Answer all questions completely
No Plagiarism
Cite all resources used and use in-text citations
The PCNet Project (B)
Dynamically Managing Residual
Risk
04/2005
This case was written by Christoph H. Loch, Professor of Technology and Operations Management
It is based on real events, but the names of all companies and participants have been disguised.
Any similarity with existing companies is accidental. The case is intended to be used as a basis for class discussion rather than to illustrate the effective or ineffective handling of an administrative situation.
The unexpected events that worried Jack Muller represented “residual risk”. In a project of
such complexity, no amount of planning can ever anticipate all events, no matter how
thorough; there will always be some events that are not planned for. Therefore, it is key to
build the capability of dealing with residual risk as it comes along.
The direct outcome of the 18 September meeting was a strengthening of the aggregate
oversight body (for the entire merger), not in the sense of it exerting more pressure, but in
terms of adding experience and enhancing its problem-solving and advice-giving capacity.
First, the Integration Management Committee Meeting became the Performance Monitoring
Meeting, with a dedicated manager (who followed up issues), expanded membership to add
relevant areas of expertise, and a more systematic synergy follow up.
The Risk Management Office
At the level of the IT integration, Max Schmeling had already begun to build a structure for
managing residual, unforeseen contingencies during execution. The Risk Management
Office (RMO) was put in place as a complement to the Project Management Office (PMO).
Whereas the PMO followed up on actions and on reporting, the RMO focused on responding
to deviations. It was a central control point to which all teams were required to call in at least
once a day to report on progress and problems that arose.
The RMO achieved two things. First, it represented a problem-solving resource – Metal
Resources Co. had its own technical experts present in this center, plus experts on call from
all technical areas at the main systems vendors (such as HP and IBM for PCs, Cisco for
routers, Microsoft for operating systems, SAP for R3, EDS for the network operation, etc),
and experts in culture and change management were also on call. Thus, when an unforeseen
problem occurred, the center diagnosed it with the team in question and then helped to
mobilize the expertise to bring about, or plan, a solution as quickly as possible. Second, the
rapid information exchange helped to set off alarm bells (early warnings) as well as solution
approaches, across the many parallel teams. As they were working on very similar issues at
multiple sites, a problem occurring at one site might well subsequently occur at one of the
others, and thus the transfer of solutions was efficient. The rapid communication of relevant
warnings from one team to another was dubbed “the hotwire”.
Thus, at each local deployment, a representative of the next local deployment team (in another
state or country) was present so that they could become familiar with the logistical as well as
technical issues. The Latin American deployment went very smoothly as a result of this
approach. Similarly, problems that arose in the application migration to the new platform in
Singapore were subsequently avoided throughout the Southeast Asian region.
Both the PMO and the RMO also attempted to prevent certain risks by enforcing strict
standards (thus reducing the complexity and number of things that could go wrong), such as
all of North America having to move to a single SAP system configuration (there was a
separate central control center for that project alone, which worked with all the organizational
units to produce a common standard that satisfied most of the needs). Many technical and
business software applications were standardized (such as statistical analysis packages,
geological expert systems etc.), which, in turn, reduced the number of different problems that
could occur and facilitated the sharing of solutions across teams.
The activities of the RMO enabled the organization to work with budget and schedule
variances (deviations) in a more sophisticated way, for example, by performing variance
analysis. There was significant overspending in Phase 3, because some work originally
foreseen for Phase 4 was in fact carried out at this point due to small “design changes” or
improvements in protocols and processes as the organization learned during the project. The
activities of the RMO involved providing explanations and documentation for residual risk
and the respective actions required. Thus the organization had a ‘trace’ that offered a
thorough explanation of deviations and an institutionalized effort to learn from such changes.
The following example illustrates the effect of such learning: the early PC deployments took
several man days per person as the migration team was learning and stabilizing the
components of the network, whereas later deployments required only a few hours (a reduction
of 75%) and were much more stable. Overall, the project remained slightly under budget,
although it took 6 months longer than originally planned.
Dealing With Individual Residual Risks
The problem of lost e-mails and corrupted e-mail capabilities had to be attacked at two levels.
The first level was technical: when the lost file incidents were examined, the root problem
turned out to be that Microsoft XP did not have a translator to automatically modify files. In
response, the Microsoft developers made their own in-house translator software available
which systematically eliminated the problems and improved the overall robustness of the
network. Several similar fixes contributed to overall network stabilization. The second
solution level concerned change management processes: over time, the merger team put such
processes in place (“who can change what system features, after discussing it with whom”),
and convinced employees to comply with them, which eliminated incompatibilities introduced
by local changes.
The Sri Lankan government partner eventually came on board, although at its own pace. This
contributed to a six-month delay but did not “stop the show”.
The refining manager who refused the deployment was won over with a combination of carrot
and stick. On the one hand, the IT organization conducted a security audit at his site, which
exposed serious vulnerability to external attacks and other breakdowns. This allowed the
team to show him how badly it might get for him locally (carrot) and make it clear that he
could not be permitted to pose a risk for the rest of the organization (stick).
The cajoling and convincing of the refining plant manager was then generalized to a
standardized, prepared, compelling argument that was used with operating managers who
thought they had no time for off-line activities like IT migration (Exhibit 1). The argument
again combined carrot and stick – on the one hand it explained the benefits to the operating
units themselves and emphasized that they could get help; on the other it threatened them that
their network would no longer be supported if they did not migrate. This standard argument
was, of course, complemented by personal visits and face-to-face explanations.
