Conclusion: This month there have been increased discussions regarding the security services sector, marketplace expansion and triggers for growth. New market conditions, operating frameworks and the rapid adoption and integration of new services and technologies have resulted in a demand for security offerings that cater to the new environment. However, it has also given rise to new threats posed by new offerings and technologies, such as ageing devices which can cause vulnerabilities with changed operations, configuration changes and under-skilled staff. Security service vendors need to target offerings to individual company needs and strategic objectives as well as specific industry needs.

Read more ...

Conclusion: The disaster recovery plan (DRP) should be seen as significantly more than a technical document for IT resources to be accessed only in times of crisis restoration. Use regular IT DRP updates and testing as a valuable marketing tool and keep the DRP ready for when disaster strikes.

A recently released survey revealed nearly one-quarter of all respondents cited lack of budget as a major challenge for BCP/DRP funding. This challenge will be even more daunting after the anticipated post-coronavirus budget cuts, so it is critical to remember the DRP is not just required to be technically savvy; it contains useful information to suit the non-technical audience when attaching the DRP to support funding to keep it current.

Read more ...

Conclusion: Many organisations have implemented collaboration and in particular video-conferencing facilities to support critical business operations in response to managing the COVID-19 pandemic. While remote workers have embraced these platforms with enthusiasm, organisations have had little opportunity to govern the use of these platforms due to the need to roll them out quickly. As end-users push forward with sharing confidential data and video across many teams, issues of data access rights, data confidentiality and employee confusion will emerge. Unless organisations put in place appropriate governance on their collaboration platform, the full benefits of the platform will not be realised.

Read more ...

Conclusion: The COVID-19 pandemic has taken the whole world by storm, shutting down establishments and pushing businesses and public sector agencies towards high levels of uncertainty. It seems it will be a while before this storm lets up.

Regardless of how bleak the effects of the pandemic and ensuing lockdowns are to the economy and the business sector, it can be a platform where leaders and innovators come forth.

Most companies are struggling to determine the next steps and are barely surviving through their business continuity plans. This paper aims to help you pivot towards a different perspective.

Read more ...

Conclusion: Australian financial organisations have been bombarding their suppliers and partners with requests to complete security assessments. If servicing or dealing with financial organisations is part of the operational model for the organisation, this has probably already happened or is about to happen.

Those financial bodies are being driven by an Australian Prudential Regulation Authority (APRA) issued prudential standard CPS 234 (Cross-industry Prudential Standard). This document lays out how a financial body should manage its cyber security with particular emphasis on extending that management to parties that support or supply the financial body.

These assessments can be tedious and raise concerns about cyber security maturity within the organisation. On the other hand, they bring a clear high-level focus on areas that all organisations should either be covering or working towards covering. This makes CPS 234 a valuable reference for senior executives building a cyber security program.

Read more ...

Conclusion: A simple Google search can provide access to thousands of change management frameworks, methodologies and theories. Many relate specifically to digital transformation; however, methods such as the Knoster model cover organisational change more broadly across culture, vision, resources and action planning.

The frequency of unsuccessful organisational change or transformation is on the rise1. While there are many organisational change theories, this paper demonstrates the connection between a particular theoretical framework (Knoster model) and how an organisation can translate these theories into successful organisational activities and practice.

This advisory paper will step through the six dimensions of change within the Knoster model for managing complex change and how you can use this to easily investigate and diagnose the overall health of your organisation’s change or transformation agenda, and to identify practical steps to stay on track.

Read more ...

Conclusion: When it comes to embracing collaboration, organisations should recognise that it is difficult to manage diverse personalities, perceptions and beliefs. In addition, every individual is going to have their preference on what makes a ‘good collaboration system’.

As a result, it is vital that project leads carefully consider the role staff play in a successful Microsoft Teams deployment and prepare staff for the changes ahead.

Read more ...

Conclusion: To prepare for the inevitable questioning by senior management of whether an expense line item can be reduced, management must review its breakdown and be prepared to justify it to senior management when asked. Responses must highlight the business risks that will ensue should a selected expense line item in the ICT opex (operating) and capex (capital) expense budgets be reduced. Failing to frame the response in business (risks) terms could delay the review and reflect poorly on ICT management.

Read more ...

Conclusion: As a result of COVID-19, has the criticality of web presence for your business changed? Is your organisation now exposed to threats and risks that previously were a lower order concern? Are there advantages to be gained in the realignment of the organisation’s web strategy?

IBRS recommends organisations assess the vision statement for its web presence. Once the vision is clear, review the framework for delivery and sustainment, the processes, and the roles and responsibilities for online web services, as a result of the impact of COVID-19. The purpose of the review is to ensure your organisation leverages the strengths and opportunities of the organisation’s online presence resulting from the impact of COVID-19.

Read more ...

Conclusion: The traditional IT service management (ITSM) tools have allowed IT organisations to automate key IT processes (e. g. incident management), promote service management disciplines and meet service levels in the majority of cases. However, they were limited in identifying service issues before impacting business operations, managing multi-Cloud environments and lacking the required speed to empower the digital transformation initiatives (e. g. releasing new software to production). Organisations wishing to modernise their IT service management practices should evaluate the new generation ITSM tools to determine their suitability and cost-effectiveness to improve their business operations.

Read more ...

Post-pandemics require changes to IT services, vendors' contracts and service levels. Organisations must re-examine their service foundations to meet business expectations and remain compliant with policies and legislation during and post-pandemics.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion: Many organisations have now contained the COVID-19 crisis and stabilised their operations. The focus is now rapidly shifting towards the recovery phase. While the full implications of the 'new normal' are yet to be fully understood, it clear that industry sectors will be impacted very differently. What are the three mega trends emerging in the post COVID-19 world.

Read more ...

Conclusion: This month there has been a focus on the impact of the current economic environment on managed service providers. Declines in vendor service uptake, or difficulties experienced by existing customers, have resulted in the need for providers to adapt in an uncertain environment. New measures adopted by vendors when dealing with customers have included the revision of traditional business and payment models, increased flexibility with service contracts, and client support packages. Internally, vendor strategies include tightened cashflow management and regular communication with suppliers to mitigate disruptions that can have flow-on effects to their own customers. Whilst there has been a growth in demand for vendors to provide new and more complex solutions to cater to new work practices and business operations, vendors must work to maintain the integrity of their services. The re-diversion or loss of staff can impact on a vendor’s capacity to provide quality managed services, resulting in vulnerabilities. Vendors must adapt customer engagement practices in order to cater to both internal and external pressures caused by the highly variable and uncertain economic environment.

Read more ...

Conclusion: Microsoft Teams is a collaborative hub for teamwork with links to a wide range of information sources and communication capabilities. While a latecomer to the collaboration software solution market, Teams benefits from being included in Microsoft’s 365 platform, which means many organisations have ready access to collaboration capabilities without the licensing costs of dedicated third-party solutions.

Teams is a relatively new and rapidly evolving solution; therefore, deployment challenges are present. Organisations must prioritise a structured approach to planning, governance development and security. Planning is important to empower users so that the organisation can break down information and communication silos. The sooner the organisation prepares concrete plans, the smoother the transition will be. This paper outlines better practices for such planning.

Organisations that rushed the deployment of Teams to support working from home as part of the pandemic response should revisit their Teams deployments against the better practices discussed in this advisory paper, and ‘back-fill’ any missing activities to ensure that Teams maintains long-term benefits for the organisation.

Read more ...

Conclusion: Since the rise of personal computing in the 1970s, organisations have focused on acquiring digital tools and, since the late 1990s, on promoting digital skills. While we are now in the midst of the fourth industrial revolution, where digital skills are essential, the so-called soft skills of employees also need to be constantly updated and upgraded.

Read more ...

