Achieving rapid technology transformations is increasingly vital to lasting business success. But as methods evolve, pitfalls are multiplying. Audit teams have a vital role to play in anticipating and avoiding problems.
Making fundamental changes to the way a business operates, through IT transformation, is essential for continued success. But it’s not without risk.
If you asked a room of internal auditors whether they had experienced an IT project or programme failure in the course of their career, it’s likely they would all say yes.
They would probably also highlight the same key reasons for that project failure.
1. Leadership and governance
Lack of leadership and governance is often the number one reason why programmes fail. It seems obvious, but if the person at the top isn’t completely brought in to the programme, then the chances of success are slim. That ambivalence, or lack of explicit commitment, will be mirrored throughout the organisation.
Who is the ultimate sponsor of the project, and are they involved and committed enough? Has the project got buy-in from the top? Is there accountability for measurable results?
Even if there is a clear sponsor, unless they continue to drive the project on a regular basis, it’s going to be a hard-fought battle
2. Strategic alignment and business case
In our changing world often the business rationale might change halfway through a project, but does the project keep up? Are the business benefits and ownership clear in the first place? Does it still match the strategy?
3. Change management
The business case for transformation can be crystal clear, but the rationale might not have been cascaded down the company.
A lack of continuous collaboration, the case for change not having been communicated, or inadequate stakeholder management can all be reasons why projects fail. If stakeholders don’t feel part of the project, their resistance to change can seriously undermine it.
4. Poor delivery
There can be many elements that contribute to the poor delivery of a project. Some of the more common include a lack of universally understood methodology (especially when new methods are introduced e.g. Agile) or appropriate tools, unrealistic time expectations and lack of appropriate skills or capability.
5. Legacy estate
The lack of understanding of the current IT architecture often contributes to delays and failure. Has the way things are currently run been accurately documented? The gap between what’s there and what’s coming, including a lack of focus on integration design, can cause a project to run into trouble.
Internal auditors have a key role in anticipating project programme failure and taking steps to mitigate the risks.
Increasingly, auditors are assembling strategic change audit teams who are building up expertise in these areas. Those teams go in early to probe the areas where projects typically fail.
They continue to visit the project to make sure that the right governance is still being applied.
This type of continuous assurance - where the audit function is aligned and partially working alongside the programme, holding them to account as they go - helps avoid some of the risks of project failure and shows how auditors can add value to a project.
There are certain things auditors need to carry out this function effectively:
Ultimately, the IT transformation programme is like a marathon – getting a great end result is not going to happen quickly.
© 2020 KPMG LLP a UK limited liability partnership and a member firm of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.
For more detail about the structure of the KPMG global organisation please visit https://home.kpmg/governance.