IT and Digital Failures – the Time for Study is Over – it’s Way Past Time for Action!

A recent article in diginomica, “Senate agrees to launch inquiry into Australia’s digital government failures” caught my eye. My immediate reaction was “Here we go again”, quickly followed by a somewhat more lyrical “When will they ever learn?”
The challenges of IT projects have been analyzed extensively over many decades. Most of us are familiar with The Standish Chaos Survey, the 2015 results of which reported successful projects constantly representing only ~30% of the 50,000 surveyed projects (where success is defined as on time, on budget and with a satisfactory result).

A 2012 Mckinsey article, based on research conducted on more than 5,400 IT projects by Mckinsey and the University of Oxford, found that half of large IT projects (costing >$ 15 million) massively blew their budgets. On average, large IT projects ran 45% over budget and 7% over time, while delivering 56% less value than predicted. The projects in total had a cost overrun of $66 billion, more than the GDP of Luxembourg. The impact of these failures is more than financial. In the case of healthcare, for example, the impact includes significant avoidable loss of life, pain and suffering.

More anecdotally, The International Project Leadership Academy Catalogue of Catastrophe records quite a few troubled projects from around the world, many, but not all of them IT projects. The list includes the UK’s NHS National Program for IT in Health, the original budget for which was $4.6 billion, which had risen to $24 billion when it was cancelled in 2010. At the time, and possibly still now, it was the world’s largest civil IT project.

Challenges to success – being on time, on budget, and achieving the expected value, are common across private and public sectors and across all jurisdictions. If one were to take all the studies, audit reports, and other post-mortem review of so-called “IT projects” or, more recently, “digital” initiatives, you could fill a medium-sized – possibly larger – library. The good news is that you would only have to read one or two of them to realize that they all came to basically the same conclusions, and made basically the same recommendations. It’s great business for consultants, as they can usually just dust off and tailor a previous report – a great but expensive example of re-use. Over the same time, research papers and articles beyond count have been written on this topic, and frameworks, methodologies, tools and techniques have been produced (almost) ad nauseam. Yet, despite this, very little has changed, other than that the impact of these failures, as technology becomes increasingly embedded in everything organizations do, is both more severe and more visible, not the least so in the public sector.

The underlying causes of both earlier “IT project” failures, and those of more recent “digital” initiatives are basically the same. They include:
1. A continued, often blind focus on the technology itself, rather than the change – increasingly significant and complex organizational change that technology both shapes and enables, and which is required if organizations are to come anywhere near realizing the potential value from their digital investments;
2. The unwillingness of business leaders to get engaged in, and take ownership of this change – preferring to abdicate their accountability to the IT function (I should add that I have also seen cases where IT leaders know this should be owned by the business leadership team, but do not believe that they have the competence to do so);
3. Failure to inclusively and continually involve the stakeholders affected by the change, without whose understanding and “buy in” failure is pretty much a foregone conclusion;
4. A lack of rigour at the front-end of an investment decision, including, what is almost universally a totally ineffective business case process, resulting in lack of clarity around the expected outcomes, the full scope of effort required, the assumptions being made, the risks involved, and how progress and success will be measured;
5. Not actively managing for value; and
6. Not managing the journey beyond the initial “project” completion.

A much over-used definition of insanity, commonly yet apparently inaccurately attributed to Albert Einstein, is “doing the same thing over and over again and expecting a different result.” This is certainly a good description of the where we are today. It should have been obvious to anyone reading any of the previously mentioned reports and studies that the issue of IT or digital failure needs to be re-framed from a technology delivery problem to a business problem of managing increasingly significant and complex organizational change. A business problem that has had a global cost estimated by Michael Krigsman, a respected industry analyst, to be in the order of $US3 trillion/year. And that cost doesn’t include opportunity cost – the non-realization of expected value.

So, why is it that business leaders – in both the private and public sector, have not stepped up to the plate? Despite the term “digital” now being much more commonly used – or abused –  in place of “IT”, digital is still largely equated with, and thought of as, a technology implementation issue. We certainly don’t need any more studies! As a client of mine once said, the less will we have to solve a problem, the more we study it. We need leaders to finally wake up and understand that this is not a technology implementation problem, but a problem around understanding, accepting accountability for, and managing the business change required to create and sustain business value from leveraging digital. We need these leaders to move beyond eternal studies to action. I discussed this in an earlier post, “Digital Leadership – Much More Than IT Leadership”. What follows builds on parts of that post.

In this new digital era, technology itself, how technology is delivered, how it is used, and by whom are changing at an ever-increasing rate. This is blurring the roles and responsibilities of IT and other business functions, and giving rise to a fundamental rethinking of how IT, and its delivery and use is governed and managed, and the capabilities that are required to ensure and assure that the use of technology contributes to creating and sustaining business value. The role of the CIO is being questioned ad nauseam, particularly as it relates to the CMO, and a new position, the CDO, is appearing. And, of course, let’s not forget the CTO. However, the answer is not as simple as renaming the CIO position, getting a new CIO, or appointing a few new CXOs (or now, due to alphabetic limitations, CXXOs).

I have, over many decades, used the simple formula below to describe reason for the current dismal state of affairs:

OO + NT = COO

The formula represents that simply applying new technology (NT) to an old organization (OO) results in a Complex Old Organization (COO). Gavin Slater, the new head of the Australian Government’s Digital Transformation Agency (DTA), used a variation of this formula in a recent address to the Australian Information Industry Association, in which he replaced COO with EOO – expensive old organization.

Digitization cuts across organizational silos, and across all levels of organizations. Realizing value from digital requires more than putting lipstick on the old industrial age pig, with its hierarchical, command and control approach to governance, leadership and management. It requires continually rethinking, reimagining and reinventing every aspect of our organizations. Digital transformation, or more accurately the on-going and ever-evolving digital journey towards a digital ecosystem will require digital literacy and collaboration across and beyond the C-suite to ensure that their organization has, as EY’s David Nichols said in a May 2014 CIO Insight interview, “an integrated and holistic plan to really leverage digital”. This includes questioning their very purpose, how they are organized, the very nature of the work they do, who does it, and how it’s done. It requires challenging established cultures and long-held beliefs. The digital economy both enables and requires a different view of leadership. As Sally Helgesen said in a May, 2014 article, “Leadership’ isn’t Just for Leaders anymore”, leadership no longer, or should no longer equate with positional power and has, or should become a behaviour that is broadly distributed, recognize and rewarded.

Organizations must tap into the collective knowledge of all their people…~70% of whom feel no engagement with their organizations today. As Julian Stodd said in a June, 2017 blog, “The Age of Engagement”:

“The mechanisms and mindset of engagement in many organisations lags far behind the lived reality of the Social Age: Organisations exist in a realm of expertise, domain specific input, hierarchical power, at a time when communities are rising, co-creation is maturing, and dynamism is key. The solution will not be adaptation within an existing mindset, but rather a paradigm shift to a new space: the Age of Engagement.”

Peter Staal extends this thinking in an August, 2017 article, “Organizations of the future operate as communities”, in which he says:

“Meeting the demands of the digital age will require a new way of working. Take for instance the decision-making process. Organizations no longer have the time traditionally taken up by this process through a decision tree. The future belongs to organizations which are made up of multiple autonomously operating communities forming part of the larger whole (so-called pods).”

This is not a new concept. It was original posited in the early 20th century by Oswald von Neil-Breuning with his law of subsidiarity – an organizing principle that matters ought to be handled by the smallest, lowest or least centralized competent authority. This means locating accountability and decision-making at the most appropriate level, while supporting decisions with broader and more knowledgeable input.

We could have adopted such a concept long before now, indeed, some organizations have done so. For organizations to survive and thrive in the digital economy, this is no longer an option! We certainly now have the technology available today to support such a concept. However, I’m not sure we will see this widely accepted  any time soon – likely not in my lifetime. As Steve Vamos said in a 2012 Australian Review article:

“The challenge ahead is to unwind more than a century of industrial-age mindsets at work which are controlling, mistake-averse and “know it all” and evolve them into mindsets that are enabling, learning and willing to try new things and fail.”

Laurence J. Peter, author of The Peter Principle, echoed those sentiments when he said, “Bureaucracy defends the status quo long past the time when the quo has lost its status.” The reasons for this are well laid out by Ted Bauer in an August, 2017 article, “Bureaucratic management ain’t going anywhere”, as summarized in the figure below.

