Tag Archives: Governance

We Have Met the Enemy – He is Us

This was the title of my presentation at the #ITx2014 conference yesterday.

I have embedded the slideshow. In the next few days I will try and put up a version with an audio commentary reflecting what I said on the day.



Massive UK NHS project may collapse

The massive in all senses of the word UK NHS IT project may well collapse according to this report dated today.

Billions of pounds over budget and at least 4 years late the project seems to be lurching from one crisis to another. 2 of an original 4 vendors have walked away – Accenture and Fujitsu. BT has seen its involvement decrease. Now CSC and the Ministry cannot reach agreement on a revised contract.

This IT project is often cited as the largest non-military IT project in the world.

Another report earlier this year noted that both CSC and BT had failed to meet their obligations numerous times.

To further highlight the governance and other issues obtaining in this area, the outgoing chairman of the Public Accounts Committee has made a number of trenchant criticisms:-

Edward Leigh singled out IT procurement as “particularly weak”. He said: “Projects are over-ambitious, overly complex and fail to deliver what is promised while costs rocket.”

In an open letter to his successor, who will be appointed shortly after the country’s general election, Leigh said better IT procurement would help find savings that are “easily available”, without taking steps that risk “threatening” front line services. Other steps included reducing bureaucracy and complexity, improving front line services, core management skills and the analysis of information.

In a damning note on government operations, Leigh said the government needed to start learning from its experiences, and reminded ministers that public scrutiny of their work “must be taken seriously”.

There were a number of major problems that were examples of the government’s failures in IT procurement, he said. These included the “woeful” £350 million system implementation at the Rural Payments Agency, run by Accenture, in which the Agency’s “poor leadership” meant data had become full of errors and the system was at risk of becoming obsolete.

What makes his comments all the more damming were these remarks:-

Leigh said there were also a number of good examples of best practice, including the Department for Work and Pensions’ Payment Modernisation Programme. But only a few programmes drew on such examples, and in most instances departments did not carry out final Gateway reviews to determine if their programmes delivered the planned benefits.

So projects are completed. but in a signal failure of governance no assessment of value is completed.

Leigh went on to say:-

Successful IT projects required senior level engagement, the government acting as an intelligent customer, and ensuring the promised benefits could realistically be delivered, he said.

“We have been impressed by some talented people who know what they are doing and are determined to do it well, but more frequently we have been shocked by the failure to apply basic management disciplines to major projects and programmes,” Leigh said.

It appears that a significant contributor to these issues is a failure to apply basic governance and project/programme disciplines. Furthermore the problems seem to recur again and again.

In an open letter to MPs Mr Leigh stated:-

“My Committee has made thousands of recommendations for improvement, the vast majority of which have been accepted by government and acted upon saving the taxpayer over £4 billion, so our endeavours have been valuable. But it is disappointing to see problems arise in 2010 which repeat those of 2001 and indicate a systemic failure to learn from experience acquired within and across departments.”

Incredible and a warning to everyone concerned with major programmes and issues of governance.

The examples quoted are related to large projects, especially by NZ standards, yet the issues identified are seen again and agin in programmes/projects of all types and sizes.

Huljich and governance

Don Brash writes a defensive article for the NZ Herald on the Huljich mess. He claims that to compare Huljich to the finance company debacle is wrong.  He further states:-

KiwiSavers did not lose money as a result of Huljich’s actions

He notes Peter Huljich effectively compensated scheme members for losses on investments. Yet through the non-disclosure it can be argued that returns were mis-stated. It is legitimate to ask why this was done without full disclosure initially.

Brash takes a few sideswipes at comments made by Gareth Morgan and Carmel Fisher specifically, with some pointed comments about Morgan especially. Yet it seems to me, that he  may be missing the point.

If I was an investor in the Huljich fund I would have been looking to the board to have exercised appropriate supervision as part of their governance, such that they had adequate information regarding what was happening.

Questions arise as to just what oversight was being exercised? Was there adequuate governance?

Sir Adrian Cadbury back in the early 1990s in the Cadbury Report led the team that defined corporate governance:-

Corporate governance is the system by which companies are directed and controlled. Boards of directors are responsible for the governance of their companies.  The shareholders’ role in governance is to appoint the directors and the auditors and to satisfy themselves that an appropriate governance structure is in place.  The responsibilities of the board include setting the company’s strategic aims, providing the leadership to put them into effect, supervising the management of the business and reporting to shareholders on their stewardship. The board’s actions are subject to laws, regulations and the shareholders in general meeting.

Over time this has come to be seen as including, as I have written elsewhere:-

ensuring that both board and management have appropriate information systems which deliver the reports and other information required to make decisions and monitor events, with an assurance as to the integrity of the information provided.

The definition formulated by Cadbury has stood the test of time. It provides clear delineation of the respective roles of owners, directors and managers. Further, it makes reference as well to the over-riding governance of the law and regulations. Increasingly, it has been argued that this includes to the community at large.

In general are boards of directors putting in place appropriate governance? Are they ensuring that they have the information, advice and knowledge which they require in order to exercise their governance function?

Are NZ boards as alive to governance issues as much as they should be? Are they managing their risk exposures in this area properly?

Interestingly the Herald runs an article by Brian Gaynor today looking at the mixed track record of politicians making the tranistion to business.

What I find interesting is why given the critical nature of governance in the corporate world today and the fact that as former politicians these people should be well aware of the need to be well informed with a complete information flow that the record should be so patchy.

Reflections on project failure #1

Basil Woods at Baz Practice draws attention to a report by the UK’s Public Account Committee into an appalling case of incompetence regarding a major project.

The post and the report are worth reading.

