 |
 |
“We cannot hold a torch to light another's path without brightening our own.”—Ben Sweetland
Whether you are a C-level executive who gets the picture, that IT investments can revitalize the enterprise, or a compliance project manager who can see the potential for enterprise gain, how do you secure compliance funding to deliver competitive advantage? How do you earn buy-in and sponsorship? Educate.
Educate by developing an enterprise action plan that illuminates:
- the inextricable and intertwined nature of current business and IT initiatives,
- how a strategic approach can leverage already committed projects into compliance and competitive advantage, and
- the new technology tools that are available to support and revitalize the enterprise.
Our objective is to strategically streamline the enterprise infrastructure to deliver results that provide:
- the agility to adapt to future changes for compliance and competitive advantage,
- granular data and analysis across the enterprise data assets,
- role-based access to authorized users for specific elements of the data, and
- the securing of digital assets to satisfy regulatory guidelines for access and retention.
The goal is to secure sponsorship and funding, and earn credibility for collaboration based on the benefit to the enterprise.
Business executives know that compliance is mandatory, and failure catastrophic. However, they do not envision it as a massive ongoing, strategic integration effort. They see compliance as an expensive tactical problem and are forfeiting the advantage these investments create to gain a competitive edge.
Relationship Between Business and IT Strategic Plans
The following figure is a top-level summary of how IT supports the enterprise strategic plans:
Reinforce how inextricably IT is intertwined with strategic and operational aspects of the enterprise by tying what the individual chiefs for marketing, supply chain, demand chain, operations, etc. already know. Which systems need fixes to improve key-performance-indices and when those improvements will be complete. They are thoroughly schooled in competitive strategies, business procedures and policies, rules and controls. Operational excellence and functional performance targets dominate mind share. New compliance requirements arising from risks created by technical innovations (identity theft, illegal use of confidential information), which do not generate new revenue, may not be high on their agenda.
This top-level connection reinforces that collaborative initiatives to fix business goals that are already under way. Funding and collaboration for improvement projects are in motion. You must show specifically which improvements (security, data quality, warehousing, analysis, reporting) are planned, and how they will impact the various line of business functions. What is the content of the next three years’ Enterprise Strategy enhancement plan and how the IT Plan supports it? What’s the level of current funding commitment? This establishes the foundation to justify a strategic evaluation of compliance needs and IT’s significant role.
Compliance Impact on Business Performance
You need to overlay how a strategic view of compliance needs can impact overall enterprise effectiveness. You must also show which incremental investments in compliance can improve business performance.
Typically, in operational silos, annual performance targets and success criteria do not include new compliance requirements as critical deliverables. Yet some compliance requirements, which can enhance business performance, may provide significant competitive advantages for financial reporting, customer retention, product spoilage etc.
For example, faster reporting of accurate financial reports mandated by Sarbanes Oxley (SOX) will upgrade IT infrastructure that enhances business performance. Specifically, the number of general ledger and financial analysis software packages will be consolidated, integrated and streamlined across the enterprise. This will enable more granular analysis, and sharper and speedier assessments of opportunities and losses. Similarly, role-based access to data mandated by HIPAA to protect patient confidentiality from abuse by employers or insurance companies will also restrict potential for illegal use by employees.
Proactively integrating compliance and competitive requirements in the strategic planning process can be a differentiating factor in enterprise performance. When IT provides this link, it becomes a strategic pillar of the enterprise. Compliance is just such an opportunity that bridges business and IT.
Business Education for New Tools
Educate the business teams on new tools, which can improve business decisions: help frame business rules based on measuring and inspecting the right metrics, faster and in more detail.
Tier I: Get the Data Right
The importance of collecting the right data to process for regulatory responses is well understood. If the right data is not collected, how can reporting satisfy the law? Why does content under the same label arising from disparate sources need to be uniquely defined throughout the enterprise? Detailed granular data is essential for analysis and accurate reporting.
Describe what major data quality challenges the enterprise faces today for gathering the right data: authentication, integration, security, aggregation and error reconciliation. What is the cost of lost opportunity?
What are the best practices in the industry: How does your main competitor rate? How can you close the gap or sustain the lead?
What new tools and functionality are available? Is the best-of-breed solution compatible with your systems environment? What is the best-fit solution; what steps are necessary to qualify possible offerings? How much time, the need for a Proof of Concept (POC) or how much cost?
Tier II: Profile Usage
In order to flag conditions that involve legal requirements, the systems controls and policies must be able to recognize and trigger error alerts when the rules are breeched. Establish, as examples, when such conditions occur in reporting. Examples might be significant variance of profit for EMEA (region) for an ASIC (particular product), or excessive failure rate spike for a thermostat in an SUV, or unusually long access of patient files from a medical staff and subsequent exporting to an Excel file.
This is a disciplined and methodical construction of an agile and alert infrastructure. Alternative methods can address what’s optimal for cost, performance and skills of the enterprise.
Tier III: Build the Futuristic Vision
Illustrate the future of improved decision support systems and impact on business dynamics. These should include: Access to new markets, delighting clients by tailored offerings, lower costs by refining production to meet demand, improved margins by delivering higher margin offerings before competition can, increased loyalty of employees by tailored career paths, lower supplier costs by sharing infrastructure and KPIs, shorter development cycles based on use of new tools and technology. Build your vision as a feasibility statement not a scheduled deliverable. Illuminate the future.
Tier IV: Extract Value From Historical Assets
Extract value from data in the enterprise for current value—historical perspective. Already, retention of records is a compliance requirement. Since the enterprises already holds treasure troves of (data) riches in the form of historical details on clients, markets, customers, suppliers and employees, use these for more than just archives. Many previously locked vaults can now be accessed by new tools, which drill through dissimilar data warehouses and heterogeneous storage media. Enlighten the team on how new analytical tools can enable or improve operations—CRM, ERP, Supply Chain, General Ledger and Human Resources.
Summary
Business executives are investing to spot-fix compliance. Educate them to establish a strategic perspective on these investments, which build compliance and deliver competitive advantage. The objective is to gain sponsorship and secure funding.
- Share the inextricable nature of the business and IT relationship.
- Overlay and show how compliance fixes can enhance business performance.
- Educate the business on the power of new IT tools.
Let education on mandatory compliance and IT capabilities fuel the ignition to unleash the power of collaboration.
We have advocated that IT teams employ tools and frameworks to measure progress; communications and management processes (project management), quality tools (Six Sigma) for measurement and COSO and CobIT for IT compliance guidelines. Good management and clear success criteria are not just prudent practices, they are necessary for sustained success.
For questions, comments, or observations in support or contrast to this article, please contact Rajeev Rawat at rr@biresults.com.
Recent articles by Rajeev Rawat
- Is a Data Warehouse Appliance Right for You?
- Compliance: A Critical Strategy for Success
- Compliance for the Agile Enterprise
Rajeev founded BI Results, LLC in 2003 and serves as the CEO. BI Results is focused on leveraging compliance investments into operational efficiency. Until 2003, Rajeev led IBM’s emerging business opportunity team which laid the foundation for IBM’s configured solutions.
Comprehensive resources for business intelligence and data warehousing professionals.
NETWORK WEBSITES:
BeyeSURVEY | BeyeSEARCH | BeyeBLOGS | BeyeRESEARCH | TDAN.com | BeyeNETWORK
Press Releases | About Us | Contact Us | Site Map | Privacy Policy | Media Kit
Copyright 2004 — 2008. Powell Media LLC. All rights reserved.
Business Intelligence Network™ is a trademark of Powell Media, LLC