Forums

I just did some reading on Balanced Scorecards, but I don't see how useful it would be for software development in industries such as finance.

Does anyone have any experience using for software development in any industry? How about in the finance industry?

Thanks
David

Mark's picture

David-

I would certainly bow to anyone else, but I do not.

And, I think I've share my BSC thoughts before - too often, it's the wrong tool.

Mark

burnsp's picture

Balanced Scorecards are useful tools for measuring performance, but the problem is that it suits only certain industries. For example if your in sales, this will work but if your in the public sector or within an industry that is not sales orinated this becomes a little bit more difficult

do a search on google on Balanced Scorecards and you should get a bit more back ground or see http://en.wikipedia.org/wiki/Balanced_scorecard for more info

PierG's picture

We don't use BSC but we have what we call a Tableu de Bord: an automatic generated dashboard.

This dashboard is one of our means of communication inside our dept AND toward the top management: it's a picture of us month per month.

We chose carefully what to show in this TdB and our folks (at all levels) appreciated it very much. This was the bigger value.

PierG

Todd G's picture

David,

BSC's are a great tool to evaluate several areas. They just have to have the right verbage to make them useful. Make them useful to your organization.

Customer Satisfaction.
Product line completion.
Employee turnover rates.

The list is realitively endless.

Pier, I like your dashboard idea. These work great as well.

Good Luck.

tokyotony's picture

[quote="mahorstman"]David-

I would certainly bow to anyone else, but I do not.

And, I think I've share my BSC thoughts before - too often, it's the wrong tool.

Mark[/quote]

Mark,

Sorry to quote an old post and I did try doing a search on the forum under "Balanced Scorecard", "balance", "score", and "card", but I can't seem to find your thoughts on BSC.

The reason I ask bring up BSC now is that my company is starting to roll this out globally, and I am getting the feeling that they are taking too much of an generic approach to all services we offer.

Your insights on whether BSC has any real value and, if it does, what to do to make it work, would be appreciated.

Regards,

Tony

Mark's picture
tokyotony's picture

Mark,

Thanks. Not sure why my search could not find that.

Okay, so you are recommending not to put it in place in the public sector. I also got that, like most major initiatives, needs senior management support.

Any other recommendations in a nutshell? Pitfalls to avoid?

Thanks,

Tony

DWElwell's picture

Having done a lot of balanced scorecard work, I would say the following:
1) It's not an approach that can be applied "out of the box" - it requires a lot of work to get it right
2) Most of the times that it "fails" are due to not implementing it properly and
3) It's really not about metrics, it's about thinking systematically about strategy.

The Balance Scorecard (and Strategy Maps) will help think more clearly about strategy and help you align to it. It will neccessarily not make you any better at executing your strategy, or make you a better manager...

andylaird25's picture

Hi All,

When my ex-company was tendering for a new business contract, I discovered a powerful scorecard tool called PB Views (now called performancesoft).

www.performancesoft.com

Unfortunately we were unsuccessful in our bid, so I never got to use it in a live environment. I created a (very) basic version in Excel for the business to use thereafter.

It may be worth a look.

Kind regards

Andy

bflynn's picture

[quote="DavidB"]I just did some reading on Balanced Scorecards, but I don't see how useful it would be for software development in industries such as finance.

Does anyone have any experience using for software development in any industry? How about in the finance industry?
[/quote]

Finance / Not Finance - not sure what the difference would be. Software development is software development, right?

I have been in a software development organization that attempted to use balanced scorecards and it was a disaster. When code completion was stressed, errors went through the roof. When they focused on errors, developers went into testing lock. After they thought they had that balanced, they didn't account for scope changes, then personnel changes and eventually the entire project was just shut down. Thankfully.

You have to really, really understand your business and your people. And even then, different people are going to react to the same metric in different ways.

Brian

James Gutherson's picture

I agree Brian, that bad implementations of Balanced Scorecard, Six Sigma, TPM, ISO9001, (insert flavour of the month), etc can be a disaster - however I feel the theory behind them including Balanced Scorecard is still valid.

My quick summary of the Kaplan and Norton Balanced Scorecard approach is that a Company determines a number of ways to measure it's performance (against its strategic objectives) that are not just financial metrics but are 'balanced' across the spectrum of Financial, Customers, Internal Business Processes and Organisational Learning. The company then sets targets and continiously monitors it's performance against these targets, adjusting it's resources and focus as it sees fit.
(My personal approach is more aligned with Eli Goldratt and the Goal - a business is there to make money - however simply focusing on financials is not the best way to do this)

You mentioned that problems your (former?) organisation saw when implementing Balanced Scorecard caused them to shift focus until they felt they had a balance between two areas, then other situations arose that further complicated the process. My thoughts are this is what you want to happen. These other issues were happening anyway, they were just unseen untill the system exposed them, and gave you a way to see how changes affect them and the overall system.

Your statement "You have to really, really understand your business and your people..." is something that I hope most organisation are striving towards - and not just to implement Balanced Scorecard.

roberthobbs's picture

The Balanced Scorecard concept has evolved through 3 distinct generations, each with substantial improvements in addressing the practicalities of implementing the concept.

