August 2011 - Posts - The IT Governance Evangelist

This Blog

Home
Contact

Syndication

August 2011 - Posts

FED CIOs Take on PPM

Published: August 10 2011, 06:55 PM | no comments
by Steve Romero

I received a tweet from Charles Betz this morning that caused my jaw to drop:

@CharlesTBetz US federal CIOs to become responsible for IT portfolio management. http://bit.ly/nm3amT (What were they doing before?)

My jaw dropped because I completely concur with Charles' question: "What were they doing before?"

If you are a regular reader of my post you know what I think about portfolio management (PPM). PPM is by far the most crucial IT governance process. I firmly believe it is impossible for a CIO to do his or her job without sound PPM. But I also firmly believe PPM success in IT is dependent on sound and successful IT governance.

The link included in Charles' tweet is to a post on the ‘American Society of Military Comptrollers' titled, "OMB directs agency CIOs to focus on IT portfolio management". The post describes how federal agency Chief Information Officer's (CIOs) will now move from concentrating on policy and maintaining infrastructure (answering the question about what they were doing before) to being responsible for IT portfolio management. The post referred to a memorandum issued August 8 by Jacob Lew, Director of the Office of Management and Budget (OMB). The memo tells agency heads that their CIOs must focus on "delivering IT solutions that support the mission and effectiveness of their agencies and overcome bureaucratic impediments to deliver enterprise-wide solution."

The memo clarified CIO responsibilities in the four areas of responsibility for CIOs laid out in the "IT Reform Plan" issued in December, 2010.

Governance: CIOs will now drive the review process for IT investments and be responsible for the agency's entire IT portfolio. They will make IT portfolio analysis an integral part of the yearly budget process and will ensure that agencies meet the IT Reform plan goal of "turning around" a third of all underperforming IT investments by June 2012.

Commodity IT: CIOs will focus on eliminating duplication in IT investments and will reduce costs and improve service for commodity IT by pooling agency purchasing power across the organization. CIOs will work with enterprise architects to align IT resources by consolidating duplicative investments and applications. They are directed to use shared services rather than establishing separate independent services.

Program Management: CIOs are directed to hire top IT program managers and improve training. They will also be held accountable for IT program manager performance and will perform annual performance evaluations of component CIOs.

Information Security: CIOs will be responsible for implementing an agency-wide information security program. They will ensure that the program includes a "well-designed, well-managed continuous monitoring and standardized risk assessment process supported by Department of Homeland Security run "CyberStat" sessions.

Though I like each of the four areas of responsibility, once again, they potentially expose a common misunderstanding of IT governance - that this critical function of the business only addresses IT investment decisions. I might have been able to give the reform plan the benefit of the doubt by assuming the "entire IT portfolio" included addressing each of the other IT governance decisions areas but the other ‘areas of responsibility' listed in the Reform Plan cause me to have my doubts. Let's start by reviewing the fundamentals of IT governance:

IT governance is intended to meet five principles:

Align IT with the business
Deliver value to the business
Appropriately manage risk
Appropriately manage resources
Appropriately manage performance

These five principles are met by making reasoned and rational decisions regarding:

The IT archetype
Enterprise architecture
Infrastructure strategies
Fulfilling business needs (systems and applications)
Investments (spending)

These decisions (making as well as fulfilling) are enabled by IT governance processes:

Integrated Business & IT Planning
Architecture Management - Standards & Review
IT Investment Assessment, Prioritization, Funding & Benefits Realization Accountability (PPM)
IT Financial & Resource Allocation
Project Execution & Decision-making
Emerging Technology Evaluation & Adoption
Client Relationship Management
Building & Maintaining Applications & Infrastructure
Provisioning of IT Services
Strategic Sourcing Services
Audit & Risk Management

Now let's take a look at the other areas of responsibility in the IT Reform Plan and why I believe they could indicate a misunderstanding of IT governance:

Commodity IT

Eliminating IT investment duplication is a function of PPM and the portfolio analysis listed under the first area of responsibility, governance.
Investment and application consolidation (elimination of duplication) is a function of Application Portfolio Management (APM) - which should be performed in conjunction with PPM. APM is also associated with each of the main IT governance decision areas.
"Work with enterprise architects" is specifically called out and enterprise architecture is an IT governance decision area as well as a critical IT governance process.
Shared service decisions are associated with the IT governance decision-making areas of enterprise architecture, infrastructure strategies, and fulfilling business needs.

