Originally published March 15, 2005
Today, business managers are focusing on reporting data, auditors on accuracy and processes leading to reporting, and IT on implementing spot-fixes as required by the business teams led by the CFO’s office. What’s missing is still the opportunity to create an agile organization, not just a compliant one but one that is also competitively advantaged. As enlightenment to leverage compliance investments into competitive advantage stumbles into the business leaders’ consciousness, IT managers following our column will be prepared to lead.
Revitalizing IT is not just valuable for compliance, but also for competitive advantage. The rules and decisions on defining boundaries of decisions and actions create the foundation for an agile enterprise. In meeting compliance, most organizations have not reached back far enough to intercept factors influencing risks and averting them in time. Instead, they have focused on managing the reporting aspects of results.
In January, we embraced the reality of strict new regulatory requirements. In February, we introduced the Program Authenticated Scaled Synchronized Compliance Architecture (Compliance Architecture), which blends guidelines of the Compliance Objectives for IT, Six Sigma and Project Management methodologies to streamline the IT infrastructure to take advantage of new business intelligence tools. Phase I enabled planning and organization to support both compliance requirements and the enterprise strategic vision. Phase II progress can be measured across the same six areas, which are:
The Compliance Architecture, Phase II: Secure Resources and Tools to Acquire and Implement Compliance.
In this phase, you will secure resources to retool the enterprise to deliver compliance and competitive advantage. We will examine specific steps that build compliance and then enhance competitive advantage.
A: Enterprise Vision, Compliance Requirements and Success Factors.
Securing support and gaining concurrence of senior managers and top executives of the enterprise is the most important step for IT managers and CIOs. Visibility to the architects of your enterprise strategy will set the stage for a compliance mission to deliver competitive advantage. This is our opportunity to demonstrate how IT has evolved from being technology-centric to a powerful weapon in the enterprise arsenal.
Having completed Phase I, you are starting with a clear picture of the enterprise mission: KPIs, success factors, competitive goals, performance rules and a list of measurement criteria. Earn credibility by presenting a concise restatement of priorities. Lay the foundation to secure resources by elaborating on how IT tools can address enterprise compliance and competitive needs.
As an example, see figure 1 below. Emphasize the value and hierarchy of an IT plan existing in support of the Enterprise Strategic Plan, which also embodies compliance needs. Tie the value of the Enterprise IT Plan to delivering the enterprise mission and compliance. Specify business performance and measurement rules, and describe the system’s impact at a high level for the consumption of business executives.
Inform and dazzle with the power of new tools to revitalize the enterprise and meet compliance. Pick a critical success factor. An example might be a near real-time valuation of the loan portfolio for a financial institution. Faster data access, validation, analysis and dashboarding not only helps data collection and documentation for reporting needs, but it also provides a competitive advantage by making excess funds for investments available—an incremental earnings opportunity.
Summarized Enterprise vision aligned with IT deliverables and prioritized key performance indicators (KPIs): (a) Financial and performance targets, (b) Competitive criteria measurements, (c) Customer satisfaction measurement variables. Provide multiple choices of phased implementations so that alternatives lead to compliance and varied degrees of competitive advantage.
B: State of the Current Control Factors, Strengths and Shortfalls.
Under the enterprise mission to align policies and procedures with compliance requirements, IT plays a vital role. Although policies, procedures and rules for business performance, measurement and analysis have to originate in functional silos, IT is the implementation and optimization agent. Neither line of business nor IT can function without collaboration. Business managers can leverage powerful new options to respond faster based on facts and analysis. Simultaneously, IT needs to incorporate line-of-sight business success factors into the IT process from populating data models to storage and retrieval policies.
The business side needs to define what it needs and IT needs to provide technical enablement. They both need to partner to adapt.
Below, see figure 2. Anything short of effective collaboration will sub-optimize enterprise efficiency. None of the silos can operate at full capacity without full knowledge of IT tools. IT, in return, can neither scope nor set expectations, nor deliver on automating analysis and decisions without being an integral part of the functional area problem-solving process.
In phase I you identified gaps. In phase II, you move through acquiring resources and functional leaders (marketing, operations and finance) determine compliance and competitive needs.
C: Risk Assessment of Failures and Extent of Loss.
The fine tuning of risk targets is the key not just for compliance, but also competitive advantage. These rules for currency/finance, units/inventory, people and time/schedule should define risk boundaries to create a foundation for an agile enterprise. Most organizations have not reached deep enough to establish risk limits to avert them in time. Instead, they have focused on managing the reporting aspects of results.
Collaboration with business managers is the essential driver to identify and to capture requirements into IT tools. This gives the business users the ability to identify and rapidly respond to escalating risks.
D: Effectiveness of Control Activities in Meeting Compliance and Sustaining a Competitive Lead.
Implementing policies is a major collaborative opportunity for IT and business teams in meeting compliance and creating a competitive enterprise. Collectively, they need to enhance user skills and knowledge of tools that can improve efficiency, accuracy and the speed of implementing policies. Best practices include a variety of creative teamwork strategies to cross-pollinate IT and business users: formal training sessions; periodic lunch-time open-houses; executive training and cascade strategy; and transition support team. Substantial recognition for measurable progress in transition has proven a powerful motivator.
E: Quality of Information and Communications Processes.
The Data Warehousing Institute (TDWI) estimated that data quality problems cost U.S. businesses $600 billion each year. With heterogeneous systems and a non-standardized applications environment, data definitions are not equal. How do the systems handle quality when data is received, modified, stored, retrieved, integrated or deleted? How efficiently do systems tag, catalogue and update originating data, intermediate data and quality attributes at atomic data levels? Primary issues relate to diverse data format and sources. Barriers are typically no longer systems limitations. Tools to manage data transformations, extract shared formats and insert quality measures are offered by a variety of vendors. The business and IT teams need a shared view of end results to prioritize scope and plan implementation.
F: Monitoring Systems to Trigger Automated or Manual Alarms and Alerts.
As shown below in figure 3, discipline, precision and planning in identifying the acceptable values for each field can set target range and variance thresholds for alerts or alarms. Again, this task remains a collaborative, business and IT mission.
Integrated Six Sigma and Project Management Steps:
In developing the Compliance Architecture implementation methodology, we have found it valuable to integrate six sigma and project management measurements and tools. Each step and action should be tested against customer requirements and success criteria. Alternatives must be prioritized based on pre-defined targets
In our next article, Phase III of the The Compliance Architecture, we will address delivery and support. We hope you can see now, why most organizations meeting compliance have not optimized enterprise performance.
For feedback or questions, please contact Rajeev Rawat at RR@BIResults.com.