Risk Management for IT Projects book cover

Risk Management for IT Projects

How to Deal with Over 150 Issues and Risks

The rate of failure of IT projects has remained little changed in survey after survey over the past 15-20 years—over 40-50%. This has happened in spite of new technology, innovative methods and tools, and different management methods. Why does this happen? Why can’t the situation be better? One reason is that many think of each IT effort as unique. In reality many IT projects are very similar at a high, strategic level. Where they differ is in the people and exact events—the detail. If you read the literature or have been in information systems or IT for some time, you have seen the same reasons for failure and the same problems and issues recur again and again. In this book IT Management experts Ben Lientz and Lee Larssen show you how to identify and track the recurring issues leading to failure in IT projects and provide a proven, modern method for addressing them. By following the recommendations in this books readers can significantly reduce the risk of IT failures and increase the rate of success. Benefits of using this approach:• Issues are identified earlier—giving more time for solution and action.• Issues are resolved more consistently since the approach tracks on their repetition.• You get an early warning of problems in IT work—before the budget or schedule fall apart.• Management tends to have more realistic expectations with an awareness of issues.• Users and managers have greater confidence in IT due to the improved handling of issues.• Since the number of issues tends to stabilize in an organization, the IT organization and management get better at detecting, preventing, and dealing with issues over time—cumulative improvement.• Giving attention to issues make users more realistic in their requests and acts to deter requirement changes and scope creep.

IT managers, Project leaders in IT departments, consultants and vendors involved in IT


