Category: Risk & Compliance

  • IBM Vision 2012

    IBM Vision 2012

    Greetings from Orlando. I left Munich Saturday morning to attend the IBM Vision 2012 conference. This three day event for finance & risk management professionals will be exciting. There are fantastic keynotes lined up as well as a ton of awesome break-out sessions. I am really looking forward to it.

    IBM Vision 2012

    Keynotes

    The keynotes at IBM Vision 2012 promise to be especially interesting this year. The list of external speakers includes John Hagerty from Gartner, book author Michael Mauboussin and Everest explorer Alison Levine. Of course, there are also exciting IBM speakers including Les Rechan (GM for Business Analytics) and Mark Loughridge (CFO of IBM). I will be showing some great new solutions as part of the general keynote Tuesday morning from 11am – 12am EST.

    Join the conversation

    For those of you who will attend IBM Vision 2012, please do reach out to me (@cpapenfuss). I would love to connect. If you cannot attend the conference, you can still participate in the conversations. There are two main options:

    • Join via Twitter. The official hashtag is #vision12 . Also, make sure to follow @ibmcognos for updates. I will try to tweet whenever possible.
    • View the keynote sessions from your desk via Livestream. All keynote sessions will be broadcast and should be available for viewing after the event as well.

    Stay tuned for updates!

  • Open Pages and the convergence of Performance Management

    Part 2 of guest posts by Erwin Boeren

    Last year IBM acquired OpenPages as a strategic move into the area of Governance, Risk and Compliance. The latest announcement to acquire Algorithmics (quantative risk management) shows the serious commitment of IBM in the GRC market. GRC software will integrate into the IBM Business Analytics brand – the area where other critical acquisitions like Cognos, SPSS and Clarity reside.

    GRC AND PERFORMANCE MANAGEMENT

    Risk Management is getting more and more attention these days. Volatility and uncertainty is simply too high for organizations to ignore this area. Along with the increased focus on this discipline I have also seen more organizations moving towards an enterprise approach to risk management. And this is where I see the need for a convergence of risk management and performance management.

    Over my career I have seen many risk management implementations where a major portion of the time and budget was spent on essential things like risk reporting and dashboarding. In the past, companies struggled to collect the basic data and to create these reports and dashboards manually. Today, we experience an increased desire for self service reporting: Users not only want to create their own risk reports but they want to create them when they really need them. The enormous volatility in the markets does not allow risk managers to wait for several days or weeks to review the data in a suited format. No, they need the information almost in real-time. Any kind of delay can result in missed opportunities and sometimes even disaster.

    Open Pages GRC
    Risk Dashboard – Open Pages and Cognos

    PLANNING

    Apart from these reporting and dashboarding capabilities proper enterprise risk management also requires capabilities to align risks & controls to the strategic initiatives of an organization. Questions need to be asked: “What will prevent me from reaching my business goals?”, “How will we know that something is happening?”, “How can we prevent this?”, “What are effective controls?”. To obtain answers to these questions, one could resort to complex spreadsheets. But these are not suited for complex topics at the enterprise level. Instead, leading companies rely on solid models developed in planning software like IBM Cognos TM1. These models can then integrate into other plans such as strategic plans, annual budgets and forecasts. And that opens up a whole new opportunity: Now you can start looking at complex risk scenarios.

    PREDICTIVE

    Over the past decade, companies have collected a lot of data. Hidden in this data is a lot of information. More and more companies rely on predictive algorithms to crawl through this data to automatically detect patterns and relationships. IBM SPSS provides such capabilities, for example. Using these powerful tools, we can start looking at predicting certain events. Most importantly, the insights will enable us to gain a much better understanding of the critical risks and our control design.

    CONVERGENCE

    Effective GRC requires a lot more than just thinking and registering risks. No, we need to be able to analyze data, plan actions, run scenarios and leverage predictive capabilities. And that’s why I see a convergence of Risk Management and Performance Management. And let’s simply call this Business Analytics.

    Erwin Boeren is Governance, Risk and Compliance Leader at IBM Southwest Europe. Erwin has over 15 years experience in the software industry, in various roles in business intelligence, performance management and Governance, Risk & Compliance. Together with his family, Erwin resides in the Netherlands.

    Twitter : @erwinboeren
    Contact : erwin.boeren@nl.ibm.com

  • Governance, Risk & Compliance – An introduction by Erwin Boeren

    GUEST POST BY ERWIN BOEREN

    We have all heard the term: Governance, Risk & Compliance or simply GRC. But what exactly is Governance, Risk & Compliance and what are the challenges companies are dealing with?

    GOVERNANCE RISK & COMPLIANCE

    Let’s start from the beginning and look at the basic definitions. Governance is the overall approach for controlling the business environment and how to give direction to the organization led by our core values and ethics (voluntary boundaries). This includes the various processes, rules, policies and laws that affect the success of a business. Risk is all about the obstacles that we will have to overcome to reach our business goals and what type of  controls you have in place to prevent those obstacles from happening (controls). Compliance gives guidance on the boundaries that we have to adhere to while trying to reach our objectives. So far so good. Let’s took a look at some real life examples.

    EXAMPLES OF GRC

    Imagine that we are running a fictitious company. There are a number of things we have to do. An example of good governance is the protection of employees by labor rights (e.g. prevention of child labor). It could also be the company-wide travel expense policy that helps prevent improper spending. It could also be a company wide agreement on dealing with fair trade vendors only. In terms of risk , we might have to deal with a vendor not being able to deliver in time which might lead to claims from customers (a loss). A potential control for this risk could be a service level agreement with our suppliers to prevent this. And then there are also external regulations you have to comply with. This is the area of compliance. Regulations like Basel II for banks, the Solvency II for insurers and HIPAA for food handling belong to that category. No doubt – GRC is a broad area!

    THE GRC CHALLENGE

    The challenge organizations are faced with is the complexity of all regulations and the relationship between core values, ethics, regulations and risk management. Unfortunately, too many businesses look at GRC as separated silos. They often pay a huge price tag for this. Leading businesses are following an integrated, or enterprise approach for GRC. Doing this creates significant rewards like lower cost for external auditors due to existing and well documented proof about business controls and procedures. The benefits also include the ability to make better decisions due to deep understanding of risk which will lead to better outcomes. And I am happy to say that proper GRC will also lower the administrative burden due a significant reduction of those infamous and tedious control tests that are required to prove your compliance. Last but not least, organizations can also get loans at a better interest rate or cheaper insurance policies because they have proven to be better in control and thus a lower risk.

    GOVERNANCE SOLUTIONS

    Needless to say: IT can play a huge role in making GRC successful. It is no wonder then that IBM acquired one the leading software providers for Governance, Risk & Compliance solutions called Open Pages.

    But let’s talk about Open Pages and how Governance, Risk & Compliance can add value to Performance Management in another article next week…

    About Erwin Boeren

    Erwin Boeren, IBMErwin Boeren is Governance, Risk and Compliance Leader at IBM Southwest Europe. Erwin has over 15 years experience in the software industry, in various roles in business intelligence, performance management and Governance, Risk & Compliance. Together with his family, Erwin resides in the Netherlands.

    Twitter : @erwinboeren
    Contact : erwin.boeren@nl.ibm.com

  • What is IBM Cognos FSR?

    Back in October 2010, IBM acquired a company that Gartner used to call ‘The hottest FPM vendor’. Rightly so. Clarity Systems had developed several cool and extremely popular software products. The most well-known solution is called FSR (Financial Statements Reporting). FSR addresses a high risk area for many companies: It automates the publication of financial statements. FSR also allows companies to translate their financial statements into XBRL.

    Do you want to find out more about FSR? Take a few minutes and watch this interview with Li Ming She, Technical Manager for Continental Europe. We met in Brussels at the IBM Finance Forum 2011 and I recorded a quick interview with him on my iPad 2.