• Technology
  • CFO Research Services

Risk Denial from the Top?

Companies overlook and undermanage the business risks of IT project and service delivery.

Senior finance executives affirm that information technology — computer hardware, software, systems, applications, networks, and other related services — plays a central role in executing business strategy. But it is as much the implementation of technology — the delivery of the right solution tailored to a business problem and aligned with business strategy — as the core technology itself that delivers real value to companies.

That is one major finding of a study, conducted by CFO Research Services in the summer of 2005, to explore executives’ views on the business risk posed by complex IT systems and services delivery. Through an email survey, we gathered more than 200 respondents, 52 percent of which were from $1 billion+ companies. The respondents cover a broad cross-section of the U.S. economy, with strong representation from the manufacturing, financial services, energy, and business/professional services industries.

Other findings:

IT is vital, but poor implementation kills value. More than 40 percent of respondents say that their IT systems are “fundamental strategic assets that enable our company to compete,” while another 32 percent describe IT’s role as the “operational backbone” of their companies. While this role for technology comes as little surprise, 65 percent of survey respondents say that their companies adopt technology only at about the same rate as their peers, and another 14 percent say they lag behind their peers in adopting new technology. So while IT has a central role, few companies — only one in five — lead the way and adopt new, leading-edge technology ahead of others.

We infer from this that the well-established, strategic role of IT grows as much from how companies adopt, implement, and retire technology as from a commitment to adopting leading-edge systems. The logical question is: if successful implementation of technology — on time, on budget, to specification — is the key to deriving value from
IT investments, when do companies succeed and when do they fail in delivering IT projects?

To explore this question, we queried senior finance executives on their perceptions of the performance and business risk of their companies’ IT project and service delivery. We defined business risk broadly to include risk to operating performance, financial performance, regulatory compliance, and competitive strategy, as well as customary IT risk categories such as system security, privacy, technical failure, and cost overruns.

Risk and performance vary though the IT delivery process. Respondents report their best performance in the early stages of IT project delivery, when they articulate business problems, specify solutions, and build business cases for investment. Their performance drops, they report, when selecting implementation partners, installing technology, managing process change, and measuring the results of their investments. On the risk side, respondents see greatest risk to business performance in articulating the business problem, selecting implementation partners, delivering the project, and managing the organizational and process changes required to get sustained value out of new systems.

After comparing high-risk elements of IT project and service delivery with performance in these same categories, it is clear that companies do not perform especially well in the following high-risk categories:


Your email address will not be published. Required fields are marked *