One of the most valuable sources of information when assessing IT systems for your company is the Information Systems Audit and Control Association's completed extensive research entitled COBIT (Control Objectives for Information and Related Technology), defining IT project control objectives for major IT business processes. This analysis is an excellent starting point for the execution of project reviews.
Nevertheless, the best practice aids will only be of help if companies themselves realise the benefits and risks of IT projects. To this end, they should bear in mind that a project review provides assurance of timely and effective IT investment management. Last but not least - an IT project review can be performed at a low cost, as it represents a value-added effort, with effective monitoring of the project's progress.
Information technology is changing rapidly and organisations are constantly incorporating new technological developments to gain efficiencies and reduce costs. The management of these companies, although often aware of effectiveness of such technologies, tend to overlook the need for IT project results review at the stage of their implementation.
Every company is interested in benefits which should be delivered by its IT investments. In this respect, the IT project review should, in the first place, ask such questions which refer to the interest of the company, for instance:
Is the IT investment a right decision? (Are project objectives clear? Does the IT solution proposed support the business activities?)
Are we working as effectively as possible? (Are there any other ways new technologies could achieve the goals?)
Can we assess our progress? (Are there performance standards? Regular progress reporting/staff feedback/actions to be taken?)
Is our work effective? (Have the project objectives been fully achieved?)
Is the project cost-effective? (What costs can be significantly influenced by the project?)
Who is accountable for the project outcome? (Are the right people involved? Do they fully understand their roles? Is the senior management supportive?)
Are key assets protected and controlled? (Is the IT infrastructure capable of handling the deployment of applications? Is IT security adequate and should relevant actions be taken?)
In order to make IT decisions work for your company, communication has to exist between all spheres involved: upper-management, business staff and IT project members. Without communication IT goes to waste. There is no time to "learn as you go," as the saying goes. IT changes rapidly, so companies have to be ready to adapt; merely relying on people learning on the job is often costly and risky.
27. Mar 2000 at 0:00 | Peter Borak