Home
Home
 
Advice
Recent updates
10 mistakes
E-newsletters or
order BPG guides
What we do

Risk free IT
Mentoring
Expert witness
Project recovery
Case studies

Contact us

BPG helpline
Office addresses
Press enquiries
IT RISK MANAGEMENT NEWSLETTER FEB 04


In the Feb 2004 issue:
* Welcome to ITRM 2004
* New gateway, old problems
* Are you legally covered?
* Sainsbury's - is proven best?
* On the Web this month.

The IT risk management newsletter is a free collection of hints and tips for keeping the cost of IT projects under control.

But rather than concentrate on traditional project management concerns, it focuses on risk management - advice for the layperson about the contractual, legal and technical issues that are not well understood by the mainstream.

Subscribe / unsubscribe: risk@bestpracticegroup.com

To contact the editor: editor@bestpracticegroup.com

Welcome to ITRM 2004

The main focus of this newsletter is a critique of the UK government's plan to tighten its "gateway review" process for managing big IT projects. There's also an explanation of why IT directors are often surprised to find that they are inadequately prepared to provide evidence in legal cases, and a discussion of Sainsbury's plans to return part of its outsourced IT in house.

Our next issue will be out in March.

In the meantime, we're just about to reprint an updated version of our popular guide "the 10 mistakes everyone makes with IT projects," as well as releasing a new guide that details how to avoid the problems most often encountered in outsourcing.

If you'd like to receive free PDF or print copies of either, click here.

New Gateway, old problems

Will tightening up the government's "gateway" project-managment process reduce the chance of IT failure?

According to Computing magazine, the UK government plans to tighten up its IT-project review process following a series of embarrassing project failures.

BPG is not convinced this will help.

As a system, the government's "gateway" process provides an unusually thorough set of rules for managing project risk. The supporting material, also, is thorough and useful.

However, in practice the system does not always protect against the risk of projects failing or running over budget.
What the government needs, in addition to theory and documentation, is a mentoring program.

Risk management is the art of balancing speed and cost of execution against the potential for problems. So the only way it could be comprehensively taught is by providing a manual that describes how to act at every potential junction for every different environment, system, and business need.

That's a big manual.

A more sensible approach would be to have experienced project managers mentor the less experienced. Or, at the very least, to have the experienced teach groups of the inexperienced.

That approach would solve more problems than a tightening of guidelines. The guidelines are not so loose that they cause projects to fail; they are simply inexpertly applied.

Are you legally covered?

When IT executives end up in court, they are often surprised to find it's not enough to have tried to act ethically. What else do you need to do?

Whether or not this is formally acknowledged, the IT department is the centre of record-keeping in an organisation.

As a result, the work of IT directors is critical to any lawsuit. Whether an organisation faces an unfair dismissal claim, a theft of intellectual property or something other legal problem, organisations must demonstrate that they have complied with legal requirements for storage of information.

Unfortunately, this often teaches the IT department a nasty lesson about its legal responsibilities.

As a broad summary, an IT department must not only reactively store records. It must also make a proactive attempt to keep records that may not naturally fall within IT's ambit.

What's the difference? Most IT directors know they must be able to access emails to supply to a court on request. But did you realise that you may also be required to produce a backup copy of emails that have been deleted?

If you do, you might as well let them be "shredded".

That creates a bad impression of your company in court.

So as you must keep tax records and the like for at least six years, a similar timeframe is suggested for backups of key information, particularly financials, dealings with suppliers and customers, and email.

Sainsbury's - is proven best?

Sainsbury's plan to radically change the way its IT is outsourced. Does this indicate that its previous structure was a failure?

Sainsbury's has recently changed the way its IT is outsourced.

In 2000, the company signed a seven-year agreement for Accenture to take over the management of its IT via an intermediate company called Swan Infrastructure.

At the end of January, Sainsbury's announced that it plans to buy Swan and bring management of its outsourcing in house.

Accenture will still be its outsourcing partner. In fact, Sainsbury's has extended its contract to now last until 2010.

But the intermediate management has been eliminated - a move entertainingly described in Computing by analysts Ovum Holway as "weird". That analyst claims the deal, which Sainsbury's says will save £25m, is "financial smoke and mirrors".

From a risk-management perspective, BPG believes this buy-back is a good thing. It is always a good idea to eliminate additional layers of management between an organisation and its outsourcing partners.

That applies even if additional layers of management let you move IT further "off the balance sheet" - ie defer its costs for a longer period than is possible by outsourcing direct.

The experience of our customers suggests that the financial benefits of moving IT "off the balance sheet" are only ever short lived. The more layers of "communication" between yourself and your partner, the greater the chance of miscommunication.

The real benefit of moving IT off sheet is that it makes the IT Director look efficient. An IT Director who makes that kind of improvement to costs can use their achievement to land a plum job in another organisation, where they can use the same short-term tricks to "improve" IT.

But what happens to the IT Director who is hired to clean up the mess in the original company?

More on the Web

Many IT managers feel "mistreated and betrayed" by rising maintanence costs for essential software, reports AMR Research in MIS magazine (you'll need to register to read this article).

In fact, many companies would prefer to pay using a subscription-based model, reports Infoeconomy.

Meanwhile, the Guardian's online business section has detailed a number of ways that companies who trade online may run foul of data protection regulations.

 

Recent updates
New guides
Download the new "little book of IT project mistakes" and pre-order our guide to OJEC government IT buying.

One minute guide
Will tightening up the government's "gateway" project-management process reduce the chance of IT failure?

Are you covered?
When IT executives end up in court, they are often surprised to find it's not enough to have tried to act ethically. What else do you need to do?




 
Copyright © Best Practice Group PLC