Worldwide cost of IT failure (revisited): $3 trillion

Worldwide cost of IT failure (revisited): $3 trillion

Summary: These are the most reasonable numbers I have seen on the global economic impact of IT failures.


Image credit: iStockphoto

Calculating the global impact of IT failures on an annual basis is a worthy goal. However, aside from the challenge of collecting data, failure itself has no clear definition, subjecting the entire effort to assumptions and guesses. Still, several years ago, one analyst attempted to quantify the data in a noble, yet ultimately flawed, effort.

Also read: Worldwide cost of IT failure: $6.2 trillion Critique: $6.2 trillion global IT failure stats

Related: British Computer Society: A study in project failure

Nonetheless, the challenge of quantification remains. For this reason, I invited two qualified experts to re-assess the worldwide economic impact of IT failure. Gene Kim was the founder and former CTO of Tripwire, Inc., co-author of The Visible Ops Handbook, and a co-author of an upcoming book called When IT Fails: The Novel ; his colleague, Mike Orzen wrote the book Lean IT and consults on IT operations and business transformation. They are currently co-authoring a new book called The DevOps Cookbook.

The two experts calculated the global impact of IT failure as being $3 trillion annually. They supplied the following text to explain their logic:

For just the Standard & Poor 500 companies, aggregate 2012 revenue is estimated to be $10 trillion. If 5 percent of aggregate revenue is spent on IT, and conservatively, 20 percent of that spending creates no value for the end customer - that is $100 billion of waste!

(The 20 percent assumption is an extremely conservative number when you consider that when we analyze the value streams of almost all processes across all industries, we discover over 80% of the effort creates no value in terms of benefit to the customer. Mike Orzen's work value stream mapping in many of the largest IT groups around the world consistently shows the same results.)

Here's another approach at calculating the total waste in IT worldwide: Both IDC and Gartner projected that in 2011, five percent of the worldwide gross domestic product will be spent on IT (hardware, services and telecom). In other words, in 2011, approximately $5.6 trillion was spent on IT.

There are two components to IT spend: capital projects and operations/maintenance.  If we assume conservatively that 30 percent of IT spending is for capitalized projects, and that 30 percent of those projects will fail, that's $252 billion of waste!

But IT is like a free puppy -- the lifecycle cost of the puppy is dominated by the "operate/maintain" costs, not the initial acquisition costs. If we conservatively estimate that 50 percent of global IT spend is on "operate/maintain" activities, and that at least 35 percent of that work is urgent, unplanned work or rework, that's $980 billion worldwide of waste!

What reward can we expect through better management, operational excellence and governance of IT?  If we halve the amount of waste, and instead convert it into 5x of value, that would be (50 percent * $1.2 trillion waste * 5x). That's $3 trillion of potential value that we're letting slip through our fingers!

That's a staggering amount of value, 4.7 percent of global GDP, or more than the entire economic output of Germany.

My take: These are the most reasonable numbers I have seen on the global economic impact of IT failures. Unlike previous estimates, which considered complicated matters such as lost opportunity costs, this formula is simple and credible.

Topic: CXO

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • about 80% of the waste

    can be attributed to M$ and the rest to other companies that failed to adopt FOSS.
    The Linux Geek
    • Don't you mean that 80% of what you say

      is a waste?

      The other 20% is actually useful, as how would you know if we wanted fries with our burger unless you spoke up and asked?
      William Farrel
      • Please don't feed the Troll.

  • The problem I see with this logic

    is how they're defining "waste". By this logic, since the experience of driving my car both before & after each oil change is [b]equal[/b] -- i.e. "no value for the end customer" (me) -- than I've "wasted" the $25 I spend every 3 months on the oil changes.

    Oh, wait, that's right... that's an [b]indirect[/b] value that I gain: the knowledge that I haven't increased the wear & tear (& therefore decreased the operating life) of my car because I took the time to have routine maintenance performed on it.