Conclusion: Remember, constructive feedback is of benefit to both the employees submitting the form and the staff who provide the services to enable working from home arrangements. Continuous improving is the nature of running IT operations and support services. This feedback can also assist with wider human resources polices as everyone comes to terms with supporting the existing present state and plan for future arrangements that may end up permanent or in a hybrid state.

Read more ...

Conclusion: In the current COVID-19-driven environment, video conference calls have become the stuff of life. They are used for school, family, leisure and even work. Numbers of call attendees have jumped from tens of millions to more than 300 million worldwide. As is normal in technology, there are a plethora of options to choose from.

One of those, Zoom, has made the news repeatedly over the period of April-May, initially because of its popularity but then because security flaws were being discovered. With the flaws seemingly serious, commentators were recommending organisations abandon Zoom. Many organisations did so, given the amount of coverage the flaws received.

But the product was and is popular. It is one of the easiest video conferencing products to use. It works well and is simple to deploy. A valid question to ask is whether Zoom is safe to use for business purposes. Taking a realistic view of the flaws combined with efforts Zoom has made to correct some of them leads to the conclusion that Zoom is safe for general business usage.

Read more ...

Conclusion: Many processes are relatively poorly designed and are not subject to effective governance. The reasons for this are many and varied: some relate to complexity, where there is a perceived risk associated with their criticality and whereby change could harm the business if they are altered; others are just not managed at all.

If your organisation does not understand how its business processes are architected, executives run the risk of fear influencing their judgement, rather than fact – the end result is ‘no change’ where change is needed. The COVID-19 pandemic has demonstrated the need for flexibility and agility in business processes to sustain and grow the business. The opportunities in the post-COVID-19 world, where many processes have been found wanting, are too great to be missed.

Successful organisations understand, manage and adjust business processes to meet the times. Having an effective business process management approach – where the process strategy is documented, processes are designed against set standards, implementation is monitored and managed, and controls are in place to manage the process lifecycle – is essential if your organisation is to achieve the best outcomes.

Read more ...

Conclusion: Traditional service desks which are based on voice communication and email to engage with clients are no longer adequate for the current IT market. New-generation service desks should:

  • Allow self-service to extend the hours of operations.
  • Use multiple communication channels (e. g. online chats) to make the service desk more reachable to clients.
  • Adopt artificial intelligence technology to analyse unstructured data.
  • Deploy virtual agents to reduce service desk’s staff workload.

Read more ...

Conclusion: Scenario planning is a formal approach for developing and exploring possible future situations or marketplace environments. It allows organisations to be more flexible and agile by considering the possibilities for change. It helps organisations – and for the focus of this paper, the ICT teams – identify the environmental uncertainties and allows ICT to prepare proactively instead of reactively.

ICT executives should leverage scenario planning activities to help with post-pandemic planning, preparing advice for the board with the organisation’s readiness to react to possible changes in the market, and also as a morale and team-building activity.

Read more ...

Conclusion: For many years, shadow IT or business-managed computing has flown under management’s radar screen with mixed results. For some organisations it has been a panacea as it has helped them automate business processes quickly and gain valuable business insights from accessing complex data structures.

In some organisations, business managers resort to developing a shadow IT solution because skilled IT resources are not available due to budget constraints. When this occurs, business or engineering professionals (also known as digital natives) are then reassigned to provide a stop-gap solution, which is often uncontrolled. For these managers, shadow IT is an irritant as it diverts them and their direct reports from their everyday tasks.

Read more ...

Conclusion: With working from home mandated for a large portion of Australian workers as part of the national pandemic response, ICT groups are tasked with rapidly scaling up existing remote working programs and implementing entirely new ways of working for staff.

On the 16th April 2020, IBRS moderated a virtual roundtable where senior ICT executives discussed their organisation's experience in rapidly migrating to working from home and explored the lessons they had learned along the way. This paper details the insights gained and makes recommendations.

Read more ...

