Analyzing IT Value Management at KLM Through the Lens of Val IT 

Download Article Article in Digital Form

A common and critical dilemma confronting enterprises today is how to ensure that they realize value from their large-scale investments in IT and IT-enabled change. IT-enabled investments can bring huge rewards, but only with the right value management approaches.

The ISACA Val IT framework offers a broad set of good practices that support the adoption of such value management processes. This article describes a case study on how the Dutch airline company KLM introduced value management for its IT-enabled investments, analyzed through the lens of Val IT. As such, the goal of this article is to provide insight to practitioners regarding how to introduce better value management approaches.

From IT Governance to Governance of Enterprise IT and Value Management

After the emergence of IT governance concepts in the late 1990s, the notion of IT governance received a lot of attention. However, due to the focus on “IT” in the naming of the concept, the IT governance discussion mainly remained a discussion within IT. In the field, many IT governance implementations are still mainly an issue within IT, while one would expect that the business would and should take a leading role here as well. It is clear that business value from IT investments cannot be realized by the IT function, but will always be created by the business through its use of IT. Therefore, IT-enabled investments should always be treated as business programs, composed of a collection of business and IT projects delivering all the capabilities required to create and sustain business value.1, 2

The IT governance discussion clarifies the need for the business to take ownership of, and be accountable for, governing the use of IT in creating value from IT-enabled business investments. Acknowledging the prime accountability of the business in value creation initiated a shift in the definition of IT governance, focusing on the business involvement, toward governance of enterprise IT (GEIT) (instead of IT governance). GEIT is an integral part of corporate governance and addresses the definition and implementation of processes, structures and relational mechanisms in the organizations that enable both business and IT personnel to execute their responsibilities in support of business-IT alignment and the creation of business value from IT-enabled investments.3

GEIT clearly goes beyond IT-related responsibilities and expands toward (IT-related) business processes needed for business value creation. The topic of business value creation is high on the agenda of many organizations, and in both academic and professional literature, the concept of value management is addressed often. In response to the need, ISACA launched a framework that addresses these value management issues: Val IT.4

VAL IT as a Framework for GEIT and Value Management

A recent and an important framework that addresses GEIT, Val IT has a specific focus on value management and creation. This framework starts from the premise that value creation out of IT investments is, in the first place, a business responsibility. To support business personnel in organizing and developing these responsibilities, Val IT presents a set of 22 IT-related business processes and associated key management practices, management guidelines and maturity models. Val IT is complementary to COBIT and follows the same structure and templates as provided in the COBIT manuals.

Val IT presents 22 processes categorized in three domains (figure 1):

  • Value Governance (VG)
  • Portfolio Management (PM)
  • Investment Management (IM)

Figure 1

The VG domain addresses the structures and processes required to ensure that value management practices are embedded in the organization. The domain deals with the engagement of leadership (VG1), the definition and implementation of value management practices (VG2), and the integration of the latter into the organization’s financial management processes (VG4). It also addresses that portfolio types and criteria need to be defined by the business (VG3), that effective governance monitoring should be established over the value management practices (VG5), and that there should be a continuous improvement cycle through implementing lessons learned (VG6). It is clear that these processes are defined at a higher level in Val IT and encompass “necessary conditions” to enable a value-based approach in portfolio and investment management.

The PM domain addresses the processes required to manage the whole portfolio of IT-enabled investments. This domain states that the strategic direction of the organization should be clarified and that the target portfolio mix should be defined (PM1). Also, available resources in terms of funding (PM2) and human resources (PM3) need to be inventoried. Based on detailed business cases arising from the IM processes (IM1-IM5), investment programs are selected and moved into the active portfolio (PM4). The performance of this active portfolio needs to be continuously monitored, reported on (PM5) and optimized (PM6), based on performance reports coming out of the IM processes.

The processes in the IM domain are situated at the level of a single IT-enabled investment. The first five processes in this domain focus on the emergence of new investment opportunities in the organization (IM1) and the development of detailed business cases (IM5) for the approved opportunities, including analyses of alternative courses of action (IM2), a definition of a detailed program plan (IM3) and full cost-benefit analysis (IM4). After approval of detailed business cases (PM4), investment programs need to be launched (IM6) and monitored (IM8) and, if required, business cases need to be updated (IM9). All investment programs need to be retired (IM10), bringing programs to an orderly closure when there is agreement that the desired business value has been achieved or when it is clear it will not be achieved. Also, changes to operational IT portfolios, as a result of the investment program, need to be incorporated in the portfolios of IT services, assets or resources (IM7).

Research Approach

The goal of the KLM case study was to gain an in-depth understanding of how one organization adopted GEIT practices during the past decade in search of more value creation out of IT-enabled investments and to learn to what extent this mapped to the Val IT framework. Due to the exploratory nature of this study, a qualitative research approach was adopted based on in-depth case study research. Data were captured through multiple interviews, discussions and conversations with KLM’s director of value management and alliances, who also provided access to other internal information such as internal reports, presentations and minutes. To further triangulate the data, other in-depth interviews were completed and tape recorded with the vice president (VP) of the chief information officer (CIO) office, the VP of finance and control ground services, the VP of the business development office (BDO) for passenger operations, and the director of finance and control IT operations at the premises of KLM in Amsterdam Schiphol Airport (The Netherlands).

Analyzing IT Value Management at KLM

Although KLM did not specifically use Val IT to introduce value management, KLM was involved in the development of Val IT 2.0, and as a result, there was some knowledge sharing in both directions between KLM and the Val IT development team. In this section, the focus of the case description is on understanding how a real-life organization “implemented” the intent of these good practices.

The Case Company:  KLM
KLM was founded in 1919 and has its home base and hub in Amsterdam Schiphol Airport. KLM currently employs more than 33,000 people worldwide and manages a fleet of about 200 aircraft. In 2004, KLM merged with Air France, after which both companies continued to operate as separate airlines—each with its own identity and brand and each benefiting from the other’s strengths. In financial turnover, Air France-KLM is the world’s largest airline group, transports the most passengers and is the world’s second-largest cargo transporter. In 2009, Air France-KLM operated flights to 255 destinations in 115 countries on four continents.

This case study focuses on the KLM activities within the Air France-KLM group. The KLM executive committee (figure 2) is composed of the chief executive officer (CEO), chief financial officer (CFO), managing director and executive VPs (EVPs) of the major business units and services (commercial, in-flight services, operations, ground services, cargo, engineering and maintenance, IT, and human resources). In 2009–2010, KLM’s IT department employed close to 1,000 (internal and external) full-time employees (FTEs), with an IT budget of approximately €300 million. As shown in figure 2, KLM’s IT is organized around IT development and operations activities with the CIO office addressing aspects of the enterprise/IT architecture, IT strategy, value and portfolio management, sourcing strategy, and risk and security. The mission of the KLM IT department is to “create business value by delivering reliable IT services to the business processes and innovative IT solutions to enable and support business changes.” The following strategic goals for IT support this mission:

  • IT is a world-class information services provider and will be able to deliver the best value to the company.
  • The IT cost levels will be at a competitive industry level.
  • The IT architecture and infrastructure will enable the growth ambitions of Air France-KLM.

Figure 2IT is a business-critical enabler for KLM; yet, at the same time, it can be a source of both success and discontent. In 2001, the balance had tilted toward discontent due to a lack of trust in what was perceived as a costly and unresponsive IT department. This occurred in a business climate that was increasingly challenging and that became dramatically more so after the 11 September 2001 terrorist attacks on the US. After that event, KLM’s CEO seized the opportunity to make a structural break with the past and to reexamine and transform KLM’s business and IT governance.

