IRM GRC SIG Q&A session with Norman Marks on 30 May 2013 - http://www.chaordicsolutions.co.uk/blog/irm-grc-special-interest-group/irm-grc-sig-qa-session-with-norman-marks-on-30-may-2013/

http://www.chaordicsolutions.co.uk/blog/irm-grc-special-interest-group/irm-grc-sig-qa-session-with-norman-marks-on-30-may-2013/

This is a special event not on the IRM GRC SIG’s previously published programme … and is an unexpected opportunity to spend some extended time with Norman Marks, who is an Honorary Fellow of the Institute of Risk Management for his contribution to the risk management field.

Some more background about Norman: he has been a practitioner and thought leader in internal audit, risk management, compliance and ethics for a long time. During his career, he has led large and small internal audit departments, been the Chief Risk Officer and Chief Compliance Officer, and managed IT Security and governance functions. Norman makes the point that in theory, he has now retired from SAP, where he was an evangelist for “better run business”, risk management, internal audit, GRC and related business processes such as business analytics. However, he continues to blog, write, and speak – and mentor individuals when he can.

The session is scheduled for 13:30 to 15:30 London/UK time.  You can book your place using this link: http://irmgrcsigmay213.eventbrite.co.uk/#

The way the SIG is running the particular event is that, due to space and other restrictions, a few of the Steering Group members will meet face-to-face with Norman in London but we open up the discussions to everyone else in the SIG via an audio link.

If you have specific quesitons you would like to ask Norman please send them to me ASAP at my normal email address of robert_toogood@chaordicsolutions.co.uk by no later than end of business on 24 May so we can collate, finalise the agenda and share with Norman in advance of our session.

I hope you will be able to join us for what will be a very informative and lively debate. In the meantime, you can read more about Norman here on his website: http://normanmarks.wordpress.com/about/

Using hack days to support building of innovative culture - http://www.chaordicsolutions.co.uk/blog/from-our-business-transformation-consultants/using-hack-days-to-support-building-of-innovative-culture/

http://www.chaordicsolutions.co.uk/blog/from-our-business-transformation-consultants/using-hack-days-to-support-building-of-innovative-culture/

Using hack days to support building of innovative culture: increasing creativity and passion outside day-to-day work.

 

Extract from NVIVO Blog – Adam Long:

A hack day (also known as hackathon, hackfest or codefest) is an event in which those involved in software development collaborate intensively on software projects over 1 to 5 days to create new product innovation.

Where does the idea come from?

Companies that run hack days include Facebook, Google, LinkedIn, Microsoft, NASA, and many more.  I was convinced that we at QSR International should also be running hack days to empower our talented staff to create more inventions for our customers and employees.

QSR International’s company values are articulated as collaboration, innovation, and celebration.  Our hack day goals supported our company values and were summarized as:

- Collaborate with Peers

- Innovate the Platform, Product, or Process

- Celebrate the Demonstration of Ideas

Choosing a theme

We undertook our first hack day in October 2012 and set the theme ‘Invent the Future’ which was inspired from the quote ‘the best way to predict the future is to invent it’ by Alan Kay. Our second hack day was in March 2013 and set the theme ‘Leadership through Innovation’ which was inspired from the quote ‘innovation distinguishes between a leader and a follower’ by Steve Jobs.  We will continue doing more hacks days every six months.

 

 

 

 

 

What’s involved in a hack day?

In the lead up to the hack day we created a wiki based charter of ideas originating from customers that had not been explored.  Participants were encouraged to choose one of these ideas or propose new ideas and seek out interested team members.

Our first hack day involved 37 employees working on 15 unique project ideas over 2 days.  Given the success and interest in the first hack day, the second hack day involved 49 employees working on 17 unique project ideas over 2 days.

Each day started with a stand-up meeting to describe each project idea and raise any assistance requests.  On the afternoon of the second day an exhibit was held to demonstrate and celebrate each of the project ideas to the whole company.

Quality and diversity – how do you judge the best hack?

