Skip to main content

Projectmanagement: had het (niet) beter gekund?

Vaak begint het met een wens, een verlangen om verandering aan te brengen in de status quo, veelal versterkt door een interne of externe behoefte of (wettelijke) noodzaak: een project is geboren. Zo ook in dit geval, enige tijd terug. Het vuurtje wordt aangewakkerd door mijn opdrachtgever met de woorden: ‘Zouden we de zolder niet eens aanpakken?’ Voordat ik er erg in heb, wordt een nieuw project gestart met een vaag beeld van het eindresultaat. Een formele businesscase is niet nodig, de keuze om te gaan verbouwen is immers gemaakt, maar wel moet het budget verdeeld worden over de verschillende posten. Niet gehinderd door kennis en ervaring ga ik deze uitdaging uiteraard aan en stort me op de ontwerpfase onder het motto: ‘Zo moeilijk kan het toch niet zijn?’

Al snel loop ik tegen de (geplande) muur en moet ik hulp accepteren van een architect, die in een mum van tijd met een grove schets de beslissing in de ‘stuurgroep’ forceert. Toch fijn dat er mensen zijn die veel weten van bepaalde zaken, al is alle waar naar zijn geld. Dat is eigenlijk een rode draad in dit project, maar een les die ik maar moeizaam leer. Van het controleren van de offerte van de aannemer tot de inspectie bij oplevering, ik pak het graag (zelf) op. Ook in de uitvoering pak ik de handschoen zelf op en zo nu en dan galmt de beroemde frase van een Nederlandse cabaretier door mijn hoofd: ‘een kniesoor die daarop let’. Een kniesoor, in de vorm van een projectreviewer, had mij wellicht op de noodzaak van projectdocumentatie gewezen. En dat had ongetwijfeld ellende gescheeld bij het boren van gaten in de nieuwe muren (‘Waar liep die elektra ook alweer?’).

Met de hete adem van mijn opdrachtgever in de nek is het zolderproject toch een succes geworden. Wel een beetje duurder dan gepland. En het heeft ook wat meer tijd gekost. En de kwaliteit? Die hadden we gelukkig niet bepaald vooraf. Af is af. Toch?

Dat projecten buiten de privésfeer ook niet altijd vlekkeloos verlopen blijkt helaas in de dagelijkse praktijk. Van systeemimplementaties tot grote veranderprogramma’s, we blijven tegen situaties aanlopen van ‘hoe het niet had gemoeten’. Gelukkig gaan ook een hoop projecten redelijk goed en worden veel projecten als succesvol bestempeld, al krijgen die gemiddeld genomen een stuk minder aandacht.

De vraag die ons bezig blijft houden is of de uitvoering van een project niet wat beter had gekund. Hadden we niet eerder moeten escaleren en de stekker eruit moeten trekken, hoe moeilijk dat ook is? Projectmanagers, zowel in de zakelijke sfeer als in de thuissituatie, zijn wellicht van nature niet geneigd om op te geven. Een project dat gestopt is kan als persoonlijk falen worden gezien. Het is daarom van belang dat we helpen om projecten te voorzien van alle tools en middelen, zodat het ook daadwerkelijk beter kan.

En had het, achteraf bekeken, beter gekund? Ongetwijfeld, maar laten we ook tevreden zijn met wat, gegeven de omstandigheden, niet beter kon.

Pieter de Meijer

Digitalization and beyond: everything revolves around the pace of change

Digitalization refers to “the adoption or increase in use of digital or computer technology by an organization, industry, country, etc.” (The Oxford English Dictionary)

During the past decades there have been various breakpoints in technological developments that we now already indicate as eras: the PC era, the Internet era and the smartphone era. And the developments continue, before too long we will start talking about the next era, perhaps the ‘nano era’ or the ‘data-analytics era’ or, as it now appears, the ‘wearables era’. What will our world look like in 10, 20 or 30 years from now as a result of these technological developments?

