IT WEEK • 28 JUNE 2004
36 COMMENT Will anti-spam and anti-scam groups
of the world unite against their common enemies?
36 INTERVIEW IT takes lead
in corporate governance
MANAGEMENTWEEK
WHERE TECHNOLOGY BECOMES BUSINESS REALITY
Editor: Madeline Bennett
Supply chain plans fall short
Madeline Bennett
DATA MANAGEMENT DIFFICULTIES
•
One in 10 firms that have invested
ne in 10 UK firms have seen no
in supply chain management systems
benefits from their investments
say they have seen no benefits.
in supply chain management
Only two percent of firms have had
(SCM) systems, according to a recent surall their expectations met.
vey by analyst firm PMP Research. Experts
Poor data management has been
said poor data management was often the
blamed for disappointing returns.
reason for such disappointment.
Only two percent of respondents said
their supply chain systems had met all of
that inadequate storage management is
their expectations. A third said although
often the problem. “If you end up with a
they had seen no benefits so far they were
bloated hardware infrastructure, it’s hard
hopeful of seeing returns in the future,
to pinpoint critical data,” he said. “The
while 10 percent reported no benefits and
challenge has been to cut fat out of the supvery low expectations of this improving.
ply chain and make it tighter.”
Despite the difficulties, busiFerguson added that a more
nesses have continued to invest in
disciplined approach to data and
SCM. Almost half said that they
content management would help
were spending the same amount as
companies realise more benefits
they spent three years’ ago, while
from their SCM investments.
37 percent claimed to be spending
Organisations said they were
considerably more.
under pressure to develop supply
The failure of SCM systems to
chain processes that operate faster
meet companies’ expectations is
and more flexibly. They also said
not necessarily the fault of the
that the accuracy and reliability
available technology. Neil Fergu- Lopker: data
of information was often a cause
son, PMP’s research director, said capture problems for worry – a fifth of respondents
O
•
•
Firms ease staffing pains
by combining IT and HR
James Mortleman
uman resources and IT departments are turning to a new
breed of hybrid IT and HR managers to ensure that technology projects
are staffed appropriately, according to a
new report by analyst firm Meta Group.
Meta Group’s 2004 IT Staffing and
Compensation Guide reveals that an increasing number of the world’s biggest
companies are creating a new hybrid HR/
IT management role to take charge of IT
departments’ complex staffing needs.
The new HR/IT managers identify the
skills needed for firms’ IT projects and
ensure that appropriate staffing actions are
being taken. They may also direct HR programmes within the IT organisation and
H
itweek.co.uk
offer advice for its various business units.
Meta’s Maria Schafer, author of the
guide and a senior programme manager for
Meta Group’s advisory service, said the
combined role began to appear shortly before the new millennium. “[At that time]
there was a surge in demand for IT personnel in the wake of Y2K compliance work
and the dot-com boom. But today it is
becoming much more common,” she said.
Schafer added that an HR/IT programme manager would generally sit within the IT department and report to the
chief information officer, with an additional reporting line into the HR function.
Schafer noted that companies were
recruiting these hybrid managers from
both HR and IT backgrounds. “Generally,
they are people with an HR or recruitment
indicated they had concerns about the
quality of data within their core systems.
Pam Lopker, president of SCM specialist QAD, agreed that data management
is often a problem, adding that many
organisations have found it difficult to drill
down into relevant information.
Lopker cited the example of a manufacturing organisation that wanted to reduce the period outstanding for accounts
receivable from 80 days to 70. “EPM
[enterprise performance management]
solutions should be able to capture data at
the transactional level to indicate why
these accounts receivable are past due. Is it
a product deficiency, a sales problem or a
finance issue?” she said.
“EPM at the moment provides information on what is not paid, but not why.
The systems should be able to drill into the
data and tell businesses how to reduce the
problem,” Lopker added.
Companies are relying on their business intelligence systems to manage the
data at the heart of their supply chains,
Lopker said. “But we don’t think it’s possible to provide performance management
in these tools,” she concluded.
ROLE OF HYBRID IT/HR MANAGER
Sit within the IT department
Map skill sets to IT projects
Manage IT recruitment
Source: Meta Group
background who have specialised in working within IT,” she said.“However, in some
cases, organisations are hiring people directly from IT – perhaps the unusual ‘people person’ who wants to follow a different
path,” Schafer added.
A senior HR strategist commented that
the trend for HR/IT hybrid roles was long
overdue. “Because of the complexity of IT,
the discipline can be pretty meaningless to
people without an IT background,” she
argued. “HR departments can be isolated
from IT processes and projects as they don’t
understand what they’re working with.”
www.metagroup.com
CONTENTS
36 COMMENT The proliferation of
anti-spam and anti-phishing groups
might be undermining progress.
Should they combine their efforts,
wonders Madeline Bennett
37 INTERVIEW Martin Owen, consultancy services manager at Popkin
Software, explains how IT managers can ensure firms comply
with corporate governance rules
Testing tools
align systems
with business
Madeline Bennett
Compuware launched a suite of
products last week to help firms
manage the testing of applications in
line with overall business objectives.
QACenter Enterprise Edition 5
can help IT teams decide where to
focus their quality assurance tests in
light of the impact on business services, according to the software and
services company. The product offers
a risk-based testing methodology
that is able to rank requirements
according to various business, technical and historical factors.
The latest version is also optimised to address the changing business needs of organisations, and
enables testing teams to realign their
efforts to new business priorities by
automatically creating a revised testing plan, according to the firm.The
enhancements are designed to
streamline the testing process and
help IT managers to make more
informed deployment decisions.
Compuware has added a unified
reporting feature to address the
complexity of quality assurance metrics.The company said that the product offers capabilities to tailor test
reports to meet the needs of IT
executives wanting a high-level view,
as well as business managers wanting
a less technical summary.
The product also features a new
browser-based user interface, to help
entry-level employees and to improve
the efficiency of testing teams.
Theresa Lanowitz of analyst company Gartner said firms are likely to
welcome such application-testing
tools that promise to measure and
manage testing efforts in accordance
with overall business goals.
QACenter Enterprise Edition 5
is available immediately.
www.compuware.com
35
MANAGEMENTWEEK
IT WEEK • 28 JUNE 2004
Unite to fight online irritants
Better co-ordination between the various campaigns and working groups that aim to combat
problems such as phishing and spam would bring faster results, says Madeline Bennett
his month an anti-phishing
consortium and an instant
messaging focus group were established. The Trusted Electronic Communications Forum, set up by
messaging security firm CipherTrust
and banks including HSBC, aims to
develop best practices to combat
phishing attacks – where criminals
lure users to fake online banking or
other business sites in an attempt to
obtain their account details.
Meanwhile, an instant messaging
focus group has been launched by
Eema, a non-profit e-business association. This group aims to promote
interoperable, secure enterprise
messaging and to address the issue
of unauthorised use of public IM
systems within firms.
However, the focus group’s
objectives sound remarkably similar
to those of the Instant Messaging
Standards Board. This was a body
established in 2002 by a group of US
financial services companies, aimed
at pushing IM vendors to open up
T
their systems so they could communicate with each other, but in a
secure fashion.
And we already had the AntiPhishing Working Group, whose
members are various financial services firms and e-commerce specialists, along with email security
vendor Tumbleweed. This group is
also hoping its efforts will lead to a
crackdown on phishing attacks.
There are also various anti-spam
working groups, for example the All
Party Internet Group and the Coalition Against Unsolicited Commercial Email, along with industry-led
schemes such as Microsoft’s Caller
ID for Email, supported by Amazon, Brightmail and Sendmail.
It’s great to see evidence of so
much interest in tackling problems
such as phishing and spam. But I
imagine that in some ways these
duplicated endeavours reduce the
effectiveness of each separate group
– and they would achieve more by
combining their efforts.
Meanwhile, from one perspective it looks like the Italian government is taking the strongest stand
against spammers. Under the
European Commission’s Privacy
and Electronic Communications
Regulations, spammers found
guilty by an Italian court face fines
of up to £60,000 (this compares
with £5,000 in the UK), along with a
prison sentence. I think the Italian
government should be applauded
for taking the problem seriously,
and should serve as a model for all
other governments to follow in the
fight against these irritants.
However, that same government
should also be pilloried for exploiting spam for its own purposes. The
Italian government sent out millions of spam text messages earlier
this month, apparently in a bid to
boost turnout at the recent local and
European elections. The messages,
sent from prime minister Silvio
Berlusconi’s office, contained details
about voting procedures. Although
IT calls shots on governance
Popkin Software’s Martin Owen offers tips to improve the way
IT teams help firms comply with corporate governance rules
CORPORATE GOVERNANCE INTERVIEW BY MADELINE BENNETT
K organisations – especially those in
the transparency of corporate governance.
the financial sector or with a pres“The OFR is due to go through law in
ence in the US – are at risk of becoming
the third quarter 2004, and as of next year
overwhelmed by new rules for corporate
all companies will need to [comply with]
governance. Recent regulations include the
this as mandatory,” says Owen. “They’ll
updated Combined Code on Corporate
need to demonstrate how they’ll perform
Governance and the US Sarbanes-Oxley
over the next year, covering not just their
Act. And more are due, with Basel II and
tangible but intangible assets.”
the International Accounting Standards on
Owen predicts that over the next six
the way, and a proposal for European Sarmonths, compliance with the OFR will
banes-Oxley-style auditing rules.
become a major concern for organisations.
Compliance is set to cause
“It means the FD [financial direceven more headaches with the
tor] can go to prison. This will be
introduction of the Operating and
a case where the FD is happy to
Financial Review (OFR) rules, acrelease funds for IT investment as
cording to Martin Owen, consulhe’s personally at risk.”
tancy services manager at busThe OFR could have a major
iness process modelling specialist
impact on IT departments because
Popkin Software. This legislation
technology is often at the heart of
would require listed UK firms to
assessing and managing risk. But
publish details of risks to their
despite the additional burden, IT
business and counter-measures Owen: check
chiefs should view compliance as
taken, with the aim of improving where rules overlap an opportunity for overhauling
U
36
technology systems, according to Owen.
“There are major side benefits. What you
are actually doing is streamlining operations,”he argues.“You’ll be identifying holes
in the IT architecture, overlaps in systems,
and areas that are under-performing or
stretched. It’s forcing you to model and
understand your architecture.”
Many IT chiefs are aware of the basic
implications for their departments – for
example, that they will have to produce
information to satisfy the requirements,
says Owen. However, fewer understand the
common areas between the different regulations. “Most organisations aren’t aware
of overlaps in regulations. They embark on
Basel II or Sarbanes-Oxley programmes
separately and spend money to solve each
short-term problem,” he adds.
This means firms could be wasting IT
resources by duplicating work for compliance. “The IT department needs to go
through a massive cultural change in terms
of understanding where there are system
overlaps and information overlaps,” says
Owen. “One thing you’ll get automatically
as a result will be cost savings.”
Setting up good processes for corporate governance can give firms a competi-
the government argued that it was a
great example of technology bringing the state closer to its people,
opposition parties argued that it
violated privacy and was a political
tactic to recover votes.
Can we expect to see the Italian
PM facing charges under the privacy directive? I expect not, but this
example does highlight the importance of working groups and industry initiatives serving the needs of
users as opposed to their own.
Joined up, neutral efforts would
be the most effective way to deal
with these problems. Vendors and
user organisations should try to
establish and support groups that
keep this in mind. ITW
[email protected]
ABOUT MARTIN OWEN
Owen is consultancy
• Martin
services manager for modelling
tool vendor Popkin Software.
joining Popkin in 1989, Owen
• Before
spent two years working for IBM.
has been involved in the dev• Owen
elopment of the Business Process
Modelling Notation within BPMI.org.
tive advantage, says Owen. “As your business evolves and responds to market needs,
your information needs to change,” he
says. Ensuring applications are based on
accurate data will help firms respond to
change and boost their ability to compete,
he adds. “It’s not the systems you have in
place but how you run them as a business.
There are hundreds of companies using
SAP but different operational procedures
mean that some can perform better and
respond better to customer needs.”
Although compliance should be an
integral part of any company’s operations,
the approach taken will differ according to
the organisation and sector. Owen notes
that a fast-moving firm active in mergers
and acquisitions would need to manage its
compliance programme with an eye on
likely changes. “But a local government
organisation might need to respond more
to financial constraints,” he says. ITW
itweek.co.uk