BLOWING THE WHISTLEON TROUBLED SOFTWARE PROJECTS

Despite inevitable personal risk, auditors owe theirorganizations accurate information about project status, especially

bad news, in the interests of halting software project runaways.Management owes them the courtesy of listening.

Despite advances insoftware engineering,project failure temains acritical challenge for thesoftware develop-

ment communicy.According to the Standish -Group's 1998 survey, only26% of such projects wete deliv-ered on time, on budget, and withpromised functionality, wast-ing billions of dollarsannually; 46% wetecompleted over budgetand behind schedule, with fewerfunctions and features than orignally specified, and could there-fore be classified as runawayprojects [10]. In 1994, a sur- -^vey by consulting companyKPMG of 120 organizations in the UKfound 62% of them had experienced a run-away project [7]. Today, you can fdl yourshelves with books covering numerous examples ofrunaway software projects [3].

The behavior underlying many runaway projectsresembles "escalation of commitment to a tailingcourse of action," a phenomenon documented inthe general management literature [1] and appliedto the management of software projects [4]. Escala-tion occurs when decision makers throw good

i-

money after bad, pursuing a course ofaction that is not yielding the desired

result. According to a;-" more recent study,

escalation occurs in30%-40% of all software

projects and is associatedwith schedule and cost

overruns averagingmore than 150%

[5]. Less than 25%of them are ultimately

I completed and judged suc-cessful by IS auditors.

By another defini-tion, a runaway

project has "failed sig-nificantly to achieve its objectives

and/or has exceeded its originalbudget by at least 30%" [7].

\ Anecdotal evidence [9] and ourown 1999 study of troubled soft-

ware projects suggest that escalation can be exac-erbated by the reluctance of organizationalemployees, as well as outside contractors, to trans-mit unwelcome, yet valuable and constructive,information concerning projects and their status.Thus, while evidence of a failing project may existin the lower ranks of an organization, accurateinformation about failure may fail to move up theorganizational hierarchy. Gonsequently, decision

MARK KEIL AND DANIEL ROBEY

COMMUNICATIONSOFTHEACM April 200</Vol. 44. No 4 87

makers with the authority to change the direction ofthe project are too often unaware of its true status.

As an example, consider a system called Confirm;originally budgeted at $55.7 million in 1988 andscheduled to take three years to complete, it was to bea leading-edge computerized travel reservation systemcombining airline, rental car, and hotel information.In 1992, following 3.5 years of development and$125 million, the project was cancelled amid allega-tions that the chief developer, AMR Information Ser-vices (AMRIS), had misled its three partners(Marriott, Hilton, and Budget Rent-a-Car) about theproject's status. {AMR is the holding company ofAmerican Airlines.) In a letter to the partners,AMRIS's chairman admitted: "Individuals whom wegave responsibility for managing Confirm . . . haveapparently deliberately concealed a number of impor-tant technical and performance problems" [9].

Publicized fiascoes, including Confirm, raiseimportant questions about the communication of bad

whistle. The study also revealed that even when audi-tors execute their responsibility to blow the whistle ontroubled projects, the people responsible for control-ling IS projects may refuse to pay attention, a phe-nomenon called the "deaf effect" [6]. The auditors weinterviewed explained why bad news often falls ondeaf ears and described organizational factors theybelieved would contribute to a healthier climate forcommunicating negative information about softwareprojects.

Four patterns of responses emerged from ouranalysis of the interviews. First, many IS auditorsreported that they or someone else did blow the whis-tle on a project. In many cases, this action led to con-structive attempts to regain control, reduce thecommitment of resources, or terminate the project.Second, some IS auditors in our sample said they didnot blow the whistle on a troubled software project,even though they knew it was in serious trouble.Third, even when auditors did blow the whistle, man-

"I SURE WOULDN'T WANT TO MARCH INTOTHIS GUY'S OFFICE AND TELL HIM THE PROJECT

THAT HE HAD BEEN CHAMPIONING FOR ALLTHESE YEARS SHOULD BE PUT TO DEATH" (Case #44).

news up the hierarchy, or "blowing the whistle." Mostpeople fmd it difficult to blow the whistle, even whentroubled IS projects clearly need to be turned around.

