ensuring project success through automated risk management
DESCRIPTION
CAI\'s CIO Series on Project ManagementTRANSCRIPT
Visibility, Control and Early Detection @ CAI
Ensuring Project Success Through Automated Project Governance
Today’s AgendaRisk Management
– The Problem Made Simple
Today’s Objective
The Road Less Traveled
– Learning the Truth the Hard Way @ CAI
Our Solution
Some Final Thoughts
Problem StatementThe concept of risk is inherent in any project.
Since risk is impossible to avoid, the best way to deal with risk is to contain it.
One way to contain risk is through risk management.
Risk management involves the identification of risks, analysis of exposure to the risks in a development effort, and execution of the risk management plan.
Have you ever been surprised by something ofsignificance in your business?
Have you been told a project or activity was ok, only to find out later otherwise?
Are you sure that your organization understands what the rights things to do are?
Do you feel like you are being forced to make key
decisions with missing dataor information?
Does this version of “Risk Management” look all too familiar?
Do you believe that you have … “At your fingertips” … the most important data and opinions about important activities
and efforts?
If you answered “Yes” to any of these questions then your in good company for
the wrong reasons …
Greater than 60% of all IT projects have either failed or were delivered with less than the desired results.
What We Learned About The Industry …
Of Course We Know the Real Story … Don’t We?
Today’s Objective
To introduce you too a new toolset, process, and
capability that provides you with the opportunity to become proactive and
quantitative in“Project Risk Management”
Road to Risk Management
Over 20 years of project experience as a process and metrics company
– 1st “Fixed Price” development project delivered in 1983
– 1st $1m “Fixed Price” development project delivered in 1986
The metrics of our evolution:– Over 350 New Application Development Projects– Deployed Over 50 Managed Maintenance Teams– Completed Over 4m Billable Hours of
Supplemental Support
We Learned …
We Learned …
Things We Know (Facts)
– The technology to be used– The expected start date– The expected delivery date– The business rules that will be
followed– The tools that will be used:
development and management– The best practices to be
followed
Things We Think We Know
– The expected start date– The expected delivery date– The rate of change will be
contained to 20%– No one will leave the team
during the project– The business rules that will be
followed
Things We Know or Do We?
We Didn’t Know …
Which is Why We Found Ourselves Too Close To the Edge
Awarded a large applications development project
– Assigned our best Development Manager– Implemented our methodology– Implement our tools– Oversight: CAI and the Customer
Bad “All of a Sudden” – Project, CAI, and the Customer @ Risk
What Did We Do Next ?
First we identified our team of and increased our budget and made quick adjustments
– Including Customer
We performed an extensive Post-mortem on this project and others to determine how projects could unravel
The analysis:– Managing risks was a 1x event on projects or at best a 2x event
(Beginning and Just Before it Ended)– Bad “All of a Sudden” - Not Likely– Same mistakes being made on different projects– Inherent schedule flaws (Challenged from the Start)– Filtered Communications (In Team)– Limited Communication (Cross Team)– Requirements Inflation (I’ll know it when I see it)– Employee Turnover (Higher Than Expected)– Specification Breakdown (Design Incomplete)– Hidden Productivity Issues (Actual Time vs. Logged)
• Rate of Change Not Type of Change– Heroics (Few People – Extraordinary Efforts)
Project Review Revealed:Close to the Edge Too Many Times
Greater than 50% of all IT projects have either failed or were delivered with less than the desired results.
What We Learned About The Industry …
Greater than 50% of all IT projects have either failed or were delivered with less than the desired results.
What We Learned About The Industry …
And at the End of the Day Our Risk Turned Out to About People …
It’s About How People Feel and How They Think !!!
No one is immune to “Project Problems”
(Unmanaged Risks = Problems)
some are just more agile at reacting to them to minimize the impact …
Conclusion …
The Road to the Solution …
Investigate how a PMO could solve the problems without the overhead
– Already committed to the concept just not the typical implementation (needed to automate it)
Investigate Tools
– Only thing on the market were portfolio management tools (not a portfolio problem!!!!)
Only possible solution was to “Build Our Own”
So What Problems Must Be Addressed?
How do we get comprehensive visibility to project risks in order to make decisions
How do we improve the information flow and get back to a “Management By Walking Around” by leveraging technology
How do we limit heroics, burn-out and turnover
How do we perform risk assessments regularly during the project lifecycle in order to make comprehensive decisions
How do we change the culture by doing the right things and doing things right
So What Problems Must Be Addressed?
How do we get comprehensive visibility to project risks in order to make decisions
How do we improve the information flow and get back to a “Management By Walking Around” by leveraging technology
How do we limit heroics, burn-out and turnover
How do we perform risk assessments regularly during the project lifecycle in order to make comprehensive decisions
How do we change the culture by doing the right things and doing things right
So What Problems Must Be Addressed?
