Project portfolio management and IT governance

Can project portfolio management (PPM) help prevent IT failures? To find out, I spoke with David Hurwitz, Vice President of Marketing, and Steve Romero, IT Governance Evangelist, from CA's Clarity PPM solutions group.
Written by Michael Krigsman, Contributor on

Can project portfolio management (PPM) help prevent IT failures? To find out, I spoke with David Hurwitz, Vice President of Marketing, and Steve Romero, IT Governance Evangelist, from CA's Clarity PPM solutions group.

Implementing IT governance is important for organizations charged with overseeing groups of projects. Although related to traditional project management, project portfolio management and IT governance involve issues that are distinct from managing single projects.


What is project portfolio management? According to a research report by Forrester (written by analyst Lewis Cardin):

[P]roject portfolio management is a continuous process feedback loop by which IT management absorbs and prioritizes technology-related demand, plans and allocates financial and human resources to the investment initiatives, manages the governance-orientated collaboration with the business stakeholders, delivers expected results from the investment, and provides reporting to stakeholders for decision-making and the communication of investment status.

The growth in project management office (PMO) departments is one key reason more organizations are using PPM tools. A recent study by the Center for Business Practices, called State of the PMO 2007-2008, states:

[We] have seen a steady vertical climb in the indicators of organizational influence for project managers and project management. Nowhere is this increased influence more notable than in tracking the prevalence and roles of the Project Management Office.

Governance issues top the list of PMO challenges: companies lack the compliance structure to make project management processes consistent throughout the organization, and project leaders still labor under conditions here responsibility and authority are not allied. But as PMOs age and mature, they have fewer challenges and are significantly better at meeting all challenges listed.


The discussion with David and Steve centered around IT governance, with emphasis on avoiding failed projects.

What does "IT governance" actually mean?

At its most basic level, IT governance provides guidance to help the business make decisions with respect to IT expenditures, priorities, and resource allocations.

The IT Governance Institute says that five principles should be addressed when making IT decisions:

  1. IT must be aligned with the business
  2. IT must bring value to the business
  3. Risk must be managed
  4. Performance must be managed
  5. Resources must be managed

Peter Weill from MIT wrote the definitive book on the subject. He asks:

  • What decisions need to be made?
  • Who's accountable for making those decisions?
  • How will those decisions be made (the process)?

In general, IT governance ensures that IT decisions will be fully aligned with the organization's business goals.

What symptoms suggest a lack of IT governance?

Without proper governance, a "taxation without representation" situation can develop, where the business side doesn't trust IT. A sure sign of poor governance is when you see an "us vs. them" divide between the business and IT. Many organizations today follow a shared-services model and are therefore especially prone to this set of issues.

Another aspect is related to risk management. Most companies attack risk in a piecemeal manner, rather than looking for risk patterns across the full range of their projects. IT governance looks at the underlying drivers of risk, and provides methods for addressing risk across the entire project portfolio.

Most importantly, operating managers need a way to measure the value IT provides, since they are ultimately paying for IT. If the business can't measure the value coming from IT, there's an IT governance problem.

In this context, what do you mean by IT value?

Value must be defined in terms that make sense to a particular executive on the business side. Historically, the value of IT was measured in terms of data integrity, data currency, throughput, response times, and so on. IT has system level agreement (SLA) metrics in place for these things.

However, the business doesn't primarily care about bandwidth, staff utilization, and similar system-centric measures. While technical measures may be important, IT must ensure it is supporting business goals. That's the common theme here. There's a direct correlation between defining clear business objectives and IT's ability to meet those objectives. Measurement and metrics go together with value.

Why do so many IT projects fail?

From an IT governance perspective, we need greater emphasis on human resources management, since projects frequently require resources with scarce and specialized skill sets. The problem is especially acute in organizations running more than two-dozen projects. In some environments, such as financial services, there can be than 500 ongoing projects at a given time. In those organizations, inadequate human resources planning is definitely a key reason for failure.

IT is ultimately responsibility for ensuring the business has the information needed to enable good quality decision-making. Operating managers aren't necessarily aware of the IT department's capacity and capability to perform specific projects, so good communication falls to the IT department.

The right IT governance processes, along with project portfolio management systems, help IT departments identify projects that are likely to fail. The best way to avoid failure is killing these projects before they begin.

Thanks to Joan Levy, from Blanc & Otus Public Relations, for arranging this interview. Other participants included ZDNet blogger Dennis Howlett and Brian Sommer, both of whom are fellow Enterprise Irregulars.

Editorial standards