One thing that captured my attention was this statement by the Chairman of the Committee:-

“Clearly this project was handled badly, it achieved poor value for money, many of the causes of delays and cost overruns could have been avoided. I could make some grand eloquent statement about how we never expect to see this happen again in the Civil Service but I suspect I would be wasting my breath.” – Edward Leigh

Mr Leigh has looked into other projects that have gone wrong. Many of us in work in the project arena have their own war stories to tell in this regard.

In my recent ISACA presentation, PROJECTS – Key Issues in Success/Failure,  I noted:-


These figures were drawn from the Standish Group Chaos reports. These studies and others have been reporting  poor statistics regarding projects for many years now. Whilst some dispute the Standish numbers, there is generally no argument that many projects substantially under achieve in terms of costs, time line, functionaliy and benefits. Not all as spectacularly as the one cited in the UK, but in one or more of the previously mentioned areas.

Continue reading

Lost Soul looks at South Canterbury Finance

I have in the past ventured some comments on South Canterbury Finance. Today, I should like to draw your attention to The Lost Soul Blog which has 2 recent posts – South Canterbury Finance Receivership Coming Soon and Sharemarket to South Canterbury Finance: Not Interested.

Take a look.

ISACA Wellington – October Lunchtime Session

This month we are fortunate to have Rob England speaking on the topic of Governance and ITIL.

As Rob’s website says:-

Rob England B.Sc., MNZCS ITCP is a “portfolio entrepreneur”, working on multiple activities via his company, Two Hills.  These include IT commentator, speaker and consultant (ITSM, culture change…), blogger, speaking coach, sales coach, trainer, published author, small business researcher, and nascent internet businessman. Rob is well known also as the IT Skeptic.

So come along to Deloittes, 12:00 at Deloitte’s on Brandon St, and benefit from the wit and wisdom of Rob England.

Key Issues in Project Success/Failure

This is the presentation I gave to the ISACA Governance Event on 11 September. I have been meaning to put this up for sometime, but unaccountably did not get around to it.

Ultimately I intend to expand on the matters discussed here, but as I have not got around to this as yet, I decided to post the presentation.

US $6.2 trillion = annual cost of IT failure

Michael Krigsman cites US$6.2 trillion, as the annual cost of IT failure. The estimate was sourced from Roger Sessions who blogged his estimate. Clearly the amount one comes up with in a calculation of this sort is greatly affected by the assumptions made. Yet given the fact that most agree that there is a high ‘failure’ rate to projects the presumption must be that we are looking at very large numbers of $ in terms of waste.

Anyway, admit it, the number got your attention.

Back in June I presented to the ISACA Wellington Chapter on Learning From ‘Failure ‘or ‘A Tale Of Three Projects’. The discussion was based on 3 projects I had personal experience and knowledge of and my comments were set against the back drop of the ISO 38500 standard on IT Governance.

Recently, I presented at the ISACA Wellington – Governance Day on the topic Key Issues in Success/Failure in the context of programmes/projects, on one slide I highlighted a number of common factors found in projects/programmes:-

Defining Factors in Project/Programme Success/Failure

Defining Factors in Project/Programme Success/Failure

I went on to map these against the 6 Principles set out in ISO 38500, which are:-

6.Human Behavior

Read more Continue reading

ISACA Wellington – Project Success Event

We had a good day on Friday. Interesting presentations and lots of questions and discussion from the participants, which made the effort involved in organizing the programme and event well worth while.

A consistent theme which emerged was the importance of people in all aspects of programmes and projects. Further, was a strong sense that when looking at programmes and projects we should recognise first and foremost that they are about business and change, not techonology alone.

My thanks to the speakers and to the attendees for making the day so succesful.

Reflecting on Governance

Recently I led an ISACA lunch time thinktank on the confusion that exists in many minds as to the role of governance as opposed to that of management.

A group of some 16 met for this discussion and discussed the issue for around 90 minutes.

One of the conclusions that we came to was that the knowledge, capability and leadership of organizations was an essential element in achieving successful governance and management of all organizations.

I personally would go further and add that personal and organizational values underpin activity and performance. Thus, I am sceptical that prescriptive legislative approaches such as Sarbanes-Oxley are truly effective as they are legal, mechanistic frameworks.

It was with much interest then that I read a comprehensive post by lawyer Stephen Franks today on governance issues.

Stephen recounts a recent presentation  which he attended, and the nature of some research findings, by Professor Andrew Kakabadse, Professor at Cranfield University School of Management

Apparently amongst other findings is the following:-

Some tenets of popular Governance Codes have little correlation with the success of organisations.

The quality of the chair matters above all. While there is an enormous diversity of types of successful board, nominal diversity within a board is not correlated with success.

Quality can come from in house appointments, with an executive chair, or from outside. Age helps, as does experience in business and as a director. Having worked under a good mentor helps.

But the key requirements are high intelligence, the ability to set boundaries (of responsibility, behaviours and to draw difficult distinctions) courage, diplomacy or ability to influence, and humility (to value and elicit challenging contributions).

Social intimacy is important. Dinners and other social time together help people to know and therefore to trust each other. Without that trust it is harder to raise hard questions in ways that leave relationships intact.

Boards need members who are independent challengers of orthodoxy, but they stay useful only if they learn how to be more than gadflies.

Finally and this resonated very strongly with me, given my views on the issue:-

But most of all he emphasized that good Boards come down to the personal qualities of the people on them, and in particular how they are led, and that success is not correlated with the promulgation and observance of codes and formal governance policies.

There is a place for codes and policies, but they must be tempered with leadership, integrity and strong corporate and personal values – where the emphasis is on ‘doing the right thing.