The EVP of the operations control center was appointed the new CIO. It was believed that having a CIO from the “real business” would help get the IT governance discussion out of the IT area and have it put on the business executive’s agenda. The newly appointed CIO received three clear priorities:

  1. Provide the reasons why, or why not, to outsource IT.
  2. Create a business/IT board to organize joint success.
  3. Design simple governance principles to restore control, enabling steering by the EVPs and CIO.

To respond to these requirements, the CIO office was established as a support function to the CIO, consolidating a number of already existing, loosely coupled and different functions such as the IT strategy office, program management and business/IT liaison roles. In the words of the VP of the CIO office:

In the scenario that we would outsource IT, both IT operations and development would mainly be sourced outside KLM, but the activities of the CIO office would be kept internally as it governs IT strategy, architecture, security, business/IT alignment, etc. The goal of the CIO office is to enable effective IT, in support of business needs.

Value Governance at KLM
It was decided that, ahead of the first priority given to the CIO, the primary focus should be to introduce better governance principles and practices (priority three). A project titled “IT: A Collaborative Effort” was launched and focused on enabling all stakeholders to better understand the cost and value of IT, which, in turn, would enable them to make more informed decisions about what and how to potentially outsource (priority one). In support of priority two, a business/IT board was established, composed of the CEO, CIO and all business unit EVPs, who met every quarter to discuss and decide on strategic issues involving IT.

With regard to priority three, the CIO office, in collaboration with the business, designed a set of principles that would significantly simplify IT-related governance. The starting premise was that these principles should put the business in full control of all IT demand and IT spend. In support of these principles, a number of governance practices were introduced in the business and IT organizations, including the establishment of the business/IT board and demand management functions for each business domain. These governance principles and practices were introduced as the “only way of working” between business and IT for all business units and activities. These practices also supported the creation of portfolio management processes driven by the business units. The portfolio management processes evolved from being driven by IT resource and supply toward being driven by business demand with an innovative and rigorous approach to evaluation and selection.

The definition of the first draft set of governance principles and practices was mainly driven by the CIO office. These principles were later refined with the involved business parties and are now shared in the organization through its intranet. According to the director of value management and alliances (a member of the CIO office):

These principles and practices are still challenged from time to time. Our position is that we are always open for discussion for each of these principles and practices, but up till now, we have each time, in the end, reconfirmed them.

Figure 3The stated principles and practices apply for all business units and are presented in internal KLM presentations as shown in figure 3. The involved parties acknowledge that this list does not really distinguish between principles and practices, but presents them in a mixed way. However, it was believed to be a pragmatic and practical list that was workable for KLM. The CIO office developed more detailed background information and internal documentation to explain the impact and consequences of each of these principles and practices.

Referring back to Val IT 2.0, the goal of the Val IT VG domain is to ensure that value management practices are embedded in the enterprise, enabling it to secure optimal value from its IT-enabled investments. Val IT proposes six processes in this domain, as shown in figure 4. Mapping these processes to the KLM approach described previously makes it clear that the adoption of some of these processes is nicely illustrated at KLM. KLM’s definition of the governance practices and principles (figure 3) ensures informed and committed leadership (VG1), appropriate governance monitoring (VG5), and the implementation of value management processes (VG2). Also, some of these principles address specific issues, such as VG4 being covered in principles 9–10 (figure 3).

Figure 4

Figure 5Portfolio Management and Investment Management at KLM
The previously mentioned governance principles and practices were needed as key building blocks in support of having effective portfolio and investment management processes driven by the business units. The design of these portfolio and investment management processes was created by the portfolio management office (part of the CIO office) and is shown in figure 5. Three approval stages were defined, going from “idea selection” to “program go” and “investment approval.” For each of these phases, clear decision thresholds were defined. For investments between €150,000 and €500,000, the EVP, director of finance and control, and BDO of a business unit could approve the go/no-go decision in each phase. Investments greater than €500,000 are approved by the business unit investment committee (BIC), which comprises the business unit chief operations officer (COO), EVP, director of finance and control, and BDO. Investments greater than €5 million are approved by the executive committee (EC).

