent breaches like the Capital One data breach from occurring.

A well-executed external organisational culture assessment can also help organisations understand what they currently do to nurture a positive environment and suggest ways of extending these good practices to greater benefit.

Why run an organisational culture assessment?

By introducing an externally run organisational culture assessment, organisations can receive the benefits of an assessment conducted by an independent expert that can provide valuable insights into the organisation’s strengths and weaknesses and help identify areas for improvement.

Running an organisation culture assessment with an external expert can provide numerous benefits.

The process of assessing organisational culture

Assessing organisational culture is a process that helps organisations understand their culture’s current state and identify improvement areas.

In many instances, organisations believe an external culture assessment can provide an unbiased and objective perspective on the organisation’s culture and specific recommendations for improvement.

Methodologies for assessing organisational culture. 

Naked Insider uses several methodologies for assessing organisational culture, including surveys, focus groups, interviews, and observation.

An external culture assessment typically employs a combination of these methodologies to comprehensively understand the organisation’s culture.

The role of Naked Insider in assessing organisational culture

Naked Insider is a leading provider of organisational culture assessments. Our team of experts has extensive experience in assessing organisational culture and providing recommendations for improvement. Our assessments are designed to be thorough, objective, and independent, providing organisations with a clear understanding of their culture and a roadmap for improvement.

In summary, organisational culture plays a crucial role in the success of any organisation. Therefore, a thorough understanding of the culture within an organisation is essential to identify potential risks.

1. According to the Gallup World Poll, the average full-time worker spends 41.36 hours per week working. If you assume people work 48 weeks per year, it means people spend 1,985.28 hours per year working. Life expectancy is 73, and according to the OECD, people retire at about 63. If people begin working at 22, then the average person works 41 years. Forty-one years of work at 1,985.28 hours per year is 81,396 total hours.