Conclusion: This month, there has been a particular focus on business continuity plans amidst COVID-19-driven uncertainties. Businesses are updating and activating, or establishing business continuity plans to minimise operational disruptions. Broad-based business continuity programs to ensure solid internal operations, avoid supply chain disruptions, support customer liquidity needs and mitigate risks associated with a volatile industry have become critical. Vendors must focus on managing partner and customer relations during market shifts and changes to strategic plans which are expected to be ongoing.

Read more ...

Conclusion: Many vendors, consultants and managed service providers are pushing ‘security information and event management’ (SIEM) as a panacea to security failings. The intent is correct. Having visibility of what is or has happened in the infrastructure is essential to detecting and responding to intrusions.

What often gets glossed over is that SIEM is a tool, not a complete solution in itself. Deployment requires deep engagement with the IT operations team and a clear vision of what is expected from the SIEM. The vision will be driven by how SIEM will be used, what outcomes would be expected and how its use would evolve over time.

With careful planning prior to deployment, some, if not most, of these issues can be addressed.

Read more ...

Conclusion: More than one-third of businesses globally claim to have an omnichannel strategy, which is often predicated on the use of digital channels and platforms1. However, in this quest to leverage digital channels, many organisations are rushing to create omni-enablement plans that look good on paper, but in fact, fail in practice.

This paper covers the three measures that organisations can take to successfully evolve their multichannel foundational investment (walking) for sustainable future omnichannel enablement (running).

Read more ...

Conclusion: One of the misconceptions in business intelligence (BI) is that the goal is to capture and report upon all available data. This misses an essential business maxim: data is only useful when it is applied deliberately and with a clear goal in mind.

Too often, an organisation’s focus on BI quickly moves from aspirational principles of ‘being a data-driven business’ to discussions of technology architecture and data governance. However, it is dangerous to focus on simply hoarding data in the hope it will be useful in the future. What extracts value from data are steps taken after collection. And to define those steps, an organisation must first define the purpose to which the data will be applied.

IBRS has identified four increasingly sophisticated business models for how data can be applied: business reporting, data visualisation, key performance dashboard and predictive decision support.

Read more ...

Conclusion: Creating an environment in which IT and business professionals can adapt to a new and remote (also known as alternate work) environment will test the ingenuity of many senior managers.

To meet the challenge, managers must help their staff avoid being anxious and isolated and enable them to easily access their peers for advice and guidance. Failure to keep contact could lead to a decline in productivity and staff not feeling part of the team. Alternately, not having to travel to work sites and work prescribed hours can be a blessing for others.

Read more ...

IBRS was asked to present on the AI market for 2018 - 2019. This advisory presents an AI market overview for this time with an outlook towards 2025. How has your organisation's AI journey progressed?

Read more ...

Conclusion: The phrase ‘People, Process and Technology’ describes the three key elements of a successful business. Business is the why, People the who, Process the what, and Technology the how. No single element of the trilogy can be seen as more important than the others. However, in the post-COVID-19 world, successful businesses will see that the focus of People has changed – they no longer go to work, work goes to them.

In technology terms, this effectively means that everyone is now the core of the system; the old concept of a core that is controlled from a central hub is now questionable. Post-COVID-19 technology design must allow for each worker to be able to work from any location, able to access information, services and data when necessary, and for each location to have surge capability.

Read more ...

Conclusion: Risk assessment tools help protect and support staff and minimise business disruptions by following Australian risk management (and health) guidelines.

Read more ...

Conclusion: Organisations should tap into their management team (department heads, managers and team leaders) to keep their working-from-home employees committed to the organisation. These organisational leaders have the most direct relationships and therefore are the most qualified to invite engagement from employees and other stakeholders. However, new models for engaging and measuring employees are needed that reflect the shift to virtual teams and virtual management: there is a shift from managing by activity to managing by trust.

Read more ...