As an eternal optimist, I hope that he’s wrong, but as a realist, having pushed similar ideas for many decades, I think it will take some time before we see the extinction of the organizational dinosaurs. This will certainly be the case if we stand on the sidelines and wait for it to happen. As a former colleague, Don Tapscott,  has said for decades “Leadership can come from anywhere”. We must all take a leadership role in making it happen.

The Dark Side of Digital

 Four years ago, I wrote reflecting on my 50 years in IT, and the pursuit of value from the use of IT. I described the changes that had occurred over that time since I started my working life as a computer operator on an IBM 1401, which had a (not really published as such) processing speed close to 10 million times slower than today’s (2013) microprocessors, 8k of storage (later upgraded, with an additional unit, to 16k), no solid state/hard drive, displays or communication capability, and no operating system (that was me!). Weighing in at around 4 tons, it needed a fully air conditioned room, with a raised floor, approximately twice the size of my living room.

I described how my world in 2013 compared with that time. I had powerful technology in my small home office, wirelessly connected within my house, and to the world beyond through the internet. I had access to an ever-growing body of knowledge that could answer almost any question I had, and which enabled me to manage my banking, pay bills, check medical lab test results, organize travel, shop, read books, listen to music, watch videos, play games, organize, edit and enhance photographs and videos, and a myriad of other tasks.

I went on to describe how, beyond my individual world, at the enterprise level, the technology model is changing from computing – the technology in and of itself, to consumption – how individuals and organizations use technology in ways that can create value for them and, in the case of organizations, their stakeholders. I discussed the extent to which technology, and how it was being used, was continuing to change, at an ever-increasing rate, including:

  • increasing adoption of the Cloud;
  • Software (and just about anything else) as a Service; the explosion of “Big Data”, and, along with it, analytics and data visualization;
  • mobility, consumerization and BYOD which fundamentally changes how, where and when we interact with technology and access information;
  • the ”internet of things” (IOT) bringing with it unprecedented challenges in security, data privacy, safety, governance and trust; and
  • robotics and algorithmic computing which have considerable potential to change the nature of work.

I closed by talking about what hadn’t changed, and what needed to change. Putting my value lens on, I lamented that, then, 15 years since The Information Paradox, in which I described the challenge of getting value from so called “IT projects”, was first published, the track record remained dismal, and realizing the value promised by IT remained elusive. I attributed this situation to several factors, the primary ones being:

  • a continued, often blind focus on the technology itself, rather than the change – increasingly significant and complex change – that technology both shapes and enables;
  • the unwillingness of business leaders to get engaged in, and take ownership of this change – electing to abdicate their accountability to the IT function; and
  • failure to inclusively and continually involve the stakeholders affected by the change, without whose understanding and “buy in” failure is pretty much a foregone

 

What a difference four years makes

OK – that’s (probably more than) enough of a recap – I’m now going to fast forward some 4 years (a lifetime in the digital world) to today, 2017. While the challenge of creating and sustaining value from our use of technology described above is still real, our failure to address it, along with an almost total failure of leadership – technical, business and government leadership, have brought us into an increasingly dark place – one that I think few of us saw coming, certainly not unfolding as it is. I call this place “the Dark Side of Digital”. I alluded to it in 2013 in discussing IOT, robotics and algorithmic computing, when I said that they brought with them “unprecedented challenges in security, data privacy, safety, governance and trust…(and) have considerable potential to change the nature of work” – I would now revise and add to the latter saying “…have considerable potential to fundamentally impact the future of work and, indeed, the future of society”.

The elements of this dark side fall into three main categories:

  1. Cybersecurity: This is the most traditional category – one that, albeit not so- named, has been with us since the advent of computers, when cards, tapes or
    other media could be lost/stolen. However, as our connectedness continues to increase, so does our susceptibility to cybersecurity attacks, with a growing number of such threats arising out of machine-to-machine learning and the Internet of Things. There are nearly 7 billion connected devices being used this year, but this is expected to jump to a whopping 20 billion over the next four years. Most cybercriminals are now operating with increasing levels of skill and professionalism. As a result, the adverse effects of cyber-breaches, -hacks, or –attacks, including the use of ransomware and phishing continue to escalate resulting in increased physical loss and theft of media, eroding competitive advantage and shareholder value, and severely damaging reputations. More severe attacks have the capacity to disrupt regular business operations and governmental functions severely. Such incidents may result in the temporary outage of critical services and the compromise of sensitive data. In the case of nation-state supported actors, their attacks have the potential to cause complete paralysis and/or destruction of critical systems and infrastructure. Such attacks have the capacity to result in significant destruction of property and/or loss of life. Under such circumstances, regular business operations and/or government functions cease and data confidentiality, integrity, and availability are completely compromised for extended
  1. The Future of Work: The fear that technology will eliminate jobs has been with us pretty much since the advent of the first commercial computers, but, until the last few years, the argument that new jobs will appear to replace the old has largely held true. Now however, the revolutionary pace and breadth of technological change is such that we are experiencing a situation in which, as recently described by the Governor of the Bank of England, Mark Carney.

“Alongside great benefits, every technological revolution mercilessly destroys jobs & livelihoods well before new ones emerge.”

Early AI and IOT systems are already augmenting human work and changing management structures across labor sectors. We are already seeing, and can expect to continue to see uneven distribution of the of AI impact across sectors, job types, wage levels, skills and education. It’s very hard to predict which jobs will be most affected by AI-driven automation.

While, traditionally, low-skill jobs have been at the greatest risk of replacement from automation, as Stephen Hawking says, the “rise of artificial intelligence is likely to extend job destruction deep into the middle classes, with only the most caring, creative or supervisory roles remaining.” He goes on to say that “we are at the most dangerous moment in the development of humanity”.

  1. The Future of Society: On the societal front, a paradigm shift is underway in how we work and communicate, as well as how we express, inform and
    entertain ourselves. Equally, governments and institutions are being reshaped, as are systems of education, healthcare and transportation, among many others.

AI and automated decision making systems are often deployed as a background process, unknown and unseen by those they impact. Even when they are seen, they may provide assessments and guide decisions without being fully understood or evaluated. Visible or not, as AI systems proliferate through social domains, there are few established means to validate AI systems’ fairness, and to contest and rectify wrong or harmful decisions or impacts. Professional codes of ethics, where they exist, don’t currently reflect the social and economic complexities of deploying AI systems within critical social domains like healthcare, law enforcement, criminal justice, and labor. Similarly, technical curricula at major universities, while recently emphasizing ethics, rarely integrate these principles into their core training at a practical level[1]. As Mike Ananny and Taylor Owen said in a recent Globe and Mail article[2], there is “a troubling disconnect between the rapid development of AI technologies and the static nature of our governance institutions. It is difficult to imagine how governments will regulate the social implications of an AI that adapts in real time, based on flows of data that technologists don’t foresee or understand. It is equally challenging for governments to design safeguards that anticipate human-machine action, and that can trace consequences across multiple systems, data-sets, and institutions.” This disconnect is further adding to the erosion of trust in our institutions that we have been seeing over several decades.

Adding to the threats to society is the proliferation of internet and social media. In a world where we can all be publishers, we see shades of Orwell’s 1984 in a post-truth word of alternate facts, and fake news. Rather than becoming a more open and collaborative society, we see society fracturing into siloed echo- chambers of alternate-reality, built on confirmation bias, and fed by self-serving populist leaders, posing dangerously simplistic solutions – sometimes in tweets of 140 characters or less – to poorly understood and increasingly complex issues.

 

So, what do we need to do?

The complexity of these challenges, and their interconnectedness across sectors make it a critical responsibility of all stakeholders of global society – governments, business, academia, and civil society – to work together to better understand the emerging trends.

If business leaders expect to harness the latest technology advances to the benefit of their customers, business and society at large, there are two primary challenges they need to address now.

  1. As companies amass vast amounts of personal data used to develop products and services, they must own the responsibility for the ethical use and security of that information. Ethical and security guidelines for how data is collected, controlled and ultimately used are of paramount concern to customers, and rightfully so. To gain the trust of customers, companies must be transparent and prove they employ strong ethical guidelines and security standards.
  1. It is incumbent on organizations to act responsibly toward their employees and make it possible for them to succeed in the rapidly changing work environment. That means clearly defining the company vision and strategies, enabling shifting roles through specialized training, and redefining processes to empower people to innovate and implement new ways of doing business to successfully navigate this new and ever-changing

As a society, if we are to avoid sleepwalking into a dystopian future, as described in 2013 by internet pioneer Nico Mele as one “inconsistent with the hard-won democratic values on which our modern society is based… a chaotic, uncontrollable, and potentially even catastrophic future”, we must recognize that technology is not destiny – institutions and policies are critical. Policy plays a large role in shaping the direction and effects of technological change. “Given appropriate attention and the right policy and institutional responses, advanced automation can be compatible with productivity, high levels of employment, and more broadly shared prosperity.”

