IT Project Failures

May 21st, 2008

SAP’s Business byDesign: the perfection conundrum

Posted by Michael Krigsman @ 2:23 am

Categories: IT issues, SaaS, PaaS, and SOA, CIO issues, SAP, Sapphire08

Tags: Software-as-a-service, SAP AG, Business, Software As A Service (SaaS), Emerging Technologies, Michael Krigsman

SAP’s software runs the world’s largest enterprises 24/7 x 365. As a mission-critical infrastructure provider of enterprise applications, SAP’s cultural DNA is hard-wired to deliver stable and reliable backbone software to large organizations. Given this background, one might ask whether that “perfection-oriented” culture is ideally suited to meeting the needs of small companies in an on-demand software world.

SAP’s large-enterprise customer base knowingly accepts complexity as the price of flexibility and reliability. As Pascal Brosset, SAP’s Senior Vice President for Portfolio Strategy, pointed out in conversation, “There’s no such thing as simply running ExxonMobile,” an understated comment reflecting a basic truth about the world.

SAP also recognizes that complex organizations with diverse requirements demand finely tuned solutions across both software and support. Responding to this need, Vishal Sikka, the company’s Chief Technology Officer, said in an interview, “SAP possesses the world’s best understanding of complex systems support.”

• Also see: Interview and podcast with Vishal Sikka

The vision for Business byDesign is rooted in SAP’s deep knowledge of the integrated processes that run an organization. Unlike other SaaS products that are more limited in scope, such as a Salesforce.com, Business byDesign includes broad functionality extending across many business processes, as shown in the following diagram:

It’s interesting to peek under the hood of Business byDesign, which was built from the ground up around service-oriented architecture (SOA). The following image presents a view of the business process model and configuration inside Business byDesign. Note this is not an end-user screen, but reflects engineering behind the user interface:

SAP’s large enterprise culture will need to adapt to support the requirements of small business solutions in the SaaS market. I asked ZDNet blogger and SaaS market analyst, Phil Wainewright, to describe what small companies seek in a SaaS solution: “SaaS is all about fast results, reduced cost, and solutions that evolve and improve over time.”

SAP has already faced challenges in meeting its Business byDesign objectives. Fellow Enterprise Irregular, Brian Sommer, wrote:

SAP executives admitted that their new on-demand solution encountered challenges the company had previously never encountered. First, SaaS was an entirely new space. Second, the company couldn’t fully ‘leverage their 35 year experience’ in application software as these customers were not the typical SAP customer and the solution would be used differently than its prior on-premise solutions. One SAP executive said they “thought they knew this market” but that wasn’t exactly true. Lastly, their development staff was caught by surprise as the they did not have the same level of control with this product as they have had with other product lines.

THE PROJECT FAILURES ANALYSIS

In conversations with senior management and Executive Board members, it became clear SAP understands the need for cultural shifts as it orients toward the small business SaaS market. However, it remains to be seen whether SAP can develop the culture, competence, and focus required to simultaneously deliver products for two vastly different constituencies: the world’s largest organizations on the one hand and 100-person companies on the other.

Nonetheless, SAP is taking a conservative and long view toward the market. As Chief Technology Officer, Vishal Sikka, said, “It’s more important to be right than to be early.” Statements like this have convinced me the company is serious and committed to its vision. While success or failure will ultimately be proven only in the fullness of time, this company is absolutely serious about it’s SaaS trajectory.

May 16th, 2008

Let’s meet in Berlin

Posted by Michael Krigsman @ 7:22 am

Categories: Blog annoucements

Tags: Blog, Berlin, E-mail, Blogging, Online Communications, Internet, Michael Krigsman

I’ll be in Berlin for a few days, attending SAP’s Sapphire conference. I’d love to meet blog readers, so please say hello if you’re there. Either send email (use the ZDNet email form) or contact me on Twitter.

May 15th, 2008

10 attributes of bad CIOs (self test)

Posted by Michael Krigsman @ 5:26 am

Categories: IT issues, CIO issues

Tags: CIO, Information Technology, Indecision, Asset Management, Financial Management, Strategy, Recruitment & Selection, Operational Planning, Business Operations, Financial Planning

Chief Information Officers are responsible for both high-level business strategy and detailed technology decisions, making the job among the toughest in business.

