The one scenario where a commitment to greatness can hurt an organization has to do with regulatory projects. The FUD (Fear, Uncertainty & Doubt) factor associated with Y2K, Sarbanes-Oxley & HIPAA generated obscene amounts of effort and money to be squandered on projects that at best were gold-plating and at worst created critical opportunity costs for strategic (albeit discretionary) spending. While we hope that management teams learn from their mistakes, it won’t be long before some new regulation emerges that restarts this process.
This is an opportunity for project management to evolve beyond its traditional role of planning and executing projects to ask the important question “Are we doing the right thing?”.
The project manager can first confirm that their organization has a defined policy for the regulations. I’ve witnessed some compliance projects whose scope was purely defined by a third-party consultant – this is akin to the fox guarding the hen house! If your organization has not established a documented stance for compliance with a particular regulation, the project manager should push for that.
Once an organization policy is in place, the project manager can facilitate the discussion between the compliance champions (who might be inclined to do too much) and business stakeholders (who might be inclined to cut corners) to forge a scope for the project that everyone can live with.
At the portfolio level, it can become difficult to prioritize individual non-discretionary projects against the discretionary, strategic ones. Depending on who has more influence, either the non-discretionary projects will get higher scores, or the discretionary ones will. A better approach is to not try to prioritize these two different sets of projects against each other individually, but rather to focus on defining what percentage of financial or resource capacity will be allocated to each in aggregate. Once that has been defined, it can then be left to the appropriate governance committees to decide how this allotted funding will be spent for individual initiatives.
Regulatory and other compliance projects are hygiene factors - your organization won’t succeed through over-investment in these projects as your clients and regulatory bodies expect that you will be compliant. Project management can play a key role in helping the organization strike the “good enough” balance between catastrophic risk and gold-plating.
Don't forget to leave your comments below