Conclusion:

Information asset categorisation (IAC) builds the capabilities of an organisation to establish guardrails for more efficient data governance practice. It is at the heart of addressing the changing risks of information management due to the rapid update of collaboration tools and hybrid working.

However, poor acceptance by stakeholders can be an issue, eventually putting information trustworthiness and security at risk. It takes more than just a change of organisational culture or management practises to entrench IAC. Clearly defined roles among the ICT groups and other members of the organisation are needed to achieve the security, privacy, and information governance benefits that IAC can deliver.

Read more ...

Conclusion:

A low-code Centre of Excellence (CoE) is not just about getting people to use low-code platforms. Rather, it provides leadership, support, training, and best practices that address innovation and continuous success within the organisation. It is crucial for an organisation to establish a CoE, especially when the need to concentrate expertise is fundamental to reduce operational and knowledge silos in the workplace.

A CoE provides recognition and authority as the centre of management competency in the organisation. By delivering best-practice methodologies, standards, and tools to enable teams to effectively deliver projects, it can best support business outcomes (sales, services, etc.) as well as ensure compliance and business integrity. By aligning the CoE’s goals with that of the organisation’s, processes can be more easily improved or changed to meet the demands of a post-COVID-19 environment, where agility, compliance, and business integrity are essential.

Read more ...

It is a mistake to view Office 365 as simply a move to subscription licensing and Cloud-based services. Organisations that simply view Office 365 in this way fail to obtain value from the technology, and continue with business as usual, albeit with an increase in cost and licensing.

Read more ...

The Latest

12 April 2022: Research by risk consulting firm Kroll revealed a 356 per cent surge in common vulnerabilities and exposures (CVEs) or zero-day vulnerabilities (also known as freshly announced threats) in the last three months of 2021 compared to the previous quarter. By December, an increase in new ransomware variants was detected in ManageEngine, ProxyShell, VMWare, and SonicWal pushed CVE logs to an all-time high.

Kroll’s industry survey revealed that while phishing remained the most popular initial access infection vector, at 39 per cent in the fourth quarter, CVE increased from 6 per cent to 27 per cent in the same period.

 

Source: Q4 2021 Threat Landscape: Software Exploits Abound

 

Why it’s Important

Many incidents of ransomware continue to impact Australian organisations who are considered prime targets due to (a) their capacity to pay and (b) their relatively immature (from a global perspective) cyber-defence and cyber-response capabilities of a larger number of mid-sized enterprises. Many of these organisations struggle to close common vulnerabilities, let alone zero-day exploits, quickly enough to avoid intrusions due to their weak defence postures.

Organisations need to address their ability to defend against such attacks and respond appropriately to limit any impact caused by breaches. More effort is required across industries to contain the likelihood of attacks impacting productivity, reputation and financial resources, rather than just within individual businesses. This will support sharing of intelligence and the growth of cyber-defence nationally.

Who’s impacted

  • CMO
  • Development team leads
  • Business analysts

What’s Next?

  • Cyber-defence can no longer be left to a 'best effort' basis by ICT groups. Organisations that lack a dedicated cyber security specialist, must seek out specialist services, peer groups and forums, and actively leverage better practices from these groups.
  • Evaluate the status of your enterprise’s ransomware defence and look into the strengths and weaknesses of your current security posture.
  • Create a dedicated team that will develop a roadmap to improve the organisation’s stance against ransomware.

Related IBRS Advisory

  1. The Security Impact of Remote Working: Find the Gaps in (Zero) Trust
  2. Use Security Principles to Guide Security Strategy
  3. Reducing the Risk of a Successful Ransomware Attack

The Latest

12 April 2022: Low-code enterprise software developer OutSystems announced Integration Builder’s (IB) support for Generic PostgreSQL version 13, Aurora PostgreSQL version 12, as well as non-relational database MongoDB. Prior to the announcement, OutSystems only supported a limited number of platforms including MySQL, Oracle, Azure SQL and SQL Server. With more connection options for infrastructure servers, users can now better develop applications where data resides in Cloud-based, high-capacity, elastic databases.

Why it’s Important
As low-code plays an increasing role in application delivery, the adoption of open-source databases will become increasingly common for several reasons. First, it opens up low-code applications to existing solutions as well as allowing existing applications built upon these databases to be extended by low-code developers. Second, it has the potential to reduce the overall cost of low-code architecture. Finally, the inclusion of elastic databases allows low-code to be used for massive scale data applications.

Therefore, for organisations that are considering purchasing a new low-code platform with connected services from different sources, look into how the vendor caters to the evolving hyperscale Cloud computing market to support the scalability and high-performance needs of clients. As previously noted by IBRS, the most successful ones will require minimal changes in enterprises' existing SQL Server application code, speed of migration, and ease of switching to other tools post-migration.

Who’s impacted

  • CTO
  • Development team leads
  • Business analysts
  • Low-code centre of excellence

What’s Next?

Review the low-code spectrum to determine which types of low-code capabilities your organisation needs in the near and midterm, and which are most likely to be needed in the longer-term.
In addition, it is imperative to assess risks associated with adopting a new operating model and platform before investing in any low-code platform.

 

Related IBRS Advisory

  1. Considerations for Selecting Modern Low-Code Platforms
  2. VENDORiQ: AWS Babelfish Brings PostgreSQL to its Hyperscale Database

The Latest

5 April 2022: Amazon Web Services (AWS) launched AWS Billing Conductor for customisation of Cloud cost reporting and more accurate monthly billing data. Organisations can now organise accounts into billing groups, apply specific pricing packages, assess and edit pro forma expenses and reports, and compare rates between those applied to groups and current AWS rates.

Why it’s Important

The COVID-19 pandemic has impacted 92 per cent of organisations to exceed their Cloud spend forecasts in the last 12 months, according to a recent report. As a result, many ICT groups are being asked to justify their increasing spend on Cloud services to optimise the enterprise’s purchase decisions.