The challenge is eloquently described by WEF founder and executive chairman, Dr. Klaus Schwab.

“Shaping the fourth industrial revolution to ensure that it is empowering and human- centred, rather than divisive and dehumanizing, is not a task for any single stakeholder or sector or for any one region, industry or culture. The fundamental and global nature of this revolution means it will affect and be influenced by all countries, economies, sectors and people. It is, therefore, critical that we invest attention and energy in multi- stakeholder cooperation across academic, social, political, national and industry boundaries. These interactions and collaborations are needed to create positive, common and hope- filled narratives, enabling individuals and groups from all parts of the world to participate in, and benefit from, the ongoing transformations.”

 

A call to action!

We need, as Dr. Schwab goes on to say, to “…take dramatic technological change as an invitation to reflect about who we are and how we see the world. The more we think about how to harness the technology revolution, the more we will examine ourselves and the underlying social models that these technologies embody and enable, and the more we will have an opportunity to shape the revolution in a manner that improves the state of the world.”[3]

We cannot wait for “them” to do this – as individuals, we can and must all play a leadership role as advocates in our organizations and communities to increase the awareness and understanding of the changes ahead, and to shape those changes such that, as Dr. Schwab says, they are empowering and human-centred, rather than divisive and dehumanizing.

[1] Source: The AI Now Report, The Social and Economic Implications of Artificial Intelligence Technologies in the Near-Term, A summary of the AI Now public symposium, hosted by the White House and New York University’s Information Law Institute, July 7th, 20

[2] Ethics and governance are getting lost in the AI frenzy, The Globe and Mail, March 20, 2017

[3] Source: The Fourth Industrial Revolution: Risks and Benefits, Wall Street Journal, Feb 24, 2017

Digital Leadership – Much More Than IT Leadership

There has been much discussion of late on who should be responsible for “digitization”. The role of the CIO is being continually questioned, particularly as it relates to the CMO, and. a new position, the CDO, is appearing. And, of course, let’s not forget the CTO. A recent post by Michael Krigsman describing Intel’s IT leadership and transformation pyramid got me thinking yet again about this. The pyramid, shown below, is a brilliantly simple depiction of how digital leadership must evolve (in my words) from an operational “factory” to a business partner to a transformational leader.

 

intel-it-transformation-pyramid

As Michael Krigsman says, “The pyramid reflects the complex reality of IT / business relationships and the need for IT to deliver at multiple levels simultaneously.” This reminded me of discussions I had in New York last month at the Innovation Value Institute (IVI) Spring Summit around their IT Capability Maturity Framework (IT-CMF). The discussion centred around the digital economy, and the fact that organizations are taking an increasingly business-centric view of IT, with the focus shifting from the delivery of the “T” to the use of the “I”. That technology itself, how technology is delivered, how it is used, and by whom are changing at an ever-increasing rate. And that this is blurring the roles and responsibilities of IT and the Business functions, and giving rise to a fundamental rethinking of how IT, and it’s delivery and use is governed and managed, and the capabilities that are required to ensure and assure that the use of technology contributes to creating and sustaining business value.

In an earlier post, The Digital Economy and the IT Value Standoff, I reiterated my long-leld view that the business change that IT both shapes and enables must be owned by business leaders, and they must accept accountability, and be held accountable for creating and sustaining business value from that change. This cannot be abdicated to the IT function. Yet today, in all too many cases, we have a stand-off where the business doesn’t want to take ownership, and the IT function doesn’t know how, or doesn’t want to give up control.

The key question that arose from the Summit discussion was “Why can’t we get our business leadership engaged in this discussion?” Certainly not a new question – how to do so was essentially the underlying theme of The Information Paradox when it was first published back in 1998. The answer to the question, going back to the leadership pyramid, is that the IT organization has to achieve operational excellence before it can start to change the conversation from bottom-up delivery of technology to top-down value from business change. This requires a maturity level of around 2.5, where 5 is the highest maturity – most organizations are still not yet at this level, most being somewhere between 1 and 2.

So, what does this mean for the CIO? Much has been written about CIOs themselves having to transform to fulfil the 3 leadership roles of the pyramid – running the factory, partnering with the business for value, and strategic transformational leadership. There is no doubt that all these roles are required – but is it reasonable, or necessary to expect that they will be found in one individual. Certainly, there are CIOs who have stepped up to the plate, but many more that haven’t, and possibly cannot.  Professor Joe Peppard at the  European School of Technology and Management in Berlin has put many hundreds of participants through an IT leadership program. He describes in a recent article how, using Myers Briggs typing, he has found that 70% of CIOs fall into one particular type: ISTJs (Introversion, Sensing, Thinking, Judging). Further, along the dimension of where they get their energy, 85% have a preference for introversion. In terms of moving up the pyramid, the very things that may contribute to success in their technology role, can be what leads to downfall in a business leadership position. Even where an individual does have the ability to handle all 3 levels, the day-to-day operational demands all too often leave little time for the other 2 levels. Demands that, while they will definitely change with the advent of the cloud and “everything as a service”, will not go away.

The real issue here is not so much, as Michael Krigsman says, “the need for IT to deliver at multiple levels simultaneously”, but understanding the range of digital leadership capabilities and responsibilities required in the digital economy, and where they should reside. The answer is not as simple as renaming the CIO position, getting a new CIO, or appointing a few new CXOs. It requires recognizing that digitization cuts across organizational silos, and across all levels of organizations.. It will take digital literacy and collaboration across the C-suite to ensure that their organization has, as EY’s David Nichols said in a recent CIO Insight interview, “an integrated and holistic plan to really leverage digital”. It will also require recognizing that the digital economy both enables and requires a different view of leadership. As Sally Helgesen said in a recent post, “‘Leadership’ isn’t Just for Leaders Anymore”, leadership no longer, or should no longer equate with positional power and has, or should become broadly distributed.

If organizations are to succeed in the digital economy, they cannot constrain themselves to the knowledge of a few individuals – to put it a more brutal way, they cannot be constrained by the habits or ego(s) of their leader(s)! Organisations must tap into the collective knowledge of all their people. We need effective governance that reaches out to and involves key stakeholders – retaining appropriate accountability, based on the law of subsidiarity – an organizing principle that matters ought to be handled by the smallest, lowest or least centralized competent authority. This means locating accountability and decision-making at the most appropriate level, while supporting decisions with broader and more knowledgeable input.

As a former colleague of mine, Don Tapscott,  has said for decades “Leadership can come from anywhere”. For organizations to survive and thrive in the digital economy, this is not an option!

Set up to Fail: Managing Digital Transformation as an IT Project

This post is an extended version of one developed jointly with Professor Joe Peppard of the European School of Management and Technology in Berlin which appeared previously as an HBR blog on May 15th, 2014.
failureSir Christopher Kelly, a former British senior civil servant, recently produced a damning report that reviewed the events which led to the £1.5 billion capital shortfall announced by the UK’s Co-operative Bank in June 2013. Running to 158 pages, it describes what happened, identifies the root causes and draws out lessons.

One section highlights the problems encountered as the bank attempted to replace its core banking systems, a programme that was cancelled in 2013 at a cost of almost £300 million. The report underlined a series of significant leadership and management failings that were to blame for the spiraling IT costs which contributed to the bank’s capital shortfall. This shortfall resulted in the Co-op Group ceding control of the bank to bondholders, including a number of U.S. hedge funds.

The investment objectives of the IT-transformation programme were laudable; leapfrogging the competition and gaining an advantage, through improved customer relationship management and quicker delivery of new products. Indeed, the age and complexity of the legacy systems meant that the bank’s technology platform was unstable, expensive to maintain, complex to change, and ill-equipped to support its current and future business requirements. There were particularly severe problems with the functionality of the online business-banking platform. These weaknesses resulted in high running costs, upgrading to comply with new regulatory requirements eating up considerable resource, and significant operational risk. It appeared to be an attractive investment.

However, Sir Christopher wrote: “The weight of evidence supports a conclusion that the programme was not set up to succeed. It was beset by destabilizing changes to leadership, a lack of appropriate capability, poor co-ordination, over complexity, underdeveloped plans in continual flux, and poor budgeting. It is not easy to believe that the programme was in a position to deliver successfully.” The bottom line – the benefits of the investment may have been attractive, but they were not achievable!