Here, we present some of the findings from ourstudy of IS auditors asked to share their experiences aspotential whistle blowers on troubled projects (see thesidebar "How the Study Was Done"). We chose ISauditors because of their role in monitoring IS pro-jects. Auditors are likely to be more objective than ISmanagers or project team members and more willingto blow the whistle on troubled projects. We inter-viewed both internal and external IS auditors for thestudy. Internal auditors usually report to the auditdepartment; external auditors are hired as outsideconsultants to perform specific auditing tasks.

Fven where projects are monitored, the studyrevealed that IS auditors may censor themselves, aphenomenon called the "mum effect" [11]. Thus,while some auditors told us why they blew the whis-tle, others explained why they chose not to blow the

agement frequently ignored them. In some cases,auditors paid a high price for trying to convey unwel-come bad news. Finally, the auditors felt the condi-tions for effective whistle blowing varied acrossorganizations.

Obligations Vs. RisksSome internal IS auditors clearly feel obligated toblow the wbistie on troubled projects. As oneexpressed it: "As an auditor, it's my job, I feel, toblow the whistle when the whistle needs to beblown" (Case #200). Whistle blowing was viewed byinternal auditors as instrumental for removingresources from projects in which they might other-wise be squandered. Whistle blowing was alsoviewed as a means of protecting the organizationfrom a software system that might harm businessprocesses. One internal auditor warned that the sys-tem being developed could crash core businessprocesses; he blew the whistle, and the project was

86 April 2001/Val. 44.No 4 COMMUNICATIONSOFTHEACM

Our study draws on data fromour 1999 investigation of bow

troubled software projects that fallinto a spiral of escalation can beturned around, if possible, or aban-doned, if necessary [6] . Respon-dents were drawn from a populationof 75 IS auditors participating in amuch larger mail sun/ey sponsoredby the Information Systems Auditand Control Association [8]. Thatstudy was designed to investigatethe frequency of software projectescolation and the factors fosteringit. Each of the 75 auditors indicateda willingness to participate in a fol-tow-up study; we were able to inter-view 42 of them via telephone. Our

How the Study Was Done

sample included both interno! andexternal auditors. £ach respondentwas asked to choose a single projectfor the interview. In most cases, theproject they chose was the same asthe one in the earlier survey.

We first asked: Did someone blowthe whistle on the project? If theyanswered yes, we foltowed up withquestions to gauge the auditor'sperceptions regarding the appropri-ateness for IS auditors to act aswhistle blowers; determine whetherthe auditor had played such a role inother projects; and explore theorganizational factors supportingand inhibiting whistle blowing (seethe Table).

All interviews were taped, tran-scribed, and subjected to contentanalysis. Transcripts were coded toidentify portions of the text explicitlydealing with whistle blowing; relevantportions of the text were analyzed todiscern patterns of whistle-blowingbehavior. We were especially inter-ested in identifying factors or condi-tions affecting the willingness orreluctance to blow the whistle.

The Table summarizes the casesfrom cur interviews in which whistleblowing was discussed. Each case isidentified by a case number, thetype of organization in which theproject was conducted, project pur-pose, and project outcome. B

Case ID#

200

182

418

161

44

142

14

508

1001

174

Type of Company

Retail

Financial services,investing

Publicly traded company(identity noc divulged)

A Fortune 500 company(identity not divulged)

Public utility

Public utility

Manufacturing

Financial services,insurance

Financial services.lending

Financial services.trading

Projects studied.

Purpose of Project

Design an order-processing.billing, receiving system tointerface with new automatedcatalog distribution center

Upgrade to more effectivesecurities portfolio software

Design an integratedMRP system

Rewrite mainframe applicationsfor client-server platform

Design system for mapping andfacility management for electricitydistribution

Design performance managementsystem for unionized employees

Design manufacturing controlsystem for small-batch production

Design telecommunication-access billing system

Redesign a system foreducational loans

Design an integratedtrading system

Project Outcome

Implementation (many seriousproblems) took nine months to ayear to resolve serious issues.

Project suspended. Originalcontractor fired and a new onebrought in to complete the project.

Project completed but unable tohandle the volume of transactionsrequired.

Project phases completed butlacked functionality.

Project abandoned beforecompletion.

Project completed and implemented.subsequently v/ithdrawn from use.

Project completed and implemented.subsequently withdrawn from use.

Project abandoned beforecompletion.