We assembled a judging panel consisting of the CEO, CTO (that’s me), Senior Project Manager, and an invited customer.  This judging panel had the difficult task of choosing the ‘most innovative’ and ‘most promising’ project idea.

Additionally, everyone in the company was given tokens to vote on the ‘most popular’ project idea.  The quality and diversity of demonstrable project ideas was incredible and exceeded most expectations.

Kevin Burfitt, our Senior Project Manager coordinated the hack days and when asked about his reflection on the hack days he had this to say:

“For two days we remove all the normal reporting structures, meetings and red-tape and just let people concentrate on their own innovative ideas.  Seeing the enthusiasm of so many people working together and bringing their hacks to life is inspiring.”

Turning hacks into real features: Community Feed and Geovisualization

The NVivo 10 Service Pack 2 released in February 2013 included 2 hack day project ideas from the first hack day.  The first was the Community Feed which facilitated the ability to provide live news, tips, and video tutorials to users of NVivo within NVivo.

The second was Geo-visualization which facilitated geospatial visualization of Facebook, LinkedIn, and Twitter data captured using NCapture (a browser add-in) for analysis within NVivo.

Encouraging creativity and passion

We are proceeding with a half dozen hack day project ideas that will find their way into product releases and company process over the remainder of this year.

Hack days support building an innovative culture which allows experimentation, failure, and learning.  It enables participants to express their creativity and passion outside their day to day work and drives increased innovation within the organization.  The time constraint imposes the need for creative problem solving and early prioritization to ensure a demonstrable idea.

To finish, I quote Thomas Edison, one of world’s most prolific inventors in history:

“The real measure of success is the number of experiments that can be crowded into twenty-four hours”

Author: Adam Long is the Chief Technology Officer at QSR International and is responsible for envisioning and developing QSR’s software products. Adam is passionate about innovation and technology, especially where it is applied to assist people understand and improve the world around us.

Copyright © 2013 QSR International

More … http://blog.qsrinternational.com/hack-days-creating-new-product-innovation/?

Latest Protiviti SOX survey show growing reliance on internal audit functions and control automation - http://www.chaordicsolutions.co.uk/blog/from-our-compliance-consultants/latest-protiviti-sox-survey-show-growing-reliance-on-internal-audit-functions-and-control-automation/

http://www.chaordicsolutions.co.uk/blog/from-our-compliance-consultants/latest-protiviti-sox-survey-show-growing-reliance-on-internal-audit-functions-and-control-automation/

Latest Protiviti SOX survey: key trends show growing reliance on internal audit functions and control automation.

 

Extract from Protiviti Press Release:

Demand for added attention to high-risk processes, growing costs and the increasing role of IT controls and testing reports are some of the key changes and challenges companies faced over the last year as they worked to meet Sarbanes-Oxley (SOX) requirements, according to findings in the 2013 Sarbanes-Oxley Compliance Survey (www.protiviti.com/soxsurvey) by global consulting firm Protiviti (www.protiviti.com).

When executives and professionals involved in SOX compliance were asked what was driving the most change in their SOX compliance processes, 66 percent said there was at least moderate change due to demand for increasing process and control documentation for high-risk processes. Additionally, 60 percent of respondents indicated that the increased amount of time required for walkthroughs and documentation around processes was also driving moderate change.

“To continue to improve their SOX compliance efforts, companies need to intensify their scrutiny of high-risk processes such as financial reporting, accrual processes, stock options and equity, and taxes,” said Brian Christensen, Protiviti’s executive vice president for global internal audit. “The study shows that companies are beginning to adjust in that direction and the shift aligns with guidance from the SEC and PCAOB.”

“It’s important to note that SOX compliance programs and processes should remain agile and ready to change course if public companies are to adhere to the law in an effective and cost-efficient manner,” said Christensen. “As demonstrated by regulators, providers of ongoing guidance (e.g. COSO) and rapidly changing business conditions, the achievement of sustainable, cost-effective and value-enhancing compliance processes remains an ongoing journey that requires continual vigilance.”

