Monday, October 8, 2012

Project assessment service - promoting project success

Business and IT leaders have been in a difficult situation for several years…and it is pure speculation to suggest that the challenging times are ending. No matter what happens in the broad economy, you will still be focused on making do with tight budgets and high performance expectations.

Many leaders I speak with remain concerned that project performance falls short of excellence. Late delivery and failure to meet user needs and expectations as well as budget overruns are common. Many believe that they are adequately staffed to lead their own projects, and yet problems still arise.

We at SIM Associates can offer assistance in this situation. Our project assessment service can help you answer questions like the following:

·         Is my project plan logically consistent, realistic and sound?

·         Are my resources (both business and IT participants) properly equipped to deliver what I need done?

·         Is proper commitment of resources (quantity, time allocation, work priority) in place to meet my goals?

·         Are my requirements sufficiently clear and specific to fully represent user needs and expectations?

·         Is my test plan robust and complete? Are necessary resources in place to execute and manage testing?

·         Is a workable and committed project governance structure in place?

·         Is my reporting to all interested audiences – users, business management, IT management, others - sufficiently detailed and specific to demand attention and drive necessary actions and decisions?

·         Is there a functioning change management process in place?

·         And the list goes on…

Project assessment is a service that can be invoked on a one time basis or periodically throughout a project’s execution to answer key questions such as those above, and to elicit recommendations to address gaps in your current execution.  As with all SIM Associates’ services, it is based on a sound process that is customized to align with your specific goals and needs. This is not a ‘canned’ package, but instead is one highly tailored to each engagement.

I would be pleased to explore your needs and our capabilities with you to help you achieve the project excellence you desire. Let’s talk at your convenience.
Bob Kotch

Friday, May 18, 2012

Cloud Services – A Decision Maker’s Guide

Cloud Services – A Decision Maker’s Guide

Much has been written about the Cloud and its impact on business. The Cloud represents a powerful tool for businesses to employ in their quest for success. It offers some distinct advantages, and like all solutions, comes with a price tag. Only the particulars of a business situation can determine if this is the right tool to select.

This blog outlines some of the considerations in cloud deployment to help practitioners make business-beneficial choices.

The first matter to be addressed is to define the problem you are trying to solve and articulate your goals. Some goals that relate to Cloud deployment decisions include:

·         Rapid short term or long term capacity provisioning

·         Creating intermediate to long term infrastructure  capacity flexibility

·         Infrastructure modernization/enhancement

·         Deployment of integrated applications and infrastructure, such as a deployment

·         Managing/minimizing capital requirements

And the list goes on – it is limited only by your creativity.

 No matter what your goals are, there are several factors that should be taken into account in the decision process. Among them are the following:

·         Security

·         Cost

·         Transition both to and from the Cloud platform

·         Are the savings real?

·         Lifespan

·         User considerations

Security is a significant factor. Your data will be stored outside of your environment if you opt for a public cloud solution. Where is the data stored? How is backup managed? How accessible is it to your user community? What safeguards are in place to ensure that it is protected from mal-use?

Cloud vendors will tell you that their environments are secure and protected. Understanding the details is critical – you cannot let security be compromised and hence a detailed understanding of where data is stored, how it is backed up, how access is protected and how authorities are to be managed are critical questions in selecting a solution. In the case of a private cloud deployment, the same questions apply, although external access is more secure due to your corporate firewall deployment.


Art Wittmann, writing for Information Week recently, noted that cloud costs tend to be decreasing and contracts for cloud services should include that as a consideration. Moore’s law has continually lowered the cost of storage and therefore by implication, the cost of cloud services. Any agreement with a cloud provider would need to include price protection – not only from increases, but also guaranteeing that you benefit from decreases in provider cost and therefore market price of newly contracted cloud services. A favored nation clause can help here, but it is often difficult to quantify and to administer.


Moving to a cloud solution will incur some cost and effort. Is that well understood? Are the resources in place – either on staff or contracted – to effect the transition seamlessly?  The analysis of any technology deployment should include all costs and benefits. Moving of any application or data to a cloud provider will incur some costs. That is clear. Equally clear, the costs of moving the application and/or data back to the internal environment – as certainly would be the case in a short term capacity enhancement – should be well understood. What is the process and what are its requirements and costs? Will there be a period where your application or data may not be available for users? What are the consequences of this, and what is a mitigation strategy? There is no need for granular disengagement planning at the point of engagement of a cloud provider, but an understanding of the process and costs of disengagement will inform decision making.