People, organizations, industries and our global society continue to change with the introduction of new technologies. Almost every business model is currently ‘hacked’ by technological developments. Look for instance at the redundancies announced in the financial sector, the recent bankruptcies of large retailers such as V&D and Macintosh, the many vacant offices and the empty premises in shopping streets.

The future of individual organizations stands or falls with the manner in which the organizations implement their (digital) strategy, everything revolves around the pace of change. Managers, directors and supervisory directors know how essential ‘technology success’ is for the future of their organization. There is much attention among directors and supervisory directors for Good Governance. It is incomprehensible that there is still so little attention for Technology Governance. It is time to think about the most important technological developments in the coming decades. After all, successfully applying and monitoring the correct technologies determines the success and thereby the future.

How do managers, directors and supervisory directors keep their eyes open for the future? To do this they must be able to shake off their daily environment and develop a deeper understanding of how technology and other megatrends are changing the world. They will also have to have a basic insight into the technological possibilities and the manner in which these can be implemented: what does the theory say, how do you apply it, what do the specialists say about it, how do other organizations deal with it, what are their experiences, what can we learn from each other?

Changes within existing organizations take place gradually. Even though the engineer in me says that we should apply as much technology as fast as possible in the organization, the social scientist in me feels that it is better to follow the pace of the people in the environment in which they want to work and live. In my opinion, during the implementation of new technology we often put too much emphasis on the implementation itself. It is not only about implementing, it is also about acceptance and adoption. It is noticeable that successful technology companies pay a great deal of attention to this aspect. From this vision the acceptance and adoption and thereby the pace of change will indeed be much greater.

Project success or failure, in particular failed IT projects, receive a great deal of attention in the press. The impression is thereby created that we do not know how to make a success of projects, but nothing is further from the truth. The necessary instruments are available and are applied in the field by many organizations.

Everyone knows the saying ‘trust is good but control is better’. Experience shows that trust in one’s own capability and cooperation are important preconditions for successful change. But indeed, the organization is really strengthened when this is combined with the correct level of control. It is time that management and supervisory directors also realise this for themselves and demonstrate this during the assignment definition and organization of projects.

I am convinced that the speed and result of large technology projects is a choice. It obviously places demands on the attitude and professionalism of the entire organization but also on Good Governance. It is now time to include Technology Governance as an actual component of this Good Governance. Because if organizations are prepared to really go for success, then they are also successful. This is proved in practice.

Hans Donkers

Technologische ontwikkelingen in de auditwereld

In de auditwereld komen momenteel enkele ontwikkelingen samen die elkaar blijken te versterken en zo een flinke uitdaging vormen voor de gevestigde orde. De behoefte aan assurance & audit neemt maatschappelijk nog steeds toe, mede gedreven door snelle economische en technologische veranderingen en de toename van het aantal (cyber)incidenten. Het feit dat niet overal direct oplossingen voor beschikbaar zijn, leidt tot onzekerheid bij veel belanghebbenden.

Enkele belangrijke technologische ontwikkelingen die wij in de auditwereld zien zijn de volgende:

  • Transparantie

    Het maatschappelijk verkeer vraagt om (veel) meer transparantie. Een voorbeeld hiervan is de nieuwe controleverklaring. De verklaring biedt meer inzicht in wat je als gebruiker van de jaarrekening aan de accountant hebt en op die wijze draagt ze positief bij aan de besluitvorming door de gebruiker van de jaarrekening. Ook IT is een van de kernpunten die in deze verklaring genoemd wordt als het gaat om de betrouwbaarheid en continuïteit van de gegevensverwerking. Er is een begin gemaakt, maar dit moet zich verder ontwikkelen, waarbij de IT-auditor zijn of haar inbreng zal hebben.
  • Data Driven Dynamic Audit

    Data zijn de backbone van jaarrekeningcontroles. Een Data Driven Dynamic Audit kan waardevolle inzichten bieden voor de gecontroleerde organisaties, zoals: zijn de process controls effectief en werken deze?
  • IT in de jaarrekeningcontrole

    De druk op accountantskantoren om de kwaliteit van de controle te verhogen neemt toe. De kwaliteit verhogen kan onder meer door inzet van IT in de audit. Organisaties zullen hierdoor merken dat de accountant meer en meer gebruik zal maken van de data van de organisatie zelf.

    Nog interessanter is het toepassen van predictive modeling, inclusief regression analysis in het kader van de jaarrekeningcontrole. Ook hier spelen de data een centrale rol.
  • Cyber in de audit

    Ook bij de ontwikkelingen in de cyberwereld zien wij de accountant hier in toenemende mate aandacht aan besteedt. De dreigingen die zich kunnen voordoen zijn van alledag en de media staan vol met incidenten die zich hebben voorgedaan. Dit betekent dat hier in de jaarrekeningcontrole ook aandacht aan dient te worden besteed. Een webwinkel controleren zonder naar de cyberrisico’s te kijken is ondenkbaar.

    Ook ontwikkelingen op het gebied van het Internet of Things vragen om een IT-auditor die de betrouwbaarheid en beveiliging van industriële systemen kan controleren.

Dit zijn zeker niet de enige technologische ontwikkelingen die de auditwereld beïnvloeden. En er zullen de komende tijd ongetwijfeld weer de nodige incidenten rondom technologie in de pers komen. Om de eerder genoemde onzekerheid bij belanghebbenden enigszins weg te nemen, zal in veel gevallen een concrete visie, een oordeel of een second opinion van auditors worden gevraagd. Een essentiële stap in de ontwikkeling van het auditorsvak. Bent u in staat de gevraagde toegevoegde waarde te bieden? Of moet ik vragen: wie wel?

Brigitte Beugelaar

IT governance and internal control continue to evolve

IT governance remains a complex but critical element for gaining the maximum value from IT. We see developments in the area of IT on a daily basis. How different our lives are nowadays from 10 years ago, when we were introduced to Facebook and Gmail. Today, we use our BYOD tablet to download our documents from the cloud. The next generation will not need to be a technician or programmer to transform data into useful information. Information is ‘at hand’ and can (almost regardless of the amount of data) be analyzed on the basis of personalized, custom views. This change in paradigm is also happening in the workplace, where end-users play a key role in gaining maximum value from IT. New in-memory processing tools and reporting apps provide the business with new possibilities to process data based on these personalized, custom views.

New technological developments have implications for the structure of the IT organization. IT is no longer just the exclusive domain of the IT department. The current traditional demand-supply model seems to have come to the end of its lifecycle. Not only the IT organization, but also the board of directors and the supervisory board are searching for answers to questions about such changes in the area of IT. Not only do they have to adapt current strategies and operating models, but they are also being confronted by new IT risks.

The internal control of IT risks is an important part of IT governance. Within organizations, emerging IT and IT risks and reducing the cost-of-control (amongst others) drive the need for a higher level of assurance with regard to the internal control of IT risks. Data analysis and soft controls are often mentioned as new technologies to help organizations gain more assurance. Although these techniques are not new, there are still plenty of ongoing developments to further integrate these techniques into audits and process improvement projects. The new insights obtained by means of these techniques are helping organizations to improve, but unidentified IT risks will always pop up of course. Issues that appear to be insignificant can be assessed more accurately using data analysis and/or soft controls.

On the one hand, we see daily developments in the area of IT and, on the other, we have the need for more assurance regarding internal control. It is obvious to make a connection to IT developments in the area of internal control. When using GRC tooling, information is at hand, and can be analyzed by the user by means of personal dashboards. This shift from the audit and risk specialists to the end users is now in progress, allowing end-users to gain insight into the relevant IT risks. There lies a great future ahead, but we are not there yet. Where will we be next year? Who can tell? Let’s start to continue to closely follow the fantastic, daily developments in the area of IT!

Sander Kuilman

The art of Agile: trust

I started my career over seventeen years ago with beautiful waterfalls. In the area in which I worked it was all about batch processes around payments and Cobol mainframes. Every project began with a definition study, followed by high-level and detailed design, and ended up with almost pseudo code before the first line was encoded. When I ‘filed’ the high-level design, I had to answer eighty questions from the architects – in writing, that is.

How different is my work nowadays. I often find myself at the birth of the development process of online real-time (!) internet applications, where I prefer to commence with visualization in a prototype, above a thick paper stack of definition studies and where dealing with change and the involvement of stakeholders (preferably the real users!) form the main challenges.

We see that the role of technology in society is changing rapidly. The adoption of new technology is being increasingly impelled by the consumers themselves. Organizations are struggling to meet growing expectations. In addition, new technology is providing opportunities for new service concepts. Many organizations are currently asking themselves how they can innovate and connect to the expectations of the target audience, how they can reduce time-to-market and realize user engagement.

By adopting Agile methods and applying creative techniques, it is possible to quickly reach a working solution that meets the expectations of the customers while keeping the user engaged. Most importantly, creativity is maintained.

Is Agile the solution to all problems in IT projects? No, it is not. It is important that conditions are right. In this regard, trust is one of the most important aspects. There must be trust in the management team, trust between team members, and trust between the client and the supplier. The latter in particular appears to be difficult. The contracts are often suffocating. With the latest news about IT vendors in the government sector, where suppliers mainly pursue their own commercial interests and do not attempt to realize the best results for the client, trust seems further away than ever.

Agile requires a cultural turnaround to embrace change, but it requires above all the relinquishment of a political agenda, commercial targets, personal gain and position.

If we jointly strive to make things better, Agile can make the essential difference.

Let’s start! One step at a time.

Liesbeth Westenberg

Hoe haal je meer waarde uit data?

Ieder jaar als de winter op zijn einde loopt kan ik verheugend uitkijken naar de lente die zijn intrede doet. Schijnbaar vanuit het niets schieten jonge planten uit de grond, bomen lopen weer uit in veelkleurige bloesem en het wordt hoog tijd om de messen van de grasmaaier te slijpen. Onvoorstelbaar hoe vanuit een klein zaadje uiteindelijk iets groeit waar je, na een flinke dosis geduld, de vruchten van kunt plukken. Om uiteindelijk de opbrengst zo hoog mogelijk te krijgen kun je echter niet met geduld alleen volstaan. Het begint al met het selecteren van het juiste zaad, waarna het bemesten kan beginnen. Ongedierte wordt bestreden om het gewas zuiver te houden en tussentijds moet het snoeimes erin zodat we door de bomen het bos blijven zien. En niet geheel onbelangrijk moeten de armen uit de mouwen om op het juiste moment de oogst binnen te halen. Intrigerend vind ik het dat, van wat ik in het klein doe, er in Nederland hightechbedrijven zijn die zijn uitgegroeid tot wereldleiders in bijvoorbeeld de zaadveredeling of biologische bestrijding.

Wat kunnen we van dit natuurlijke proces leren wanneer we onze blik richten op de vraag hoe je meer waarde uit data haalt? De laatste decennia heeft data bij diverse organisaties iets weg van woekerende gewassen. Het is inmiddels niet meer de vraag of we in staat zijn om operationele processen en gegevens te vangen in een geautomatiseerd systeem, maar de vraag verschuift naar wie in staat zijn om de juiste conclusies te trekken uit die brei van data. Conclusies die bijdragen aan het verlagen van de kosten, het tegengaan van risico’s en het laten groeien van de organisatie. De trend van Big Data speelt hier uiteraard op in, waarbij het landschap niet altijd bestaat uit een keurige, strakke akker met dezelfde gewassen, maar vaak uit een weelderige jungle die barst van de diversiteit.

Om waarde uit data te halen zullen organisaties ook na moeten denken over de kwaliteit van de data. Wanneer het zaad ongesorteerd op een hoop ligt, is de kans groot dat planten elkaar verdrukken of het kostbare zonlicht wegnemen (gelukkig heb ik daar in de praktijk keurige zakjes voor waarop een schier utopische afbeelding prijkt van de toekomstige oogst…). Uiteraard is het beschermen van de data, en zeker bij privacygevoelige data, tegen ongedierte van groot belang. Want wat is je conclusie waard als je twijfelt over de kwaliteit, inclusief de integriteit, van de data waarop het gebaseerd is?