Project abandoned beforecompletion.

Project redirected andmodified.

COMMUNICATIONS OF THE ACM April 2001/Vol 44. No 4 89

Figure I. Organization contextsof whistle blowing.

Strong

Mum Effect

Weak

Cover-upOrganization

HealthyOrganization

Deaf-dumb-blindOrganization

OstrichOrganization

Weak Strong

Deaf Effect

Stopped. This auditor also confided that blowing thewhistle was very difficult. He contemplated quittingbut ultimately drew support from the audit groupand executive management. "I thought I could quit,I could start drinking, or all kinds of things," he toldus (Case #182). This comment reveals how difficulta decision to blow the whistle can be, especially foran internal auditor. Serious contemplation of a jobchange or self-destructive activity suggests that whis-tle blowers struggle with their responsibility.

In several oFour cases, an external auditot (or con-sultant) served as a project's whistle blower. In one, anexternal auditor was retained to offer advice onwhether or not a project could be treated as a capitalexpenditure for accounting purposes. In researchingthe project, the auditor coincidentally discovered theproject was in trouble. He reported: "We came in asexternal auditors as part of our annual work, workingwith their internal auditors, and found that the pro-ject really was off track . . . We took a look at it—justkind ot ballpark numbers—and said, 'Why is man-agement not coming in here and kicking your butts.It's way over budget already' {Case # 174).

In two other cases, external auditors were retainedto review system design and ended up blowing thewhistle on entire projects. In Case #418, an externalauditor told us that project management was so"shoddy," it made the audit team uncomfortable,prompting them to inform the controller and execu-tive management. In Case #161, external auditorsmanaged to force a change in the project. "We wentright to the CIO and the CFO . . . and told them thatwe were going to have to walk out of this projectunless things changed" (Case #161).

In these cases, it is clear that both internal andexternal auditors acted responsibly to draw attentionto troubled projects. But internal auditors exposingproject difficulties assumed greater personal risk than

external auditors, because they were more depen-dent on the organization than their external auditorcounterparts.

The Mum Effect (Reluctance toBlow the Whistle)Despite accepting responsibility for whistle blow-ing, several internal auditors told us they decidednot to blow the whistle because of risks to theirown careers. One internal auditor explained thatblowing the whistle would probably be "career sui-cide, to be honest. Me as a litde staff auditor? I'mgoing to go to the executive VP of the company andtcli him that this is a worthless project, and heshould pull the plug on it? I sure wouldn't want tomarch into this guy's office and tell him the project

that he had been championing for all these yearsshould be put to death" (Case #44).

We aiso learned that even the heads of auditdepartments are likely to preserve their careers byremaining mum in the face of trouble (Case #142).The following illustrates the struggle whisde blowersexperience weighing their personal risks against theirresponsibilities. The auditor reported: "It would havebeen political suicide to go and to speak up, tor thoseof us that had bills to pay and all that other good stutT.You do what yoti're asked to do, and I wasn't asked to.I had some pretty candid conversations with the manthat I worked for. I said that there are so many thingshere that are going wrong, how can we contintie to dothis? 'Because we have to do it; that's our job.' Andmaybe if I had had the support of my manager, Iwould have felt more comfortable going to the nextlevel to tell him. But I wasn't going to go in there bymyself... I've been the whistle blower once in my lifeand wound up standing on the unemployment line. Idecided, with a house and a family, there was no wayI was going to put myself in that position" (Case#14).

Thus, the prospective whistle blower needs to facethe reality that the critical audit report may contradictthe best judgment and vested interests of the power-ful players backing a project. From the whistle blow-er's personal perspective, not much is gained resistingthe tide. Although responsible for exposing projectills, IS auditors (and other potential whistle blowers)often remain mum due to fear of reprisals.

The Deaf Effect (Reluctance toHear the Whistle)Overcoming the mum effect is not the only chal-lenge in attempting to redirect or terminate trou-bled projects. IS auditors also reported thatmanagement sometimes turned a deaf ear to their

9 0 April 200I/Vo[ 44, No. 4 COMMUNICATIONS OF THE ACM

reports. CIOs and other senior executives were por-trayed as people who received auditor reports butwho downplayed the seriousness of the problemsdocumented in them (Cases #174 and #142). In acase representing a good example of the deaf effect,an auditor explained: "We were trying to quantifyand tell them, convey the seriousness of the situation.And I dont think they believed that it would be thatserious. I think a lot of that was because they werehearing different information from the head of ISand the operations guy and the project manager. Itwas very frustrating for me, a little demoralizing"(Case #418).

