Main
Log in

Governance & Planning

Conclusion: The forthcoming General Data Protection Regulation (GDPR) is new legislation being introduced by the European Union, which does have ramifications for organisations worldwide.

Being new, there is still a lot to be learned about what exactly some of the specific requirements will mean in practice and how they will impact organisations in being able to show that they have understood and completely complied with the regulation.

When considering an organisation’s position and defensibility in terms of did they comply or not, organisations will need to develop an understanding on the specific requirements, and how exactly they have implemented “technical and organisational measures to show that they have considered and integrated data protection into their processing activities”1.

Register to read more...

Related Articles:

"Understanding GDPR requirements Part 4: Data portability" IBRS, 2018-06-01 04:21:44

"Understanding GDPR requirements – Part 3" IBRS, 2018-05-04 18:57:12

"Understanding GDPR requirements: Part 2" IBRS, 2018-03-31 07:03:46

Conclusion: Consolidating information systems after a MoG change or a company acquisition is not only risky but also likely to be expensive. The problem is compounded when the benefits expected from the merger are out of reach or, in the case of a company acquisition, the buyer has paid too much, and the stakeholders are demanding accountability.

To maximise the probability of a successful merger from a business systems perspective, do not take claims made of the ICT systems’ integrity at face value. Verify them and develop plans to integrate the systems where feasible, while minimising risks and retaining skilled IT and business professionals.

Register to read more...

Conclusion: While there was significant media attention on artificial intelligence and blockchain in 2017, the primary concerns of Australia’s CIOs remain focused on the more pressing issues of migration to the Cloud, and its impact on IT operations and staffing. Where discussions of artificial intelligence play a role is in automation processes and workforce transformation.

Register to read more...

Conclusion: Achieving the ability to comply with the new European General Data Protection Regulation is seen as a costly and burdensome overhead adding a new layer of complexity to how organisations will need to manage and secure Personally Identifiable Information (PII) records kept by them.

However, organisations should view the potential benefits of being able to use obtaining and maintaining the ability to comply with GDPR as an opportunity to justify investments in technologies, process improvements and people to deliver better overall outcomes for the organisation.

Rather than simply focusing on doing what is required to be able to comply, focus should be on using the opportunity to update tools and processes to improve organisational efficiencies, reduce costs, increase customer and employee loyalty, and improve productivity.

Register to read more...

Related Articles:

"GDPR – A European standard impacting Australian organisations" IBRS, 2017-04-04 03:01:53

"GDPR: Who needs a Data Protection Officer?" IBRS, 2017-09-02 02:16:34

"Understanding GDPR requirements Part 4: Data portability" IBRS, 2018-06-01 04:21:44

"Understanding GDPR requirements – Part 3" IBRS, 2018-05-04 18:57:12

"Understanding GDPR requirements: Part 2" IBRS, 2018-03-31 07:03:46

"Understanding General Data Protection Regulation requirements Part 1" IBRS, 2018-03-06 06:57:37

Conclusion: AI includes a very broad range of technologies being applied in virtually all industries. AI is being used in new stand-alone services like real-time language translation1 or extensions of existing common IT applications such as the increasing use of chatbots in contact centres or recommendation engines in digital marketing.

This means that the use of AI in both IT and operational technologies2 (OT) requires C-level attention.

Business leaders will need to convert recent global interest and agreements in AI safety and ethics into AI governance guidelines in the exercise of their triple bottom line responsibilities (for profit, social responsibility and sustainability).

Register to read more...

Conclusion: Business and IT professionals struggle with how to frame their message so it engages the reader and has immediate impact. To get the reader’s attention, it is important to pose a business problem, or an unacceptable situation that is pre-occupying the reader, and provide a solution on the same page.

Register to read more...

Conclusion: Organisations know that they have legal obligations in terms of record retention and privacy. The foundation of good information management governance is an effective record retention schedule (RRS). Organisations need to regularly review and audit their RRS not only in terms of it being current, but also in terms of it being effective and being complied with.

An effective schedule is one that is being complied with, is easy to understand, meets all legal and regulatory requirements and allows for effective record discovery or e-discovery if required.

Effective management of records is an organisational issue, not an IT issue. IT makes a contribution in provisioning solutions to assist in the management of digital records or helping convert non-digital records into digital records as appropriate. IT also needs to determine the best practices for managing data based on its value rather than its volume.1

Register to read more...

Conclusion: Organisations are under pressure – pressure to keep limited budgets in check and pressure to deliver more in short time frames. Full time headcount is down and a significant amount of the work undertaken by organisations is project based. This has driven many recruitment practices including the engagement of skilled professionals to deliver on those projects. Induction processes are limited as this is seen as an overhead when it is critical to focus on the desired outcomes. As a result, organisations are limiting their resource pool and the benefit that experience in other sectors can bring. In addition, there is limited focus on what longer-term contribution or skills transfer can be provided for the broader workforce as they transform towards a digital workforce. Unless recruitment and resource management practices change, staff and skills shortages will continue to dominate the CIO risk list.

Register to read more...

Conclusion: Most organisations do not know the extent of shadow or departmental IT. It is likely to range from using complex SaaS (Software-as-a-Service) solutions for core business systems to use of spreadsheets for simple applications, such as managing grants for local sporting organisations.

Unless there is a filter to assess requests for and identify non-compliant software, e. g. with inadequate security processes or using unapproved technical architecture, management conflicts are inevitable.

Register to read more...

Conclusion: The range of channel and customer engagement tools needs thorough and continuous evaluation. There are two challenges to this objective. Firstly, the initial impediment is to gather data from various sources. The second problem is to apply a coherent and durable methodology to all of it.

The greater complexity of technologies and increased channel support means organisations must have a path to understand how their technologies perform. The most common assessment of return on investment can be applied to all data sets but it lacks sophistication. Developing a use-case will help establish a secure methodology which will make clearer the real value of customer satisfaction.

Register to read more...

In the News

Outdated work from home policies bog down Aussie businesses - Computer Reseller News - 6 April 2020

IBRS analyst Dr. Joseph Sweeney provides best practice-advice on working from home in the current pandemic situation. Dr. Joseph Sweeney discusses current working from home policies which are...
Read More...

Centrelink crashes under demand for crisis payments - Australian Financial Review - 23 march 2020

IBRS workforce transformation advisor Joseph Sweeney said many government departments had to navigate difficult IT environments that were only part-way through their digital transformations, with...
Read More...

Inside EY's security work at ANZ - Australian Financial Review - 3 March 2020

"There is more security work to go round than there are resources. So I don't think the market is that crowded. It's important to remember that security is not something you buy and then it's done;...
Read More...

Google cloud boss looks to AI as it fights Amazon, Microsoft duopoly - Australian Financial Review - 2 March 2020

IBRS analyst Joe Sweeney has been tracking the three major Cloud vendors capabilities in AI and said Google is right to believe it has an edge over AWS and Microsoft when it comes to corpus (the...
Read More...

What should be in Australia’s next cyber security strategy? - Computer Weekly - 10 Feb 2020

Peter Sandilands, an advisor at analyst firm IBRS, called the discussion paper “a pre-judged survey” that is mostly looking for answers. He also questioned if the resulting recommendations would be...
Read More...

Subscribe to IBRS Updates

Invalid Input
Invalid Input
Please enter a valid email address
Please enter your mobile phone number
Invalid Input

Get in-context advice from our experts about your most pressing issues or areas of interest

Make an Inquiry

Sitemap