Feeling Vulnerable? WannaCry?

“Proactive steps can be carried out to reduce vulnerability, aimed at negating negative business impact”

WannaCry ransomware was first reported on Friday the 12th May 2017. It quickly spread to more than 200,000 computers in over 150 countries and was headline news and continues to be topical in many discussions.

Hackers reportedly used classified information stolen from the National Security Agency to develop WannaCry ransomware that exploited a vulnerability in Microsoft Windows. The impact is huge, both economic and social, estimates are still being tabulated, but could run into the billions of dollars.

An important question raised is about the potential disruption of social and economic activities with increasing dependency on IT systems for daily operations. Irrespective whether one’s computer was infected by this ransomware or not, it is imperative to fix the identified vulnerability by applying software patches available from Microsoft. For computers that were infected, the first step was to stop any further spreading by isolating impacted computers, followed by restoration processes for the computers and data affected.

A key word that has emerged and should be highlighted is vulnerability. The attack vector in WannaCry was vulnerability in Microsoft Windows desktop computer software. Software from other providers too could be targeted for attacks if there are inherent vulnerabilities in their software or associated tools.

The question is: “How to minimize or eliminate vulnerabilities to avoid a potential attack and impact on business?”

In the case of WannaCry, the solution would have been to patch Windows software by applying updates from Microsoft before the vulnerability was exploited. Similarly, for any other software, regularly applying patches released by the providers reduces vulnerability.

But what if one had not applied the patch, the focus would be on the recovery process. Because of an increased dependency on technology, it is important to have an effective recovery process in place. Again, in the case of WannaCry, those that did not have recovery plans in place may have been forced to pay the ransom.

To minimise “vulnerability” below are 4 steps proactive steps that should be taken by every regular user of information technology:

-Deploy preventative measures: maintain software and use prevention and detection tools such as up-to-date antivirus software

-Build awareness through education and communication

-Continuity planning – for businesses, there has to be continuity planning against various risks that could impact the business – back-up procedures form a large part of this

-Monitor and check – regularly testing these proactive steps and updating risk registers is key

Depending on the criticality of the use of IT these proactive steps could be carried out in way commensurate with the risk either by internal IT organisations or by outsourced IT service management providers.

The challenge, and an important point for business leaders or business owners, is in determining the level of risk and the proactive measures that can be afforded and secondly, ensuring that those proactive and preventative measures are being undertaken as planned. Making addressing these challenges part of the overall organisation risk management process is a key step to avoiding surprises.

If you wish to find out more about how Accelerate Evolution can assist your organisation in building and managing effective cyber-defense mechanisms, please contact us on: information.technology@accelerateevolution.ae

 

Customer Service Killers: “From ‘Efficient’ Automation to Loving Customers…”

“How automation, from automated dialing systems, to far too heavily scripted call centre protocols is literally killing the ability of many organisations to provide an acceptable level of customer service”

by Brian Cartwright, 18th April 2017 (originally published on LinkedIn, on the 20st March 2017)

Over the last few months I have experienced some shockingly bad customer service from various customer service call centres of organisations which provide pretty standard services.

I have to say these bad customer service experiences weren’t due to the call handlers themselves being deliberately rude or unwilling to help, in fact it’s more to do with the way the service has been set up and the fact that customer service (certainly in call centres) has become more of an ‘admin’ type function which completely defeats its purpose, which in my view should be to provide excellent customer service!

A good example of a bad experience due to automation is the start of the phone call when you get bounced around an automated dialing system… for what seems like ages, then occasionally you press the wrong option and have to start the whole painful process again. By the time you actually get through to speaking to a real person (which often is not even an option these days), you can be so annoyed and frustrated that the call handler is already on their back foot before they have even had a chance to speak.

This brings me to my next point, in a few of my recent experiences the call handler has appeared to be so focused on reading whatever script they use, they are not actually listening to what I have been asking them. Listening is one of those very basic soft skills that literally makes or breaks people in business.

“Good listeners tend to get on well in business, in fact in life in general!”

I have noticed that most of the call handlers I have dealt with have been taught to paraphrase in order to demonstrate they understand my request, this makes perfect sense, unless of course they weren’t actually listening in the first place.

