The financial crisis has regulators, governments, and the media focused on economic stimulus. However tough questions will soon be asked about what went wrong. Ineffective governance will be one of the first targets, and it won’t be just the financial sector that faces increased scrutiny[1].

Few doubt that effective governance has value, but to paraphrase Warren Buffet “the tide has gone out, and Sarbanes-Oxley for example, looks like it was swimming naked”. Investor confidence has not increased, management accountability is being called into question and the tens of billions spent by boards for compliance has not stopped or prevented the crisis.

For years, as an academic and as director, I along with many others have been pointing out the flaws of governance only for the sake of compliance.  Most governance prescriptions are a response to corporate excesses and enacted to reassure the public and few prescriptions actually improve performance or reduce risk[2].

Now the tide is out, higher levels of scrutiny must be expected. What will it expose? I believe the corporate governance of major projects will stand out as one of the highest priorities for attention.

Management of large-scale expenditures is a fiduciary duty requiring careful oversight. However a Deloitte survey of boardroom directors revealed oversight of IT projects was either “blind” (29% with inadequate information) or non-existent (16%)[3]. They warned in 2007 that the results were “tantamount to negligence” and the AICD have long reported statistics suggesting the problem is more widespread[4] (Figure 1). My own research suggests that as many as two out of three projects fail to deliver the expected benefits[5]. Increased scrutiny could reveal the real failure rate. However what might be worse in the current financial environment is to have two out of three strategic initiatives fail to increase revenue, enhance customer service or reduce cost and threaten survival.

To survive, thrive and also to minimise the governance backlash, the first step must be to get the right information needed to govern effectively. The board bears the responsibility to set clear guidelines and expectations about the kinds of information they want to see filter up. What benefits are being targeted? [how is this consistent with our strategic priorities?] Do we have the organisational capacity to realise these benefits and what other risks are involved? How will we measure success? Do we have the right person driving the change? Are there any warning signs that the project is going off track? Are the benefits being realised? These questions seem simple but none of the directors I have spoken to had an effective process to terminate failing projects. Benefits are usually quantified (66%), but they are often overstated (27%)[6], change is not always considered (40%)[7], individuals are not held accountable (5-23%) and few organisations track benefits through to realisation (10%)[8]. Organisations do not focus on the true determinants of success.

In the absence of guidance, management has turned to so-called ‘best practice’ and focused on efficiency measures such as on-time and on-budget. Unfortunately on-time on-budget reporting was never the most appropriate focus for governance. It is certainly not enough in this new world. Only effectiveness will count because average or below-average performance will not guarantee survival. Above-average performance gained through acceptable levels of risk is the true objective of governance[9], the standard to which the board must aspire and the standard to which management must be accountable. Governance effort for compliance only, even if it is with a so-called ‘best practice’ framework, is a governance luxury we can no longer afford.

---

References

[1] 2009 Corporate Governance Conference: New Risk, Accountability and Leadership Challenges. Toronto 6- 7 May

[2] See related article providing A brief history of corporate governance 15 July 2009

[3] What the Board Needs to Know About IT: Phase II Findings (Deloitte, 2007), http://www.deloitte.com/dtt/article/0,1002,sid=36692&cid=151800,00.html

[4] D. Lovalla and D. Kahneman, “Delusions of success: how optimism undermines executive’s decisions, Harvard Business Review,” Harvard Business Review July (2003): 58

[5] R. Young, “What is the ROI for IT Project Governance? Establishing a benchmark.,” in 2006 IT Governance International Conference (Auckland, New Zealand, 2006)

[6] Chad Lin, Graham Pervan, and Donald McDermid, “IS/IT investment evaluation and benefits realization issues in Australia,” Journal of Research and Practice in Information Technology 37, no. 3 (2005): 235-251

[7] KPMG, “Global IT Project Management Survey: How committed are you?,” 2005, http://www.kpmg.com.au/Portals/0/irmprm-global-it-pm-survey2005.pdf

[8] John Thorp, “Unlocking Value – Delivering on the Promise of Information Technology,” in Delivering Value, 2008, http://www.isaca.org.au/modules.php?op=modload&name=News&file=article&sid=28

[9] F.G. Hilmer, Strictly Boardroom: improving governance to enhance company performance (Melbourne: The Business Library, 1993)

Tags: corporate governance, governance, project, Project Governance, regulators, Sarbanes-Oxley

This entry was posted on Monday, July 27th, 2009 at 9:47 am and is filed under Governing Programmes and Projects. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.