SmartAdvice: Unified Management Is Next For Security

Question B: How could the Project Management Institute help us effectively manage real-life IT projects to ensure success?

Our advice: It's widely known among software developers that only 15% to 25% of all projects can be considered genuine successes. The rest are either canceled outright or are significantly "challenged"--i.e., they're late, over budget, or deliver substantially less functionality than originally envisioned. As many executives have found to their dismay, designing and developing software is a complex and risky endeavor. In the 1990s, management started looking for ways to mitigate the risks. Many organizations started deploying Project Management Institute, Six Sigma, and Capability Maturity Model methodologies in combination or individually to stem the tide of project failures.

PMI is a professional organization that promotes the use of formal project management life-cycle methodologies and frameworks. Although it grew out of the construction industry in the 1960s, in recent years many companies have applied the techniques for managing different types of projects, ranging from software implementations to health-care initiatives. The Project Management Body of Knowledge (PMBOK) , is the PMI bible of best practices.

After studying project-management methodology and PMBOK, you might feel that you need to use full-blown PMI techniques for every project. In theory, the PMI process is quite elegant, and seems to be the answer to solving messy real-life projects. Everything has a neat place within the framework. In reality, the PMI methodology is a guideline to help organize and manage a project, not cast in concrete. An over-reliance on following the PMI book often can lead to inflexible and overly bureaucratic project management.

In practice, real projects are messy and unpredictable, with overlapping phases. Often you will find yourself planning one phase of the project while executing another that, in turn, has unanticipated adverse effects on the first one. Management might be interested in sacrificing quality to achieve a faster time to market, while the project team wants to deliver a working system. Project management tools can be useful for building consensus or at least reaching a satisfactory compromise for all parties. Never lose sight that the reason to use project-management tools is to help you get the job done, not to demonstrate your ability to use PM methodologies. Using "PMI light" is entirely appropriate in many situations. You should use the components that work in your circumstances, and apply them without worrying that you need to use the entire PMI arsenal for every project.

It's important to be familiar with the complete PMI framework and methodology, because the PMI system has many merits. It has been used for thousands of projects in a broad range of industries, but be aware of the limitations of applying the PMI system to the organization and project you're managing. If you're judicious about picking the components that make sense for your project needs, you can strike the correct balance between project management overkill and neglect.

-- Beth Cohen and Sue-Rae Rosenfeld

Richard Feingold, TAC Expert, has more than 30 years of IT experience, with the last 15 years specializing in information security. He is an expert in aligning information-security programs and solutions to business processes and requirements. Special strengths include information-security risk management; secure network architectures; policies and procedures; audit and regulatory compliance; efficient, customer-focused operations; and aligning with industry best and prevailing practices.

Beth Cohen, TAC Thought Leader, has more than 20 years of experience building strong IT-delivery organizations from user and vendor perspectives. Having worked as a technologist for BBN, the company that literally invented the Internet, she not only knows where technology is today but where it's heading in the future.

Sue-Rae Rosenfeld, TAC Expert, has more than 20 years experience as an IT project manager and business analyst, primarily in the financial industry. She has special expertise in data analysis, data modeling, and converting systems into new platforms, including mainframe to Internet and intranet server environments. In addition, she trains IT professionals in project management fundamentals and PMP exam prep. She is an active member and volunteer for the PMI New York City chapter.