Not set up to succeed is a key phrase. More worryingly, the factors identified in the report as contributing to the failure are ones that we all too frequently encounter when we review challenged or failed projects. All of the reasons identified are well known and serve to highlight a low level of digital literacy across c-suites, and the failure of corporate governance and leadership to make informed IT investment decisions.

The report noted: “If the programme was ever to have had a chance of succeeding it would have had to have been robustly managed by people with the right capabilities and experience using the best possible project management discipline.” It went on to emphasize “It would also have had to be subject to searching challenge and scrutiny at Board, Executive and programme management levels. The Bank did not provide any of these things to the extent necessary to ensure success.”

Non-executive directors were also in Sir Christopher’s cross-hairs. He wrote: “It is unreasonable to expect non-executive Board members to audit information provided to them in detail. But it is their responsibility to question it [our emphasis]. It is difficult to avoid the conclusion that both Board and Executive failed to interrogate the programme sufficiently closely and paid inadequate attention to its obvious difficulties until it was too late.” Moreover, he found that former members of the Board’s Banking Transformation Programme Sub-Committee who, he noted, “should have been better placed than other directors to understand the programme, described being surprised that it failed.” His damning critique: “They should not have been.”

In our work, we find that not only are boards ill-equipped to deal with digitization but neither are many executive management teams. Most seem happy to abdicate anything to do with IT to their chief information officer (CIO). This is merely setting up the investment to fail.

Research that we have conducted reveals that leadership teams play a pivotal role in determining whether or not their organizations exploit the innovative opportunities provided by IT. Realizing value from IT or, more accurately, the change that IT both shapes and enables, requires the CEO’s attention and oversight. CEOs set the tone for IT, and their active participation determines whether their organization optimizes the return from spending on IT. Most leadership teams don’t seem to understand this, or quite know what they should do. The fiasco at the Co-op starkly illustrates this.

We have developed a simple yet powerful framework that leadership teams can use to navigate the digital landscape and avoid the kinds of problems that the Co-operative Bank suffered. It helps to ensure that they:

  • make informed decisions, balancing the attractiveness of an investment with their organization’s capability to achieve the desired business outcomes; and
  • continue to effectively monitor and assure the achievement of those outcomes.

The framework is based on four business-focused questions that are at the core of effective governance of IT that every member of a leadership team should have in his or her head. We call these questions, which were originally introduced in The Information Paradox,  the four “ares” .

Are #1 – Are we doing the right things?

This is the strategic question. The first accountability of the CEO is to clearly and regularly communicate what constitutes value for the enterprise and the strategic objectives to which all investments must contribute, against which their performance will be measured. The second, is ensuring, through the initial investment selection process and regular portfolio reviews, that resources are allocated to investments that are both aligned with, and have the greatest potential to contribute to the strategic objectives.

In the case of the bank, while the strategic rationale for the investment was not in question, as the report noted, the bank “was over-estimating its capability to deliver such a complex programme.” Evaluating such risks is a key consideration is assessing any IT investment, especially one that is part of a major transformation. Two key questions are: “Do we understand the extent of change required for this investment to succeed? And is this achievable?” An investment of such complexity and risk had not been successfully undertaken by any UK full-service bank, or, with limited exceptions, any major banks in Europe or North America.

Moreover, the initiative also seems to have been championed by the CIO and when he left the organization in 2008 nobody on the leadership team took up the mantle, and the drive to make the investment a success seemed to have been lost. Although we are going beyond the evidence in the report, we do not think that it is unreasonable to suggest that the investment was considered as a technology programme and not a business change initiative.

Are #2 – Are we doing them the right way?

This is the architecture question. Because this question is usually thought of as relating to technical architecture, it is generally considered by CEOs as a technical issue and the domain of the CIO. Nothing could be further from the truth. What we are advocating here is a broader view of architecture – enterprise architecture – which has both organizational and technology components. The CEO is accountable for ensuring that there is an appropriate enterprise architecture in place.

Key questions here are: “Is our investment in line with our enterprise architecture?” and “Are we leveraging synergies between our investments?” The Kelly report didn’t consider this question, so we cannot comment specifically as to whether adequate consideration was given to the extent of process standardization and the degree of integration across all businesses. However, the observations in the report suggest that, if such consideration had been given, it may have raised a number of flags. As a full service retail bank, that also serves small and medium-sized enterprises, the Co-op provides a variety of products and services (e.g. deposit taking, lending, credit cards and payments) to customers via internet, mobile and branch channels, getting the overall operating model design right is paramount.

Are #3 – Are we getting them done well?

This is the delivery question. Although this is the area where there is a significant body of knowledge, it is the one where the failure of governance continues to result in significant and very visible failures. We continually find that most major transformation initiatives end up being managed as IT projects with responsibility abdicated to the CIO. Key questions here are: “Do we have effective and disciplined delivery and change management processes?” and “Do we have competent and available technical and business resources to deliver the required capabilities, and the organizational changes required to leverage them?”

This is clearly where the investment floundered. As the report states, “the Bank neither had the requisite levels of discipline before the programme began, nor built it during the programme.” Communication and coordination between different parts of the business involved in the programme was weak. Dysfunctional and unconstructive working relationships across these areas did not help matters. There was also a lack of clarity as to responsibilities for deliverables, with interviewees for the report describing “managers managing managers, managing managers.” A Board Sub Committee was supposed to provide closer oversight of the transformation programme, but, as Sir Christopher reported, the figures were neither analyzed in sufficient detail nor with sufficient consistency to give it insight into key drivers of cost escalations. The message consistently given to the board was that it was making satisfactory progress. Programme managers succumbed to communicate matters in a favorable light whenever possible. This obviously has a deeper organizational cultural implication.

Are #4 – Are we getting the benefits?

This is the value question. Surprisingly, this is the question that receives the least attention in most enterprises: few measure or assess whether expected benefits have been delivered. As in the case of the strategic question, this question cannot be delegated to the CIO although, all too often, is. In ensuring that expected benefits are realized and sustained, the CEO is accountable for maximizing value from the portfolio of business change investments. Key questions here are: “Do we have a clear and shared understanding of the expected benefits from the investment?” and “Do we have clear and accepted accountability for realizing the benefits, supported by relevant metrics?” The Kelly Report notes that there was a failure to develop a detailed business case and a complete lack of consistency about the expected benefits across the programme.

 

Addressing the four “ares” is not just something to be done on a one-time basis to secure funding for any proposed investment. Nor can they be addressed in a sequential, or “waterfall,” way. They must all be considered, both individually and collectively, on an on-going basis to ensure that value is realized from investments in IT- enabled change. Boards should ask these questions, and expect that CEOs and/or other executives will be able to answer them – not just at the time of the initial investment decision, and on an on-going basis. CEOs may balk at this, but they need to recognize that in today’s digital economy IT is increasingly embedded in all aspects of their business, and creating and sustaining value from the change that IT both shapes and enables, falls within their realm of accountabilities. The consequences of failing to do so are starkly illustrated by the Co-operative Bank’s crisis.

You can find more about the four “ares” here.

Transforming governance and leadership for the digital economy

The digital economy

DE
The digital economy is not primarily about technology, nor is it just about the economy. Yes, it is being shaped and enabled by increasingly significant and rapid technological change. And, yes, it will have significant economic impact. But it is much more than that. It is part of a broader digital revolution. One in which, as in the case of the industrial revolution, we will see seismic shifts not just in technology, but in the nature of our lives, our work, our enterprises – large and small, public and private, and our societies. A shift that will not just change the nature of products and services, and how they are developed and delivered, but also how we govern and manage our lives, work, enterprises and societies.

Technology is becoming embedded in everything we as individuals, enterprises and societies do, and, indeed, we are increasingly becoming embedded in everything technology does. If we are to deliver on the promise of the digital revolution, we have to acknowledge that the way we have governed and managed IT in the past has proven woefully inadequate, and that continuing on this path will be a huge impediment to delivering on that promise. Governance of IT has been a subject of much discussion over the last two decades. Unfortunately, most of the discussion has focused on the technology, the cost of technology, failed IT projects, and generally questioning the value that technology and the IT function deliver to the enterprise. Despite all this discussion, not much has materially or broadly changed over the last 50 years, including:
• An all too often blind focus on the technology itself, rather than the change – increasingly significant and complex change – that technology both shapes and enables;
• The unwillingness of business leaders to get engaged in, and take ownership of this change – preferring to abdicate their accountability to the IT function;
• Failure to inclusively involve the stakeholders affected by the change, without whose knowledge, understanding and “buy in” failure is pretty much a foregone conclusion;
• A lack of rigour at the front-end of an investment decision, including, what is almost universally a totally ineffective business case process;
• Not actively managing for value; and
• Not managing the journey beyond the initial investment decision.

