Tuesday, January 21, 2014

Will There Be Any Improvement In Technology Project Governance Any Time Soon? Not If We Don’t Start Learning From Experience!

This appeared a few days ago.

Australian IT project failures spark new ICT governance standard

Date January 14, 2014 - 1:39PM

Trevor Clarke

65 to 85 per cent of IT projects fail to meet their objectives, run significantly late or cost far more than planned, says Minter Ellison partner Paul Kallenbach. Photo: Stephen Morton
The frequent failure of major IT projects across the country such as the Queensland Health payroll debacle has spurred Standards Australia to release an updated standard for IT governance.
The 24-page long standard was developed by the Standards Australia Technical Committeeand aims to guide leaders during major IT projects.
"The standard was prepared due to continuing failures of major IT projects to deliver expected value. The aim was to bring home the need for action from boards and senior business executives who are responsible for the overall governance of the organisation," said Standards Australia chief executive, Dr Bronwyn Evans.
"If organisations want to obtain maximum value from their investment, governance of IT projects should not be left to the IT department alone."
The new standard replaces a 2010 standard with updated guidance informed by the growth in cloud computing and social media use. It includes a recommended governance framework and encourages the highest levels of leadership to take responsibility for project success.
Over the years, IT market observers have been dismayed at the number of projects that have either failed completely or exceeded their budgets and deadlines.
The Queensland Health payroll disaster is arguably the poster child IT project failure in Australia at the moment. But it is joined by many other high-profile examples. The ATO's Change Program also ran over budget and over time, while a 2011 Victorian Ombudsman's report into 10 projects in the state including the myki card found each failed to meet expectations and added an additional $1.44 billion in costs.
Standards such as this are useful, says Minter Ellison partner Paul Kallenbach, but it's "the application of good IT project governance that has proved challenging".
Lots more here:
There is also coverage here:

IT Governance Standard to benefit consumers and organisations

IT governance is not a readily accessible issue for consumers yet the decisions made by most organisations about information technology (IT) can have great later significance, as is evident in a number of Australian IT project failures. IT supports organisations’ core functions and so IT investment choices and the contribution of IT to business capability and performance often play a significant role for future success.
Standards Australia has published a significant New Standard for IT Governance to support governance leaders in guiding major IT projects. Organisations undertaking significant IT projects will find this the ‘go-to” document when it comes to linking governance and management. Consumers Federation of Australia (CFA) has a representative on the Standards Australia Technical Committee IT-030 IT Governance which was responsible for the development of the standard.
AS/NZS 8016:2013 Governance of IT enabled projects offers a model of engagement between an organisation’s governing body and management.  The objective is to facilitate improved results for business projects that involve investment in new or changed IT capabilities (these projects are often referred to as ‘IT enabled projects’ or ‘IT projects’).
More here:
Here is the link to the Standard.
Here is all that is available for free - the rest will cost you about $100.
AS/NZS 8016:2013
 This Standard provides guidance to assist those at the highest level of organizations in the effective governance of IT enabled projects; these are projects that deliver IT enabled business capability and outcomes.
IT supports the core functions of most organizations. Investment in IT and the contribution of IT to the business capability and performance of the organization often play a significant role in the achievement of strategic plans.
Governance of IT, including significant investments in IT, is part of sound corporate governance and is needed to meet ASX guidelines. Governance in this context is not IT management but it is supported by the organization’s management system.
The mechanisms employed to govern IT enabled projects should be informed by the organization’s reliance on IT and its strategy, as well as its size and risk appetite. An item relating to an IT crisis on a board agenda could be a sign of weak or immature framework for the governance of the IT enabled project, and often the resulting decision-making will occur in isolation and will address the symptoms rather than the cause.
The guidance provided in this Standard comprises principles and a model. The principles are those defined in AS/NZS ISO/IEC 38500:2010, Corporate governance of information technology, and this Standard offers guidance on the application of the principles to IT enabled projects.
It provides guidance on the way governing bodies can own and lead the governance of IT enabled projects while providing support to those with delegated authority to deliver these projects. This Standard focuses on the governance of projects in which IT is an enabling tool for delivering value to the business. The governing body of an organization will determine what is of value to that organization; however, the value arising from an IT enabled project could include—
(a) competitive advantage through delivery of new services;
(b) improvements in organizational efficiency;
(c) cost reduction;
(d) effective risk management; and
(e) compliance with legislation and regulations.
Governance of IT enabled projects can provide governing bodies with a better understanding of the organization’s risk profile. Mobile devices, ‘apps’ and ‘cloud’ services can be purchased with ease by business management, and often without consulting the management responsible for the business’s IT or without understanding the potential implications for the organization’s IT strategy. Business projects underpinned by these technologies could escape consistent oversight, and decisions could be made that are neither aligned with an overall business strategy for IT nor subject to consistent oversight.
Digital and social media opportunities are currently being discussed in terms of business strategy, as well as in terms of the challenge of calculating and monitoring return on investment. This is a changing world where, if the board does not provide leadership, the consequences will be costly to rectify, and competitive opportunities could be lost.
This Standard does not prescribe or define specific management practices required for IT enabled projects, since these practices are already well defined in other sources. However, by focusing on the principles for governance of projects and behaviours that contribute to project success, this Standard provides guidance that is applicable to all organizations. It is the responsibility of governing bodies to satisfy themselves that the appropriate behaviours and mechanisms are in place within the organization.
----- End Forward.
The sad thing about all this is that most of what is being talked about is Project Governance Management 101 (Involve the Company Executive, ensure project is part of clear business and IT Strategy, have clear Executive Sponsor, have clearly measurable project plan and deliverables and ensure appropriate scope of each work parcel, ensure IT leadership has business nous etc.) and despite all this being very well known we keep seeing huge problems!
Here is a fun discussion of the causes of all these - The slides say it all!

Informatics Training for CDC Public Health Advisors

How to Cause Information Technology Disasters
Instructor: William A. Yasnoff, MD, PhD
Teaching method(s): Lecture/discussion
Topics to be covered:
  • Risks of Information Technology
  • Types of Disasters
  • Effective Disaster Strategies: Management
  • Effective Disaster Strategies: Technical
  • Paradigm for Disaster Avoidance
Learning objectives:
By the end of this session, students will:
  • Understand the sources of risk in the development of new information systems
  • Describe at least four management strategies for creating disasters
  • Describe at least four technical strategies for creating disasters
  • Utilize an effective paradigm to minimize likelihood of information technology disasters
  • Instructional Materials
  • Johnston DC: I.R.S. Admits Lag in Modernization; Urges Contract Plan. NY Times 1/31/97, p. A1.
  • Oz E: When Professional Standards are Lax: The CONFIRM Failure and its Lessons. Communications of the ACM 1994;37(10):29-36.
References & suggested readings
  • Ennals R. Executive Guide to Preventing Information Technology Disasters. Berlin: Springer-Verlag, 1995.
----- End Course Outline.
Note the dates of the references - none of this is new news! It just needs people to actually follow what is known about how to avoid these issues. One very good thing to do is make sure political interference and pressure is properly managed!

1 comment:

Dr Ian Colclough said...

Mind numbing stuff - the fodder of experts practitioners of obfuscation. What is missing is NOUS - plain old pragmatic common sense.