With regard to the new COSO internal control framework, nearly two-thirds (66 percent) of the Protiviti survey respondents were aware of the revision process. Not surprisingly, the vast majority (85 percent) were against early implementation in 2013. If given an adoption option, respondents were fairly evenly split across several potential implementation schedules, including fiscal year 2014 and adoption after 2014.

Shifting Responsibility to the Internal Audit Function

Year-over-year findings about which area within an organization is responsible for overseeing SOX compliance showed a sizeable shift toward the internal audit function and away from project management. In 2012, the survey found that 30 percent of organizations housed this responsibility with the internal audit function, while 25 percent handled SOX compliance through their project management office. However, in this year’s survey, 45 percent of respondents said internal auditing managed SOX compliance (up 15 percent), while only 10 percent said it was handled by project management (down 15 percent).

One reason for this shift is the willingness of external auditors to rely on the work of internal audit departments rather than other functions. In 2013, only 25 percent of respondents said there was an increase in external auditors’ reliance on documentation, walkthroughs and testing performed outside of the internal audit function, while 39 percent said there was an increase from external auditors in having the same work done by internal audit departments.

Additional Survey Findings

Other key findings from Protiviti’s 2013 Sarbanes Oxley Compliance Survey include:

1. Eighty percent of respondents indicating they have seen improvements in internal control over financial reporting structure since Sarbanes-Oxley Section 404(b) was first required for large accelerated and accelerated filers in 2004. This is especially true for large accelerated filers, with 87 percent saying there have been improvements

2. More than one-third of companies (38 percent) reporting a year-over-year increase (from 2011 to 2012) in SOX costs. Nearly half of the companies surveyed (47 percent) also reported a year-over-year increase in external audit fees during the same period. That said, on average the costs for SOX compliance are not extraordinarily high relative to the objective of quality financial reporting to investors through improved internal controls. For most organizations, the cost of SOX compliance remains at a manageable level

3. Automation of controls continues to be an area of increased focus, with 90 percent of companies surveyed this year indicating that they have plans to automate IT processes and controls for SOX compliance, up from 83 percent in 2012

About the Survey:  In its fourth edition, Protiviti’s 2013 Sarbanes-Oxley Compliance Survey gathered insights from 297 executives and professionals at companies with gross annual revenues ranging from less than $100 million to more than $20 billion. The survey was conducted in late 2012 and early 2013, and respondents included chief audit executives, chief financial officers, corporate Sarbanes-Oxley and Project Management Office leaders, chief compliance officers and others involved with SOX. The survey is available for complimentary download at: www.protiviti.com/soxsurvey.

About Protiviti

Protiviti (www.protiviti.com)is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through its network of more than 70 offices in over 20 countries, Protiviti has served more than 35 percent of FORTUNE 1000® and FORTUNE Global 500® companies. The firm also works with smaller, growing companies, including those looking to go public, as well as with government agencies.

More … http://www.protiviti.com/SOXsurvey

Latest annual terrorism and political violence map - http://www.chaordicsolutions.co.uk/blog/from-our-business-continuity-and-pandemic-planning-consultants/latest-annual-terrorism-and-political-violence-map/

http://www.chaordicsolutions.co.uk/blog/from-our-business-continuity-and-pandemic-planning-consultants/latest-annual-terrorism-and-political-violence-map/

Latest annual terrorism and political violence map: improvements but continued caution needed if looking to expand.

 

Extract from Continuity Central -  Aon Risk Solutions:

Aon Risk Solutions has released its 10th annual Terrorism and Political Violence Map to help companies assess risk levels of political violence and terrorism.

Produced in collaboration with global risk management consultancy The Risk Advisory Group plc, the 2013 Map is complimented by an online and interactive version providing clients a clear global and country level view on terrorism and political violence ratings.

Aon’s 2013 Terrorism and Political Violence Map points to a continued threat of a terrorist attack or political violence as 44 percent of countries measured have an identifiable risk of terrorist attacks. This trend is especially prevalent in African and the Northern African countries.

Despite 19 countries showing improved terrorism and political violence ratings, including the UK and Germany, data and analysis reflected by the map suggest continued and growing awareness is needed for businesses looking to expand.

