The velocity of change

Similar documents
Governing the cloud. insights for 5executives. Drive innovation and empower your workforce through responsible adoption of the cloud

Make money, save money and manage risk

Make money, save money and manage risk. The benefits of well-designed environment, health, safety and sustainability programs

ERM vs. Internal Audit

Implementing and maintaining ISAE 3402

Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA

Go global: positioning your family business expansion across borders. Key considerations for accelerating your growth

EY Center for Board Matters. Leading practices for audit committees

Managing complexity and change in a new landscape. June 2014

Surveillance Program Design and Behavioral Analytics Implementation

As meters get smarter, who gets the power?

Managing the move to SMI How EY helps clients get the most from a multisourced environment Service management integration (SMI)

Cloudy skies. How to bring clarity to your cloud platform in order to optimize your investment. September 2016

Driving sustainable performance in the oil and gas sector. Supporting your health, safety, environmental and social goals

Cloud sourcing: are you familiar with Luxembourg s revised regulatory environment?

Why digital governance matters

Kseniia Jones Senior Manager Global Risk Advisory Deloitte UK

The future enterprise. A transformation road map for the automotive organization

Integrating COSO s Fraud Risk Management Guide on an Enterprise Scale

Data makes mobility work

Accenture Business Journal for India Shaping the Future with As-a-Service:

BioPharm. Smart Outsourcing: Strategic Alignment, Risk Management, and New Relationships

represents a likely source of cost savings, improved business performance and stronger customer-facing capabilities.

A Changing Profession for a Changing Market: Evolving services, skills and talent to meet business demands

In times of uncertainty, where can governments find opportunity?

Technology evolution. Managing the risk in four key areas

Growing opportunity, growing business. EY s financial services practice in ASEAN

Get ready for robots: why planning makes the difference between success and disappointment

ENERGY AND COMMODITIES ETRM SYSTEMS: BUILD, BUY OR SUBSCRIBE TO SAAS

report that their financial impact of all fraud, corruption and/or money laundering incidents is over per incident

Communications in the Cloud:

Intelligent automation and internal audit

Building and operating the UK s infrastructure. Establishing your roadmap to success

THREE-YEAR STRATEGIC PLAN UPDATE v1

The winning tax transformation trinity. Data, technology and operations

Smart Outsourcing: Strategic Alignment, Risk Management, and New Relationships

Embracing SaaS: A Blueprint for IT Success

A High-Touch Approach to Improving Patient Access. Using field support to navigate reimbursement challenges

Effective implementation of COSO s new anti-fraud guidance

Business resilience in the provider care sector. Actively adapting to a changing environment

CIO Priorities: Striking the Right Balance Between Growth and Efficiency

Build a Future-Ready Enterprise With NTT DATA Modernization Services

Multisource Management in the Cloud Age Keys to MSI and SIAM success in Hybrid IT environments

Telecom analytics. Advisory, India Analytics

Building the talent of the future

IBM Cloud Services Balancing compute options: How IBM SmartCloud can be a catalyst for IT transformation

Viewpoint Transition to the cloud

Securing Capabilities in the Cloud: Security and Privacy in the Evolution of Cloud Computing

Global Business Services: Disrupt or be disrupted

KPMG s Advisory Services for Oracle. kpmg.com

Internal Audit and Robotic Process Automation

IBM Business Consulting Services. Providing excellence and delivering value in Oracle, PeopleSoft and J.D. Edwards applications services

What s the cost of control? Keeping control of your business when cash is king

Energy & Sustainability Services

Policy Administration Transformation

Extended Enterprise Risk Management

SAP at Accenture. The Journey of Running Accenture on a Single Global Instance

Hospitality Trends Observations from the Annual EY Texas Hospitality Roundtable

CFO attestation: building a sustainable process

Enterprise intelligence in modern shipping

H 2 N H. Supply chain management in the chemicals industry Key challenges and how Deloitte can support

HR: taking the right steps. UK leaving the EU

CFOs and CIOs: How do you know when to reach for the clouds?

Cloud Computing Opportunities & Challenges

Law Firm Procurement Roundtable Executive Summary. hbrconsulting.com HBR Consulting LLC. All rights reserved.

Insurance Carrier Core Systems in the Cloud. A Novarica Research Partners Program Report Underwritten by OneShield Software

2017 North American Physical Security Intelligence Solutions Company of the Year Award

Accenture and Salesforce. Delivering enterprise cloud solutions that help accelerate business value and enable high performance

Building a gross-to-net strategy in a fast changing market How evolved is your approach?

