How Do We Make IT Projects More Successful?

At least nuclear waste storage is worse. In his book “How Big Things Get Done,” professor Bent Flyvbjerg ranks 25 categories of projects by their average cost overrun. IT projects are the fifth worst offender, better than nuclear but worse than buildings, rail, airports, tunnels, and many others. We all know many public IT failures (Denmark has its fair share), and the private sector has suffered many more, even if less publicized.

What can we do about it? One chapter in the book is dedicated to creating better estimates. The problem with our estimating today is that we treat every project as unique. We then estimate each bit, and our usual how-hard-can-it-be optimism leads to the underestimation so common in IT. Flyvbjerg argues that we should start by identifying the class of projects this new project belongs to. The average for this class of projects is then the starting point for our estimate, adjusted up or down.

For example, you estimate an ERP project by looking at other ERP projects. If the cost in your industry is $20 million on average, that is your initial value. Then adjust up or down depending on whether your project is smaller or larger – or more straightforward or more complex – than the members of the reference class.

Bring this book with you to the beach this summer so that you can help our industry move forward when you return from vacation. IT projects exceed their budgets by an average of 73%. We can do better.

AI Will Not Destroy Humanity

AI doesn’t pose an extinction risk. And it has already created brand new jobs in the catastrophizing industry.

The only reason AI industry leaders like Sam Altman and Demis Hassabis jump on that bandwagon is to encourage more government red tape. If you are a powerful incumbent, asking for as many constraints to your industry as possible makes sense. The EU, ever happy to regulate industries originating elsewhere, is delighted to oblige. With compliance departments of thousands, these massive organizations can handle any amount of regulation thrown at them. But a lean startup will get regulated out of business.

The most fascinating part of AI is local, small-scale AI. We currently have massive, centralized AI running in enormous data centers. But since LLaMA escaped from the Facebook lab, tinkerers and hobbyists have already built Large Language Models on their local computers. But, of course, OpenAI, Microsoft, and Google would like small competitors to be regulated away.

Did You Hear the One About the Gullible Lawyer?

You need the best arguments to win a discussion, get a project approved, or win a court case. But, if you are short of preparation time, you might take a shortcut like the New York Lawyer who asked ChatGPT for help.

Ever willing to help, ChatGPT offered six cases supporting the lawyer’s argument. Unfortunately, they were entirely made up. That might work if you write a marketing blog post, but it does not hold up in court. The gullible lawyer claims he did not know that ChatGPT might be hallucinating but is, of course, facing sanctions for lying to the court.

IT professionals know that ChatGPT cannot be trusted to answer truthfully. It is not much of a problem for a programmer because the compiler or the unit tests will catch defective answers. But the rest of the world doesn’t know.

Now is the time to remind everyone in the organization of your company policy on using ChatGPT and its ilk (you do have such a policy, right?). Tell the story of the gullible New York lawyer to make the point clear.

Does it Pay to Move to the Cloud? Or Back?

Most organizations that decide to move workloads to the cloud are missing a crucial piece of information: What it costs to run the system on-premise. In a viral blog post, David Heinemeier Hansson shared his specific calculations for Basecamp and HEY. Moving back from the cloud makes perfect business sense for him. Of course, your calculation will be different, but unless you know what it costs to run on-premise, you are comparing an uncertain cloud cost with a completely unknown on-premise cost.

As a CIO, you are expected to make sound business decisions. You can only do that if you have both numbers.

Offering Alternatives

Are you building critical software? Then you know to offer a fallback option if something – despite all your testing – does not work. That is often not a concern in organizations that can simply force users to suffer their app. Like the public sector in Denmark, where every parent of a schoolchild in Denmark must use the “Aula” app. Unfortunately, a botched upgrade means that many cannot log in.

Having only smartphone apps makes you vulnerable. The app stores do not older versions, so once you have rolled out a defective version, you (and your users) are up the creek. The mitigation for this risk is to also offer a responsive web application with only the most crucial features.

Take a look at the smartphone apps your organization offers to its customers. Are any of them critical? If so, do you have an alternative ready?

In Praise of (Useful) Managers

You do need some managers. Elon Musk is trying to prove that Twitter can be run with only himself and the people who write code, and it’s not going well. It turns out that it takes a little more to run an organization than just coding and tweeting.

For example, Elon had announced that only enterprise customers who would pay $$$ would have access to the API. But he had fired everyone who was able to process an application for an enterprise license. So when the last overworked API engineer committed the change that implemented the limit, there were no paying customers because there was nobody to take the money of the few tool vendors willing to pay up.

Your overhead grows inexorably. Unless you pay very close attention, the fraction of total headcount actually writing code goes lower and lower. To avoid ending up having to take a chainsaw to your organization as Elon has done, calculate your coder percentage today and keep track of it.

Cloud Means Aomeone Else is in Control

Cloud services mean you are at the mercy of someone else. It is bad enough that hackers broke into Western Digital’s My Cloud service and encrypted their customer’s data. But many private customers are now learning what it means to use WD’s cloud-based login service. It means that even though your data is stored on your own NAS device in your own basement, you still cannot get at it when WD is down.

If you are using any cloud-based login service in your organization, ask your CISO how people would log in and access ressources if that service is down.

Hybrid Work is a Leadership Decision

Get back to work, or else… That is the message from companies across the board. The latest is Amazon, who just dismissed a petition from more than 30,000 workers objecting to their three-days-a-week-in-the-office policy.

The Wall Street Journal reports that hybrid work is back to the pre-pandemic level at around 16% percent on average, with higher values in technology and information work.

Software is a collaborative effort, and no amount of Zoom meetings and Slack channels will change that. For example, I once led a team dispersed in four different rooms. Even though we were all on the same floor, we were constantly behind schedule and delivering poor quality. When I finally managed to get us all in the same room, productivity and quality shot up.

As an IT leader, it is your job to create as much value as you can with the resources at your disposal. You are not doing your job if you shrink from your leadership responsibility and let your programmers work wherever they want.

Where is the Profit

“But we’re a startup!”

“That’s not enough anymore. How will you become profitable?”

This is the essence of discussions between startups and their VC funders today and increasingly between big companies and their shareholders. Unfortunately, Ford’s CFO didn’t get the memo because he is still trying to pass off their $3 billion loss on electric vehicles with the “consider-us-a-startup” excuse.

Increased shareholders’ attention is also forcing all the big tech companies to kill off many of their loss-making projects that do not have any path to profitability, with an accompanying bloodbath of firings.

An audit showed that 47 of the 98 Danish municipalities were running AI projects. Two of these had provided value.

Do you have realistic business cases behind your projects? Or is the business case a collection of rosy assumptions retrofitted onto a project someone just wanted to do? It is better to find and kill vanity projects than to be called to the CEO’s office to explain why you are frittering away the company’s money. Contact me if you want an independent outside opinion on your project portfolio.

Who Thinks About Risk?

A “Silicon Valley Bank Risk Management Department” T-shirt is the latest in ironic workwear. Not that SVB seems to have much risk management – their Chief Risk Officer stepped down in April last year, and the position was vacant for eight months.

Does anybody have the Risk Manager position in your IT organization? Every project creates a risk matrix and mitigates the worst risks, but once the project is complete, risk management evaporates in many organizations. The CISO does some risk management, but many IT risks are outside her remit. And risk management falls squarely in the “important, not urgent” category that always gets pushed to the back of the task list…