Capital planning and investment control (CPIC) is a body of
practices and procedures for managing the entire set of a
government
agencys information technology (IT) resources as
if it were a financial portfolio. It is a decision-making framework
for aligning investments with the agency mission; for selecting
investments
that are in the best interests of the agency as a whole; and for
identifying,managing, and mitigating risks that sometimes cause
projects
to fail. CPIC establishes a mindset of strategic thinking and
stewardship
that over time becomes part of an agencys organizational
culture.The
ultimate objective of the CPIC process is to ensure maximum return
on
IT investment.This article describes the historical need for
implementing
a CPIC process in the federal government, identifies the key
elements
of an effective CPIC process, and suggests ways to improve the
efficiency
and effectiveness of an existing CPIC process.
Mandate for Strategic Management
When Congress enacted the Clinger-Cohen Act of 1996, it was
reacting
to a tendency by some federal agencies to overreach in their use
of IT, engaging in large, complex, expensive projects.After a
series of highly
visible project failures,Congress determined that federal agencies
needed
to adopt investment management principles to approve and manage
IT initiatives.Clinger-Cohen mandated that agency heads and senior
lead-ership become more involved in investment decision making,
that agencies better align IT investments with
strategic goals, and that day-to-day management of IT resources
be improved through the sound principles and
techniques of investment management.
Over the past decade, the U.S.Office ofManagement
and Budget (OMB) and the federal Chief Information Officers
(CIO) Council have worked to endorse and communicate
Clinger-Cohen principles and educate agencies
in their application,but results have been mixed.Some
agencies have made substantial progress in improving their
IT investment management practices and fully utilizing
IT as a business enabler, but many have not. In 2004, the
U.S. Government Accountability Office (GAO) determined
that many agencies remain in the early stages of
retooling IT management, still working to establish basic
processes for making IT funding decisions.
Although compliance with federal laws and regulations
is important, the more compelling reason for taking
IT capital planning seriously is that an effective process
can significantly increase IT return on investment. Given
the fiscal constraints within which most federal programs
must operate, the potential to achieve dramatic improvements
in program effectiveness and efficiency
through the innovative use of IT should rank at the top
of any managers list of priorities.
To ask what is wrong with how IT resources are being
managed today suggests, perhaps unfairly, that agency
officials, CIOs, and IT managers are not doing a good
joba view with which they would strongly disagree. In
some cases, individual performance is indeed an issue.
However, the reform target of Clinger-Cohen is not simply
the technical or tactical management of agency IT resources.
Rather, it is the adoption of a global, strategic approach
for deciding how to optimally deploy those
resources throughout a department or agency, ensure that
agency strategic priorities drive IT decisions and associated
resource allocations, better manage and mitigate IT
risk, and treat the entire set of investments (existing
applications,
infrastructure, and proposed new opportunities)
as an investment portfolio. In this regard,many federal
agencies have not fully adopted and implemented effective
investment management principles and practices.
CPIC Organizational Structure
Most agencies have a senior management committee
responsible for overseeing all policy, operational, and
administrative operations; CPIC is most effective when
it is tightly integrated at this level of the organization. Senior
leadership should establish an IT investment review
board (ITIRB) and charter it to provide CPIC oversight.
The ITIRB serves as the CPIC decision-making body,
setting portfolio goals and objectives and determining its
composition.The ITIRB should be chaired by a program
manager and must include the CIO as a member.
Key Process Elements
CPIC requires that certain elements be in place within
the agency. An effective framework consists of eight
critical elements necessary to ensure that the organization
achieves the most benefit from IT investments, as depicted
in Figure 1.agency; and ensure that IT risk is minimized and
benefits
are maximized.
Involvement in the CPIC process is a part-time job
for most participants.The processes must be efficient to
minimize the drain on participants time. Some parties,
however, have to spend considerable time preparing information,
interacting with committees, and collaborating
to ensure that IT decisions are in the best interests of
the agency.
The U.S.Department of Health and Human Services,
for example, implemented a robust selection and evaluation
process that involved leadership at the highest department
level.The process was tied to the budget cycle
and included reviews of major IT investments throughout
the departments various agencies.The reviews focused
primarily on risk, compliance with the departments enterprise
architecture (EA), and project management.
Change Agency Culture
For many agencies, the greatest obstacles to CPIC success
are apathy and resistance. Senior executives often are
fully occupied by program responsibilities and have difficulty
finding time for CPIC meetings in their overcrowded
schedules.Yet the agency head and other senior executives
must set the tone by expressing commitment to IT
investment management and making time to attend meetings,
assign staff members to work on CPIC committees,
and show support.
Program involvement is needed to create anefficient
markets environment within the agency,where the programs
use a rational method to select and approve investments
in the best interest of the agency overall. Not
all systems and initiatives can be funded; those that are not
performing well or providing a return on investment
should be discontinued so that the funding can be reprogrammed
to other more beneficial investments.
Culture change is also necessary to end the practice
of having individual divisions, rather than an ITIRB, justify
and fund systems,which division-level staff members
or contractors then develop.Although this parochial practice
is often expedient and serves individual program interests,
it can create agency-wide inefficiencies and IT gaps,
resulting in systems that are redundant or overlap, dont
exchange data with one another, and dont align with the
agencys mission, goals, and priorities.
