Moving beyond projects (part three)

In the last couple of posts, we’ve been looking at the knowledge management (KM) and portfolio management benefits an organization can gain by shifting focus from away from projects and onto assets. In this post, we’ll turn to the ways an asset focus can benefit risk management at an organization.

Most importantly, at organizations that have a strong project orientation, risk management tends to be structured primarily around project risk (schedule, budget, requirements, and so on), while the other categories of organizational risk get considered primarily through a project lens. So, for example, instead of treating compliance risk in and of itself, compliance risk is addressed within the context of the individual projects or initiatives in flight.

Now, for highly visible categories of risk like compliance, most organizations are going to manage them whether or not they have a project focus. But a strong project focus can eclipse some less visible, but no less important, risks, making them difficult to even see, let alone manage.

Asset risk is one of these less visible but nonetheless mission critical risks that often gets overlooked in project-focused organizations. By doing so, however, these organizations are carrying a significant risk exposure…and likely don’t even realize it. Let’s consider an example that most organizations face: the risk associated with IT systems and applications.

As we saw in the last post, when IT portfolio management is done with an asset focus, the organization fosters longer-term thinking about the work it does and gains tremendous benefits. One additional benefit is that the asset orientation of IT portfolio management makes asset risk visible to the risk management function and gives it the tools it needs to manage it effectively.

So, when doing IT portfolio management with an asset focus, you would want to ask the following kinds of questions about each asset:

• How old is each asset?
• How long is the expected life of each asset?
• How comprehensive and accurate is the documentation about each asset?
• What is the platform and specifications of each asset?
• How easy/difficult is it to support each asset?
• How easy/difficult would it be to migrate each asset to newer and/or standard platforms (if available)?
• What is the age of the staff that supports each asset?

(Note: these questions come from a recent presentation by Russ Bostick at the Arizona IT Symposium. Click here for a more detailed discussion of that talk.)

This line of questioning gathers information about assets that allows an organization to see more clearly the risk they pose, e.g., of aging beyond their useful life, of not being understood well enough to operate and maintain, of being resistant to migration/replacement, and of being without experienced staff to operate and support them. And it’s only by first making the risk associated with assets visible than an organization can decide how to manage that risk.

At this point, we can begin to appreciate that the benefits to be gained from adopting an asset focus are accretive: the KM benefits allow all the information about assets to be accessed by everyone who needs it; the availability of information about assets allows the organization to manage them as an enterprise portfolio; and the output of managing assets as a portfolio becomes an important data point for effectively managing the risks associated with assets across the organization.

In the end, however, the decision isn’t between a project focus and an asset focus, it’s about understanding how projects and assets fit into the larger context of a given organization and balancing them accordingly (in another post, I present a more detailed discussion of how lifecycles can contribute to this effort). I’d love to hear from folks who have their own thoughts or experiences to share on these issues—conversation is, as always, welcome!