Tuesday, July 28, 2009

I disagree end-2-end process improvment is not over rated

An interesting topic in the BPM group; end-2-end process improvement is over rated compared to optimization.

Sustainability of an enterprise requires ongoing continuous improvements. The enterprise must be engaged in making continuous simple common sense improvements and refinements to critical end-2-end business processes. End-2-end process improvement provides worth to the process steps along the way that may use and/or produce intermediate goods, services and information to reach the primary end.

Optimization will adjust processes to maximize efficiency and/or minimize cost within some specified set of boundaries, creating risk that the value stream will be compromised. Optimization is not without its merit. One would have to ask how will optimizing a process change the shape the enterprise as a whole and is there alignment with the overarching enterprise strategy?

End-2-end process improvement in my professional opinion is not over rated. Constantly improving end-2-end processes supports the strategy of the enterprise for constant improvement and sustainability.

Wednesday, July 22, 2009

BPManagement has a learning curve with clients

In the BPM groups today I noticed a trend in discussions… the lack of understanding from clients the importance of enterprise strategy in defining processes and how strategy designed processes create value for the customer and reduce cost and effectively manage risk.

We are brought in to fix something that is broken, without the goals and objectives of the enterprise we end up wrapping duck tape around a still broken process. As professionals it is our responsibility to not only design good processes that are based on corporate goals and objectives to improve performance, we also shape strategies that guide their purchases. In order to be successful we have the professional responsibility to educate our clients on the recursive relationship between processes aligned with enterprise strategy and the success of the organization. Let me take a few steps backwards. During the sales presentation we need to communicate not just the benefits of Business Process Re-engineering & Management but the real ROI is with by-in at every level. As a result the first task would be to meet with senior management collectively to introduce the goals and objective of the BP task. From there you have the opportunity to meet individually with all managers, allowing you to capture strategy at the level of executive and below. As you develop your models show them off, show them to the managers, IT architects and senior staff. Let them see how the strategy is being tied at every level in organization. This is like a JAD session for process improvement.

Now if there is not an enterprise strategy and everyone is clueless, bow out gracefully.

Tuesday, July 7, 2009

Governance and Control

Stephanie Quick

Much of what I do is analysis of an organization’s intelligence with a real focus on how performance is associated with IT. At a number of client sites I have noticed the lack of controls for information security, data integrity and IT purchases aligned with goals and objectives putting my client at risk. There have been client sites where best practices have been in use and where evident from the start of our work. A framework of best practices for managing and protecting information, assets and subsequent acquisitions is effective management of risk and controlling costs.

One such framework is Control Objectives for Information and related Technology practices, also known as COBIT or COBiT, a framework of best practices for IT management that has been around since 1996. COBIT provides a set of generally accepted measures, indicators, processes and best practices to assist management in maximizing the benefits derived through the use of information technology while developing appropriate IT governance and controls.

COBIT was developed 13 years ago and its framework for control and protection of information is critical in managing IT in 2009. Year 2000 also known as Y2K raised the red flag on data integrity while HIPPA and The Sarbanes-Oxley Act of 2002 alerted us to the protection of information. Such regulations mandate strong internal controls and protection of information and assets worldwide. As the sharing of information has become and will continue to be global and the use of IT becomes more sophisticated so does the problematical nature of information security.

As we continue to move forward in the development and use of IT in business, organizations need to reach into the past for the implementation of best practices for understanding IT systems and deciding the level of security and control that is necessary to protect their assets, through the development of an IT governance model. COBIT control objectives are categorized in four domains:

• Planning and Organization,
• Acquisition and Implementation,
• Delivery and Support, and
• Monitoring and Evaluation.

Organizations benefit from utilizing COBIT because it offers a foundation on which IT related decisions and investments can be based. Decisions are more aligned with the organization’s goals and objectives because there is a framework of best practices for defining a strategic IT plan, defining the information architecture and the acquisition of the necessary hardware and software to implement the strategy; processes for ensuring uninterrupted services and the ability to monitor the systems performance.