The high incidence of IT failure demonstrates the extreme difficulty of juggling business and technology goals that are sometimes in direct conflict with each other. Unfortunately, many CIOs seem to get tied in knots over this issue.

Given all this trouble, here’s a self-test for CIOs, based on a Tech Republic article. See whether you qualify for the top technology job in your organization:

1. You are uncomfortable working with senior management. It would be a real problem if you aren’t comfortable working with senior management since, as CIO, you are senior management.
2. The concepts of financial management totally elude you. It’s common for the IT budget to represent anywhere from 3% to 5% of the total expenses in a company. Financial management is a major part of the CIO’s job.
3. You have no desire to participate in business strategic planning. It is the job of the CIO to understand all of the aspects of the marketplace in which the company participates to help it effectively use information technology to address these challenges.
4. Any kind of change drives you crazy. As the CIO, you are the company’s primary change agent.
5. You think SOX is a garment. The CIO must understand all aspects of compliance requirements and issues. As CIO, you will be required to assist the company in avoiding the liabilities associated with noncompliance with these regulations.
6. To you, asset management and building management are the same things. The CIO must understand asset life cycles and the techniques for managing assets through their life cycle. The CIO also needs to know the value of those assets and must be able to manage them efficiently.
7. The idea of selling anything scares you to death. A CIO should not be frightened of selling or the sales process; it’s a large part of the job.
8. Indecision is one of your strong points. A CIO is required to make hundreds of decisions a day. Some are popular; some are not so popular.
9. You’re really skilled in one key area of information technology. The CEO and the rest of the senior management team are going to expect you to be the senior information technology person. Therefore, they will just assume that you are knowledgeable in all areas of IT. You and I both know that’s impossible. The key is to develop an understanding of the different technologies and surround yourself with experts in each.
10. You believe that CIO stands for “career is over.” [M]any CIOs are progressing to the CEO position within their company. So if you think that becoming a CIO is the end of your career, you may want to rethink whether you have what it takes to be a CIO.

Do you have what it takes to manage conflicting CIO demands without your arms getting tied in knots? Leave a comment and let us know.

May 14th, 2008

UK gov’t releases transparent post-failure analysis

Posted by Michael Krigsman @ 4:00 am

Categories: Government projects, Project management, CIO issues

Tags: Project, Procurement, Analysis, IPS, Purchasing & Procurement, Government, Business Operations, Michael Krigsman

The UK Identity & Passport Service (IPS) has released an excellent post-implementation assessment report describing lessons learned from five key 2007 projects. In an unusually transparent move for any government agency, the report candidly examines each project’s objectives, deliverables, and areas for improvement.

The report analyzes the following IPS projects conducted during 2007:

• Authentication by Interview (ABI) – our largest project and an important counter fraud initiative which provides the capability for IPS to conduct passport applicant interviews
• Reserve Facility – the provision of a reserve site for IPS’s main passport production facility ensuring business continuity in the event of catastrophic failure
• ePassport Public Reader Project – the provision of a self service facility at passport regional offices to allow the public to view the data on the chip in the ePassport
• Eclipse – a project to introduce a web based on line procurement system to improve efficiency of the procurement process, and comply with the eGovernment agenda.
• PASS 7.2 – development of IPS’s core application processing system to enhance database technology, and implement policy changes and process improvements.

It presents over 20 specific recommendations for improvement, organized according to the following categories:

• Benefits Realisation
• Business Involvement
• Communication
• Contract Management
• Culture
• Governance
• Implementation Roles and Responsibilities
• Issues management
• Management of External Communications
• Off-system Customer Experience Testing (CET)
• Phased Implementation and Transition Plan
• Process
• Project Approach
• Project Resourcing
• Release Authority Board (RAB)
• Release Authority and Business Readiness Meetings
• Security Accreditation
• Staff Recruitment
• Stakeholder Management
• Testing Environment
• Testing Methodology
• Testing and Piloting

This list is outstanding precisely because it covers many common points of program management failure. Despite the importance of post-implementation analysis in preventing future failures, many organizations don’t perform serious post-mortems, fearing that embarrassment or conflict will result.

