Risk Assessment

Risk assessment is a vital component in BC (Business Continuity) planning. Through risk assessment, your company may determine what vulnerabilities your assets possess. Not only that, you’ll also be able to quantify the loss of value of each asset against a specific threat. That way, you can rank them so that assets that are most likely to cripple your business when say a specific disaster strikes can be given top priority.

However, a poorly implemented risk assessment may also cost you unnecessary expenditures. Many risk assessors are too enthusiastic in pointing out risks that, at the end of the assessment, they tend to over-appraise even those having practically zero probability of ever occurring.

We can assure you of a realistic assessment of your assets’ risks and propose cost-effective countermeasures. These are the things we can do:

  • Identify your unsafe practices and propose the best alternatives.
  • Perform qualitative risk assessment if you want fast results and lesser interruptions on your operations.
  • Perform quantitative risk assessment if you want the most accurate depiction of your risks and the corresponding justifiable costs of each.
  • Conduct frequency and consequence analysis to identify unforeseen harmful events and determine their effects to various components of your organisation and its surroundings.

We can also assist you with the following:

Check our similar posts

Transformation to a process based organisation

Today’s global marketplace rewards nimble organisations that learn and reinvent themselves faster than their competition. Employees at all levels of these organisations see themselves as members of teams responsible for specific business processes, with performance measures tied to the success of the enterprise. As team members, they are “owners” of the process (or processes) to which they are assigned. They are responsible for both the day to day functioning of their process(s), and also for continuously seeking sustainable process improvements.

Transforming a traditionally designed “top down control” enterprise to a process-based organisation built around empowered teams actively engaged in business process re-engineering (BPR) has proven more difficult than many corporate leaders have expected. Poorly planned transformation efforts have resulted in both serious impacts to the bottom line, and even more serious damage to the organisation’s fabric of trust and confidence in leadership.

Tomislav Hernaus, in a publication titled “Generic Process Transformation Model: Transition to Process-based Organisation” has presented an overview of existing approaches to organisational transformation. From the sources reviewed, Heraus has synthesised a set of steps that collectively represent a framework for planning a successful organisational change effort. Key elements identified by Hernaus include:

Strategic Analysis:

The essential first step in any transformation effort must be development of a clear and practical vision of a future organisation that will be able to profitably compete under anticipated market conditions. That vision must be expected to flex and adjust as understanding of future market conditions change, but it must always be stated in terms that all organisational members can understand.

Identifying Core Business Processes:

With the strategic vision for the organisation in mind, the next step is to define the core business processes necessary for the future organisation to function. These processes may exist across the legacy organisation’s organisational structures.

Designing around Core Processes:

The next step is development of a schematic representation of the “end state” company, organised around the Core Business Processes defined in the previous step.

Transitional Organisational Forms/ Developing Support Systems:

In his transformation model, Hernaus recognises that information management systems designed for the legacy organisation may not be able to meet the needs of the process management teams in the new organisation. Interim management structures (that can function with currently available IT system outputs) may be required to allow IT professionals time to redesign the organisation’s information management system to be flexible enough to meet changing team needs.

Creating Awareness, Understanding, and Acceptance of the Process-based Organisation:

Starting immediately after the completion of the Strategic Analysis process described above, management must devote sufficient resources to assure that all organisation members, especially key managers, have a full understanding of how a process-based organisation functions. In addition, data based process management skills need to be provided to future process team members. It is not enough to schedule communication and training activities, and check them off the list as they are completed. It is critical that management set behavioural criteria for communication and training efforts that allow objective evaluation of the results of these efforts. Management must commit to continuing essential communication and training efforts until success criteria are achieved. During this effort, it may be determined that some members of the organisation are unlikely to ever accept the new roles they will be required to assume in a process-based organization. Replacement of these individuals should be seen as both an organisational necessity and a kindness to the employees affected.

Implementation of Process Teams:

After the completion of required training AND the completion of required IT system changes, process teams can be formally rolled out in a planned sequence. Providing new teams with part time support by qualified facilitators during the firsts weeks after start-up can pay valuable long term dividends.

Team Skill Development and Continuous Process Improvement:

Providing resources for on-going skill development and for providing timely and meaningful recognition of process team successes are two keys for success in a process-based organisation. Qualified individuals with responsibility for providing training and recognition must be clearly identified and provided with sufficient budgetary resources.

The Hernaus model for transformation to a process based organisation is both well thought out and clear. His paper provides an ample resource of references for further study.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
IT Transformation Defined

Businesses depend on IT to effectively manage business processes and to provide products and services to clients. As IT technologies advance, it is crucial that businesses update their hardware to remain competitive. But businesses should do more than simply upgrade their servers and should really strive to effect IT transformation.

What is IT Transformation?

IT transformation is the ongoing process of changing the way that a company uses IT to better align it with current business goals. Through the IT transformation process, businesses try to determine whether they are meeting mission-critical benchmarks through the incorporation of new IT technologies for corporate transformation.

For example, if one of the current business concerns is whether the company can improve customer service, the IT system will need to evolve in such a way that improves customer service in a measurable way.

Successfully Aligning the Technology to Business Goals

In order to successfully align the IT system with business goals, it is important to understand the newly integrated technologies to understand how they can change business processes. If a new feature is intended to make the server more secure, the management should know exactly how the feature will improve the security of the server and whether the new implementation is redundant.

Once the business objectives have been identified, IT transformation is carried out by changing both the software and hardware used by the company. An example would be the growing trend of server migration to the cloud. Cloud computing is the growing trend of making files and data accessible from anywhere. If an organisation believes that it can improve productivity through a server cloud migration, it will need a way to test this.

The IT Transformation Process

Given that IT transformation is directly related to the core business, the IT transformation process must begin by identifying which aspects of the company must be changed. Then, the company must determine?IT services that could potentially be integrated into the business in a way that will help the company achieve benchmarks. After the key decision-makers understand the IT network well enough to effectively implement it, the company must efficiently manage the transformation process. Then, after the IT has been integrated, the company must have a system in place to measure business transformation in a numerical way.

For example, when assessing customer satisfaction, one effective strategy would be to distribute customer satisfaction surveys that ask customers to rate their experiences on a scale of one to ten. The company can then measure the results of the customer satisfaction survey to determine whether the new IT implementations are accomplishing their intended goals.

If the expected benchmarks are not being met, the next step in the IT transformation process is to determine if there is a specific reason for that. Is there a way that the feature can be better integrated to achieve desired business objectives? Are there other features that can help the company better achieve its goals?

Upgrading a network can be an expensive process and it is important to identify early on which options are the most likely to benefit the company’s bottom line.

User-Friendly RASCI Accountability Matrices

Right now, you’re probably thinking that’s a statement of opposites. Something dreamed up by a consultant to impress, or just to fill a blog page. But wait. What if I taught you to create order in procedural chaos in five minutes flat? ?Would you be interested then?

The first step is to create a story line ?

Let’s imagine five friends decide to row a boat across a river to an island. Mary is in charge and responsible for steering in the right direction. John on the other hand is going to do the rowing, while Sue who once watched a rowing competition will be on hand to give advice. James will sit up front so he can tell Mary when they have arrived. Finally Kevin is going to have a snooze but wants James to wake him up just before they reach the island.

That’s kind of hard to follow, isn’t it ?

Let’s see if we can make some sense of it with a basic RASCI diagram ?

Responsibility Matrix: Rowing to the Island
Activity Responsible Accountable Supportive Consulted Informed
Person John Mary Sue James Kevin
Role Oarsman Captain Consultant Navigator Sleeper

?

Now let’s add a simple timeline ?

Responsibility Matrix: Rowing to the Island
? Sue John Mary James Kevin
Gives Direction ? ? A ? ?
Rows the Boat ? R ? ? ?
Provides Advice S ? ? ? ?
Announces Arrival ? ? A C ?
Surfaces From Sleep ? ? ? C I
Ties Boat to Tree ? ? A ? ?

?

Things are more complicated in reality ?

Quite correct. Although if I had jumped in at the detail end I might have lost you. Here?s a more serious example.

rasci

?

There?s absolutely no necessity for you so examine the diagram in any detail, other to note the method is even more valuable in large, corporate environments. This one is actually a RACI diagram because there are no supportive roles (which is the way the system was originally configured).

Other varieties you may come across include PACSI (perform, accountable, control, suggest, inform), and RACI-VS that adds verifier and signatory to the original mix. There are several more you can look at Wikipedia if you like.

Ready to work with Denizon?

Contact Us Today