I have worked with the BSC since 1992 and use it both as a tool for our own management of a software company, and assist other organisations in its deployment. Initially I deployed it within finance and banking organisations including Nat West, Barclays and Lloyds. In the past 6 years I have worked on its use and deployment in over 30 public sector organisations.

So, I am biased, but I probably do know in-depth the answers to the questions being raised here.

Rather than provide a long explanation of the hows and whys – this is the key summary points from my experience and forms that basis of my expert opinion and advice:

1. The key part of the BSC approach that really enables it to be helpful is cause-and-effect between objectives.
2. Each objective needs to be SMART (this is where the measures sit)
3. Each objective should have its key linkages in terms of cause and effect impact and dependency identified.
4. Define your top level (usually termed strategic) objectives in terms of the 4 perspectives that make most sense to your business/organisation (very rarely I have seen a benefit in a 5th perspective – if it makes sense to your organisation, have 5!)
5. DO NOT simply cascade the same measures from the top level objectives down into the organisation.
6. Create sub-levels of objectives (usually a divisional/departmental/team plan cascade) that you believe will deliver the higher level objectives. Talk through the story of cause and effect in a workshop with colleagues – do they agree with you – do they offer better alternative understandings, come to a shared understanding of why you are going to do what you are going to do)
7. DO NOT force every plan to have cascaded objectives in each of the ‘4 perspectives’ - some won’t need to.
8. Make each sub-level objective SMART in its own right. Establish the key cause-and-effect linkages between the cascaded plan/objectives. This creates the truly useful part – a golden thread of what delivers what for your organisation.
9. This is now a working hypothesis of what matters to you. Use it as a hypothesis. Test it out each month – did the logic of our understanding hold up to the realities of the world sufficiently to be useful. Use a Plan Do Review cycle to manage your section of the plan and its performance – look at the impacts and dependencies, follow the golden thread all the way along to see how the performance of what you are doing has key impacts right through the organisation. Follow-it backwards to see what is coming at you before it reaches you!
10. DO NOT try to capture every single influence into your model. You are modelling for practical management benefit which means this is a data reduction exercise, it is not trying to be an accurate econometric model (you can’t get one!). Encourage textual input in addition to the use of the measures.
11. Plan Actions to close performance gaps, and through Plan DO Review – check – did we do them, did they close the gap? If not why not? Did we fail to execute the Action? Did the Action fail to close the gap? What do we need to plan now. Do we not know what will close the gap? Find an expert to help (either within or external to the organisation)

Finally – DO NO rely on only one business management approach, including the BSC. Each management approach has its strengths and weaknesses. Select a combination that gives you the strengths that you need for the maturity and challenges facing your organisation and patches up the weakness of the other approaches (e.g. six sigma, EFQM, IiP, Budgeting, BPM) you are using.

Kind regards
Robert Hobbs
CEO INPHASE Software

joegenest's picture

Agree with Rob's comments. In my experience as well, many people make the mistake of believing that they must select ONE system only - whether it be BSC, Lean, Dashboards, etc. But, each has its own function. The BSC is done at the strategic level and may appear very generic to some. For example, when looking at a strategy map with connections to customers, one might obviously thing "Provide excellent customer service" is a no brainer. However, you have to look beneath the objective to the measures and objectives that have been selected for that objective. That is where the hard work and though separates the adults from the kids. Also, you may have a lean or six sigma project as an "initiative" within a balanced scorecard program. In fact, I think this is probably the best way for organizations to identify which areas to focus such initiatives as the BSC can help them identify those operational areas where a Lean or Six Sigma initiative can have the most immediate impact to implementing the strategy.

Just some thoughts. But, I guess the key recommendation from my perspective is to take some time to look beneath the strategy map at the actual measures and initiatives that are part of the objectives. That, I believe, is where the power will reveal itself. Once you understand the story behind the objectives, the strategy map itself becomes even more powerful as a tool to see how all these measures work together.

Joe

KASmithy's picture

[quote="burnsp"]Balanced Scorecards are useful tools for measuring performance, but the problem is that it suits only certain industries. For example if your in sales, this will work but if your in the public sector or within an industry that is not sales orinated this becomes a little bit more difficult

do a search on google on Balanced Scorecards and you should get a bit more back ground or see http://en.wikipedia.org/wiki/Balanced_scorecard for more info[/quote]

It's true that BSC is not always the right tool to use. I say do a competitive analysis with a company similar to yours that has implemented BSC and see what the results are. Why reinvent the wheel?

Also, you can often tell whether or not you will be able to effectively implement BSC by breaking down and examining the steps of how to build a BSC, from the Strategic Foundation all the way through Development. According to [url=http://www.coursework4you.co.uk/balanced_scorecard.htm]this article[/url], there are seven steps altogether.

eagerApprentice's picture

[quote="mahorstman"]And, I think I've share my BSC thoughts before - too often, it's the wrong tool.[/quote]

I read all of the BSC and Strategy Maps books from Harvard press in preparation for my MBA thesis when my spirits were dashed - my professor told me the exact same thing as above and suggested another topic.

From the very limited real-world exposure I've had to BSC, it does seem to be terribly complex to implement in a way that is truly effective and provides the value/measurements it is supposed to for the company.

One very interesting case I recently heard of was on a IT Security podcast - they mapped out how BSC can be used to measure the security-readiness of a firm! It was very interesting to me, and sounded practical. I'd be happy to summarize if anyone is interested (otherwise I'm not up for all that typing!) :)

bffranklin's picture

[quote="eagerApprentice"]
One very interesting case I recently heard of was on a IT Security podcast - they mapped out how BSC can be used to measure the security-readiness of a firm! It was very interesting to me, and sounded practical. I'd be happy to summarize if anyone is interested (otherwise I'm not up for all that typing!) :)[/quote]

I'd be very interested in this, particularly because security metrics are quite frequently not indicative of how secure an organization actually is.

Mark's picture

BFFranklin-

Can I be nitpicky?

On the cast, they "mapped out how BSC CAN be used".

Did they actually DO it?

The devil is in the details.

Mark

tedjackson's picture

I've read the comments that BSC should be one of many approaches that an organization takes, but I would caution you against trying to implement different approaches at the same time. The BSC should be your overall organizing framework. It will allow you to describe, prioritize, and implement your strategy.

From there, you can determine where the best places are to apply concepts such as six sigma and lean manufacturing. Based on your strategy, you will see improved results in the appropriate key areas. Using the BSC, you can determine the role that concepts such as EVA and risk management play in your strategy.

The most important benefit of the BSC is to get your executives on the same page and mindset on what the organization strategy is and how you are doing in executing on it. I would encourage you to read more about the BSC and executing strategy through my blog at http://www.executivestrategymanager.com/blog/. You will get lots of thoughts on how the BSC is really helping organizations execute.

Cheers,
Ted Jackson, VP, Palladium Group.

eagerApprentice's picture

Ah! I finally found this post again!

I've always found BSC to be a very interesting concept - although I find Strategy Maps to be even more so (why doesn't anyone ever discuss Strategy Maps?)

bffranklin - I do agree with you - security metrics seem to be like trying to put numbers around "nothing" - if "nothing" happens, you had a good day. I'd be interested to hear what Security experts think about this idea, as I only have an IT Security education background, not any real-world experience in the industry.

The idea came from "Security Metrics", by Andrew Jaquith.

Here's an outline of how he applies it to Security - the examples listed under each section are general and broad - they are my summary and not detailed or extensive:

As you know there are 4 sectors to the BSC~

Financial
---------
How much money did I spend on IT?

Operational
-----------
key performance indicators
- Viruses blocked/prevented at perimeter
- Spam filtered away
- How long it takes to grant passwords to users

Customer
--------
Privacy information
- When an employee spots a possible violation of customer privacy, they escalate it to management --> People track it, follow it, fix it, count it - separate by business unit (HP does this now in a process called "Privacy Escalation")
-Compliance measurements - compliance with security/privacy mandates (ex: HIPAA)

Learning & Growth
-----------------
(Key indicators that speak to the behaviors you are trying to encourage in employees)
- Good passwords among employees - are they picking good passwords that are complex, long, have numbers, dollar signs, etc?
- what sort of training effectiveness have you had?
- Are you keeping your employees up to date?
- Is your security group consulting with your business groups when they role out an application

jhack's picture

The vast majority of strategy maps are built from gut feelings of managers, not from data that reveals the true relationships between the factors that a manager can control (people and processes) and the KPIs themselves (EBITDA, etc).

The maps end up being an unprovable and uncertain academic exercise. Doing the research into what really drives a company's performance is rarely done, as it requires lots of data and lots of math.

Check out "Competing on Analytics" by Tom Davenport for a very different take on strategy and drivers.

John

bffranklin's picture

Jacquith has a good reputation in the industry, though I have yet to read his book "Security Metrics." The BSC summary given is a starting point, but it's not something I'd rush to implement in my shop.

Just a few points... from the financials side, I would track unexpected security-related expenses along with the overall budget. I'm looking to measure what we're being caught off guard by/unprepared for.

From an operational perspective, a lot of these are "easy" metrics and not the sort of things I'm worried about. "Is our antivirus/spam filter working as well as I expect?" is a good question to ask, but it lacks a big-picture focus. Operationally, I'm more interested in things like what % of my network I have visibility into. If I had a larger budget, I'd want to know how long a security consultant with various levels of knowledge would take to gain access into my systems AND how long after that the security staff would detect them. In other words, let's keep focus on the goals of compliance and security, not the individual mechanisms of control -- I don't care how we do it, just make it secure!

The customer section comes back to this -- reporting violations is a usable metric, but how can you know what you aren't seeing? It's the stuff I don't know about that scares me as a security practitioner.

This goes back to my comment about % network visibility -- on the security side, I think the #1 goal should be to get your head out of the sand and start trying to quantify how much of your computing activities you don't know about.

Anyway, pushing things off topic a bit, but the tangent is something I'm very interested in.