That’s why the objectivity and candor presented in the IPS analysis is so refreshing. In addition to being even-handed, pointing out both flaws and successes, the results are open and available for anyone to see. That’s a sign of a healthy, confident organization trying to learn from past experience.

Good work, IPS! You’ve set a great example for both government and the private sector.

May 13th, 2008

Feedburner is down

Posted by Michael Krigsman @ 4:55 pm

Categories: Enterprise 2.0, Availability and reliability, Failure 2.0

Tags: Feedburner, Michael Krigsman

Update 5/13/08 9:00pm EDT: Feedburner works again. Yay!

Gawd, I hate when that happens. Note to Feedburner: Check out 7 tips for handling post-failure communications for some post-recovery advice. By the look of this error page, you need the help.

May 13th, 2008

EDS’ troubled legacy of failed IT projects

Posted by Michael Krigsman @ 8:58 am

Categories: Vendor relationships, Project failures, Government projects, IT issues

Tags: Information Technology, Electronic Data Systems Corp., Strategy, Management, Michael Krigsman

Observing the news that HP is acquiring EDS, perhaps it’s time to reflect on EDS’ troubled history with IT projects. I’ve written about a number of failed projects where EDS played a role.

Warning, some of these stories are ugly:

• More EDS issues over botched IT project in UK
• Serious IT governance issues at UK Revenue & Customs (HMRC)
• EDS screws UK Jobcentre Plus, according to House of Commons
• State of Failure in Wisconsin
• Wisconsin’s Apologist for IT Failure
• ZDNet UK’s list of top 10 IT failures

An anonymous reader sent me the following email specifically regarding an EDS government contract:

In [my state], we have had numerous problems with outsourced IT projects, cost over runs, failure to deliver on time, and products that don’t work. The most frustrating aspect is that there seems to be no sanction for failure — those same companies turn around and sell the same poor product to other states and then get new contracts from our own state.

This sentiment echoes some of the stories I’ve written about EDS:

EDS has proven itself to be anything but a model corporate citizen, and without doubt managing such a behemoth is a difficult and challenging task in the best of circumstances. Nonetheless, such hare-brained schemes remind one of the fox guarding the hen house. Ah, the power of large corporate legal departments with sufficient resources to successfully fight the government.

Let’s hope HP does better than EDS in regards to IT failure.

May 12th, 2008

FBI: Counterfeit Cisco routers risk “IT subversion”

Posted by Michael Krigsman @ 6:05 pm

Categories: Vendor relationships, Government projects, IT issues, CIO issues, Security and privacy, Politics

Tags: Cisco Router, Router, Network, Information Technology, Cisco Systems Inc., Hardware, Routers & Switches, Federal Government, Networking, Network Technology

An internal Federal Bureau of Investigation presentation states that counterfeit Cisco routers imported from China may cause unexpected failures in American networks. The equipment could also leave secure systems open to attack through hidden backdoors. The scope of the problem is broad and results from a complicated supply chain originating in Shen Zhen.

From a narrow project failures perspective, network problems caused by this equipment should be treated as any other hardware malfunction. Of course, the entire concept of third parties using compromised hardware to infiltrate public and private systems in the United States is another matter entirely.

Faulty networking hardware can be a nightmare to troubleshoot and fix. For example, the U.S. Customs and Border Protection (CBP) location at Los Angeles Airport (LAX) suffered a failed router last year; the problem delayed 20,000 passengers before technicians successfully isolated and repaired the issue.

The following slides, pulled from the larger presentation, indicate how seriously the FBI is taking this threat to national security.

