Managing Risks In Today‟s Business Is Critical Environmental Societal Climate change PandemicsWater, energy shortages Food, product liabilities Natural disasters Infectious diseases Economic Geopolitical Oil shock Terrorism, War Fall in US Dollar Crime, CorruptionChina hard landing Breakdown in information infrastructure FACT: - 87% of those risks were non- Between 2004-2007, 62% financial of global companies experienced risk events* - Almost half were not prepared - Only half manage risk formally *Source: IBM Global CFO Study 2008
Business Models Have Changed: From VerticalIntegration to Virtual Integration 100 years later The Boeing 787 Only the Vertical Fin Manufactured in Seattle The ultimate Virtual ChainFord’s River Rouge Plant; 27 miles of conveyor, The epitome of Vertical Integration Early 1900s
Business Models Have Changed: From MassProduction To Mass Customization 100 years later Each Laptop / Desktop Customized to your Requirement The perfect „Make to Order‟ Model Model „T‟ first introduced in 1908 Model „T‟ phased out in 1927 ! “The Customer can have any color that they want, as long as it is BLACK” The perfect „Make to Stock‟ Model Early 1900s Adding further complexity?
System Complexity Creates Additional Chaos MULTIPLE DIFFERENT DISPARATE BI TOOLS FRAGMENTED ROLES METRICS & REPORTING SYSTEMS DATA SOURCES FINANCE Finance Multiple ERP EBITDA HumanResources Multiple HIRING QUALITY OPERATIONS Supply Chain Marketing Multiple Data BRAND WarehousesCustomer Service PLANNING Multiple Legacy SERVICE LEVELS ApplicationsExecutive Multiple Point COMPANY HEALTH Applications Affecting?
Decision Making - More Complex And Challenging More Decisions to Take… … Increasing Complexity 75% of senior executives of top US companies said 50% said that decisions are that the number of daily more complex this year decisions has increased than last year over the past year … Leading to Bad Outcomes … Across the Firm Top casualties of poor 70% said that poor decision making are decision making is a profits, company serious problem for reputation, long-term business. growth, and morale Source: Opinion Research Corporation, “IT Professional and Decision Automation”, 2007
Impact Of Poor Decisions…“The days when you could go to investors and say „sorry, wedidn‟t expect this‟ have gone,‟ admits one senior manager. „Youare supposed to have a precise calculation for the impact of everyact of God.‟” - “Commodity hedging alleviates risk factor,” – Financial Times, October 18, 2005
Agenda• Complexity In Today’s Business• Managing Enterprise Performance• How do we achieve• Q&A
Performance Management: The Next Competitive Edge Competitive Smart – Deep Insight Advantage Agile – Decisive Action Aligned – Across the Extended Enterprise PERFORMANCE EXCELLENCE Cost – Lean and Mean Quality – Six Sigma, TQM Speed – Real-time, JIT OPERATIONAL EXCELLENCE Time
Who is Responsible for Performance Management – Strategy and Execution? C-Suite and Board of DirectorsOffice of CFO Line of Business Managers
Organizations make decisions at all levels Types of Decisions • Which company to buy? • Which markets to play in? High Low Strategic • Where to make capital investments? Impact Volume Decisions • Which products to make? At what price? Med. Med. Tactical • Where to make products? Impact Volume Decisions • Which segments to target? • What to do with budgetary variance? Low High • Should we cross-sell to this customer? Impact Volume Operational • Which prospects to target campaigns? Decisions • Which orders to process? • How to route shipments?Source: James Taylor, “Smart Enough Systems” and Oracle
Six Pillars that lead to PM Execution Mastery Connected Enterprise Value Enterprise Distinctive Capital Enterprise Outcome wide based Centered Wide Risk Capability Stewardsh metrics Apprais ip al Culture Managem ent System Compelling Vision
PM Framework for Value Creation Strategy Customer ERP /Mission Satisfaction & Processes Order fulfillment CRM Organization‟s Supplier Inputs Scorecards Resources ROI KPI (capacity) Shareholders Scores feedbackNote : Shareholder wealth creation is not the goal. It is a result How do we measure these?
Scorecard: Connecting Strategy to ExecutionSource : Robert Kaplan
Agenda• Complexity In Today’s Business• Managing Enterprise Performance• How do we connect strategy to execution• Q&A
Where is Your Organization Today? Focus on Focus on Focus on Reporting Metrics Value Fragmented • Integrated approach Costs Approach to PM • Aiming to improve • Compliant but at a performance high cost • GRC is a • Limited view of by-product interdependencies • Reacting to a few • Looking to reduce high-priority PM resources spent projects • May not realize Integrated Approach full extent of need # of PM Projects
Harmonising the Elements of IT Governance IT Governance Resource Management 2009 ISACA All Rights reserved. 22
®The COBIT Framework How do we execute on the above?
Deploy Technology: The Most Popular Software Tool… 80 70% of respondents 60 50 40 30 20 10 0 ER N Sp C B o us PM re P so t so ad om so ftw s ftw ftw he B ar PM ar et ar e e s e
Enterprise Performance Management System Integrates Transaction, Intelligence, Financial Systems Modeling Planning & Financial Financial & Metrics & Budgeting Management Statutory Scorecards Reporting Performance Management Enterprise Performance Management System Transactional Systems BI Systems Operational Business IntelligenceSales & CRM Financials Supply Chain HR Procurement Data Data Query & OLAP Dashboards Enterprise/ Alerts & Warehouse Integration Analysis Operational Workflow Reporting How do we ensure the outcome is achieved?
6 Steps to Successful PM Strategy to execution process 1. Define Goals and Strategies 2. Define Standards, Policies, Procedures Around Financial, Non Financials, Project, Service, etc6. Refine and Go to the Next Level These 6 steps allow a company to incrementally develop 3. Define Metrics and mature their overall business goals 5. Analyze and Improve Existing Processes 4. Put ICT Strategies in Place26
Goals & Strategies• Business and IT Goals• ICT Strategy• Existing Capabilities• IT Roadmap• Journey Management27
Create Standards, Policies & ProcessesGovernance PM Board Committee Executives • Communicate Office of CFOCreateManage Business Leaders Feedback & Monitor Architects Outcomes/ Policies IT Managers Issues: •Decision Rights Administrators •Input Rights •Exception Management 28
Define Metrics for Success• Why Measure ? • Ensure Business Goals • Deliver ICT Strategy• What to Measure ? • standards, compliance, # of Financial metrics, # of non financial metrics, # of process failures, impact to business due to decisions, # of exceptions, # of outcomes achieved vs planned, # of metrics roll up to serve linkage to goals, etc• How to Measure ? • What can be automated? • What can be easily captured?29
Put Mechanisms in Place Financial Funding Model People Portfolio Roles & Responsibilities Cash Flow/Working Capital Projects Performance Group Platform Funding Business Services Outcome based Owners Applications Service Ownership Capacity Planning DRIVEN BYProjects Service Lifecycle Gov Enforce Service Levels Operations EXECUTIVES Enforce Policies/standards/ Shared Artifacts metrics Strategic Platform Reference Architectures Data Ownership Enforce Platform Decisions Architectural Standards Shared Foundation Srvcs Data Standards Blueprints & Patterns Technology Data Quality/confidentiality Architecture Information
Analyze and Improve• Metrics on process itself• Metrics on progress of goals and roadmap • How often are people going off the path? • Do they tell us when they do? • Do we need to change restrictive policies? • Do we need to have stricter enforcement?• What do you do with the Information?• Make decisions• Create feedback loop
Refine and Go to the Next Maturity Level• ICT strategies, goals, objectives met for this ICT maturity level level• Refine ICT strategies, goals, objectives for current maturity level• Create new ICT strategies, goals, objectives for next ICT maturity level
About ISACAKey MessageAs an independent, nonprofit, global membership association, ISACAengages in the development, adoption and use of globally accepted,industry-leading knowledge and practices for information systems.ISACA helps its members achieve individual and organizationalsuccess, resulting in greater trust in, and value from, informationsystems. Its members and certification holders are qualified andskilled professionals who make a difference.
Your Needs + Our Certifications Winning Solution CONTACT: Ravi Tirumalai, ACA, ACMA, CGEIT, CISA Board Member – ISACA Singapore Ravitnc@hotmail.com http://www.isaca.org http://www.isacatacs.com