Realization of Savings

In any analysis of change, it is critical to ensure that savings forecasted will be realized. What will become of un-depreciated current storage investment if you migrate to a cloud environment and the current equipment is no longer of use to the business? Will you save labor by migrating? What will happen to those employees whose work will be displaced? Will their capacity be absorbed in departmental overhead? Will they be reassigned to work that would be funded independent of the cloud decision? You get the idea… So often ‘savings’ are defined at the cost study level but no operational plans are in place to realize the savings. The caution – make sure forecasted savings are realized and that someone is accountable for their realization.


As all IT professionals have learned, there is no ‘final solution’ to a challenge. Technology evolves and so do solution options. Hence the Cloud is a current advantageous tool, and it will be replaced at some point in time by something bigger and better. This has always been the case in IT, and I project that will continue to be true in the future.

For that reason, careful consideration of solution lifespan is important. You will be investing some resources to move to a Cloud solution. That investment will have a lifespan – the consideration of full lifecycle costs is a necessary ingredient to any economic analysis.

I am not suggesting that when a new technology emerges, you will necessarily move to it. Instead, I am merely suggesting that you consider the likely lifespan of the Cloud solution you are considering – it will yield insights as to the economic advantage of the steps you are considering now.

User considerations

Any actions by IT need to be driven by the best interests of the business. Careful consideration of user impacts, both benefits and challenges alike, is essential.

In Summary

The bottom line is this – Cloud options offer the potential to create business value – potential cost reductions, deployment speed improvements, capacity enhancement, modernization of infrastructure, user flexibility, etc. This is a valuable tool whose benefits and costs should be assessed in a balanced way.

 Bob Kotch

Monday, March 5, 2012

How Projects Fail

How Projects Fail

I speak to many IT professionals, and each has a story about a project that went terribly awry. One of the most frequent project related questions we all get is some form of “tell me what you learned from your last project, and what you would do differently.”

There are many reasons that projects get into trouble. So instead of focusing on a particular project, I thought in this Blog that I would outline a high level but composite picture of some of the activities that can help assure project failure – “What can I do to be certain that my project will fail?” Certainly in my zeal to describe failure modes as a primer to help practitioners avoid disasters, I will miss some prime failure opportunities. Help us all by adding the failure modes I may have missed.

With that as a backdrop, let’s start at the beginning.

1.       No need for a vision! If there is a need for a project, we all know it. So let’s not waste time with a vision, definition of what we are trying to accomplish, project charter, success metrics or any of that overhead. It takes time away from doing the project.

2.       Forget requirements documents – look at software available in the marketplace and decide if it is ‘good enough’ to meet your needs. Don’t waste time with a detailed and comprehensive requirements document. It detracts from getting started on the project!

3.       Select a vendor based on demos. We will know if the product meets our needs – we just will!

4.       Negotiate the vendor contract as early and as quickly as possible. Don’t bother appending requirements, performance metrics, delivery commitments and consequences of non-delivery. Let the vendor manage their end of the project and don’t worry about it. After all, you know this is the right vendor for you! They do this all the time!

5.       Think of this as a system deployment. Don’t get distracted by the business needs or by process reengineering or modification. It will distract you from the real goal – get the new system in and working.

6.       Don’t be overly concerned about resources. The business wants the project done – they will find a way to participate and get their part done. Where there is a will, there is a way.

7.       Don’t spend time defining the decision making, review and communication processes for the project. These administrative distractions will only slow you down.

8.       Set the golive date, build a plan and relentlessly track it. The plan is the plan – take no prisoners. Get it done, no matter what. Meet the plan and timeline – that is the goal!

9.       Take shortcuts where you can. Detailed documentation of use cases, process change and the like takes time and will detract from meeting the sacred system deployment goal.

10.   Go light on user training. They will get it…after all, this is the right system and it will work just fine. Be willing to make compromises here to get it done.

11.   Don’t worry about scope creep – if new understandings emerge, they can be accommodated in the project. Don’t let that slow you down.

12.   Conversely, if your team identifies some needs that cannot be accommodated, don’t let them get away with it! There is no phase 2 – this is it.

13.   During the project, let your team focus solely on getting it done. Don’t engage in periodic review by an unengaged expert body such as a PMO review. Wastes time, distracts from the goal – get it done.

14.   Don’t engage numerous committees to oversee the project. Executive steering committees, project teams, tech teams and the like are a waste of time. Focus instead on getting it done; speaking with whomever you can find to be engaged to help. Don’t get process bound.

