Published: August 10 2011, 06:55 PM | no comments
by Steve Romero

I received a tweet from Charles Betz this morning that caused my jaw to drop:

@CharlesTBetz US federal CIOs to become responsible for IT portfolio management. http://bit.ly/nm3amT (What were they doing before?)

My jaw dropped because I completely concur with Charles' question: "What were they doing before?"

If you are a regular reader of my post you know what I think about portfolio management (PPM). PPM is by far the most crucial IT governance process. I firmly believe it is impossible for a CIO to do his or her job without sound PPM. But I also firmly believe PPM success in IT is dependent on sound and successful IT governance.

The link included in Charles' tweet is to a post on the ‘American Society of Military Comptrollers' titled, "OMB directs agency CIOs to focus on IT portfolio management". The post describes how federal agency Chief Information Officer's (CIOs) will now move from concentrating on policy and maintaining infrastructure (answering the question about what they were doing before) to being responsible for IT portfolio management. The post referred to a memorandum issued August 8 by Jacob Lew, Director of the Office of Management and Budget (OMB).  The memo tells agency heads that their CIOs must focus on "delivering IT solutions that support the mission and effectiveness of their agencies and overcome bureaucratic impediments to deliver enterprise-wide solution."

The memo clarified CIO responsibilities in the four areas of responsibility for CIOs laid out in the "IT Reform Plan" issued in December, 2010.

Governance:  CIOs will now drive the review process for IT investments and be responsible for the agency's entire IT portfolio. They will make IT portfolio analysis an integral part of the yearly budget process and will ensure that agencies meet the IT Reform plan goal of "turning around" a third of all underperforming IT investments by June 2012.

Commodity IT:  CIOs will focus on eliminating duplication in IT investments and will reduce costs and improve service for commodity IT by pooling agency purchasing power across the organization.  CIOs will work with enterprise architects to align IT resources by consolidating duplicative investments and applications. They are directed to use shared services rather than establishing separate independent services.

Program Management:  CIOs are directed to hire top IT program managers and improve training. They will also be held accountable for IT program manager performance and will perform annual performance evaluations of component CIOs.

Information Security:  CIOs will be responsible for implementing an agency-wide information security program. They will ensure that the program includes a "well-designed, well-managed continuous monitoring and standardized risk assessment process supported by Department of Homeland Security run "CyberStat" sessions.

Though I like each of the four areas of responsibility, once again, they potentially expose a common misunderstanding of IT governance - that this critical function of the business only addresses IT investment decisions. I might have been able to give the reform plan the benefit of the doubt by assuming the "entire IT portfolio" included addressing each of the other IT governance decisions areas but the other ‘areas of responsibility' listed in the Reform Plan cause me to have my doubts. Let's start by reviewing the fundamentals of IT governance:

IT governance is intended to meet five principles:

• Align IT with the business
• Deliver value to the business
• Appropriately manage risk
• Appropriately manage resources
• Appropriately manage performance

These five principles are met by making reasoned and rational decisions regarding:

• The IT archetype
• Enterprise architecture
• Infrastructure strategies
• Fulfilling business needs (systems and applications)
• Investments (spending)

These decisions (making as well as fulfilling) are enabled by IT governance processes:

• Integrated Business & IT Planning
• Architecture Management - Standards & Review
• IT Investment Assessment, Prioritization, Funding & Benefits Realization Accountability (PPM)
• IT Financial & Resource Allocation
• Project Execution & Decision-making
• Emerging Technology Evaluation & Adoption
• Client Relationship Management
• Building & Maintaining Applications & Infrastructure
• Provisioning of IT Services
• Strategic Sourcing Services
• Audit & Risk Management

Now let's take a look at the other areas of responsibility in the IT Reform Plan and why I believe they could indicate a misunderstanding of IT governance:

Commodity IT

• Eliminating IT investment duplication is a function of PPM and the portfolio analysis listed under the first area of responsibility, governance.
• Investment and application consolidation (elimination of duplication) is a function of Application Portfolio Management (APM) - which should be performed in conjunction with PPM. APM is also associated with each of the main IT governance decision areas.
• "Work with enterprise architects" is specifically called out and enterprise architecture is an IT governance decision area as well as a critical IT governance process.
• Shared service decisions are associated with the IT governance decision-making areas of enterprise architecture, infrastructure strategies, and fulfilling business needs.

Information Security

• Risk and security are the longest standing aspects of IT governance

I like the emphasis on program management capability but appropriately managing resources is also one of the principles of IT governance.

Though some folks may view these as nitpicks, the separation of Commodity IT, Program Management, and Information Security leads me to believe IT governance is viewed as solely addressing IT investment decisions. I contend each federal CIO would fulfill each of the areas of responsibility listed in the IT Reform Plan if those CIOs strived to meet the principles of IT governance by making the right decisions in each area of IT governance and then realized those decisions through sound IT governance processes. Heck I believe they would achieve much more.

Even if I set aside the question of what the CIOs were doing before they were directed to "become responsible for IT portfolio management," I am left with the fear that many CIOs will be unable to adequately meet the mandate. An acute understanding of IT governance is essential to meeting the goals of the federal IT reform plan, but the four areas of responsibility listed in the reform plan itself appear to reflect misconceptions of the IT governance discipline. I regret to say I find these misconceptions to be all-too-common, in business as well as government.

Again, I applaud the latest directive from the office of the OMB. But I'll have to keep my fingers crossed that the "it's about time" federal CIO focus on IT portfolio management and PPM will lead to an improved understanding of the nature as well as the power and promise of IT governance. Successfully managing the IT portfolio depends on it.

Steve Romero, IT Governance Evangelist

Share this post:  Email

Share

Published: August 04 2011, 03:40 PM | no comments
by Steve Romero

I just read Forrester's Margo Visitacion's latest paper: "The PMO in An Agile World: Can't We All Just Get Along?" http://bit.ly/rpw1R8 As usual, Margo is right on target with some great insights and recommendations.

Margo does a great job of breaking down the long-standing problem of project manager being stuck between developers seeking to meet the needs of their project stakeholders and customers and PMOs that must satisfy multiple sets of stakeholders. She notes how PMOs continue to favor the PMI PMBOK (Project Management Institute's Project Management Body of Knowledge) while questioning or not fully understanding Agile practices. Forrester recently conducted a survey showing that 76% of PMOs focused on PMBOK methodology development, while only 33% focused on scrum/Agile/Lean processes. (Even more surprising was that only 40% of PMOs focused on waterfall development methodology).

Margo goes on to recommend that PMOs update their industry practices (such as Agile) and listen to developers. These are great recommendations and thankfully, there is a wealth of information and solutions available to help PMOs do so. If your PMO needs to get up to speed on Agile, here are a couple of links that provide a great start:

• This is a link to a very short and simple Agile tutorial video my company produced: http://bit.ly/p7WSrC
• Here is another link to a very comprehensive overview of Agile. You will need to register, but it is free and worthwhile: http://bit.ly/r7Nk0w
• Agile for Dummies eBook (free copy sponsored by CA Technologies) http://bit.ly/pNqylV

Margo Visitacion goes on to discuss two more problems in her latest work: the lack of trust between the PMO and Project Managers; and PMOs are too busy to be strategic. Though I don't believe these problems are a result of the onset of Agile development, they are most certainly exacerbated by it. I have long contended PMOs need to transform themselves from ‘paper pushers' and ‘process police' to ‘participants in enterprise success.' Here is a link to a webcast recording of my PMO presentation. It is not my latest (which includes the need for PMOs to learn and support Agile methodology), but contains 99% of what I would deliver to your organization if I visited you today. http://bit.ly/iINata

I hope these resources help you and your PMO get up to speed. The Agile-train is racing down the tracks and you will need to get on board.

Steve Romero, IT Governance Evangelist

Share this post:  Email

Share

Published: July 25 2011, 06:23 PM | 1 Comment(s)
by Steve Romero

I am in Australia to participate and speak at the three CA World Expos here this week. Yesterday's event was in Sydney and I am headed to Melbourne later today for our expo there tomorrow. Then I am off to Canberra for our expo there on Friday.

I was able to attend three Clarity customer presentations yesterday. Each one of the presenters described their "lessons learnt" (This is my fifth trip Down Under but I will never get use to how they spell learned.). Each of them learned that the key to successful deployment of the solution and the processes it enables was the management of change. They all stressed the need for:

• Executive sponsorship of the change
• Communication of the change - LOTS of communication
• Training ("Training, Training, Training" as one presenter put it)

Being a process fanatic, I have blogged on the topic of process and process management and the topics of change and managing change. I stress the need to effectively manage change in my process presentation and I take a deep dive into the subject in my new book, "Eliminating ‘Us and Them' - Making IT and the Business One."

Despite my frequent forays into the subject, I never tire of hearing it from others. I just wish it wasn't under the title of "lessons learnt." The experience of establishing and implementing business processes should not teach the lesson of the critical need to manage change, and the essential nature of communication and training. Organizations need to know of these crucial elements before they begin.

Steve Romero, IT Governance Evangelist

Share this post:  Email

Share

Published: July 11 2011, 10:37 AM | no comments
by Steve Romero

Is your organization staffed with people who are experts at eliminating the ‘us and them' relationship between IT and the business?

