Portfolio Management Back in Style
- 09 March, 2010 07:53
Portfolio management is poised to go "retro." As organizations are preparing to come out of the recession, they are thinking more broadly about the types of investments that will be required to support business growth. As a result, some organizations are revisiting the idea of portfolio management as a way to organize and evaluate.
When portfolio management was a hot topic in the middle part of the last decade, it was driven in part by some good management thinking from people like Peter Weill at MIT CISR and Dr. Howard Rubin and in part by some software tool vendors. At the time, most companies added some kind of portfolio thinking or at least dabbled with it. As my partner Jim Quick and I recently discussed, most of the fanfare was confined to the IT organization, but some of the more pioneering organizations actually drove portfolio thinking higher in the organization. In fact, this is where it belongs, where a complete view of a business investment can be calculated and evaluated.
Many organizations likely found portfolio management too complex, too heavy on overhead, or too theoretical and, thus, they were unable to find value in it. So why would it come back into fashion now?
One of Diamond's financial services clients historically drove its investment planning at the business unit level (and the company had three major business units). But ultimately, senior management realized the firm's customer-facing systems had so diverged that they were developing software using three different technology stacks. At that point, a new CIO took over and quickly diagnosed the need for a single view of the projects with special emphasis on cross-business sharing of investment dollars, projects, and software assets. The CIO turned to portfolio management as a technique for organizing his thinking. The first step was to determine the starting portfolios, which should then be discussed in terms of business capabilities and goals.
To put it simply, the organization needs to ask two questions when designing a portfolio management approach: which budget, and which types of investments?
The IT budget is the typical scope of an organization's portfolio management, but some have successfully applied the principles across all investments, business-wide. Leading companies focus on strategic ideas early in their lifecycles and utilize portfolio management principles to screen, evaluate, and calculate the total cost of investment--business activities, application development, architecture, infrastructure, and some ongoing costs. It is important to keep this process and governance as simple as possible because over-engineering can result in people reverting back to spreadsheet tracking and one-off discussions.
The second question concerns what types of investments an organization will track within the budget. For example, "holy grail" would be to track the total investment made in the billing function--including items such as labor, hardware, software, paper, and telecom. This requires access to all of the spend data at a sufficiently granular level to be able to allocate it to a business function, as well as a way to assign the cost of shared services. Unfortunately, many organizations do not have this data readily available and instead look only at project-driven investments.
Start with Projects
Projects, as investments, are ready-made for portfolio management. This is because the planning process usually includes the basic information needed to categorize and evaluate them (cost, duration, benefits, estimated return, risk)--the elements of a standard business case. Most mature organizations have a robust project proposal and estimating process. To begin effective portfolio reviews and analysis, IT leaders need three kinds of project data:
1. Business Impact: Which capabilities required by the business over the next 12, 18, 24 months are built or enhanced by the project?
2. Financial Case: For the proposed costs, what type of return is projected? Is it a straight-forward ROI business case, an earlier stage pilot to learn more, or an investment needed to remain at competitive parity? The financial cases for different types of investments can be vastly different. For example, a risky, early-stage investment may have no immediate return, but can gather data to drive a more realistic business case.
3. Risk Profile: How hard will it be to pull off the project? Does the organization have the necessary skills, experience, and leadership? If there is a delay, what will be the impact on the business? Are there any external risk factors such as customer satisfaction or regulation?
With these types of data in hand for each proposed project, an organization can then start to evaluate the mix across various dimensions, such as business capabilities and risk/return. The next steps will involve adding information about in-flight projects and to measure actual investment returns upon project completion.
Chris Curran is Diamond Management & Technology Consultants' chief technology officer and managing partner of the firm's technology practice.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Spiceworks' free management software gets integrated MDM
New Demands for Real-time Threat Management
Many organisations are evaluating a new security model based upon IT risk management best practices. This is a good idea, but not enough for today’s dynamic and malevolent threat landscape. To keep up with IT changes and external threats, large organisations need to embrace two new security practices: real-time risk management for day-to-day security adjustments and real-time threat management to detect and remediate sophisticated, stealthy, and damaging security breaches (i.e., advanced persistent threats, or APTs). Learn more.
Bring Your Own Device FAQs
This report covers the frequently asked questions associated with the implications of BYOD devices in the workplace. Any solution in this space needs to be built on simplicity, scalability and security. Click to find out how to address the IT security challenges.
Real-Time Protection Against Malware Infection
Malware is at such high levels (more than 60 million unique samples per year) that protecting an endpoint with traditional antivirus software, has become futile. More than 100,000 new types of malware are now released every day, and antivirus vendors are racing to add new protection features to try to keep their protection levels up. Read more.