We still have what is predominately a “culture of delivery” – “build it and they will come”, rather than a “culture of value” – one that focuses on creating and sustaining value from an organization’s investments and assets.

We have been having the wrong conversation – we need to change that conversation!

Governance of “IT”

GovernanceTreating IT governance as something separate from overall enterprise governance, labeling and managing investments in IT-enabled business change as IT projects, and abdicating accountability to the CIO are the root cause of the failure of so many to generate the expected payoff. Business value does not come from technology alone – technology in and of itself is simply a cost. Business value comes from the business change that technology both shapes and enables. Change of which technology is only one part – and increasingly only a small part. Technology only contributes to business value when complementary changes are made to the business – including increasingly complex changes to the organizational culture, the business model, and the operating model, as well as to relationships with customers and suppliers, business processes and work practices, staff skills and competencies, reward systems, organizational structures, physical facilities etc. Ultimately, it is people’s intelligent and innovative use of the information captured, organized, distributed, visualized and communicated by technology that creates and sustains value. This is not a technology issue – it is a business issue.

Much of the discussion around the digital economy today is on improving the customer experience – as indeed it should be, although we have been saying the same for decades with, at best, mixed success. We will come nowhere close to achieving this unless we put equal focus on our people, and rethinking how we govern, manage and organize for the digital economy such that we maximize the return on our information and our people.

Surviving and thriving in the digital economy is not an IT governance issue, it is an enterprise governance issue. Successfully navigating the digital economy requires that we change how we govern, lead and manage our enterprises – including, but certainly not limited to IT.

What needs to change?

ChangeIn work I have been doing with Professor Joe Peppard at the European School of Management and Technology in Berlin, we have identified 8 things that business leaders, starting with the CEO, need to do. These are:
1. Don’t see IT as something separate from your core business – technology today is embedded in, and an integral part of most, if not all parts of your business processes.
2. Don’t focus on the technology alone – focus on the value that can be created and sustained through the business change that technology both shapes and enables.
3. Do recognize that you are ultimately accountable for the overall value created by all business change investments – and ensuring that accountability for the realisation of business benefits anticipated from each investment is appropriately delegated to, and accepted by, other executives and managers.
4. Do demand rigorous analysis of every proposed business change investment, whether or not IT is involved. Ensure that you and your team know and can clearly define expected outcomes, that there is a clear understanding of how value is going to be achieved, that all relevant stakeholders have bought in to the required changes, and that they are capable of making or absorbing them and delivering on the expected outcomes.
5. Do recognize that the business case is the most powerful tool that you have at your disposal to manage business change investments – insist on complete and comprehensive business cases, including desired outcomes, benefits, costs and risks, and clear explanation of how each benefit will be achieved with unambiguously assigned accountabilities, supported by relevant metrics.
6. Do recognize that benefits don’t just happen and rarely happen according to plan – outcomes and plans will change – don’t think business case approval is the end of the story. Mandate that the business case be used as the key operational tool to “manage the journey”, updated to reflect relevant changes, and regularly reviewed.
7. Do know if and when it’s time to stop throwing good money after bad, or when there are better uses for the money and “pull the plug.”
8. If your CIO doesn’t “get” the above points, and hasn’t already been talking to you about them, get one who does and will!

Enterprise governance must evolve beyond a model rooted in a culture of delivery (of technical capabilities) to one based on a culture of value – creating and sustaining value from investments and assets. In the context of IT, this means recognizing that we are no longer dealing with “IT projects”, but with increasingly complex programmes of organizational change.

Leadership

LeadershipThe most important aspect of governance is leadership. Effective governance in the digital economy requires that leaders truly lead – moving beyond tactical leadership to strategic and transformational leadership. Understanding and taking ownership of the organizational, cultural and behavioural change that will be required to succeed in the digital economy – change that starts with the leaders themselves. We also need to get away from the cult of the leader to a culture of pervasive leadership. As Joel Kurtzman says in his book, Common Purpose, leaders need to move beyond the traditional “command and control” model to establishing a ”common purpose” and creating a “feeling of ‘we’ among the members of their group, team or organization”. This will require leaders who can “park”, or at least manage their egos, break down silos, and really engage with and empower all employees – fostering leadership across and at all levels in the organization. It will also require a dynamic, sense and respond approach to enterprise governance – one that is focused on value, while balancing rigour with agility. Only then will the full potential value of IT-enabled change in the digital economy be realized. The technology exists to support this today – what is lacking is the leadership mindset, will and capability make the change.

There is certainly not for a lack of proven value management practices. Since The Information Paradox was published, there has been an ever-growing proliferation of books, frameworks, methods, techniques and tools around the topic. The issue is the lack of serious and sustained adoption of them. The real challenge is one of overcoming the “knowing – doing gap”, as described by Jeffrey Pfeffer and Robert Sutton in their book of the same name. We know what to do, and the knowledge is available on how to do it. Yet, so far, there has simply been little or no appetite for, or commitment to the behavioural change required to get it done, and stick with it. This has to change!

As I said in my previous post, this will not be easy to do – very little involving organization, people and power is. However, the cost in money wasted and, more importantly, benefits and value lost, eroded or destroyed is appalling. It’s way past time to move beyond word to action. For enterprises to survive, let alone thrive in the digital economy, and for the potential individual, community and societal benefits of the digital economy to be realized, the status quo is not an option! To quote General Erik Shinseki, a former Chief of Staff of the US Army, “If you don’t like change, you’re going to like irrelevance even less!“

Partnering for Value in the Digital Universe – a Call to Action

Technology per se is just a cost – it is how the business uses technology, and manages the change that technology both shapes and enables,  that determines whether the technology contributes to business value. Over the last few decades, the way that we use technology – and who uses it, has changed dramatically. Yet one thing that has not changed is the on-going questioning of the value received from our investments involving technology. As we move into an increasingly digital universe, there has never been a more critical time to address this question.

As I discussed in a previous post – the “IT value” standoff, as long as boards, business executives and line of business (LOB) managers continue to view this as a technology issue, and fail to accept appropriate responsibility and accountability, and the CIO and the IT function either see their responsibility and accountability ending with the delivery of the technology capability, or are unwilling to “let go”, often because they have no confidence in the LOB managers to get the job done, we will continue to fall far short of realizing the full potential of the digital universe.

What has been lost in all this is the understanding  of, and accountability for managing the increasing breadth and depth of business change that technology both shapes and enables, and which is required if value is to be created and sustained! We need to change the conversation – to change it from one largely about the cost of delivery of technology to one focused on creating and sustaining value from business change.

Business value will only be realized from our increasingly significant and complex investments in IT-enabled change when complementary changes are made in the business – including changes to the organizational culture, business and operating models, business processes and practices, people’s work, and the skills and competencies required to successfully get the work done, reward and incentive systems, organizational structures, physical facilities etc.

All this is blurring the roles and responsibilities of IT and the business functions, and  giving rise to a fundamental rethinking of how IT, and it’s delivery and use is governed and managed, and the capabilities that are required to ensure and assure that the use of technology contributes to creating and sustaining business value.

In the 1998 edition of The Information Paradox,  I introduced the “Four Ares” as the key questions that must be addressed by governance. Subsequently, in the 2008 update, I introduced the Strategic Governance Framework (SGF), relating it to the then emerging digital economy, and described the 10 key management domains that must be included in any governance framework. In the remainder of this post, I will reintroduce and briefly describe both the “Four Ares”, and the SGF (somewhat further evolved since  2008). I will then use a combination of both to illustrate the responsibilities of the board, executive management, LOB management and IT management related to value.

The four “ares”

Slide1

As we said in The Information Paradox, “ Tough questioning is critical to get rid of silver bullet thinking about IT and lose the industrial-age mind-set that is proving extremely costly to organizations.  Asking the four “ares,” in particular, helps to define the business and technical issues clearly, and thus to better define the distinctive roles of  business executives and IT experts in the investment decision process. Are 1, Are we doing the right things? and Are 4, Are we getting the benefits?  raise key business issues relating to both strategic direction and the organization’s ability to produce the targeted business benefits.  Are 2, Are we doing them the right way?  raises a mix of business and technology integration issues that must be answered to design successful [IT-enabled] change programs.  Are 3, Are we getting them done well?  directs attention to traditional IT project delivery issues, as well as to the ability of other business groups to deliver change projects.”

Strategic Governance Framework (SGF)

Slide2

The first, and overarching element of the framework is Value Governance  – governance being  traditionally defined as the system by which enterprises are directed and controlled and as a set of relationships between a company’s management, its board, its shareholders and its other stakeholders.  Value Governance establishes how direction and control is accomplished within and across the other 10 elements of the framework which I refer to here as “management domains”. This direction and control will have both compliance and performance aspects, both of which must be considered. From a performance standpoint (and to some extent compliance in the case of risk) I add the dimensions of cost, benefit and risk across the Strategic Governance framework to show that these factors are not independent, and have to be taken into consideration when decisions are being taken in or across the management domains. The ten “management domains” are:

  • Strategy Management – Defining the business…mission, vision, values, principles, desired outcomes and strategic drivers to provide direction and focus for understanding, configuring and managing assets to deliver the greatest value.
  • Architecture Management – Understanding, communicating and managing the fundamental underlying design of the components of the business system, the relationships between them and the manner in which they support the enterprise’s objectives.
  • Portfolio Management –  Managing the evaluation, selection, monitoring and on-going adjustment of a grouping of investment programmes and resulting assets to achieve defined business results while meeting clear risk/reward standards.
  • Investment Management – Managing the full life cycle of an investment decision, using the business case throughout the life cycle to ensure a continued focus on value from the initial idea/concept (ideation) through to the retirement of the resulting new or improved assets.
  • Asset management – Managing the acquisition, use and disposal of assets to make the most of their service delivery potential and manage the related risks and costs over their entire life (source: Vicnet, State of Victoria, Australia).
  • Programme Management – Managing the delivery of change around business outcomes through a structured grouping of activities (projects) designed to produce clearly identified business results or other end benefits.
  • Project Management –  Managing a group of activities concerned with delivering a defined capability required to achieve business outcomes based upon an agreed schedule and budget.
  • Management of Change – A holistic and proactive approach to managing the transition from a current state to a desired state
  • Operations Management – Managing the production of goods and/or services efficiently  – in terms of converting inputs (in the forms of materials, labor, and energy) into outputs (in the form of goods and/or services) using as little resources as needed, and effectively – in terms of meeting customer requirements.
  • Performance Management – The definition, collection, analysis and distribution of information relevant to the management of investment programmes and assets so as to maximize their contribution to business outcomes.

While the framework may at first look intimidating, it should not be seen as such. Many, if not all functions within these domains are already being done to a greater or lesser extent in enterprises today, often in many different ways, with little communication or interraction between them. It is the management of the critical relationships between these “management domains” which, if managed well, can provide tremendous strategic advantage to enterprises, but which, if not managed well, can have serious, if not catastrophic consequences. If enterprises are to maximize the value from their investments in IT-enabled change, or any form of change, these relationships need to be understood, and managed within a dynamic, “sense and respond” governance framework.

The four “ares” and the SGF

Slide3

The figure above summarizes the primary areas of focus for each of the four “are” questions, indicating where accountabilities lie, and highlights the relevant SGF domains. The key elements of this include: 

  • Managing IT investments through a portfolio of business change programmes;
  • Developing comprehensive and consistent business cases describing: the expected outcomes; ownership of, and accountability for, the outcomes; the full scope of the change required to achieve the outcomes; the expected contribution of each change to the outcome(s); risks to the achievement of outcomes; and metrics.
  • Objective evaluation criteria enabling prioritization and selection of investments.
  • Inclusive and on-going engagement of all the stakeholders affected by the change.
  • On-going Management of the “journey”, including:
    • Using the updated business case as the key management tool; and
    • A strong gating process for progressive commitment of resources to ensure that, when thing are not going to plan, timely corrective action can be taken, including changing course, revisiting/changing the outcomes, or cancelling the program.
  • Capturing, reviewing and acting upon lessons learned so that mistakes are not repeated, and value continues to be maximised.

A call to action

I don’t want to imply that all this is easy. Working with CEOs and leadership teams I invariably get pushback when I present a way forward as it is seen as complex and time consuming. Well, getting IT right is difficult! But what is the alternative? Highly visible failed investments (that can increasingly put the very existence of the enterprise in jeopardy), with even more time and resources spent trying to find what went wrong (and often where to lay blame), and the loss of potential competitive opportunities? It is imperative that the accountabilities, roles and responsibilities of the board, executive management, LOB management, and IT management are clearly defined, understood and accepted. The impact of not doing so was relatively minor when we were merely automating well-defined tasks, became more serious, sometimes disastrous,  as we moved into integrating and using information across enterprises, and will be catastrophic as we move into the digital universe.  A universe where technology is embedded in everything we do – indeed, one in which we are becoming increasingly embedded in everything technology does, and in which everything and everyone will be connected anywhere, any time, and there will be data about everything and analytics for anyone.

The CFO of a Fortune 100 company that I worked with once confided: “I know the way we are doing things isn’t working, but I don’t know a better way.” Well, there is a better way! A better way that is not simply about thinking differently about IT, although that is a necessary pre-condition, but about doing things differently. A better way that is about boards, the C-suite, LOB and functional  management, including IT recognizing, understanding and accepting their accountability for creating and sustaining value from investments in IT-enabled change and driving that accountability down through their organisations. If enterprises are to survive, let alone thrive in the rapidly evolving digital economy, the status quo is not an option. The cost of resources wasted and, more importantly, benefits and value lost, eroded or destroyed is appalling – its way past time for all business leaders to move beyond words to action!

Value from IT – There is a Better Way!

I have just returned from a hectic, but very successful couple of weeks in Australia. There I had the opportunity to meet with and talk to many people, including many CXOs, on the topic of “Delivering on the Promise of IT”. Overall, I was encouraged that there is more awareness of the need to do better when it comes to managing IT investments, but discouraged that there is still little awareness of how to do so, and even less appetite to take it on. As always, at the end of many sessions, a frequent reaction was “you have given us a lot to think about.” As I continue to say, we certainly need to think before we act, but thinking cannot be a substitute for action. A couple  of people echoed a comment that my friend Joe Peppard from the Cranfield  School of Management in the UK told me he had had from a senior executive of a European bank – “I didn’t know there was a better way.”

Well, there is a better way! As originally presented close to 15 years ago in The Information Paradox, proven Value Management practices exist, including, but certainly not limited to ISACA’s Val IT™ Framework, including:

  • Portfolio Management – enabling evaluation, prioritization, selection and on-going optimization of the value of IT-enabled investments and resulting assets;
  • Programme Management – enabling clear understanding and definition of the outcomes and scope of IT-enabled change programmes, and effective management of the programmes through to their desired outcomes;
  • Project Management – enabling reliable and cost-effective delivery of the capabilities necessary to achieve the outcomes, including business, process, people, technology, and organizational capabilities; and
  • Benefits Management – the active management of benefits throughout the full life-cycle of an investment decision.

This is illustrated in the figure below.

If enterprises are to successfully adopt and meaningfully use these practices, their leaders will have to change their behaviour. They will need to acknowledge that this is not an IT governance issue, it is an enterprise governance issue. Further, they will have to evolve from an enterprise governance model rooted in a culture of delivery (of technical capabilities) to one based on a culture of value – creating and sustaining value from investments and assets (for more on this, see a recent paper that I wrote with the Benefits Management SIG of the APM in the UK). In the IT context, this means recognizing that we are no longer dealing with “IT projects”, but with increasingly complex programmes of organizational change – change that is often both shaped and enabled by technology, but of which the technology is only a small part.

They should start by focusing on the business case. The business case sows the seeds of success or failure. Most today are woefully inadequate – based on “delusional optimism” and “strategic misrepresentation” (aka lying!), resulting in:

  • limited or no clarity around desired outcomes
  • limited or no understanding of the scope (“depth” and “breadth”) of change required to achieve the outcomes;
  • failure to balance “attractiveness” with “achievability” (including organizational change capacity, project and programme management capabilities); and
  • limited or no relevant metrics (both “lead” and “lag”).

In the context of IT, business cases must be owned by the business, and for any type of investment, used as a living, operational management tool to manage the full life cycle of an investment decision, and supported by the value management practices outlined above.

