Erhalten Sie Zugang zu diesem und mehr als 300000 Büchern ab EUR 5,99 monatlich.
- Herausgeber: Books on Demand
- Kategorie: Fachliteratur
- Sprache: Englisch
The challenges of our customers are more and more diverse. A couple of strong trends like digitalization and cyber security issues are facing the daily life of all of us. This is true for our business and private life. That "People make a difference" is a strong Vineyard belief. Therefore, in this book the Vineyard consultants are interviewed in order to present their individual consulting experiences. As a starting point the current customer challenges and consulting trends are summarized. A contribution towards the GDPR deadline and approaches how to deal with these changes is following. The next article is suggesting how to handle the need in the pharmaceutical industry to communicate with business partners beyond the firewall. Based on Vineyards long experience in the IT Cyber Security world the following article is emphasizing why security is priority zero and how IT Security standards and frameworks can be used in a beneficial and lean way. The following two articles have a strong technical focus. While the first one is introducing the new technology "Summarizer" which is capable to compress existing files from a content perspective the following is about what an agile methodology can deliver in the field IT Service Management. The benefits of a focused eDiscovery approach for litigation processes are discussed in another contribution. How transitional changes for companies as a result of Brexit for example can be managed is following. Risk management in the cyber field for the banking industry and leading in projects are two interviews that reflect typical customer challenges. How to set-up an electronic archive as part of a digitalization initiative is outlined in an expert interview for the insurance industry. The benefits of a focused eDiscovery approach for litigation processes are discussed in another impulse. An interview about knowledge management is closing this book. As a key component for the customer in a knowledge society it is discussed how this can be approached for a consultancy. If you focus your deep dives you can also see the little things in a broader context. We wish our readers inspiring insights and new impulses to find the individual balance between the right deep dives and the ability for the helicopter view. Many thanks again to all Vineyard colleagues contributing to this new Vineyard book.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 248
Veröffentlichungsjahr: 2017
Das E-Book (TTS) können Sie hören im Abo „Legimi Premium” in Legimi-Apps auf:
Ähnliche
Vineyard Management Consulting GmbH
Vineyard Management Consulting GmbH is an experienced
Management Consulting company with focus on:
Change Advisory
Management of Complexity
Optimization of Projects
Networking with People
We have constantly enhanced our expertise and competence in numerous global projects in the sectors banking, insurances, telecommunications, automotive, and information technology.
Our Management Consultants have a project and professional career experience of more than 10 years leveraged by continuous investments in their personal development. During the successful delivery of our customer projects we emphasize on social aspects and intercultural specifics as well as on positive and target oriented communication.
Our core competencies are
Transition Management
comprises the strategy definition and the implementation planning to viably establish the change in the company context.
People Management
is often an implicitly required aspect in our projects, i.e. the steering and personal development of project members/staff and groups in terms of a value oriented coaching.
Complexity Management
means the capability for our Management Consultants to analyze, assess, and change complex structures, processes and IT systems. Vendor- and SW solution selections and management of RFI, RFP and RFQ processes.
Project Management
is in our view a core competence to ensure the sustainable implementation of largescale projects. The key elements for a successful delivery are long-term experience as interim, project and program manager, classic project management instruments according to e.g. PMI, Prince2, Six Sigma or CMMI and the ability to connect sector specific knowledge, people and deliverables.
Preface & Acknowledgements
The challenges of our customers are more and more diverse. A couple of strong trends like digitalization and cyber security issues are facing the daily life of all of us – this is true for our business and private life. That “People make a difference” is a strong Vineyard belief. Therefore, in this book the Vineyard consultants are interviewed in order to present their individual consulting experiences.
As a starting point the current customer challenges and consulting trends are summarized. A contribution towards the GDPR deadline and approaches how to deal with these changes is following. The next article is suggesting how to handle the need in the pharmaceutical industry to communicate with business partners beyond the firewall. Based on Vineyard’s long experience in the IT Cyber Security world the following article is emphasizing why security is priority zero and how IT Security standards and frameworks can be used in a beneficial and lean way.
The following two articles have a strong technical focus. While the first one is introducing the new technology “Summarizer” which is capable to compress existing files from a content perspective the following is about what an agile methodology can deliver in the field IT Service Management.
The benefits of a focused eDiscovery approach for litigation processes are discussed in another contribution. How transitional changes for companies as a result of Brexit for example can be managed is following. Risk management in the cyber field for the banking industry and leading in projects are two interviews that reflect typical customer challenges. How to set-up an electronic archive as part of a digitalization initiative is outlined in an expert interview for the insurance industry. The benefits of a focused eDiscovery approach for litigation processes are discussed in another impulse. An interview about knowledge management is closing this book. As a key component for the customer in a knowledge society it is discussed how this can be approached for a consultancy.
If you focus your deep dives you can also see the
little things in a broader context.
We wish our readers inspiring insights and new impulses to find the individual balance between the right deep dives and the ability for the helicopter view. Many thanks again to all Vineyard colleagues contributing to this new Vineyard book.
Hofheim am Taunus, November 2017
Carsten Fabig Alexander Haasper
Managing Director and Management Consultants of Vineyard Management Consulting GmbH
Table of contents
Consulting Trends
Customer Challenges
Question and Answers
Good Practices and Summary
Vita: Alexander Haasper
Past and Future of Data Management – GDPR-Deadline (28.05.2018) introduces new challenges in the IT landscape
Customer Challenge and Overview
Question and Answers
Good Practices and Summary
Vita: Dr. Lars Niemann
Secure Sharing and Collaboration beyond the Firewall in R&D Life Sciences - A necessity for New Product Innovations
Customer Challenge and Overview
Question and Answers
Good Practices and Summary
Vita: My-Ly Nguyen
Information Security is Job Zero
Customer Challenge and Overview
Question and Answers
Good Practices and Summary
Vita: Rainer Sponholz
Too much information is wasting money - Summarizer
Customer Challenge and Overview
Question and Answers
Good Practices and Summary
Vita: Dr. Coskun Akinalp
Usage of agile methodology in IT Service Management
Overview and Customer Challenges
Question and Answers
Good Practices and Summary
Vita: Laura Dinis
How can the IT department create added value in a litigation process?
Customer Challenges and Overview
Question and Answers
Good Practices and Summary
Vita: Frode R. Karlsen
Transformation programmes to manage changes like Brexit
Customer Challenge and Overview
Question and Answers
Good Practices and Summary
Vita: Carsten Fabig
Risk Management – Cyber Risk
Customer Challenge and Overview
Question and Answers
Good Practices and Summary
Vita: Ioana Salanta
People & Management: Leading laterally in projects
Customer Challenges and Overview
Question and Answers
Good Practices and Summary
Vita: Tanja Endres
Digitization of Insurance Companies
Customer Challenge and Overview
Question and Answers
Good Practices and Summary
Vita: Thomas Durstberger
Knowledge Management
Customer Challenge and Overview
Question and Answers
Good Practices and Summary
Vita: Anja Krause
Literatur
Alexander Haasper
Consulting Trends
I. Consulting Trends
1 Customer Challenges
The European consulting market is a growing business as the last 5 years are showing an increase of more than 5 percent per year. The 2016 turnover increase of 7,9% in Germany is an outstanding segment with a total market size of 9,3 billion (Mrd.) EUR. The stable economic environment and the digitalization across all industries are the main market drivers. In particular, the market as well as strategy consulting is also growing continuously. This is still a huge heterogeneous segment where the customer is supported by consultancies in various roles to drive the implementation of their strategic programs. The IT outsourcing business is of course growing as a result of cloud technology.
Looking from a customer perspective there are some major trends that are important to characterize the current customer situation. This should also inform consulting companies as to how they should enhance and sharpen their portfolio.
Digitalization means business model transformation
Digitalization has become a game changer. New competitors have already entered markets that have been stable for decades. Of course, the most prominent example is Google, an internet age company that has entered the automotive sector with their mobility services and autonomous driving competence. However, the majority of the companies have only just started to restructure as a result of digitalization. Across all areas of digitalization change management and business model transformation are required as this has a huge impact customer interaction and service delivery management from an organizational point of view.
The true potential for digitalization does not lie in one singe business line as today the majority of the organisations are in a near optimum state regarding the specific business line processes. The potential is in the orchestration and automation across business lines. Therefore, digitalization requires organisational transformation. The promises of artificial intelligence (AI) are high. But the implementation of this technology will take much longer as many of the protagonists are currently forecasting. The main reason are the risks related to applications of AI. As a consequence, all decisions supported by AI require a clear organizational setup and rules how to deal with risks and critical situations when the human staff needs to stepin for AI.
Data protection requires to manage the business records
The General Data Protection Regulation (GDPR) in the European Community requires companies to manage their records and enable deletion of individual data, based on pre-defined retention periods and, in certain circumstances, at customer request. The challenge is that the majority of the IT systems has never been designed to fulfil deletion requirements. Also for unstructured data e.g. on Microsoft SharePoint sites and file share systems the amount of data is a big and growing issue that companies need to get under control. The requirement to manage business records is not new one as a lot of regulated industries need to be compliant with law and regulation demanding minimum retention periods, some requirements of which date as far back as the 50s. The big challenge today is replication and copying of data to other contexts which has increased the amount of data tremendously. Besides the sheer volume of data there is also an issue with old or historic systems. There is often a lack of available know-how with these systems.
IT security needs to defend the company against cyber security threads
IT security is getting rising up the CEO’s and CISO’s agenda in the majority of companies, even those that are not heavily regulated. Security awareness has increased over the last couple of years due to the potential impact of malware like WannaCry or the risks related to direct hacker attacks. The main challenges for the customers are to deal with the different business stakeholders and regulatory bodies regarding cyber risks as well as manage a variety of relevant technologies and their operations effectively around the weakest links in the chain. The big challenge still facing the CISOs of the Mittelstand (Small and Medium sized Enterprises – SMEs) and the traditional industrial companies is that IT, and in particular IT Security, often does not have the appropriate importance in the organisation compared to Sales, Sourcing and Production.
Project management at high maturity level is a must-have transformation skill
In the majority of the companies the maturity of project management has increased significantly in the last decade. Even in industries where project managers have been hired from the external market there is a trend to staff projects more and more from the internal market. However, when it comes to strategic projects it is still a struggle to find the right people. The agile project hype is still relevant, however the companies are currently learning in which areas the agile approach is feasible and where it has to be combined with more traditional methods.
Although discussed for more than a decade, complexity management is a consulting topic the majority of the companies still do not want to buy or integrate in their day-to-day project management business. However, any organization has to deal with increasing complexity in a world becoming more and more digital and meshed.
Summary and Recommendations
Overall, the need for strong, solution orientated, including reliant, project delivery for consultants and companies is greater than it has ever been before. All strategic projects and disciplines require very skilled and experienced staff that harder and harder to find. On the one hand, more and more standard IT solutions help to not reinvent the wheel. On the other hand, the more complex topics require end-to-end and cross-organizational solutions which involves managing a variety of stakeholders and the interdependent aspects of strategic projects.
The majority of well established companies have not yet changed the organizational structures and daily work culture significantly: Agile approaches are mostly project or program specific, IT oriented projects are more open minded for the working environment for young talented software engineers, but often have missed to adjust the next management level, customer business attitude and parameters for a successful working relationship with these new IT teams.
The lack of skilled resources as a result of the high demands of the trends above is both an opportunity and a risk. As it is unlikely to find a perfect team from a subject matter skill perspective, the opportunity is to develop the relevant skills on the job and drive team and organizational development through long term partnerships and cooperation with consultancies that support new successful ways of working.
2 Question and Answers
Vineyard: Alexander, what has been the point in your CV when your fascination for consulting started?
Alexander: As a computer scientist with business administration focus from my studies I have started my career as a junior consultant in a small IT management consultancy in Wiesbaden in 1999. From the beginning with my more technical focus at that point in time I have been more than surprised and impressed that the efforts to create transparent concepts that can fly and finally get implemented in the customer organizations are so huge – and sometimes consulting seemed more like an art than fact based analysis. So I was very keen to take a much broader approach to develop my skills beyond IT management starting with process management and eBusiness development focused on projects in the financial sector. Of course, I was fascinated by the promising business models in the internet 1.0 age and on the other hand sceptical regarding the development of the consulting sector.
And then, yes to be honest it was more or less a biographical accident. In 2001 that company went bankrupt mostly as a result of the hard landing of the internet hype and a lacking ability for a quick change in the organization. Due to my fascination and a couple of inspiring colleagues I was convinced to continue as a self-employed consultant to set-up a new company for Management Consulting.
Vineyard: What has changed in general over the last 20 years in the consulting business?
Alexander: When I look back at the last nearly 20 years of my consulting experience there are a couple of new drivers and new parameters significantly influencing the consulting business. However, when thinking about what remains the same I can say: overall the nature of the business to effectively communicate with customers and help them with their strategical focus and orientation, conceptual problems or even operational setup.
As Vineyard is serving customers of various industries I think besides the classic industry culture and attitude the market pressure varies significantly across the branches with deviating profits and very different capabilities to change the organisation and business models. While the firms in a destructive competition market like telecommunications and banking need to focus more and more on cost reductions, the more Mittelstand or niche players can develop more focussed, flexible models by combining their way and intense of working together with consultancies. In particular the cost saving companies have learned to be more and more strict to push day-rates down for the senior and junior consultant skill level.
Overall the market is getting more and more transparent with increasing power for the purchasing departments compared to the customer line businesses. Last but not least to mention is the increasing dynamic: although it is even harder to find the right people the customers are less likely (?) to exchange consultants or stop projects where there is inappropriate project staffing.
Vineyard: What has been for you as a Management Consultant the most significant change?
Alexander: The answer is not so easy because as I mentioned there are a couple of game changers, although the key to consulting success and benefits for the customer remains the same. But overall a short answer really depends on my role. As a managing director of Vineyard Management Consulting the most significant change is to find the right people. That topic has always been a hard business but the current employee market and trends like the expectations of the so-called generation-Y is making it even harder. The solution is to be more open-minded for a diverse approach and to make people a top management priority.
As a Management Consultant in our customer projects the most significant impact has come of course a result of the increased experience. On average the responsibility to deliver has increased over years in terms of the management level I am working with or the complexity of the concepts or solutions we design and deliver has significantly increased.
Vineyard: Digitalization is happening in these days with increasing velocity. But a lot of the buzzwords seem to be old friends. So what is really new from your perspective?
Alexander: As business models and the patterns how the business value chains fit together are changing with increasing speed based on internet technologies digitalization is more than a trend. What happened to Kodak for example in Stuttgart can be seen directly besides the Daimler headquarters on the other side of the Rhine River. Instead of thousands there are only dozens of employees. The old film business for cameras in the affordable segment in the consumer market has been mostly replaced by smartphones. And at Daimler the fear not to compete with the new competitors like Tesla has of course already started the fight for new products and the transformation of the organization. The most significant drivers for the next waves of digitalization are the increasing number and reachability of industry 4.0 internet devices e.g. as part of new smart-homes and the more mature artificial intelligence solutions. The impact as well as the opportunities for new services and business models are tremendous. You can say that there is nothing new as over the last 25 years internet capabilities and business models have reached our daily life in all branches and also with new business models. However, the big model change is now that after the long phase of building technical connectivity and reachability it is now the data in terms of information and ability of automated decision making that will make the big difference.
Vineyard: If so many aspects are relevant how should organisations drive digitalization?
Alexander: The majority of the projects and transformation with strategical benefits will be cross-organizational. The organizations should focus only on the promising business models and not on silo optimization strategies. Therefore, to support such digitalization projects classical consulting skills, in particular change and transition management, remain a crucial key element. However, the organisation needs to create free room and independent areas for projects that are not hindered by the line organisation. So we expect more and more new companies to be founded being loosely coupled to their parent company. This can be 100% subsidiaries of a company, but also partnership based companies very likely also across industries. Besides the legal structure it is clear that digitalization can only be successful if the approach is mandated and driven from the management board. There should ideally be a change und communication team accompanying the digital transformation by introducing appropriate formats as well as coaching support. Altogether the whole approach must be consequently business case driven focussing the future turnover and profit. For the majority of the cases in the large companies I would expect that the development and transition can only be managed to be effective, unlikely being also efficient.
Vineyard: “It is all about data”. This famous statement about IT is true since a long time, basically at that point in time when the IT age of started. Why do the topics “information lifecycle management” and “data management” seem to have slept over years and are getting now to higher and higher importance?
Alexander: The business responsibilities are realizing more and more that “data” will be a more and more important topic of their daily work in the age of digitalization. However, according to current studies only 15% of the business stakeholders are adequately involved in data classification topics. However, my outlook is that the legal and regulatory pressure combined with more and more hard fines in this context will drive the necessity to start and continuously improve the company specific approaches to deal with information lifecycle management and data management as well. Due to the increased regulatory requirements, the related management efforts are so high that the business case to manage the deletion of data becomes more and more positive. Especially in the pharmaceutical and banking branches this is already a valid business case.
Although more ‘negative’ pressures such as compliance and fines have tended to be the driver in the past, there are increasingly positive drivers for information and data lifecycle management. As referred to earlier, the volumes of data, and in particular unstructured data, are increasing exponentially, bringing with them the associated cost. Strong information and data management practices can help generate operational savings. A further benefit is that in improving understanding of information and data, organizations are able to generate insights and business benefits that in turn can improve competitiveness and increase revenues. Importantly, there are also technological improvements that are more or less a pre-requisite to start the related initiatives. For example, tool for IT Service Management and Governance, Risk & Compliance (GRC) have matured over the last couple of years that now serve as an enabler for information and data management approaches. Last but not least more and more companies realize that approaches like data management have huge synergies with the digitalization of their company. So, it makes more than sense to start with the homework for the ability to adapt to the challenges in a digitalized world.
Vineyard: As you just mentioned the regulatory drivers how should companies handle GDPR? For a lot of small companies, the requirements from the European General Data Protection Regulation must look like an over engineered monster from Brussels?
Alexander: Well, this is a good question and from what I currently hear from such projects is that a lot of the requirements are already manageable and the structures and processes and plans can be put into practice. Despite this, there are a lot of historic IT solutions in place that have never been designed for the requirements of GDPR. The typical example is a large host system that is also the archive is still storing data that has been produced with routines that are not available anymore and also the staff having that knowledge has already left the company. But anyway no one can say how strict the fines will be handled as-of May 2018 regarding these specific cases. The main investment to all these topics is to understand your records and information, including the purpose for which you have them, the specific retention periods and any other legal requirements.
So my strong recommendation is to start with implementing strong information and data governance lifecycle practices including classification. Understand the purpose for which you are collecting personal data and know where that data is, including whether you are manging it in-house or it is being processed by a vendor. There is much discussion about whether classification can only be handled manually or by employing sophisticated technology. This discussion is from my perspective too ideological as both approaches definitely need to be applied at the same time. The sheer amount of data will force the companies to implement efficient technology. The need to govern and control the records management will require to ensure the human classification and intervention in these processes enabled by technology No system currently on the market integrates a record taxonomy and retention schedule for a specific industry automatically. Such conceptual work with a balanced granularity of such a concept will stay a typical consultancy work with knowledge in the specific industry.
There is also a strong synergy of such to the implementation of IT security requirements. To know your business records and IT systems where they are stored is leveraging IT security related data classifications to determine the level of protection needed and map the requirements to the IT systems. This knowledge can be used to focus for example data leakage controls.
Vineyard: Alexander, you already mentioned the link to IT Security as a trend and typical challenge for the majority of the companies. Why have you and your company gone deeper into the topic IT Security Management and what has been your individual starting point?
Alexander: Personally I was already interested in my computer science studies in the late 90ies when I learned for example how a PKI infrastructure has be implemented and some cryptographic theoretical things like “zero-knowledge protocols”. In my work as a consultant it just simply hit me while being part of a client’s project. Based on Vineyard’s complexity, process and project management competences I have been asked by one of our customers if I could support a strategic IT security project to improve the governance in the organisation including the introduction of market relevant KPIs/KCIs. That is how the first IT Security project for me as a Management Consultant started. As this also happened similar to other Vineyard colleagues Vineyard developed more and more know-how regarding security standards, but also subject matter knowledge like data leakage prevention or how to structure and improve the IT security operations. With our analytical skills Vineyard has also supported IT risk management concepts and significantly driven the implementation of related IT solutions.
