Conclusion: Regular testing of the business continuity plan (BCP) has many benefits which go beyond ticking the mandatory compliance box to keep audit off the back of executives. Effective testing exercises ensure the BCP has been updated and includes sense-checking the completeness of resources required in the recovery strategies of critical business functions. Running regular BCP exercises also has the benefits of raising the importance of identifying weaknesses, aligning restoration time expectations and ensuring continuous improvement.

Read more ...

Related Articles:

"Pragmatic business continuity planning" IBRS, 2018-08-01 09:12:08

"Top 10 considerations when running an incident response drill" IBRS, 2018-09-04 13:29:16

"What are the important elements of a Disaster Recovery Plan?" IBRS, 2016-08-30 01:17:08

Conclusion: New digital services introduce new challenges and opportunities to traditional performance measurement. Start with simple, repeatable metrics and recognise the imperfections in the initial stages of implementation. It is more important to capture data consistently and identify trends than it is to achieve precision. As the new services bed down and the organisation matures digitally, more sophisticated measures will emerge.

Measurement alone will not lead to digital success. Reliable data capture and critical analysis will yield valuable insights. Acting on these insights can lead to further investment in digital programs and be used to fine-tune existing digital services.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion: This month, the number of tenders and plans has continued to grow, highlighting the important role projects play when it becomes necessary to replace legacy systems, capitalise on new or evolving solutions or simply adapt to changed business operations or environments. Customers understand that avoiding complacency and market disconnect is critical, yet this still exists, with project plans to replace technologies such as paper-based messaging or tape data storage being announced just this month. It is critical for vendors to provide advice and ongoing support for customers in order to strengthen and simplify migrations and transformation, and more importantly, identify project objectives and final goals when replacing legacy systems.

Read more ...

Conclusion: With both the NSW and commonwealth parliaments passing respective Modern Slavery Acts in 20181, there are now real implications and consequences for business leaders and their suppliers who ignore the risks of slavery within their supply chains.

Unlike the California Transparency in Supply Chains Act 2010 which applies to tangible goods offered for sale, Australian firms will need to disclose their efforts to eradicate slavery and human trafficking from their supply chain of both goods and services. This means at least 2,100 public and private firms2 have until 1 July 2019 to ask explicitly of suppliers, whether local or foreign, off-premise Cloud or on-premise device manufacturer: What are you and your organisation doing with respect to modern slavery risks?

For many organisations in Australia this will mean more than just adding new evaluation criteria to be applied to current and potential suppliers. Rather it requires providing an accurate attestation on the issue of modern slavery which will require lifting the hood on all manner of “as-a-Service” offerings. Thereby exposing aspects of service delivery that the majority of firms previously thought they no longer needed to concern themselves with, having “transferred” risks, such as those found in supply chains, to their vendor partners.

Read more ...

Conclusion: Telecommunications services and the supporting infrastructure have historically been complex, costly and difficult to change. The modern technology landscape now allows for greater flexibility in the design of networks, and the telecommunications services of voice, video and data they deliver.

The use of software defined networking (SDN), Cloud-based standard operating environments (SOE) with unified communications (UC) and Cloud-based call centre solutions are now mature, secure and commonplace in the market.

These changes with the significantly reduced cost of physical connectivity (lines and links), which are now viewed as a commodity, enable the telecommunications landscape to be agile to each organisation’s business needs and delivered at greatly reduced costs.

Read more ...

Conclusion: Organisations are structured into business units or divisions to undertake day-to-day business activities. Technology projects are often initiated and executed with a combination of specialist technology partners, contracted specialist staff to augment staff levels and contributions from permanent staff in either a full-time or-part time capacity. Project planning and delivery approaches may take a traditional waterfall or a modern agile method. However, resource management and the effective utilisation of resources continues to be a significant problem for many organisations with critical capacity management approaches severely lacking. The implications are poor performance in terms of meeting project timeframes, significant de-scoping of project, or sprint deliverables or constant friction with business units to access resources to complete project activities. Effective resource capacity management provides an opportunity to understand the true available capacity, how to calculate the utilisation and how to plan and accommodate changes to the capacity requirements.