Again, in the context of IT, as Susan Cramm states in her book, 8 Things We Hate About IT, this will require  a significant  realignment of roles, responsibilities and accountabilities related to IT. There must be a partnership in which:

  • The IT function moves from providing infrastructure to being a broker of services (both internal and external – and increasingly external) while retaining responsibility and accountability related to fiduciary, economies of scale and enabling infrastructure;
  • Business units accept responsibility for defining the requirements for, meaningful use of, and value creation from these services; and
  • The IT function, as a trusted partner, helps the business:
    • Optimize value from existing services;
    • Understand the opportunities for creating and sustaining business value that are both shaped and  enabled by current, new or emerging technologies;
    • Understand the scope of business change required to realize value from those opportunities (including changes to the business model, business processes, people skills and competencies, reward systems, technology, organizational structure, physical facilities, etc.; and
    • Evaluate, prioritize, select and execute those opportunities with the highest potential value such that value is maximized.

The challenge here is not a lack of proven value management practices – it is the “knowing – doing gap”, as described by Jeffrey Pfeffer and Robert Sutton in their book of the same name. We know what to do, and (should know) how to do it. Yet, so far, here has simply been little or no appetite for, or commitment to the behavioural change required to get it done, and stick with it.

The cost in money wasted and, more importantly, benefits and value lost, eroded or destroyed is appalling. It’s way past time to move beyond word to action – the status quo is not an option!

There is a better way!

The Future of IT

After another couple of month’s silence precipitated by some minor surgery, the holiday season and, quite frankly, too much “same old – same old” news, a couple of articles have caused me to, once again, put my fingers to the keyboard.

The first, a blog – unfortunately his last with CIO.com, by Thomas Wailgum, IT in 2020: Will it Even Exist?, and the second by Marilyn Weinstein, again in CIO.com, The Power of IT Drives Businesses Forward. While the two titles might appear contradictory, I felt they were both saying the same thing in somewhat different ways, and that what they were saying is important – although not new.

In describing a new report from Forrester Research, “IT’s Future in the Empowered Era: Sweeping Changes in the Business Landscape Will Topple the IT Status Quo”, Thomas suggests that the question that lingers throughout the report is whether corporate IT, as we know it today, will even exist in 2020.

In the report, analysts Alex Cullen and James Staten identify three forces bearing down on IT that will likely have long-lasting ramifications. The three forces include: Business-ready, self-service technology (including cloud and SaaS adoption); empowered, tech-savvy employees who don’t think they need corporate IT; and a “radically more complex business environment,” notes the report.

Cullen and Staten write “The IT status quo will collapse under these forces, and a new model–empowered BT [business technology]–will take its place. Today’s IT and business leaders should prepare by rethinking the role the IT department plays and how technology staff engage the business, shifting from controlling to teaching and guiding.”

Well, whether it be these three forces or others, I certainly agree that the status quo is unacceptable and this rethink needs to take place – it should have taken place a long time ago.

In her article, Marilyn echoes a comment I have been making for well over a decade in saying “One of the most overused terms I’ve heard in the past few years as CEO of an IT consulting and staffing firm has to be the word “alignment.” With IT embedded in just about everything that we do, it is ridiculous. and dangerous, to continue to talk about alignment. As Marilyn goes on to say, “IT drives efficiencies. IT enables business. IT powers business success. The goal is not merely to align, but to get in front of the business goals and spearhead growth… IT does drive and enable business. It’s time for IT leadership to drive that point home. ” Again, the long overdue need for IT and business leaders to rethink the role the IT department plays and how technology staff engage the business.

The role of the IT leader, the CIO is indeed changing, or certainly should be. The CIO is accountable for delivering required technology services at an affordable cost with an acceptable level of risk. The business leadership is accountable for investing in, and managing and using technology such that it creates and sustains value for their organization – this cannot be abdicated to the IT function. But nor can it be done without the IT function – they have a key role to play here. The CIO, as the IT leader, is responsible for ensuring that their team works in partnership with other business leadership to help them:

  • optimize value from existing services;
  • understand the opportunities for business change enabled by current, new or emerging technologies;
  • understand the business changes they will have to make to realize value from these opportunities; and
  • select opportunities with highest potential value and execute such that value is maximized.

This requires moving beyond the current culture of delivery – based on a philosophy of “build it and they will come”, to a culture of value. This will further require moving beyond the current approach to IT governance – one that is again focused on delivery and the “factory” to a broader more strategic approach to enterprise governance – one that ensures that organizations have:

1. A shared understanding what constitutes value for the organisation;

2. Clearly defined roles, responsibilities and accountabilities, with an aligned reward system;

3. Processes and practices around value management, including portfolio, programme and project management, supported by complete and comprehensive business cases, with active benefits and change management; and

4. Relevant metrics, both “lead” and “lag”.

The Val IT Framework 2.0™ provides, in Section 6 – Functional Accountabilities and Responsibilities, a summary of the roles of IT and business leadership required to support this approach.

In the Afterword of the revised edition of The Information Paradox, I introduced a Strategic Governance Framework. Since that time, as well as working with ISACA in leading the development of The Val IT Framework, I have continued to refine that framework into what I now refer to as the Strategic Enterprise Governance Framework. Over the next few months, I will be introducing this framework, and describing each of the ten major elements that it comprises.

Moving to such a governance approach is a business imperative, one which is itself a major change programme that will take time to plan and implement, and also for the benefits to be achieved. We will not however come anywhere near realizing the full potential value of IT-enabled change until we do so. It is time to move beyond words and place an emphasis on action. This will require strong leadership, and engagement and involvement at every level of the organisation.

Addressing the Behavioural Challenges

In my previous post, Behavioural Change – The Crux of the Value Challenge, I suggested that we don’t need any more frameworks – there is no shortage of books, frameworks, methods, techniques, tools etc. to address the effective governance and management of IT and the use of IT to create and sustain value. It is the adoption of these that is painfully slow. It is human behaviour – or rather our inability to change it –  that is at the core of the challenge. I am currently working – both individually and with others – on a number of initiatives around the need to change how we think, manage, and act – to change behaviour – both individual and group behaviour – from the Boardroom to the front-line.

I also said that I would be looking for ways to broaden the dialogue and to engage with practitioners who are wrestling with these issues on a daily basis. My silence on the blog front has largely been the result of my being engaged with a number of individuals and groups in this space, including a quick trip to Europe and the UK last week, where I met and talked with a number of enterprises – some of whom have been on this value journey for 10 years or more. These discussions, and subsequent reflection, have crystallized a number of thoughts in my mind. These include:

  1. A critical factor in determining success or failure of value management is the presence or absence of a clear owner of the value management issue or process.
  2. The “tipping point” – when value management practices start to get traction and become embedded in enterprises – is when the executive and senior management move beyond awareness and understanding of the issue to commitment to action – beyond “talking the talk” to “walking the talk”. This is illustrated in the figure below (figure and text below is adapted from The Information Paradox). Slide1At the thinking, or cognitive level, we recognize and become aware of a need to change. This often translates itself fairly rapidly into talk: “We at Thorp Inc. have to make fundamental changes to our organization.” All too often, the nature of those changes is not understood, and the definition of them is delegated, or more accurately abdicated. The reaction to this is often “This too will pass,” and all too often, it does. It is only when we wake up at three in the morning, reaching for the antacid, as we feel our stomach churning with the realization of the implications of the change and the breadth and depth of what has to change, that we begin to reach understanding. This is the precursor to commitment. The bottom line here is that we can only “walk our talk” when we fully understand what we are saying. Treating the implementation or improvement of value management practices as an organizational change programme – which it is – the use of some form of benefits modeling, which is discussed later, can bring you to an earlier awakening. When we have the understanding necessary to build commitment, to understand the full extent of what we are committing to, then, and only then, are we ready to act. Even then, we can act only if we have the resource capability and capacity to do so.
  3. Those enterprises that have passed this “tipping point” have been able to effectively apply value management practices to guide informed and intelligent decision-making during the current economic crisis – those that haven’t generally fell back to “old ways” with often across the board cost cuts.
  4. Value management practices are most effective when they are closely integrated with, and part of the business planning process. Going beyond this, they are most effective when they are integrated with overall enterprise governance.
  5. Incremental approaches to implementing and improving value management practices are more successful than  “big bang” ones.
  6. The areas of value management that appear to provide the greatest improvement in value management practices and outcomes are:
    1. Improving the business case process; and
    2. Taking the portfolio view.
  7. The factors that continue to constrain effective adoption of value management practices include:
    1. Failing to define, accept or put rigour into accountability for performance; and
    2. Clearly related to the above, failure to align the reward system such that there are consequences – both positive and negative.
  8. The interventions that appear to have been the most successful in changing behaviours, and helping enterprises move beyond awareness and understanding to commitment and action include:
    1. Inclusive engagement of all the stakeholders through workshops (for more on engagement, see The Challenge of Business Engagement);
    2. Use of benefits modeling techniques in workshops to get everyone “on the same page” – building a broader base of understanding of, and support for value management, including the need for business cases with clear accountability, relevant metrics and an aligned reward system;
    3. One-on-one coaching, and
    4. Active and on-going executive and senior management involvement where they are seen to be “walking the talk”.

