Conclusion: In August 2020, IBRS ran a roundtable on the issue of Microsoft Support service, and specifically options for obtaining services in the most effective manner. 

The replacement of Microsoft's traditional Premier Support programs for its Unified Support program is well underway. For many organisations, the new program is a strong fit, offering a wide range of services and unlimited reactive support inquiries for a fee that is directly proportional to their Microsoft software and platform investment.  

However, for others, the program is not an ideal or cost-effective fit. During the roundtable, 16 peers shared their stories of how they have approached Microsoft support in the new era and a set of practical recommendations was developed. 

Read more ...

Conclusion: Estimating the workdays for an agile- or waterfall-based IT project is not a simple task. However, with effort and a disciplined people-focused approach, it can be turned from an art into, as close as possible, a science.

When the effort is made, management will become more comfortable with the resources needed to complete projects and avoid the unpleasant task of asking for more resources than expected due to flawed estimating.

Read more ...

Conclusion: The massive shift to working from home since the start of the COVID-19 pandemic has led to upsides for employees: more flexibility, no commute and greater productivity. Many executives have been publicly extolling the virtues of remote working. However, a number of management, cultural and work design issues are now starting to emerge. Organisations need to review their current workplace design and practices and prepare for a hybrid home-office workplace post-pandemic.

Read more ...

Conclusion: The COVID-19 pandemic has resulted in prolonged lockdowns and quarantines, limiting economic activity and resulting in closure of businesses and many people losing their jobs. Various institutions around the world are unanimous in predicting that a recession is on its way, if not already here. Unless a vaccine is developed in the immediate future, the uncertainty will continue to rise in the days and months to come. However, businesses can turn this situation into an opportunity to examine their current operations.

A review of the events of the recent global recession – the global financial crisis of 2007–2008 – reveals that six recession-seeded trends, when acted upon promptly, provided business advantage. Although the trends for the anticipated COVID-19-led recession are still to be established, CIOs can benefit from re-examining the lessons of the past recessions and exploring a recession’s potential to deliver organisational efficiencies and savings. The outcome may be selective adoption of technology or deferral of projects, but the potency of these trends cannot be ignored.

Read more ...

Conclusion: To respond to the digital world challenges, many organisations are transforming their operations to multi-Cloud to reduce cost, improve service efficiency and contain business risks. As a result, the multi-Cloud availability has become a critical success factor. In some cases, multi-Cloud complex architecture weaknesses have resulted in service outages and allowed ransomware attacks to severely impact business operations. The new generation ITSM tools provide effective backup and recovery facilities that are worth investigation to mitigate multi-Cloud exposures to failure.

Read more ...

Conclusion: For the last two decades, the market for ruggedised computing has been led by emergency, policing and military needs. The advent of lower-cost wireless networking, 4G and now 5G has prompted a sharp rise in field workers using devices and mobile-ready solutions to streamline operations. Unfortunately, legacy thinking about the type of devices to be used has prevailed: either staff get consumer devices (iOS or Android) or military-spec ruggedised devices.

There is an opportunity to rethink this polarised view of devices. Rather than seeing devices as either consumer or rugged, it is better to view devices on a spectrum of needs, including ruggedness, based on the work contexts in which they will be used.

Read more ...

Conclusion: Identity and access management is a crucial component of an organisation’s security posture. At its most basic, it is how an organisation determines whether an individual can access resources or not. In today’s world, it is also becoming the basis of how applications first identify then communicate with each other.

Assurance of identity is the cornerstone of managing access to information. An organisation must be confident in that assurance. One method of bolstering the strength of that assurance could be the deployment of multi-factor authentication – at a minimum to privileged users, but ideally to all users of the services and applications whether those users are staff or not.

As organisations move from office-bound networks to distributed workforces combined with Cloud-based Software-as-a-Service (SaaS) applications, identity will evolve to be almost the sole element used to assess and grant access. Identity is certainly a central element of zero trust environments.

Read more ...

Conclusion: The need to see value from an enterprise architecture (EA) framework is essential, if for no other reason than to justify the cost. However, the business benefit of EA is not just the cost. It will also provide reduced risk and improved agility for the business in its use of ICT.

Many organisations struggle with how success or failure of EA should be measured. This paper provides the reader with guidance and advice on what to measure EA against and how that measurement could be presented as a key performance indicator (KPI).

In establishing KPIs for the EA framework your organisation has adopted, both business and ICT will jointly have a better understanding of the value EA brings to the enterprise, and be able to provide governance on the continuous improvement of your EA framework to achieve even better value.

Read more ...

IBRSiQ is a database of client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion: This month has seen a rise in mid-high level IT management appointments and departures. These types of shifts are especially prominent in times of change and uncertainty when companies search for staff to provide new skills, experiences to support critical IT and business operations. With an impetus to expedite digital transformation and other projects, companies must focus on increased standards for selecting, deploying and managing infrastructure and highly skilled professionals to implement plans. Vendors must be prepared to support customers when leaders with different priorities or focused on streamlining and enhancing business operations are brought in.