    Just because an IT expenditure doesn't create a product that provides a direct benefit or impact on the end users doesn't mean that it was 'wasted". Think about customer service, for example. In the "good old days', if you had a complaint about your billing statement (they charged too much, they didn't credit your payment correctly), when you called in you'd be told "we'll investigate it, & get back to you in a few weeks or so, because we need to pull that billing statement from the archvies"... or worse, be told that it had to be submitted in writing so that they could maintain a "paper trail". But nowadays, you call up the customer service department, & a CSA can electronically call up the billing notice in question (usually back at least 12 months, sometimes longer depending on the company), as well as in many cases being able to track the payments made on the account -- sometimes even being able to pull up a copy of the check or electronic payment showing the amount & date/time-stamp for receiving/processing. Does that expensive IT-provided system require daily maintenance & cash to keep up? Of course! But while the majority of the customers will never need its use -- or the services of a CSA -- being able to resolve customer issues much more quickly provides benefits to both the customers and the company.

    So, to me, IT waste is just like non-IT waste: it's when you've spent money on a product you didn't need, on a product that you end up having to replace much sooner than you'd planned on (thereby losing the ability to recoup the expenditure), or worst of all a product that you end up never even using.
    • Security is a particularly good example

      What is the "value in terms of benefit to the customer" of all the things that didn't happen because we had good security?

      CEO to CIO: "Hey, CIO, how come you spent $xxx,xxx.00 on security and have nothing to show for it!?!?!?! Where is the benefit to our customers?"

      CFO to CIO: "This security stuff is just too expensive. We pay all this money and nothing ever happens!"
    • I think we're on the same page: your examples and infosec...

      Hi, spdragoo and cornpie-- I think we're actually on the same page. If you're running a nationwide delivery service, you care about on-time deliveries and customer satisfaction. Both of those goals negatively correlate with vehicle maintenance being performed regularly (e.g., oil changes ever 5,000 miles).

      I suppose someone could argue that oil changes are wasteful and increase cost, but if don't perform them, your entire truck fleet is on the side of the road, along with all their packages. Value stream ceases to deliver value.

      Infrastructure improvement, technical debt reduction, and much of infosec also falls into this category, when it enhances stability, security and operability of the production environment.

      Unnecessary siloes between Dev and Ops, and even within Ops (hardware, networking, DBAs, etc.) all create more waste. Which is why I'm such a fervent believer in DevOps. It is the logical outcome what work looks like when you apply Lean principles to the IT value stream.

      OTOH, much of compliance I would categorize as pure waste. Just as SOX-404 created $6 billion of needless work, and as PCI is often doing now, where they're neither decreasing likelihood of undetected material error or reducing risk of cardholder data breach, it just sucks the air out of the room of capital for projects that actually do create value.

      Great comments, folks. I'll work on a followup blog post on this.

      And thank you Michael for forcing Mike Orzen and me to get this down on paper!
      • We used to have DevOps

        where a business would come to an IT provider and say "I need a system to fix 'X' problem" and then the purpose built IT solution would be created and then utilised for decades. Problem solved.

        Now everything is about 'off the shelf' with 'some customisation', selected by people with little to no technical background and certainly no input from the end user. The end result is a dogs dinner and everyone is surprised at the result.
  • It's a lot worse than that...

    ...the immense inertia that builds up when IT is nearby cannot be underestimated. Take for example, RoHS compliance. Our company wanted to implement RoHS in their Oracle database. The IT department decided to change Oracle versions to implement the change. Total cost? $6 million dollars per year to add a single field in the database. How much was our loss that year? $4 million. IT didn't get the upgrade done in time before the plant shut down. Did we do the RiOS anyway? Sure, the CAD department was using a mySQL server (free) on a PC to hold the database for the PCB/CAD programs. Cost to implement RiOS? About an hour of time and a new field in the library input program. Total cost? About a thousand bucks. One wonders what would have happened if IT would not have gotten their $6 million to do the Oracle upgrade?
    Tony Burzio
    • I'm in IT and I agree with this....