Read more ...

Conclusion: Finding superior talent has always been a challenge, even more so now. Traditional attraction and retention strategies still have value in most situations. However, there are novel ways to think about attracting talent in a digital world, including rethinking the need to attract talent at all by rethinking the business problem.

In many cases, technical skills can be taught on the job. What is harder to teach – and is therefore highly sought after – is the triple-crown of critical thinking, creativity in problem solving and curiosity. Consider putting those three characteristics at the top of the talent wish list and adapt existing recruitment practices to identify, attract and retain the right talent.

Read more ...

Demand for chatbots – automated conversational agents that may be deployed across multiple digital channels, including websites, social media feeds, instant messaging, voice assistants etc. – is growing. As outlined in Chatbots Part 1, organisations should take an evolutional approach to develop an understanding of chatbots, and the skills and capabilities needed to harness them.

Read more ...

Conclusion: The ubiquitous availability of smartphone and wearable technology has opened up opportunities for a wide range of new applications that take advantage of knowing the location and proximity of these devices.

One of the newer underlying technologies that enable these new apps are low-cost small beacons that provide regular transmissions, usually to Bluetooth-enabled devices. When working on digital transformation projects or opportunities to innovate, these technologies should be included in the developer’s tool bag.

Read more ...

Conclusion: When faced with determining the long-term future of an ERP solution that has met the organisation’s needs, business and IT management must investigate and weigh up their strategic options.

To make an informed determination, business management must take ownership of the buying process in their role as demand managers while IT management and staff support the process by assuming the role of supply managers and technical advisors.

Read more ...

Conclusion: Conducting effective business impact analysis details the business functions and provides further insight into the relative importance of each function and its criticality. The information is then used as the main source to develop business recovery strategies, the priority of restoration and identification of resources to aid in the restoration of business services. However, there are many challenges in performing this critical step in order to be best prepared when those business disruptions do occur.

Read more ...

Conclusion: The current Business Relationship Managers mostly act as a service desk to manage the implementation of business stakeholders’ service requests. While this is an important business relationship function, the current incumbents are not engaging with business stakeholders’ strategic discussions that require the selection and implementation of new technology that can improve the business presence and performance in the market. As a result, Business Relationship Managers are not earning a “trusted advisor” status. The Business Relationship Manager’s job focus and skills should expand to promote the value of IT services that contribute to business value creation, measurement and communication. This should allow the IT organisation to become the service provider of choice.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conducted by Australia’s Intelligent Business Research Services (IBRS) and commissioned by TechnologyOne, the survey of 261 business leaders in ANZ has shown that business functions are having more sway about technology decisions and are increasingly opting for Cloud-based applications.

But it is not always a case of “shadow IT” in the traditional sense where a business unit goes behind the technology department’s back to buy a product or service.

Instead, it is “enterprise shadow IT” selected with the blessings of IT, said Joe Sweeney, principal analyst at IBRS, adding that in some organisations, CIOs have transformed and are more supportive and consultative.

 

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion: This month, discussions regarding rising costs associated with outsourcing have been prominent. Whilst benefits from outsourcing in the form of efficiency and financial savings have been clear for some time, customers can find that savings are not as high as expected due to increased complexities associated with new offerings and associated implementation. For instance, customers that moved to the Cloud for storage and compute solutions benefited from the large number of vendors in the market and more competition. However, as the market has matured, customers demand more sophisticated offerings to leverage new technologies such as artificial intelligence and machine learning. As a result, infrastructure and associated services have become more costly, coupled with add-ons and Software-as-a-Service costs. Whilst cost benefits remain a priority for customers, it is also important for thorough cost optimisation reviews, and the engagement of specialist services to rationalise and assist with the management and restraint of outsourcing expenses.

Read more ...

Conclusion: Chatbots have become a hot topic among senior executives, especially in HR, customer services, citizen service, marketing and sales groups. Chatbots, powered by the increasingly accurate natural language processing capabilities, hold the potential to radically change the way people interact with an organisation without human intervention.

