Close Sidebar
COPYRIGHT © PROFESSIONAL EVALUATION AND CERTIFICATION BOARD 2021 ALL RIGHTS RESERVED
Now Reading
Reaping the Benefits of Transformative Technologies through Risk Management
Search for content, post, videos
Search for content, post, videos

Reaping the Benefits of Transformative Technologies through Risk Management

July 19, 2021

For every decision, we need to try our best to make the right choice. Technology and risk can be described in a positive or negative light. Technologies bring potential perspectives, which are more or less controlled. Risks are often abstract notions used to define what we don’t want. However, a deeper analysis of risks and their association shows that everything can be possible, even in a positive way. Why is such a change in perception needed?

In an era when the technological evolution evolves at the pace of market ideas and opportunities, it is difficult to commit oneself serenely to a direction without fearing strategic error, technical deadlock, or supplier dependency. Each company must decide on which solution it will invest, for its users, customers, production, image, and for its turnover. Furthermore, companies must be prepared to measure their choices. With each investment, the balance must be on the positive side!

We are in a period when the exceptional becomes the ordinary, and the acceleration of changes pushes on constant evolutions. This time is also characterized with each evolution succeeding the previous one before it has even ended. The potential offered by modern technology is born every day on a variety of subjects, for regular or innovative markets.

It is essential to stay the course in this permanent movement, where it is necessary to stand out and also evolve, not to disappear. To do this, an organization needs to make the right choices, and take the right decisions as always. Additional “requirements” as regards digitalization are structuring the organization to analyze the market and its capacities for evolution.

The evolution of each organization is conditioned by the efficiency of its production tools; in other words, their performance conditions profitability. To provide this indispensable profitability, several levels must be analyzed on the technologies and source of value. What value can they intrinsically bring to the organization? For that, it is necessary to carry out a collegial analysis to make an assessment of evolution. Additionally, the life cycle of technologies (existing or emerging) conditions the lives of organizations.

The introduction of new technology needs to be examined to reach the associated business commitments. These evaluation axes are carried out in a collegial manner, using a rating matrix that allows the results to be measured and quantified. Obviously, depending on the size of the organization, these reflections are carried out by teams of varying sizes.

  • The innovation team presents us with a new tool. Do we really need this type of technology? How useful is the tool or its purpose? And if it is useful, what is the added value compared to the existing one?
  • The finance department will calculate the cost of the replacement or the innovation project. Between the time of the exchange, the learning process, the new installation, etc., is the balance of the change positive?
  • Marketing presents the projected benefits for the employees or customers. Are the salespeople in the right frame of mind and therefore compatible with the brand image?
  • Will purchasing change its contact person in the list of suppliers? Are the new contractual conditions better?
  • Does the contract allow control of the supplier’s actions? What is the new level of technical and financial dependency?
  • Does the IT department master the new solution? How much effort is required to do this? Is integration feasible in the short term? Or is it an outsourced solution?
  • Are the production (or business) teams ready to use the new technology? Do they want to work with these new tools (knowing that change is often a source of conflict or opposition)? Are they supported in this change? Does the organization need to be reviewed in light of the expected improvements?
  • Has the cybersecurity team analyzed the solution (its configuration, vulnerabilities, etc.)? What is the value of this control?
  • Does management need this innovation to implement its development strategy? What position does it take?

A multitude of questions can be raised at each business line. Is it necessary? Every opinion is necessary because a technological change leads to a whole series of functional and organizational dependencies in the company and technology must be at the service of the company and its employees.

Today, the human being is at the center of concerns in this era of transformation. Not taking this adaptability factor into account is one of the major risks of technological failure. Even if the new uses of digital technology are in dimensions that can widen these cultural and cognitive gaps, they remain landmarks towards evolution. And it is up to the company to position itself in relation to these markers of the new times. Where does it want to be in relation to its market, its competitors, and its economic trajectory?

The digital age means technological dependency. Hardware and service providers occupy particular places in the ecosystem of each organization. Absolute independence no longer exists in IT and this brings some very appreciable advantages. The responsibility with suppliers is divided, depending on the services provided. Cloud, hosting, and managed services providers have access to part of the organization’s information. And they must demonstrate their know-how in terms of service quality and security. These are gains that a structure with modest means will not be able to deploy or invest. It is also the choice of large organizations that prefer to outsource part of their activity for financial reasons. Whatever the reason, it is a question of sharing responsibility. The counterpart is the weakening of the organization’s own control over the confidentiality of the information. If it is always guaranteed by the clauses of the contract, its preservation remains relative, especially if state obligations are imposed on suppliers. The study of the legal framework is mandatory in such a situation.

The service offers proposed nowadays are very innovative, offering new perspectives for the development of companies, both in terms of how they work and how they address new markets.

Here again, the changes are significant and require an analysis to assess both the feasibility and the interest of engaging in them. These technologies are factors of change, and the world’s news attests to this every day. Each evolution has its benefits and its counterparts.

Thanks to the maturity of the technologies of our era, we have been able to transform the way we work in a few weeks, on a global scale. The COVID-19 experience shows that it is possible. Of course, not everything was perfect. The pandemic set a precedent because there was no example to look to for “getting things right.” New perspectives emerged, new ways of managing the day-today and the working relationship, of organizing and using new technologies. And the stakes were global, with all the major digital players present.

Technology aims to improve our daily lives, just as home automation is progressively settling in our intimacy, it is also subject to threats more prevalent than the viral contamination of the workstation at the beginning of the Internet. Human identity can be usurped, or even stolen. If for the individual the disasters can be vital, a good number of regulations on the protection of the human beings are established to impose the necessary protections on the uses of data and the purposes of processing that concern the individual or the general public.

Beyond these aspects, the consequences can be even more important at the social or national level, where entire activities can be paralyzed by undermining the supervision or maintenance systems.

540526438

In order not to paint a dark picture of all the dangers, we are making progress with the technologies we develop and deploy. We are more realistic about the dangers that are no longer potential but real. Duty of care and operational efficiency are paramount. And organizations have evolved in this direction, both by awareness and by more responsible practices.

The positive approach to risk has become more important in recent years, even if it is not recognized as such, it is present in the background, because nothing has collapsed. Transparency is gradually being imposed on every difficult situation, as all stakeholders need to know in order to maintain this trust. Mistakes are allowed if they are corrected, if they serve to improve the existing system or processes. Negligence tarnishes the image of the organization, which is not acceptable for the leaders. This is why participative involvement is implemented to create synergy in any effective risk management within an organization. In short, the contributions of risk management, when applied, create and preserve value for the organization. This is the essence of the ISO 31000 standard.

Marc Bouvier

Marc Bouvier developed his skills in the field of security and risk management starting from his first experience in telecommunications. With more than 20 years of experience as a project manager, he pilots organization transformation programs. As a CISO, he manages and contributes to the improvement of best practices. Marc has been working with PECB since 2013 in France and in the Benelux. He has created his own consulting, auditing, and training company, accessible via www.campaneo.net Contact us at information@campaneo.net

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts