Escolar Documentos
Profissional Documentos
Cultura Documentos
A white paper prepared by Booz Allen Hamilton: Center of Excellence for Strategic Technology and Innovation
by Fred Knops
knops_frederick@bah.com
Michael Isman
isman_michael@bah.com
Jon Judah
judah_jonathan@bah.com
Frank Landefeld
landefeld_frank@bah.com
Table of Contents
Executive Summary............................................................................................................. 1 The Evolution of Governance ............................................................................................... 1 The Case for ChangeToday . ............................................................................................. 3 Embracing Next-Generation Governance ............................................................................... 4 Setting the FoundationCore Enablers of Next-Generation Governance . ................................ 5 Using Governance to Enable Mission Delivery ...................................................................... 5 Taking a New Look at Measuring and Mitigating Risk ............................................................ 6 Decision Agility . .............................................................................................................. 6 Conclusion ........................................................................................................................ 7 About the Authors............................................................................................................... 8 About Booz Allen................................................................................................................. 9 Principal Offices................................................................................................................ 10
Next-Generation Governance
Enhanced Decisionmaking Through a Mission-Focused, Data-Driven Approach
Executive Summary
The Administrations recently released 25 Point Implementation Plan to Reform Federal Information Technology Management highlights what federal program managers (PM) have long known: Governance processes for managing information technology (IT) programs need significant improvement. Governance boards often lack sufficient data for effective decisionmaking and measurement of risk; numerous approval gates slow progress without enhancing oversight; and the overall decision process often struggles to keep pace with rapid technological advancements such as cloud computing, mobile communications, social networking, and biometric identification. Adding to the impetus for change are shrinking budgets, constrained funding models, and increased scrutiny of federal programs that are aimed at not only eliminating redundancies and waste but also ensuring delivery of promised capabilities.
Several recent examples further underscore the emerging need for improved IT governance. The Government Accountability Office (GAO) recently highlighted the impact of constrained decisionmaking on a large technology modernization program in the Department of Defense,1 citing a lack of thorough alternatives analysis and performance data in supporting key milestone decisions. Another study2 of 24 major IT projects across the Government determined that half of the projects had not even received a selection review by an oversight board. Both studies indicated that governance processes and numerous decision structures were in place at the organizations; however, leadership at these agencies had not appropriately factored information particularly, risk and cost datainto its decisions. Federal agencies need a Next-Generation Governance model that streamlines and strengthens decisionmaking by putting information at the center of IT governance. This new model harnesses the capabilities of richer data sets and new, powerful
1 GAO-11-150, Information Technology: Better Informed Decision Making Needed on Navys Next Generation Enterprise Network Acquisition.
analytic tools to not only give decisionmakers transparent insight into program performance but also enable rapid information sharing and real-time reporting to support a faster, more agile process. This approach aligns portfolio investment decisions with mission objectives to help decisionmakers allocate resources among programs in a way that reduces mission and program risks. Our experience in helping agencies apply the principles of Next-Generation Governance shows that this new model can reduce the burdens and cost of governance while improving oversight, delivering programs on schedule and within budget, and advancing mission objectives.
2 GAO-09-566, Information Technology: Federal Agencies Need to Strengthen Investment Board Oversight of Poorly Planned and Performing Projects.
Department-level governance models implemented in the late 1990s were re-cast around core technology processes such as systems development, capital planning, and architecture, further spreading the scope, complexity, and quantity of decisions to multiple stakeholders. As we enter a new millennium in which technology increasingly exists in the cloud and decisions are based on a collaborative, portfoliodriven approach, the net compounding effect of these previous generations of governance has produced a complicated relic that must be directly addressed by IT organizations, particularly in the Federal Government. Federal agencies have taken strides to help address challenges surrounding the evolution of technologies and the resulting decision processes. The ClingerCohen Act (formerly, Information Technology Management Reform Act of 1996) provided agencies with a governance framework by mandating planning and investment processes to improve the way in which agencies purchase and use IT assets. Until the ClingerCohen Act was passed, IT spend was reported after Exhibit 1 | Evolution of IT Governance
agency and departmental budgets were formulated and reported. Clinger-Cohen began the process of examining the return on investment for IT, particularly around people, processes, and technology. Over the years, agencies have successfully established various steering committees and review boards to oversee a range of governance activities, such as setting IT investment priorities and creating standardized approaches to IT management. As a result of the Obama Administrations emphasis on transparency and accountability, agencies have begun documenting more clearly their IT investment decisions. Similarly, programs and websites such as the Federal IT Dashboard, Open Government Initiative, Recovery. gov, and Data.gov have required agencies to carefully plan their investment strategies and collect data to measure the effectiveness of their activities. These and other governance mechanisms were designed to improve decisionmaking by giving federal leaders the information they would need to allocate scarce IT resources efficiently.