Separating chatbots into two aspects – clients and engines – provides a basis for very low-cost proof of concepts, while also protecting investments in the most valuable asset of the bot: the training data.

Read more ...

Conclusion: Globally, organisations are dealing with the challenges of “digital transformations” and the need to “innovate”. Chief information officers (CIOs) need to support their organisations in these initiatives, but the ownership in defining what is required rests with the business managers, and the key executives such as the chief marketing officers, chief supply chain officers, chief human resources officers and chief executive officers. If the organisation has one, chief technology officers would be a contributor in terms of how technology can be included in innovation initiatives.

CIOs need to be valued as trusted advisors to the business leaders in terms of what technology solutions will support their businesses’ initiatives.

Read more ...

Conclusion: Effective project managers prize the importance of capturing lessons learnt during the life of a project, but too often, it is just a necessary task to complete at project closure. By following simple tips and adhering to some techniques, project managers can get increased benefits for themselves and the organisations they work with.

Read more ...

Conclusion: In an environment where the quality of front line services is critical for customer loyalty, the call centre’s (or contact centre or help desk) performance is pivotal. A salient way to measure the call centre’s performance is to calculate its First Call issue Resolution rate (FCR), i. e. the rate at which received calls are resolved the first time while the caller stays online.

A 2019 survey of 300 contact/call centre managers found if the rate is around 70 %1, the call centre is performing well and likely to be satisfying the needs of customers. Conversely if the FCR is well below 70 %, IT management must initiate strategies to increase it. Failure to do so will adversely affect the customer satisfaction rate.

Read more ...

Conclusion: Cognitive bias has the potential to reduce decision-making effectiveness. Although bias can often streamline the process of coming to a decision, the quality of such decisions may suffer. In emerging technology areas such as process and decision automation, as well as in mainstream activities such as procurement and recruiting, unconscious biases can have a significant negative impact on individuals and on business outcomes.

Recognising the most common biases and the tendency for people to exercise these biases will increase the likelihood that sound, defensible decisions will be made. Critical thinking, empathy and actively seeking diversity are all strategies that can be used to manage these risks.

Read more ...

Conclusion: The Agency Head/CEO is responsible to accredit the ICT system for use at the PROTECTED level. The accreditation process is specific to the services being delivered for the organisation. The Australian Signals Directorate (ASD) certification process is a generic process that assesses the Cloud Service Provider’s (CSP) level of security only.

The Agency Head/CEO remains responsible as the Accreditation Authority (AA) to accredit the security readiness for the services to be delivered for their organisation. In practice the CIO/CISO will lead the accreditation process on behalf of the CEO.

ASD’s role as the Certifying Authority (CA) for PROTECTED Cloud services provides the agency/organisation using the CSP with independent assurance that the services offered meet government Information Security Registered Assessors Program (IRAP) requirements and vulnerability assessment requirements at the PROTECTED level. The certification process provides a consistent approach to the cyber risk assessment of the CSP’s environment only. The PROTECTED Cloud certification does not cover security assessment related to the design and maintenance of the customers’ services and/or software to be run on the PROTECTED Cloud platform.

The adoption of a PROTECTED Cloud solution will still require a regular review of the security posture. ASD will conduct regular reviews of their processes as the certifying authority (CA), and the Agency Head/CEO will be required to regularly review the accreditation of the service as a whole.

Read more ...

Conclusion: IT organisations responding to mergers & acquisitions or migrating to multi-sourced environments of Cloud and service contracts should establish service providers governance frameworks that favour federated organisations’ principles. It requires maintaining central consistency (e. g. policymaking) whilst allowing local autonomy in certain areas (e. g. hardware purchases). This will leverage the economy of scale, allow the acquisition of local services and products more efficiently, and permit the introduction of new geographies whenever needed in a consistent manner.

Read more ...

