Building confidence in executing IT programmes
The failure of strategic IT programmes can leave companies exposed to significant increase in costs, reputational damage, loss of customers and the disruption of day-to-day activities. By Mohamed Nayaz
IT programme success supports business success
Organisations continue to look to IT as a key enabler to help them realise their business strategies, improve productivity and obtain a competitive advantage through product and service innovation. IT is a focal point for executives who seek to drive cost competitiveness and transformation agendas that are now a common part of the interrelated global economy.
However, even as IT investments are expected to continue a growth pattern in the coming years, strategic IT programme success rates are still significantly underperforming and in need of organisations’ attention, looking to unlock the value of their capital investments.
Key issues leading to failures in IT programmes are often identified too late, often after the failure has occurred. This results in limited mitigation options that are costly to resolve. By the time issues are identified (usually in a crisis), the ability to influence a positive outcome is greatly reduced. The opportunity for effective damage control is severely limited and may be missed altogether.
Organisations need to challenge their current situation and ask how they can better manage risks around underperforming programmes and improve performance rates to deliver sustained benefits. IT programme risk management (PRM) provides an effective platform to help increase the success of strategic IT initiatives. IT PRM helps to protect organisations from experiencing common IT programme pitfalls and increases the likelihood of delivering successful programme outcomes.
Project execution continues to struggle
IT spending increases
Gartner predicts an increase in IT spending will be sustained at an average rate of 4 per cent per year. Gartner also indicates that approximately 20 per cent to 35 per cent of a company’s IT spending will be focused on programmes and projects, depending on an organisation’s initiatives. Looking at just programmes and projects, this represents an investment of approximately $760bn to $1.33tn. This is a significant investment, requiring more scrutiny and a high degree of confidence in achieving the intended return on investment.
Digital technologies grow in importance
Organisations are increasingly competing on innovation in new products and services. They see IT and emerging technologies as a risk and an opportunity while differentiating themselves in the market. They use IT and emerging technologies to improve their productivity and performance. Organisations have to continuously invest in IT and IT programmes without choice. Otherwise, they risk suffering the consequences of an aging and underperforming application and infrastructure landscape. This ultimately affects the organisation’s competitiveness. To be successful, this requires improved approaches to programme management to transform the good ideas into great outcomes.
Half of all IT programmes underperform
With few exceptions, organisations across all industries continue to show poor performance in successfully delivering IT programmes, achieving expected outcomes and sustaining benefits. Though companies have significantly invested in increasing their knowledge and capabilities in programme and project management, programme success rates did not reflect this investment. Improper programme adaptation to complex business processes, especially in the emerging technology landscape, resulted in this poor performance.
A crucial differentiator for corporate competitiveness
Effective programme and project management capabilities are now one of the most crucial differentiators for competitiveness in the future marketplace. Given the focus on investing in IT, getting strategic IT programmes right could be the make-or-break difference between realising business growth and being a market leader, or being left behind.
The failure of strategic IT programmes can leave companies exposed to significant increases in costs, reputational damage, loss of customers and the disruption of day-to-day activities. And these risks are increasing. Organisations failing to manage their strategic IT programmes, based on business benefits and contributions to innovation and competitive advantage, will find it more difficult to remain relevant to their workforce, customers and the broader market in which they operate going forward. They will become laggards in their respective industries. A new way of thinking and managing strategic programmes must be inculcated within all levels of the project structures to maximise investment outcomes.
Reasons for IT programme failure
Many intertwined factors result in an IT programme failing to deliver its intended objectives and benefits. Typically, a number of risks, when combined, result in programmes failing or underperforming. Many are inherent in the programme at the start and go undetected until the later stages and then symptomatic issues spring up as “surprises.” Management needs to be aware of the organisation’s specific IT programme-risk universe and implement strategies up front to manage the most likely risks to programme success.
Programme risk management is important for programme success
Using IT PRM to build additional lines of defence
IT PRM focuses on providing a clear understanding of the current programme issues environment and a full life cycle, forward-looking view of risks. This holistic overview of issues, risks and complexities allows informed decisions to be taken at the earliest possible time. This also leads to improved programme performance and enhanced benefit realisation. A proven method is to create multiple “lines of defense” against the threats and reduce the impact of realised risks.
First line of defense: the most crucial layer of risk management on a programme. It typically includes the executive leadership team, programme steering committee, programme risk committee, technical design authority, the PMO, system integrators (SIs) and the various project work stream leaders.
Second line of defense: an independent IT PRM role. It can be provided by one independent (mostly external) party, or it can include a combination of internal and external providers. This can be an independent (external) programme risk and quality assurance provider, operational risk and compliance functions, external auditors and even software providers.
Third line of defense: typically includes the audit committee and internal audit function. It is often seen as the last line of defense when it comes to detecting error and waste in organisational activities. These functions often benefit from being able to rely on the outputs of a trusted independent party who can focus better on selected areas of oversight. It may even reduce the need for their oversight in other programme risk and assurance activities.
How well are your important projects doing?
Using IT PRM to inform and make decisions
Clear, accurate communication within an IT PRM framework is essential. Key stakeholders need relevant and timely information and recommendations to make fact-based decisions. This would mitigate risks and improve project outcomes.