Here’s an example of a recent call I made which demonstrates how this can go so horribly wrong so fast (In this case my call was with a bank).

Me: “I would like to cancel a standing order please”

Call Centre Agent: “Thank you for your call, allow me to understand, you are calling because you want to cancel your credit card…”

Unbelievable!

What followed was a long-winded and completely scripted discussion where every question I asked was repeated to me, often incorrectly, causing me to have to repeat myself and then have it once again repeated back to me followed by (nearly every time) such comments as: “Thank you for your patience!”, “Are you fine to be placed on hold?”, “Please hold the line”, “Thank you for providing this information”… blah blah blah (all delivered in a very robotic and insincere way).

I have a great suggestion for companies that operate in this way: “Why not change the name of your customer service helplines, instead you could call them customer processing hinderance lines.”

I found the below quote on a website about customer processing technology.

“This both speeds the back-office operation and makes customers feel that they have received a more customized and responsive service”

Rubbish!The way the vast majority of organisations are currently deploying this technology makes me feel like a number, it doesn’t feel customized in any way, and to top it all off it wastes my time.

I personally find it totally shocking that many service providers (often major multinational brands) have basically commoditized customer service which is generally the backbone of any organisation, whether B2B or B2C.

“Just because we can automate certain processes doesn’t mean we should”

Whatever happened to old school customer service, where the person on the end of the phone was a fully trained customer service professional who proudly represented their company and were regularly trained and constantly upskilled in order to provide exceptional customer service every time!

These days as business becomes more and more competitive I believe the winners will be those organisations which provide great customer service every time by ensuring their people are competent at providing exceptional customer service. Those companies will build a reputation for excellence, they will win business by word of mouth and will ultimately be successful.

How did we ever get to this point in the world where companies feel it is good business practice to remove as much of the human aspect as possible from their frontline people to people interactions? We use technology and install automated systems in order to be more efficient and to save costs and to supposedly to provide a better service to our customers. Using scripts for call handlers makes sense to ensure the messages shared with customers are consistent and professional but this has got totally out of hand as many use scripts in call centres as a quick fix to enable them to hire cheaper labour who they don’t have to train properly yet still keep some kind of uniformity across the business. If doing so causes your customers to leave then it’s completely counter productive.

I am not saying it’s wrong to use technology, we should embrace it, but we should also use a bit more common sense, don’t try to cut corners and just use it sparingly. Focus more on caring for your customers, focus on training and developing your employees to be exceptional and show them you care about their careers. In turn your employees will become amazing ambassadors for your brand!

Your customers will love you, and business will take care of itself

To read more articles and posts by Brian, please visit www.thePeopleSupplyChain.com

Prevent or Cure? “Minimising Risk in the Pharma Supply Chain”

“Minimising Inventory-holding Risk in the Pharmaceuticals Supply Chain”

by Paul Canham, 3rd March 2017

In a highly-regulated industry that develops valuable time-sensitive products, such as pharmaceuticals, time costs money. Right from the onset of a product’s commercial lifecycle, time-to-launch will dictate the period for which patent protection can be enjoyed ahead of the possibility of competition from generics for the same formulation. But at least the headline date of patent expiry is (reasonably) well known and clear, and long-term strategies can be developed and executed.

In contrast, at the operations coal-face, we have batches of the product now being manufactured, shipped, stored and consumed by sales on a daily basis, across the globe, with undesired but almost inevitable variations in demand and supply. In this ever-changing environment, a robust approach in terms of process, people and systems/data is required to identify, communicate, manage and hopefully mitigate what stock might be at risk of not being sold due to low shelf-life. Moreover, this is not just the domain of the Supply Chain department, but involves a cross-functional process that includes Sales, Marketing, Finance, Warehouse, Logistics, as well as Supply Chain.

Accelerate Evolution has been helping to equip a FTSE100 client to identify and manage proactively these risks across many of its International Markets, with the ultimate goal being of course to mitigate and eliminate the risk ahead of time, and thereby avoid the financial, environmental and supply chain impacts of writing off stock.