15.   Don’t worry about politics. The project lead can make all necessary decisions.

16.   Defer thinking about support of the system after the project is in production. It will emerge naturally and take care of itself. The same goes for setting a transition support period between deployment and normal ongoing operation. Overhead – shun it!

Any one of these factors can cause project failure. Taken together, they virtually guarantee it. Proceed wisely!

For more information, see

Bob Kotch – -@Bob_Kotch

Sunday, February 26, 2012

Personal Online Security

I had the opportunity to attend a meeting on February 24 at the New York Federal Reserve Bank. It was arranged through Fordham University, and the focus was cyber security.

Much has been said on this topic – and the more I hear the more frightening it gets. I will not try to summarize the presentation or the discussion that ensued among participants, who included CIOs of several major private and public institutions. It is far too complicated to capture in a single blog entry.

But the meeting caused me to think about personal security. Many of us have online access to bank accounts, credit cards, private information (e.g. email and contacts and calendars) and other highly confidential information. We are all used to two factor security arrangements (i.e. a user id and password). Some of us have had experience with one time passwords and other personal methodologies as well.

Keeping track of passwords is a challenge. So some of us store them in Outlook. Others use various ‘secure’ password storage facilities that are generally available. The common weak link to all of this is our email identity.

Why do I say that? What happens when you forget a login id or a password? Often you need to answer a preselected security question but in most cases you get a link emailed to your email account of record. That link ‘authenticates’ that the authorized party is requesting the password change, and allows it to be made.

But what if a hacker has access to your email account? Unless you are carefully monitoring your email account, and even if you are, a hacker can intercept that email link, change your password and access your private information, credit cards, bank accounts and who knows what else. And by time you figure it out – if you do – the damage is done and is irreversible.

What are we to do? There is no simple formula nor is there a foolproof methodology. I suggest the following as a starting point.:

1.       Eliminate all stored passwords from Outlook contacts and other repositories

2.       Use a unique password for every important access point of interest – personal information, banks, credit cards, email, etc.

3.       Change passwords often – monthly or more frequently for critical access points such as bank account access

4.       Change your email password very frequently – weekly!

5.       This will cause you to worry – as it does me – about how to remember all of these rapidly changing passwords. The process I suggest is to change your email password, then immediately request a password change at the site you wish to access. Use complex passwords – a combination of capital and lower case letters, numbers and if allowed by the site, special characters. Make sure the passwords have no meaning.  Do not worry if you do not remember it – you can do this for every access if need be.

6.       NEVER access any accounts or email via unsecured wireless connections.

7.       Secure access to mobile devices – PCs. Tablets, phones – though a password.

Is this enough to provide absolute security? No – the bad guys are continually seeking to find new ways of intruding on your privacy. But it is a start. Is this a pain in the neck to do? You bet. But losing your assets or personal identity is a bigger pain.

For more information about SIM Associates, please visit You can access this blog directly from there, as well as directly at

Friday, February 3, 2012

The Transformational CIO

On January 30, I attended the 2012 CIO Summit of America sponsored by HMG Strategy and the NY Metro chapter of SIM. The focus of the day was on the transformational CIO.

In summary (and there was far too much good information to simply summarize it, but I will try anyhow), several themes resonated throughout the day.

First, it is the role of the CIO to cause transformation of the enterprise through innovation and leadership. Technology is an integral part of business. Technology leaders who are to be successful must move beyond being requirement takers to being innovators at the business level. This requires as a basis excellence in execution – all of the skills that have always been expected of IT teams. While that is necessary, it is no longer sufficient – innovation and leadership at the business level are requirements for future (and indeed current) success!

Second, the cloud is a key component of a CIO’s toolkit. Leveraging both private and public cloud technology can aid the enterprise in excellence, focus and responsiveness. Numerous vendors – both established and new – are providing the tools to foster cloud innovation and implementation.

Third, social media are transforming the way business is conducted – both within the enterprise and in the external space. No longer just an add-on, innovators are building upon the capabilities of social media to foster communication and flatten organizations. Those who have followed my commentary in the past will recognize that the emerging themes for CIO success are what I have been focusing on for some time. CIOs need to lead and engage the business, in addition to performing the traditional functions of application and infrastructure support with excellence. The broadened recognition of this reality will help set expectations, and motivate contributions to business success. Social media and the cloud are important tools in the CIO’s tool kit. They allow new capabilities to be deployed as never before. These tools, combined with the rich set of other tools in the wise CIO’s tool kit, enable success in new and exciting ways.

This posting represents my first of my newly inaugurated blog. Your comments, reactions and contributions are welcome, and I hope this becomes a useful forum for sharing and exchanging ideas.

What do you think?