In preparation for a workshop with one of the groups I am working with, I put together a short survey with the objective of:

  • Understanding the current and target levels of maturity related to value management (based on  the Value Governance [VG] domain high-level maturity model in ISACA‘s Val IT™ Framework 2.0.);
  • Understanding how long it has taken to reach the current level of maturity, and how long it is anticipated to take to reach the target level;
  • Identifying the factors that have either supported or constrained adoption, and to what extent they have done so;
  • Identifying interventions and the extent to which they have enabled adoption; and
  • Understanding the organizational context of the responding enterprise (optional).

Again, in the interests of broadening the dialogue, I would like to extend this survey to a broader audience. The survey is targeted at individuals who are involved in improving value management practices, including, but not limited to some or all of: leadership behaviour; process implementation and adoption (including business cases, portfolio, programme management and project management); roles, responsibilities and accountabilities (for both supply and demand); organizational structure (including Investment Decision Boards, and Value / Portfolio / Programme / Project Management Offices); information requirements (including metrics and reporting); and supporting tools (data collection, analysis and reporting).

You can access the survey here. The survey should not take much more than 10 mins to complete. The survey has 3 pages, and contains 10 questions.  Questions regarding “Current and target maturity levels”, and “Constraints to adoption and interventions to address” must be answered, but answers to “Organizational Context” questions are optional. Assuming that I get enough responses to yield a meaningful result, I will post results on this site in a later post. All information will be aggregated, and specific information about your organization, if provided, will be treated as confidential and will not be published without your express permission.

One of the challenges that we all have in trying to implement or improve value management practices is the perceived – and indeed real – enormity of the task. As per one of my observations above, this is why an incremental – and often pragmatic and opportunistic – approach is required. The business case, as discussed in an earlier post Lies, Damn Lies, and Business Cases, is the foundation on which all else is built, and, as such, sows the seeds of success or failure. Portfolio management is a powerful tool but if it is populated with “toxic” business cases, it will only give the illusion of progress. This is leading me to focus my attention on the business case and think about how, through workshops and benefits modeling, supported by one-on- one coaching we can change the view of business cases as a bureaucratic hurdle to be got over and then forgotten to being one of the most powerful tools available – turning it from an enemy to a valuable friend! If we can do this, we will have a solid foundation on which to further improve value management practices.

Back to the Basics – the Four “Ares”

Well, having now finished with the Sidney Fine Art Show – which was incredibly successful – it’s time to get back to this blog.

As I prepare to head down to Seattle where I am speaking at SIMposium09 on November 9th – just 6 weeks before my 65th birthday – I have been reflecting on the underlying foundation of what I have been doing over the last 20 plus years – what have come to be known as the “four ares”. They have certainly guided my thinking and, since they were published in The Information Paradox, continue to be widely referenced  – sometimes those references are even attributed. The idea came when I was presenting a diagram of, what we then called, the Information Resource Planning approach, to the executive of a large Canadian utility. As I was going through it, one of the executives stopped me, saying: “This is all “gobbledygook” to me – can you just explain it in plain English?” So, I turned the somewhat obtuse and long-winded statements on the chart into the questions each box was trying to address. What had been somewhat of a “talking head” session turned into a lively discussion which resulted in a  successful assignment with very positive outcomes. After that, I applied the same approach to almost everything I was doing including, at the time, DMR’s (now Fujitsu’s) Macroscope methodology – and the four “ares” were born. They have been “tweaked”, but have essentially remained the same for more than two decades.

At the time, I am not sure that I had even thought about the term governance, or could have described what it was. However, over time the two ideas have come together in that, in my view, the ability to continually ensure that enterprises can get positive answers to the four “ares” is the essence of effective enterprise governance. I use the term enterprise governance because, although the origins of the four “ares”, and much of their current application relate to governance of IT, they are equally applicable to the broader enterprise governance view. Indeed, one of the comments/criticisms I have had of both The Information Paradox, and the Val IT™ Framework, is that the term IT should have been dropped, or at least de-emphasized,  as they are both more broadly applicable to any form of investment or, indeed, any form  of asset.

For those of you still wondering what I am referring to, the four “ares” are:

  1. Are we doing the right things?
  2. Are we doing them the right way?
  3. Are we getting them done well?
  4. Are we getting the benefits?

Whenever I am talking with executives, I always have to pause when I get to the four “ares”as they invariability write them down. They are questions that are easy to understand although, unfortunately, not always easy to answer. Indeed, I often feel guilty that they appear too simple. I also feel somewhat guilty about the term “right” in the first two questions. I am not sure that there can always, or even ever be a totally right answer to those questions. However, asking these questions can definitely eliminate a lot of “wrong” decisions. A key point about these questions is that they need to be asked continually. Whilst important to ask them when an initial investment decision is being made, it is equally important to ask them throughout the full economic life cycle of that investment decision. That life-cycle includes a number of stages:

  • Development  – creating the necessary capabilities (hereinafter referred to as assets)
  • Implementation  – delivering the assets
  • Value creation  – adopting and using the assets to achieve the expected level of performance
  • Value sustainment  – assuring that the assets resulting from the investment continue to create value, including additional investments required to sustain value
  • Retirement phase – decommissioning some or all of the resulting assets
The four questions, in order, essentially apply to strategy, architecture, delivery, and value. As illustrated below, they collectively encompass alignment with strategy, business worth, including benefits and costs, and risk – including delivery risk and benefits risk.Slide1

As further illustrated below, within the context of governance of IT, the first and last  questions relate to the “demand” side – business governance of IT, while the second and third relate to the “supply” side – IT governance of IT. Collectively, they represent a complete view of enterprise governance of IT.
Slide2

As we said in The Information Paradox [with some updates], “ Tough questioning is also critical to get rid of silver bullet thinking about IT and lose the industrial-age mind-set that is proving extremely costly to organizations.  Asking the four “ares,” in particular, helps to define the business and technical issues clearly, and thus to better define the distinctive roles of  business executives and IT experts in the investment decision process. Are 1, Are we doing the right things? and Are 4, Are we getting the benefits?  raise key business issues relating to both strategic direction and the organization’s ability to produce the targeted business benefits.  Are 2, Are we doing them the right way?  raises a mix of business and technology integration issues that must be answered to design successful [IT-enabled] change programs.  Are 3, Are we getting them done well?  directs attention to traditional IT project delivery issues, as well as to the ability of other business groups to deliver change projects.”

In Val IT, specifically in version 2.0, we fleshed out these questions and also expanded them to include IT services, assets and other resources (while this is in the context of IT – they could equally well be expanded to include other assets).

1.  Are we doing the right things? The Strategic Question.

  • Are our investments:
    • in line with our mandate and vision?
    • consistent with our business principles?
    • contributing to our strategic objectives, both individually and collectively?
    • delivering optimal benefits at an affordable cost with a known and acceptable level of risk?
  • Are resulting IT services, assets and other resources continuing to deliver value by addressing real business needs and priorities?

2.  Are we doing them  the right way? The Architecture Question.

  • Are our investments:
    • in line with our organisation’s enterprise architecture?
    • consistent with our architectural principles and standards?
  • Are we leveraging synergies between our investments?
  • Are our IT services delivered based on optimal use of the IT infrastructure and other assets and resources?

3.  Are we getting them done well? The Delivery Question.

  • Do we have:
    • effective and disciplined management, delivery and change management processes?
    • competent and available technical and business resources to deliver the required capabilities and the organisational changes required to leverage them?
  • Are services delivered reliably, securely and available when and where required?

4. Are we getting the benefits? The Value Question.

  • Do we have:
    • a clear and shared understanding of what constitutes value for the enterprise?
    • a clear and shared understanding of the expected benefits from new investments, and resulting IT services, assets and other resources?
    • clear and accepted accountability for realising the benefits, and relevant metrics?
    • an effective benefits realisation process over the whole investment economic life-cycle, to ensure that we are maximising business value?
One of the objections we often here to implementing or improving governance practices or frameworks is that we are making it much too complex. There is indeed some truth to this given that the IT industry appears to have single-handedly invented English as a second language, i.e. talking in “techno-speak”. There are also a growing number of what are perceived to be competing frameworks in the marketplace. The four “ares” rise above this and provide a very simple yet comprehensive and powerful set of questions that can be used to help you to start the conversation – a conversation that is long overdue in many enterprises.