Transforming transactions

The growth dilemma. How engineered component manufacturers build a second act. By Jamie Bader, Managing Director

Law Firm Procurement Survey Executive Summary

Mitigating compliance risk Implications for global supply chains

Enhancing Audit Committee Excellences through Internal Audit. 21 November 2017

Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation

The Case for the SIO. A guide to navigate the new challenges of Service Management. kpmg.ca

Enterprise risk management for consumer products companies

Third Party Risk Management ( TPRM ) Transformation

Compliance digitalization The impact on the Compliance function. Deloitte Risk Services April 2016

Brexit: considerations for your Internal Audit operating model

Today s CFO: Changing the game plan for tomorrow

Giving you clarity on your change programmes

M&A Strategy and Integration: Adapting to Today s Disruptive Business Models and the Changing Mechanics of Value Creation

How Can I Better Manage My Software Assets And Mitigate The Risk Of Compliance Audits?

RSA Solution for egrc. A holistic strategy for managing risk and compliance across functional domains and lines of business.

Supporting local public services through change. Contract optimisation

ANSYS Simulation Platform

Stock markets are mainstreaming non-financial reporting. Are New Zealand companies ready?

189,000. Operates in. countries. Europe, Middle East and Asia (EMA) is KPMG s fastestgrowing. Global Green Initiative. KPMG was founded.

The Firm of the Future How Technology Will Impact and Enable Effective Firm Management. Sponsored By:

Will planners or passengers design tomorrow s transport networks? EY Mobility Innovation Group

At Law, we are a team of dedicated legal advisors with extensive experience and specialist skills in various areas.

Beyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404

Fujitsu Workplace Anywhere Delivering a service as mobile as your people need to be

Global Knowledge Partner Program

Operating resources 2.0

Collaboration between humans and technology is creating a new labor class

THE NEW CFO DELIVERING BUSINESS VALUE IN THE DIGITAL AGE

Achieving high performance in the chemical industry. Strategies for a new era

Information and Communication Technologies Strategic Plan 2016/ /20

Transcription:

5Insights for executives The answers in this issue are supplied by: Bob Sydow Area Center of Excellence Leader +1 513 612 1591 bob.sydow@ey.com David Nichols CIO Services Leader +1 312 879 2717 david.nichols@ey.com The velocity of change How uncharted risks are redefining the role of the CIO It feels like the perfect storm. Virtualization and cloud computing, social media, mobile and other disruptive technologies are converging upon CIOs. The velocity of change the pace at which technology is evolving is creating uncharted risks that make navigating today s IT environment increasingly challenging. In the evolution from providing tactical support for the business to becoming a strategic partner, CIOs need to align IT s priorities to those of the business. They also need to provide sage counsel, turning information into insights when the business is seeking to implement new technology solutions to achieve competitive advantage. The need to be faster to market may encourage organizations to procure and implement new technologies without understanding the full range of risks those new technologies may present. Geoff Vickrey Enabling Technologies Leader +1 214 969 8030 geoffrey.vickrey@ey.com

1 What s the issue? The velocity of change in technology has moved many IT functions to adopt a new approach to sourcing and managing technology vendors and service providers as part of their overall IT infrastructure strategy. The current landscape of disruptive technologies presents numerous opportunities for IT functions to provide more costeffective, flexible and scalable infrastructure that better meets evolving business priorities. This change is largely driven by advances in broadband that now allow mobile devices to take full advantage of the cloud technologies that have been developing over the last decade. These advances are providing greater business functionality for organizations that have previously operated with a smaller internal IT footprint. But this change comes at a cost, creating a new set of risks that CIOs must effectively manage to be successful. The current landscape of disruptive technologies presents numerous opportunities for IT functions to provide more cost-effective, flexible and scalable infrastructure that better meets evolving business priorities. 2 Why now? The rapid introduction of disruptive technology is fundamentally changing how organizations go to market with products and services, interact with their customers, innovate and achieve competitive advantage. It is also creating a host of new risks that CIOs need to address. 2 ey.com/5

3 How does it affect you? In the past, IT functions had to create elaborate frameworks to deliver services that were primarily administered in-house. Infrastructure was developed and purchased under a peak usage scenario, and any outsourcing involved long-term contracts with large vendors and included a transfer of physical infrastructure and resources. Going forward, infrastructure will be purchased on a pay-as-you-go or consumption-based model. Organizations are contracting with smaller, more nimble vendors with new contractual terms that are reviewed on a more frequent basis. Even as the physical IT footprint shrinks, the business expects CIOs to improve service delivery. The other change with which CIOs will have to contend is a loss of control in the selection of technology platforms. Those decisions are increasingly being driven by consumers. IT s only option will be to react and respond. This new hybrid infrastructure model creates a number of inherent risks for CIOs, including: Strategic and financial risks. The number of vendors is growing, but the required size is shrinking. This can raise questions about their long-term viability. There could also be business continuity risks if these smaller providers fail to meet service level agreements. What plans need to be in place if a vendor s data center goes down? What losses could result? Geographic risks. Geopolitical risks, from natural disasters to political unrest to persistent terrorism threats particularly in emerging outsourcing markets present significant risks of disruption to outsourced IT services. Capacity risks. Smaller vendors may be able to offer greater flexibility, but their size could end up working against them. Ultimately, they may not have enough capacity to support a growing customer base. Control risks. An increase in outsourcing results in less control over your data. This presents the potential for data breaches and other security exposures. Contract risks. IT functions will need to implement a rigorous vetting process to ensure that contracted vendors offer the right services in stable locations with sufficient capacity to support the business now and in the future. New vendors will also need to prove ongoing solvency and robust security. 3

