The Project Manager’s Dilemma and other Triangles
When I started out in project management, my first mentor taught me about the mislabelled “Project Manager’s Dilemma”. He used to summarise it as being able to deliver a project or product quickly, cheaply or of high quality… but I could only pick two.
Of course, this was a magnificent over-simplification of the project manager’s priorities, but it did provide a basis for discussing different priorities with the project’s budget holder and other stakeholders.
As my career in project management expanded to include managing technology-driven change programmes, along with thousands of others I was taught that business change involved a different type of challenge as we can only succeed if we transform the processes that the people use the technology to support, and that is more complex and challenging than just delivering new technology.
More recently, as I opted to specialise in cybersecurity, I was confronted with yet another set of three criteria to balance with the CIA triumvirate. It continues to surprise me that in our industry, I still observe confidentiality getting a consistently higher priority than either integrity or availability, but that is probable a discussion for another day.
My own interpretation of this set of objectives is that the right information needs to be available (only) to the right people, where and when they need it, in a format they can use and must at the same time be demonstrably accurate and reliable. Which is a bit of a mouthful I know.
Balancing these nine different and sometimes contradictory objectives is never going to be easy, and nobody ever claimed it would be. Is it even possible to articulate the correct balance between, for example, data integrity and the impact of change on people? Is there some kind of three-dimensional matrix we need to understand and master to be effective for all stakeholders in our endeavours?
The aim of this blog is to reflect on these questions and invite you, dear reader, to get involved in the debate about how we must balance these different objectives and the different aspirations of the organisation needing to change, the people affected by that change and the suppliers of the products and services that will (with a bit of luck and a following wind) help the organisation make the change. This is indeed beginning to sound like another triangle.
Requirements, Aspirations and Incentives
During the course of my career, I have been involved in or responsible for delivering a number of transformational change programmes. At one end of the spectrum, I introduced new technology to support the administration of distance learning for a university, at the other end I was part of a very large team which managed the opening and commercialisation of the domestic electricity market in the late 1990s using half-hourly trading via the Electricity Pool. In between these extremes have been numerous projects and programmes implementing new services, updating existing systems, and making organisations and systems more secure, more resilient and more beneficial to the organisations that use them. In each case, my colleagues and I have juggled the drivers and priorities set out above, in ongoing discussions with stakeholders. These stakeholders will include, as a minimum the budget holder, a set of users and at least one supplier. Each group has its own unique perspective on the initiative and it is this trilemma that I believe is at the heart of why, historically, so many technology projects and transformational change programmes have failed, either in part or completely.
Human beings are not automata – we are wonderfully unique and each one of us forms opinions, impressions and conclusions in ways that cannot be predicted by any “standard” model. Statistical analysed are great for demonstrating patterns retrospectively or predicting the pattern of responses in a population. Such analyses are worse than useless when it comes to predicting the behaviour or response of a specific individual in a particular circumstance. Even our own responses to circumstances can be hard for us as individuals to predict as not only are our background, upbringing, education, interests, political leanings, subject matter knowledge and understanding of the views of others all relevant, but so are factors even more personal like our mood at the time or gut reaction to what is being proposed. So for the organisation about to launch a transformational initiative, how can we not only take the project and programme managers’ dilemmas into account and balance those with the security triumvirate, but do so in a way that brings our budget holders, end users and suppliers to a common (or at least intersecting) view of what needs to be changed, by whom, in what way, when and what will be delivered for each group of stakeholders as a result.
The issue, in my experience, is that the relationships between the needs of the organisation, the aspirations of the affected users and the intentions of the supplier(s) are different and sometimes even contradictory, albeit often unconsciously. Firstly, the business of articulating the needs of the organisation (or specifying requirements if you want to be more traditional about it) is difficult and in many interpretations of “agile” approaches can be de-emphasised in the interests of making “progress”. Secondly, in specifying such requirements the aspirations, expectations and hopes of the affected users rarely get the prominence they deserve – after all, the success of the initiative for the organisation does, at least in part, require not only the acceptance, but the active participation and support of those affected users and other stakeholders. Thirdly, the sales process for complex technologies and services is, at least in part, by the incentives offered by vendors to their sales teams. Such incentives are generally (at least in my experience) driven by the need of the vendor to demonstrate the success of particular products or services, and these may not always be what the specific customer needs or wants.
As the venn diagram illustrates, it is where the requirements of the organisation, the aspirations of their users and stakeholders and the intentions of the supplier(s) overlap that our chances of success are greatest. As the diagram also illustrates, and history shows beyond any shadow of a doubt, we need to work on ensuring that this area of overlap is maximised if we are to hope to succeed. Another complication, sorry to say, is that whilst we may be able to align these three drivers at the outset of a project or programme, keeping them aligned requires constant engagement which might be viewed by more deterministic folks as a distraction from the matter at hand.
Oscar O’Connor is an internationally recognised expert and speaker in information/cyber security and resilience, working with clients to deliver value and societal benefit from their investments in technology and cybersecurity.
The opinions expressed by guest bloggers are their views and do not necessarily reflect the opinions of Corix Partners.
Contact Corix Partners to find out more about developing a successful Cyber Security Practice for your business.
Corix Partners is a Boutique Management Consultancy Firm, focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation & Governance challenges.