No project should ever be considered without considering the cost of not doing it at all. This goes for both technical and non-technical projects.
I worked in the financial services industry for many years. Every few years I was approached by semi-hysterical business leaders who wanted to sponsor quick-and-dirty projects to satisfy some regulatory mandate. The only information they could supply was that it was a mandate and there could be fines for non-compliance.
When vetting any project, it is necessary to understand the cost and benefit of every option for satisfying the need. Quick-and-dirty is always an attempt to brush over the lack of benefit by assuming that the cost is absurdly low. While that may be true in the short run, it’s rarely true in the long run when all of the facets that were missed come to the surface as unexpected consequences of the quick-and-dirty implementation. In other words, it’s a lot dirtier than first imagined. Quick-and-dirty is never a good idea and never as cheap as first proposed.
The one option that is often overlooked is the option to do nothing. Since most mandates to organizations carry civil rather than criminal penalties, no one is going to go to jail over non-compliance. When the fine for non-compliance is low or even undefined, sometimes the correct course of action is to pay the fine when levied and invest in projects with higher payback. It is vitally important to understand the deficiency in the enterprise architecture and to constantly evaluate whether changes in the regulatory environment dictate reconsideration of the enterprise’s lack of action.
This is a great post. It’s not often that someone provides such clarity for deterining the appropriate action. Thanks.