The three perils measured indicate the different forms of political violence most likely to be encountered by businesses:

Terrorism and sabotage;
Strikes, riots, civil commotion and malicious damage to property;
Insurrection, revolution, rebellion, mutiny, coup d’etat, war and civil war.

Color-coded ratings of the 200 countries and territories measured act as a gauge for the overall intensity of the risk of terrorism and political violence to business in each country.

The data shows:

11 upgrades (increased risk ratings), including Argentina, Egypt and Jordan;

19 downgrades (decreased risk ratings), including Germany, Italy and the UK;

Countries worst affected by terrorism are Afghanistan, India, Iraq, Nigeria, Pakistan, Russia, Somalia, Syria, Thailand and the Yemen.

Europe has the most positive regional outlook, with 47 percent of the countries with lowered risk ratings this year. This reflects receding civil unrest associated with the financial and economic crises. Limited incidents of terrorism outside of Greece and Northern Ireland also accounted for lowered risk scores.

Lingering after-effects of the Arab Spring on regional security and stability remain evident. The Middle East is the most unstable region, with 64 percent of its countries attaining high or severe risk ratings, reflecting terrorism, unrest and conflict risks.

The Middle East and North Africa region witnessed the highest proportion of countries with a terrorism and sabotage peril, at 85 percent.

Copyright 2013 Continuity Central

More … http://www.continuitycentral.com/news06770.html

Watch out for enemies of agility - http://www.chaordicsolutions.co.uk/blog/from-our-change-management-consultants/watch-out-for-enemies-of-agility/

http://www.chaordicsolutions.co.uk/blog/from-our-change-management-consultants/watch-out-for-enemies-of-agility/

Watch out for enemies of agility: these will stop you from creating an adaptable organisation unless addressed.

 

Extract from Fortune CNNMoney – Julian Birkinshaw:

Last week, I taught a case study on the decline of Nokia to my MBA students. I asked them, “Why did Nokia fall from industry leadership to also-ran status in the space of less than five years?” Their answers were predictable:

- “They lost touch with their customers.” True, but almost tautological — and interesting to note that this is the same Nokia that in the early 2000s was lauded for its customer-centric marketing and design capabilities.

- “They failed to develop the necessary technologies.” Not really true — Nokia had a prototype touchscreen before the iPhone was launched, and its smartphones were technologically superior to anything Apple, Samsung, or Google had to offer during the late 1990s.

- “They didn’t recognize that the basis of competition was shifting from the hardware to the ecosystem.” Again, not really true — the “ecosystem” battle began in the early 2000s, with Nokia joining forces with Ericsson, Motorola, and Psion to create Symbian as a platform technology that would keep Microsoft at bay.

Through this period, the people at Nokia were aware of the changes going on around them, and they were never short of leading-edge technology or clever marketers. Where they struggled was in converting awareness into action. The company lacked the capacity to change in a decisive and committed way.

The failure of big companies to adapt to changing circumstances is one of the fundamental puzzles in the world of business. Occasionally, a genuinely “disruptive” technology, such as digital imaging, comes along and wipes out an entire industry. But usually the sources of failure are more prosaic and avoidable — a failure to implement technologies that have already been developed, an arrogant disregard for changing customer demands, a complacent attitude towards new competitors.

In such cases, the ultimate responsibility for failure rests with the CEO. But if such failures are to be avoided, it is clear that the CEO cannot do it on his or her own. People across the firm must keep their eyes open to changes in their business, and to take responsibility to push their new ideas and challenge existing ways of working.  Obviously, this isn’t easy to do, but if there is a better understanding of the problem then there is a chance for improvement.

So what are the enemies of agility you should be looking out for in your organization?  Here are my “big five”:

Ossified management processes.  Things get done in big firms through management processes — budgeting and planning, performance management, succession planning. These processes create simplicity and order, but they also become entrenched and self-reinforcing. One example: I was asked to put on a webinar for a big publishing company a couple of years ago, and they asked me to sign a 20-page contract for the right to talk about my research for an hour. The reason wasn’t hard to fathom — their antediluvian book-publishing process was running on autopilot, and doing its best to suck the life out of any new Web-based initiatives. What’s the solution here? First, identify and kill off the processes that no longer add any value. Second, pilot all new initiatives outside the existing processes.