Sometimes the deaf effect can be overcome bygoing over the head of the person who refuses to lis-ten and reporting to a higher authority. This practiceof organizational leapfrogging was described by an

Organizational Conditions ThatEncourage Whistle BlowingThe mum and dcat effects occur more often undercertain organizational conditions than others. Someorganizations have larger internal audit staffs thanothers, their clout often corresponding to their size.In banks and financial institutions, for example, theaudit function is well established (to protect theassets of the corporation), and internal IS auditorscan proceed more confidently reviewing high-riskprojects and making recommendations.

By contrast, smaller audit staffs are easier to ignore.One auditor reported his experiences working for acompany with a small audit department. He said: "Thecompany really wasn't that big, and the audit depart-ment was like a joke. It was like a figuiehead. It waslike, 'Oh yes, we have an internal audit department;

"THEY TOOK ME OUT TO LUNCHSAID, 'WE REALLY APPRECIATE WHAT YOU'VE

DONE, BUT WE REAELY WONT B I; (Case #508).

auditor who viewed the vice president of IS as "hear-no-evil, see-no-evil." As his team tried desperately toconvince the vice president that a project was in trou-ble, the "lowly peons," as he described his auditgroup, were ignored. So the audit team began to writememos to executives higher up the hierarchy (Case#200).

In some cases, however, even appeals to higherauthority fall on deaf ears. The following indicates thepervasiveness and consequences of the deaf effect. Anauditor said; "I wrote a lot of reports. I escalatedthings as much as I could, but in the end they basi-cally said, 'We really appreciate your eflforts, butthanks, but no thanks.' They took me out to lunchand said, 'We really appreciate what you ve done, butwe really wont be needing you anymore' (Case #508).

By remaining deaf to warning signs, executivesmay insulate themselves from having to deal withproblems in the short run. They may also disassociatethemselves from a failing endeavor, thereby escapingblame. When senior executives are unreceptive to badnews, the risks to the persistent whistle blower arelikely to increase.

there they are.' But they would never let us get intosomething real serious. A couple of times I had writtenwhat I thought were serious exposures, and they justblew it off. They said they would study the issue, theywould set up a task force, but it was just a token kindof thing. They never really went afi:er it" (Case #142).

Along with differences between organizations,there can be considerable differences across subunitswithin the same organization, where different operat-ing environments lead to different levels of conscious-ness about audit and control practices. In some units,IS auditors are encouraged to identify problems withsoftware projects. In others, "People dont even wantto know" (Case #508).

Given such variance in credibility enjoyed by theinternal audit and control function, what factors cancreate an environment for effective whistle blowing?Part of the answer lies in the relationship between theaudit function and senior management. As one of ourrespondents noted: "You have to have a very secureaudit department that knows its value and is con-nected to senior management . . . [so] If he makes arecommendation, he feels comfortable he can do it.

91COMMUNICATIONSOFTHEACM April 2001/Vol 44. No. 4

because he's got the support of senior management"(Case #142).

This auditor also described his experience with acompany that had IS project reviews in which theauditor was supposed to sit in on the systems devel-opment and design, raise control issues, and flagrunaway projects. But he said: "I never saw a com-puter system stopped dead because internal auditissued a report." Where audit has support fromother units in the organization, senior managementmight listen, but audit usually lacks the power tostop projects on irs own.

One auditor pointed to structural problemswithin most organizations inhibiting internal audi-tors from transmitting bad news. He reported:"You're not independent enough. I mean, you'renever independent, because you're in the same orga-nization. There has to be some separation. If youreport to the guy who's running the project, there's aprohlem with the structure, and that's why a lot ofpeople probably wouldn't say anything" (Case#1001).

