This document discusses project governance and outlines some key concepts and best practices. It notes that while projects account for 20-30% of organizational activities, they often fail to deliver benefits. Effective project governance is needed to ensure projects are aligned with strategy and deliver intended outcomes. Key aspects of best practice governance include oversight and review of projects, clear goals and requirements, adequate resources, good communication and managing risks. Cultural barriers can exist if boards and managers are not engaged in governance. Case studies are presented to demonstrate governance issues that can arise.
Best Practices for Implementing an External Recruiting Partnership
Risk and Compliance Module 8 - Project Governance
1. Risk and Compliance Module 8 – Project Governance Dr Raymond Young – University of Canberra
2.
3.
4. The role of projects Business As Usual Services & Value
5. The role of projects BAU performance over time Impacted by demographic, financial and global forces Business As Usual Services & Value Demographic financial & global forces
6. The role of projects project based organisational change Projects needed to deliver significant change Business As Usual 70-80 % BETTER Projects 20-30 %
7.
8.
9. Projects On-time On-budget Inside the head of project managers Young and Jordan 2008 Kwak and Anabari 2009 VIC 100b Young and Jordan 2002 Strategy Governance Microscope Projects Telescope
10. Inside the head of boards and top managers Projects e-commerce Risk 13 Dir: 60+ boards Strategy should be developed by management E-commerce is important but strategy is hard … 3 approaches – (2) get an expert Few have IT background Widespread delegation to mngt / consultants Young and Jordan 2002
11. Inside the head of boards and top managers Projects Strategy On-time On-budget Inside the head of project managers Young and Jordan 2008 [2] I would have thought it would be the opposite … are there stats by industry? [3] valuations are heavily discounted whenever a big IT project is announced [4] they hardly ever define adequately what success looks like [1] That’s probably about right… Telescope Microscope Projects
12. Inside the head of boards and top managers Projects On-time On-budget Inside the head of project managers Young and Jordan 2008 [3] Sponsors definitely drive success … we would need to see a track record of this working [4] You’ve definitely got this right by putting the strategy first [1] Yes … I think you could sell that. A directors job is to ask questions. VIC 100b
13. Financial/Strategic Implications Current Performance (68% under) Source: R. Young, “What is the ROI for IT Project Governance? Establishing a benchmark.,” in 2006 IT Governance International Conference (Auckland, New Zealand, 2006) OK Some No Fail ROI 30% OK Some Fail ROI 130% Better Performance (43% under) OK Cancel ROI 220% Excellent Performance (15% cancelled)
14.
15. Project Governance: Connecting Corporate Governance and Project Management Standards: OECD Guidelines ASX Guidelines AS8000 Focus on Vision and Mission (Corporate Plan - normally 3+ years) Corporate Governance: The system by which organisations are directed and controlled Standards: PRINCE2 , MSP PMBOK, OPM3 Focus on Outputs e.g. time, budget, quality, stakeholder support, outcomes Project Management: The way of guiding and managing projects to ensure successful completion from start to end Standards: Gateway HB280 AS8016 www.valuedeliverymanagement.com Focus on Outcomes Annual Plan Project Governance: The connection between corporate governance & project management
16.
17.
18.
19. Assessment of tools and frameworks Where to focus effort to engage top management Governance of Programmes Programme management Governance of Programmes Programme management Efficiency Effectiveness Any benefits Benefits aligned to strategy Realisation of strategic goals Portfolio management Project Management On-time On-budget Avoid duplication Products/ Outputs Programme Portfolio Management Victorian investment frameworks
20.
21. Governance Evaluate Direct & Monitor Investment: benefits or terminate? Strategy/capability: how much change is required? Investment & Strategy: Benefits / alignment? Responsibility: Project Sponsor? Performance & Behaviour: measures and motivation? 67%->40% Business Case 40% ? MSP? 5-23% 33-67% ChangeTracking™ 0-13% Benefits Realisation ITIL, COBIT Projects PMBOK, PRINCE2, etc Conformance & Behaviour: culture for issues to be raised? ??% HB280, AS8016, 6Q Governance™ Business processes ICT Operations Support Changed Business Processes Changed ICT Operations Initiate
22.
23.
24.