Although Cloud can reduce overall costs in some areas of ICT's business as usual (BAU) expenditure (operational costs that are part of standard daily work), the increase in demand for computing and storage generally makes it appear that promised costs of savings from Cloud are not materialising. By allocating costs to specific business units’ consumption, deployment projects, use cases and new digital transformation initiatives, enterprises can identify which efforts drive the most Cloud spend. This goes a long way to clarifying why Cloud investments are worthwhile (or not, as the case may be).

Therefore, it is no longer sufficient to consider Cloud budgets as simply part of BAU, nor treated in the same way software costs have been treated in the past. These old approaches will mean that justifying Cloud spend will only ever be short-lived.

Cloud cost management tools that enable not just Cloud cost identification, but also allocation back to business benefits will be vital for identifying profitable technologies and projects within the Cloud. While there are other third party solutions in this space (such as VMWare’s CloudHealth, Cloudability and Densify), the AWS Billing Conductor will assist mid-sized organisations who cannot afford such services, or lack the skills needed to implement Cloud spend budgeting with better accuracy.

Who’s impacted

  • CMO
  • Development team leads
  • Business analysts

What’s Next?

IBRS has observed that many less mature organisations have a ‘sprawl’ of Cloud services that need to first be identified and then reined in, before cost optimisation products can be fully effective. Therefore, consider how Cloud business cases and ongoing budgets need to be communicated, and to whom, within your organisation. In addition, look into how you can set up a billing responsibility model and cost dashboard, designed for cost efficiency. Ideally, decisions around this should be made by the Cloud centre of excellence.

Related IBRS Advisory

  1. VENDORiQ: Aussie Cloud-cost Specialist GorillaStack Expands What it Watches
  2. Cloud Financial Management is Optimised with Cloud Certified Partners
  3. How to get on top of Cloud billing

The Latest

22 March 2022: Knowledge management application software developer Objective Corporation (Objective) has acquired US Cloud-based content management system firm Simflofy. With the acquisition, Objective’s governance extends beyond a focus on regulated and public sectors to accommodate organisations struggling to govern Microsoft365 suite. Through a combined enterprise federated governance and single source of truth (SSOT), users can expect the features of the integration to be introduced in its newest tool, Objective 3Sixty.

Why it’s Important

The Australian public sector’s content management solution vendors are dominated by Micro Focus Content Manager (formerly known as TRIM) and Objective. However, both solutions providers lack the technology to fully address the demand for federated knowledge management due to the effect of disruptive collaboration, and the adoption of Microsoft Office 365 by many enterprises. 

However, the acquisition of Simflofy will be a game changer for Objective.” to avoid it seeming like Simflofy has acquired Objective. The integration of Simpflofy’s federated information management capabilities to Objective’s strength in knowledge management in compliance rich environments, has the potential to balance a unified view of organisation wide content from disparate sources of information, with rigorous information lifecycle management.

At the very least, the acquisition signals that Objective is now committed to federated knowledge management, instead of the traditional record-keeping system that it is known for.

Who’s impacted

  • CMO
  • Sales/marketing teams

What’s Next?

Objective customers should monitor the vendor’s progress with Objective 3Sixty’s features such as SSOT through consolidating various sources across multiple information repositories and managing it all in one place.

In addition, public sector organisations that use Objective as well as SharePoint without appropriate governance and compliance add-on solutions (such as RecordPoint’s Records365), should start exploring how the new Objective plans and acquisition may impact discussions on where and how knowledge is stored in a compliant manner.

Likewise, Micro Focus Content Manager’s customers must raise inquiries to the vendor on the progress of the service provider’s plans for filling in the gaps of federated content management capabilities for Content Manager, in particular Control Point. 

Related IBRS Advisory

  1. The Challenge of Disruptive Collaboration and the Future of Enterprise Knowledge Management Solutions
  2. Does IBRS have a framework which describes the capabilities of Knowledge Management?

The Latest

22 March 2022: Virtual application delivery (VAD) service provider Cameyo joins Citrix and VMWare as certified Google Chrome Enterprise Recommended solutions for virtualisation. Cameyo’s features, combined with the Chrome operating system (OS), provides Cloud-based desktops’ with Windows apps. This extends Google’s virtualisation features by running fewer servers at higher capacity with centralised infrastructure, security and data management. 

Why it’s Important

Application virtualisation services expand users’ access through a secure ecosystem that supports legacy systems on Chrome (and other devices). This approach may reduce operating costs relative to traditional desktop virtualisation infrastructure.

In addition, Cloud VDI does not limit users into a single device when accessing data and applications and does not compromise security or reduce the capacity of endpoint management. Enterprises likewise can save on the costs of acquisition and maintenance of devices, resorting to lower-code (and lower-cost to support) Chromebooks. 

Cameyo’s recognition by Google marks a turning point in the move towards wider acceptance of application virtualisation, as opposed to full VDI.

Who’s impacted

  • Desktop / digital workspace teams
  • Development team leads
  • Business analysts 

What’s Next?

Organisations re-evaluating their VDI investments - especially in light of Citrix’s request acquisition,  should consider the potential of application virtualisation, and perform a detailed RIO that includes not just the licensing and hardware, but also the operational costs over an extended period - say five years. 

It should also be noted that, with Citrix being acquired, many organisations have started to be less optimistic about new innovation coming from the platform. IBRS reiterates that users should not expect any revolutionary new Citrix features to be released in the near future. Instead, IBRS expects a gradual acceleration of the shift towards application virtualisation services, regardless of a vendor’s existing popularity in the industry.

Related IBRS Advisory

  1. VENDORiQ: Citrix to be Acquired by Vista Equity Partners and Evergreen Coast Capital
  2. VENDORiQ: Windows 365 - The New Hotness, or Same Stuff in a New Can?

