Businesses sit within an ecological like system. The resilience of an organisation is directly related to the resilience of the other organisations on which it depends including customers, suppliers, regulators and even competitors. An organisation is also dependent on and contributes to the individual resilience of its staff and their communities. Similarly, an organisation’s resilience is directly related to the resilience of its sector and the sector’s resilience is coupled with the resilience of the national and international environment.
Information is the lifeblood of an organisation
Information has undergone a transition from a supporting role to a leading role in determining organisational success and is now amongst the highest valued assets, sometimes referred to as the “new oil”.
Clive Humby, UK Mathemetician and architect of Tesco’s Clubcard in 2006, is widely credited as the first to coin the now frequently quoted phrase: “Data is the new oil”
During this transformation to an information economy IT organisations have responded to meet business demand by adopting new technologies, transforming processes and expanding their use of specialist 3rd party service providers. These changes have generally delivered benefits while at the same time presenting new challenges. In the case of service providers this has meant developing the management oversight necessary to successfully integrate component services and ensure the overall level of performance and availability necessary to underpin business processes.
The role of the IT organisation
The role of an IT organisation is to enable the flow of data for the company or organisation to survive and thrive. More specifically, this involves the whole life management of the information assets that create, process, protect, store, disseminate and consume information in terms of their value to the efficiency and effectiveness of business processes and business outcomes.
There is sometimes still a tendency within IT organisations to purely focus on discrete systems and how they work rather than how they are used by the business. This is somewhat understandable but perhaps also symptomatic of a disconnect that persists in many organisations, often expressed as “IT and the business.” Such language creates an artificial separation. It is relatively common to hear IT personnel say “I need to check with the business” or “we need to know what the business wants” for example rather than using language such as “IT and the rest of the business”, “other parts of the business” or addressing specific departments by name.
In a digital economy every business uses IT for many of its activities from implementing core business processes, delivering the customer experience through to enabling global collaboration. The word “business” is synonymous with everyone adding value.
The IT organisation is more than an IT services provider. It contributes to the creation of business value and is an integral part of the delivery of a successful business operating model with future profit dependent on effective digitisation.
CIOs in particular need to be cognisant of how data flows around the business and the criticality of the IT assets underpinning business processes including the corresponding impact to the business if these assets are lost.
The 21st Century Business Landscape
Modern businesses are continually subject to commercial pressures. Patterns of business activity can vary significantly throughout the year and this affects the criticality of the underpinning information assets. Examples could include Christmas trading, Payroll cycles or a company’s end of year reporting. The impact of the unavailability of information assets or data loss during these periods, even for a small amount of time, could be significantly damaging from a financial or reputational perspective.
There are also the broader interdependencies associated with political, social, economic, technological, environmental and legislative developments, especially for multi-national organisations and international supply chains that may affect the creation, processing, protection, storage, dissemination, and consumption of information. For example, pursuing a market opportunity following the poor performance of a competitor, a legislative change such as the impending General Data Protection Regulations (GDPR) , the advent of new technologies, reputational issues or the impact to trading resulting from economic slowdown or political unrest.
Businesses recognise that in a turbulent and uncertain world the ability to forecast has been curtailed. The only way to cope with the unexpected is to build a resilient organisation, one that is structured to cope with a range of shocks and to manage ordinary and extraordinary needs with agility thereby increasing the prospect of favourable future.
Business strategy development in many organisations is becoming leaner and more iterative in nature. Understanding the flow of information enables the business to recognise its reliance on 3rd parties, identify security vulnerabilities and the impact of proposed changes. It enables the CFO to better understand the value that an IT organisation contributes to the rest of the business. Those managing portfolios benefit from an improved understanding of programme prioritisation, interdependency, risk management and opportunities for optimising against corporate targets and objectives.
Operating in an increasingly uncertain world requires that organisations develop “what-if scenarios” but to fully explore these scenarios requires an understanding of the current information flows and how the business could operate in the future.
The emergence of cyber threats or a damaging data breach are now a daily occurrence. While the benefits of digitisation may be real, so too are the security threats and organisational vulnerabilities that result in acts such as computer-assisted fraud, espionage, sabotage and “cyber vandalism.” The rapid expansion of cloud computing, outsourcing and supply chain integration represent both opportunities and challenges to be managed.
In today’s digital world, businesses and individuals must be able to trust that companies are run securely and have adequate protocols in place to understand the flow of information and protect their sensitive data.
Whether it is their own data, or that of customers or partners, resilient organisations are those that collect, use and store information appropriately complying with relevant regulations. They ensure their employees and partners remain security aware and follow procedures designed to protect the confidentiality, integrity and availability of information.
People are the driving force within any business, using information supplied through business processes and underpinning information assets, enabling individuals to complete tasks and make decisions throughout the organisation and the supply chain.
Protection of data through the effective management of digital threats and vulnerabilities while creating and optimising data flows requires a depth of understanding of the enterprise architecture and the development of an adaptive capacity and agility for business continuity and delivery of a successful business operating model.
For more details on how Aurora Partners could benefit your business please visit our website at www.aurorapartners.co.uk or get in touch via email@example.com
Aurora Partners |Applying Peripheral Vision