Monday, November 13, 2017

The risk of portfolio management

The original of this article was posted on: Computerworld UK

Portfolio management is a tool promoted to improve business-IT alignment. According to the advocates it will help to ensure maximum business value creation from IT-enabled business projects. To make good on such a claim it must be a power(full) tool. However as any builder can tell you, when working with power tools, you better know what you are doing otherwise you could really hurt yourself.

There are many flavours of portfolio management these days. If you “Google” the term (as I did) you might be surprised about the end-less possibilities to apply this tool. The connoisseurs amongst the readers however may recognize terms and claims from the Val IT Framework owned by ISACA in the opening paragraph of this article. According to ISACA “The goal of the Val IT initiative, which .., is to help management ensure that organizations realize optimal value from IT-enabled business investments at an affordable cost with a known and acceptable level of risk.” One of the three processes that form the core of this model is called portfolio management. It is this (kind of) use of the tool portfolio management that forms the bases of this article.

Imagine the following situation. According to those in the business the IT Project “just do not deliver”. They are usually late, over budget and if they finally deliver the system functionality is “useless” from a business perspective. Time for change so we bring in a consult. The advice is that we will start managing our IT-enabled investment portfolio by implementing the Val IT approach. So the first step is to decide who should be at the decision table when it comes to choosing were to invest the scarce resources for IT enabled projects (In plain English: Who decides which IT Department and/ or project gets how much money). So we set up meeting schedules get business and It representatives, get the necessary mandates, set (strategic) boundaries etc. etc. In terms of Val IT we set up Value Governance (one of the three primary processes). Step two is that we stop the problem from growing. So for all new initiatives Business Cases become mandatory. Furthermore we ensure these business cases contain all relevant information so decision makers can compare apples with apples and make high-quality decisions about which investments should be pursued. The individual investments that do get funding are tracked (and if necessary adjusted) during their life-cycle to ensure they actually deliver on their initial promise (We just implemented the Val IT Investment Management process). To ensure we maintain a balanced mix of investments to “keep the lights on” (maintain the current operational systems) and create new business functionality (by building new systems and services) we introduce Portfolio Management (the third core Val IT process).

After initial implementation of the model we have the next challenge: How can we decide if the newly imbedded organizational model is actually working and what key performance indicator can we use to steer for continues improvement? A good indicator might be the number of Investments stopped during execution because they are no longer expected to deliver the business value initially promised (in the business case). Since we start with a lot of legacy investments (projects and budgets started based on the old decision making system) at first the indicator would be high because we ”need to clean house”. The old system (IT Departments and Projects) need to “shape up” and present (and if necessary create) the necessary business cases to the Value Governance institute. This will result in acceptance as a legitimate Investment into the Portfolio Management Process in which case the investment will be managed going forward according to the Investment Management process or in killing the funding. All “never ending projects” that lost sponsorship during their existence but somehow keep on running and all the systems, infrastructure and supporting It-departments that cannot show any business value what so ever will be weeded out as a result of this action. This is about as painful as it sounds. Most often the perception of the IT-domains performances will take an additional hit in this phase. After all we opened up the “black box” and cleaned out the “skeletons.”. But “no pain, no gain” so now we have a good new management system to improve Business-Value creation of IT enabled business investments. Based on our learning we should be able to improve our system so our KPI (% of our investments items stopped prior to completion because the expected business value is no-longer achievable) reaches zero. In plain English: “All investments are completed by achieving their expected business value. Since we only start “good” projects there is no reason to stop them half-way. “ I would say ultimate business value of IT!

Wrong, you most likely just killed all entrepreneurial spirit in your organisation. To understand this statement you need to understand the limitations of business cases. A prior article “Hail the almighty business case” explains that the purpose of a business case is not to eliminate all uncertainty and thus risk but to make the risks and uncertainties visible so those who need to decide can take them into consideration when they decide. The biggest risk to any organization will always be that things change in an unforeseen way over the course of time. So initially sound investments might need to be stopped early just because the “world keeps on turning” during the project (investment) execution phase. If we only invest in things we are certain will generate business value we might be overlooking high-value opportunities just because we are not 100% certain we can actually achieve the value. For example any investment in exploring new-technology for applicability to the organization would be stopped (by definition it is uncertain what the value potential of any such new technology might be when we start exploring). Entrepreneurship and innovation are valued terms for most organization. But these terms are closely associated with “exploration”, “going were no man has gone before”, “transforming uncertainty in understanding”. In general these kind of activities involve risk taking. If the value potential is considered high we may decide to accept the risk that the value does not materialise. So IT Portfolio management is not to avoid risk but to balance all the investment so the sum of all risk in the individual investments does not exceed the organizational risk appetite.

A better indicator would be to check how long it took the system to learn that the “world had turned” and how effective and efficient the reaction was (in adjusting or stopping the investment). Portfolio management is not about only honouring 100% “sure thing” investments it is about creating a balance between “keeping the lights on”, “no-brainer high-certainty, average-return-on-investment projects” and last but not least “cutting-edge, high-risk, high-value-potential investments”. To forget the last category is to forget about innovation!