From a systems perspective – in the absence of an over-arching ERP solution being available – a robust and fiendishly powerful tool was developed (yes, in Excel) and implemented in regional planning hubs across the globe to:

  • Hold a limited set of SKU characteristics, including ‘Who’ is accountable for the SKU’s inventory, its standard cost, and the ‘saleable date’ or ‘use-by’ time-limit, e.g. 60 days before Expiry.
  • Receive detailed batch data for stock-on-hand, including its Expiry dating, and the latest approved sales forecast from S&OP. Optionally also the ability to include pending receipts, such as Goods In Transit.
  • Simulate the consumption of inventory by demand on a First Expiry First Out (FEFO) basis
  • Quantify in volume and value terms the calculated Stock-At-Risk, i.e. what is predicted to be unsold once the saleable or use-by date is reached
  • Allow for business or market intelligence adjustments to be applied, including where mitigations have been identified (e.g. to sell more) or where the risk has been accrued for already in the financials.
  • Last but not least, to capture the root-cause to support subsequent analysis and continuous improvement for future cycles, as well as mitigating actions that will be taken in current cycle.

 

 

 

 

 

 

 

 

 

 

 

Whilst definitely important, this tool is just one part of a monthly, standard business process during which the risks are identified, mitigations proposed, supply chain plans or parameters updated, financials adjusted, and final results approved at regional and then global governance.

The people involved in the process work to a pre-defined RACI (defining Roles & Responsibilities) and operate to a standard drumbeat that is defined by and aligned to both periodic S&OP (Sales & Operations Planning) and financial reporting cycles.

Although it’s an ongoing journey, no longer do we get surprised by inevitable surprises!

Sales departments understand where extra focus is needed to liquidate stock, rather than selling what has just landed. Finance and Supply Chain agree on the rules for provisioning and what is actually provisioned. Factory Leads can be challenged with meaningful root-causes to review MOQs and lead-times. Marketing understands the implications of any ongoing over-forecasting on the bottom-line. Country Management sees and understands the upsides and downsides posed by this topic on their P&L projections.

Whilst the approach was originally scoped to include only finished goods inventory, several of the client’s regional and global manufacturing sites are now also adopting the model to get a broader, end-to-end picture allowing them to manage raw materials inventory more effectively.

Longer-term the roadmap aims at incorporating the functionality and business process fully back into the core ERP, however, even with the current low-tech approach, the client has already made savings in excess of 2m GBP in a single one of their International Markets’ regions, as a direct benefit of pro-active management of stock-at-risk.

That’s a pretty good return on investment which Accelerate Evolution is very pleased to have helped deliver!

Contact us to find out more about how we can best help your organization design, deploy and/or run an impactful and effective inventory risk management program.

Sustained success in an IT enabled business

“Ensuring that your technology enabled business, whether that be a budding start-up or a long established mature business, continues to deliver.”

by Charles Chirchir, 1st February 2017

Technology enabled business initiatives are a common occurrence in today’s world. Examples include businesses that do all transactions online and use courier companies for fulfillment and in the extreme the entire service is online, examples are travel or accommodation reservation and online training services. The setting up of required technologies for such services are primarily business led and the project team implementing the IT solution is thus strongly focused on the desired business functionality.

An organisations’ internal process usually guide such undertakings and depending on the level of maturity of those internal processes, the journey of bringing a new service into operation and resolution of issues that arise will have varying levels of structure.

In more mature organisations, new services typically transition from a project team to an operations team skilled in running services. Such organisations will have in place structures to categorise work into the various stages of strategy, design, transition and operations.

In start-up ventures, or organisations that are in early phases of maturity, the work is done by small teams, often made up of one or two individuals, who due to pressure may not rigorously categorise work into these stages. Teams involved in such projects are usually made up of deeply integrated entrepreneurial, business management and IT resources working together going through intense periods focussed on customer satisfaction.

During the early life cycle of such a project, the team resolves any arising issues with a laserlike focus on speed and immediate problem solving whilst simultaneously providing ongoing input and support to non-customer facing areas of the business.