In the past four and half years I have visited well over 100 companies and spoken to thousands of people at well over 100 events. Time and time and time again I have witnessed a divisive and sometimes adversarial ‘us and them' relationship between IT organizations and the businesses that contain them. In my new book, "Eliminating ‘Us and Them' - Making IT and the Business One" http://bit.ly/ifc9Tu, I describe how IT governance, process and process management, and behavioral management remove the gulf between IT and the business.

Save for some challenges of traditional views of IT governance (if you can call them that), none of the main topics of the book are new. What is new is the discussion of IT governance, process, and organizational behavior as three interdependent and essential elements to making IT organizations an integrated and inseparable part of the business. There are many books about these subjects but none of them present all three as the foundation, bricks, and mortar of a single overarching construct for IT to be one with the business.

There are numerous barriers to overcoming the challenge of viewing and simultaneously managing IT governance, process, and organizational behavior. But the one I fear the most is the lack of enterprise expertise in each of these areas. I have found very few organizations staffed with IT governance experts or process and process management experts. Though almost every HR department has knowledge in organizational behavior, I have yet to see one that directly connects the discipline to ensure personnel can thrive in a governance and process construct.

Almost every enterprise is addressing IT governance, process and process management, and organizational behavior to one degree or another. But I have encountered only a few that consider these disciplines to be so essential to their success that they view them as critical core competencies.

What is the situation in your company? Has your organization invested in and established IT governance, process, and organizational behavior proficiency? Do you have IT governance, process, and organizational behavior experts? I'd love to hear your stories.

Steve Romero, IT Governance Evangelist

Share this post:  Email

Share

Published: July 06 2011, 12:26 AM | no comments
by Steve Romero

This is a rather momentous blog post for me. Though all of my posts are from my heart, this one is about a labor of my love. Today, my company, CA Technologies, issued an official press release http://bit.ly/jDzpGY announcing the publication of my new book, "Eliminating ‘Us and Them' - Making IT and the Business One." Though the book took me a year to write, and another six months to publish, it was actually thirty years in the making. So today marks a very significant milestone in my career.

I have been traveling the world evangelizing the power and promise of IT governance to our customers, prospects and constituents for almost five years. I now have more than a half dozen presentations I deliver with great regularity and each of them is founded in three disciplines I am convinced are critical to enterprise success: IT governance, process and process management, and organizational behavior. When I crafted my presentations, I did not intentionally set out to include aspects of governance, process, and behavioral management. The fact that there are elements of each of these disciplines in all of my presentations is much more a result of evolution than it was conclusion.

I became a process enthusiast very early in my IT career, more than thirty years ago to be precise. I became a fan of governance (though at the time I did not know it was governance) more than twenty years ago. And I became a believer in organizational behavior driven by enterprise culture a mere eight years ago. Though I have been a devotee of each of these subjects for some time, I did not address them as a collective until very recently.

Shortly after becoming a full-time IT governance evangelist for CA Technologies, my best friend Mike Nelson started bugging me about writing a book. He had heard my views on IT governance in countless conversations which all ended in him saying, "You should write book." After presenting (and by association, testing) my ideas on thousands of people around the world, I finally decided to heed his advice.

So eighteen months ago, I started writing my book on IT governance. As I started capturing my thoughts, I found I could not talk about IT governance without talking about process. Though all of my presentations have included a nod to process and process management, writing a book on IT governance necessitated a deeper dive into process. My belief in the absolute dependency between process and enterprise culture and organizational behavior meant my book would need to cover that topic as well.

My initial intention was to write something for my fellow IT brethren, in the hopes of describing those things I am certain will enable them to succeed. It was only after the initial manuscript was complete that the purpose, focus, and audience of the book became completely clear. With the help of my soon to be Lead Editor Jeffrey Pepper, I stumbled upon my deep-seeded beliefs in the need for governance, process and organizational behavior to coalesce into a single overarching construct.

After reading my first draft, Jeffrey was convinced the audience of the book should not be limited to members of the IT organization. In one of our first meetings, he challenged me with questions intended to dig deeper into what I was trying to say because he was convinced my message was applicable to the entire enterprise. During the course of his ‘peppering' (pun intended) I explained the need for the business to take a greater role in technology decisions (IT governance) and how IT needed to foster and enable business participation in technology decisions. I told Jeffrey how the business and IT need to make work possible and practical and enable people to work together by mastering the art and science of process and process management. I described how this decision-making and process won't ever be successful without addressing enterprise culture and organizational behavior. I told him how sound IT governance, optimal processes and the right culture and behaviors were the only chance of conquering the divide between IT and the business. I told him how IT and the business need to stop acting like they are separate from one another and how I was sick of their "us and them" relationship. I told him I wanted to eliminate "us and them" and make IT and the business "one." Eliminating ‘Us and Them' was born.

I'll be blogging more on my book in the coming weeks and if you pick up a copy, I would love to hear your thoughts.

Steve Romero, IT Governance Evangelist

Share this post:  Email

Share