We all know data is important and its usage is often the difference in highly competitive markets and behind efficient business operations. Regardless of the importance, many organisations struggle to get started using their data holdings, either due to the overwhelming complexity of the environment or the security concerns that come with the data domain and discipline.

Following on from his 'Data Management Maturity Framework' advisory paper, IBRS advisor David Beal conducted a webinar where he shares his approach to the data journey across six data streams:

  • Systems and resources
  • Governance and compliance
  • Master data
  • Data security
  • Data quality
  • Data visualisation and BI

In the webinar, David takes a practical and informative look at data management. Please find below a full video of the webinar. 

Read more ...

The Latest

15 March 2022: Snowflake announced its planned acquisition of data applications builder Streamlit. Snowflake’s goal is to integrate app building into its Warehouse-as-a-Service platform with simplified data access and governance features. 

Why it’s Important

There has been a growing trend in the acquisitions of analytics platform developers to boost product features and improve capabilities of data science tools.

IBRS expects more mergers and acquisitions among leading Cloud analytics vendors that will commence the initial stages of consolidating the hyperscale, elastic analytics market. It projects more integration of key components of the data analytics system in the next three years. In particular, data catalogues or data sharing solutions will become increasingly integrated with Cloud data lakes and data warehouses.

However, it is the use of centralised data repositories - data lakes and warehouses - to simplify the development of low-code apps that has been overlooked. One of the biggest challenges and costs for low-code apps development is integration. However, data analytics platforms have already integrated and normalised data from multiple systems. As a result, using these centralised data resources for low-code application development could be very attractive. 

Microsoft’s Dataverse is essentially this concept - albeit within the Microsoft world. Snowflake’s investments in Streamlit are an indication that there is a growing market for this use case.

Who’s impacted

  • COO, CIO, CTO
  • Business analysts

What’s Next?

Organisations should look at how their low-code initiatives tie into data analytics initiatives. Low-code platforms generate not only data captured from forms, but also metrics on how processes are performing - data which will likely end up being reported upon via analytics platforms. But there are also opportunities to leverage the analytics platforms to act as engines for low-code and rapid application development environments. Bringing the people involved in each of these areas together can reveal new opportunities to ‘streamline the process of streamlining processes’.

Related IBRS Advisory

1. VENDORiQ: AWS Accelerates Cloud Analytics with Custom Hardware

The Latest

15 March 2022: Google announced general availability of Dataplex, a ‘dash fabric’ (aka, data mesh) solution that allows enterprises to centrally manage and control data across data lakes, databases and data warehouses. Google claims that the product can mesh Google Cloud with open source technology for analytics professionals to better govern data. Dataplex was launched together with Datastream and Analytics Hub that make up Google Cloud’s database services in its analytics portfolio.

Why it’s Important

Since it was introduced in 2019 by its creator Zhamak Dehghani, the concept of data mesh is becoming hyped. Similar to service oriented architecture (SOA), it is misunderstood by vendors and buyers alike who believe that it is all about technology. Instead, data mesh is as much a philosophical shift, from viewing data being centralised in data lakes or warehouses, to managing data close to where it is created, through a domain-oriented design with a self-serve data infrastructure.

Google, on the other hand, identifies Dataplex as a data fabric, which provides a technology layer over disparate data sources for better access, discovery, integration, governance and security. Data fabric focuses on existing multiple centralised technologies that consolidate data. Data mesh, on the other hand, promises a fully domain-oriented, decentralised approach, since it considers all enterprise data as a set of different repositories, preventing any loss in domain expertise during translation, unlike with a data lake. Thus, in a pure data mesh platform, different groups can manage data as they see fit, sharing some common governance measures while maintaining their domain knowledge on the data.

IBRS has observed that data catalogue vendors are leveraging data mesh rhetoric to market their products. However, most of these do not truly align with the philosophy of data mesh, which is fine for the near term, as few organisations are prepared for the changes involved when adopting such a democratised approach to data management.

Who’s impacted

  • CTO
  • Analytics teams

What’s Next?

Organisations that want to explore data mesh concepts must carefully consider shifts in data team structures, roles, responsibilities and skills before looking at technical solutions.Some changes brought by such a data architecture approach will impact domain-specific variations in data across departments, domain ownership, data product self-containment, and governance architecture to preserve global controls.

Related IBRS Advisory
1. Business First Data Analytics - Webinar and Q&A

Conclusion: This month, discussions regarding partner-led growth through alliances and acquisitions have been prominent. Being selective with these types of relationships can allow for increased access to clients, service providers, and an expanded skills base. However, the rapid deployment of new resources through partnerships and acquisitions can add complexities, reduce visibility and increase security risks when consolidating internal business processes, or products and services. Challenges associated with conflicts and vulnerabilities when bringing organisations together, in any way, must be addressed with ongoing skills growth, as well as resources and management structures to support complex and changing environments.

Read more ...

Conclusion:Salesforce’s Einstein Automate uses a number of AI algorithms to automate high-volume, manual, and repetitive tasks. The Flow Orchestrator tool applies AI to the building of workflows, recommending steps to improve workflows and spot process bottlenecks. The application of AI to the development of workflows will become increasingly common, with vendors such as Appian and Nintex having such capabilities. The result will be the acceleration of process digitisation by citizen developers.

Read more ...

Conclusion: Organisations are increasingly adopting digital customer strategies and on-line channels. Customer identity management is now a foundation of most customer on-line services. This is both to secure customer identities and provide a single point of access and experience when customers transact across multiple, on-line channels. Many digital identity solutions are less than effective when it comes to striking a balance between adding a layer of safety and ensuring a frictionless customer journey. Adopting a customer focused approach at each stage of the customer journey, customer identity and management systems (CIAMS), user pain-points around identity controls can be prevented through a more user-sensitive, yet risk-aware, approach.

