,Do IT Risk and Governance measures really help organizations to avoid IT Project failures?
To coin a phrase used by a fellow Twitterer “No process at all is better than a bad process”.
So how many resources, either dollars or human, do organizations invest in establishing IT risk and Governance frameworks? How much time is spent administering, managing and monitoring these processes and what is an organization’s ROI for their IT governance investment?
For all of the above, most organizations would probably respond “Too much”!
It is surprising to find that many large organizations and government bodies that claim to have or would be required by stakeholders to have stringent IT Risk and Governance frameworks still have rogue, run-away or failed IT projects. The following are some of the many examples of organizations and government bodies who experienced the chaos of rogue IT projects:
To coin a phrase used by a fellow Twitterer “No process at all is better than a bad process”.
So how many resources, either dollars or human, do organizations invest in establishing IT risk and Governance frameworks? How much time is spent administering, managing and monitoring these processes and what is an organization’s ROI for their IT governance investment?
For all of the above, most organizations would probably respond “Too much”!
It is surprising to find that many large organizations and government bodies that claim to have or would be required by stakeholders to have stringent IT Risk and Governance frameworks still have rogue, run-away or failed IT projects. The following are some of the many examples of organizations and government bodies who experienced the chaos of rogue IT projects:
If an organization’s IT risk umbrella covers IT governance with a comprehensive IT risk portfolio, then how do organizations still get lumbered with runaway and failed IT Projects?
An underlying cause is that IT Risk and Governance frameworks are focused almost exclusively on the “tangibles” of the organization and the direct outcomes of projects giving insufficient attention to the important “soft” intangibles of their organization. This is most critical at the crucial “pre-investment” IT decision making and process planning phase when identifying and determining how to achieve these project outcomes needs to take place.
IT governance will take into account the amount of human and financial resources required for the project and an IT risk portfolio will monitor IT projects, IT service continuity, service providers, information assets, new and emergent technologies, software applications and infrastructure to ensure they are integrated with management, the business benefits and their alignment with strategy.
As critical as these governance and risk measures are to the success of an IT Project, they will fail to deliver if left to act in isolation. Simply put, IT risk and governance measures do not address the internal psycho-analytical aspects of an organization, including its decision making process. Nor do they analyze the “What”, “Why”, “Who”, “When” “Where” and “How” decisions needed in investing in or undertaking IT projects.
These key decisions are fundamental to organizations in determining whether projects will succeed or not and are the foundations and key drivers for determining IT project success. They must therefore be diligently made by C-level executives and senior management *before* projects commence.
In short, all of these key decisions are uncovered and addressed when applying Corporate Profiling to an organization before initiating an IT Project.
Indeed, Corporate Profiling can assist organizations in achieving their expected ROI and other benefits from their IT and Risk Governance processes in delivering IT projects.
“Nothing and nobody fails as badly as when undertaking something that someone else has failed to plan” (Sarah Jane Runge).
Kind regards
Sarah Jane Runge
An underlying cause is that IT Risk and Governance frameworks are focused almost exclusively on the “tangibles” of the organization and the direct outcomes of projects giving insufficient attention to the important “soft” intangibles of their organization. This is most critical at the crucial “pre-investment” IT decision making and process planning phase when identifying and determining how to achieve these project outcomes needs to take place.
IT governance will take into account the amount of human and financial resources required for the project and an IT risk portfolio will monitor IT projects, IT service continuity, service providers, information assets, new and emergent technologies, software applications and infrastructure to ensure they are integrated with management, the business benefits and their alignment with strategy.
As critical as these governance and risk measures are to the success of an IT Project, they will fail to deliver if left to act in isolation. Simply put, IT risk and governance measures do not address the internal psycho-analytical aspects of an organization, including its decision making process. Nor do they analyze the “What”, “Why”, “Who”, “When” “Where” and “How” decisions needed in investing in or undertaking IT projects.
These key decisions are fundamental to organizations in determining whether projects will succeed or not and are the foundations and key drivers for determining IT project success. They must therefore be diligently made by C-level executives and senior management *before* projects commence.
In short, all of these key decisions are uncovered and addressed when applying Corporate Profiling to an organization before initiating an IT Project.
Indeed, Corporate Profiling can assist organizations in achieving their expected ROI and other benefits from their IT and Risk Governance processes in delivering IT projects.
“Nothing and nobody fails as badly as when undertaking something that someone else has failed to plan” (Sarah Jane Runge).
Kind regards
Sarah Jane Runge
1 comment:
I agree with your conclusions - but only when the organization in question adopts this narrow view of IT Governance (as many if not most organizations mistakenly do).
In fact, IT Governance is much more than this narrow view. A comprehensive IT Governance approach ensures we know what decisions need to be made, who is accountable for those decisions, an how the decisions will be made to ensure IT is aligned with the business, delivers value to the business and appropriately manages risk, resources and performance.
Implemented properly IT Governance is all about decision-making - covering every dimension you cite in your post.
Steve Romero, IT Governance Evangelist
http://community.ca.com/blogs/theitgovernanceevangelist/
Post a Comment