22 July 2007

Show Me The Money: Complacency Risk...

The last time we checked, CFO's were still doing battle with CxO's about their budget and the growing magnitude of Operational Risks as a result of too little funding. Learning how to count differently is a consistent conversation within the ranks of corporate enterprises today. How do I address the needs of the employee, the regulators and management for software systems and safety solutions that require continuous change with this budget?
"Champions for new investments in Enterprise Content Management (ECM) solutions must make convincing arguments for change. Among many hurdles, the champion must express a business case for an ECM solution. That business case must present an economic analysis of the "before" and "after" financial impact. It must deliver measurable financial return on investment (ROI). The bottom line that is always asked is "show me the money".

Enterprise Content Management is the technologies used to Capture, Manage, Store, Preserve, and Deliver content and documents related to organizational processes.

The business case for any new investment requires an analysis of what the existing business issue or problem is and what the benefits are, making this new investment. Counting differently than in the past may require looking beyond the typical methods for creating this so called "Show me the money" step for executive management. Can ECM provide the solution to more than one of the problems in the enterprise with managing information and getting answers faster and more accurately than ever before? If it can, then this could be a path to designing a risk management architecture that provides a myriad of capabilities across a spectrum of potential vulnerabilities.

The most important job is to keep in-house information under control. The questions add up: where to put the thousands and thousands of e-mails, what to do with the electronically signed business correspondence, where to put taxation-relevant data, how to transfer information from the disorganized file system, how to consolidate information in a repository that everybody can use, how to get a single login for all the systems, how to create a uniform in-basket for all incoming information, how to make sure that no information is lost or ignored, etc. etc. Document technologies play an important role in all these questions. ECM solutions are necessary basic components for many applications. Every potential user will naturally consider his own individual needs before deciding on a system. However, putting off decisions does not make them less necessary. Every year something supposedly better and easier to use will come along, but waiting will just mean never installing anything. Every time the decision is put off, the mountain of uncontrolled and unused information gets bigger, and known problems get larger. A sensible long-term migration strategy removes the fear of fast technology change.

Complacency is a threat that many do not think about. What is the cost of complacency in delaying decisions to invest? Whether it be that latest hot stock, buying new enterprise software or the maintenance on the critical infrastructure supporting your operations, timing is everything. At some point, a decision has to be made and you are never going to have enough data to totally justify an investment one way or another. You must find the courage to do something, before complacency makes the decision for you:

One person has been killed and at least 20 others injured when a steam pipe exploded underneath a street in central New York during the evening rush hour.

The explosion in midtown Manhattan sent clouds of steam, mud and rocks into the air and forced the evacuation of nearby streets and Grand Central Station.

The New York Police Department said the incident was not terrorism-related.

Millions of pounds of steam are pumped beneath the streets of New York to help heat and cool thousands of buildings.

The 83-year-old pipe exploded just before 1800 (2200 GMT), sending people running from the scene as steam billowed up from the ground.

New York Mayor Michael Bloomberg later ruled out the possibility of a terrorist attack.

"There is no reason to believe whatsoever that this is anything other than a failure of our infrastructure," he told a news conference.

"The big fear that we have is whether there may or may not have been asbestos released."

Maintaining, upgrading and investing in your IT software systems is no different than looking after your power generation pipelines or critical infrastructure conduits along right of ways. Lack of robust Software Quality Assurance and the complacency for justification of new systems may not result in human fatalities such as the explosion in NYC. Unless of course the information you desire can't be found or can't be accessed when you need it.

Connecting the Dots and Show Me The Money are what complacency risk is all about.

17 July 2007

4GW: Trusted Information Class Actions...

The SEC is in the middle of a Supreme Court battle and they have called in the "A" team to assist. Former SEC officials William H. Donaldson, Arthur Levitt and Harvey J. Goldschmid want to expand investors' abilities to sue in frauds:

The big-money issue has mobilized lawyers who bring class-action lawsuits and the companies and executives they target in one of the most important securities-law issues to reach the Supreme Court in years.

In cases in which fraud-ridden corporations have filed for Chapter 11 bankruptcy protection, investors may not be able to wrest money from the company itself. Lawsuits against business partners and advisers such as accountants and lawyers may present the only rich and viable option for shareholders and plaintiff lawyers, experts said.

What have we learned since Enron? Do we not have a more ethics based atmosphere at the professional services firms? In the long run, will investors be better off with the ability to sue the advisors of the companies as accomplices to wrong doing? You can bet that if the US Chamber of Commerce has it's way, the SEC is in for a real fight on this one.

Some people are behind bars. Some companies are out of business. And the Dow is again at an all time high nearing the 14,000 threshold. All of the legislation, class actions and fraud allegations are all about one thing. Information. Trusted Information.

A number of trends focused on corporate data continue to distract today's IT departments. Shareholders are clamoring for more transparency as a result of the financial scandals that have shaken confidence in corporate governance around the world. Compliance legislation such as the U.S. Sarbanes-Oxley Act (whose impact is reaching far beyond the U.S.) can result in jail sentences for executives who - even unintentionally - report erroneous information. New privacy laws around the world restrict the use of customer information. Increasing global competition has put pressure on organizations to use their expensive information assets more strategically.

All these issues can be summed up in a single concept: trusted information. Simply accessing data is no longer enough. Today's CEOs, CFOs and knowledge-workers must be able to reliably track the information they use for decisions back to the original source systems in order to ensure its timeliness, accuracy and credibility.

Over the last decade, organizations have invested millions of dollars in systems to collect, store and distribute information more effectively. Despite this, information users at all levels of the organization are often uncomfortable with the quality, reliability and transparency of the information they receive.

Today's organizations rarely have a "single view of the truth." Executives waste time in meetings debating whose figures are correct, rather than what to do about the company's issues. Additionally, they worry about the consequences of making strategic decisions using the wrong information, directly impacting the long-term survival of the organization.

This brief essay by Jeffrey Ritter discusses the compelling forces converging at the beginning of the 21st century that are shaping the need to consider trusted information as a vital asset that should be the priority of any organization:

As the 21st century accelerates, digital devices connected to the Net will continue to be indispensable to modern life. But those devices, and the services provided through them, remain vulnerable to human judgment—the 21st century winners will be those who earn and sustain the trust of those using the devices and the services—whether those are consumers, employees, shareholders, lenders or service providers.

When the law intersects with the validity of information the corporate battle lines are drawn. Think about how much time and dollars are spent proving or disproving the integrity of information in a court of law. Those organizations who know that they are in the "4th Generation Warfare" (4GW) era will survive only if they can grasp this concept. Fourth Generation Warfare removes the front entirely. Attackers rely on a barrage of information salvos and coordinated incidents to paralyze or erode the adversaries political will, rather than seeking decisive hand-to-hand combat. Does this sound familiar to your General Counsel?

We are not talking about Al Qaeda now. We are talking about the class action "Army" that is forming the strategy and the means to wage unconventional battles against your, trusted information. Or is it?