In the business management business and the management of spending other people's money to produce a product or provide a service, there is a distinct bright line between organizations that have governance or organizations that have no governance.
Governance and the ideas of governance have been around for a long time. The signing of the Magna Carta 800 years ago set the stage for governance in political systems, which flowed to business systems, and down to the management of projects in both business and government.
Business Governance is ...
... the set of decisions that defines expectations, grants power, or verifies performance. It consists either of a separate process or of a specific part of management or leadership processes.
There are well developed business governance frameworks, starting with SOX. But I work primarily in the Program Governance domain, guided by ITIL, CMMI, CMS (Center for Medicaid Services), and other internal paradigms.
Program and Project Governance is ...
... the framework which ensures the project has been correctly conceived and is being executed in accordance with best project management practice within the wider framework of the firms organizational governance process.
Effective project governance ensures projects deliver the value expected of them. An appropriate governance framework ensures that all expenditure is appropriate for the risks being handled.
Project governance is not about micro–management, it is about setting the terms of reference and operating framework, defining the boundaries and ensuring that planning and execution are carried out in a way which ensures that the project delivers benefits.
The difference between business governance and project governance is ...
- Business Governance is the organization control of the business's ability to deliver value.
- Project Governance is the oversight of the execution of the project's that produce that value.
So What Does This Mean and Why Should We Care?
Let's start with the question what's the value at risk? † The literature, blog-sphere, and other outlets are full of examples of IT project failures. From the poor statistics of Standish, to the Root Cause Analysis reports at RAND and IDA, to research on processes and practices searching for solutions to the cost, schedule, and technical shortfalls - the common missing element is deciding what governance processes to apply in what manner to protect the Value At Risk.
When we hear of some new, untested, idea of how to improve the performance of a project, we need to start with:
- Where have you seen this work in improving the probability of success?
- What's the Value at Risk for the projects you want to apply this idea to?
- What Governance processes are in place, that would be violated if we applied you clever idea?
- What basic principles of business management would be violated in the presence of this idea?
These questions are governance questions?
If you have no governance, then the answers to the questions are unimportant, proceed to spend your customer's money.
When we encunter Dilbert-Isk situations in management, it is likley we are missing the Governance of Other Peoples Money factor, that is often used as the excuse for not doing good management. Here's a small sample of current conditions, and desired conditions from a recent engagement.
A Test of Any New Idea
When we hear about the newest idea on managing other peoples money, ask how is this idea going to address the root cause of the current undesirable condition?
Then ask how would we see tangible evidence that this new idea is applicable in out domain, for our "value at risk," within our governance model?
No answers? Just I'm not going to tell you how, I'm just going to tell you my experiences.
† "Using Value-at-Risk for IS/IT Project and Portfolio Appraisal and Risk Management," Stefan Koch Department of Information Business, Vienna University of Economics and BA, Austria
† Portfolio Optimization, using Value at Risk, http://www.doc.ic.ac.uk/~vk02/project