Conclusion: Medium and large sized enterprises are complex, socio-technical systems that comprise many interdependent resources – including people, information and technology – that must interact with each other and their environment in support of a common mission1. These complex entities undergo varying levels of transformation throughout their useful life in a continual quest to remain capable of fulfilling the business mission and achieving their desired business outcomes.

A mature enterprise architecture (EA) practice is extremely beneficial in supporting and enabling a business to transform in a considered manner, to formulate and execute their evolving strategies. Whether in response to traditional business, modern digital or the emerging AI-enabled transformation agendas, the case for adoption of EA remains as strong as ever.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion: This month, discussions regarding offshoring initiatives have been prominent following announcements by two vendors that plans are in progress to send work overseas. Though offshoring can be beneficial in terms of cost and the ability to obtain talent not available in the local market, the approach can cause difficulties for organisations. For instance, local protest or a loss of customer confidence can arise due to perceptions that offshoring practices are simple cost-cutting efforts which come at the expense of quality service. However, offshoring initiatives can be critical to meet demands for vendors to provide new, quality offerings in a highly competitive environment. The need to go beyond the local market is driven by more than mounting staff costs. Although risks associated with cultural barriers or customer backlash exist, benefits can be significant when providing unique and high-quality offerings. Vendors must achieve a balance between local and overseas services, as well as maintaining a positive view of offshoring as more than a simple cost-cutting exercise which results in low quality service, to an exercise that can enhance offerings resulting in improved services.

Read more ...

Conclusion: The blending of different corporate cultures can be a huge risk factor that can significantly impact the success or failure of an acquisition. Maintaining multiple corporate cultures is extremely difficult to do, and the chances of failure are high. Cultures usually have upsides and downsides. When trying to keep cultures separate, employees tend to only see the “upsides” of what their peers have, and downside issues undermine employee morale due to feelings that they are not being treated fairly or equally.

It is IBRS’s view that ultimately efforts to have two conflicting corporate cultures coexist after an acquisition are likely to fail over time. The most dominant culture will ultimately be the culture of the organisation and employees who did not sign up for that culture will look for exit opportunities.

Read more ...

Conclusion: Organisations need to plan to quickly and successfully recover business operations by creating and updating business continuity plans (BCPs) supported by disaster recovery plans (DRPs). However, there are many challenges to overcome in order to keep these plans useful in readiness when business disruption eventuates.

Read more ...

Conclusion: Unless software testing practices are rigorous and enforced, system defects will continue and compromise meeting of service delivery objectives. Whilst defect-free code, and clean vendor software patches, are an objective, their realisation may be as elusive as the so-called paperless office.

To significantly reduce defects, and minimise risks, IT management must implement a program that elevates quality ahead of expediency and pragmatism, even if it is at the expense of the project’s schedule.

Read more ...

Conclusion: Over the past decade, the role of the Chief Information Security Officer (CISO) has risen to be one of great importance in many large and mid-sized organisations. While this remains the case, protecting information assets is more likely to be successful through ensuring all threats are managed under the same set of policies and principles. Managing threats to organisations can no longer be separated between departments or siloed out to service providers. With data in the Cloud and people on the ground in new geographies, the need to evolve the relationship between logical and physical controls has increased. The key to holistic security is to bring all aspects of security under one umbrella to ensure all bases are covered.

Read more ...

Conclusion: Media played up the impact of Artificial Intelligence (AI) and Digital Transformation in 2018. However, the potential AI remains underestimated and its limitations misunderstood. In short, AI is reaching peak hype with investments sporadic and confused. In contrast, Digital Transformation remains a primary driver for investment, though it means very different things to different organisations and even different stakeholders within organisations.

Australia’s CIOs remain focused on tactical issues: upgrades of core systems, adoption of hybrid Cloud (as opposed to simply Cloud migration, which was a dominant theme in early 2018) and changing the culture and structure of the ICT group to support “as-a-Service” operational models entity

It is important to note that these tactical priorities of CIOs all have one thing in common: they are aimed at providing a technological infrastructure for the organisation to adopt “Digital Transformation”. In this sense, Digital Transformation is being used as a way to secure agreement and investment in more fluid, responsive and modern tech infrastructure and operations, rather than a specific, measurable business outcome.