Vineyard: What attracts you concerning the IT Security Management challenge?
Alexander: I think, IT Security is one of the top IT trends that will keep us as consultants busy for quite a long time due to the current lack of skilled resources at the market and the increasing regulatory requirements and dynamic as well. However, besides the project perspective the attraction at least for me is driven by the complexity of the topic and stakeholders to deal with. Currently, the typical first focus lies on the emerging tools on the IT Security market. But I do agree with the forecast of the strategic consultancies like Gartner that this will fundamentally change by more and more customer involvement regarding data management and classification. So, the niche where Vineyard is already in the IT Security market is from my perspective very attractive as the required profiles wanted are requiring a combination of strong analytical, communication, and IT background skills.
Vineyard: Which are the IT Security trends that appear on the horizon and which of those are already current challenges in your present consulting projects?
Alexander: With the increasing number of cyber-attacks, which are nowadays also communicated to the wider public via traditional press and social media, the call for an effective and efficient Incident Management and skilled threat intelligence teams will of course become more important. Not only the number of direct attacks are increasing also the reach of malware and impact is a major risk as the results of WannaCry have demonstrated this year. The hackers attitude has changed from wanting to demonstrate their skill and be able to impact something big to the pure commercial aspects as more and more ransomware is showing up to blackmail thousands of people and companies.
Automation is kicking more and more into IT Security Processes. Despite this, there is still the need for human intervention, although ever more and more tools will become increasingly integrated and semi-automated over the next couple of years.
The challenge to get the right people for specific IT Security will be a challenge over the next years. In this context one key is to use the individual network to get positions filled adequately.
To add with a short summary for the future I think the current IT security trends such as hacker attacks on specific organisations, SIEM, data leakage prevention and advanced malware as well as risk management will be drivers in software tooling and consulting trends for quite a long time. However, the dynamic will be particularly high when you look at software companies and the CISO organisations. As such, tooling projects and establishing IT Security department ‘as a service’ will, from my perspective, rule the next couple of years. Security software application projects will be more and more relevant as the market phase of integration with other applications has just started in the IT security application segment.
Vineyard: What are the rare consulting skills that are required and hard to get for IT Security Management?
Alexander: One big challenge is still the hard IT knowledge based skills like application penetration testing and threat intelligence analysts, followed by all the IT Security Incident Management staff that is ever more required but is now frequently outsourced to offshore locations. A lot of potential candidates are coming from audit or other internal IT positions, but these skilled people have their best fit often to more process or regulatory driven projects. When it comes to very specific topics with combined knowledge from IT Security and IT operations it is more than hard to find someone appropriate.
The solution to this general issue has a lot of aspects. One promising internal approach can be to see CISO as a pure governance, operations and enabling organisation unit and delegate as much as possible IT security competence into the 1st line of defence and rather educate existing staff in IT security topics. Unfortunately, this is not generally combined with additional resources for the 1st line (e.g. backfills) to support the change. However, more and more managers are pushing such an approach.
A second important solution aspect is that the stakeholders of IT security need to be convinced to invest more in IT security as it protects the intellectual property of an organisation. One key aspect is to put IT security approaches into a business understandable format. Often, this is not a key competence of IT security individuals with a strong technical focus and background. So, investments for example in an IT Security framework or risk based approach that is discussed with the businesses on a regular basis will definitely pay-off in the future. As IT security is a typical cross function, the standard pattern is to work with nearly all IT departments and experts and co-operate in an interdisciplinary fashion. So, from my perspective it is crucial for a CISO organisation to to be strong in stakeholder management as well as interdisciplinary working with the businesses, including strong methodological knowhow. This focuses the investments and also the staff and can serve as a basis to convince the business where IT security risks need to be addressed.
Vineyard: Project Management is more an old basic consulting skill. What is the current customer challenge and your way to manage projects?
Alexander:
