5. Managing Risks In Today‟s Business Is Critical
Environmental Societal
Climate change Pandemics
Water, energy shortages Food, product liabilities
Natural disasters Infectious diseases
Economic Geopolitical
Oil shock Terrorism, War
Fall in US Dollar Crime, Corruption
China hard landing Breakdown in
information infrastructure
FACT: - 87% of those risks were non-
Between 2004-2007, 62% financial
of global companies
experienced risk events*
- Almost half were not prepared
- Only half manage risk formally
*Source: IBM Global CFO Study 2008
6. Business Models Have Changed: From Vertical
Integration to Virtual Integration
100 years later
The Boeing 787
Only the Vertical Fin Manufactured in Seattle
The ultimate Virtual Chain
Ford’s River Rouge Plant; 27 miles of
conveyor,
The epitome of Vertical Integration
Early 1900s
7. Business Models Have Changed: From Mass
Production To Mass Customization
100 years later
Each Laptop / Desktop
Customized to your
Requirement
The perfect „Make to Order‟ Model
Model „T‟ first introduced in 1908
Model „T‟ phased out in 1927 !
“The Customer can have any color
that they want, as long as it is BLACK”
The perfect „Make to Stock‟ Model
Early 1900s
Adding further complexity?
8. System Complexity Creates Additional Chaos
MULTIPLE DIFFERENT DISPARATE BI TOOLS FRAGMENTED
ROLES METRICS & REPORTING SYSTEMS DATA SOURCES
FINANCE
Finance
Multiple ERP
EBITDA
Human
Resources
Multiple
HIRING QUALITY OPERATIONS Supply Chain
Marketing
Multiple Data
BRAND Warehouses
Customer
Service PLANNING
Multiple Legacy
SERVICE LEVELS Applications
Executive
Multiple Point
COMPANY HEALTH Applications
Affecting?
9. Decision Making - More Complex And Challenging
More Decisions to Take… … Increasing Complexity
75% of senior executives
of top US companies said 50% said that decisions are
that the number of daily more complex this year
decisions has increased than last year
over the past year
… Leading to Bad Outcomes … Across the Firm
Top casualties of poor
70% said that poor
decision making are
decision making is a
profits, company
serious problem for
reputation, long-term
business.
growth, and morale
Source: Opinion Research Corporation, “IT Professional and Decision Automation”, 2007
10. Impact Of Poor Decisions…
“The days when you could go to investors and say „sorry, we
didn‟t expect this‟ have gone,‟ admits one senior manager. „You
are supposed to have a precise calculation for the impact of every
act of God.‟”
- “Commodity hedging alleviates risk factor,” – Financial
Times, October 18, 2005
12. Agenda
• Complexity In Today’s Business
• Managing Enterprise Performance
• How do we achieve
• Q&A
13. Performance Management: The Next Competitive Edge
Competitive
Smart – Deep Insight
Advantage
Agile – Decisive Action
Aligned – Across the Extended
Enterprise
PERFORMANCE EXCELLENCE
Cost – Lean and Mean
Quality – Six Sigma, TQM
Speed – Real-time, JIT
OPERATIONAL EXCELLENCE
Time
14. Who is Responsible for Performance
Management – Strategy and Execution?
C-Suite and Board of
Directors
Office of CFO Line of Business
Managers
15. Organizations make decisions at all levels
Types of Decisions
• Which company to buy?
• Which markets to play in?
High Low Strategic • Where to make capital investments?
Impact Volume
Decisions
• Which products to make? At what
price?
Med. Med. Tactical • Where to make products?
Impact Volume Decisions • Which segments to target?
• What to do with budgetary variance?
Low High
• Should we cross-sell to this customer?
Impact Volume Operational
• Which prospects to target campaigns?
Decisions
• Which orders to process?
• How to route shipments?
Source: James Taylor, “Smart Enough Systems” and Oracle
16. Six Pillars that lead to PM Execution Mastery
Connected
Enterprise
Value Enterprise Distinctive Capital Enterprise Outcome
wide based
Centered Wide Risk Capability Stewardsh metrics Apprais
ip al
Culture Managem
ent
System
Compelling Vision
17. PM Framework for Value Creation
Strategy Customer ERP
/Mission Satisfaction & Processes
Order
fulfillment
CRM
Organization‟s Supplier Inputs
Scorecards Resources ROI
KPI
(capacity) Shareholders
Scores
feedback
Note : Shareholder wealth creation is not the goal. It is a result
How do we measure these?
