IT-related projects are projects with deliverables that use information and related technology. These projects can be new solution implementations, new application software development, business function automation or relate to IT in any other way.
Any project, be it IT or otherwise, can be characterized by 3 main constraints: timelines, budget and quality of deliverables. Many believe that a project is going well when it is operating within the acceptable levels set for these constraints. A project that has gone overboard does not mean that it has failed but that timelines are not being met, budget has been exceeded and/or the quality of deliverables does not meet expectations.
There are several common causes for a project to go overboard; however, the primary reason is the inability to manage risk associated with the project.
Projects do not go awry overnight. Projects always go through a period of trouble before going overboard. Project governance is required to be able to identify symptoms of a project facing issues. Normally, everyone associated with a project wants it to succeed. At times, when project stakeholders unintentionally start ignoring or dismissing warning signs, projects subsequently enter a troubled state. It is wise to use external reviewers to detect early signs and help the project sponsor take decisive action(s) to ensure that a project is successful. This can often help rescue a troubled project.
The following is a list of common primary causes for projects going overboard:
- Obscure or partially defined requirements and uncontrolled scope creep—Many projects face this problem due to lack of understanding on the part of the project sponsor and/or project manager. Ensuring that requirements are approved and having a change management process in place to accommodate scope changes from the start can help ensure that projects will not enter a troubled state.
- Over-optimism or lack of understanding—This is typically seen in large outsourcing projects. The service provider tries to oversell itself for a set price, resulting in its inability to deliver. This often results in unrealistic delivery schedules.
- Complexity—Major IT projects have a high degree of complexity which introduces further risk. Such projects can be successful by breaking down the project into smaller subprojects and implementing governance practices around each. Agile development has proven to be a powerful methodology to ensure the success of such projects.
- Multiple stakeholders are interested in the outcome of project deliverables and have different priorities—This causes multiple parties to try to put pressure on the project sponsor. Appointing a senior-level project manager can help solve this problem.
Further recommendations for ensuring the success of projects include:
- A project manager must spend time gaining an understanding of the detailed requirements before commencing the project plan. The project manager should spend time with the project sponsor to fully understand scope, communication of project status and the change management process for any change in requirements once the project has commenced.
- A project governance framework should be implemented, and a program steering committee should be instated to oversee projects within the organization with a predefined review mechanism.
- A process framework and monitoring mechanism should be implemented for outsourced projects. The framework must ensure that requirements are properly identified before sending a request for proposal (RFP) and a ballpark or indicative budget must be prepared. If the service provider quotes much higher or lower than the set budget, the vendor may be disqualified.
- Wherever possible, appoint a project manager with subject matter knowledge. This will help ensure the quality of project deliverables.
- Break down the project based on installments of deliverables for complex projects. Projects that have realistic, achievable timelines can help manage project constraints and ensure the quality of deliverables.
Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP, is a consultant and trainer in IT governance and information security.