May 11th, 2008

Hosted software development: an emerging market [includes podcast]

Posted by Michael Krigsman @ 5:47 pm

Categories: Interview, Tools, IT issues, SaaS, PaaS, and SOA, CIO issues, Enterprise 2.0, Podcast

Tags: Software, Podcast, Environment, Emerging Market, Workflow, Tool, Development Environment, Tools & Techniques, Productivity, Software Development

Note: Click the player above to hear my podcast interview on hosted development with Jeffrey Walker and Jeff Leyser from Atlassian Software.

Hosted software as a service (SaaS) development solutions have become an important option for mainstream programmers. These products range from straightforward offsite storage, such as Amazon’s S3 service, to fully outsourced platform as a service (PaaS) application environments, like that which Salesforce.com provides in Force.com.

To learn about hosted software development, I asked two folks from Atlassian Software, which provides hosted group collaboration and software development tools, for an interview. Jeffrey Walker, the company’s President, and Jeff Leyser, Product Marketing Manager, briefed me on issues related to hosted software development.

What is hosted development?

Development systems consist of an integrated development environment (IDE), where programmers directly write and compile their code, along with other supporting tools. Two critical components sitting outside the IDE are the repository, where code is stored and its history maintained over time, and the defect tracking system, where developers track and manage bugs.

Hosted development solutions, such as Atlassian’s Jira Studio, provide these non-IDE components, along with other software development and collaboration tools, over the Internet.

In contrast, full PaaS systems, like Force.com, allow applications actually to run on their system. In other words, platforms include the IDE, supporting tools, have their own development language, and incorporate a run-time system.

What are advantages and disadvantages of hosted vs. local software development?

With hosted development, the hosting provider maintains the development infrastructure, relieving developers of this burden. This yields stable and predictable costs, as with other types of SaaS offerings. Ideally, hosted environments should also embody development best practices, such as incorporating tools to make code reviews easier and faster.

Disadvantages of hosted development include perceived concerns around the safety of intellectual property. Although this issue exists in any remotely hosted SaaS environment, software companies may be reluctant to entrust their key intellectual assets to a remote service provider. Another issue is customization, because SaaS development tools are generally less configurable than locally managed, on-site systems. Similarly, it is easier to integrate internal systems, such as LDAP directories, with local tools than with hosted systems.

When is hosted development most appropriate?

Geographically distributed teams are an obvious candidate, particularly where organizations combine offshore development with an onshore team. Hosted development gives both local and remote groups straightforward access to code and a standardized set of tools anywhere the Internet is available. Hosted solutions also simplify implementing common workflow processes across a distributed team.

How is the workflow and process different with hosted development?

The initial setup and infrastructure planning are quite different with hosted development. However, the daily programming workflow is the same in both local and hosted development environments. Features and functions of the tools drive workflow, regardless whether the tools are behind the firewall or installed locally.

Any comments on Salesforce.com’s hosted development platform?

Answered via email: It will be a cold day in Hell before someone builds a serious piece of software totally unaffiliated with SFDC on Force.com. I am sure SFDC can name examples but I would just point to the failure of the AppExchange after huge promotion and investment….Be careful in comparing a hosted development environment that allows for a myriad of types of projects, like ours aspires to be, with ones that promote a self-serving agenda or proprietary infrastructure.

May 7th, 2008

Government IT failures: “Room for improvement” [interview and podcast]

Posted by Michael Krigsman @ 2:02 pm

Categories: Government projects, Project management, Interview, IT issues, Project strategy, CIO issues, Podcast, Project portfolio management, Politics

Tags: Project, Podcast, Agency, Information Technology, OMB, Project Management, Tools & Techniques, Strategy, Advertising & Promotion, Government

Given the size, scope and frequency of government IT failures, it’s important to understand the dynamics underlying these projects. To learn more about federal IT, I interviewed two federal systems experts from CA, developer of the Clarity project portfolio management (PPM) solution.

Gil Digioia is Vice President of Federal Project Portfolio Management Sales for CA Clarity, and possesses over 15 years working delivering software solutions tailored to the specific needs of federal agencies and solution integrators. Jose Mora is Sr. Director for Product Marketing for CA Clarity Project and Portfolio Management solution, where he is responsible for all IT governance and public sector-related marketing activities including product strategy and positioning.