Nevertheless, despite these well-intentioned efforts, effective IT governance remains an elusive goal for many agencies. According to US Chief Information Officer (CIO) Vivek Kundras 25-point reform plan of December 2010, Too often, federal IT projects run over budget, behind schedule, or fail to deliver promised functionality. Why have governance programs failed to deliver on their promise of robust program management and oversight? Discussions with CIOs, PMs, and other IT executives across federal agencies revealed a growing consensus that the underpinnings of current governance philosophies have outlived their usefulness. In particular, the underlying issues discussed below hamper the current state of the art: 1. An ever-increasing focus on process and compliance has made governance processes burdensome rather than a catalyst for program success and mission enablement. CIOs and oversight entities throughout Government are struggling to find ways to break the stranglehold that governance processes have on program efficiency and success. The systems engineering life cycle (SELC) for one of our clients requires no less than 140 distinct documents in support of the various milestones and gate reviews. For another client, each program is subject to more than 20 governance entities, including an enterprise architecture board, chief information security officer board, and acquisition review board. This proliferation of governance requirements is forcing many federal IT PMs to spend more time satisfying reporting and compliance mandates than actually leading the development and deployment of IT capabilities in support of their agencys mission. For these PMs, the burden of governance threatens to outweigh the benefits of strengthened oversight and mitigation of risk. 2. Current governance techniques and funding models were devised in a less connected age. Todays governance models do not take full advantage of social media, tools, and processes that allow for the rapid and transparent exchange of rich information and data within and among
agencies. Consequently, governance processes are often linear, hierarchical, and comparatively slow. Communications between PMs and their executives frequently are conducted in isolation from similar conversations occurring in related programs, hindering the decisionmakers ability to collaborate across a portfolio of similar efforts. Adding to this challenge is the relatively static funding models of most agencies, many of which were designed for longer term programs and thus constrain the ability for IT leaders to collaborate and innovate across projects and investments. Over time, governance has become less of a program aid and more of an exercise in getting approvals and checking boxesan exercise that focuses on process rather than outcome. Our support to many federal PMs also finds that the existing governance approaches they have observed across the Federal Government are often viewed as punitive to the PM and the program. Rather than providing the help and guidance that PMs need to successfully deliver positive results from their programs, governance processes present additional challenges to overcome. Similarly, because programs are often evaluated in isolation, governance processes do not provide agency executives with the information they need for allocating and deploying IT resources in the most efficient way to support the agencys mission.
become so rapid that legacy governance processes cannot keep IT projects moving with the required speed through the various governance gates and checkpoints. Agencies need governance processes that can help them swiftly deploy IT systems and capabilities capabilities that, coincidentally, are needed to help Government run more efficiently. Finally, the past decade has seen exponential growth in information and data across the public sector. CIO organizations have been diligently defining information taxonomies and data sets across their organizations. After years of information architecture efforts, agencies now sit atop vast quantities of information about their programs and systems; if placed in appropriate analytical models, this information would create an opportunity for more informed, transparent decisions. The advancement of technologies supporting data availability and transparency (e.g., cloud computing, mobile technologies, mashup technologies, dashboards, social media) further empower agencies to access and use this data and information efficiently and effectively. The Office of Management and Budgets (OMB) 25-point reform plan begins to address some of the governance challenges with new and important changes. For example, the plan calls for restructuring agency investment review boards along the lines of TechStat accountability sessions to spur more aggressive oversight and faster action to fix troubled programs. The plan not only advances the role of agency CIOs and the Federal CIO Council to become a more active arbiter in key technology initiatives but also proposes an overhaul of the existing investment process in favor of a more efficient and accurate process that provides more effective tools for monitoring the health of IT programs. The goal of the improved exhibits is to reduce the reporting burden, increase data accuracy, and make the exhibits a more authoritative management tool. While IT projects throughout the government will always have risks, there are no excuses for spectacular failures, the 25-point plan asserts, concluding that with streamlined governance and experienced program managers, issues can be caught early and course corrections can be made without wasting time and money.
OMBs initiatives represent a solid, well-informed start to reforming governance, but Booz Allen Hamilton believes that the governance issues facing federal IT organizations require broader changes to the overall governance model. Our Next-Generation Governance model incorporates the concepts outlined in the 25-point plan into a governance framework that not only streamlines processes but also supports and empowers PMs, closely aligns governance decisions with mission objectives, and leverages the rich data sets now brimming at agencies to improve decisionmaking at every step in the process.
into manageable portfolios that align to mission sets is essential to effective governance. More broadly, data.gov and transparency.gov demonstrated the new paradigm agencies face in publishing information on their investments. New guidelines mandating IT investment data be published to public sites are only the first step in opening up the vault of data and information that lie within many federal agenciesand organizations that embrace this new level of transparency represent the pioneers of NextGeneration Governance, demonstrating a willingness to share decisions (and outcomes) with broader stakeholder communities. Empowered Program Management. Management science has long espoused the value of empowered middle management; however, enabling the growing cadre of PMs to make more key decisions requires organizations to flatten existing, hierarchical governance models. Further, transparency breeds accountability and self-correcting behavior, which drives a program management culture that views governance bodies as support entities versus punitive authorities.
address these components by leveraging a series of core enablers to arrive at better, more transparent decisions in less time and with a deeper understanding of the risks in play.
missionregardless of where these programs fall in the overall organizationthe trade space for program resource allocation is bounded more properly. By closely aligning investments to mission, senior executives can make better, more effective decisions that have meaning to all stakeholders. Although this concept is not new (e.g., organizations for years have sought to construct IT portfolios that align to strategic goals and objectives), the advent of robust analytical tools that eliminate the need for time-consuming data calls allows even the most junior decisionmakers in an organization to allocate more time to examining how their programs directly affect mission success. Most importantly, by aligning programs against a cooperative mission set, the question can be asked, How can these programs work together to navigate required governance reviews more efficiently, rather than act against one another for resources? Although some programs may not require expedited delivery, many suffer from ongoing delays attributed simply to competition from other programs seeking to achieve similar outcomes. By adapting governance to screen for opportunities for collaboration (through enterprise architecture and IT portfolio management), mission delivery can be accelerated to potentially reduce program management costs through decreased oversight and support costs.
anticipate risk. New applications integrate different data from disparate data silos and offer a new way to mine data, connect discrete data elements, and identify trends in ways that could never have been achieved a few years ago. Furthermore, new methods for evaluating risk are going well beyond traditional approaches of measuring, estimating, and multiplying threat, vulnerability, and consequence. New simulation tools help better understand possible outcomes. New methods have been created for quantifying previously difficult to measure indicators of risk such as analytical hierarch processes, which draw on algorithms to better define risk across projects within a portfolio. Lastly, the state of the art has advanced dramatically in the ability to visualize and map risk for mission portfolio leaders. Consequently, it is now possible to draw relationships between factors, provide decisionmakers a greater ability to ask what if questions, and view the analytical consequences in real time. With this new generation of tools and analytical structures, risk becomes the optimal vehicle against which to assess program probability of success and rebalance the allocation of resources: improving the ability for Next-Generation Governance teams to effectively identify, plan, communicate, and execute risk mitigation strategies.
Decision Agility
Many PMs can tell stories of shopping around for approval through multiple oversight boards and committees, each making minor (or significant) tweaks until by the time the final approval is received, the PM must return to the first board with a program in hand that might not resemble the one that the board had seen earlier. This vertical model of governance is inherently corrosive to speed and agility, and in todays connected world, often fails to make use of modern tools and technologies (e.g., social media) to make faster and more informed decisions. Achieving a more agile decision process starts with the PM. Specifically, the PM must feel comfortable raising issues in a supportive environment that seeks to solve the problem and not punish the messenger. PMs have a secret weapon in the array of modern data and analytics tools that help frame and visualize
the ramifications of specific decisions or governance issues. The governance structure in which PMs operate also must be flexible enough to avoid the need to shop around decisions to obtain consensus from large, diverse boards but instead provide targeted advice and input through smaller, focused entities such as executive steering committees (ESC) that foster greater collaboration between PMs and executives across the organization. The OMBs introduction of the TechStat session has served as a governance disrupter by driving agencies to examine the agility of their decision models and have frank conversations on program status with senior federal officials. TechStat is based on the CitiStat model that leaders and elected officials use in major urban areas (e.g., Baltimore and Washington, DC) to track specific data and information that in turn could lead to more informed decisions and faster results, often saving cities millions of dollars in waste and abuse. Although TechStat sessions are an excellent catalyst for driving change in governance and a keen example of decision agility, agencies that adopt a true next-generation approach to governance will seek to instantiate the TechStat concept for both troubled and healthy programs as a means to accelerate mission and mitigate risk.
Examine Workloads. Working with your primary governance bodies (EA, Capital Planning, SDLC), consider commissioning a study to examine the level of effort required for completing the full scope of governance requirements at your agency. Many agencies have little insight into the amount of effort required by PMs of their major investments to meet data calls and gate reviews. Outputs from this study can provide significant insight into where your agency might be able to combine governance reviews and/or streamline processes. Conduct Data Due Diligence. Existing governance boards should have a solid understanding of the information being presented to them regularly; furthermore, the information source should be well known and qualified. Information used to assess and measure risk should be evaluated carefully to determine whether additional analyses is needed to support more robust risk management. Make Connections. Using insights from EA and portfolio management practices, begin engaging IT PMs for investments spanning multiple mission areas. In particular, consider current methods of communication and collaboration between these teams and governance boards, with a focus on opportunities for improvement. Booz Allen, working with our federal clients, has seen the impact that a broad transformation of governance philosophy can have on program speed, sustainability, and mission impact. Building on our deep expertise in program management, risk analysis, and organizational change and design, our experts have developed an approach for helping federal agencies achieve NextGeneration Governance grounded in best practice and tailored to the unique needs of the 21st century public sector organization. Our approach starts with a deconstruction of our clients governance structure across data, policies, decisions, and boards and examines how these factors can be optimized within the Next-Generation Governance concepts outlined in this paper. The result is a set of focused improvements that helps agencies tackle tough decisions collaboratively, transparently, and dynamically.
Conclusion
Federal IT leaders face a new paradigm in how their organizations must approach technology decisions. Unprecedented pressure to meet mission in shorter timeframes with fewer resources requires a new way of thinking about how decisions are made within their organizations, with particular focus on accelerating mission, mitigating risk, and designing more agile governance models. Taken together with the advent of robust data, a transparent, portfolio-driven approach, and an empowered team of PMs, Booz Allen sees a next generation of IT governance emerging across the federal landscape. Federal IT leaders can take several steps to help advance governance efforts at their agencies today and establish a foundation for Next-Generation Governance:
To learn more about the firm and to download digital versions of this article and other Booz Allen Hamilton publications, visit www.boozallen.com.
9
Principal Offices
ALABAMA Huntsville CALIFORNIA Los Angeles San Diego San Francisco COLORADO Colorado Springs Denver FLORIDA Pensacola Sarasota Tampa GEORGIA Atlanta HAWAII Honolulu ILLINOIS OFallon KANSAS Leavenworth MARYLAND Aberdeen Annapolis Junction Lexington Park Linthicum Rockville MICHIGAN Troy NEBRASKA Omaha NEW JERSEY Eatontown NEW YORK Rome OHIO Dayton PENNSYLVANIA Philadelphia SOUTH CAROLINA Charleston TEXAS Houston San Antonio VIRGINIA Arlington Chantilly Falls Church Herndon McLean Norfolk Stafford WASHINGTON, DC
The most complete, recent list of offices and their addresses and telephone numbers can be found on www.boozallen.com by clicking the Offices link under About Booz Allen.
www.boozallen.com
04.051.11