This one provides a tremendous example of how effective information organization (discussed in my earlier blog - “Credibility”) makes all the difference.
In a multinational insurance and financial services company there are some truly unique business challenges. For example, if I have an agent in the UK who writes coverage for a South African client on a facility in the US. Who gets the premium? In what currency is the premium to be exchanged and how will the policy be valued? As of what date will we mark the currency transaction and how will we get ceded premium back to the country that earned it? These are some of the easier-to-track challenges.
Don't worry, you don't need to understand any of this to understand this post.
To resolve these issues, a project, we'll call it “Global WorkSpace,” was initiated (names have been changed to protect the innocent). It was a massive IT effort to sort all this out and it ostensibly had a budget of $20 million. However, more was probably spent. Teams were working in the UK, US, and in some of the company's other 11 countries. As I recall, Accenture was engaged to help guide the Rapid Application Development (RAD) processes being used.
After chugging along for a period of time, declarations of victory were being made. According to the project leadership in the UK, all was fine, things were coming online, and they were poised to deliver on-time and on-budget. Unfortunately, to the US senior leadership, these claims didn't exactly match their on-the-ground understanding. While you might think this is a simple project management problem, determining the condition of this globally integrated system was almost as difficult as the obstacles it was built to resolve. 
So my Business Controls Consulting (BCC) team, a wing of Group Internal Audit, was tapped to go have a look. Our charge was to make plain the true status of the project. I had auditors working for me in the US and the UK.
So my Business Controls Consulting (BCC) team, a wing of Group Internal Audit, was tapped to go have a look. Our charge was to make plain the true status of the project. I had auditors working for me in the US and the UK.
While what we found was fascinating from an IT controls and SDLC perspective, the point of this post is how we chose to describe the information we uncovered.
After more than six weeks of studying, living with, and testing the project, we had a pile of information.
It was true. Some bits were tested and working well. Other functionalities weren't as operational as they were made out to be. A few weren't even close. We needed a way to dispassionately tell this story while doing our best to preserve international business harmony.
So, we chose to do it graphically and back it up with written detail.
So, we chose to do it graphically and back it up with written detail.
Looking at the deliverables from the user's perspective, we defined four major functionalities and a pile of sub-functions. Each was given a rating – Red, Amber, Green. As you might imagine, green areas were working properly and red ones weren't. We drew linkages between the major functionalities to denote dependency and interconnectedness and got it all on one page. The illustration on this page is a mock-up. The real diagram is proprietary.
This was the core of our report and it allowed the US senior leadership team to confidently engage with the World Group Office (WGO) on the real steps needed to get the project up and running.
Simply put, while the back-up data was immense, getting it on a single page converted it instantly from information to understanding. People can do things when they understand.
-- Prescott B. Coleman, CIA, CISA
Posts
No comments:
Post a Comment