Category Archives: Resource Hub

The Top 4 Sources of Compliance Risk

Articles, Resource Hub, Risk, Risk Management

When it’s your job to protect the company’s bottom line, the last thing you want is to get the company in needless and expensive legal trouble. Lawyers are expensive as are fines, and even the suggestion of criminality or unethical practice is bad for your reputation. So legal compliance is a fact of life for every company.

But while you want to be a good “corporate citizen”, you also don’t want laws and regulations to ruin your business model either. Changes in regulations and enforcement can have an enormous impact on your business. There’s really no ethical way around it. But, with proper risk management, you can play by the rules without being played by the rules.

To get you started in thinking about these risks, let’s review the top 4 sources of compliance risk:

Laws & Regulations

Failure to meet regulatory requirements can lead to fines, penalties, loss of operation licenses, and more. Other times, changes to trade regulations and agreements can affect international sales. Keeping up with constantly changing regulations and other legal requirements is difficult, and careful monitoring and prompt adoption is critical. Falling behind can slow operations and affect overall company performance.

In May 2019, British Steel announced it was on the verge of bankruptcy thanks to Brexit-related issues. Between the Brexit negotiations and the US-China trade war, the UK steel industry was not ready for their European partners to delay purchases nor the resulting in up to 25% tariffs on most of the steel exported to France, Germany or the United States.

Over 4,000 jobs at risk at their main plant, an estimated 20,000 more jobs along their supply chain were also in danger. The British Steel jobs were only saved once the company was sold to Jingye, in March 2020. As of March 2021, changing laws and regulations still leave the entire future of the UK steel industry in doubt.

The uncertainty around anticipated export laws made the Brexit-related regulatory risks nearly impossible to manage. While British Steel’s Brexit breakdown is an exceptional case, it serves as a cautionary tale of how regulatory risk can bring an entire industry to its knees. Every company needs to do their best to identify such risks and manage them as best they can before a crisis hits.

Employee Misconduct

Employees who break the law or violate ethical standards can have a disastrous ripple effect on a company. Company morale, culture, and stature are all put at risk for substantial legal and financial repercussions when employees, especially executives misbehave.

This happened to Alphabet, the parent company of Google. In 2019, shareholders filed a lawsuit against the board of directors. In the suit, the shareholders accused the board of shielding senior executives from claims of sexual misconduct. The shareholders claimed Alphabet had breached their fiduciary duty, abused their control, enriched themselves unjustly and wasted corporate assets. Google employees around the world walked out of their jobs in protest of a $90 million exit package awarded to an executive who was asked to resign over credible sexual misconduct claims.

Alphabet settled the suit in 2020. As part of the settlement, $310 million went to fund a council on diversity, equity, and inclusion initiatives. They also created a new Employee Disciplinary Committee and mandated coaching that would hold executives to a higher standard of conduct.

While Alphabet managed to mitigate the fallout with a legal settlement, the costs of employee misconduct were still incredibly high. The effects of employee misconduct rippled through the company, down to the employees and the shareholders. Had they managed this risk better from the start they might have avoided this entire mess.

Assess Your Compliance Risk

Get this free assessment to improve your understanding of the requirements and elements of Risk Leadership.
Download Now!

Product Failures

Products that fail to deliver on your company’s promise can ruin your reputation and bottom line. But in some cases, they can get you sued by your shareholders as well. 

CD Projekt Red (CDPR) hyped up their Cyberpunk 2077 video game for over 8 years before its release in late 2020. Promotional videos promised a fully immersive futuristic world for gamers to play in. Despite countless production delays, over 8 million people purchased pre-order copies.

But the game completely failed to deliver a product worthy of that hype. It was full of game-breaking bugs and lacked many of the promised gameplay features. Those who bought and played the game were upset. The glitches and became the butt of jokes and memes for weeks following the release.

The product was so shoddy that Sony, which sold digital versions of the game in its online stores, halted sales and offered full refunds. In an open letter, Adam Kiciski, the CEO of CDPR, urged disappointed fans to take advantage of the offer. He even opened a phone hotline to help those having trouble getting refunds. As a result, the company’s share price plummeted 31% in a matter of weeks.

Following the drop, CDPR was hit by two shareholder lawsuits. The suits claimed that CDPR made statements about Cyberpunk 2077 that were “materially false and misleading” citing the many bugs in the console versions of the game.

While CDPR’s ultimate fate remains to be seen, what’s clear is the fallout that can result from a failed product. Even if CDPR manages to recover, it will be an uphill battle to rebuild their reputation both with consumers and shareholders. 

Safety Violations

Accidents happen. Sometimes human error is to blame, other times it’s the equipment. Having a culture of workplace safety can help reduce accidents and keep your company compliant. But if there is a lapse in those protocols or maintenance procedures, the results can be catastrophic.

The infamous 2010 Deepwater Horizon accident in the Gulf of Mexico, off the coast of Louisiana, is the largest offshore oil spill in US history. After the fact, investigators found the rig operators did not sufficiently conduct safety inspections on the very systems that failed. Fines from the US government totaled $20bn and the company was charged with manslaughter (later dropped) for the deaths of 11 of their workers.

Of course, safety issues of this scale are unique to the oil and gas industry. Still, this tragic event shows how overlooking a safety violation can snowball into a disaster for all involved. 

Conclusion

While the examples above are not the only sources of compliance risk out there, they do help illustrate their nature. It’s never just about following the rules to avoid a fine. Sometimes it’s adjusting to the changing rules to preserve your business. Other times it’s about being a good corporate citizen. At the end of the day, these are all things your company’s stockholders, future employees, and clients will look at when deciding if you truly are acting in their best interests. 

The best thing you can do to honor the needs and expectations of your stakeholders is to assess your compliance risks and manage them. They may not notice when things go right, but they will certainly notice when things go wrong

Transform Risk Management Into Risk Leadership

Get started by ordering your Compliance Risk Management Assessment today.
Order Now!

Helping C-Level Executives Worldwide gain a competitive Advantage via Question-Based Self Assessments

Articles, Resource Hub

The Art of Service is helping more than 100,000 clients in over 100 countries stay ahead of the game with Self Assessment Toolkits covering a range of topics. The company is on a mission to help C-level executives identify blinds spots in their businesses while properly vetting third-party consultants, or eliminating them entirely. And, because consultants need consultants, too, The Art of Service recently released its first certified consultant program based on decades of in-house experience.

When husband and wife Ivanka Menken and Gerard Blokdijk first founded The Art of Service in 2000, their primary goal as consultants was to help businesses grow by breaking down IT silos.

Over the years, the entrepreneurial pair saw the rise of conflicting trends: one toward rapid, agile development and another centered on compliance and risk aversion. At the same time, budgets were shrinking, and leaders were asked to do more with less.

Could businesses have their cake and eat it — affordably? Ivanka and Gerard thought so.

This is the start of an article HostingAdvice.com wrote about The Art of Service and our Self Assessment Toolkits.

To read the complete article, please go here: www.hostingadvice.com/blog/the-art-of-service-delivers-valuable-self-assessments/

Why do we care about C-level executives?

Articles, Resource Hub

If only we knew then what we know now – The Art of Service was founded to solve the issues we encountered in our roles as C-level executive and organizational change management experts.

That’s why we focus on question based consultancy – to help you find the questions you need to ask to achieve your organizational goals and personal targets.

Because you don’t know what you don’t know – we can help you to identify the gaps in your knowledge and understanding of the business processes in your organization.

Knowing what we know about the technology industry from our years of experience, we offer clients technology leadership opportunities as a way to hone their skills and increase their wealth of knowledge.

Our pledge is to empower and enlighten technology leaders to truly gain a competitive advantage within their field.

By offering continuous avenues for self-improvement, we impart knowledge and experience to those willing to harness it and, in turn, can help them to influence their industry.

What’s the big deal about conferences and Expos?

Articles, Resource Hub

Yesterday we returned from a week long trip to Orlando, FL, to attend the Service Management World Conference and Expo as an exhibitor.