Read more ...

Conclusion: Power Apps (along with Power Automate and the broader Power Platform) is Microsoft’s low-code application creation and application lifecycle management tool. It aims to enable application development to all levels of the stakeholder: from citizen developers (non-technical staff) to business analysts up to technical teams. Microsoft Power Apps supports a variety of business use cases that address development backlogs. However, similar to most Software-as-a-Service (SaaS) tools, its limitations need to be carefully considered before an organisation decides to adopt the enterprise-ready platform in its digital transformation initiative.

Read more ...

Conclusion: Accrued technical debt can have a severe impact on operations when left unattended. Unless organisations acknowledge the existence of technical debt and set a strategy to address it and minimise its impact, they can end up paying far more for remediation. By learning how to measure technical debt, organisations can start identifying its root causes and develop strategies that become a part of their development process.

Read more ...

Conclusion: Microsoft Azure Arc allows customers to run Azure in multiple, hybrid Cloud environments, with a focus on servers and Kubernetes. One core concept is to allow Kubernetes clusters with containerised applications to be managed across both public Cloud (Azure and others) and private data centres. This approach allows organisations to “modernise data centres” so that they support Cloud-native app building. Key to leveraging Arc for data centre modernisation is the re-emergence of hyperconverged infrastructure (HCI).

Read more ...

Conclusion: This advisory is the fourth in a series which discusses the value proposition for conduct of project assurance through gate reviews for high-value projects, health checks of projects in trouble, key processes, and control mechanisms. Included in the first three parts of this advisory series was a discussion on the need for maturity in project management, the need for a mature project management framework, and a mature project management office (PMO) to support success in completion of projects.

Without effective project assurance, through external review of high-value projects at key gateways in the life of each project, and health checks of processes and controls, organisations run the risk of not fully understanding the impact of the project’s progress on their business objectives.

Read more ...

Conclusion: Organisations that surpass the tipping point of Cloud migration must ensure the investment in Cloud talent keeps up with the business demands for effective Cloud solutions.

IBRS sees the centre of excellence (CoE) as the most qualified skills base to align business and operational needs, but the CoE is also well placed to identify Cloud skills sources to support upcoming Cloud development opportunities.

At each phase of the Cloud maturity cycle, the CoE is best placed to research and advise the executives and business stakeholders of where new investment should be provided to extend the Cloud talent pool. The resourcing strategy should contain flexibility and agility to support short-term project needs and ultimately more permanent IT operational demands.

Be warned that complacency and market pressures will place your next Cloud migration or Cloud optimisation project at risk if your Cloud skills gap doesn’t have a resolution plan.

Read more ...

Conclusion: Don’t be the last organisation to assess the trajectory of email and other electronic communication strategies and solutions. As awareness of CO2 emission sources grows, communities and governments will be considering both large and small changes to achieve a net zero emissions target by 2050. New challenges will be presented to measure large industry specific Greenhouse CO2 emissions and smaller seemingly innocuous sources such as email.

Moving forward, upcoming generations will challenge the use of email as the primary communications channel and opt for more flexible, integrated communications channels. The tools will focus on aiding collaborations within and outside the organisation, and streamlining email overload. Much of this has already started, with vendor integration seeing emails as one element of a multi-functional approach to electronic communications. Digital marketing, customer relationship management, singularity workflows, workforce management, and project management Software-as-a-Service (SaaS) developers are all embedding emails, chat, social media, Agile Kanban boards, and emerging communication methods within their products to engage future generations in the way they experienced prior to joining the workforce.

Read more ...

Conclusion: The demand for software – in particular software that automates and streamlines specialised business processes, customer-facing services, and field-force ready solutions – is continuing to grow. The challenge for modern ICT departments is twofold: keeping up with this demand while remaining constrained by resources; and delivering improvements quickly and iteratively, following Agile principles.

New, low-code platforms that target developers may improve the output of an organisation’s software development teams. In addition, low-code tools targeting non-developers (business analytics or even citizen developers) can also play a role. However, both technical and human factors need to be considered to gain additional capacity. Determining the level of complexity for any given application request, and linking ideation to the framework for determining application requirements, can best set expectations for the results that low-code can provide to organisations.

Read more ...

IBRSiQ is a database of client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

The Latest

1 March 2022. Microsoft recently launched Carbon Call with ClimateWorks Foundation and more than 20 other leading organisations in the private, philanthropic, scientific and non-governmental sectors to develop more reliable and interoperable carbon emissions accounting practices. The collaboration is expected to address and solve gaps in current global carbon accounting systems, with a focus on carbon removal and land sector, methane, and indirect emissions. 

Why it’s Important

There has been a noticeable growth in the number of hyperscale Cloud vendors publicising their efforts to reduce their carbon footprint and energy consumption levels. Such growth outnumbers the total of on-premise data centre services that are following the same move towards carbon-free energy sources and more sustainable ICT operations.

This reflects the industry’s answer to the immediate call for action on climate change and the economic advantages of hyperscale. However, global standards for sustainability reporting still vary widely, according to a study published by the International Federation of Accountants and the Association of International Certified Professional Accountants. The lack of a robust set of sustainability-related reporting standards presupposes that any vendor may overstate its claims of adhering to a climate-first approach, further relegating corporate reporting across a range of environmental, social and governance (ESG) areas into suspicion.

But progress has been made since. In November, during the 2021 UN Climate Change Conference (COP26), the International Financial Reporting Standards Foundation proposed the International Sustainability Standards Board (ISSB) to bring the much needed transparency in reporting across different industries, enterprises and regions.

