PPM Software, Project management

Project Management Maturity in IT: What the COI Study Reveals — and How FlexiProject Closes the Gaps

Project management maturity has become one of the strongest predictors of whether an IT investment delivers what it promised — on time, within budget, and with the business outcome the organisation paid for. The Centralny Ośrodek Informatyki (COI) published a study in 2023 assessing 32 Polish public-sector institutions across ten dimensions of project management maturity — and the findings are both nuanced and deeply actionable.

In this article, you will learn: Why 65.63% of Polish IT institutions cluster at maturity levels 3–4 — and what it means for your PMO How tool fragmentation traps organisations between levels 3 and 4, according to the COI study Why a well-chosen PPM system raises the floor of what is normal, not just the ceiling of what is possible How FlexiProject maps onto all ten COI maturity dimensions — from schedule to portfolio strategy What a realistic 12-month roadmap from level 3 to level 4 looks like in practice

Why project management maturity matters now

From heroics to repeatability

Maturity, in this context, is not a label. It is a measurement of how predictably an organisation turns intent into delivered outcomes. At level 1, projects depend entirely on the heroics of a few individuals. At level 5, the organisation can take a new strategic objective, route it through a defined process, and reliably ship results regardless of who happens to be the project manager.

Where the largest business value gets trapped

The difference between level 3 and level 4 is exactly where most Polish IT organisations sit — and also where the largest business value gets trapped. A level-3 organisation has defined processes, but they live in documents and PowerPoint files. A level-4 organisation has those same processes embedded into daily tools, with measurement, governance, and continuous improvement built in. The transition is not about hiring more PMs or buying a methodology certification. It is about closing a small number of very specific operational gaps — and the COI study is useful precisely because it identifies those gaps with statistical clarity.

What the COI study reveals about project maturity in Poland

Key findings from 32 public-sector institutions

Of the 32 institutions surveyed, 65.63% sit at maturity level 3 or 4. That is a strong cluster — not catastrophic, not yet world-class. Across all ten assessed criteria, the average score increased year over year, which signals that public-sector IT is genuinely improving rather than stagnating.

The strongest gain: risk management

The most striking single improvement is in risk management, where the average score climbed from 3.18 to 3.75 in one cycle. The report is also candid about what is holding organisations back: an ad-hoc, accidental approach to tool selection, and a lack of integration between the tools that are in use. In plain language: teams cobble together spreadsheets, an issue tracker, an email thread, and a shared drive — and the absence of a coherent system becomes the bottleneck. People put in the effort. The system does not amplify it.

The 10 maturity dimensions — and the gap between level 3 and level 4

Planning, schedule, scope, budget, risk, communication, resources, knowledge, tools, governance

The ten dimensions assessed by the COI study correspond to questions every PMO must eventually answer. Does every project have a documented charter tied to a business objective? Is the schedule actually used to manage delivery, or is it a static document opened only before steering committees? Do project managers know their budget variance this week, or only last quarter? Is risk a registered, owned item with a mitigation plan, or a feeling people have at the coffee machine?

Level 3 does things when there is time. Level 4 does them by default.

The gap between level 3 and level 4 is almost always answered in the frequency and automation of these practices. Level-3 organisations perform them when there is time. Level-4 organisations perform them by default, because the system makes any other behaviour harder. This distinction — automation as the mechanism of maturity — is the most actionable insight the COI study offers.

Tool fragmentation: the dominant blocker identified by the COI study

When the schedule, budget, and risk register live in three different tools

The COI report explicitly identifies tool fragmentation as one of the dominant blockers. When the schedule lives in one tool, the budget in another, the risk register in a third, and the status report in PowerPoint, the project manager spends a disproportionate share of their week on data reconciliation. Worse, the PMO never sees a consistent picture across projects, because every project manager reconciles differently.

Technical debt in project management practice

The result is exactly what the study identifies: ad-hoc and accidental tool choices. Tools are picked because someone used them at their last job, because they are free, or because they were available in the licence stack. The organisation accumulates technical debt in its project management practice the same way it accumulates it in code — silently, until the cost of the fragmentation exceeds the cost of fixing it.

The PPM system as a maturity accelerator — standardisation and integration

Training raises the ceiling. The system raises the floor.

There is a common misconception that maturity is built primarily through training. It is not. Training raises the ceiling of what is possible; the system raises the floor of what is normal. Most organisations stuck between level 3 and level 4 already have trained project managers. What they lack is a default environment in which doing the right thing is the path of least resistance. A modern PPM system is therefore not just a tool — it is the operational embodiment of a methodology.

Making project initiation mechanical

The fastest path to level 4 is to make the initiation of any new project mechanical. If every project starts from a template that already contains the right charter sections, the risk categories the organisation cares about, the typical milestone structure, the standard budget lines, and the agreed approval path, the project manager is not making one hundred small methodological choices on day one. They are filling in a known structure — and that removes the dependency on individual discipline.

Integration: the single biggest lever between level 3 and level 5

When a risk is linked to a schedule task, and a budget item is linked to a deliverable, and a deliverable is linked to a strategic objective, the entire portfolio becomes navigable. A board member can drill from a strategic KPI down to the specific schedule task that is slipping. A PMO can see, across thirty projects, where risk exposure is concentrated. That is not a reporting feature — it is a fundamentally different operating model.