Several auditors underscored the importance ofdeveloping relationships with other units in theorganization. Paradoxically, the comfort auditorsfeel in blowing the whistle may depend on position-ing the audit function, so auditors are not viewed aswhistle blowers but as team players whose job is tohelp keep projects on track. The following accountof a whistle blowing incident by an IS auditor illus-trates this point. "I think," he said, "the way we han-dled it made a difTerence. We suggested they reallylook at these issues. WeVe got some major problems,and I think just the way we came about it, as a teamplayer instead of a policeman. And that 'We want tohelp you; we see that this project's out of controi; wecan see that maybe some things you're not gettingthe truth on because you're so close to it; but this iswhat we see.' Even though we are an independentappraisal organization, we are still part of the samecorporate team, and our goals are their goals basi-cally. We ail want the company to do well. That'show we sold ourselves" (Case #182).

Thus, efFective whistle blowing may depend onorganizational factors, like organizational size, the his-torical commitment by senior management to theinternal audit function, the independence of auditingfrom management authority, and the formation ofteam relationships between audit departments andthe departments leading projects.

Organizational Conditions InfluencingWhistle BlowingOur study tound that, although whistle blowing is a

noble activity carrying rhe organizations interestclose to its heart, whistle blowers assume seriousrisks. Even for those charged with auditing andmonitoring the progress of IS projects, job securityis often more important than pressing for account-ability for misspent budgets. Indeed, whistle blow-ing is frequently regarded as an "illegitimate"activity, even when institutionalized into a formalaudit role [12]. As a result, many internal auditorsremain mum instead of asserting their responsibilityto report bad news.

In addition, key executives committed to IS pro-jects can lose their objectivity, refusing to acknowl-edge any criticism. This was clearly the case in HelgaDrummonds (of the University of Liverpool) 1989analysis of the London Stock Exchange's Taurus pro-ject, which was designed to automate the trade-settle-ment process. Drummond wrote the following aboutthe difficulty the Exchange's chief executive had con-vincing other key decision makers of the need to scrapthe project: "These were big men . . . [yet] the plainfact of the matter is that they were terrified. 'What doyou mean we might have to stop this? How can yousay that now?' . . . They didnt believe it . . . Theywanted to believe I WAS wrong. They were fighting tofind some reason to carry on" [2].

Even unambiguous negative information can fallon deaf cars, as key decision makers stubbornly clingto prevailing myths about a project's importance.The potential whistle blower has to present rationalinformation, which may be insufficient to swaymythical beliefs. Not only must the mum effect beovercome, it is also necessary to overcome the deafeffect to get troubled projects under control. Figure1 defines four types of organizations and how theyexperience different degrees of the mum and deafeffects.

In the deaf-dumb-blind organization, in which bothmum and deaf effects are powerful, there is little chancefor whistles to be either blown or heard. Even formallyestablished audit functions do not operate effectively.In the cover-up organization, in which the mum effectis strong but the deaf effect is weak, the game is to con-ceal bad news from a management that wants to hearit. (In this type of organization, nobody wants to pointfingers at a peer, so there is a tendency to cover up badnews, as the group working on the project tries to pro-tect itself and its members.)

In the ostrich organization, managers prefer beingdeaf, preferring to avoid learning what whistle blowershave to say. Auditors are likely to be frustrated andcritical of top management and may eventuallybecome cynical about their auditing and reportingresponsibilities.

9 2 Apnl 2001/Vol 44. No 4 COMMUNICATIONSOFTHEACM

Finally, in the healthy organization, people arenot afraid to transmit bad news; they see that man-agers are receptive to criticism and willing to dosomething about it. Healthy organizations arc"learning organizations," because they use feedbackfrom their own performance to correct errors.

Implications for IS professionals. No IS profes-sional is immune from the pressures associated withtroubled projects. It is difficult for IS project mem-bers to be unaware of cost overruns and delays, butthey are often confused about what to do. Shouldthey, despite their relatively low status, expose pro-ject ills, or remain mum? Although guided by codesof ethical conduct [9], IS professionals may experi-ence great difficulty in acting responsibly at thecritical moment. Nevertheless, IS professionalsshould look to identify which quadrant of the gridin Figure 1 best represents the climate of their orga-nization. If it is healthy, whistle blowing shouldcarry rewards, not penalties. Where top managersbehave like ostriches, avoiding bad news, IS profes-sionals have little incentive to convey bad news.But blowing the whistle in the ostrich organizationmay still be viewed as an exercise in professionalresponsibility and may ultimately result in someform of corrective action. The more difficult situa-tions for the ethical IS professional are in the cover-up and deaf-dumb-blind organizations; thosecompelled to blow the whistle take serious risks.Whistle blowers with little job security or mobilityhave the most to lose and little to gain, except forself-respect.

