PDF Summary:How to be a Chief Operating Officer, by Jennifer Geary
Book Summary: Learn the key points in minutes.
Below is a preview of the Shortform book summary of How to be a Chief Operating Officer by Jennifer Geary. Read the full comprehensive summary at Shortform.
1-Page PDF Summary of How to be a Chief Operating Officer
The Chief Operating Officer role is one of the most challenging positions in any organization, requiring expertise across numerous disciplines and the ability to balance strategic thinking with day-to-day operations. Unlike other C-suite positions, COOs lack established frameworks and support systems to guide their success.
In How to be a Chief Operating Officer, Jennifer Geary provides a practical guide for navigating this complex role. She outlines the core principles every COO must master, from translating vision into results to identifying organizational inefficiencies. Geary explores the three foundational pillars of the role—culture, strategy, and transformation—and covers key areas of operational supervision including facilities management, finance, internal communications, and enterprise risk management. She also offers guidance on prioritization and planning for your first months in the position.
(continued)...
Areas of Operational Supervision
Geary explains that COOs oversee various technical areas, including facilities management and finance. Facilities management involves uniting individuals, locations, and procedures in the physical setting to improve quality of life and business productivity. She adds that facilities management is integral to your organizational identity. The location, appearance, and layout of your facilities can significantly inspire your team to perform optimally. Geary notes that facilities will probably be among the organization's most significant costs, and that owned properties will be the biggest assets in your financial statements.
(Shortform note: Ben Waber, Jennifer Magnolfi, and Greg Lindsay argue that the most effective way to improve a workplace is to treat it as a living laboratory: organizations should make small, targeted changes to the physical setting—such as adjusting seating arrangements, relocating shared resources like coffee machines or printers, or reconfiguring communal areas—and then rigorously measure how those changes affect observable behaviors, especially the frequency and pattern of face-to-face encounters, cross-team interactions, and spontaneous conversations, using those behavioral data to decide which experiments to keep, which to scale up, and which to roll back so that the space is continuously refined to better support collaboration and innovation.)
The team in charge of facilities handles the daily practicalities of your properties and buildings. They often lead responses to business disruptions. The team develops the approach to facilities management, establishes roles and responsibilities, supervises and directs the corporate estate portfolio, implements policies in line with standards, ensures good financial management, manages and negotiates all contracts, leads the way in CSR and sustainability, and oversees the implementation of facilities-related projects. According to Geary, the finance committee supervises the organization's financials, including sales, revenue, raising funds, spending, cash flow, treasury, reserves, and the financial control environment. The audit committee manages the organization's internal and external auditing, while the risk committee handles the organization’s risk management framework.
(Shortform note: The financial control environment refers to the tone set by leadership and the structures in place that influence how seriously people take the controls around money and financial reporting. It includes things like the organization's values, how much management supports and monitors controls, how well people are trained, and how open the company is to improving its processes. A strong control environment helps prevent fraud, errors, and mismanagement of funds.)
Next, we’ll discuss internal operations and enablement, core operational functions, enabling support functions, enterprise governance, and managing risk.
Internal Operations & Enablement
Core Operational Functions
Geary explains that operations involve transforming inputs to outputs and generating benefits for clients. Operations involves creating and distributing your offering. It involves prediction, planning capacity, creating schedules, and managing inventory. To be an effective COO, you must have a strong understanding of your industry, including where your organization sits in the value chain, the challenges and pitfalls in procurement, marketing, and distribution, the partners and stakeholders who are key to the creation of your products and services, and the end-to-end processes, their vulnerable points, and how quality is being built in.
The Feedback-Control Loop in Operations
In Operations Management, Nigel Slack, Alistair Brandon-Jones, and Robert Johnston explain that prediction, planning capacity, creating schedules, and managing inventory are all part of a feedback-control loop that compares what clients in the value chain are demanding with how inputs and end-to-end processes are performing. This allows you to adjust resources and process conditions at vulnerable points before quality problems or failures reach those clients. This is why it’s important to understand the value chain, the end-to-end processes, and the vulnerable points in those processes.
Enabling Support Functions
Geary emphasizes that support functions like facilities and communications are crucial for aligning with and contributing to the organization's strategy. Facilities are most effective when they align with the overall strategy, and facilities managers should be given a view of the organization's future to allow for more strategic planning and a better understanding. Geary adds that the communications team is responsible for creating a messaging framework and materials to help management support it. They run major events like town halls and social gatherings for staff, and they make sure there’s a suitable mix of set pieces led by management and content generated by employees. They also support projects and business functions, including mergers, takeovers, layoffs, and emergencies.