Microsoft's adoption of an emerging global standard for reporting reflects the next stage of the trend towards ICT sustainability issues. By 2025, IBRS expects that not only all the hyperscale Cloud vendors will have adopted a standardised carbon report, but most of the top Fortune 500 companies will be following suit. Around this time, it is expected that public sector shared services will be put under greater scrutiny to do the same move towards carbon-free energy sources with a globally agreed set of standards.

Who’s impacted

  • COO, CIO, CTO
  • Data centre managers
  • Corporate risk and policy directors
  • Sustainability managers

What’s Next?

Organisations must learn to start monitoring trends in sustainable computing, especially among the hyperscale Cloud vendors. As all organisations will soon be obliged to adhere to a consistent, harmonised and global set of sustainability reporting standards that will help define collective enterprise reporting and accountability, be prepared for boards to request standardised ICT sustainability reporting. This will enhance their commitment to actively participating in collecting and reporting sustainability information and the credibility of their report. 

Finally, organisations must consider what solutions may be needed to integrate ESG in creating value for the organisation over the long term, rather than attempting to build such capabilities in-house with existing analytics platforms. 

Related IBRS Advisory

  1. VENDORiQ: Cloud Vendors will Push New Wave of Sustainable ICT Strategies
  2. VENDORiQ: Oracle Announces Innovation Lab During COP26 Summit

The Latest

22 February 2022: Process intelligence and automation company Nintex announced its acquisition of robotic process automation (RPA) developer Kryon. Australian low-code vendor Nintex, plans to improve its intelligent process automation (IPA) features through Kryon’s process discovery technology capabilities and full cycle RPA with artificial intelligence (AI).

As a process management and automation software builder, Nintex offers low-code design platforms for IT teams, operations experts and business analysts. Some of its largest clients in Australia include Naylor Love, Toyota Australia, Arab Bank Australia, RICOH, Auswide Bank, Port Stephens Council in New South Wales, Auto & General Holdings, and Allegis Group who have benefitted from its low-code development tools to help employees, regardless of their programming expertise, create applications that solve unique enterprise challenges.

Why it’s Important

Nintex’s move to acquire Kryon is yet another example of the merging of all low-code tools (i.e., process singularity) and how mid-tier low-code vendors are pushing up the low-code spectrum. This broad ecosystem of solutions, each with unique traits and features that fit specific organisational structures, should have specific modern low-code platforms that match an organisation’s ecosystem to help better streamline operational processes. In addition, constantly ensuring governance features to avoid the chaos that can ensue from unfettered development when acquiring low-code platforms is crucial in the long-term for better return on investment (ROI) whatever low-code solution is selected.

Nintex is also one of the many Australian companies that have exhibited fast-growing performances in the international market recently through acquisitions and mergers. However, as previously noted by IBRS, most local enterprises and the national government have lower regard for smaller Australian vendors making a name abroad. In many cases, smaller local vendors offer better value and generally have positive project outcomes as a result of their vested interest in meeting their clients’ expectations.

Who’s impacted

  • COO, CIO, CTO
  • Business analysts

What’s Next?

IBRS recently conducted a market scan on low-code vendor trends and found out that large vendors will continue acquiring today’s most successful low-code platform companies until 2025. This will help expand their product portfolios to secure a majority of market share. In this regard, when looking at low-code platforms, organisations must consider the greater ecosystem of low-code tools that will meet their long-term needs. For instance, vendors that can offer a more robust platform that caters to internet of things (IoT) solutions can help organisations focus on IoT devices and controllers instead of hardware and software development integrations.

Related IBRS Advisory

  1. Low-Code Mythbusting
  2. Hammering Low-Code into Place Takes Time
  3. Low-Code Platform Feature Checklist
  4. VENDORiQ: What Marketplacer Shows Us About Buying Aussie Tech

The Latest

22 February 2022: MetricStream has launched software solutions for governance, risk and compliance (GRC) that generate quantified, AI-powered risk insights for business growth, cybersecurity, and environmental, social and governance (ESG) reporting compliance. The SaaS company’s line of GRC software products address enterprises’ manual processes for GRC reporting with automation and improved visibility. The solutions consolidate fragmented and siloed data sources required to report on GRC.The solutions are available as three pre-configured packages, with the end goal being to enhance enterprise ESG scores.

Why it’s Important

Organisations with a lack of GRC capabilities can surfer from weaker strategic and operational processes. Without clear accountability and ownership, they run the risk of operating outside compliance boundaries, potentially with penalties and regulatory sanctions.

The purpose of GRC is to provide a centralised risk repository and reporting, in theory, leading to better transparency through enterprise regulation measures.

While it is possible to implement GRC within existing business intelligence and data management tools, not all Australian organisations can deploy GRC this way due to limited expertise and capacity constraints within the analytics teams. Furthermore, unlike in large enterprises where robust BI tools are integrated into their core information repositories and external data sources, small and medium enterprises have yet to achieve a more mature data management capability, and lack the budget for analytics and information management teams. In the end, compliance reporting costs them a lot of their financial resources to be at par with the quality of reporting that regulatory offices demand from them. Pre-configured GRC and ESG reporting tools may be a more viable option for these enterprises.

IBRS believes that GRC is becoming increasingly important among Australian organisations and will impact them across industries in terms of transparency through systemic workflows where real-time insights can be used to guide decision-making that meets minimum requirements from regulatory changes.

Who’s impacted

  • COO, CIO, CTO
  • Business analysts
  • Risk managers

What’s Next?

Organisations need to be familiar with GRC and how they can best create a culture of compliance that ensures active oversight and adherence to applicable laws and regulations. Senior executives can drive a culture of transparency and efficient risk management by engaging in programs that meet GRC expectations, through compliance participation and implementation of preventive measures. This will improve risk control and promote good governance and organisational ethics.

To overcome the complexity of ‘build-it-yourself’ GRC and ESG reporting, consider if GRC software tools may complement the organisation's existing analytics platform through add-on solutions or dedicated products that make it easier to produce audit, accreditation and governance risk management reports.

