3gamma insights - ideas in brief - creating a solid foundation through cost-effective risk...
TRANSCRIPT
3gamma Insights: Creating a solid foundation through cost-effective risk
management
Ideas in brief
Jens Ekberg, Director Head of Group Insights
2
Embedding risk management within IT to deliver
business value while maintaining compliance
IT organisations are subject to a wide range of rules and regulations that mandate control over information, technology and processes. This drives significant costs and undermines the ability to deliver on already stretched targets.
Regardless of good intent, external rules tend to be interpreted overzealously and become over-engineered. Companies should include internal control in
all initiatives and not view it as discrete a one-off event
Insight and transparency enable decision-making, evaluation and acceptance of risk-levels. The risk management process needs to be embedded in the transformation initiative and not run in parallel
Companies should approach implementation through an iterative approach
and continuously improve. This approach will reduce cost, allow for better allocation of scarce IT resources and ultimately lay the foundation for more effective IT delivery processes.
3gamma Insights: Idea in brief
3
The commitment risk – When IT outsourcing
exposes shadow processes and loyal heroes
Shadow processes are often an integral part of IT delivery. Without them the quality of the IT services would deteriorate. But what happens with these shadow processes in an outsourcing project?
Loyal and committed people are at the heart of a high-performing IT organisation. In big changes, such as IT outsourcing, this commitment may become a significant risk
Due diligence processes seldom reveal shadow processes and activities. For vendors, it’s easy to make a very attractive offer. Outsourcers need to pay meticulous attention to this and implement countermeasures in the planning and preparation phases
The process of scoping services needs to be based on relevant hard data. The key to a successful IT sourcing initiative is a clear understanding of the baseline. It is needed to establish a realistic business case and managing the transition project with care
Shadow processes can be mitigated if loyal heroes are made aware of the importance of documentation and process-orientation
3gamma Insights: Idea in brief
4
Staying in control over an outsourced delivery
An outsourced delivery of a function, process or portion of work can be an attractive solution for many reasons. There are benefits to be gained but also risks involved that need to be proactively managed.
Both informal and formal governance are needed to manage IT outsourcing risks during the outsourcing life-cycle
Organisations should use an inclusive, holistic approach to ensure that different organisational needs are met and requisite stakeholders are involved
Proactive measures for early risk management are key to IT outsourcing success
By realising that an outsourcing agreement is an ongoing and changing relationship and by working proactively with stakeholders, an organisation can
proactively manage risks that may occur due to the loss of control. Such measures are imperative in securing the success of an outsourced delivery
Contact: Tove Flodgren-Isaksson, Managing Director at Fondia Sweden
3gamma Insights: Guest point of view by Fondia
5
Using governance, risk and compliance (GRC)
systems to deliver business benefits
Outdated and hard to maintain spreadsheets are piling up and the business is left without proper control.
Organisations need an efficient and effective way of maintaining control. GRC systems provide an integrated view of the governance, risk and compliance related to business processes
It enables a move from fragmented data collection to asking critical questions
once, hence reducing impact on business
It reduces cost and complexity while increasing the likelihood of effective and efficient collaboration
It replaces overlapping reporting with integrated reporting
Being able to manage GRC challenges in a transparent and cost-effective way
while avoiding bureaucracy, process lock-down can become a competitive advantage.
Contact: Alex Hofmann, GRC Technology Service Leader at Transcendent Group
3gamma Insights: Guest point of view by Transcendent Group
6
Risky business! There's a time for playing it safe
and a time for risky business
Embedding risk management as an integral part of the project framework is an essential and fundamental part of any project, programme or portfolio as a way of keeping costs down, benefits high, and increasing the probability of successful delivery
The ability to effectively manage project risks is in direct correlation with tangible business benefits: fewer delays, cost-overruns and improved return
on investment
Classifying risks and understanding their potential impact is key to devising the right risk management strategy
Project managers need several tools for risk management across the project life-cycle
Proper risk management reduces the number of risks that materialise and
minimises the effect of those that do occur. To secure successful delivery, risk must be appropriately managed. Risk management also results in more opportunities being captured proactively and turned into positive benefits for the project
3gamma Insights: Idea in briefRisk and cost correlation of the project life-cycle
Risk management strategies need to be adapted to business needs