How FlexiProject supports each COI maturity dimension

Schedule and Gantt: the maturity backbone

FlexiProject’s schedule supports task dependencies, the critical path, and real-time deviation tracking from baseline. The warning-icon system shows, at a glance, which tasks have unresolved risks attached, budgeted cost items linked, or deliverables depending on them. A project manager looking at the schedule on Monday morning sees not just what is due this week, but which of this week’s tasks carry exposure.

Risk register: turning the study’s biggest gain into daily practice

Every risk in FlexiProject has a defined owner and an action plan. Risks can be linked to specific schedule tasks, which means the schedule itself displays risk exposure inline. Most major project failures are not caused by unknown risks — they are caused by known risks that nobody actively managed. A register that lives inside the same system as the schedule, with assigned ownership and visible mitigation status, makes that failure mode significantly less likely.

Project charter and acceptance paths: formalising governance

FlexiProject offers configurable charters — one for IT programmes, one for investment projects, one for marketing campaigns — each with the fields and approval logic that fit the actual nature of the work. The acceptance paths formalise change control: scope, schedule, or budget changes pass through a documented approval flow rather than being negotiated informally. This is the operational definition of governance, and one of the most tangible things separating level-3 from level-4 organisations.

Budget, deliverables, reporting, and knowledge — closing the remaining gaps

Budget management: financial discipline as a maturity marker

Above maturity level 3, financial visibility per project becomes non-negotiable. FlexiProject’s budget module supports detailed budget planning, ongoing cost recording, and forecast updates as the project progresses. Budget items can be linked to specific tasks or deliverables, which is what allows variance to be analysed meaningfully. A 15% budget overrun is one number; a 15% overrun concentrated in two deliverables is a diagnosis.

Products and deliverables: tracking what the project actually produces

FlexiProject explicitly models products and sub-products as first-class objects, with their own owners, deadlines, and acceptance criteria. This forces a useful conversation at planning time: what exactly will this project deliver, who is accountable for each deliverable, and when does it need to be ready? Without this distinction, projects close on the basis of “all tasks completed” — a reliable way to deliver activity without delivering value.

Automated reporting and organisational knowledge

FlexiProject automates the status-reporting cycle — collecting data on a defined schedule, populating a configured report template, and producing PDF outputs without manual consolidation. The freed PMO time can be redirected to portfolio analysis, lessons-learned reviews, and pre-mortem risk workshops. The knowledge base function accumulates lessons and project decisions inside the same system that runs the projects, accessible at the moment they are needed rather than buried in a SharePoint folder.

Resource management and portfolio strategy: the climb toward level 5

Resource visibility: from discovery to prevention

Resource conflicts are one of the most common reasons schedules slip — and they are almost always invisible until the slip happens. FlexiProject’s allocation view shows how each person’s time is committed across active projects; time registration captures what work has actually been done. At level 3, resource conflicts are discovered when a project manager calls another to ask if a specialist is available. At level 4, they are visible in the system before the assignment is even made.

From running projects well to running the right projects well

Reaching maturity level 5 requires the link between every active project and a measurable strategic objective. FlexiProject supports project portfolios, project programmes, scoring models, and strategy-to-KPI linkage. Scoring models allow project ideas to be evaluated against strategic criteria before resources are committed. The operational outcome is a portfolio view in which the question “should we fund this new initiative?” has a structured answer rather than a political one — which is what level 5 looks like in practice.

A practical 12-month roadmap from level 3 to level 4

Months 1–3: standardisation

Define one or two project charter variants that match the dominant project types in the organisation. Build templates that contain the agreed phases, typical risks, and standard deliverables. Configure the acceptance paths for charter approval and for major changes. This is the foundation — everything that follows depends on it.

Months 4–6: operationalise risk

Move the risk register out of spreadsheets and into the live system. Define a small, consistent set of risk categories. Link risks to the schedule tasks they affect. Establish a regular cadence of risk review at project and portfolio level.

Months 7–9: reporting discipline

Set up automated project reviews on a defined cadence. Replace manual status decks with system-generated reports. Roll out the same format across all projects, so the board sees consistency rather than each PM’s interpretation of progress.

Months 10–12: portfolio thinking

Define one or two scoring criteria for new project ideas. Group active projects into portfolios. Surface portfolio-level financials and risk exposure to the leadership team. Each step in this sequence builds on the previous one: standardisation makes risk linkage possible, risk linkage makes reporting meaningful, and meaningful reporting makes portfolio decisions defensible.

Maturity is built by standards, not effort

The most useful insight from the COI findings is not that Polish IT is improving — it is that the improvement is concentrated in exactly the dimensions where systems and standards do the heavy lifting. Risk management improved most because organisations adopted structured risk practices. Reporting and governance improved because they became less ad-hoc. The dimensions that lagged are precisely the ones that depend on tool integration and consistent operating models.

Project management maturity is not a function of effort. It is a function of how much of the right behaviour the system makes automatic. FlexiProject is designed for that specific climb — comprehensive enough to cover the ten maturity dimensions, configurable enough to fit the organisation rather than the other way round, and integrated enough to remove the tool-fragmentation problem the COI study identifies as one of the dominant blockers.