Convincing programs that have been making IT decisions
autonomously to now participate in an agencywide
processand convincing senior leadership to be involved
is a major hurdle.Auditing the current organizational
culture, identifying areas of apathy and resistance,
and convincing key players that a robust investment management
framework is critical in maximizing IT return
on investment will improve CPIC effectiveness.
Lisa Schlosser is a prime example of a CIO who
changed the culture of the organization.As the CIO at the
U.S. Department of Housing and Urban Development
(HUD),Lisa understood the importance of developing an
IT strategy that explicitly supports the organizations mission
and fills a specific business gap or need.To this end,
she focused on solving particular business problems at HUD.
For example, she improved access to data in support of Section
8 housing, cutting improper payments by over 57 percent
and reducing processing costs. She also outsourced
HUDs back-end IT systems as part of an effort to increase
overall IT efficiency and performance.
Create Inventory
Evaluating how well an agency has invested in IT over
the years requires an accurate inventory of all IT assets.
In many cases, an inventory has already been maintained
in accordance with OMB requirements. Having a comprehensive
inventory enables the agency to
determine the size, scope, and dollar value of its it
investment portfolio;
develop or update its EA;
decide how to structure its it portfolio; and
analyze the portfolio to assess its performance and
identify opportunities for improvement.
EA analysis examines agency goals and objectives,
processes, information needs, existing applications systems,
and infrastructure and projects and how these factors need
to change to align with strategic priorities.The analysis
assesses the gap between present and future states, and it
develops a transition plan.Portfolio analysis techniques pose
questions about the IT asset mix to uncover a host of performance
issues, such as redundancy, overlap, data interchange
deficiencies, and gaps marking insufficient use of
IT resources.Portfolio analysis can lead to interesting findings.
For instance, the U.S.General ServicesAdministration
(GSA) used portfolio analysis to identify potential redundancies
across its service areas.GSA also analyzed its
portfolio and found that, like many agencies, its single
biggest category of technology expenditure was devoted
to internal administrative support systems.Change IT Culture
In addition to changing the agency mindset on how
IT decisions are made, agencies must change the attitudes
and perspectives of those serving in their IT organizations.
IT personnel must play a key role in developing business
cases,obtaining approvals, and acquiring funding for new
initiatives. Instead of seeing themselves as technically oriented
project teams, IT groups must more fully embrace
responsibility for investments throughout the investment
life cycle if they are to be able to accurately estimate costs,
benefits, and risks.Within the CPIC framework, project
teams must also coordinate with enterprise architects and
security administrators more than they have in the past.
Develop Enterprise Architecture
Relying on an EA oriented toward agency programs
enables an agency to fully depict how IT supports its needs
today and how it will do so in the future. IT investment
decisions can then be made globally rather than parochially
within the agency.
Improve IT Asset Performance
IT asset performance is a central CPIC tenet because
the objective is to use agencies limited resources to provide
maximum return on investment. Business cases are
the vehicle for capturing and communicating IT asset performance
and include content such as (1) estimated return
on investment forecasts in both qualitative terms, such
as outcomes and outputs, and quantitative terms, captured
through rigorous cost-benefit analysis; (2) alternative approaches
to achieving the outcomes; and (3) detailed risk
analysis.This information enables decision makers to weigh
the risk and return of proposed investments.Agencies also
use CPIC to strengthen the quality of IT cost and schedule
estimates through the use of practices such as the earned
value management method and independent validation
of IT estimates.
Improve IT Development Performance
As noted earlier, IT groups must view themselves as
investment management teams rather than units that develop
systems and turn them over to anoperations group.
In addition to performing technical tasks, these teams must
be proficient in developing business cases, including a lifecycle
spending plan covering both development and operational
phases, an alternatives and cost-benefit analysis,
a risk management plan, a security management plan, and
a detailed work breakdown structure with accurate cost
and schedule estimates. Once a project is approved, the
team must regularly report cost and schedule performance
and aggressively monitor potential risks.
Most IT project teams are not accustomed to participating
in CPIC activities and tend to see them as bureaucratic.
Their performance also becomes more visible,
creating additional pressure to perform, so they must also
be more alert to potential risks and mitigation strategies.
Manage Portfolio Performance
The preceding seven elements set the stage for the
aggressive management of individual investments and the
portfolio as a whole.Agencies that employ these elements
will be equipped to engage in portfolio planning, selection,
control, and evaluation activities.
Improving Existing CPIC Process
Most agencies have implemented CPIC and are looking
for improvement ideas.One approach is to conduct
a CPIC audit (seeTable 1).The results can then be used
to change and improve in-place CPIC processes.
Typical problems uncovered during an audit include
lack of user involvement, lack of an agencywide perspective
for using IT resources, a fragmented IT budget, dependence
on program sponsors to identify and advocate for
new or upgraded IT systems, and lack of early IT involvement
in agency planning processes.Also, IT project
teams have typically emphasized the actual development
of IT systems rather than the planning and management
of the system throughout its life cycle.
Conclusion
An effective CPIC process is not easy to adopt or implement,
but it provides a valuable strategic framework
for rationally planning, selecting, managing, controlling,
and evaluating investments.Changing the way that IT resources
are planned, allocated, and managed is not an easy
undertaking.Maximizing IT return on investment requires
new approaches toand new ways of thinking about
designing and managing assets,determining priorities, setting
strategies, and allocating constrained resources.