Coming from Australia you may think we are mad for traveling halfway across the world for a 3-day conference and to be honest, at times I had that thought as well. Especially when jetlag kicked in, which can be brutal at times.

For years I’ve avoided going to conferences because I was under the impression that in this modern day business environment you don’t need to attend conferences anymore. However, this week has proven me wrong, very very wrong.

So what’s the big deal about going to a conference? In one word: PEOPLE.

Today’s technology is amazing – we can have instant video meetings with anybody around the world and do deals with people we never meet in person because everything is done via email and web portals.

We have virtual teams in multiple locations and clients in 100+ countries. Most people will never meet us in person as there is no direct need for this effort to be able to sign up for our toolkit subscriptions or to purchase an instant download product.

There is however something profoundly magical about interpersonal connections. Meeting with a person face to face where you can read their body language… is priceless.

Sitting across the table from somebody and really listening to the other person, directly, without being distracted by annoying headsets or notifications on your screen. Finding yourself fully engaged in the conversation with that other person and learning about their business career and what makes them excited. You don’t get that easily in a video conference or phone conversation.

In a conference situation you also have the opportunity to spend a bit more time outside of the official meetings to get to know the person behind the businesscard. This is perhaps my most favourite reason why there is value in attending these industry conferences. You meet people who are interested in the same topic, work in the same industry and deal with the same challenges and issues.

When you have discussions with people who work in the same industry, you can’t help but learn new things. New insights into a familiar situation. New approaches to an issue you’ve been struggling with for a while. Or perhaps something super simple that you completely overlooked until somebody new points it out to you. 

The job title doesn’t define the person – there is so much more to a person than their status or rank in a business. At a conference you’re amongst peers, you’re there to learn from the keynotes, breakout sessions and from the conversations at the breakfast table. I find that often the biggest learning, the gold nugget, shows up in the least obvious way.

That’s most likely the reason why your head is spinning at the end of a 3-day conference and you can’t wait to get back to your normal job. Make sure though you build in some processing time to absorb everything that you’ve learned and to find a way to implement this in your job going forward. Don’t try to do too many things, just 1 or 2 things done well is a much more valuable outcome.

So what did I learn? Mostly that there is absolutely a business case for attending conferences as a learning tool. I learned how much I enjoyed talking with my peers in the industry, to learn from our clients on how they use our products and services and the difference it made to their business.

But I also learned that in this current environment of AI, machine learning and IoT developments, it is the people who are the glue of the industry. And I don’t think that this will change any time soon.

So there it is – can’t wait to see you all in Las Vegas in April, where we’ll be exhibiting at the Support World Live Expo (www.hdiconference.com/) – see you there!

Best practice for CIOs

Articles, Resource Hub

“In my role as CIO I wanted to implement best practices to be sure we were doing the right things without wasting resources. I just couldn’t find any manuals to follow. Turns out, there was no manual for being a CIO. There was no manual for creating a better organisation or for digital transformation, and that kept me up at night”

That’s what Gerard Blokdijk – CEO of The Art of Service – told us when we spoke with him about the reason behind the Self Assessment Toolkits. 

He’s been on a mission to empower professionals to unleash their potential and building Self Assessment Toolkits have been pivotal in this journey

One of the main tasks of a CIO is to translate the company’s vision into an IT Strategy that can be implemented at an operational level with the technology and skills available to you. Often, the first step in this process is to benchmark your current performance against best practices.

This benchmark can be done in the form of a Self Assessment. A Self Assessment gives you a current status overview, a line in the sand to give you clarity and understanding where IT Strategy adds value. This benchmark also visualizes where the weak spots / areas for improvement are, which makes it a perfect exercise before you allocate resources for an improvement project.

When you look at self assessment questions, it’s important that you answer them based on your own personal opinion and experience. This becomes even more important when you fill out the Self Assessment with your team. Each individual in the team answers the questions differently – but keep in mind that the ultimate answer to each of these questions is:

‘In my belief, the answer to this question is clearly defined’.