Read more ...

Conclusion: The Digital Ready Workforce Maturity Model serves as a tool to help organisations measure the digital readiness of their workforce. It provides the baseline for organisations. This insight then informs strategic planning, policies and capability development priorities for organisations to guide and subsequently monitor maturity and capability.

Read more ...

Background: The federal government has finally unveiled its cyber security strategy. The Australia’s Cyber Security Strategy 2020, released on 6th August will see $1.67 billion invested in a number of already-known initiatives aimed at enhancing Australia's cyber security over the next decade. IBRS provides their key takeaways from the strategy.


Most of the funding for the Strategy 2020 is from July’s announced $1.35 billion cyber enhanced situational awareness and response (CESAR) package much of the Strategy details will be contained in legislation to be put before parliament.

Read more ...

Conclusion: This month, the first anchor tenant signed up to the new Sydney Innovation and Technology Precinct. The NSW Government first announced plans for the Tech Central precinct, located in Sydney’s CBD, in 2018. The precinct is expected to provide 50,000 square metres of space for startup and scale-up businesses and promote industry expansion, innovation and collaboration. These types of initiatives are critical to stimulating the ICT service industry, and ensuring the ongoing development of offerings and delivery models that shift quickly and are sensitive to external influences, such as new technologies or the pandemic. The Tech Central precinct is expected to facilitate the evolution of the industry in Australia and allow for high quality and advanced products and services that customers demand, and vendors require to remain relevant in a highly competitive environment.

Read more ...

Conclusion: The traditional IT service management (ITSM) tools have allowed IT organisations to automate key IT processes (e. g. incident management), promote service management disciplines and meet service levels in the majority of cases. However, they were not designed for multi-Cloud management. The new generation ITSM tools address the essential multi-Cloud requirements by offering:

  • Asset discovery
  • Performance management
  • Multi-platform Cloud cost forecasting
  • Integrated Cloud security and compliance verification
  • Mechanisms to orchestrate applications workflow across platforms
  • Backup/recovery

IT organisations should assess the cost-effectiveness and relevance of the new ITSM offerings to business operations improvement1.

Read more ...

Conclusion: Due to the pandemic and economic decline, politically astute IT managers will need all their selling skills to get one-off IT infrastructure proposals approved. Not only is this due to a decline in earned revenue or grants, but also because procurement involves paying cash to vendors.

IT managers may need to ‘walk the talk’ to convince decision makers to support IT infrastructure investment proposals. In an environment where demand exceeds supply, and competition for scarce resources is high, the need to sell the proposal is probably an organisational political necessity.

Read more ...

Conclusion: Ransomware attacks are becoming increasingly common and Australian organisations have experienced several high-profile incidents in 2020. While the preferred option is to recover from backups, organisations may find that this is not feasible either because of the scale of the compromise or that backups themselves are compromised. While the decision to pay a ransom is complex and poses significant risks, it should be explored in parallel with the recovery from backup.

Read more ...

Conclusion: Working remotely has become the default option for most companies in the new normal setup. Although this has led to rising demand in technological tools and IT systems, it is unlikely the tech industry will be spared widespread job cuts – already such cuts are being seen in some industry sectors. With the world bracing for recession, companies are cutting down on costs and tightening budgets wherever they can.

Understandably, the current state of job insecurity is creating anxiety in employees who have retained their jobs. IT staff are justifiably feeling insecure and this is likely to affect some employees’ work performance. Such anxiety is a major issue that needs to be recognised and addressed quickly and effectively in order to enable the company to maximise its existing resources both during the economic downturn and as it starts to grow again.

Read more ...

Conclusion: IBRS has identified five areas of governance overlooked in the rush to deploy Teams. Organisations now need to ‘back-fill’ these areas to ensure the organisation meets its compliance obligations and reaps the full benefits of the digital collaboration environment.

Read more ...

Conclusion: Many organisations have integrated enterprise architecture (EA) into the business processes, whilst many have not. To some, it is a religious argument as to why the ICT group even needs to have people with ‘architect’ in their name; for others, the EA group is the watchdog of the system, ensuring both new capabilities and changes to existing capabilities will be fit for purpose.

Like most things in business, the cost versus benefit analysis to justify why any activity is a priority is essential before committing effort and resources to it. EA should be no different. Organisations should complete a business case assessment to justify why EA is necessary for their business model, and what form it should take.

In doing so, both business and ICT will jointly have a better understanding of the value EA brings to the enterprise, be able to manage expectations on what EA can deliver and judge its effectiveness.

Read more ...

Philip Nesci, IBRS adviser and former CIO, has warned that agencies will need to get their information management sorted out to capitalise on the new rules.

‘‘Agencies need to identify their high-value data sets and where they are located.’’ 

Full Story.

IBRS advisor Dr. Joseph Sweeney discusses why it falls to individuals to look at improving their work in a post-COVID world. Dr. Sweeney comments on the need to build a culture of innovation that empowers employees to understand where improvement is needed in their job.

Full Story.

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion: This month there have been increased discussions regarding the security services sector, marketplace expansion and triggers for growth. New market conditions, operating frameworks and the rapid adoption and integration of new services and technologies have resulted in a demand for security offerings that cater to the new environment. However, it has also given rise to new threats posed by new offerings and technologies, such as ageing devices which can cause vulnerabilities with changed operations, configuration changes and under-skilled staff. Security service vendors need to target offerings to individual company needs and strategic objectives as well as specific industry needs.

Read more ...

Conclusion: The disaster recovery plan (DRP) should be seen as significantly more than a technical document for IT resources to be accessed only in times of crisis restoration. Use regular IT DRP updates and testing as a valuable marketing tool and keep the DRP ready for when disaster strikes.

A recently released survey revealed nearly one-quarter of all respondents cited lack of budget as a major challenge for BCP/DRP funding. This challenge will be even more daunting after the anticipated post-coronavirus budget cuts, so it is critical to remember the DRP is not just required to be technically savvy; it contains useful information to suit the non-technical audience when attaching the DRP to support funding to keep it current.

Read more ...

Conclusion: Many organisations have implemented collaboration and in particular video-conferencing facilities to support critical business operations in response to managing the COVID-19 pandemic. While remote workers have embraced these platforms with enthusiasm, organisations have had little opportunity to govern the use of these platforms due to the need to roll them out quickly. As end-users push forward with sharing confidential data and video across many teams, issues of data access rights, data confidentiality and employee confusion will emerge. Unless organisations put in place appropriate governance on their collaboration platform, the full benefits of the platform will not be realised.

Read more ...

Conclusion: The COVID-19 pandemic has taken the whole world by storm, shutting down establishments and pushing businesses and public sector agencies towards high levels of uncertainty. It seems it will be a while before this storm lets up.

Regardless of how bleak the effects of the pandemic and ensuing lockdowns are to the economy and the business sector, it can be a platform where leaders and innovators come forth.

Most companies are struggling to determine the next steps and are barely surviving through their business continuity plans. This paper aims to help you pivot towards a different perspective.

Read more ...

Conclusion: Australian financial organisations have been bombarding their suppliers and partners with requests to complete security assessments. If servicing or dealing with financial organisations is part of the operational model for the organisation, this has probably already happened or is about to happen.

Those financial bodies are being driven by an Australian Prudential Regulation Authority (APRA) issued prudential standard CPS 234 (Cross-industry Prudential Standard). This document lays out how a financial body should manage its cyber security with particular emphasis on extending that management to parties that support or supply the financial body.

These assessments can be tedious and raise concerns about cyber security maturity within the organisation. On the other hand, they bring a clear high-level focus on areas that all organisations should either be covering or working towards covering. This makes CPS 234 a valuable reference for senior executives building a cyber security program.

Read more ...

Conclusion: A simple Google search can provide access to thousands of change management frameworks, methodologies and theories. Many relate specifically to digital transformation; however, methods such as the Knoster model cover organisational change more broadly across culture, vision, resources and action planning.

The frequency of unsuccessful organisational change or transformation is on the rise1. While there are many organisational change theories, this paper demonstrates the connection between a particular theoretical framework (Knoster model) and how an organisation can translate these theories into successful organisational activities and practice.

This advisory paper will step through the six dimensions of change within the Knoster model for managing complex change and how you can use this to easily investigate and diagnose the overall health of your organisation’s change or transformation agenda, and to identify practical steps to stay on track.

Read more ...

Conclusion: When it comes to embracing collaboration, organisations should recognise that it is difficult to manage diverse personalities, perceptions and beliefs. In addition, every individual is going to have their preference on what makes a ‘good collaboration system’.

As a result, it is vital that project leads carefully consider the role staff play in a successful Microsoft Teams deployment and prepare staff for the changes ahead.

Read more ...

Conclusion: To prepare for the inevitable questioning by senior management of whether an expense line item can be reduced, management must review its breakdown and be prepared to justify it to senior management when asked. Responses must highlight the business risks that will ensue should a selected expense line item in the ICT opex (operating) and capex (capital) expense budgets be reduced. Failing to frame the response in business (risks) terms could delay the review and reflect poorly on ICT management.

Read more ...

Conclusion: As a result of COVID-19, has the criticality of web presence for your business changed? Is your organisation now exposed to threats and risks that previously were a lower order concern? Are there advantages to be gained in the realignment of the organisation’s web strategy?

IBRS recommends organisations assess the vision statement for its web presence. Once the vision is clear, review the framework for delivery and sustainment, the processes, and the roles and responsibilities for online web services, as a result of the impact of COVID-19. The purpose of the review is to ensure your organisation leverages the strengths and opportunities of the organisation’s online presence resulting from the impact of COVID-19.

Read more ...

Conclusion: The traditional IT service management (ITSM) tools have allowed IT organisations to automate key IT processes (e. g. incident management), promote service management disciplines and meet service levels in the majority of cases. However, they were limited in identifying service issues before impacting business operations, managing multi-Cloud environments and lacking the required speed to empower the digital transformation initiatives (e. g. releasing new software to production). Organisations wishing to modernise their IT service management practices should evaluate the new generation ITSM tools to determine their suitability and cost-effectiveness to improve their business operations.

Read more ...

Post-pandemics require changes to IT services, vendors' contracts and service levels. Organisations must re-examine their service foundations to meet business expectations and remain compliant with policies and legislation during and post-pandemics.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion: Many organisations have now contained the COVID-19 crisis and stabilised their operations. The focus is now rapidly shifting towards the recovery phase. While the full implications of the 'new normal' are yet to be fully understood, it clear that industry sectors will be impacted very differently. What are the three mega trends emerging in the post COVID-19 world.

Read more ...

Conclusion: This month there has been a focus on the impact of the current economic environment on managed service providers. Declines in vendor service uptake, or difficulties experienced by existing customers, have resulted in the need for providers to adapt in an uncertain environment. New measures adopted by vendors when dealing with customers have included the revision of traditional business and payment models, increased flexibility with service contracts, and client support packages. Internally, vendor strategies include tightened cashflow management and regular communication with suppliers to mitigate disruptions that can have flow-on effects to their own customers. Whilst there has been a growth in demand for vendors to provide new and more complex solutions to cater to new work practices and business operations, vendors must work to maintain the integrity of their services. The re-diversion or loss of staff can impact on a vendor’s capacity to provide quality managed services, resulting in vulnerabilities. Vendors must adapt customer engagement practices in order to cater to both internal and external pressures caused by the highly variable and uncertain economic environment.

Read more ...

Conclusion: Microsoft Teams is a collaborative hub for teamwork with links to a wide range of information sources and communication capabilities. While a latecomer to the collaboration software solution market, Teams benefits from being included in Microsoft’s 365 platform, which means many organisations have ready access to collaboration capabilities without the licensing costs of dedicated third-party solutions.

Teams is a relatively new and rapidly evolving solution; therefore, deployment challenges are present. Organisations must prioritise a structured approach to planning, governance development and security. Planning is important to empower users so that the organisation can break down information and communication silos. The sooner the organisation prepares concrete plans, the smoother the transition will be. This paper outlines better practices for such planning.

Organisations that rushed the deployment of Teams to support working from home as part of the pandemic response should revisit their Teams deployments against the better practices discussed in this advisory paper, and ‘back-fill’ any missing activities to ensure that Teams maintains long-term benefits for the organisation.

Read more ...

Conclusion: Since the rise of personal computing in the 1970s, organisations have focused on acquiring digital tools and, since the late 1990s, on promoting digital skills. While we are now in the midst of the fourth industrial revolution, where digital skills are essential, the so-called soft skills of employees also need to be constantly updated and upgraded.

Read more ...

Conclusion: Remember, constructive feedback is of benefit to both the employees submitting the form and the staff who provide the services to enable working from home arrangements. Continuous improving is the nature of running IT operations and support services. This feedback can also assist with wider human resources polices as everyone comes to terms with supporting the existing present state and plan for future arrangements that may end up permanent or in a hybrid state.

Read more ...

Conclusion: In the current COVID-19-driven environment, video conference calls have become the stuff of life. They are used for school, family, leisure and even work. Numbers of call attendees have jumped from tens of millions to more than 300 million worldwide. As is normal in technology, there are a plethora of options to choose from.

One of those, Zoom, has made the news repeatedly over the period of April-May, initially because of its popularity but then because security flaws were being discovered. With the flaws seemingly serious, commentators were recommending organisations abandon Zoom. Many organisations did so, given the amount of coverage the flaws received.

But the product was and is popular. It is one of the easiest video conferencing products to use. It works well and is simple to deploy. A valid question to ask is whether Zoom is safe to use for business purposes. Taking a realistic view of the flaws combined with efforts Zoom has made to correct some of them leads to the conclusion that Zoom is safe for general business usage.

Read more ...

Subscribe

Want to get the latest papers from all our advisors? Subscribe, and we'll send you the information you need.

Invalid Input
Please enter a valid email address
Invalid Input
Please enter your mobile phone number
Invalid Input