Addressing the Behavioural Challenges

In my previous post, Behavioural Change – The Crux of the Value Challenge, I suggested that we don’t need any more frameworks – there is no shortage of books, frameworks, methods, techniques, tools etc. to address the effective governance and management of IT and the use of IT to create and sustain value. It is the adoption of these that is painfully slow. It is human behaviour – or rather our inability to change it –  that is at the core of the challenge. I am currently working – both individually and with others – on a number of initiatives around the need to change how we think, manage, and act – to change behaviour – both individual and group behaviour – from the Boardroom to the front-line.

I also said that I would be looking for ways to broaden the dialogue and to engage with practitioners who are wrestling with these issues on a daily basis. My silence on the blog front has largely been the result of my being engaged with a number of individuals and groups in this space, including a quick trip to Europe and the UK last week, where I met and talked with a number of enterprises – some of whom have been on this value journey for 10 years or more. These discussions, and subsequent reflection, have crystallized a number of thoughts in my mind. These include:

  1. A critical factor in determining success or failure of value management is the presence or absence of a clear owner of the value management issue or process.
  2. The “tipping point” – when value management practices start to get traction and become embedded in enterprises – is when the executive and senior management move beyond awareness and understanding of the issue to commitment to action – beyond “talking the talk” to “walking the talk”. This is illustrated in the figure below (figure and text below is adapted from The Information Paradox). Slide1At the thinking, or cognitive level, we recognize and become aware of a need to change. This often translates itself fairly rapidly into talk: “We at Thorp Inc. have to make fundamental changes to our organization.” All too often, the nature of those changes is not understood, and the definition of them is delegated, or more accurately abdicated. The reaction to this is often “This too will pass,” and all too often, it does. It is only when we wake up at three in the morning, reaching for the antacid, as we feel our stomach churning with the realization of the implications of the change and the breadth and depth of what has to change, that we begin to reach understanding. This is the precursor to commitment. The bottom line here is that we can only “walk our talk” when we fully understand what we are saying. Treating the implementation or improvement of value management practices as an organizational change programme – which it is – the use of some form of benefits modeling, which is discussed later, can bring you to an earlier awakening. When we have the understanding necessary to build commitment, to understand the full extent of what we are committing to, then, and only then, are we ready to act. Even then, we can act only if we have the resource capability and capacity to do so.
  3. Those enterprises that have passed this “tipping point” have been able to effectively apply value management practices to guide informed and intelligent decision-making during the current economic crisis – those that haven’t generally fell back to “old ways” with often across the board cost cuts.
  4. Value management practices are most effective when they are closely integrated with, and part of the business planning process. Going beyond this, they are most effective when they are integrated with overall enterprise governance.
  5. Incremental approaches to implementing and improving value management practices are more successful than  “big bang” ones.
  6. The areas of value management that appear to provide the greatest improvement in value management practices and outcomes are:
    1. Improving the business case process; and
    2. Taking the portfolio view.
  7. The factors that continue to constrain effective adoption of value management practices include:
    1. Failing to define, accept or put rigour into accountability for performance; and
    2. Clearly related to the above, failure to align the reward system such that there are consequences – both positive and negative.
  8. The interventions that appear to have been the most successful in changing behaviours, and helping enterprises move beyond awareness and understanding to commitment and action include:
    1. Inclusive engagement of all the stakeholders through workshops (for more on engagement, see The Challenge of Business Engagement);
    2. Use of benefits modeling techniques in workshops to get everyone “on the same page” – building a broader base of understanding of, and support for value management, including the need for business cases with clear accountability, relevant metrics and an aligned reward system;
    3. One-on-one coaching, and
    4. Active and on-going executive and senior management involvement where they are seen to be “walking the talk”.

In preparation for a workshop with one of the groups I am working with, I put together a short survey with the objective of:

  • Understanding the current and target levels of maturity related to value management (based on  the Value Governance [VG] domain high-level maturity model in ISACA‘s Val IT™ Framework 2.0.);
  • Understanding how long it has taken to reach the current level of maturity, and how long it is anticipated to take to reach the target level;
  • Identifying the factors that have either supported or constrained adoption, and to what extent they have done so;
  • Identifying interventions and the extent to which they have enabled adoption; and
  • Understanding the organizational context of the responding enterprise (optional).