All too often, project status reporting does not give leadership a true picture of how a project is doing until it is too late. There is usually political pressure to keep a project in a “green” status until it is no longer possible to hide issues and challenges, and the project suddenly goes to “red” status. There is also a tendency for risk and status to get distorted as it is rolled up from the work stream level to the project level to the executive reporting level. This political pressure and distortion result in a loss of transparency. This causes executives to have unwarranted optimism concerning true project performance and its expected outcomes. Unfortunately, this almost always leads to surprises arising late in project execution, with reduced ability to mitigate negative impacts to the planned project outcomes.
Are your people aligned toward success?
Poor decision priority alignment occurs more frequently on large complex projects, since there are many more communication points between executives and the project team. This means that only select information is communicated, less often and more formally than on smaller projects.
Decision priority analysis
The governance of a project can be divided into three distinct tiers – executives (sponsor, steering committee, executive leadership team, etc.), leads (PM, PMO, architects, etc.) and teams (work stream leads). EY utilises six success factors when analysing decisions – time, cost, benefits, scope, quality and team organisation.
Effective decision-making is achieved when each tier’s top priorities are in agreement within tiers (horizontally) and between tiers (vertically). Our analysis can provide visibility into that horizontal and vertical alignment. When misalignment occurs, EY has found that there is a tendency for resources to align with the priorities of their functional areas, i.e., finance resources will align with the priorities of the CFO (usually “cost” and “benefits”), IT resources will align with the priorities of the CIO (usually “time” and “cost”) and operations resources will align with the priorities of the COO (usually “scope” and “quality”). This is why prior to the start of the project, the priorities of the six success factors must be agreed upon and communicated to the governing bodies and the project team.
Along with decision priority alignment, it is necessary to examine the empowerment alignment among the previously mentioned six success factors. Prior to the project start, leadership should determine the definition of success based on the relative priority of the six factors. At most, two of these factors should be the primary definition of success for the project. The other factors are successively lower priority in the definition of success.
For example, if the project must achieve the expected benefits (i.e., return on investment) and is cost critical (i.e., ROI is very sensitive to cost), then benefits and cost would be the two primary factors of success. The other four factors must be given some freedom to change to allow the team to meet the primary goals.
Well aligned empowerment levels and escalation thresholds allow project leadership to make meaningful trade-off decisions, within their decision rights. Lack of well-aligned empowerment levels will hinder the project team from making effective trade-offs decisions, or frustrate executives by having the project leadership change factors that they consider critical to success.
Benefiting from independent programme risk management
In order to establish an effective PRM capability, a phased service implementation approach is recommended:
- Individual assessments
Start developing a PRM capability by executing several individual assessments to determine the ability to support the assessments and the value to the organisation.
This allows the organisation to pilot PRM to determine what works and steer the focus for the greatest impact. If the organisation decides to expand PRM, this step allows them to decide if they need a managed service or if they need to co-source the PRM capability.
- Fully managed service
If the resources or knowledge do not exist within the organisation to co-source a PRM capability, a managed service option will enable a quick deployment of PRM. This option allows a fully functioning PRM capability to be established within the organisation that can later be transitioned to internal resources.
- Co-sourcing service
If the organisation has a capability similar to PRM, or wants to leverage a leading practice approach, co-sourcing the PRM organisation may be the best approach. This option is also a logical follow-on to the fully managed service where the organisation introduces its own resources to PRM and starts the transfer of knowledge – this may eventually lead to the organisation taking over all the PRM capability.
- Subscription service
Once the PRM capability is established within the organisation and is well understood by its resources, a subscription service is the next logical step. A subscription service allows the organisation to maintain access to select leading practice toolsets, while minimizing the fees for external resources. Yet, it still also allows access to the external resources for short-term capacity expansion or for assistance in assessing exceptionally complex programmes.
High value at relatively low cost
Investments in PRM are typically quite small compared to the overall programme budgets, especially when business revenues are put at risk. Independent IT PRM services should account for approximately 2 per cent to 6 per cent of the overall programme budget, although this may vary depending on the project’s risk profile, and some of the more mature programme organisations are investing more.
While the costs are relatively low, the benefits of PRM are significant:
Increased confidence in the integrity of business case and projected outcomes
Increased likelihood that the programme will be delivered successfully
Improved visibility and transparency of programme risks and performance
Early identification of programme-critical risks and issues
Practical recommendations to address problems as they arise
More informed decision-making as a result of independent viewpoint
Access to independent professional advice on leading programme practices
Enhanced management control of the programme
Significantly reduced late-stage surprises
Improved team dynamics, energy and capabilities
IT PRM risk-based analysis builds confidence in IT programmes
A holistic view of issues, risks and complexities throughout a programme’s life cycle allows informed decisions to be made at the earliest possible time; leading to improved programme performance and enhanced benefit realisation.
Programme risk management is the start of a journey focusing on improving the outcomes through risk management in major change programmes and projects.
The results of an initial assessment can highlight a number of next steps, including:
Assistance in individual assessments for key programmes and projects
The need for increased programme risk management capability for ongoing assessments and continued monitoring
Improvement of the programme risk management solutions and enablers
Predictive analytics and root-cause analysis and modeling of key relationships between key project factors
Analysis to highlight hidden issues, risk and identification of the root cause of issues such as a detailed programme schedule analysis
Utilisation of analytics simulations to predict programme outcomes to undertake appropriate actions if necessary
Organisations can build confidence in IT programmes through forward-looking IT PRM risk-based analysis, good information and deep perspective to enable value delivery. Engaging the right IT PRM provider will ultimately help build and sustain the confidence of key stakeholders and ensure that you have the right information at the earliest possible time to make well-informed proactive decisions throughout your program.