The initial phase addresses the initiation of the investment proposals or idea generation. In this phase, all business ideas are gathered and captured by the BDOs (demand process) and turned into potential initiatives for which a high-level business case (HLBC) will be developed. These HLBCs include descriptive information, classifications, and high-level cost and benefit estimates, and risk. The VP of BDO for passenger operations clarifies:

It is often hard to quantify some benefits at this stage. For example, the cost avoided of an aircraft not needing to land on another location because of better support systems, but still, we try to make as good as possible educated estimations.

If an initiative is approved, it is turned into a program for which a full business case (BC) is developed based on a detailed feasibility study. To enable common and comparable BCs, a BC template was developed as a mandatory instrument for all investments greater than €150,000.

To be able to prioritize all these BCs, it is crucial to know what the organization’s business drivers are. The director of value management and alliances makes this clear:

Our experience was that it was often difficult to obtain a clear list of business priorities from a business unit. However, we needed these priorities to enable the selection of “the right things,” and for that reason, we used a methodology to help us and the business in making these business priorities transparent.

To enable this process, the business drivers of a business unit were captured and ranked by the CIO office through interviews with the business unit executives. Next, for each incoming investment proposal, the contribution to each of these ranked business drivers was determined, ranging from “low” to “extreme.” The result of this exercise is an initial portfolio containing a ranked, but still unconstrained, list of all investment proposals at the business unit level. The VP of BDO for passenger operations explains the importance of this process:

These priorities are the basis to build a “business plan” for the BDO of a specific business unit, describing all the things that the BDO office of a business unit can be held accountable for. I have even turned this business plan into a video clip on YouTube to demonstrate to all our business and IT stakeholders our commitment for the next year.

After this prioritization, total demand of all business units typically exceeds the budget made available by the EC. The director of value management and alliances describes how this is handled:

Instead of using a “cheese slicer” and, for example, forcing all business units to cut 30 percent out of the project portfolio, a process of informal discussions is initiated between the BDOs to determine how the portfolio can best be optimized. As long as this process works, this approach is preferred instead of escalating to the next management level.

This consensus-building process generally works well, and as a result, the business/IT board receives an overview of the major program and only needs to endorse the outcome of the portfolio management process. The director of value management and alliances concludes, “Through a good portfolio management process, we strive for seamless decision making.”

Once the portfolio of programs is optimized, the BIC (for projects greater than €500,000) or the EC (for projects greater than €5 million) still has to release the funding before design, construction, user-acceptance testing (UAT) or implementation can start. This may appear as a duplicated decision structure, but it acts as a final check and also gives the final authority and decision power back to the business executives. The VP of BDO for passenger operations explains:

In the end, the business executives decide. This approach helped in getting them engaged in the portfolio management process because they get their control back, although, until now, they have never “used” it. Another important aspect in this context is that we try to make the time between the business idea and approval on the investment committee as short as possible as this period is perceived as “IT being slow.”

Referring back to Val IT, the goals of the Val IT PM and IM domains are, respectively, to ensure that optimal value is secured by the enterprise across its investment portfolio and to ensure that individual investments contribute to optimal value. The KLM approach described previously illustrates the adoption of some of the processes that Val IT proposes in these areas. The way the business drivers are defined for a business unit and how this leads to a prioritized list of programs in line with the available budget clearly illustrate PM1–PM3 (figure 6).

Figure 6

Reported Benefits, Lessons Learned and Future Challenges
During the onsite interviews, the following benefits, lessons learned and future challenges were reported.

In terms of benefits, the implementation and ongoing assurance of GEIT has restored trust between business and IT and resulted in an increased alignment of investment to strategic goals. The communication and discussions on portfolio management have also improved management awareness and understanding and have supported the transformation from a cost toward a value culture. Also, more tangible benefits were reported, including lowered IT continuity costs per business production unit and increased innovation capacity.