Again, in the interests of broadening the dialogue, I would like to extend this survey to a broader audience. The survey is targeted at individuals who are involved in improving value management practices, including, but not limited to some or all of: leadership behaviour; process implementation and adoption (including business cases, portfolio, programme management and project management); roles, responsibilities and accountabilities (for both supply and demand); organizational structure (including Investment Decision Boards, and Value / Portfolio / Programme / Project Management Offices); information requirements (including metrics and reporting); and supporting tools (data collection, analysis and reporting).

You can access the survey here. The survey should not take much more than 10 mins to complete. The survey has 3 pages, and contains 10 questions.  Questions regarding “Current and target maturity levels”, and “Constraints to adoption and interventions to address” must be answered, but answers to “Organizational Context” questions are optional. Assuming that I get enough responses to yield a meaningful result, I will post results on this site in a later post. All information will be aggregated, and specific information about your organization, if provided, will be treated as confidential and will not be published without your express permission.

One of the challenges that we all have in trying to implement or improve value management practices is the perceived – and indeed real – enormity of the task. As per one of my observations above, this is why an incremental – and often pragmatic and opportunistic – approach is required. The business case, as discussed in an earlier post Lies, Damn Lies, and Business Cases, is the foundation on which all else is built, and, as such, sows the seeds of success or failure. Portfolio management is a powerful tool but if it is populated with “toxic” business cases, it will only give the illusion of progress. This is leading me to focus my attention on the business case and think about how, through workshops and benefits modeling, supported by one-on- one coaching we can change the view of business cases as a bureaucratic hurdle to be got over and then forgotten to being one of the most powerful tools available – turning it from an enemy to a valuable friend! If we can do this, we will have a solid foundation on which to further improve value management practices.

Waltzing with the Elephant

I have just finished reading Mark Toomey‘s Waltzing with the Elephant, subtitled A comprehensive guide to directing and controlling information technology. This has taken me longer than I had thought as the book is indeed very comprehensive. I was reminded as I read it of a comment from an early reader of The Information Paradox who described it as  “a book you want to have read but don’t want to read. If you’re an executive with control over your company’s information technology purse strings, you probably don’t want to read a book this detailed in the intricacies of IT, which is exactly the reason that you should.” But will they? I will return to this point later.

As Mark says in the book’s dedication “Through better, more responsible, and effective decision making and control, we can make better use of information technology, and we can improve the world.” I couldn’t agree more – indeed it is that belief that has driven me for the last 20+ years, and which continues to drive me. There is certainly considerable room for improvement – as Mark goes on to say “…there is a compelling reason to improve the performance of IT use within many organizations.” I would  be even stronger here in that I believe this to be the case in most, if not all organizations.

Waltzing with the Elephant is organized around the the six principles of ISO/IEC 38500:2008:

  • responsibility;
  • strategy;
  • acquisition;
  • performance;
  • conformance;
  • human behaviour.

And the three fundamental Governance tasks that it defines – Evaluate, Direct and Monitor.

Mark does a good job of explaining the principles, and of putting “meat on the bones” of what can be seen as fairly high level and broad concepts. The book is a long, but relatively easy read – helped by Mark’s refreshingly irreverent style, and the many real world examples and anecdotes he has included. Mark also makes good use of models to frame and organize sections, including an earlier version my Strategic Governance framework. Although my brief summary may not do the book justice, what I believe you should take away from it, somewhat adapted and, of course, biased by my beliefs, include:

  1. While much has been written and talked about IT governance over the last decade or more,  progress has been painfully slow. As Ian Wightwick says in his introduction, “…there is a fairly strong case for arguing that the investment in IT improvement has not delivered the desired rate of improvement.”
  2. Slide2

  3. A fundamental reason for this lack of progress is that most IT governance activities  deal only with one side of the problem – the supply side. This is what another Australian colleague of mine, Chris Gillies, calls IT governance of IT –  focused on the IT “factory”. If we are to have effective enterprise governance of IT,  as illustrated in the figure to the right, we also need to pay equal attention to the demand side – business governance of IT – focused on how the organization uses IT to create and sustain business value. For more on this, go to Back to the Basics – the Four “Ares”.
  4. If we are to make progress, there must be the  understanding that governance of IT is an important part of the overall governance framework for any organization, and that governance itself is a business system.  Governance must deal with both compliance (meeting regulatory and legislative requirements) and performance (setting and achieving goals).
  5. Ultimately, the people who should control, and be accountable for how IT is used are the business executives and managers who determine what the focus of the business is, how the business processes are performed, how the authority and control structure operates, and how the people in the system perform their roles. None of these decisions are normally within the scope of the CIO, and so, without the means of enacting any decision, the CIO cannot be held responsible or accountable for the organization‟s use of IT. The CIO should be responsible for administering the system of governance on behalf of the governing body, and accountable for most elements of the supply of IT, but not responsible for the demand and certainly not accountable for the use of IT by the business.
  6. Increasingly, we are not making investments in IT  – we are making investments in IT-enabled change. While IT may be a key enabler, all the other aspects of the business system – the business model, business processes, people, and organization need to be considered. Enterprise governance of IT must  go beyond IT strategy, the IT project portfolio and IT projects to more broadly consider the business strategy, and the portfolio(s) of business investment programmes and business and technology projects that enable and support the strategy (for more on Programme and Project Portfolio Management, go to Moving Beyond PPM to P3M and Get With The Programme.)
  7. It is not enough to just focus governance on new investments. Effective governance must cover the full life-cycle of investment decisions – covering both the initial investments and the assets that result from those investments – assets that all too often fall into what Mark calls the “business as usual” space and receive little attention until something goes wrong.
  8. Essential ingredients of the system for governance of IT include transparency and engagement. Transparency means that there is only one version of the truth – that real, accurate and relevant information flows up, down and across the system to support decision making. Engagement means that, at each level, the right people are involved in the system, in the right way with clearly defined, understood and accepted roles, responsibilities and accountabilities.
  9. Effective governance of IT will rarely be achieved by simply following a standard or a generic framework. Rather, it requires fundamental thinking about the issues that are important, and it requires that the leaders of the organization behave in ways that maximise the value and contain the risks in their current and future use of IT.
  10. Ultimately, while standards, such as  ISO/IEC 38500, and frameworks, such as Val IT™ are useful tools, improving the return on IT investments, and improving governance around those investments and resulting assets is about changing human behaviour. Merely developing and issuing policy is insufficient in driving the comprehensive behavioural change that is essential for many organizations that will seek to implement or improve the effectiveness of their enterprise governance of IT. Behaviour is key…changing or implementing a new system for governance of IT necessarily involves taking all of those people on a journey of change – which for some will be quite straight-forward and which for others, will be profoundly challenging.
  11. This journey of change must be managed as an organizational change programme. While much has been written and should be known about this, the absence of attention to the individual and organisational contexts of human behaviour in plans for IT enabled change to business systems is profound. Where there is understanding of the need to do something, enterprises often then run into “The Knowing-Doing Gap” as described by Jeffrey Pfeffer and Robert I. Sutton in their book  of the same name. As the authors say in their preface, “…so many managers know so much about organisational performance, and work so hard, yet are trapped in firms that do so many things that they know will undermine performance.” They found that “…there [are] more and more books and articles, more and more training programs and seminars, and more and more knowledge that, although valid, often had little or no impact on what managers actually did.” For more about this, go to The Knowing-Doing Gap.

I want to return now to my initial comment about who will read this book. In a recent review of the book, Fiona Balfour described it as recommended reading for academics, students of technology, all IT Professionals and “C‟ role leaders and company directors. The book provides very comprehensive and practical guidance for those who have decided that action is required, but will those who have not yet understood or committed to action read it or, more importantly, take action based on it? Almost a year ago, I was having lunch in London with Kenny MacIver, then Editor of Information Age who, after listening to me expound on this topic for some time, said “What you are saying is that we need a clarion call!” Mark’s book adds significant value to those who have decided to embark on this journey, and he is to be commended for the tremendous effort that he has put into it and for his willingness to share his experience and wisdom – but will it provide that Clarion call? It will play well to the converted, but will it convert? Going back to Ian Wightwick’s introduction, he says “Clearly the purpose of Mark Toomey‟s text is to promote the need for adequate IT governance. It is commendable in this regard, but is only the beginning. Company director (including CEO) education courses and regular director briefings will need appropriate attention with provision of simplified explanatory material and check-lists, as well as encouraging the de-mystifying of the whole business-critical IT issue.”

Despite overwhelming evidence of the need to take action to improve enterprise governance of IT, business leadership – boards, executives and business managers – have shown little appetite for getting engaged and taking accountability for their use of IT to create and sustain business value, or to embrace the transparency that must go with it. I hope that, at least in Australia, the emergence of the ISO standard, and  Mark’s book provide that much needed “clarion call”. History, unfortunately, tells us that it may take more than this – we may still have a long way to go!

Moving Beyond PPM to P3M

Over the last little while, I have been asked to write introductions to, or testimonials for a number of books on Project Portfolio Management (PPM). This has caused me some angst because, while PPM most certainly has its place and is a valuable management tool, the name also unfortunately perpetuates the myth that IT projects, in and of themselves, deliver value. As discussed in an earlier post, Get With The Programme!, we need to move beyond IT projects to comprehensive business change programmes.

The concepts of portfolio management (as related to IT investments) and programme management were introduced in The Information Paradox. While portfolio management has seen significant adoption since then, largely in the form of PPM, the adoption of programme management has been slower, which certainly contributes to the popularity of the PPM term. (It would likely help if we could all agree on a common spelling of program/me!)

I have heard  number of arguments against using the term “programme” including that we are making things too complex by introducing another term, it scares people, and it doesn’t apply to small enterprises etc. The reality is that much of what we are enabling with IT today is complex – very complex, and denying that results in even greater complexity. Taking the programme view facilitates better understanding – shared understanding – of complexity and, as a result, more effective management of change. Regarding scaring people, I always say when I am presenting or discussing this topic that if the audience doesn’t leave both excited and scared, they haven’t “got it”. As Albert Einstein once said “You cannot solve a problem by applying the same thinking that got you into the problem in the first place.” We need to shake people out of their complacency and get them to think and act differently. I also believe that the concept of programme applies just as much to smaller enterprises – appropriately  scaled to fit  size and culture.

Programme management does now appear to be gaining some momentum. In addition to ITGI’s Val IT™, both OGC and PMI have programme-related materials. In a recent research paper, Gartner states “Organisations are discovering that program management is a level of business discipline that is key to delivering business outcomes”. It goes on to say that “We are focusing on a specific research project that addresses strategic program management – an emerging discipline focused around the multi project delivery of business outcomes…we believe that this is the management construct best suited to enable better business engagement, value delivery and risk.”

The definition of Portfolios, Programmes and Projects – as introduced in The Information Paradox, and continued in Val IT – is illustrated in the figure below.
Slide1

Given the above definitions and relationships, I would strongly recommend adoption of the term “Programme and Project Portfolio Management”, or P3M to better reflect both the relationships between portfolios, programmes and projects and the need to have all 3 in place. Indeed, I usually portray this with the “3” in superscript (which WordPress doesn’t seem to like) as I truly believe that it is “P to the power of 3 M”. While all three are necessary, none are sufficient on their own. All three, working together, are needed if enterprises are to:

  • Identify, define, select and execute new investments in IT-enabled change such that they maximize value creation and sustainment, taking early corrective action when this is at risk
  • Make intelligent spending decisions, focusing on spend that creates or sustains value, and avoiding the value destruction inherent in across-the-board (percentage) cuts
  • Ensure that their ongoing investments optimize benefits –  contributing to the creation and sustainment of  value – and again, where this is at risk, take early and appropriate corrective action
  • Deliver business and technology capabilities in a reliable, responsive and cost-effective manner

The relationship between Portfolios, Programmes and Projects, in the context of value management, is illustrated in the figure below.

Slide1

There is an argument that you shouldn’t consider portfolio management until you have dealt with project and programme management, i.e. get delivery right before you determine if you are doing the right things and creating or sustaining business value. I clearly do not agree with that argument – as Peter Drucker said “There is nothing worse than doing well that which should not be done at all!” Portfolio and Programme Management are the vehicles that bridge the gap between strategy and execution – ensuring alignment with business objectives and delivery of value through investments in IT-enabled change by effectively understanding and managing that change. Project management ensures that the technology and business capabilities required to enable the IT-enabled change and the resulting benefits and value are delivered. If we are to realize the full potential of IT-enabled change and translate that into real and sustainable business value, we need to work to all three of these areas – we have no choice!

Get With The Programme!

Technology is today embedded in almost everything that we do as individuals, societies and organizations. We have come a long way from the early days – yes, I was there – when the primary use of technology was automating operational tasks such as payroll, where benefits – largely cost savings – were clear and relatively easy to achieve. Today, applications of IT enable increasingly strategic and transformational business outcomes. While these outcomes would not be possible without the technology, the technology is only a small part of the total investment that organizations must make to achieve their desired outcome, often only 5% to 20%. The reality is that these are no longer IT projects – they are investments in IT-enabled business change – investments in which IT is an essential, but often small part.

Unfortunately, our approach to managing IT continues to lag in recognizing this shift. We still exhibit “silver bullet thinking” when it comes to IT. We focus on the technology, and delegate – more often abdicate – responsibility for realizing value from the technology to the IT function. In a recent post, IT Value Remains Elusive, I discussed a recent ISACA survey in which 49 percent of respondents stated that the CIO or IT managers are responsible for ensuring that stakeholder returns on such investments are optimized – with 8 percent saying no one was responsible. Technology in and of itself does not create value – it is how enterprises use technology that creates value. With the evolution of how we use IT, a different approach to the management of investments involving IT has become a business imperative if we are to fully realize the potential value of these investments.

Realizing this value requires broadening our thinking to take many more interrelating activities into account – moving beyond stand-alone IT project management to business programme management. Managing programmes of business change where technology initiatives contribute to business results in concert with initiatives to change other elements of the overall business system, including the business model, business processes, people skills, and organizational structure. It also means that accountability now must be shared between the business and the IT function – while the IT function is accountable for delivering the required technology capabilities, it is the business that must be accountable for realizing value from the use of the technology. This includes: deciding which programmes to undertake; ownership of the overall programme – including all the necessary  initiatives ; and ensuring that expected business value is realized over the full life cycle of the investment decision. Further, to support this, the business case for any proposed investment should be: at the programme level; complete and comprehensive – including the full scope of change initiatives required to achieve the desired outcomes; and a “living”, operational document that is kept up to date and used to manage the programme through its full economic life cycle.

We originally introduced programme management as one of the cornerstones of the Benefits Realization Approach in The Information Paradox. With Val IT™, we included it as part of the Investment Management domain (IM). OGC has also introduced Managing Successful Programmes (MSP) and, more recently, Portfolio, Programme and Project Offices (P3O), and the Project Management Institute (PMI) have extended their PMBOK to include Programme Management. The good news is that there is certainly no shortage of resources for those who want to implement Programmme Management. The bad news is that, while many organizations across the world have significantly increased value through their use of Programme Management, they are the “early adopters” with the majority of enterprises still lagging.

One of the reasons for this is that there is a common tendency to view programmes  as large, complex beasts – only applicable to large enterprises – and a mistaken belief that using the term will over-complicate things. Nothing could be further from the truth – certainly not when programme management is intelligently applied. Enterprise Resource Planning, Customer Relationship Management, Supply Chain Management, Business Intelligence, Social Networking, etc. are extremely complex programs of business change. Denying complexity – taking a simplistic view of change – only increases complexity. Only when complexity is understood can it be simplified, and then only so far. As Albert Einstein once said “Everything should be as simple as possible but no simpler.” The line between simple and simplistic is a dangerous one. Implementing organisational change requires changing our “traditional” approaches to governance – it requires that we “change how we change”!   Effective Programme Management is an important part of that change.

Taking the programme view can still however be a very daunting prospect – there can be just too much to take in all at once – unless an appropriate technique is used – one designed specifically for this purpose. In an earlier post, A Fool’s Errand, I discussed the need for a benefits mapping process (using Fujitsu’s Results ChainCranfield’s Benefits Dependency Modelling, The State of Victoria’s Investment Logic Mapping, or some other similar technique) to develop “road maps” that support understanding and proactive management of a programme throughout its full economic life cycle. Using Fujitsu’s Results Chain terminology – the one I am most familiar with – the process is used to build simple yet rigorous models of the linkages among four core elements of a programme: outcomes, initiatives, contributions, and assumptions. With the right stakeholders involved, and supported by strong facilitation, such a process can, in a relatively short time frame, result in clearly defined business outcomes and contributions, enabling management to ensure alignment with business strategy, define clear and relevant measurements, and assign clear and unambiguous accountability. They help to “connect the dots” and facilitate understanding and “buy in” of the those who will ultimately receive the benefits.

The challenge facing enterprises today is not implementing technology, although this is certainly not becoming any easier, but implementing IT-enabled organisational change such that value is created and sustained, and risk is known, mitigated or contained. This is where Programme Management, supported by benefits mapping can and must play a key role. The OGC states that: “The fundamental reason for beginning a programme is to realise the benefits through change.” In a March, 2008 Research Note, Gartner said that “We believe [strategic program management] is the management construct best suited to enable better business engagement, value delivery and risk”. Enterprises who want to enable such outcomes would do well to take a serious look at Programme Management.