Related IBRS Advisory

  1. IBM Acquires Data Analytics Firm Envizi
  2. More Evidence for Cloud Leading Sustainable ICT Charge

The Latest

Australian ecommerce platform Marketplacer announced in December 2021 that it had successfully raised US$38 million to begin its U.S. expansion, product development and partner program.  

The company has already secured US$85 million of funding and has over 100 marketplace clients. It has also partnered with ecommerce giants such as Salesforce (who has invested in them), Adobe, Publicis Sapient, and Fenom Digital.  

To date, Marketplacer’s 100 clients have added more than 13,000 businesses, agencies and enterprises for shopping cart services, payment processing, promotions management, and drop-shipping in one platform.

IBRS interviewed Marketplacer’s executive team about their business and the opportunities that meshed marketplaces have for local merchants and service providers.

What is Marketplacer?

Marketplacer’s SaaS-based platform allows organisations with existing ecommerce platforms or large online communities to quickly integrate third party sellers into their environments. Amazon revolutionised retailing by allowing other retailers to sell on its shopping platform, and gained not only additional revenue streams but also expanded the value of the Amazon site to shoppers. Marketplacer’s platform effectively allows organisations to create a similar business model.

Marketplacer simplifies connecting an enterprise’s current ecommerce system (such as Salesforce Connected Cloud or Magento 2) with affiliated merchants. It allows an organisation with an existing base of customers to rapidly present new products and services to them from affiliates. 

The operator portal provided by Marketplacer covers day-to-day onboarding, marketplace management, product and return maintenance, central database management, process payments and payouts, tax and accounting, orders and logistics, communications and marketing, ratings and reviews, and data and insights. 

The seller portal allows sellers to access their own marke​​tplace and manage orders, refunds, logistics, marketing and promotion, as well as insights and reporting.

Why it’s Important

A new ecommerce segment emerges

Major players in the ecommerce platform industry such as Shopify, WooCommerce, Bigcommerce, and Magento have dominated much of the market. 

However, Marketplacer differentiates itself by allowing sellers to take advantage of pre-built connectors to fully maximise the platform that complements their existing tools and offering to support a wide range of products and services for sale. In addition, its front end is decoupled from back end logic and channel programming language, aside from being framework-agnostic. 

While Marketplacer is not the only platform attempting to define this new ecommerce segment, it has an edge in terms of out of the box integrations and features. The recent capital injection will position the vendor well in the US market, but also strengthens its long term stability in the Australian market.

IBRS predicts that Marketplacer’s biggest competitors will come from large enterprises that have acquired tech startups to expand their services and offer similar capabilities through their SaaS products, such as Oracle’s purchase of NetSuite in 2016, to expand Cloud solutions in more regions and industries. 

Aussie vendors punching above their weight

Many Australian tech and software companies have earned success overseas such as Canva, Atlassian, Afterpay, Xero and NEXTDC, all with market caps above US$5 billion.  

However, most local enterprises - including government - fail to recognise that smaller Australian vendors just starting to do well overseas are worth putting on their shortlists. This is not just a concern regarding national pride. IBRS notes that in many cases, smaller local vendors offer good value and generally have positive project outcomes, due in no small measure to having development resources close to their clients and having a vested interest in keeping such founding clients content.

In addition, local ISV (independent software vendors) often have solutions that are designed specifically to meet domestic compliance requirements and business processes: especially those that support public sector functions.

Another issue worth noting is that there has been a ramp up in the number of acquisitions of Australian tech post-startups in the past years. In 2021, Queensland based Clipchamp was bought by Microsoft, SaaS company CitrusAd was purchased by the Publicis Group, and Quantium was acquired by Woolworths. Channel partners and specialist IT service providers are also being snapped up.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Australian enterprises should look beyond the traditional mainstream players to emerging vendors and local providers. Pay attention to the benefits of local support channels and the costs associated with gaining experienced, local implementation partners that have expertise in the local market.

Finally, when working with internal teams to determine how new platforms will demand changes to operations and even the business model, look more closely at the implications of selecting such tools or platforms, including security and reputational risks, from local vendors as well as the international brands.

Related IBRS Advisory

  1. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape
  2. Positive customer experiences must lead digital transformation

The Latest

31 January 2022: Private equity firms Vista Equity Partners and Evergreen Coast Capital, announced their acquisition of virtualisation tech firm Citrix Systems. Citrix’s secure digital workspace and hybrid work environments will be merged with the market data management and business intelligence features of Vista’s TIBCO. The all-cash $16.5 billion acquisition, which is expected to be formally closed mid-2022, will impact Citrix customers, amounting to approximately 100 million end-users.

The buyout will make Citrix a private venture and address its debt after reporting a 1 percent decrease in annual revenue at the end of 2021. Reports of the deal have been in the news for quite some time, despite Citrix acquiring Wrike last year to further support hybrid work models for its clients.

Why it’s Important

At the start of the pandemic, demand for Citrix’s digital workspace solutions increased to allow secure access to corporate information systems through web traffic isolation, as well as remote access to devices in physical offices for employees on a work-from-home setup. However, there have been concerns that Citrix has not been at the forefront of innovation in the last few years.

The acquisition has the potential to provide Citrix with an opportunity to invest in new features now that its Desktop-as-a-Service tool competitors (Azure Virtual Desktop, Amazon Workspaces and VMWare Horizon DaaS Platform) have outperformed the Florida-based virtualisation tech company.  

However, history of previous acquisitions suggests that that potential will only be partially realised, if at all. IBRS has observed that among venture capital firms that have bought tech companies, users should not expect any new features to be released any time soon since private equity managers often prioritise profitability on existing customers using the same range of products. 

Conversely, with Citrix being consolidated with TIBCO, there is an opportunity to repackage the brand, add sophisticated integration and workflow capabilities to an existing market that’s maturing. 

In the near term (2-3 years), IBRS does not expect much direct impact on current clients.

Who’s impacted

  • CIO
  • Desktop / EUC teams
  • Business stakeholders dealing with workforce management and project delivery

What’s Next?

Since many organisations have adopted digital workspace architectures (as opposed to end user computing architectures), they should review their current service contracts that may be impacted by mergers and acquisitions in relation to workspace technologies. One strategy is to centralise vendor management activities and develop a set of governance policies. 

IBRS also recommends organisations running Citrix review the papers below, and then schedule a consultation session with IBRS to identify the next best courses of action for their enterprise.

Related IBRS Advisory

1. Mergers & acquisitions require federated service providers governance

2.Running IT-as-a-Service Part 46: Mergers and acquisitions impact on service contracts

Conclusion:

This month, discussions regarding the need for improved security efforts have been prominent. Analyses of security concerns in 2021 have shown a significant increase in cyber security and ransomware attacks. Annual reviews have flagged a changed threat landscape, with attacks increasing in volume and severity. There has also been an escalation in the magnitude of highly targeted attacks, possessing clearer objectives which provoke more serious overall impacts. As attacks have become more prolific and aggressive, organisations are demanding a wider range of higher quality security services that can be tailored to individual needs. Customers are acknowledging that without strategic changes and significant action, the increase in security incidents witnessed in 2021 will continue throughout 2022.

Read more ...

Conclusion:

A common claim is that Agile methodologies and DevOps assist organisations in their digital transformation efforts. While there is merit to this claim, many organisations’ ICT groups treat Agile and DevOps as projects in their own right – implementing them as an end unto itself. Understanding that Agile and DevOps are a continuous process, aided by metrics that are aligned to continually evolving business goals, brings efficient leadership management in Agile and cross-team sharing to scale DevOps to prevent teams from returning to functioning in silos.

Read more ...

Conclusion:

Over the last 12 months, cyber security breaches arising from compromising third parties have featured in the headlines. Previously, most organisations had given little thought to their reliance on third parties for critical services, software, and the protection of sensitive information. As such, in many cases the issue has flown largely under the radar.

A compromise via a third party is now an increasingly common attack vector. This is due to the fact that the smaller third parties often hold critical data and an attack on one third party can quickly be leveraged as an attack on all its customers. Additionally, some smaller third parties do not have best-practice cyber security capabilities in place.

Security Frameworks such as NIST and ISO 27001 have long identified risks arising from third parties. CIOs need to move quickly to identify, assess, and mitigate risks from their third parties. This article provides some recommendations that will assist in managing these risks.

Read more ...

Conclusion:

This advisory is the third in a series which discusses the value proposition for the project and/or programme management office (PMO). In the first and second parts of this advisory series, we discussed the need for maturity in project management and the need for a mature project management framework (PMF) to support success in the completion of projects.

Effective project management requires an effective PMO to achieve the controls necessary to manage the processes within the PMF, and to ensure the delivery of each business outcome is prioritised to meet the desired business objectives.

Without an effective PMO, your organisation’s ability to track business performance against delivery of new or enhanced capabilities being delivered by projects will be limited or potentially catastrophic.

Read more ...

Conclusion:

During the lockdowns imposed around the world due to the COVID-19 pandemic, businesses and organisations had no choice but to find a way to pivot and continue operations. This pushed numerous businesses to work away from the workplace. Working from home became the new normal.

With the challenge of not being able to work in the office and not being able to work together in a physical setting, came a new set of hurdles and expectations. Businesses who were able to invest in technology and infrastructure prior to the pandemic were able to adapt immediately. However, this setup does not only require up-to-date technology, it also requires that the organisational culture be one of trust and accountability, especially with the change in employee expectations.

Now, with the easing of restrictions, normal is again being rewritten with the concept of a hybrid workplace where employees can work from home on some days, and come to the office on some days.

Read more ...

Conclusion:

The COVID-19 pandemic has raised expectations for improved organisational processes, new policies, and evolving workplace habits. Armed with experiences from 2020 and 2021, many (not all) knowledge workers now prefer to work for organisations that can give them tools to do their jobs remotely and effectively. What is often overlooked in this discussion is the increased need to consider diversity and inclusion in a hybrid work enablement process.

Leaders have critical decisions to make in relation to both hiring and the creation of a workplace that embraces diversity.

Read more ...

The Latest

25 January 2022: ServiceNow has recently launched ServiceNow Impact that provides AI-driven recommendations along with human-powered solutions on technical support, prescriptive guidance, preventive solutions, role-based training, curated content, and coaching using the Now Platform. Users will receive personalised recommendations on customer success, progress monitoring, platform architecture and performance management to improve their overall workflow automation.

ServiceNow’s AI is leveraged to deliver recommendations that allow users to optimise their existing ServiceNow platform, without integrating third party tools into the system. The solution also provides personal support through on-demand training, and dedicated expert teams and developer consulting depending on a user’s subscription package. 

Why it’s Important.

IBRS has observed a rise in the number of AI decision support services being integrated into workflow automation tools. Hyper-automation on decision-making processes built on top of existing workflow platforms and enterprise resource planning (ERP) solutions is where most organisations will obtain the quickest impact from AI - specifically machine learning (ML). Therefore, instead of investing in separate ML tools and developing custom algorithms, it may be more prudent to leverage existing SaaS platforms emerging AI and ML capabilities.

In addition, many service providers that use AI to automate workplace processes, customer journey flows and enterprise spend management continue to expand their tool’s capabilities in terms of customised solutions to address each organisation’s requirements on value acceleration. In this regard, AI will continue to maintain its essential ‘invisible’ role by recommending better workflows, which in turn drive service quality and agility.

Who’s impacted

  • CIO
  • System administrators
  • Development team leads
  • Business analysts

What’s Next?

Look for opportunities to leverage AI (and ML) from existing investments in SaaS platforms. In particular, look for how AI is being used to make recommendations on improving workflow with low-code development platforms. Bespoke AI initiatives will be less utilised in favour of AI being added to already existing SaaS applications.

Related IBRS Advisory

  1. Machine Learning Operations (MLOps), the AI Productivity Fast Track
  2. Trends for 2021-2026: No new normal and preparing for the fourth-wave of ICT
  3. How can AI reimagine your business processes?
  4. VENDORiQ: ServiceNow to Acquire RPA Vendor Intellibot

The Latest

25 January 2022: IBM has announced its acquisition of Sydney-based data analytics software company Envizi. In an official press release, the move was finalised to boost IBM’s capabilities to provide environmental, social and governance (ESG) analytics, which is an emerging specialised field.  

Envizi will be integrated with IBM’s existing package of manufacturing and supply chain solutions such as IBM Maximo, IBM Sterling, IBM Environmental Intelligence Suite (EIS) and IBM Turbonomic to support feedback automation in their operations and corporate environmental initiatives. 

Why it’s Important.

IBRS has observed increased activity by large vendors acquiring small, local Australian enterprises that specialise in data analytics. Some of these include the following:

  • Fujitsu’s acquisition of Melbourne-based data and analytics firm Versor in 2021
  • Cognizant’s 2021 purchase of Sydney-based Servian, a data analytics and AI vendor
  • Healthcare tech firm Beamtree’s acquisition of New South Wales-based comparative analytics enterprise Potential(x) in 2021
  • Accenture’s 2019 purchase of Australian big data and analytics consultancy Analytics8 then its series of acquisitions involving advanced analytics firms overseas such as Bridgei2i and Byte Prophecy in India, Novetta Solutions and End-to-End Analytics in the United States, as well as PRAGSIS BIDOOP in Spain.

Aside from these, acquisitions of data analytics startups by other firms outside of Australia have become prominent in the industry with the likes of Capgemini on Sweden-based Advectas, Genpact on Enquero, and Infogain on Absolutdata, which were all formalised in 2020.

IBRS believes that while it is beneficial for the industry to have vendors expand their analytics capabilities, customers or enterprise partners need to constantly assess the likely impact on their existing service contracts with analytics partner vendors. Some of the areas that are critical include terms and conditions, possible pricing changes, future services, contracted support and personnel changes, among others.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Organisations need to be prepared for their analytics partners to be the next targets for acquisitions. As part of its strategy, organisations must remain vigilant and engaged with their analytics vendor partners regarding any acquisitions and the potential impact on services and costs. This includes assessing the implications of the potential scenarios that are most likely to occur, as well as the risks or opportunities that may be present with regard to adjusting to ramifications to the existing service, if there are any. Some potential risks or challenges that must be reviewed by the organisation’s legal and procurement teams can be found on this checklist.

Finally, organisations need to be cautious on assurances that are critical to their operations if these have not yet been put into written agreement. Becoming more pragmatic about the new vendor will minimise service disruptions in the future.

Related IBRS Advisory

  1. Mergers & acquisitions require federated service providers governance
  2. Mergers and Acquisitions - Devising the Right Strategy for IT

IBRSiQ is a database of client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion:

This month has seen increased discussions regarding the need for digital transformation in the face of changing customer needs. Distributed workforce environments, ongoing shifts in operational structures, and the need to respond to customer demands quickly have driven the need for transformation efforts. Reduced costs, improved service levels, and differentiation have become priorities for organisations, with a focus on utilising technologies that can support business changes whilst retaining the resiliency of internal solutions. Organisations are also prioritising reduced infrastructure deployments and the elimination of dependency on technologies that can become dated, unstable or unable to support changes in business operations. Vendors have found the provision of adaptive platforms that are tightly integrated are in high demand. Service providers need to leverage a range of solutions that can slot together and are sufficiently flexible to adapt and be altered to meet changing customer needs quickly, all at once maintaining solution resiliency.

Read more ...

Conclusion:

IBRS recently conducted a Cloud migration case study to determine how organisations can find a balance between cost, risks and benefits. Since Cloud migration is becoming an important business process, it is necessary to develop a Cloud migration roadmap framework when considering a program through a compelling business case.

Read more ...

Conclusion:

This advisory, as the second in the series, will address the necessary inclusions in your project management framework (PMF) and the value of developing a community of practice (COP) to ensure continuous improvement. In addition to these foundation stones of good project management, IBRS takes a pragmatic view of how the choice of methodology used for each project impacts the organisation’s approach to its PMF and the value proposition of the COP.

The key to predictable outcomes is to make sure the processes and products of your PMF are of value to both those executing the project and those overseeing the development of each capability. Too often, poor take up of an organisation’s PMF, and the subsequent increased risk of failure of a project is a result of a bureaucratic and overly complex framework. The keep it simple principle is essential so that compliance with the PMF can become routine.

Likewise, the COP is key to learning, improvement, and ownership by those involved in your organisation’s capability development and project management. An effective COP will look to improve skills, apply lessons learned, and improve the PMF processes, outputs, and tools.

Read more ...

Conclusion:

Complexity is the enemy of good security. Complex strategies and complex roadmaps can be contributing factors in unsuccessful security implementations.

A better practice for a simpler starting point is creating a set of security principles as the first step in the evolution of a security strategy. Carefully crafted security principles can be a bridge to business understanding and buy-in to a successful security strategy.

Read more ...

Subscribe

Want to get the latest papers from all our advisors? Subscribe, and we'll send you the information you need.

Invalid Input
Please enter a valid email address
Invalid Input
Please enter your mobile phone number
Invalid Input