De vraag ook is wat we nu al kunnen zaaien om ook op langere termijn te voorzien in de groeiende honger naar informatie? Onze kinderen worden in steeds hogere mate blootgesteld aan enorme hoeveelheden data en informatie die tot ze komt via smartphones, tablets en verschillende media. Ze zijn op deze manier al van nature gewend om data uit diverse bronnen, met name vanuit social media, te combineren en daar iets, voor hen althans, zinnigs van te maken. Het is deze generatie die over niet al te lange tijd zijn intrede doet op de arbeidsmarkt en de wenkbrauwen zal fronsen bij het zien van de ouderwetse automatisering (wat we graag bedekken met de term ‘legacy’) en zich hardop afvraagt waarom er niet gewoon een app is die alles aan elkaar knoopt.

En als we dan ook nog eens met elkaar kunnen zorgen dat we data zo gebruiken dat we de productie van de oogsten vergroten en de beschikbare voedselgrondstoffen efficiënt inzetten, is de cirkel rond. De eerste zaadjes zijn geplant en nu is het tijd om de data op de juiste manier te gaan oogsten. Bereid u voor!

Drs. P.R. de Meijer RE CISSP CISA

Cyber security, an opportunity for executives

Digitization of organizations, cloud computing, cyber security … it is just a small listing of the trends of this moment. The world of IT is changing rapidly. Almost every day we are seeing new innovations, all leading to a world of enormous opportunities. But also to a world with new, emerging threats.

The use of cloud computing, Big Data and mobile devices to further automate and digitize business processes is enabling organizations to create even more value for themselves. The downside of this increasing digitization is that organizations become increasingly dependent on these technologies and that these technologies are vulnerable. The last year, we have seen a big increase in the number of incidents related to the use of these technologies. Recognizing this big increase, organizations can no longer deny the existence of cybercrime. This recognition can also, finally, be found at board level.

I am getting more and more questions from members of the boards of directors of large enterprises on the topic of cyber security. I am very pleased to see that the topic of cyber security is addressed at the right level, and no longer only recognized within the IT function. In my vision, dealing with cyber security only within in the IT function is not the way to go.

In all meetings with executives, they not only show an interest in the ins and outs of cyber security, they are very curious to understand what their role is in this field. For that reason, our publications about cyber security are mainly intended for executives, but alos for CIOs and others working in IT. You can expect more from us on this topic.

John Hermans

Partner

Responsible for KPMG cyber security services

How can we stay relevant?

If I ask you to predict how the deployment of IT within your organization will develop, how far into the future can you look with any certainty?

The question presented above is one of the questions I have posed to a large number of directors, managers and CIOs responsible for IT affairs. It has turned out to be an awkward question for many, and some people even feel a little uncomfortable with the answer that they have to give. A typical response is, “I have a clear picture of what will happen in the coming three to six months, at the most. What will happen after that depends on several factors about which I currently have an insufficient overview.”

Nowadays, we are living in a business environment that is dynamic and global. We are becoming overwhelmed by technological developments, and particularly by the short implementation times of such developments. Financial and business-economic changes are occurring at an increasingly brisk rate. We are also seeing rapid developments that have a great impact on the way we live, in both our personal and professional lives. We easily adopt new personal technology like tablet computers and smart phones but, on the other hand, businesswise we keep struggling.

Three to six months is an incredibly short period to solve the substantial investment issues around IT and its relatively long lifespan. Uncertainty around strategic investment decisions is therefore extremely high. Accordingly, it is not so extraordinary to seek solutions in outsourcing the problem to third parties, perhaps in the cloud, or to apply short-cycle improvement and development methods that enable quick adjustment, such as Lean and Agile. Nevertheless, we must also keep our outlook on the future open: what does the theory recommend? how do you apply it? what do the specialists say about the question? how do other organizations cope with such issues? what are their experiences? what can we learn from one another?

