ebook img

Coping with IS/IT Risk Management: The Recipes of Experienced Project Managers PDF

329 Pages·2002·23.206 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Coping with IS/IT Risk Management: The Recipes of Experienced Project Managers

Practitioner Series Springer-Verlag London Ltd. Series Editor Ray Paul Brunei University, Uxbridge, UK Editorial Board Frank Bott UWA, Aberystwyth, UK Nie Holt ICL, Manchester, UK Kay Hughes QinetiQ, Malvern, UK Elizabeth Hull University of Ulster, Newtownabbey, N. Ireland Richard Nance Virginia Tech, Blacksburg, USA Russel Winder OneEighty Software, Croydon, UK SionWyn Conformity, Llanwst, UK Other Titles in This Series: The Project Management Paradigm Managing Electronic Services K Burnett A Grönlund 3-540-76238-8 1-85233-281-6 Key Java Forensic Computing /. Hunt and A McManus T Sammes and B. Jenkinson 3-540-76259-0 1-85233-299-9 Distributed Applications Engineering Real-Time and Multi-Agent Systems /. Wijegunaratne and G. Fernandez A Attoui (Translator: S. Ingram) 3-540-76210-8 1-85233-252-2 The Renaissance of Legacy Systems The Component-Based Business J. Warren R. Veryard 1-85233-060-0 1-85233-361-8 Java for Practitioners Developing IT Staff: A Practical /. Hunt Approach 1-85233-093-7 M. Clarkson 1-85233-433-9 Conceptual Modeling for User Interface Development Software Design: Cognitive Aspects D. Benyon, T Green and D. Bental E Detienne (Translator: E Bott) 1-85233-009-0 1-85233-253-0 Computer-Based Diagnostic Systems The Usability Business G Price /. Bawa, P Dorazio and L. Trenner 3-540-76198-5 1-85233-484-3 The Unified Process for Practitioners Practical Software Reuse /. Hunt M. Ezran, M. Morisio and C. Tully 1-85233-275-1 1-85233-502-5 Tony Moynihan Coping with IS/IT Risk Management The Recipes of Experienced Project Managers Tony Moynihan School of Computer Applications Dublin City University Dublin 9, Ireland British Library Cataloguing in Publication Data Moynihan, Tony Coping with IS/IT risk management: the recipes of experienced project managers. (Practitioner series) 1. Industrial project management 2. Information resources management 3. Risk Management I. Title. 658.4'04 ISBN 978-1-85233-555-7 Library of Congress Cataloging-in-Publication Data Moynihan, Tony, 1939- Coping with IS/IT risk management: the recipes of experienced project managers/ Tony Moynihan p. cm. - (Practitioner series) Includes bibliographical reference and index ISBN 978-1-85233-555-7 ISBN 978-1-4471-0155-0 (eBook) DOI 10.1007/978-1-4471-0155-0 1. Industrial project management 2. Information resources management 3. Risk Management. I. Title. II Series. T58.5 .M69 2002 658.4'038-dc21 2001054265 Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form or by any means, with the prior permission in writing of the publishers, or in the case of reprographic reproduction in accordance with the terms of licences issued by the Copyright Licensing Agency. Enquiries concerning reproduction outside those terms should be sent to the publishers. Practitioner series ISSN 1439-9245 ISBN 978-1-85233-555-7 http://www.springer.co.uk © Springer-Verlag London 2002 Originally published by Springer-Verlag London Limited in 2002 The use of registered names, trademarks etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant laws and regulations and therefore free for general use. The publisher makes no representation, express or implied, with regard to the accuracy of the information contained in this book and cannot accept any legal responsibility or liability for any errors or omissions that may be made. Typeset by Florence Production Ltd, Stoodleigh, Devon, England 34/3830-543210 Printed on acid-free paper SPIN 10853748 Series Editors Foreword Thisisonlythe fifthbookinthe 21volume PractitionerBookSeriestobeover 300 pages long. But, as before, for good reason. Tony Moynihan has persuaded 30project managers, allexperienced in ITlIS, to talk about how they manage project risk.Soa major component ofthe size ofthe book is these project managers talking (in a structured way). And since IS/IT projects seemto observe one ofDwightD.Eisenhower's favourite maxims "When preparing for battle I have alwaysfound that plans are useless, but that planningisindispensable." (R.Andrews (2000) TheNewPenguinDictionaryofModern Quotations,page 123,reference 6). Iwelcome abook thatprovides uswith the 'recipes' ofthe successful battles conductedbythese ITsolutionproviders. Tony Moynihan deals with the problem of eliciting the project managers' recipes (similarto riding abicycle,easierto do than to describe to someone else)inaseries ofphases.Inthefirstphase, 14experiencedprojectmanagers were interviewed to determine the factors they take into account when decidingonhowto"shape" andmanagenewprojectsfornew clients.These factors were used in the next phase to create a set of hypothetical project profiles.Twentyexperienced IS/ITproject managers then discussed (infull in the book) these profiles and how they would handle the situation. The third phase in the book analyses the 20conversations to determine the project managers' theories of action.These 'theories' were then examined throughaseries oftheoreticallenses derived from the appropriateliterature. Clearlythis book isintended for Practitioners, and in particular, ISIIT/soft ware project managers. But it is also a goldmine for researchers (somuch rich source material) andforstudents (wellwritten descriptions ofreallife). All in all,a classic example ofwhere the intended Practitioner audience for the book willbe greatly increased by the unplanned-for addition ofa wide variety ofnon-Practitioners. Thisbook makes a timely andwelcome contri butionto the advance ofknowledge and understandingin IS/IT. RayPaul eve Preface and Acknowledgements There arethousands ofbooks and articles writtenaboutmanaginginforma tion systems projects. Most ofthese books and articles make at least some referencetoprojectrisk,andwhattodoaboutit.Thisisanotherone ofthose books. So,whybother?What have Igot to add to what's already on offer? I think that what's unique about this book is its approach. I get successful, experienced IS/IT project managers to talk about how they manage risk ... notaboutwhatthey areurged todo inbooks andon trainingcourses...but what they ACTUALLY do (or think they dol). The bigger part ofthe book is justpeopletalking.Infact,mybiggestfearforthe book isthatthe readerwill feelthatthereistoo much talking ...and too little"theory"! There are people Iwant to thank. Mycolleagues at DCUfor their feedback and advice. Particularly John Hurley, Rory O'Connor, Chris Curran and Howard Duncan.MywifeNuala for her patience.The University for giving me the time and resources. Butmybiggestdebtisto the thirty projectmanagerswho gaveme theirtime and commitment,and who made this book possible. In the book, Irefer to each byhis/her firstname only.Notbecause they asked me to,butbecause itmakes mefeelmore comfortable,andbecauseItold each atthe outsetthat this ishowIwould do it. Iwant to dedicate the book to Owen, one ofmy thirty "guinea pigs".Owen gaveme alot ofhonest feedback after my interviewsessionswith him,and he helped me to debug my interviewing approach. Sadly, Owen died recently. Hewas held in the highest regard in the Irish ITcommunity, and beyond.Hewillbe rememberedwith affection. TonyMoynihan Dublin City University July, 2001 • vii· Contents 1. Introduction................................................................................................ 1 Part 1:"What Makes DifferentProjects Different?" 2. How Project ManagersConstrue Projects..... 7 3. ACloser Look atTheirConstructs 32 Part2:"YouWantto KnowWhatI'd DoAboutIt?" 4. Method......................................................................................................... 43 5. Alan.............................................................................................................. 48 6. Andre........................................................................................................... 56 7. Anne 63 8. Bob............................................................................................................... 69 9. Canice.......................................................................................................... 73 10. Colin 80 11. Gerry............................................................................................................ 89 12. Mervyn 95 13. MichaelB 104 14. MichaelC 110 15. MikeA.......................................................................................................... 116 16. Owen 122 • ix· Coping with IS/IT Risk Management • 17. Padraig......................................................................................................... 127 18. Patrick.......................................................................................................... 135 19. Paul.............................................................................................................. 141 20. Philip 146 21. SusanA........................................................................................................ 153 22. Susan B 159 23. Tommy 167 24. Tony 175 Part3:DistillingOuttheTheories-of-Action 25. Method 183 26. Some "Strategies", "Recipes",CallTheseWhatYouWill.......................... 187 Part4:"So,ItWorks in Practice...ButWillItWorkin Theory?" 27. Through the "Looking-glasses"ofTrust,Agency,Change, Capability,Action, Rationalityand Control............................................. 223 28. Throughthe Looking-glass of"Requirements-uncertainty" 238 29. Conclusion 244 Appendices 1. Numbers ofConstructs under Each ThemebyManager 253 2. The FiveHypotheticalProjectProfiles 254 3. The "Strategies"/"Recipes" 256 References... 322 Index. 325 exe Introduction Overadecadeago,StudsTerkelwrote anow famous book called Working. It has recently been reprinted (Terkel, 1997). In the book, dozens of people take a chapter each to talk about their daily experiences oftheirjobs ... as cab drivers,engineers, nurses, secretaries, call-girls...awide canvas!Studs allowed people to talk into his tape recorder ... no steering,no prompting, no interruptions ... at least that's how it seems to the reader. Almost pure stream-of-consciousness stuff.When I first read Working,I thought "That's a neat idea. Write a book by getting other people to do all the work! No analysis, no interpretation, no conclusion ... just get people talking, and write it alldown." This book is a bit like Working. Most of it consists of people talking about their work ... but in a structured way. And I do have some analysis, and a lot ofinterpretation. LikeStuds, Idon't try to come to firm conclusions. The people I get talking are not cab drivers or nurses. They are men and womenwho manageinformationsystems developmentprojectsforexternal clients.They work in software houses, ITconsultancies, or whatever. They act as problem diagnosers,system designers,system implementers fortheir clients.In the words ofthe trade,theyare ITsolution providers. What do they talk about in this book? They talk about their "recipes" for managingprojects ... particularlytheirwaysofhandlingpotentiallyserious problems likeunrealistic client expectations, lackofreal project ownership, and the like.In fancier language, theytalk about their theories-of-action. Argyrisand Schon (1978) invented the term theory-of-action. They define a theory-of-action thus: ''A full schema for a theory-of-action would be as follows: insituationS,ifyouwantto achieve consequenceC,underassump tions a, ... n, do A" (l0). So, this book is about situations, actions, consequences and assumptions in managing IS/IT projects ... as seen by experienced IS/ITproject managers (PMs). Anotherwayto describe this bookisin terms ofGluch'snotion ofa project risk-element (Gluch, 1994). A project-risk-element consists of three components: a risk condition, a default project transition, and a default .1. T. Moynihan, Coping with IS/IT Risk Management © Springer-Verlag London 2002 Coping with ISIIT RiskManagement • projectconsequence.Ariskconditionisan aspectofthe currentstateofthe project that gives cause for concern. A default transition is the likely sequence ofstates the projectwillmove through ifno actionistakento deal with the riskcondition.Adefault consequence isthe likelyultimate adverse outcome resulting from the default transition. This book is about IS/IT project-risk-elements, and the strategies that experienced PMsclaim to use to cope with these. The task ofeliciting peoples' theories-of-action isnot at allstraightforward. Schon discusses this problem in the context of how professionals such as consultants, engineers and managers thinkin action: "When a practicioner displays artistry,his intuitive knowing is always richer in information than any (external) description ofit.Further, the internalrepresentationstrategy, embodied in the practicioner's feel for artistic performance, is frequently incongruent with the strategies he/she uses to construct external descrip tions of it. Because ofthis incongruity, for example, people who do things well often give what appear to be good descriptions of their procedures which others cannot follow. Everyone who has tried to learn from a book how to ski or write a story knows how difficult it can be to act from such a description" (Schon, 1983: 276). Evenifthe expert iswillingand able to explain "how he/she does it", there is the question of the validity of the information being volunteered. "... activity iscontextbound and to studyany human activity divorced from its contextistostudyitdivorced ofitsmeaning" (BellandHardiman, 1988: 57). Inotherwords, the "algorithm"elicitedfrom an expert in an artificialsetting, orwhile the expert isworking on acontrivedtask, maynotbe the algorithm used "in the real heat ofbattle". Not encouraging! So,how did Iset about the task? I broke the study into three phases. In Phase 1,I tried to answer the ques tion:What factors do experienced IS/ITprojectmanagers take into account when decidingon howto"shape" and manage new projectsfornew clients? Byfactors, Imeanthings likethe characteristicsofthe system tobe built, the nature of the client organization, the sorts of people involved, the tech nology to be used, the politics ofthe situation ... whatever.In Argyris and Schon's terms, the variety of (Sntuations to be dealt with.In Gluch'sterms, the variety of risk-conditionsto be removed or managed around. Toanswer this question, Iinterviewedfourteen experienced project managers. Iasked each PMto choose some recent projects that he/she had managed. Then I asked the PMto compare and contrast these projects with one another, in terms of factors that had differed across the projects, and that had led to differences inthe waysinwhich he/she had"shaped" andruntheseprojects. InPart 1ofthis book, Iexplain howIdid allofthis. Ishowexamples ofsome z

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.