Our Blogs – For CIOs by CIOs

By Bhavin Shah, Senior Consultant

The cyber threat landscape

Cybersecurity incidents have rapidly increased in the last few years. In response, organizations have spent billions handling data breaches, ransomware and other cyberattacks in reactive mode. This trend will continue as the competitive business landscape, digital business strategy and technological advancements continuously change organizations’ attack surfaces. Tactics used by cybersecurity criminals – and, therefore, the threat vectors – will continue to evolve.

To address this ever-changing cyber threat landscape you must think out of the box and proactively develop the next generation of cybersecurity strategy. Just as importantly, to get buy-in for your cybersecurity and data security efforts, you must clearly articulate the measurable business outcomes associated with these efforts to your board of directors… and then back this up with data.

By Sean Hickey, Senior Consultant

Every company where I have done SOX (Sarbanes-Oxley Act) compliance testing has the same problem: Their over 90 days past due accounts receivable stunk. In fact, they all seemed to think that having 5% over 90 (and sometimes even close to 10%!) is normal. 

These same companies also had a sea of revenue recognition journal entries on the backend of their order-to-cash process, and saw this as a normal and acceptable practice as well. 

Most importantly, they failed to see the connection between these two things.

I’m here to tell you that all of those revenue recognition journal entries are neither normal nor acceptable … and if you change your order-to-cash business processes in a way that eliminates them, the percentage of your A/R that’s over 90 days will plummet. 

By Sean Hickey, Senior Consultant

A few weeks ago I was at a local business event, having a discussion with a couple of CFOs on ways to improve their company’s results. After discussing a variety of transformative business strategies that all relate to other functions within the business, they were surprised when I said, “What about your finance operations?” They had been so focused on ways to improve other company-wide horizontal processes – order to cash, procure to pay, etc., – that finance had taken a lower priority as a downstream process vs. being a horizontal process for the company as well. 

By Ken Norland, Associate and Lonnie Sanders III, Associate

Are you eager to sabotage your organization's Master Data Management (MDM) initiative, drive inefficiency and compromise data quality? While we hope this isn't your intention, there are certainly pitfalls that can lead to MDM failure, derailing the success of an otherwise well-conceived project. In this discussion, we'll explore five proven ways to ensure your MDM endeavor falls flat, providing valuable lessons on what not to do. Instead, you can avoid these common traps and chart a course to MDM success.

By Sean Hickey, Senior Consultant

Many corporate leaders are always looking to improve costs while improving organizational effectiveness. Many times they attempt to achieve this by reactively cutting headcount across the board by X%, with top-down mandated layoffs. In the process they usually harm organizational effectiveness, decrease service levels and increase finance process risk.

The good news is there are better ways to reduce corporate costs. Here are some ideas that, as a CFO partnering with your CIO, you should consider spearheading…

By Jon Bergman and Lonnie Sanders III, CIOPS Associates

You may not have realized it, but we are just weeks away from the annual celebration known as the “Festival of Enormous Changes at the Last Minute”! While you are contemplating how you plan to mark this exhilarating occasion, we’d like to point out something that should be obvious. When it comes to the Change Management aspect of IT Service Management (ITSM), your end users are never going to see “enormous changes at the last minute” as a cause for celebration. 

Although change is never easy, if you want to make IT changes easier for your end users, the best approach is to establish a regular cadence for change. Here are some of the things that we have seen are most helpful in this area…

By Jon Bergman and Lonnie Sanders III, CIOPS Associates

The store manager arrived at work at 9:30 am, just as she did every workday, and she immediately started readying the store to open at 10:00. She turned on the lights, straightened out the merchandise, powered up the computers, turned on the registers and addressed some paperwork. 

Everything seemed fine…until 45 minutes later when she went to ring up the day’s first customer and discovered that something was screwy with the register. While she vaguely remembered getting an email the week before saying that corporate was going to be downloading some new software, she was certain that email had appeared pretty routine. After all, if they had announced that on a specific day and time they were going to be downloading software to change how the registers worked, she certainly would have taken notice! 

By Walter Curd, Associate

About twelve years ago I was brought on as the CIO of a large semi-conductor company with an incredibly complex operation. The company manufactured and sold over $2.5 billion worth of units each year, had tens of thousands of quotes and orders each month, and—perhaps most importantly to me as the CIO—was using over 600 software applications to run their business! It seemed like everywhere I looked there were more software programs, and my IT group had to support all of them.

Needless to say, it was obvious to me that our IT organization, as well as the business as a whole, could benefit from some strategic planning. Others agreed, and the company brought in an outside expert to help with the strategic planning process. 

This expert took us through a very straightforward process that gave me the information I needed to completely transform my IT organization…and it was all built upon the concept of “winning.”

By Lonnie Sanders III, Associate

Quick! If you had an urgent need to know the details of the routers at your Cleveland facility, or exactly what sensitive company information can be accessed from a company laptop that was just stolen from a hotel room in Shenzhen, how long would it take you to access this information?

If you have IT Asset Management in place, you can pull up the necessary data in a matter of seconds. Otherwise…well, whether or not you’d be able to find this information at all is anyone’s guess. 

By Lonnie Sanders III, Associate

Many organizations think the process of getting a robust IT-related Knowledge Management system in place is too costly and time-consuming to make it worthwhile. Which is quite ironic, given that cost and time savings are the main benefits these systems provide!

What is ITSM Knowledge Management?
In the context of IT Service Management (ITSM), Knowledge Management is a formal process for gathering and analyzing knowledge related to your IT systems, and then making this knowledge readily available to help desk personnel and, often, end users, in the form of written articles and/or video tutorials.

Once you have Incident Management,Change Management and Problem Management in place, implementing Knowledge Management is usually the next logical step in getting the ITSM basics in place and continuing to add value.