Business growth in start-ups, when successful, is often exponential, as explained by Rogers depicted below, resulting in an increase in demand on IT services, also see Rogers Diffusion Theory:

Rogers Diffusion Theory

Exponential growth and the addition of features to grow the business offering, operating platform updates and upgrades, incidences that are technology related, requests related to daily operations, and the need for better managed IT to minimise business risk all begin to add up and scaleability becomes key to survival.

To aid a managed and relatively painless transition from start-up mode to full commercialization and a sustainable service offering it is imperative to pay attention to two aspects of any service, ‘Service Utility’ and ‘Warranty’.

Utility typically refers to the function or feature that the business wishes to perform, for example process an order, or communicate an offering to clientele. Warranty is everything else that needs to be done to make the service usable, secure and responsive.

Warranty processes ensure that the service performs as anticipated and more importantly, address questions of additional capacity to address, oftentimes exponential increase in usage, action to ensure continuity in the event of disruption, availability at the stipulated hours of business and security. In a start-up, a service may have been dimensioned to meet anticipated demand, as the business grows, both aspect of the service, utility and warranty will need to scale up to maintain the same quality of service. A disciplined  approach in scaling up the IT service to avoid disruption of business operation that could lead to loss of reputation, and subsequently customers due to poor service will enable the business to optimise investment in IT.

For a growing and innovating business, structured management of IT will ensure:

  • – Service delivery within targeted, required and agreed-to service levels
  • – Prioritisation of demand
  • – An IT Investment strategy to support growth in line with the business strategy and performance
  • – Visibility of utilisation and service levels internally but more importantly from a customers viewpoint
  • As organisations mature, some of the initial assumptions or strategies may have changed, organic growth and solutions that served certain business functions could be consolidated or shared, the drivers in such organisations drivers may include:

  • – Cost avoidance & savings – cash allocated can be saved or reduced
  • – Higher IT productivity – increased productivity leads to reduced IT costs
  • – Increased Business productivity – resulting from higher quality IT services
  • Examples of outcomes of such interventions include:

  • – Avoidance of the high cost of redundant infrastructure investments
  • – Reduction of cost through idle capacity identification and re-allocation
  • – Identifying vendor credits and rebates
  • – Saving money on IT infrastructure maintenance renewals
  • – Proactive performance or capacity problem forecasting
  • – Increased network uptime and its associated increase in user productivity
  • What is critically important for any business leader is to recognise and apply intervention measures at the right time and maturity of the business for IT to continue to be a catalyst in creating value either as the business grows or during maturity.


    Accelerate Evolution is well-positioned to assist organizations at different levels of maturity, from start-ups through to businesses with established processes and procedures, in that determination.

    We offer advisory services identifying appropriate measures to be taken to mitigate IT risk to allow IT enabled client organizations to scale up rapidly enabling a swift and effective response to increased customer demand.

    Contact us on information.technology@accelerateevolution.ae to discuss how we can help your technology enabled business build and maintain a sustainable IT platform that continues to support your growing business.

    Governance of Enterprise IT – from the Pain Points to the Business Case

    “The practice of good governance provides the direction required to achieve desired outcomes”

    From the pain points and triggers identified and their possible damage to or impact upon the organisation, a business case can be built for the implementation of Governance of Enterprise IT.

    by Charles Chirchir, 16th November 2016

    In today’s highly interconnected and technology-enabled world, organisations are rapidly realizing that their digital presence and ability to protect critical functions and information are as important to their ability to remain competitive as the product and service they produce.

    Further, there are multiple frame works -security, privacy, compliance, risk etc.- seeking to address and help direct and monitor optimization in support of these bleeding edge business drivers.

    Question is, how do organisations determine the following:

    – The extent to which their business goals are dependent on technology?

    – That the enterprise’s technology resources are effectively utilised to realise business goals?

    – Alternatives that the enterprise could use to make them nimbler, more agile or better equipped to respond to market pressures or customer demand?

    – That the technology they have in place is providing value and realising the expected return on investment?

    Systematically answering these and other related questions will bring many benefits among them more effective and efficient use of resources, greater control and overall better strategic alignment and risk management.