Overall Project Success
“You guys will have to learn how to walk, whistle and chew gum, all at the same
time.”
Martin Folz, CEO
The ITC organization did learn to “walk, whistle and chew gum at the same time”, as the
CEO demanded. They took the metaphor seriously enough to define it: walking meant to not
disrupt ongoing operations, whistling to lead the project with state-of-the-art methods, and
chewing gum stood for status reviews and dealing with residual risks. At the end, no
unexpected event was serious enough to break the project. The thorough planning, combined
with the flexibility of the RMO and the hotwire, was so powerful that the huge IT merger
became a convincing success. The total IT merger project beat its target by $20 million,
producing $230 million of synergies in the first year, and the PCNet project made a
significant contribution to this overfulfillment (partially driven by an extra $10 million in PC
discounts that came out of the proactive negotiations).
Critical to this success was the support and constancy of purpose of top management: the
CEO listened to the business case and stayed the course. No IT migration budgets were cut,
in spite of the lean economic times, and the project was able to maintain priority and focus.
Exhibit 1
Communication Document for Operating Company Compliance
The PCNet Deployment Consultant team presents……..
The Top Ten List of “Reasons why you should quickly and carefully
decommission your legacy IT environment”
10. Dual environments will make it more difficult to maintain IP compliance, particularly once Microsoft
ceases support of NT 4.0.
9. Dual environments are impacting our networks due to unnecessary traffic from the legacy
infrastructures such as file replication, Exchange Global Catalog replication, SMS inventory and
package traffic, as well as WINS and DNS traffic.
8. Increased vulnerability to security attacks and viruses as vendors start dropping maintenance
support for Win9x, NT4 and W2K, and our internal centralized efforts are no longer funded for
these environments.
7. Increased cost for support as troubleshooting by support staff becomes a lot more complex due to
having to follow separate processes and using different tools in order to support two environments.
Cost also increases due to reduced reliability and increased break/fix calls as hardware has lived
long past its planned life-cycle.
6. Legacy Master Account NT4 and AD domains will be decommissioned, leaving resource domains
with no trusts. The old PC and workstation environments will lose connectivity. There will also be
performance issues as Master Account domain controllers are removed one by one.
5. The decommissioning effort is part of Metal Resources and RBD synergy cost-savings and the
realization of these savings now becomes our responsibility.
4. The business case for the synergies will be compromised by having to support dual
infrastructures.
3. Manpower can be redirected towards strategic projects once deployment and decommissioning
efforts are completed (and we can take our vacations now!).
2. Old computing standards monthly costs will be increased by x2, x4 and x6 the longer you keep
your old hardware. Costs to maintain old infrastructure will be divided by the number of remaining
old standard users.
And the #1 Reason is …
1. The old desktop has been declared “non-standard”. Yes, it is true. The sun has set on the old
standard, with the IT design team only providing Anti-Virus updates and major security patches.
Having old standard machines at your site makes your site “Non-Standard”.
—————————————————————————————————————————————-
Here are three documents to help you in your efforts to decommission:
Decommission Legacy Systems Guide
Decommissioning Server Assets
Decommissioning Workstation Assets
*** If the thought of pulling the plug on your favorite Compaq Proliant server is giving you nightmares
and sleepless nights, then please email me back about getting the PCNet Deployment Consultant
team to offer decommissioning consulting services at your site.
31
“The PCNet Project (B) Dynamically Managing Residual Risk.” Loch, Christoph. Case No.
5272b. Published 04/2005, INSEAD, (6 pages).
Answer all questions completely
No Plagiarism
Cite all resources used and use in-text citations
Assignment 2: Risk Management Plan
Note: The assignments are a series of papers that are based on the same case. The assignments are dependent upon one another.
In this assignment, you will create a risk management plan. You have a budget of $100,000 and a timeline of six (6) months for the plan. Please refer to Figure A-1, Risk Management Plan Template, from Appendix A (shown below) of the Hillson and Simon text to create the plan.
Write an eight to ten (8-10) page Risk Management Plan Component paper in which you:
1. Prepare the Scope and Objectives of the Risk Management Process section of the Risk Management Plan based on the facts presented in the case study.
2. Determine the project size, based on the facts presented in the case study, and provide justification based on Figure 3-4, Example Project Sizing Tool (Chapter 3 of the Hillson and Simon text-shown below).
3. Select the risk tools and techniques, and complete the Risk Tools and Techniques section of the Risk Management Plan for both the qualitative and quantitative aspects of the project. Provide a rationale for the selection.
4. Develop the Risk Reviews and Reporting section of the Risk Management Plan based on the project size previously determined.
5. Define the Probability and Impacts section of the Risk Management Plan and justify the values assigned.
6. Define the Risk Thresholds section of the Risk Management Plan and justify the values assigned.
Your assignment must follow these formatting requirements:
· Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
· Include a cover page containing the title of the assignment, the students name, the professors name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
Hillson, D. (2012). Practical project risk management, 2nd Edition. [Strayer University Bookshelf]. Retrieved from https://strayer.vitalsource.com/#/books/9781567263671/
Appendix A-1
Figure 3-4
See Below