To do this properly, we must avoid focusing too much on the news of the day and not (only) think in terms of existing technology. We must try to shake off our own environment, and nurture our curiosity about how technology and other mega-trends are changing the world across a wide front. And we must continue to ask one central question: how can we stay relevant?

Hans Donkers

Consolidate or Excell

In times of economic crisis, when the focus is primarily on cost reduction measures, it seems only logical that many organizations will tend to postpone investments. However, in some lines of business, such as the automobile industry, the very opposite is taking place. Although this industry – like any other – is feeling the serious consequences of the current economic climate, considerable investments are being made with regard to new technologies.

Over the past few years, this line of industry has continued to invest in efforts to improve the combustion engine and, at the same time, in further innovations in the field of (plug-in) hybrid, full-electric as well as fuel-cell technologies. New brands have emerged, such as Tesla and possibly Google, with full-electric cars, which use greenfield technologies and can exploit alternative sales channels. All this is being done in the firm belief that investments and innovations are necessary in order to be or become relevant, also on a long-term basis.

In drawing this parallel, we do not mean to suggest that organizations should switch over to a new ERP package. We do observe a clear tendency that organizations are very active when it comes to getting more value out of existing ERP systems. The current ERP systems and management environments are being evaluated. In addition, organizations are particularly active when it comes to deciding the ways in which new technologies could and should be fitted in. Cloud solutions in the fields of applications, databases and infrastructures are good examples of relevant new technologies, but developments in the fields of mobility, app markets and in-memory techniques such as HANA likewise play an important part. These new technologies are usually positioned alongside the present ERP systems, making it seem as if the existing and fully developed ERP systems cannot further evolve.

Starting from scratch, as in the case of the Tesla car, may well be the best option, but what should we do with all the previous investments? Here, parallels with recent technological developments in the automobile industry come to the fore. However, these issues cannot simply be resolved with one single response, because technological developments are in full swing and are taking place in quick succession, while at the same time business models of organizations are changing far more rapidly than before.

In our publications we aim to shed more light upon a number of new options in the ERP domain that are either available already or may become so in the future. We are convinced that these new technologies will prove to be of lasting value to organizations: as essential investments to enable more efficient operations on the one hand and – perhaps even more importantly – to ensure greater competitiveness on the other.

Gerben de Roest
Maurice op het Veld

Where are you in your AI journey?

“Where are you in your AI journey?” is a question we often ask our clients, but it is also a question clients regularly ask us, and in my opinion, it is a valid question. AI can bring organizations a lot of opportunities, but to help clients harvest these opportunities in the best way, you need to practice what you preach. Therefore, within KPMG, a lot of AI activities are ongoing, like the introduction of KPMG’s version of OpenAI ChatGPT.

When zooming in on my own work domain (i.e., helping clients implement a future-proof IT application landscape in the finance, SCM and CRM domain), we definitely consider AI a strong enabler for not only optimizing processes, but also, and especially, interpreting data and supporting management in making profound decisions.

However, all propositions we have developed or that are in development, follow a strict approach, and as for every IT-enabled business transformation we start, we consider it of the utmost importance to have a clear set of guiding principles. Within KPMG, we have formulated the following principles regarding the use of AI:

  • Bold ambitions, infinite value: To unlock the full potential of AI, we must commit to ambitious goals, driven by a strategic mindset focused on achieving significant milestones.
  • Tech aids, humans lead: AI should enhance human potential, not replace it.
  • No trust, no progress: In the realm of AI, establishing trust among KPMG employees, customers, and stakeholders is key to making meaningful progress.

Of course there is much more to tell when it comes to these principles, but coming back to the question “Where are you in your AI journey?”, my response is that we are definitely “on the road” and are experiencing and learning which opportunities AI can bring not only us, but also our clients. The set of guiding principles definitely gives me and my colleagues a lot of comfort and guidance, and I would really recommend your organization to formulate your own set of guiding principles regarding AI.

Mark Scheurwater

Director Platforms