    Governance of Enterprise IT (GEIT) is an industry practice that is rapidly gaining adoption to systematically address the above questions. The need for GEIT is usually recognised because of pain points such as:

    – Failed initiatives, rising costs of IT and perception of low business value

    – Significant incidences related to IT risk and security e.g. data loss or project failure

    – Service delivery problems by outsourced providers

    – Failure to meet regulators or contractual requirements

    – Audit findings for poor IT performance or low service levels

    – Hidden and/or rogue IT spending

    – Resources waste through duplication and overlap in IT initiatives

    – Insufficient IT resources, and inadequate skills or staff burn out or dissatisfaction

    – Multiple and complex IT assurance efforts

    – Reluctance of board members or senior managers to engage with IT

    Trigger events are a second set of factors that signify an improvement opportunity, some examples of trigger events are:

    – Merger, acquisition or divesture

    – Shift in the market, economy or competitive position

    – Change in the business operating model or sourcing arrangement

    – New regulatory or compliance requirement or a new business strategy

    – Significant technology change or paradigm shift

    – External Audit or consultant assessment

    From the pain points and or triggers identified and their possible damage to or impact upon the organisation, a business case can be built for the implementation of Governance of Enterprise IT and a business case developed on this basis sets a foundation such that the desired end state can be achieved.


    To find out more about how Accelerate Evolution can help your organization to design and implement a successful Enterprise Information Technology Governance structure click here to contact us.

    Partially re-published from “A primer for Implementing Governance of Enterprise IT” by ISACA 2016

    Agile Performance Management: “To review or not to review?”

    Agile Performance Management

    “To review or not to review? The case for performance and change management and how to overcome the waning importance of the pay review”

    by Niharika Davar – Senior Associate | Human Capital Management, March 2016

     

    It’s that time of year again….

    HR departments are winding up their annual performance review cycles, trying to compile ratings and get decisions and approvals for annual pay increases – or not. The feverish activity most likely started a few months ago with emails and follow up chasing line managers to complete performance reviews, fill up forms online or on paper.

    The end goal quite often is to arrive at a set of ratings that will form the basis for annual pay reviews. More often than not these end up being a small percentage of pay leaving many employees dissatisfied. Where then is the process serving to improve performance, motivate and engage employees or build capability to achieve organisational objectives?

    Are the outcomes really worth the organisational time and energy that has gone into this process? More and more organisations are coming up with a resounding “no”. A Deloitte survey showed that just 10% of respondents believe that the process is a good use of their time.

    In a world where uncertainty prevails with cycles of boom and bust getting shorter, the so-called time-tested annual goal-setting exercises and backward looking assessment processes no longer seem to fit.

    As companies recognise that leadership, employee engagement, building capability and agility to respond to ever changing external stimuli are critical to success and survival, they also realise that effective performance management is a key lever. Done well, it can drive high individual performance and engagement, impact organisation results and be a process that individuals and their managers look forward to.

    A fresh approach to managing performance is critical. The way forward is to keep the good bits of the traditional model and ditch the bits that don’t directly relate to improving individual performance and building capability.

    Companies leading this transformation are redefining the way they set goals, develop employees and assess performance. But what might this new agile avatar of performance management look like?

    AGILE AND ALIGNED GOALS

    Traditionally individual goals are set once a year on the basis of the annual business plan/financial budget. While the connection is somewhat nebulous and individuals sometimes can’t see where they fit into the big picture, let’s assume for a minute that the “cascading” of goals has been done well.

    In most performance management systems these goals cannot be changed and we might arrive at year-end review to find that a large part of the activity during the year has only a remote linkage to the set goals.

    In a world where the past no longer accurately predicts the future, the annual budgeting process has become somewhat akin to crystal ball gazing. While quarterly business reviews allow for course correction, individual goals remain static. A sure recipe for year-end confusion, gut feeling “halo” or “horns” ratings and loss of credibility for the process.

    In recent research, Deloitte concluded that companies who manage goals quarterly generate 30% higher returns from that process than companies who manage them annually

    HOW DO WE MAKE THE PROCESS AGILE?

    Individual goals should be reviewed and adapted regularly to stay relevant and keep up with changing business needs, with a focus on approach and behaviours to deliver improved out comes: the “how” to support the “what”.

    While the high level purpose and outcomes of a role would remain the same, the measurable objectives need to change dynamically to respond to changing internal and external conditions. Individuals need to have clarity and alignment on the role they play in the business and understand the expectations of various stakeholders. Goals should be specific, collaborative and qualitative with financial/volume and activity targets serving as a point of reference for the best possible achievement.

    REGULAR CHECK-INS AND FREQUENT FEEDBACK

    Regular structured one to one conversations between manager and team members need to replace mid- and end-of-year reviews. The conversation should be a dialogue during which goals and progress are reviewed, challenges are dis cussed, and agreement reached on how to do better.

    The individual’s fitness for current and future roles, development needs, and progress are an essential part of the conversation.

    The manager acts as a coach, listening, reflecting and supporting the individual to come up with solutions to continuously improve performance and build for the future.

    Feedback should be real-time so that employees know how they are perceived and what they need to change.

    FUTURE FOCUS

    An effective agile performance management process is forward looking with greater emphasis on growth and development for the business and individual rather than a post-mortem evaluation of the past.

    SEPARATED FROM COMPENSATION

    Performance conversations which happen once a year, with an end goal of providing a rating as input for a pay review, are not conducive to openness and honesty. Much of the time is spent talking about the ratings themselves sometimes deteriorating into a tug of war between manager and employee. They tend to drive alienation rather than collaboration within teams.

    Companies that remove ratings are seeing the conversations shift from justifying past performance to thinking about growth and development. The result is better employee development, engagement and motivation.

    Performance ratings and forced ranking are going out of the window with a growing belief that reducing human beings to numbers or factors and forcing them into a bell curve is counter-productive.

    EXECUTING CHANGE

    The shift to redefining performance management as a continuous, forward-looking, agile process designed to improve results and support employees to be the best they can be is gaining traction. Large global organisations are leading the way, including Adobe, Accenture, Microsoft and even GE, long seen as the leader in performance ranking and forced distribution.

    It is seen as the next big move for HR whose role will change from driving and monitoring a year end form-filling and compliance process to facilitating high performance, developing managers’ coaching and feedback skills and providing real time support for just-in-time training and development.

    IN CONCLUSION

    While there can be no argument that agility, continuously improving performance and building capability are the need of the hour, the discussion is not complete without acknowledging that this also means a radical shift in compensation and reward practices.

    Interesting and exciting times ahead for HR!

     


     

    Contact us on human.capital@accelerateevolution.ae to discuss how we can help your organisation develop, implement and maintain an Agile Performance Management system.

     

    To read the original article, published in Logistics News Middle East – March 2016 – click here

    Linda Frances Mayoh – Advisor | Retail Marketing

    Linda brings 15+ years of International Senior Retail Management experience to the team. Linda has an innate ability to embrace difficult challenges and working/living environments so is no stranger to driving consensus change within her area of expertise and within challenging markets.

    Post a successful career in various senior retail management positions in the UK in 1998 Linda moved to Kuwait as she was selected to drive the introduction and development of a very well-known high street brand on behalf of a leading Bahrain based franchise partner. From Kuwait Linda was then selected to manage 5 fashion retail brands in Dubai. From this successful assignment Linda was then selected to drive the launch of 20+ fashion retail outlets across the GCC.

    Linda has strong organizational and logical thinking skills, which have undoubtedly been some of the main ingredients for her successful career. These skills have also been translated into the legal industry business sector to assist a prominent international Intellectual Property corporation within the Marketing Department. Linda excels at training and development in the field of Customer Service excellence, which is driven by her analytical skills and understanding of customer demographics. This coupled with Linda’s strong Emotional Intelligence skills makes her a natural professional leader.

    Linda had a career break to focus on successfully raising her family, which has drawn upon her life and career skills. Linda by nature has a ‘have a go’ attitude to life in general and embraces new experiences and global cultural differences such as enjoying the challenge of skydiving from 15,000 feet or exploring the Ho Chi Minh tunnels in Vietnam.