Compliance for the Agile Enterprise

Originally published March 15, 2005

Today, business managers are focusing on reporting data, auditors on accuracy and processes leading to reporting, and IT on implementing spot-fixes as required by the business teams led by the CFO’s office. What’s missing is still the opportunity to create an agile organization, not just a compliant one but one that is also competitively advantaged. As enlightenment to leverage compliance investments into competitive advantage stumbles into the business leaders’ consciousness, IT managers following our column will be prepared to lead.

Revitalizing IT is not just valuable for compliance, but also for competitive advantage. The rules and decisions on defining boundaries of decisions and actions create the foundation for an agile enterprise. In meeting compliance, most organizations have not reached back far enough to intercept factors influencing risks and averting them in time. Instead, they have focused on managing the reporting aspects of results.

In January, we embraced the reality of strict new regulatory requirements. In February, we introduced the Program Authenticated Scaled Synchronized Compliance Architecture (Compliance Architecture), which blends guidelines of the Compliance Objectives for IT, Six Sigma and Project Management methodologies to streamline the IT infrastructure to take advantage of new business intelligence tools. Phase I enabled planning and organization to support both compliance requirements and the enterprise strategic vision. Phase II progress can be measured across the same six areas, which are:

  • Enterprise vision, compliance requirements and success factors;
  • State of the current control factors, strengths and shortfalls;
  • Risk assessment of failures and extent of loss;
  • Effectiveness of control activities in meeting compliance and sustaining a competitive lead;
  • Quality of information and communications processes; and
  • Monitoring systems to trigger automated or manual alarms and alerts.

The Compliance Architecture, Phase II: Secure Resources and Tools to Acquire and Implement Compliance.

In this phase, you will secure resources to retool the enterprise to deliver compliance and competitive advantage. We will examine specific steps that build compliance and then enhance competitive advantage.

A: Enterprise Vision, Compliance Requirements and Success Factors.

Securing support and gaining concurrence of senior managers and top executives of the enterprise is the most important step for IT managers and CIOs. Visibility to the architects of your enterprise strategy will set the stage for a compliance mission to deliver competitive advantage. This is our opportunity to demonstrate how IT has evolved from being technology-centric to a powerful weapon in the enterprise arsenal.

Having completed Phase I, you are starting with a clear picture of the enterprise mission: KPIs, success factors, competitive goals, performance rules and a list of measurement criteria. Earn credibility by presenting a concise restatement of priorities. Lay the foundation to secure resources by elaborating on how IT tools can address enterprise compliance and competitive needs.  

As an example, see figure 1 below. Emphasize the value and hierarchy of an IT plan existing in support of the Enterprise Strategic Plan, which also embodies compliance needs. Tie the value of the Enterprise IT Plan to delivering the enterprise mission and compliance. Specify business performance and measurement rules, and describe the system’s impact at a high level for the consumption of business executives.

Inform and dazzle with the power of new tools to revitalize the enterprise and meet compliance. Pick a critical success factor. An example might be a near real-time valuation of the loan portfolio for a financial institution. Faster data access, validation, analysis and dashboarding not only helps data collection and documentation for reporting needs, but it also provides a competitive advantage by making excess funds for investments available—an incremental earnings opportunity.

 

Deliverable:

Summarized Enterprise vision aligned with IT deliverables and prioritized key performance indicators (KPIs): (a) Financial and performance targets, (b) Competitive criteria measurements, (c) Customer satisfaction measurement variables. Provide multiple choices of phased implementations so that alternatives lead to compliance and varied degrees of competitive advantage.

Desired Result:

  • Executives concur with your statement of enterprise priorities and support it.
  • Either one of the alternatives or a modification is approved for implementation (funding, and resources schedule).

B: State of the Current Control Factors, Strengths and Shortfalls.

Under the enterprise mission to align policies and procedures with compliance requirements, IT plays a vital role. Although policies, procedures and rules for business performance, measurement and analysis have to originate in functional silos, IT is the implementation and optimization agent. Neither line of business nor IT can function without collaboration. Business managers can leverage powerful new options to respond faster based on facts and analysis. Simultaneously, IT needs to incorporate line-of-sight business success factors into the IT process from populating data models to storage and retrieval policies.

The business side needs to define what it needs and IT needs to provide technical enablement. They both need to partner to adapt.

Below, see figure 2. Anything short of effective collaboration will sub-optimize enterprise efficiency. None of the silos can operate at full capacity without full knowledge of IT tools. IT, in return, can neither scope nor set expectations, nor deliver on automating analysis and decisions without being an integral part of the functional area problem-solving process.

 

In phase I you identified gaps. In phase II, you move through acquiring resources and functional leaders (marketing, operations and finance) determine compliance and competitive needs.

Deliverable:

  • Project plan identifying subject matter experts to update and define compliance requirements identified in phase I.
  • Sign off: CIO, COO and CFO.

Desired Result:

  • Scope of project is fully comprehended by COO, CFO and CIO.
  • Interdependencies of funding and resources on scope and schedule are fully articulated and understood.
  • Resources are allocated in support of the project-plan.