In 2019, Digital Transformation is a rallying call, more than a discrete program of work with measurable outcomes. This rallying call will be heard by all stakeholders, but interpreted differently. The challenge for senior ICT executives will be to leverage the short opportunity the Digital Transformation call has to deliver genuine long-term benefits and update infrastructure and operating models to be more flexible and responsive to changing business needs.

Read more ...

Conclusion: There are two broad groups of digital strategies – bold and defensive. Companies that choose bolder strategies tend to be more successful. However, there are good reasons why certain enterprises should consider choosing more conservative defensive digital strategies as there are still benefits to be gained from this approach. Strategy selection depends on a variety of factors, including industry forces and other factors which make each enterprise unique. It is important not to be half-hearted about digital ambition – defensive strategies are not sufficient in the long run. Strong and committed leadership at the top and throughout the organisation is still crucial to the successful implementation of digital initiatives.

Read more ...

Conclusion: Innovation is a growing key competency for organisations in the public sector and seemingly an imperative for the commercial and not-for-profit sectors to grow or maintain market share and relevance in a continuously dynamic marketplace. Although innovation is included in nearly all current strategic plans, both business and technology, organisations still struggle to actually adopt innovation in practice. Only by recognising how not to innovate can organisations ensure that change to their actions and behaviours supports innovation and does not kill it.

Read more ...

Conclusion: What to monitor and how you respond to the data is often poorly documented and not fully understood until after a failure occurs. In this world of “no surprises”, effective monitoring is a key success factor. If an organisation’s ICT monitoring strategy is to be successful it must be structured around the organisation’s business outcomes. The monitoring strategy framework is achieved through the alignment of the organisation’s critical-business functions, the ICT high-level design, the ICT architecture and the priorities set out in the organisation’s disaster recovery plan (DRP) as the primary influencing factors.
Key to an effective DRP is a clear understanding of the system architecture and design, with sound knowledge of the risks and weaknesses it brings in support of critical business functions. When the ICT monitoring strategy is based on this framework it will deliver a near real-time health status of the organisation’s ICT environment, allow for planning future capacity, and in the investigation of incidents when they occur. An effective monitoring strategy will be business-focused and not monitoring for monitoring’s sake.

Read more ...

Conclusion: The IT organisation in most enterprises suffers from the “Cobbler’s Children” syndrome – they give great advice but do not practise what they preach. A prime example is when IT does not apply Enterprise Architecture approaches and capabilities to the business of IT itself1 and yet expects other departments to apply such principles. Sadly, a new deficiency is emerging in IT as increasingly the role of analytics is democratised across the business – leading to the lack of data analytics capability for IT itself.

As organisations embrace data science, artificial intelligence and machine learning to generate increasingly sophisticated insights for performance improvement, IT must not let itself be left behind. This means ensuring that within a contemporary IT-as-a-Service operating model, space is created for the role of IT Data Analyst. This should be an inward-facing function with primary responsibility for the generation and curation of the IT organisation’s own core information assets in the form of data relating to the portfolio of IT assets, services and initiatives, including curation of operating data from Cloud providers and other partners.

Read more ...

Conclusion: Some ICT strategies are technology-centric while others are business-centric. The technology-centric strategies are usually developed without business stakeholders’ involvement resulting in limited business buy-in. Business-centric strategies are based on business strategies but have a short life-span. This is because market forces require business strategies to change frequently. IBRS recommends that ICT strategies be derived from business and IT guiding principles.
The rationale is that guiding principles have a longer life-span than business strategies and can deliver the desired outcome such as:

  • leveraging new technology
  • involving business stakeholders in the development process
  • realising business value in a timely and cost-effective manner.

Read more ...

IBRSiQ is a database of client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Subscribe

Want to get the latest papers from all our advisors? Subscribe, and we'll send you the information you need.

Invalid Input
Please enter a valid email address
Invalid Input
Please enter your mobile phone number
Invalid Input