Figure 7A key metric used to monitor airline production is the relationship between all IT continuity costs and equivalent available seat kilometers (EASK), which represents the total number of seats and cargo capacity multiplied by the total number of kilometers flown by the airline fleet. Figure 7shows that, although many business investments involving IT (such as e-tickets, additional web-based sales and web-based check-ins) resulted in a year-on-year increase in the total IT budget, the unit cost of providing IT services (IT continuity cost) per airline production unit decreased by more than 20 percent. (The slight upward curve for the next three years is due to a temporary decrease of production in response to the world economic crisis.) This substitution of labor by IT also resulted in lower business cost per unit because IT is cheaper than labor.

In addition to direct cost savings, the innovation capacity has increased as lower, or at least stable, IT continuity costs contributed to freeing up financials for IT-based innovation. Again, the CIO office develops metrics to demonstrate this outcome. As an example, figure 8 shows a relatively stable IT continuity budget, enabling the increase of the total IT budget to go almost entirely to new innovation, which increased from 25 percent in 2004–2005 to 39 percent in 2010–2011.

Figure 8

So far, in the course of KLM’s journey, a number of lessons have been learned. These lessons include the importance of senior management commitment and business engagement; change management; provision of adequate and appropriate support resources; and adoption of a pragmatic, practical and evolutionary approach.

KLM still has challenges ahead in further maturing GEIT and value management. These challenges include a better process for measuring and managing the benefits realization, continuous alignment of required business and IT resources, and consolidation of the whole investment portfolio at the group level.


To better understand how such Val IT practices can be adopted in an organization, this article mapped KLM’s approach to specific Val IT processes. Insights from this case can help in better understanding implementation approaches in the Val IT domains: Value Governance, Portfolio Management and Investment Management. KLM clearly looked for pragmatic solutions in seeking full business engagement and senior management commitment. An important success factor in value management adoption at KLM was the maturity of the CIO office, which focused heavily on managing change and ensured that all the necessary support resources were available to achieve this.

Although all organizations, including KLM, face unique challenges, concerns about effective GEIT and the realization of real business value from today’s significant and increasingly complex investments in IT are a universal concern. Other organizations can certainly benefit from the experiences of and lessons learned by KLM.


1 Thorp, John; The Information Paradox: Realizing the Business Benefits of Information Technology, McGraw-Hill Ryerson, USA, 2003
2 De Haes, Steven; Wim Van Grembergen; “An Exploratory Study Into IT Governance Implementations and Its Impact on Business/IT Alignment,” Information Systems Management, vol. 26, no. 2, 2009
3 Van Grembergen, Wim; Steven De Haes; Enterprise Governance of IT:  Achieving Strategic Alignment and Value, Springer Science+Business Media LLC, USA, 2009
4 IT Governance Institute (ITGI), Enterprise Value:  Governance of IT Investments, The Val IT Framework 2.0, USA, 2008,

Steven De Haes, Ph.D.
is an associate professor of information systems management at the Antwerp Management School (UAMS) and the University of Antwerp (UA) (both in The Netherlands). He is academic director of the IT Alignment and Governance (ITAG) Research Institute and can be reached at

Dirk Gemke
is director of value management and alliances at Air France-KLM and program manager of service-oriented architecture at SkyTeam. Gemke can be reached at

John Thorp, CMC, ISP
is a management consultant with close to 45 years of experience in the information management field. He can be reached at

Wim Van Grembergen, Ph.D.
is a full professor at UA and UAMS, where he teaches information systems at the undergraduate, graduate and executive levels. He is academic director of the ITAG Research Institute and can be reached at

Enjoying this article? To read the most current ISACA® Journal articles, become a member or subscribe to the Journal.

The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal.

Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute® and their committees, and from opinions endorsed by authors’ employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.

© 2011 ISACA. All rights reserved.

Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.