Information Technology Resources Board - Lessons Learned

Posted February 3, 1998

INTRODUCTION

The ITRB is pleased to present these "Lessons Learned". This is not an all-inclusive list, but instead, reflects best practices based upon each ITRB member’s own experience, and the Board’s unique perspective based upon assessments of Federal information systems projects. ITRB assessments address a broad cross section of mission-critical initiatives at various stages in the project life cycle, from conceptualization to product or service delivery.

A myriad of project management issues and challenges face Federal executives, program and information systems managers, and end users today. By following these Lessons Learned, agencies investing in major information systems projects can benefit from the experience of others.

The Lessons Learned are organized into seven core areas which correspond to a major theme that is characteristic of the projects assessed by the ITRB. Each core area begins with a brief introduction that depicts what "leading" or "high-performing" organizations do, followed by the Board’s experience with projects assessed in that area. These core areas are:

• Executive Leadership and Management
• Strategic Vision
• Organization
• Chief Information Officer
• Contracting
• IT Architecture
• Technology

Of these, the paramount issues relate to executive leadership and management. All other issues are subordinate to this highly challenging core area.

Executive Leadership and Management

Effective executive leadership and management, in and of itself, cannot guarantee a project’s success, but no project will succeed without committed, knowledgeable, active executive involvement.

High-performing organizations focus on cost, schedule, and performance baselines. They routinely assess change and risk, and manage projects accordingly. They utilize executive steering committees for major initiatives and systems development projects, comprised of key players, and hold these individuals accountable for final decision-making. These steering committees practice effective and timely decision-making, starting with project conceptualization, and thereafter, on an ongoing basis.

The executive decision-making process focuses on obtaining information about process, progress, and alternatives that management needs to assess, and -- perhaps even more importantly -- communicating these decisions. Executive leadership and management capitalize on a variety of inputs and tools, including reviews by third parties. They oversee ongoing assessments to ensure that projects and associated contracts focus on supporting program goals on time and within budget.

Leading organizations:

• Develop and manage the integration of architectures that support business, standards, and technology.

• Empower a central point of accountability for technical decisions, including standards and architecture issues for IT projects.

• Ensure that a:

• Business model comparable with a project’s scope is developed that is consistent with the overall architecture framework;
• Project’s overall architecture provides for the common needs of related organizations; and
• Project complies with the strategic plan and IT architecture of the parent organization.

• Use experts to facilitate process improvement and information modeling at all levels.

• Perform, document, and periodically update each IT project’s cost benefit analysis and life cycle cost estimates to guide major milestone go/no-go decisions.

• Establish and implement a risk management plan that focuses on risk assessment and change control.

• Establish a configuration control process that considers cost, schedule, performance, and priorities consistent with established baselines for each project and related contracts.

Strategic Vision

The key is getting the right information to the right decision-maker at the right time.

High-performing organizations formulate a strategic business vision that establishes the framework for IT project development and implementation. They align their strategic IT vision with the business and financial plans of the organization. These organizations communicate the strategic business and IT visions early and often, recognizing that this step is vital to the ultimate success of all programs and projects.

Leading organizations:

• Develop a strategic plan and IT investment process that implements the priorities and mission-critical requirements of their organizational components.

• Address strategic planning from both a business and IT perspective to facilitate executive decision-making and work process reengineering.

• Publish a concept of operations to communicate clearly the strategic view of how a particular IT system will operate in future years.

• Unify the enterprise architecture to provide a:

• Framework so that each IT system fits within the overall agency IT systems and technical environment; and
• Foundation for making strategic decisions about the acquisition and deployment of information technology.

Organization

Information technology is not an invisible commodity. It is a resource vital to an organization’s business success.

High-performing organizations recognize that it is crucial to their business success to understand what business they are in, and derive from this, the information needed to meet business objectives. Furthermore, these key business perspectives are published in a plan that is communicated to all stakeholders and updated routinely. When starting a major new program, the leadership seeks out exemplary programs in Government and industry as benchmarks from which to gain insight.

Leading organizations:

• Foster organizational alignments between the CIO and agency, program, and contract leadership to provide an overall management process for each IT system.

• Clarify project and management roles, particularly with respect to work done within business lines to meet program goals.

• Focus primarily on processes and data that are:

• Necessary for enterprise level management; and
• Essential to missions and multiple business lines.

• Seek ways to identify and leverage resources across missions and business lines.

• Implement a communication infrastructure and process that facilitate and document the vertical and horizontal exchange of information.

Chief Information Officer

As the highest ranking information technology executive in the organization, the CIO must communicate the advantages of effective project management to ensure that new and existing systems continuously deliver enhanced business performance.

High performing organizations place clear accountability for information technology management activities with Chief Information Officers (CIOs). The CIO has the visibility and management authority necessary to advise executive leadership on the design, development, and implementation of IT initiatives. CIOs champion the effective use of IT to support desired business outcomes among their contemporaries, and to executive leadership through the level of the Secretary and comparable peers.

Key CIO responsibilities include: guiding the investment review process for information initiatives; monitoring and evaluating the performance of information systems on the basis of applicable performance measures; and as necessary, advising the agency head to modify or terminate systems.

The CIO in leading organizations:

• Works with agency, program, and contract leadership to provide an overall management process for each IT system.

• Creates a strategic IT plan that reflects the needs of the enterprise, and promotes a disciplined implementation of common initiatives.

• Fosters a strong customer orientation to assure that business objectives take precedence.

• Defines and directs architectural compliance across the enterprise level.

• Guides the agency’s process of sharing and flow of common, as well as program-specific, data among organizational components.

• Employs strategic planning, policy making, performance management, evaluation, and technical expertise to ensure balanced programmatic and technical perspectives on IT investments.

• Supports decentralized organizations when appropriate, by establishing complementary managerial and technical structures.

Contracting

Make the contract work for you!

High performing organizations match the appropriate contract type with each project and nurture the crucial partnering environment among the program manager, contracting officer, and contractor. When properly structured, a contract accommodates changes over time, and includes performance measures to help determine its success relative to the program it supports. Contracts structured in this way can be used as a tool by program managers to effectively control their program.

These organizations enforce each contract, while recognizing that changes are inevitable during a contract’s life. They negotiate contracts that are consistent with and reflective of program needs, clearly linking contract milestones and deliverables to agency decisions for continuing the program.

Leading organizations:

• Ensure the involvement of the contracting officer and contracting management from project conceptualization and routinely thereafter. As key members of the project management team, these individuals ensure that contractual direction is part of the decision-making process.

• Establish clearly defined and mutually understood deliverables in the contract that satisfy program requirements and support modular development as defined through:

• Dependencies,
• Milestones,
• Decision points for go/no-go determination, and
• Outcomes.

• Establish and adhere to the cost and schedule for definitizing all major changes to the contract.

• Ensure that each IT contract addresses the use and coordination of review entities such as independent validation and verification teams.

• Use contract incentives actively and appropriately (e.g., incentive fees, award fees).

IT Architecture

Investments in major information systems should be consistent with Federal, agency, and bureau information architectures, and integrate work processes and information flows with technology to achieve strategic goals.

High-performing organizations define and consistently employ an architecture to frame IT investment and maintenance decisions. They establish and rigorously enforce enterprise protocols and core standards that must be in place to integrate new IT systems into the current systems and technical environment, and serve as a foundation for developing a standards based architecture.

Traditionally, the information systems architecture is comprised of three primary areas. The business architecture, often referred to as the operational architecture, defines the:

• Operational elements, assigned tasks, and information flows needed to accomplish or support the line of business; and
• Type of information, frequency of exchange, and tasks supported by these information exchanges.

The systems architecture defines integrated systems which support the line of business, including a:

• Description of the physical connection, location, and identification of the key nodes, circuits, and networks, and line of business platforms; and
• Specification of system and component performance parameters.

The technical architecture:

• Constitutes a minimal set of rules governing the arrangement, interaction, and interdependence of the parts or elements whose purpose is to ensure that a system satisfies a specified set of requirements;
• Identifies services, interfaces, standards, and their relationships, and security guidelines; and
• Provides the technical guidelines for implementing systems upon which engineering specifications are based, common building blocks are constructed, and product lines are developed.

Leading organizations:

• Develop a business model and systems and technical architectures to provide for the common needs of all related organizations.

• Develop a detailed concept of operations to explain functions, roles, and responsibilities for implementing and managing the architecture.

• Adopt an implementation strategy tied to approved funding levels, that includes the:

• Incremental delivery of useable levels of functionality, and
• Transition of legacy systems.

• Identify and prioritize the resolution of technical standards on an ongoing basis.

• If applicable, require each organizational component to develop a:

• Documented technical architecture consistent with the framework of the overall agency level design; and
• Comprehensive configuration management process to enforce the architecture.

• Develop a plan to determine and assure compliance with architecture standards and the operational environment at all levels of the organization that is consistent with the mission and functions of the organization.

• Use business process reengineering to better define business functions as a basis for IT investment and decision-making.

Technology

Often overlooked, yet key elements in information systems are the definition and testing of system requirements, off-the-shelf solutions, and security measures. Careful attention to these elements reaps high yields and enhances service delivery.

High-performing organizations set realistic goals for process and data integration and for successful business process reengineering. They enforce the technical architecture and standards. They utilize a third party entity for independent verification and validation of all major design documents, software, hardware, and integrated systems. They require that each organizational component identify information that they need from other organizations, and information that must be corporately managed.

Leading organizations:

• Establish formal system requirements, consistent with organizational needs, and before redesigning a system, review the validity of system requirements to ensure that resulting systems will achieve an acceptable level of service.

• Establish a risk management process that institutionalizes test and acceptance procedures and quality assurance for products developed in-house as well as contract deliverables.

• Identify frequent milestones with a defined set of measurable pass/fail performance criteria that comply with a pre-established test plan, and the respective contract(s).

• Establish a coherent commercial off-the-shelf (COTS) software assessment, acquisition, deployment, and life cycle management strategy.

• Communicate the advantages and disadvantages and the cultural, business process, technical, and maintenance issues inherent in the use of COTS software.

• Define requirements that ensure testing at the unit and systems levels of granularity.

• Assure that security experts review all security requirements and plans for IT systems, to ensure that security threats have been addressed in a manner that provides affordable, adequate, and achievable security.

CONCLUSION

High-performing organizations continuously seek out lessons learned to make their own businesses more efficient and effective. This document is one of many sources that provides a limited set of consistent concepts that are applicable across all organizational levels, whether public or private sector. The ITRB recommends that agencies address these concepts as appropriate when developing and implementing major systems.

IT Policy On-Ramp

United States Federal Government Document.

Used by Permission.

Return to Spotlight Archive