4 What s the fix? There are four steps CIOs can take to help mitigate the risks in an evolving technology environment: 1. Understand the risks. As the pace of technology changes accelerates, a new set of risks emerge. In addition to external threats, IT functions face evolving internal threats and potential misuse as they attempt to blend the use of new technologies within their IT infrastructure. 2. Identify the risks. The complex factors that drive uncertainty and risk need to be effectively adapted to the design and implementation of governance, processes, controls and tools. As the degree of IT project complexity increases, the risk of failure or of not meeting the IT project objectives also increases. 3. Mitigate the risks. A comprehensive program risk management strategy is key to mitigating risks. Once the risk factors have been identified, they can be managed throughout all stages of the evolution. The probability and impact of each risk need to be evaluated, highlighting the highest risks, as well as sequencing the remediation. It is important to note that not all of the risk management strategies will be technical in nature. Some will involve policy changes and increases in awareness training. IT functions should plan for 90% of the risks, understanding that 10% of the risks will be in constant flux. 4. Evolve risk management and controls processes. Additional lines of defense are also key in ensuring IT program success. Elements include: Appointing experienced and dedicated risk managers Creating a risk committee that is tasked with managing and monitoring the end-to-end risk program Enhancing the role of internal audit Leveraging external risk experts to complement or extend knowledge beyond the experiences within your organization Mitigate the risks Identify the risks Technology environment Establish processes 4 ey.com/5

5

What s the bottom line? The pace at which technology is changing will not slow it will only accelerate. To be successful, CIOs need to establish a robust set of processes and controls to effectively manage the new risks that new technologies bring. This will require the CIO to gain an immediate understanding of the changing demands from the business, the technologies that are likely to make the greatest impact to their business, and the ever evolving vendor landscape within their organization. The CIO doesn t necessarily need to react to every aspect of this rapidly changing environment, but he or she will need to thoroughly understand the change drivers and the impact to 5the organization. 6 ey.com/5

For related thought leadership visit ey.com/5 Cloud computing issues and impacts All signs point to the rapid adoption of cloud computing as a fundamental shift in the delivery model of information technology (IT) - but abundant challenges will make it a difficult adoption curve. The evolving IT risk landscape The why and how of IT Risk Management today Security risks posed by mobile computing, cloud computing, virtualization, social media and online payments are a critical issue for investors, regulators, shareholders and executives. Building confidence in IT programs Facilitating success through program risk management Despite an increase in investment, organizations continue to fail to deliver on large IT programs. Engaging independent Program Risk Management (PRM) assistance is ultimately about building and sustaining confidence in the IT program and having the right information at the right time to make well-informed decisions throughout the program life cycle. 5 Insights for executives Creating an effective hybrid IT model: What CIOs need to know about combining proprietary infrastructure with new services and systems New technologies are fundamentally changing how organizations go to market and achieve competitive advantage. CIOs will never be able to change their IT organizations fast enough to keep pace with technology evolutions. But they can take advantage of hybrid computing models that effectively combine the old proprietary infrastructure with new services and systems that address changing business needs. 7

Ernst & Young Assurance Tax Transactions Advisory We want to hear from you! Please let us know if there are subjects you would like 5: insights for executives to cover. You can contact us at: fiveseries.team@ey.com About Ernst & Young Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our 152,000 people are united by our shared values and an unwavering commitment to quality. We make a difference by helping our people, our clients and our wider communities achieve their potential. Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit www.ey.com. Ernst & Young LLP is a client-serving member firm of Ernst & Young Global Limited operating in the US. About Ernst & Young s Advisory Services The relationship between risk and performance improvement is an increasingly complex and central business challenge, with business performance directly connected to the recognition and effective management of risk. Whether your focus is on business transformation or sustaining achievement, having the right advisors on your side can make all the difference. Our 23,000 advisory professionals form one of the broadest global advisory networks of any professional organization, delivering seasoned multidisciplinary teams that work with our clients to deliver a powerful and superior client experience. We use proven, integrated methodologies to help you achieve your strategic priorities and make improvements that are sustainable for the longer term. We understand that to achieve your potential as an organization you require services that respond to your specific issues, so we bring our broad sector experience and deep subject matter knowledge to bear in a proactive and objective way. Above all, we are committed to measuring the gains and identifying where the strategy is delivering the value your business needs. It s how Ernst & Young makes a difference. 2011 Ernst & Young LLP. All Rights Reserved. SCORE no. BT0163

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback