Main
Log in

Sourcing & Staffing

Conclusion: As cyber security gains awareness among business leaders, many organisations are undertaking new cyber risk management initiatives. However, these initiatives can be misdirected if business leaders are not clear on why they are doing them. On the journey to improving an organisation’s cyber security maturity, the question “why?” is a powerful tool to test alignment of security to business requirements.

Conclusion: This month there has been a focus on supplier governance models based on the service integration and management (SIAM) approach which can improve the effectiveness and efficiency of IT environments. By establishing converged and hybrid technical foundations and utilising multiple suppliers significant benefits can be achieved. However such an approach may be problematic if disparate arrangements and processes for contract execution are employed. The SIAM approach provides a single and end-to-end user experience, despite multiple suppliers’ underlying IT functions. This type of model allows for greater efficiency and cost benefits, as well as faster IT overhauls for companies needing to increase capacity, upgrade, or wishing to access new technologies and solutions. However, the model also requires strong implementation partners for analysis and a strict system definition combined with strong management capabilities, to support a very tightly integrated environment where many components can operate as one entity.

Conclusion: This month, discussions regarding a number of failed public sector outsourcing projects, which resulted in significant cost overruns have been prominent. Weaknesses were identified in a range of areas, from inappropriate vendor engagement processes to insufficient monitoring and response measures to problems that were identified during the course of a contract. It is critical for clients to establish protocols for contract management as well as frameworks to ensure these protocols can be followed.

Conclusion: The role and responsibilities of procurement and corporate services organisations is increasing relative to those of ICT groups as ICT becomes increasingly bought ‘as-a-service’ rather than installed as capital-intensive internal infrastructure.1

This demand is driving the trend to focus on governance, probity and sourcing management issues in buying decision frameworks.

Neither corporate procurement nor ICT sourcing teams can succeed in isolation: both will sink or swim together. The near-term challenge for most enterprise buying activities will continue to be the ability for both procurement and ICT to keep each other adequately informed and sufficiently knowledgeable in the other’s domain2.

 

Conclusion: This month, there has been a particular focus on service-based Cloud offerings. As this market matures, there are increased concerns regarding vulnerabilities that arise when using evolving environments without adopting new enabling tools and processes to support a shift. Approaches, such as retaining legacy applications in a new technological space can cause difficulties in areas such as security, which require more high-level data collection and analysis for success, rather than basic functions offered in legacy systems. With a dramatic increase in vendors offering service-based solutions, it is important for customers to ensure solutions have underlying systems that can support businesses and strategic objectives prior to establishing agreements. It is critical for customers to alter their perspective of service-based Cloud offerings from an alternative hosting platform to an IT toolset that can alter business processes and efficiency, with adequate foundations to achieve business objectives.

Conclusion: This month, the Queensland government’s action against IBM for the failed Health payroll system was dismissed, with the liability waiver upheld despite assertions the government was misled by IBM regarding its capabilities during the tender. The Australian Federal Police also announced it has cancelled two five-year outsourcing contracts with Eldbit Systems because of project failure. This underscores the need for clarity during the negotiation phases and establishing clear contract terms such as liability waivers and exit clauses to cater to project failures and disagreements, as well as fostering an environment for positive client/supplier relationships even when projects fail.

Conclusion: While the need to design current and future state technology platforms has not diminished, the role of the solutions architect in designing tactical business systems and advising management which systems implementation approach to pursue is taking centre stage.

Conclusion: This month, discussions regarding analytics and data-driven innovation have been prominent. As the role of IT changes from providing technology solutions to driving business outcomes and strategy through the use of technology agile services to support business processes and targets are required. Companies have recognised that data handling and having the capacity to absorb, use and deliver data are becoming core competencies. This has prompted the growth of service providers that manage and analyse data, as well as providing associated services such as security and storage.

Conclusion: This month, Fujitsu and Link Group announced a five year extension to their current ten year managed services agreement, which is founded on a combined on-site, on-shore and offshore delivery model for the provision of a variety of services. This is indicative of an increase in further alignment between IT spending and business strategic priorities utilising complex and evolving delivery models. The agreement highlights the need to provide a wide range of resources which cater to business needs, whilst managing them as one. In order to do this, a cohesive management strategy and the capacity to accommodate increased IT proliferation, new technologies, and associated security risks, must be carefully integrated into outsourcing plans during vendor engagement and contract performance.

Conclusion: There are two compelling information security reasons for creating a sense of purpose and ownership within an organisation. The first is that a sense of purpose and ownership will empower staff so that they move from responding to basic security hygiene matters, towards pre-empting issues. The second reason is so that organisations look out beyond themselves and work towards a more resilient ecosystem.

This level of resilience maturity is vital and will be driven by leadership and a continuing commitment to talent development. Astute security leaders will use cultural indicators such as engagement and sense of purpose and ownership, as a guide to the ability of the organisation to withstand security incidents.

In the News

Managed security: a big gamble for Aussie IT providers - CRN - 02 August 2018

TechSci Research estimates the Australian managed security services (MSS) market will grow at a CAGR of more than 15 percent from 2018-23 as a result of the increased uptake of cloud computing and...
Read More...

Kids, Education and The Future of Work with Dr Joseph Sweeney - Potential Psychology - 25 July 2018

What is the future of work and how do we prepare our kids for it? Are schools and universities setting kids up for future success? Does technology in the classroom improve outcomes for kids? Should...
Read More...

PageUp starts rebuilding and looks to learn lessons after data breach nightmare - AFR - 27 June 2018

The timing couldn't have been worse for PageUp; two days before Europe's new data protection regime came into force the Melbourne-based online recruitment specialist's security systems detected...
Read More...

Australia is still in the cyber security dark ages - AFR - 28 June 2018

In terms of cyber security years, Australia is still in the dark ages, a period typified by a lack of records, and diminished understanding and learning. We're only a few months into practising...
Read More...

AMP does maths on infosec shortage - ITnews - 18th June 2018

Cyber security and risk advisor at analyst firm IBRS, James Turner, said the cyber skills shortage was prompting a wider rethink around the domain in terms of resourcing for the last few years....
Read More...

Subscribe to IBRS Updates

Invalid Input
Invalid Input
Please enter a valid email address
Please enter your mobile phone number
Invalid Input

Get in-context advice from our experts about your most pressing issues or areas of interest

Make an Inquiry

Sitemap

Already a subscriber?

Login to read your premium content.

        Forgot your password?
Recently Viewed Articles
Related Articles