Implications for senior executives. Fortunately, ourfindings also surest ways senior executives mightcreate healthier climates for whistle blowing. Largerorganizations with more established and legitimateaudit staffs, such as those in financial institutions, arelikely to be healthy already in light of their historicalcommitment to internal control. Large IS audit staffsare more difficult to ignore than small, token units.Nothing signals the importance of whistle blowingmore directly than the presence of professional staffwith the qualifications and mission to audit ISprojects.

Audit staffs are also likely to be more effective whenseparated organizationally from the authorit}' of thosewhose projects are being monitored. Although ISauditors share many of the skills of other IS profes-sionals, they should never report to CIOs or CTOsresponsible for IS projects. Blowing the whistle istough enough without having to blow it on the boss.For this reason, most audit staffs should be indepen-dent authorities.

Unfortunately, independence also makes it more

difficult to establish a teamwork relationship betweenIS auditors and project managers. Our findings indi-cate that, for an IS auditor, being a team player is amore constructive metaphor than being a policemanand is perhaps the key to organizational health.

Creating a healthy climate for whistle blowing isessential for controlling software project escalation.The framework we've presented here can help both ISprofessionals and senior executives examine theirorganizations and plot a course toward the healthy-organization quadrant in Figure I. When fiascoes likeConfirm occur, many people blame the technology,but the mum and deaf effects are likely to be majorcontributing factors behind runaway projects. Bettercommunication of project status, especially bad news,can reduce the incidence of sofhvare runaways. Q

REFERENCES1. Brockner, J. The escalation of commitment to a failing course of action:

Toward cheorecical progress. AMR 17. 1 (1992), 39-61.2. Drummond, H. Escalation in Decision-Making: The Tragedy of Taurus.

Oxford University Press. Oxford, UK. 1996.3. Glass, R. Sofiware Runaways. Premice-Hall, Inc., Upper Saddle River,

NJ, 1998.4. Keil, M. Pulling the plug: Software project management and the proh-

lem of project escalation. MIS Quart. 19, 4 (1995), 421-447.5. Keil, M. and Rai, A. Why software projects escalate: An empirical

analysis and test of four theoretical models. MIS Quart, 24. 4 (Dec.1997), 631-664.

6. Keil, M, and Rohey, D, Turning around troubled software projects; Anexploratory study of the de-escalation of commitment to failing coursesof action./ Mgrit. Info. Syst, 15. 4 (1999), 63-87.

7. KPMG, Runaway projects: Causes and effects. Soft. World 26. 3(1995), .3-5.

8. Mann, J. The Role of Project Escalation in Fxptiiining Runaway Infiirnui-tion Systems Development Projects: A Field Study, unpubl. doa. dissert,,Georgia State University, 1996.

9. Oz, E. When professional standards are lax; The Confirm failure andits lessons. Commun. ACM37 10 (Oct. 1994), 29-.36.

10. Scandish Group, Inc. CHAOS: A Recipe for Success, res. rep. 1999; secwww.srandishgroup.com,

ll.Tesser, A. and Rosen, S. The reluctance to transmit bad news. Adv.Experi. Soc. Psych. 8 (1975), 193-232,

12. Weinstein, D. Bureaucratic Opposition: Challenging Abuses in the Work-place. Pergamon Press, New York, 1979.

M A R K K E I L (nikeil@gsu.edu) i.s an associate professor in the

Department ot Computer Information Systems at Georgia StateUnivcrsit}' in Atlanta.D A N I E L R O B E Y (drobey@gsu.eclu) holds a joint appointment as pto-fessor in the Departments of Computer Information Systems and Man-agement at Georgia State University in Atlanta,.

Pennission ro make digital or hard copies of all or pan nf this work for personal or class-room u.se is granted without fee provided thar topies are not made or distrihuttti forprofit or totnmeri ial advantage and iliat copies bear rhis nciiicc and the liill citation onthe first page. To copy otherwise, to republish, to post on servers or to redistribute tolists, requires prior specific pertnission and/or a fee.

© 2001 ACM 0002-0782/01/0400 J5.00

COMMUNICATIONSOFTHEACM April 2001/Vol. 44, No. 4 93