The OMB publishes a quarterly list of high-risk IT projects as part of its investment oversight function. Why is this list important?

It’s an extremely important means for the Office of Management and Budget (OMB) to provide visibility and transparency regarding IT projects to the agencies. In addition, citizens want to know how agencies allocate and invest funds, and whether they are achieving their deliverables. Having a list of projects in the red zone is also critical to making decisions.

Do government agencies pay attention to the list?

Absolutely. The most important thing about this list is bringing attention, and drawing focus, to where agencies will direct their spend and plans over the year. A lot of attention is placed on bringing these high-risk projects into the green.

In addition, when an agency has a change, such as new CIO or director wanting to make an impact, the list is often used to bring about quick success.

Why do so many government projects fail?

There is room for execution improvement regarding the triple constraints of scope, time, and budget. The big reason is lack of “critical corrective action” from high-level decision makers within the organization. This can result from either lack of decision-making or leaders who don’t have the proper information to make decisions that ultimately impact the project.

Requirements also tend to change after projects have been awarded, and are often different at project conclusion from what was specified in the original proposal. These changes tend to disrupt project workflow and collaboration. Such challenges pose particular difficulties for organizations that don’t have a repeatable governance process in place or lack the proper technology to react easily to those changes.

Problems can arise at the project management level, the executive decision-making level, and with technology. For example, problems are sometimes caused by legacy systems that can’t adapt to the rapid changes in information these organizations face.

Are there differences between public sector and private sector projects?

The biggest difference is profitability on the finance side. In the private sector, cost reduction is important but they’re also looking to drive profitability.

From the perspective of project management and program management behavior, however, the federal government is definitely ahead of the private sector. Various mandates on government projects, such as OMB and enterprise architecture requirements, are much further ahead than what is typical in the private sector. For example, “earned value” is still a novelty in the private sector but it’s important in the government.

How can federal organizations evaluate IT projects to prevent failure?

Earned value management, which the OMB mandates, is a solid and rigorous project management technique. It captures the fundamentals for evaluating a portfolio, including analysis of baseline costs, performance data, schedules, resources and skill sets, outcome measurement, and examining reporting requirements. All these provide a solid foundation for evaluating one project versus another.

Aside from systematic upfront evaluation, what steps can federal managers take to ensure successful projects?

Selecting the right governance structure is important, which means examining how an agency makes decisions on its program portfolio and ensuring this process is repeatable and established throughout the organization. This process component is fundamental.

It’s also important to define comprehensive criteria for evaluating projects and to ensure that criteria includes all critical areas or details that could impact earned value reporting back to the OMB. The earned value requirement established by the OMB is a step in the right direction.

Accurately capturing and reporting project data is another key area. Although this sounds simple, we often see complicated, homegrown legacy applications for project management, resource management, and tracking time or cost. All these disparate systems create confusion and complexity, making it difficult to track accurate data.

Project improvements also mean mobilizing and empowering the proper infrastructure of people needed to make and communicate decisions throughout the organization. Leadership is required to make difficult decisions such as killing a project, delaying a project, or simply not funding a project.

To be successful, start with sound processes, as opposed to throwing a tool or solution at the problem. Get your processes in place, understand your risks, and then create a platform where you can organize the people who need to execute, in a manner that’s repeatable, process-driven, and has visibility from executive management. Take on smaller wins that deliver value quickly instead of attempting a big bang.

[Thanks to Joan Levy from Blanc & Otus Public Relations for arranging this interview.]

May 6th, 2008

IT politics killed White House email project

Posted by Michael Krigsman @ 7:38 am

Categories: Project failures, Government projects, Project management, IT issues, CIO issues, Politics

Tags: Information Technology, White House, Act, E-mail, Online Communications, Michael Krigsman

Data archiving in the White House is a serious business mandated by the Presidential Records Act of 1978, which was passed following the Watergate scandal.

The Act requires the White House to maintain an historical archive of its activities, policies, and decisions. Despite this law, the White House email archiving system is a model of poor IT practice and has been called “primitive,” “inadequate,” and “not robust.” The system fails to fulfill its most basic requirements: enabling reliable backup, storage, and restore capabilities.

Email backup process. Quoted in a report by the House of Representatives Committee on Oversight and Government Reform, White House CIO, Theresa Payton, described how White House emails are archived using a manual method called “journaling:”

Under this process, a White House staffer or contractor would collect from a “journal” e-mail folder in the Microsoft Exchange system copies of e-mails sent and received by White House employees. After retrieving copies of these e-mails, the White House staffer or contractor would then manually name and save them as “.pst” files on various White House servers.

Former White House CIO, Carlos Solari, characterized the process:

[A]s a ‘message collection system’ even though we all understand that it hardly qualifies as a ’system’ by the usual IT definition.

In a memo to Acting CIO, John Straub, in 2005, IT manager, John McDevitt, described the ad hoc system:

The current email archive process depends on manual operations and monitoring, standard operating procedures do not exist, automated tools that support the email archive process are not robust, and there is no dedicated archive storage location.

The report points out at least three fatal flaws with the manual email archive process:

• Risk of data loss
• Risk of tampering
• Inability to verify system functionality

Email archiving project failure. In 2003, the White House initiated an Electronic Communications Records Management System (ECRMS) project to automate email archiving. Booz Allen Hamilton was contracted to design the system and Unisys was engaged to test and implement it. According to the internal government program director for the project, John McDevitt, the project was completed in the spring of 2004:

According to Mr. McDevitt, this design was presented to the White House Counsel, the White House Office of Records Management, and counsel in the Office of Administration “for their concurrence” in the spring of 2004. With Unisys serving as the contractor for the implementation phase, the White House undertook “[s]ystem configuration, testing and tuning” through 2005. In early 2006, standard operating procedures were developed. In March 2006, the White House Counsel, the White House Office of Records Management, and OA counsel were briefed on the system, and in July of 2006, they were briefed “on the search and retrieval capabilities of the ECRMS solution.” Mr. McDevitt stated that the project was “ready to go live” on August 21, 2006.

Although the ECMRS was ready for use, current White House CIO, Theresa Payton, terminated the project in 2006 because:

“[t]he system would require 18 months to ingest the existing backlog of messages in the Microsoft Xchange system” and “[t]he system offered users no option to distinguish between Presidential records and political or personal materials.”

The National Archives responded with objections to these reasons, suggesting they did not present sufficient cause to abandon the completed project and revert to manual, and therefore unreliable, email backup techniques.

THE PROJECT FAILURES ANALYSIS

Politics and other personal (and organizational) agendas are usually to blame for IT failure. By any reasonable measure, the guardians of White House email used poor IT practice as a tool to circumvent applicable law, avoid disclosure, and maintain control over sensitive data.

Since IT underlies most modern business and government processes, decisions about software, infrastructure, and deployment can have broad ramifications for how leaders execute business strategy. In this case, it appears IT leadership deliberately made poor technical decisions to achieve a specific political strategy.

Update 5/6/08 5:00pm EST: To gain further insight into this situation, I spoke with David Gewirtz, author of the book Where Have All the Emails Gone?. Here’s what David said:

White House email is broken. Their email archiving system is wildly inadequate to the point of negligence. Management of computer assets like laptops, flash drives, and BlackBerrys is completely non-existent.

Email in the White House needs to be fixed. Not because we want to give Congress a bigger stick with which to beat on Presidents, but because some really bad things could happen if it’s not fixed. There are technical issues and concerns, plus security issues and concerns that blast through the political rhetoric and even party affiliation. The practice of archiving is a technical act, while the practice of disclosing is a political or policy act.

We need to make sure we archive the White House email traffic, but that doesn’t mean confidential information must be disclosed to opposing parties or the general public.

Finally, there is breaking news out of the White House today. The White House has responded to Judge Facciola’s request for disclosure of email messages during the first term of the Bush administration. I’ve just gotten those court documents and am working my way through them now. The gist of them seems to be that the White House does not believe further document recovery is warranted. I’m going to be working my way through the full document set and will publish an analysis of it, probably tomorrow.