Conclusion: IT services are critical to reducing the impact of pandemics on public health, jobs and the overall wellbeing of nations. To prepare IT for this challenge, organisations should:

  • Embed pandemics management into their business continuity plans
  • Define fallback strategies to operate during pandemics
  • Plan the transition to the normal mode of operations when the time comes

Read more ...

Conclusion: The COVID-19 pandemic crisis is sweeping across the globe and is being felt by every individual and every organisation. By its very nature, the COVID-19 crisis is global in scope, indefinite in its duration and unknown in its long-term impact. Given the reliance of organisations on their ICT services, particularly at this point in time, CIOs have a unique opportunity to make a significant contribution, showcase their leadership capability and enhance the long-term brand of their ICT teams. All too often under the pressure of a crisis, CIOs will focus on tasks as opposed to the softer elements of leadership. The opportunities this crisis presents should not be wasted. Your leadership is on show.

Read more ...

IBRS analyst Dr. Joseph Sweeney provides best practice-advice on working from home in the current pandemic situation. Dr. Joseph Sweeney discusses current working from home policies which are mandated due to public health reasons, and explains how he has helped many organisations to adopt proper work-from-home practices.

Full Story.

Conclusion: This month, discussions regarding the COVID-19 outbreak and the range of impacts on industry have been prominent. While extreme and unforeseen impacts of seemingly small events have been common for vendors and their customers in the past, this pandemic has triggered a wide range of effects, with potentially long-term implications. In all circumstances, vendors need to have strong, yet highly adaptable foundations to accommodate sudden shifts in the market, and adequately support their customers. The outputs and responses to this pandemic will be unique; however, customers will still require experienced vendors to provide services which support changes to business operations, long-term strategies and external issues, such as fluid supply chains, new government regulations/frameworks and economic uncertainties.

Read more ...

Conclusion: The recent use of artificial intelligence (AI) solutions has demonstrated the value of this type of technology to consumers and organisations. It resulted in the recent discovery of new antibiotics, the emergence of self-services (e. g. virtual agents) and the ability to analyse unstructured data to create business value. However, releasing AI solutions without integrating them into the current IT production environment, the corporate network and Cloud will limit the value realisation of artificial intelligence deployments.

Read more ...

Conclusion: When cost cutting of IT services is on the executive agenda, due to the impact of COVID-19 virus, will it yield low hanging or sour fruit? One area often regarded as low hanging fruit is the amalgamation of SPOC (single point of contact) activities, viz. help desk, service centre and contact or call centre. Combining them is a compelling proposition and demands an informed response.

Put simply, the logic used by management, seeking to amalgamate and reduce costs, is:

  • Similar skills are required so staff can be co-located
  • Staff can become multi-skilled and resolve incidents or software failures of internal (service desk and help desk) and external clients
  • Office space used now will be reduced and by combining the functions
  • Headcount savings will ensue

Read more ...

Conclusion: Projects in trouble or failing need to be assessed with two main possible outcomes: rescue or discontinue. Organisations should carefully consider whether shutting down a project is a better outcome. If the decision is to discontinue then it should be done in a careful and controlled manner which considers the impact on stakeholders, team members and any residual value that can be extracted.

Read more ...

Conclusion: Ransomware attacks have been in the news lately with Toll, Talman, Travelex and Manheim Auctions all having their day-to-day operations completely shattered. Many pundits and security product vendors are touting their initiatives to help an organisation defend itself against such an attack.

Despite all best efforts, there is no 100 % guaranteed defence against succumbing to a ransomware attack. So rather than investing still more funds in defensive products, it is well worthwhile creating a strategy to allow a rapid recovery or reestablishment of service after being struck by an attack.

It is possible to develop some strategies, all relatively inexpensive apart from time, that will position an organisation to have an excellent chance of quickly returning to normal productivity after a ransomware attack.

Read more ...

Subscribe

Want to get the latest papers from all our advisors? Subscribe, and we'll send you the information you need.

Invalid Input
Please enter a valid email address
Invalid Input
Please enter your mobile phone number
Invalid Input