C: Risk Assessment of Failures and Extent of Loss.

The fine tuning of risk targets is the key not just for compliance, but also competitive advantage. These rules for currency/finance, units/inventory, people and time/schedule should define risk boundaries to create a foundation for an agile enterprise. Most organizations have not reached deep enough to establish risk limits to avert them in time. Instead, they have focused on managing the reporting aspects of results.

Collaboration with business managers is the essential driver to identify and to capture requirements into IT tools. This gives the business users the ability to identify and rapidly respond to escalating risks.

 

Deliverable:

  • Defining strategic and tactical rules and boundaries for: financial data (earnings, profits and receivables); inventory (on hand, POS and in-bound); people (skills, turnover and staffing level); time (scheduled product releases and major milestones).
  • Sign off: legal counsel, CIO, COO and CFO.

Desired Result:

  • Scope of project is fully comprehended by COO, CFO and CIO.
  • Interdependencies of funding and resources on scope and schedule are fully articulated and understood.
  • Resources are allocated in support of the project plan.

D: Effectiveness of Control Activities in Meeting Compliance and Sustaining a Competitive Lead.

Implementing policies is a major collaborative opportunity for IT and business teams in meeting compliance and creating a competitive enterprise. Collectively, they need to enhance user skills and knowledge of tools that can improve efficiency, accuracy and the speed of implementing policies. Best practices include a variety of creative teamwork strategies to cross-pollinate IT and business users: formal training sessions; periodic lunch-time open-houses; executive training and cascade strategy; and transition support team. Substantial recognition for measurable progress in transition has proven a powerful motivator.

Deliverable:

  • Plan for implementing tools and skills to meet compliance and competition.
  • Sign off: CIO, COO and CFO.

Desired Result:

  • Scope of project is fully comprehended by COO, CFO and CIO.
  • Interdependencies of funding and resources on scope and schedule are fully articulated and understood.
  • Resources are allocated in support of the project plan.

E: Quality of Information and Communications Processes.

The Data Warehousing Institute (TDWI) estimated that data quality problems cost U.S. businesses $600 billion each year. With heterogeneous systems and a non-standardized applications environment, data definitions are not equal. How do the systems handle quality when data is received, modified, stored, retrieved, integrated or deleted? How efficiently do systems tag, catalogue and update originating data, intermediate data and quality attributes at atomic data levels? Primary issues relate to diverse data format and sources. Barriers are typically no longer systems limitations. Tools to manage data transformations, extract shared formats and insert quality measures are offered by a variety of vendors. The business and IT teams need a shared view of end results to prioritize scope and plan implementation.

Deliverable:

  • A plan for building enterprise data quality.
  • Sign off: CIO/CTO, COO and CFO.

Desired Result:

  • Resources are allocated in support of the project plan.

F: Monitoring Systems to Trigger Automated or Manual Alarms and Alerts.

As shown below in figure 3, discipline, precision and planning in identifying the acceptable values for each field can set target range and variance thresholds for alerts or alarms. Again, this task remains a collaborative, business and IT mission.

Deliverable:

  • Plan to identify critical success factors and setting thresholds for alerts and alarms.
  • Sign off: CIO/CTO, COO and CFO.

Desired Result:

  • Resources are allocated in support of the project plan.

Integrated Six Sigma and Project Management Steps:

In developing the Compliance Architecture implementation methodology, we have found it valuable to integrate six sigma and project management measurements and tools. Each step and action should be tested against customer requirements and success criteria. Alternatives must be prioritized based on pre-defined targets

In our next article, Phase III of the The Compliance Architecture, we will address delivery and support. We hope you can see now, why most organizations meeting compliance have not optimized enterprise performance.

For feedback or questions, please contact Rajeev Rawat at RR@BIResults.com.

To read the first two articles in the series, please click here--Retooling IT for Compliance, and Compliance Architecture for Competitive Advantage.

  • Claudia ImhoffClaudia Imhoff
    A thought leader, visionary, and practitioner, Claudia Imhoff, Ph.D., is an internationally recognized expert on analytics, business intelligence, and the architectures to support these initiatives. Dr. Imhoff has co-authored five books on these subjects and writes articles (totaling more than 150) for technical and business magazines.

    She is also the Founder of the Boulder BI Brain Trust, a consortium of independent analysts and consultants (www.BBBT.us). You can follow them on Twitter at #BBBT

    Editor's Note:
    More articles and resources are available in Claudia's BeyeNETWORK Expert Channel. Be sure to visit today!

     

  • Rajeev Rawat

    Rajeev founded BI Results, LLC in 2003 and serves as the CEO. BI Results is focused on leveraging compliance investments into operational efficiency. Until 2003, Rajeev led IBM’s emerging business opportunity team which laid the foundation for IBM’s configured solutions.

Recent articles by Claudia Imhoff, Rajeev Rawat

 

Comments

Want to post a comment? Login or become a member today!

Be the first to comment!