Processes mitigate risk of repeating a mistake, but they don't prevent new ones, unless you have very wise people building them, and keeping them current.
Processes can be thought of as an institutional form of OCD. There are costs, and they shouldn't outweigh the benefits.
>Processes mitigate risk of repeating a mistake, but they don't prevent new ones
I’m not sure I fully agree. Reactive processes prevent recurring mistakes, because they layer on a requirement to close a gap. I think people can go overboard, particularly when they are myopically focused on a single risk in their wheelhouse and miss the big picture.
Better processes can be more proactive. For example, a process requiring a failure-modes-effect-analysis can identify potential faults that have never been experienced. Developers may feel like they don’t need to work on an FMEA because they “know what they’re doing” and miss latent failure modes
Processes mitigate risk of repeating a mistake, but they don't prevent new ones, unless you have very wise people building them, and keeping them current.
Processes can be thought of as an institutional form of OCD. There are costs, and they shouldn't outweigh the benefits.