Published: May 2006

Imprint: Butterworth Heinemann

ISBN: 978-0-7506-8231-2


  • PrefacePart 1: Issues and Risk Management1. IntroductionCommon IT related problemsWhy IT efforts failIT Differs from Other Types of Business Work How IT and the business have changedIT and politicsThe management view of ITIssues and riskTypes of issuesThe life cycle of an issueSome common problems in issues managementIssues across projectsProblems versus opportunitiesThe goals of ITProcess improvement and reengineeringThe general approach to issues and risk managementThe organization of the bookConclusions2. Effective Issues Management and CoordinationIntroductionGeneral management of issuesThe issues databasesGetting startedDefining issues at the start of projects and workTracking of issues and riskUser and vendor issue coordinationIssue and risk communications and reportingHandling issues within the IT organizationDecision making and followupDealing with multiple issuesCoping with recurring issuesConclusions3. Analysis and Measurements of Issues and RiskIntroductionProblems with standard measurementsThe management critical pathMultiple project analysisTracking status using issues and riskTotal issuesOpen issuesUncontrolled versus controlled open issuesAging of open issuesAverage time to resolve issuesDistribution of open issues by typeIssues by type over timeSelection of issues for decisions and actionsPerspective on different issuesProject evaluationProject terminationConclusionsPart 2: Internal Issues and Risk4. TeamsIntroductionThere is a lack of teamworkTeam members or departments do not get along with each otherSome team members are difficult to manageThere is a wide range of experience and knowledge among team membersThe project or work leader is junior and lacks experienceThere is substantial turnover among team membersThere is a lack of motivationThere is not much communications among team members and outside of the teamA new team member has to be socialized into the groupTeam member performance does not seem to improve over timeToo much time is spent in meetingsConclusions5. The WorkIntroductionThere are limited or no guidelines for using methods and toolsThere are tools used with no structured methodsThere is a lack of formal reviews of work and too much to reviewThe methods are too informalReporting on the work is faultyThere is a lack of planning for the workThere is no gathering of experience from performing the workThere is a new tool to be introducedThe same mistakes in the work seem to be repeatedPeople work in a single tasking modeConclusions6. Business UnitsIntroductionUsers resist changeUsers want the technology but do not want to changeThe business processes have too many exceptionsThere are many shadow systems in the business unitsThere are many variations of the same process in useIt is difficult to get qualified users to join the effortUsers do not want to assume responsibilityUsers do not resolve issues quickly or adequatelyUsers dictate solutionsUser management is attempting to manipulate IT to gain more powerUsers change requirements frequentlyUsers are unwilling to signoffConclusions7. ManagementIntroductionManagement has unrealistic expectations of benefits and impactsThere are no clear goalsManagement changes direction frequentlyDecisions are made without the advice or involvement of the IT managersThere is substantial management turnoverManagement pulls resources from some IT work and reassigns the resourcesManagement attempts to micromanage the workManagement shows no interest in IT mattersManagement fails to resolve issuesThere is no strategic IT planThere is a lack of alignment of IT to the businessConclusions8. ProjectsIntroductionSome projects do not seem to start out rightThere are too many surprises in the projectThere is much unplanned work in the projectIt is very difficult to manage and track multiple projectsToo much time is consumed in project administrationSome project leaders lack skills and knowledgeThere is no standard project reportingSmall projects are not treated as projectsLarger projects are divided up in the wrong wayThere are too many projectsYou do not know what is going on in the projectConclusions9. Resistance to ChangeIntroductionThe change does not fit our workWe have tried similar things before and they did not workThere is no incentive for me to changeAll the change means is more work for the same compensationThere are no available resources or time to support the changeThe technology or change is too complicatedI will lose my jobWhat we have done in the past worked well, why changeYou cannot teach an old dog new tricksThe change is too riskyNo one will take responsibility if the change does not workConclusionsPart 3: External Issues and Risks10. Vendors, Consultants, and OutsourcingIntroductionThe vendor performance is not adequateVendor staff do not share informationVendors use their own proprietary methods and toolsVendors agree but then do something differentThere is substantial vendor staff turnoverVendor communications are not structuredThe vendor was politically selected by managementThe vendor does not resolve issuesThe leader of the vendor team miscommunicates to vendor staffThe vendor overpromisesVendor staff are thinly spread over multiple clientsThe vendor staff are not highly qualifiedConclusions11. HeadquartersIntroductionHeadquarters dictates a solutionThere is no allowance for resource needs at the local levelHeadquarters attempts to micromanage the work in the business unitThere is a lack of understanding of the cultural and political differences between locationsThere are poor communications between the business unit and headquartersHeadquarters people turn over and change too oftenHeadquarters changes direction often during implementationHeadquarters is not flexible in the general implementation of the workHeadquarters provides no direction for the workHeadquarters does not provide the necessary fundingIssues and questions raised with headquarters are not addressedConclusions12. TechnologyIntroductionTechnology vendors are merging and combiningThere is a lack of integration with the technologyThere is no time to adequately learn the new technologyThe benefits of the new technology are not clearA decision is needed as to whether to adopt a new technologyThe technologies in use and of potential use are not compatibleThe technology raises privacy concernsThe new technology is only an incremental improvementThere is a wide range of potential technology solutionsThe vendor is forcing an upgradeThere is a lack of standards in the technologyThe technology is changing too slowly or too rapidlyConclusionsPart 4: Issues and Risks in Specific IT Activities13. IT Strategic PlanningIntroductionThere is no management interest after the plan is approvedLinking IT planning factors to the business is difficultThere are high management expectations of the planning effortThere is no defined business vision or missionIt is difficult to show the benefits of technology projects in the planThere are limited or no resources to do the planningPast planning efforts have failedShould the IT plan be business or IT driven?Business is not clear about what they would get from the planThere is a challenge in turning action items in the plan into actionsConclusions14. AnalysisIntroductionThere are incomplete requirementsThere is inadequate time to gather requirementsUsers lack knowledge of their own processesUsers are not creative in developing solutionsThe benefits of the work are fuzzy and unclearThere is no real overall measurement of the processThe analysis methods are overly formal and not scalableThe original stated problem is not the real problemThe real problems are political and not technicalThere is no real downside if the project is not doneConclusions15. Software PackagesIntroductionNo software package fits the requirementsThere is a lack of vendor support in the client locationThe software has had no new releases in some timeA decision needs to be made on whether to move to a new releaseThere is a lack of support for the product from the vendorThe software package vendor was acquired by another firmThe marketing people promised features and functions that are not thereDocumentation of the product is not adequateThere is a lack of qualified training in the use of the packageThe package has very limited flexibilityThere are substantial hidden costs to the software packageConclusions16. DevelopmentIntroductionThere is excessive reliance on one personA key person leavesDevelopment is performed ad hoc without adequate designThere is a lack of emphasis on testingThere are inadequate toolsDevelopers do not share knowledgeThere is a lack of in-depth review of workUsers contact programmers directly on a regular basisThere is a lack of teamwork among developersDevelopers cannot agree on the details of the technical approachThere are few guidelines for doing the workThere is a lack of using past knowledge and experienceDevelopers are concentrating on the easy parts firstConclusions17. ImplementationIntroductionUsers refuse to accept responsibilityUsers are not available to participate in the implementationThere are last minute requirement changesThere are lingering issuesIssues that were resolved become unresolvedTraining of users is not complete or suitableUsers resist change during the implementationUsers continue to work with the old systemThere are problems with the data discovered during data conversionUser management is unwilling to enforce turnover to the new processThere is inadequate user testingConclusions18. Operations and SupportIntroductionMany of the IT staff members prefer operations support to projectsThere is too much emergency workSome staff use maintenance as a chance to redevelop softwareThere is an overly cozy relationship between some IT managers and staff and usersSupport requirements are too specializedThere is a lack of measurement of support and maintenanceThere is no differentiation between maintenance and enhancementHow Should Operations and Maintenance be Managed?ConclusionsAppendices:A. The Results of a Survey on IT IssuesB. The Magic Cross ReferenceC. Web SitesD. ReferencesE. Index


advert image