25. Without Effective Governance… Source: VALIT & John Thorp Can’t kill projects Leads to.. Too many projects Quality of execution suffers Underestimation of risks and costs Projects not aligned to strategy Over budget Projects Late Business needs not met Lack of confidence (in IT) Results in.. Benefits not received Situation Reluctance to say no to projects Lack of Strategic Focus Projects are “sold” on emotional basis -- not selected No strong review process Overemphasis on Financial ROI No clear strategic criteria for selection
Modern PM: WW2 – Manhattan Project, NASA Speed of competition: new products Changing expectations: public sector reform
Management of large-scale expenditures is a fiduciary duty requiring careful oversight. However a Deloitte survey of boardroom directors revealed oversight of IT projects was either “blind” (29% with inadequate information) or non-existent (16%) [i] . They warned in 2007 that the results were “tantamount to negligence” and the AICD have long reported statistics suggesting the problem is more widespread [ii] (Figure 1). My own research suggests that as many as two out of three projects fail to deliver the expected benefits [iii] . Increased scrutiny could reveal the real failure rate. However what might be worse in the current financial environment is to have two out of three strategic initiatives fail to increase revenue, enhance customer service or reduce cost and threaten survival. [i] What the Board Needs to Know About IT: Phase II Findings (Deloitte, 2007), http://www.deloitte.com/dtt/article/0,1002,sid=36692&cid=151800,00.html [ii] D. Lovalla and D. Kahneman, “Delusions of success: how optimism undermines executive's decisions, Harvard Business Review,” Harvard Business Review July (2003): 58 [iii] R. Young, “What is the ROI for IT Project Governance? Establishing a benchmark.,” in 2006 IT Governance International Conference (Auckland, New Zealand, 2006)
Management of large-scale expenditures is a fiduciary duty requiring careful oversight. However a Deloitte survey of boardroom directors revealed oversight of IT projects was either “blind” (29% with inadequate information) or non-existent (16%) [i] . They warned in 2007 that the results were “tantamount to negligence” and the AICD have long reported statistics suggesting the problem is more widespread [ii] (Figure 1). My own research suggests that as many as two out of three projects fail to deliver the expected benefits [iii] . Increased scrutiny could reveal the real failure rate. However what might be worse in the current financial environment is to have two out of three strategic initiatives fail to increase revenue, enhance customer service or reduce cost and threaten survival. [i] What the Board Needs to Know About IT: Phase II Findings (Deloitte, 2007), http://www.deloitte.com/dtt/article/0,1002,sid=36692&cid=151800,00.html [ii] D. Lovalla and D. Kahneman, “Delusions of success: how optimism undermines executive's decisions, Harvard Business Review,” Harvard Business Review July (2003): 58 [iii] R. Young, “What is the ROI for IT Project Governance? Establishing a benchmark.,” in 2006 IT Governance International Conference (Auckland, New Zealand, 2006)
Most companies would say it’s up to management to define what the business needs … it is the boards responsibility to ask questions to ensure that management has really thought through the bigger picture Some board members were saying we should do more, some less … [big project risk vs strategic risk of moving too slowly] “ The board members I talk to are very comfortable if there is someone taking responsibility and particularly comfortable if it’s McKinsey or one of the major firms”; “ most [boards] are very content to delegate it to management … there is a tendency to accept the recommendations of management, which tend to echo the recommendations of the consultants … there is no thorough analytical review in the way you would in other areas where the directors know what’s going on”; “ for all the Standards that exist, there is no guidance on how to go about making the decisions to implement an ecommerce strategy” ; “ management is gathering tons of information and don’t know how to present it”; “ are the board [receiving] summaries, no … it’s difficult for directors to make good decisions”; with technocrats, the only three things you can be assured of are: nothing would get finished on time, it would always cost vastly more than predicted and it would never do what it was promised to do” I do stress to boards that they’re not IT issues because they’re business issues.