How do we get comprehensive visibility to project risks in order to make decisions
How do we improve the information flow and get back to a “Management By Walking Around” by leveraging technology
How do we limit heroics, burn-out and turnover
How do we perform risk assessments regularly during the project lifecycle in order to make comprehensive decisions
How do we change the culture by doing the right things and do things right
So What Problems Must Be Addressed?
How do we get comprehensive visibility to project risks in order to make decisions
How do we improve the information flow and get back to a “Management By Walking Around” by leveraging technology
How do we limit heroics, burn-out and turnover
How do we perform risk assessments regularly during the project lifecycle in order to make comprehensive decisions
How do we change the culture by doing the right things and do things right
What would be the value of having a sound, low cost, risk assessment capability
for our business?
Create an automated system that ensures “management, visibility, control, and governance” are actually occurring, is easy to use, easy to change, easy too maintain
Get the heart beat of the project on regularly scheduled basis …
The Goal of Our Solution …
Our Solution …Our Solution …
“The power to discern the true nature of the situation”
Modular Design: The Solution
The SolutionThe Solution
Modular Design: The Solution
Modular Design: Solution + Content
IT Governance Content Cartridge
Future Cartridges and Content
Future AvailabilityFuture Availability
Contract Management
Compliance Adherence
Risk Assessment
Legal Assessment
Health Assessment
IT Infrastructure Assessment
Create an Individually Customized Model Collect data – what data, from
whom, when Knowledge by phase Reminders Issues
Repositoryfor all
projects
Analysis Insight Must Do’s Never Agains Exceptions Corrective action
Visibility Dashboard Reports Alerts
Management Knowledge & Subject Expertise Assessments Project/Process types Project/Process
classifications Rules
Consistent
Execution
What do
we need to
know?
What do
we need to
know?
Where
do we
store it?
Where
do we
store it?
How do we
consume it or
view it?
How do we
consume it or
view it?
What
Will we learn
from this?
What
Will we learn
from this?
Foundation for Process ImprovementC
ap
abili
ty L
eve
l
VISIBILITYVISIBILITY
Streamline Processes
Implement Standard Processes
OPTIMIZATIONOPTIMIZATION
CONTROLCONTROL
Understand What is Happening
Cumulative timeline
Developers
Designers
Team Leaders
End Users
Business
Managers
Vendors
IT Management
Infrastructure
Team
Risk
Discovery
Team
Project
Manager
The Value of Automated Management Insight and IT Governance
Repository of Defined, Codified Recommended Practices
Non-Intrusive, Non-Bureaucratic Oversight and Control
Vehicle to Monitor and Enforce Recommended Practices Utilization
Orient
Act
Observe
Decide
Repetitive, Repeatable “Project Office” Type Reviews for All Projects
Proactive, Quantitative Approach for Managing Project Risks
Collection of Historical Data and Metrics
What is Insight Doing for CAI …Allows us to query stakeholders
keeping them engaged in the success of the project
Expands participation in project status reviews– Captures a “Million Points of View”
Early warning means early action and more success
Eliminates bureaucratic best practices activities and focuses everyone on the success of “The” project
Helps us avoid blunders (Repeated Mistakes)
Enables us to change the culture by encouraging people to do the right things by doing things right
Imp
act
Lo
w
H
igh
Difficult Easy
Implementation
The Insight Control Room
Control RoomControl Roomfor Knowledge & Managementfor Knowledge & Management
Notifications
Alerts
Warnings
Data &
Opinion
General and specific Alerts, Notifications, & WarningsGeneral and specific Alerts, Notifications, & Warnings
Best practice MechanismBest practice Mechanism
Historical benchmarking Historical benchmarking
Analysis of large volumes of dataAnalysis of large volumes of data
Knowledge,
Rules, Experience
Doer
Manager
Rules &
Knowledge
Rules
& Knowledge
Activities
External Expert
Few companies can grow without taking risks. But poor risk management leads to surprises in business operations that can impact shareholder confidence, regulatory oversight and the bottom line.
Closing Thoughts …
I am not suggesting that we can eliminate all project risks, nor do we want to … some risks are good
I am also not suggesting that projects will never fail again … when organizations fail to react to information, projects can still fail
What I am suggesting is that if there isn’t a “Risk Identification, Assessment, and Mitigation Process” implemented on all of your projects then you are just waiting for projects to fall behind schedule or fail.
Remember …Remember …
“Managing risk does not deal with future decisions, but the future of present
decisions”
“The power to discern the true nature of the situation”