Old and narrow metrics.  What gets measured gets done, but we don’t refresh our choices of measures frequently enough, and we end up with massive blind spots. Nokia didn’t think of Apple and Google as competitors until it was too late. A friend of mine took the reins at a major national newspaper in the U.K. in the early 2000s, and it took him more than a year to persuade his colleagues that Google should be added to the list of competitors they used to benchmark their performance. The solution here? Define your relevant market as widely as possible, so that your market share is as low as possible. And measure customer behavior very carefully — are they defecting? To whom?  And why?

A disenfranchised front line.  The first insights into changes in your business environment come from the people on the “front line” — salespeople, developers working with third parties, purchasing managers. But their voice — if it is raised at all — typically gets drowned out among all the others clamoring for executive attention. The solutions here are far from easy, but they include technology-based systems for sharing front-line information quickly with those at the top, as well as informal networks and cross-cutting task forces designed to address specific threats and opportunities.

Lack of diversity.  Nokia’s top executives were all Fins of similar age and background, and this surely hampered their ability to make sense of their changing business environment. Of course, we are all more comfortable working with people with similar worldviews and as a result we end up with inevitable blind spots. The solution? Hire people with different frames of reference from our own, or at least find a way to bring their point of view to the table. In the late 1990s, Infosys had a program called “Voice of Youth” designed to bring the insights of the under-30 crowd to the attention of the 50-something executive team.

Intolerance of failure. The bigger and more successful a firm becomes, the more risk-averse it becomes. Executives say they want innovative new products and services, but they expect them all to succeed. And, needless to say, this attitude breeds caution and rigidity. The solution here is clear: you need to find ways to develop a culture that encourages trial and error. Google, Amazon, and Netflix are all great examples — they have all had their share of dud products, but everyone accepts them as part of the package.

What do you think gets in the way when it comes to creating an adaptable organization? Share your story — and help us hack HR by joining the Building an Adaptability Advantage hackathon (registration required), a joint production of the Chartered Institute of Personnel and Development (CIPD) in the UK and the MIX.

Author: Julian Birkinshaw is Professor of Strategic and International Management at London Business School. He is co-Founder and Research Director of the Management Lab (MLab).

© 2012 Cable News Network. A Time Warner Company. All Rights Reserved.

More … http://management.fortune.cnn.com/2013/05/08/corporate-change-nokia/?

 

 

 

We must reinvent management - http://www.chaordicsolutions.co.uk/blog/from-our-business-transformation-consultants/we-must-reinvent-management/

http://www.chaordicsolutions.co.uk/blog/from-our-business-transformation-consultants/we-must-reinvent-management/

We must reinvent management: rethinking basic assumptions about capitalism, organisational life, and meaning of work.

 

Extract from Management Innovation eXchange – Gary Hamel:

What Matters Now: How to Win in a World of Relentless Change, Ferocious Competition, and Unstoppable Innovation

MIX co-founder and leading management thinker Gary Hamel shares his agenda for building organizations that can flourish in a world of diminished hopes, relentless change and ferocious competition.

This is not a book about doing better. It’s not a manual for people who want to tinker at the margins. Instead, it’s an impassioned plea to reinvent management as we know it—to rethink the fundamental assumptions we have about capitalism, organizational life, and the meaning of work.

Leaders today confront a world where the unprecedented is the norm. Wherever one looks, one sees the exceptional and the extraordinary:

- Once-innovative companies struggling to save off senescence.
- Next gen employees shunning blue chips for social start-ups.
- Hundred year-old business models being rendered irrelevant overnight.
- Investors angrily confronting greedy CEOs and complacent boards.Newly omnipotent customers eagerly wielding their power.
-Social media dramatically transforming the way human beings connect, learn and collaborate.