20. Agenda
• Complexity In Today’s Business
• Managing Enterprise Performance
• How do we connect strategy to execution
• Q&A
21. Where is Your Organization Today?
Focus on Focus on Focus on
Reporting Metrics Value
Fragmented • Integrated approach
Costs Approach to PM
• Aiming to improve
• Compliant but at a performance
high cost
• GRC is a
• Limited view of by-product
interdependencies
• Reacting to a few • Looking to reduce
high-priority PM resources spent
projects
• May not realize Integrated Approach
full extent of need
# of PM Projects
22. Harmonising the Elements of IT Governance
IT
Governance
Resource
Management
2009 ISACA All Rights reserved. 22
24. Deploy Technology: The Most Popular Software Tool…
80
70
% of respondents
60
50
40
30
20
10
0
ER
N
Sp
C
B
o
us
PM
re
P
so
t
so
ad
om
so
ftw
s
ftw
ftw
he
B
ar
PM
ar
et
ar
e
e
s
e
25. Enterprise Performance Management System
Integrates Transaction, Intelligence, Financial Systems
Modeling Planning & Financial Financial & Metrics &
Budgeting Management Statutory Scorecards
Reporting
Performance Management
Enterprise
Performance
Management
System
Transactional Systems BI Systems
Operational
Business
Intelligence
Sales & CRM Financials Supply Chain HR Procurement Data Data Query & OLAP Dashboards Enterprise/ Alerts &
Warehouse Integration Analysis Operational Workflow
Reporting
How do we ensure the outcome is achieved?
26. 6 Steps to Successful PM Strategy to execution process
1. Define Goals and Strategies
2. Define Standards, Policies, Procedures
Around Financial, Non Financials, Project, Service, etc
6. Refine and Go to the Next
Level These 6 steps allow a company to
incrementally develop 3. Define Metrics
and mature their overall business
goals
5. Analyze and Improve
Existing Processes 4. Put ICT Strategies in Place
26
27. Goals & Strategies
• Business and IT Goals
• ICT Strategy
• Existing Capabilities
• IT Roadmap
• Journey Management
27
28. Create Standards, Policies & Processes
Governance PM
Board Committee Executives
• Communicate
Office of CFO
Create
Manage Business Leaders
Feedback & Monitor Architects
Outcomes/
Policies
IT Managers
Issues:
•Decision Rights Administrators
•Input Rights
•Exception Management
28
29. Define Metrics for Success
• Why Measure ?
• Ensure Business Goals
• Deliver ICT Strategy
• What to Measure ?
• standards, compliance, # of Financial metrics, # of non
financial metrics, # of process failures, impact to business due
to decisions, # of exceptions, # of outcomes achieved vs
planned, # of metrics roll up to serve linkage to goals, etc
• How to Measure ?
• What can be automated?
• What can be easily captured?
29
30. Put Mechanisms in Place
Financial
Funding Model
People Portfolio
Roles & Responsibilities Cash Flow/Working Capital Projects
Performance Group Platform Funding Business Services
Outcome based Owners Applications
Service Ownership Capacity Planning
DRIVEN BY
Projects
Service Lifecycle Gov Enforce Service Levels Operations
EXECUTIVES Enforce Policies/standards/
Shared Artifacts
metrics
Strategic Platform Reference Architectures
Data Ownership
Enforce Platform Decisions Architectural Standards
Shared Foundation Srvcs Data Standards Blueprints & Patterns
Technology Data Quality/confidentiality Architecture
Information
31. Analyze and Improve
• Metrics on process itself
• Metrics on progress of goals and roadmap
• How often are people going off the path?
• Do they tell us when they do?
• Do we need to change restrictive policies?
• Do we need to have stricter enforcement?
• What do you do with the Information?
• Make decisions
• Create feedback loop
32. Refine and Go to the Next Maturity Level
• ICT strategies, goals, objectives met for this ICT
maturity level level
• Refine ICT strategies, goals, objectives for
current maturity level
• Create new ICT strategies, goals, objectives for
next ICT maturity level
33. About ISACA
Key Message
As an independent, nonprofit, global membership association, ISACA
engages in the development, adoption and use of globally accepted,
industry-leading knowledge and practices for information systems.
ISACA helps its members achieve individual and organizational
success, resulting in greater trust in, and value from, information
systems. Its members and certification holders are qualified and
skilled professionals who make a difference.
34. Your Needs + Our Certifications
Winning Solution
CONTACT:
Ravi Tirumalai, ACA, ACMA, CGEIT, CISA
Board Member – ISACA Singapore
Ravitnc@hotmail.com
http://www.isaca.org
http://www.isacatacs.com