Information Security

Risk and security are the longest standing aspects of IT governance

I like the emphasis on program management capability but appropriately managing resources is also one of the principles of IT governance.

Though some folks may view these as nitpicks, the separation of Commodity IT, Program Management, and Information Security leads me to believe IT governance is viewed as solely addressing IT investment decisions. I contend each federal CIO would fulfill each of the areas of responsibility listed in the IT Reform Plan if those CIOs strived to meet the principles of IT governance by making the right decisions in each area of IT governance and then realized those decisions through sound IT governance processes. Heck I believe they would achieve much more.

Even if I set aside the question of what the CIOs were doing before they were directed to "become responsible for IT portfolio management," I am left with the fear that many CIOs will be unable to adequately meet the mandate. An acute understanding of IT governance is essential to meeting the goals of the federal IT reform plan, but the four areas of responsibility listed in the reform plan itself appear to reflect misconceptions of the IT governance discipline. I regret to say I find these misconceptions to be all-too-common, in business as well as government.

Again, I applaud the latest directive from the office of the OMB. But I'll have to keep my fingers crossed that the "it's about time" federal CIO focus on IT portfolio management and PPM will lead to an improved understanding of the nature as well as the power and promise of IT governance. Successfully managing the IT portfolio depends on it.

Steve Romero, IT Governance Evangelist

Share this post:

Tags: IT Governance, Project Portfolio Management, PPM

By: Steve Romero
Steve Romero is the IT Governance Evangelist at CA Technologies, Inc. His mission is to help enterprises realize the full potential of their IT investments for strategic and competitive advantage. In this capacity, he acts as a strong advocate for the customer, speaking around the world to users, prospective...
Read More..

Agile and the PMO

Published: August 04 2011, 03:40 PM | no comments
by Steve Romero

I just read Forrester's Margo Visitacion's latest paper: "The PMO in An Agile World: Can't We All Just Get Along?" http://bit.ly/rpw1R8 As usual, Margo is right on target with some great insights and recommendations.

Margo does a great job of breaking down the long-standing problem of project manager being stuck between developers seeking to meet the needs of their project stakeholders and customers and PMOs that must satisfy multiple sets of stakeholders. She notes how PMOs continue to favor the PMI PMBOK (Project Management Institute's Project Management Body of Knowledge) while questioning or not fully understanding Agile practices. Forrester recently conducted a survey showing that 76% of PMOs focused on PMBOK methodology development, while only 33% focused on scrum/Agile/Lean processes. (Even more surprising was that only 40% of PMOs focused on waterfall development methodology).

Margo goes on to recommend that PMOs update their industry practices (such as Agile) and listen to developers. These are great recommendations and thankfully, there is a wealth of information and solutions available to help PMOs do so. If your PMO needs to get up to speed on Agile, here are a couple of links that provide a great start:

This is a link to a very short and simple Agile tutorial video my company produced: http://bit.ly/p7WSrC
Here is another link to a very comprehensive overview of Agile. You will need to register, but it is free and worthwhile: http://bit.ly/r7Nk0w
Agile for Dummies eBook (free copy sponsored by CA Technologies) http://bit.ly/pNqylV

Margo Visitacion goes on to discuss two more problems in her latest work: the lack of trust between the PMO and Project Managers; and PMOs are too busy to be strategic. Though I don't believe these problems are a result of the onset of Agile development, they are most certainly exacerbated by it. I have long contended PMOs need to transform themselves from ‘paper pushers' and ‘process police' to ‘participants in enterprise success.' Here is a link to a webcast recording of my PMO presentation. It is not my latest (which includes the need for PMOs to learn and support Agile methodology), but contains 99% of what I would deliver to your organization if I visited you today. http://bit.ly/iINata

I hope these resources help you and your PMO get up to speed. The Agile-train is racing down the tracks and you will need to get on board.