In a business climate that is driven by changing economic conditions, shifting customer behaviour patterns and increased regulation, organisations are undertaking an increasing amount of IT change. Whilst IT projects present opportunities, they are also fraught with potential risks. Failure to identify and manage these risks effectively can have adverse reputational, operational and financial consequences.
Despite the high stakes, independent research indicates that anywhere between 30% and 50% of IT projects fail – some statistics suggest it is even higher. The reason that projects fail are complex and multifaceted, covering anything from poor or ambiguous sponsorship and ill-defined requirements through to inadequate planning and a lack of suitably skilled resource. Often projects fail by stealth, whereby a combination of factors conspire over time to bring the project to a grinding a halt, at which point delivery dates cannot be met no matter what actions are taken.
IT projects present a number of specific challenges that require to be addressed, including technology selection, integration into production, financial management, securing appropriate skills and managing 3rd party relationships, which are often complex. Any or all of these areas, if not managed effectively, can adversely impact the likelihood of success. At Exception we frequently promote the value of implementing a best practice, independent assurance capability throughout the lifetime of a project or programme. This can greatly improve transparency and provide stakeholders with confidence that a project is being managed effectively, that it is on track to achieve the required deliverables and benefits, as well as highlighting concerns and issues that could place the project at risk.
Best practice assurance proactively manages risk and ensures that there is adequate focus concentrated on delivering the key objectives. In order to achieve this the assurance function needs a mandate to assess the entire scope of a programme, and this must include the scope being delivered by both the internal and any external 3rd party suppliers – we have often encountered scenarios where the 3rd party supplier is responsible for assuring their own deliverables – not something we would recommend! The assurance function should proactively offer practical remedial actions to address any identified risks, including recognising when additional skills or expertise is needed to address content-specific remedial actions.
A successful assurance function is therefore one that retains a clear focus on the agreed deliverables, is mandated to pursue satisfactory responses to challenging questions and is candid about the need for additional expertise.
Organisations often find various reasons for not implementing assurance. It is sometimes offered that Project Audits cover the same bases, however assurance is not the same as an audit. Audits look backwards after the event, they only therefore deliver value if their findings are applied in the future – an audit does not identify issues before they happen. IT assurance identifies potential issues with technology, suppliers and their contracts before they happen, offering stakeholders the opportunity to put in place remedial actions to mitigate the impact.
Cost can be another reason not to implement an assurance function. However, the typical assurance cost is likely to be a small percentage of the total project spend and therefore can represent an excellent investment when measured against the cost of failure.
Not every organisation has the skills or experience required to deploy effective programme assurance. This is where we can help. Your may be looking to provide assurance for a challenging project or programme, recover a project that has gone awry, establish control of a portfolio or develop an internal governance or assurance capability. We can offer a range of ISO 9001 accredited assurance services to support these and a range of other scenarios.
How assurance is best deployed varies depending on the time, cost, scope and quality parameters of the programme, so no one size fits all approach exists. If you are considering implementing assurance or want to discuss how we can help, contact Exception today for more information.Back to articles