Obviously, there are lots of things that matter now. But in a world of fractured certainties and battered trust, some things matter more than others. While the challenges facing organizations are limitless; leadership bandwidth isn’t. That’s why you have to be clear about what really matters now. What are the fundamental, make-or-break issues that will determine whether your organization thrives or dives in the years ahead? Hamel identifies five issues are that are paramount: values, innovation, adaptability, passion and ideology.  In doing so he presents an essential agenda for leaders everywhere who are eager to. . .

… reverse the tide of commoditization
… defeat bureaucracy
… astonish their customers
… foster extraordinary contribution
… outrun change
… build a company that’s truly fit for the future

Author: Gary Hamel  has been called the world’s “most influential business thinker” (Wall Street Journal) and “leading expert on business strategy (Fortune). His landmark books have appeared on every management bestseller list. He is also author of 15 articles for the Harvard Business Review and articles for The Wall Street Journal, Fortune, and The Financial Times.

He is on the faculty of the London Business School and consults with GE, Time Warner, Nokia, Nestle, Shell, Best Buy, Procter & Gamble, 3M, IBM, and Microsoft. He founded the management consulting firm Strategos and the think-tank MLab. He is currently leading an effort to built an open innovation platform for reinventing management—the Management Innovation eXchange (MIX)—which is designed to radically accelerate the evolution of management knowledge and practice.

More … http://www.managementexchange.com/feature/what-matters-now

Need new leadership models to help us recover from current economic gloom - http://www.chaordicsolutions.co.uk/blog/from-our-strategy-implementation-consultants/need-new-leadership-models-to-help-us-recover-from-current-economic-gloom/

http://www.chaordicsolutions.co.uk/blog/from-our-strategy-implementation-consultants/need-new-leadership-models-to-help-us-recover-from-current-economic-gloom/

Need new leadership models to help recover from current economic gloom: must look beyond Fortune 100 for inspiration.

 

Extract from London Business School Business Strategy Review – Professor Julian Birkinshaw:

Rethinking the responsibility of business leaders

What is the primary responsibility of business leaders today? Is it to make a financial return for their shareholders? Or is it to contribute more broadly to the welfare of employees and society as a whole?

This question has always been important, but it takes on greater significance as we seek to recover from the worst contraction since the Great Depression.  How business leaders respond, and how they prioritise different stakeholders, will have a major impact on the speed of recovery.

A poll conducted by London Business School, in the lead up to the Global Leadership Summit on 20 May, showed that business leaders are being expected to take on a broader set of responsibilities than ever before. Across 3,800 respondents, maximising total financial return to shareholders was rated 3.7 out of 5 in terms of importance, while creating a responsible culture, demonstrating integrity and moral leadership, contributing to the long-term sustainability of the global economy, and creating an engaging place of work for employees all scored between 3.4 and 3.6. The message seems clear: we want our leaders to do everything!

What is the way forward?  There is an increasing recognition that we need new models of leadership, where business leaders can balance the needs of multiple different stakeholders and are visibly accountable to the organisations they work for rather than the other way round.  But it is not obvious what these alternative models might look like.

My view is that we need to look beyond the usual best-practice corporate case-studies, to see if there are leadership and management principles we learn from other settings.

- If we want our business leaders to be properly accountable, we can gain insight from the principles of joint responsibility exhibited by many professional partnerships.

- If we want our business leaders to take a long-term view, we should seek to understand how many family-owned firms have sustained themselves over hundreds of years.

- And if we want our business leaders to balance multiple competing objectives, we can learn from the checks-and-balances built into democratic governments.

This is just a starting point. There are also, of course, many different models of corporate governance that avoid the short-termism and financial focus of the Anglo-American model, and there are insights to be drawn from the renewal and adaptability of cities, faith systems, and even life itself.  The challenge is to raise our horizons, and to look beyond the Fortune 100 for a glimpse of what the future of leadership might look like.

Author: Julian Birkinshaw is Professor of Strategy and Entrepreneurship at London Business School

Copyright 2013 London Business School

More … http://bsr.london.edu/lbs-article/754/index.html