(Shortform note: To put Geary’s advice into practice, consider scheduling regular strategy-mapping workshops with your facilities and communications leaders. In The Strategy-Focused Organization, Robert S. Kaplan and David P. Norton argue that to make strategy a continual process and “everyone’s job,” senior leaders must engage managers from all business and support units in structured workshops to build a shared strategy map and balanced scorecard. These tools clearly describe the cause-and-effect relationships among strategic objectives and then translate those objectives into concrete initiatives, budgets, and performance targets for the next planning period. When these maps and scorecards are cascaded down to departments and teams, every unit can see on a single page how its planned activities and improvement projects explicitly support the organization’s overarching strategic themes and long-term value creation.)
According to Geary, internal communications need to anticipate employees' thoughts and create a suitable approach to connect with them effectively. The team responsible for internal communications should collect staff input, assess which messages resonate well, what topics employees are eager to learn about, and what questions remain unaddressed. They should also grasp each manager's strengths and weaknesses and help them convey their messages in ways that play to their strengths and showcase them as positively as possible. Internal communications should build robust connections with HR, risk management, PR, and marketing. A key connection is between internal communications and the individual overseeing the CEO's profile and messaging. These two aspects need to be closely aligned so that what the CEO conveys matches the organization's other messaging.
(Shortform note: Geary’s points about anticipating employees’ thoughts and aligning the CEO’s messaging are part of a long tradition of internal communication. In Exploring Internal Communication, Kevin Ruck argues that effective internal communication is fundamentally about building an employee voice system. This means creating sustained, two-way processes that enable staff to question, challenge, and shape organizational decisions and narratives. Ruck explains that senior leaders must actively listen, enter into dialogue, and adjust their own messages in response to what they hear from employees.)
Geary explains that PR involves overseeing communication between a company and outside stakeholders, shaping and supporting a favorable image of the organization, and handling incidents that might harm that image. Its duties involve sharing the company's strategic plan, mission, and vision with external audiences; developing a PR plan for important matters; and meticulously organizing essential PR actions by the day and channel.
The Dangers of Overly Strategic PR
In Trust Me, I’m Lying, Ryan Holiday argues that manipulating the media to manufacture favorable coverage is a Faustian bargain. While it may win attention in the short term, once audiences realize they’ve been gamed, they don’t just reject a particular story—they downgrade the credibility of the brand behind it. This suggests that if PR is seen as “shaping and supporting a favorable image” through tightly choreographed messaging, stakeholders may become cynical and hostile when they uncover even small inconsistencies, seeing the organization as fundamentally untrustworthy rather than simply imperfect.
Enterprise Governance & Risk Management
Geary emphasizes that managing risk is crucial for achieving business objectives. Risk refers to how uncertainty influences objectives, both positively and negatively. The risk team aids management in identifying, analyzing, evaluating, and managing the primary risks that affect the organization. It also helps establish the organization's risk culture. According to Geary, most catastrophic organizational events result from failed risk management. The risk department collaborates with executives and the board to determine the organization's acceptable risk levels. It creates a unified vocabulary around risk for the company and connects to the business strategy, helping leadership pinpoint the major risks confronting the organization.
(Shortform note: Risk culture refers to the shared norms and unwritten rules that shape how people in your organization actually behave when they notice, talk about, and take risks. It’s not just about policies or procedures, but about the underlying attitudes and beliefs that drive decision-making. A strong risk culture encourages open communication about potential issues, supports responsible risk-taking, and ensures that everyone understands their role in managing uncertainty. By fostering a healthy risk culture, you can create an environment where risks are identified early, addressed proactively, and aligned with your organization’s overall strategy.)
Geary adds that the team responsible for risk helps management evaluate the probability and importance of risks materializing, enabling them to be categorized, rated, and properly prioritized. They help management develop suitable reactions to the recognized risks. If issues arise, the risk team collaborates with management to pinpoint the underlying reasons, ensuring that lessons are learned and the weaknesses in controls are addressed. Geary explains that the risk team assists management in evaluating the design and functionality of the control systems. When weaknesses in control exist, it suggests enhancements through a plan to strengthen them.
(Shortform note: In Normal Accidents, Charles Perrow argues that in complex, tightly coupled systems, efforts to increase safety by adding new safeguards, procedures, and monitoring layers can actually increase the likelihood and severity of accidents. This is because each new control adds complexity and potential interactions that are difficult to predict. As a result, what is introduced as a protection can, under certain conditions, become a new pathway for failure. This suggests that a risk team that continually strengthens control systems may unintentionally create new risks by increasing system complexity.)
The risk team assesses broader external factors over the medium to long term to consider what might disrupt the organization. It also manages insurance, planning for operational continuity and recovery from disasters, and health, safety, and security. Geary outlines that the risk management team handles strategic risk, market risk, credit risk, liquidity risk, information security risk, operational risk, conduct risk, and regulatory risk.
(Shortform note: One type of risk that Geary doesn’t mention is reputational risk. This is the risk that the organization’s reputation will be damaged, which can amplify the effects of other types of risk. For example, a data breach (information security risk) can lead to a loss of customer trust, which can then lead to a loss of revenue and market share. Reputational risk can also make it more difficult for an organization to attract and retain employees, customers, and investors.)
Enterprise-wide risk oversight is the comprehensive system that helps your organization recognize, prioritize, handle, and communicate about its risks. You need to recognize the distinction between daily losses in fields like operations, where losses result from volume and complexity, and less frequent but more impactful "tail" risks. Dedicating your resources to the losses of daily operations could provide short-term benefits, but this won't safeguard you from infrequent but severe risks. Evaluating these requires making significant, decisive choices which may be unpopular—though they might never occur and might be costly to defend against.
(Shortform note: The term “tail” risk refers to the risk of extreme events that lie in the far ends (or “tails”) of a probability distribution. These are rare but potentially catastrophic events that standard risk models, which often assume normal distributions, may underestimate or overlook. The concept comes from statistics, where the “tail” of a distribution curve represents the extreme values far from the average. In risk management, tail risks are particularly challenging because they often involve scenarios that have never occurred before, making them difficult to predict or prepare for using historical data.)
Geary argues that risk oversight is only significant if each employee helps with recognizing and handling risks. In-house risk professionals provide the second layer of defense—the first layer is management. The responsibility for risk falls to management. Second-line functions, like the risk team, are responsible for creating frameworks and challenging management through oversight. The audit role acts as the final layer, providing independent verification of the organization's control environment. No one line of defense is adequate on its own; they're interlinked as a system.
(Shortform note: In Enterprise Risk Management, James Lam explains that the three lines of defense work as a feedback system. Each group develops its own view of the organization's key risks. If those views don't match, it forces a deeper look at the risks before major decisions are made. This process ensures that risk information is challenged from multiple perspectives, leading to a more accurate understanding of the organization's true risk profile. The results of this challenge process are then used to improve policies, limits, controls, and reporting.)
Geary explains that leadership develops business goals to advance their strategic plan. It must comprehend the threats that might jeopardize achieving those objectives. Effective risk management involves comprehending the risks and pinpointing the organization's controls and processes, including their advantages and disadvantages. Leadership must define acceptable risk tolerances—this is known as establishing how much risk you're willing to take. A robust risk environment is one where risk team members are seen as useful specialists who offer review and questioning, but accountability for risk lies with individuals, managers, department heads, and the CEO. Effective risk management is indicated when monitoring and mitigating risk events result in significant process quality improvements. This will make workflows more seamless, reduce errors and disruptions, lower friction, and increase employee satisfaction.
Limitations of Geary’s Risk Management Approach
Geary’s approach to risk management may not be suitable for all organizations. For example, in highly regulated industries like healthcare, finance, or aviation, leadership may not have the flexibility to define acceptable risk tolerances. In these sectors, regulatory bodies often set strict risk thresholds that organizations must adhere to, leaving little room for internal discretion. Additionally, the indicators of effective risk management that Geary describes—such as improved process quality and increased employee satisfaction—may not always be reliable signals of reduced risk. In fact, in some cases, smooth and efficient workflows can mask underlying vulnerabilities. In Managing the Unexpected, Karl E. Weick and Kathleen M. Sutcliffe argue that in high-reliability organizations, a lack of visible problems can actually be a warning sign that risks are being overlooked.
Additional Materials
Want to learn the rest of How to be a Chief Operating Officer in 21 minutes?
Unlock the full book summary of How to be a Chief Operating Officer by signing up for Shortform .
Shortform summaries help you learn 10x faster by:
- Being 100% comprehensive: you learn the most important points in the book
- Cutting out the fluff: you don't spend your time wondering what the author's point is.
- Interactive exercises: apply the book's ideas to your own life with our educators' guidance.
Here's a preview of the rest of Shortform's How to be a Chief Operating Officer PDF summary: