This week's Public Accounts Committee (PAC) report into the C-Nomis project once again highlights (amongst a plethora of other issues) the failure of high level governance of a significant and costly business change project. The facts behind the failings of the C-Nomis project are catalogued in detail elsewhere but can be summarised in the PAC words as a 'prime example of how not to develop a project'. Sadly we have heard that many times before in relation to other similarly doomed projects. An earlier National Audit Office (NAO) report (www.nao.org.uk/publications/0809/national-offender-management.aspx) on C-Nomis covered much the same ground and came to the same overall conclusions.
From a governance and value perspective there were many issues highlighted by both reports including lack of accountability and lack of critical oversight. In particular the PAC report identified 'an over-optimistic good news culture which was not challenged with sufficient rigour by senior management with in-depth knowledge of the business'. Development project history is littered with similar instances where a project was allowed to run out of control at least partly due to insufficient timely and informed challenge from business management.
The first source of challenge should come from the Project Board itself although in too many cases this Board is too close to the project and its participants to take a fully objective and independent view. Indeed the NAO report revealed that the C-Nomis Board received no reports on project progress until mid-2007. Given the magnitude and significance of C-Nomis to its sponsoring organisations the senior Management Board and its Audit Committee should have been active in asking for and challenging the reported progress and likely outcomes. Perhaps an external independent review during the course of the project might have highlighted warning signs at an early enough stage to bring the project back on course.
A key aspect of robust governance is the ability to exercise appropriate objective oversight, ensure accountability and provide assurance on the delivery of value from the investment. Governance over C-Nomis seems to have failed on all of these counts. Perhaps unambiguous and transparent accountability was the main missing ingredient. Properly assigned, and continuing, accountability at the right level and to the right person might have helped. However, ensuring that the accountable individual has the experience, the confidence, and the mandate to provide effective challenge and guidance is never easy. Such skills and experience are not easily available on most Boards.
One of the most depressing quotes from the PAC report states 'the individuals who took the key decisions on C-Nomis and were responsible for its monitoring and oversight have all retired or moved on, and no-one is held to account for an estimated £41m wasted due to delays and cost overruns'.
The subject of my last blog, on business processes, also has a relevance here as another reported failing was the inability to simplify and standardise business processes. This indicates that once again this was treated as an IT project rather than as a business change project. The evolution of the IT function towards becoming a business process function may move a step closer as a result of these well documented failures.
From a governance and value perspective there were many issues highlighted by both reports including lack of accountability and lack of critical oversight. In particular the PAC report identified 'an over-optimistic good news culture which was not challenged with sufficient rigour by senior management with in-depth knowledge of the business'. Development project history is littered with similar instances where a project was allowed to run out of control at least partly due to insufficient timely and informed challenge from business management.
The first source of challenge should come from the Project Board itself although in too many cases this Board is too close to the project and its participants to take a fully objective and independent view. Indeed the NAO report revealed that the C-Nomis Board received no reports on project progress until mid-2007. Given the magnitude and significance of C-Nomis to its sponsoring organisations the senior Management Board and its Audit Committee should have been active in asking for and challenging the reported progress and likely outcomes. Perhaps an external independent review during the course of the project might have highlighted warning signs at an early enough stage to bring the project back on course.
A key aspect of robust governance is the ability to exercise appropriate objective oversight, ensure accountability and provide assurance on the delivery of value from the investment. Governance over C-Nomis seems to have failed on all of these counts. Perhaps unambiguous and transparent accountability was the main missing ingredient. Properly assigned, and continuing, accountability at the right level and to the right person might have helped. However, ensuring that the accountable individual has the experience, the confidence, and the mandate to provide effective challenge and guidance is never easy. Such skills and experience are not easily available on most Boards.
One of the most depressing quotes from the PAC report states 'the individuals who took the key decisions on C-Nomis and were responsible for its monitoring and oversight have all retired or moved on, and no-one is held to account for an estimated £41m wasted due to delays and cost overruns'.
The subject of my last blog, on business processes, also has a relevance here as another reported failing was the inability to simplify and standardise business processes. This indicates that once again this was treated as an IT project rather than as a business change project. The evolution of the IT function towards becoming a business process function may move a step closer as a result of these well documented failures.
Hi Paul,
Great post and thanks for bringing this to the attention.
When reading up on this C-Nomis project at http://news.zdnet.co.uk/itmanagement/0,1000000308,39854656,00.htm
I indeed realize that it's (sadly) a perfect example of what an organization can do wrong.
Hope they learn from it but I wonder, because from reading the following quote in the article it seems like it can be fixed in an instant, while I believe it takes a lot of effort and persistence to change the organization: "Steps have been taken to ensure that the mistakes made are not repeated".