re: Do you have any bad “sunk cost fallacy” stories? VIEW POST


I'm in the middle of one. Won't give many details because, well, I'm in the middle of it.

I'm working as an infosec consultant, and our current client is a major bank with really big important regulations that basically mandate that they have records of every time someone gains effective access in one of the many applications they use in-house. In addition, they need to investigate any instances where the person gains access without a recorded request for that access and subsequent approval from both their manager and the application owner.

We're currently working on a very big software deployment for them, that automates a lot of things related to access, and can also completely handle those regulations I just mentioned. However, when pitching this to them, they decided that they wanted an external application made from scratch that reconciles new access. The reason? In the past, they paid a different consulting firm to make an external application to do that. It didn't work, and they just internalized the idea of "we need a specially made software to do this".

We weren't able to convince them to just roll it into the main project, so I spent a few months making that new app from scratch. It works, but now that we're finally starting to move out of the requirements phase for the new project, they're realizing that they made a huge mistake and are now paying us two times for the same thing.

code of conduct - report abuse