      The waste over 'IT' implementing (or failing to implement) usually RUBBISH off the shelf solutions, engaging hundreds of 'experts' and consultants is extraordinary. Why do companies insist on using Oracle, when mySQL has been deemed adequate for NASA? Useless garbage like the BMC suite(s) costs MILLIONS and doesn't deliver anything useful.

      This is the result of letting BUSINESS people run a technical department. Back in the day, you could have shown me or any other half decent IT person the problem you were trying to solve (such as upgrading your database). Instead of wasting millions, just give us a week/month to figure it out and it would be done, EVEN if we had to hack a solution ourselves.
  • First define failure then find how to measure each case...

    Failure is not simple to define, cause there are project development failures and then there is operational failure that means that the project failed to deliver regarding the expectations or is useless.
    In Development failures we have:
    - Schedule delays and cost overruns, this can be attributed to lack of proper project scoping, aggressive scheduling, team inexperience, etc, that may contribute to the cancellation of a project.
    - Technical failures, usually lack of fitness of the technologies that were chosen, insufficient time for development, management or team bias negates the research of other options.
    In Operational failures:
    - High maintenance costs;
    - Low adaptability;
    - Isn't useful, complete loss.

    Since companies usually don't release info on their internal IT investments, unless they are coupled with a big investment on some big corporate plan, these are mostly invisible. And operational costs of botched IT project don't affect only IT but several departments and operations, so real costs can at most be inferred if there aren't any service metrics associated with IT failures.
    For example on contact centers if any of the critical IT components fail, they can measure losses for not being able to receive or make calls. But in the case of an accounting department IT breakdowns don't have a such a detailed cost breakdown.
    • Then there is "idea" failure

      Most importantly, the idea for the technology change or the <ital>business</ital> initiative that requires IT enablement must be sound, realistic, and justified. If the idea for business initiative is flawed, the IT spend will be wasted.

      Even if the idea is sound, if IT or the business don't consider whether the initiative or technology will impact processes, and plan for that transition, the results will be less than optimal or even fail.
  • DCIM

    DCIM is a great way to prevent failures. There will always be Human error, but using spreadsheets is not a proper way to determine what you should have in your datacenter. Current software can use live modeling and pick the specific rack to add equipment to so that you are not overloaded or creating hotspots.
  • Missing a few numbers

    I assume that the "noble, but ultimately flawed" analysis is my white paper, The IT Complexity Crisis published in 2009. For those who would like to read the analysis, it is available at I challenge anybody to point out any flaws in my analysis.

    I concluded in 2009 that the world-wide cost of IT failures was 6.2 trillion $ per year. One reason for the difference in my 6.2 T$ and your 3 T$ is that I included indirect costs and your analysts neglected this critically important number. Had they included indirect costs, their number would actually have been higher than mine. But this too agrees with my analysis, since I pointed out that I was using very conservative numbers.

    The important point, however, is lost in the arguing over numbers. The point is not whether the correct number of 6T$ or 3T$, the point is that we are losing far too much money to unmanaged IT complexity. Until we start taking IT complexity seriously, the world economy will continue to suffer.

    What does it mean to take IT complexity seriously? For my take on this, see my other white paper, The Mathematics of IT Simplification and numerous other white papers I have done. The Math paper is available at

    My substantial research in IT complexity has culminated in the SIP methodology (Simple Iterative Partitions.) This is the only serious attempt I have seen to address the problem of IT complexity.

    So I leave you with two challenges.

    First, show me the flaws in my analysis. I have shown you your flaws (the lack of indirect costs.) Where have I gone wrong?

    Second, even if we can't agree on the magnitude of the problem, we can agree the problem is immense. I have shown you my solution, SIP. What is yours?

    - Roger Sessions
  • Calculation Question

    I'm not quite sure I understand how you've calculated the $252B.

    $5.6T * 30% (capitalized projects) * 30% (failure) = $504B.

    Do you mean to differentiate when you say the 5.6T is halved between Capital Projects/Op&Maint and then have the two 30% factors applied? If so, what is your definition between "Capital Projects" and "Capitalized Projects"?

    Great article!