Most companies would say it’s up to management to define what the business needs … it is the boards responsibility to ask questions to ensure that management has really thought through the bigger picture Some board members were saying we should do more, some less … [big project risk vs strategic risk of moving too slowly] “ The board members I talk to are very comfortable if there is someone taking responsibility and particularly comfortable if it’s McKinsey or one of the major firms”; “ most [boards] are very content to delegate it to management … there is a tendency to accept the recommendations of management, which tend to echo the recommendations of the consultants … there is no thorough analytical review in the way you would in other areas where the directors know what’s going on”; “ for all the Standards that exist, there is no guidance on how to go about making the decisions to implement an ecommerce strategy” ; “ management is gathering tons of information and don’t know how to present it”; “ are the board [receiving] summaries, no … it’s difficult for directors to make good decisions”; with technocrats, the only three things you can be assured of are: nothing would get finished on time, it would always cost vastly more than predicted and it would never do what it was promised to do” I do stress to boards that they’re not IT issues because they’re business issues.
Most companies would say it’s up to management to define what the business needs … it is the boards responsibility to ask questions to ensure that management has really thought through the bigger picture Some board members were saying we should do more, some less … [big project risk vs strategic risk of moving too slowly] “ The board members I talk to are very comfortable if there is someone taking responsibility and particularly comfortable if it’s McKinsey or one of the major firms”; “ most [boards] are very content to delegate it to management … there is a tendency to accept the recommendations of management, which tend to echo the recommendations of the consultants … there is no thorough analytical review in the way you would in other areas where the directors know what’s going on”; “ for all the Standards that exist, there is no guidance on how to go about making the decisions to implement an ecommerce strategy” ; “ management is gathering tons of information and don’t know how to present it”; “ are the board [receiving] summaries, no … it’s difficult for directors to make good decisions”; with technocrats, the only three things you can be assured of are: nothing would get finished on time, it would always cost vastly more than predicted and it would never do what it was promised to do” I do stress to boards that they’re not IT issues because they’re business issues.
Most companies would say it’s up to management to define what the business needs … it is the boards responsibility to ask questions to ensure that management has really thought through the bigger picture Some board members were saying we should do more, some less … [big project risk vs strategic risk of moving too slowly] “ The board members I talk to are very comfortable if there is someone taking responsibility and particularly comfortable if it’s McKinsey or one of the major firms”; “ most [boards] are very content to delegate it to management … there is a tendency to accept the recommendations of management, which tend to echo the recommendations of the consultants … there is no thorough analytical review in the way you would in other areas where the directors know what’s going on”; “ for all the Standards that exist, there is no guidance on how to go about making the decisions to implement an ecommerce strategy” ; “ management is gathering tons of information and don’t know how to present it”; “ are the board [receiving] summaries, no … it’s difficult for directors to make good decisions”; with technocrats, the only three things you can be assured of are: nothing would get finished on time, it would always cost vastly more than predicted and it would never do what it was promised to do” I do stress to boards that they’re not IT issues because they’re business issues.
Raymond
Expand to many different classes of vessel, with different characteristics starting from different points, experiencing different weather conditions with intermediate/transfer points but with one ultimate goal/outcome/destination
To survive, thrive and also to minimise the governance backlash, the first step must be to get the right information needed to govern effectively. The board bears the responsibility to set clear guidelines and expectations about the kinds of information they want to see filter up. What benefits are being targeted? [how is this consistent with our strategic priorities?] Do we have the organisational capacity to realise these benefits and what other risks are involved? How will we measure success? Do we have the right person driving the change? Are there any warning signs that the project is going off track? Are the benefits being realised? These questions seem simple but none of the directors I have spoken to had an effective process to terminate failing projects. Benefits are usually quantified (66%), but they are often overstated (27%) [i] , change is not always considered (40%) [ii] , individuals are not held accountable (5-23%) and few organisations track benefits through to realisation (10%) [iii] . Organisations do not focus on the true determinants of success. [i] Chad Lin, Graham Pervan, and Donald McDermid, “IS/IT investment evaluation and benefits realization issues in Australia,” Journal of Research and Practice in Information Technology 37, no. 3 (2005): 235-251 [ii] KPMG, “Global IT Project Management Survey: How committed are you?,” 2005, http://www.kpmg.com.au/Portals/0/irmprm-global-it-pm-survey2005.pdf [iii] John Thorp, “Unlocking Value - Delivering on the Promise of Information Technology,” in Delivering Value , 2008, http://www.isaca.org.au/modules.php?op=modload&name=News&file=article&sid=28