You can go even further and ask for documented evidence, rather than just opinions. This will move the questionnaire more into an auditing realm as you require evidence to substantiate the answers.

Some of the most important management requirements for IT Strategy are listed below. For each of these questions, think about your current role and try to answer them truthfully. 

Are these requirements identified, assessed, implemented and documented? Or is there room for improvement of IT Strategy processes in the organization?

The management requirements are across 5 different phases, which coincide with the general life cycle of a business process. These phases loosely align with Deming’s Quality cycle: Plan – Do – Check – Act (PDCA for short).

  • Plan what you are going to do
  • Do what you planned for
  • Check / study and analyze the results of what you did in the previous step
  • Act accordingly – improve the activities, measurements and expected outcomes.

To help you to understand the style of questions you can ask during a Self Assessment, we chose a selection and placed them in the appropriate phases:

Phase 1: Recognize the value of IT Strategy for the overall business

  • How are the IT Strategy’s objectives aligned to the group’s overall stakeholder strategy?
  • What are the expected benefits of IT Strategy to the stakeholder?
  • Does IT Strategy create potential expectations in other areas that need to be recognized and considered?
  • Why does IT-business alignment continue to be an important issue for CIOs?

At the start of the engagement it’s important to identify why we even bother to work on IT strategy. What is the reason for this investment? Why is IT Strategy important to the business? It’s also an opportunity to learn about the benefits of IT Strategy in general to a CIO.

Phase 2: Define what IT Strategy means within the context of our business

  • What are the Roles and Responsibilities for each team member and its leadership? Where is this documented?
  • Has a high-level ‘as is’ process map been completed, verified and validated?
  • Has the direction changed at all during the course of IT Strategy? If so, when did it change and why?
  • What are the environment requirements to your organization?

While it’s interesting to learn about IT Strategy in general, the next step needs to be around the increased understanding of what IT Strategy means.

This part of the Self Assessment focuses more on the way your business is organized and how IT Strategy will make a difference within the context of the company and current business processes.

Phase 3: Measure & Analyze How IT Strategy is currently performed

  • Is it cost effective and/or good business practice to contract out for special competencies?
  • What data was collected (past, present, future/ongoing)?
  • Is the management process adequate for ensuring that issues will be addressed?
  • Does your organization systematically track and analyze outcomes related for accountability and quality improvement?

Even though you didn’t have a playbook, or best practice around IT Strategy, this doesn’t mean you didn’t do anything about it. No organisation is a true greenfield scenario when it comes to implementing IT Strategy processes. That’s why we need to identify the current activities and the resources utilized currently within the IT Strategy implementation processes.

The questions in phase 3 revolve around identifying what is currently being done and how well we are analyzing the raw data that is collected.

Phase 4: Improve the IT Strategy processes

  • How can the IT-business alignment be improved?
  • Where are your core business applications developed and/or running?
  • What does failure to properly align IT with your organizational strategy result in?
  • What is the optimum choice of a consumerization of IT strategy to realize business benefits?

This is where the rubber meets the road – how do we use all the information from previous phases and use that to our benefit to improve the IT Strategy processes? The questions in this part of the assessment are meant to make you consider the various areas within IT Strategy that you can improve on and what that improvement is going to mean for the business. Can you effectively measure the results from your improved IT Strategy processes, and what would that look like?

Phase 5: Control & Sustain the IT Strategy Objectives

  • How do you leverage business models and IT strategy to plan your digital business transformation initiatives?
  • How will the day-to-day responsibilities for monitoring and continual improvement be transferred from the improvement team to the process owner?
  • Is there a control plan in place for sustaining improvements (short and long-term)?
  • Are services really cheaper and better outside your organization?

The final maturity step is to create the ability to control and sustain the IT Strategy processes and the deliverables. It’s wonderful to be able to achieve a specific result once, but it requires a lot of effort, skill and determination to create a system where the results can be controlled, sustained and predicted.
Focusing on these questions in the Control and Sustain parts of the Self Assessment questionnaire will help you to focus your attention to those activities that truly matter.

While a Self Assessment won’t be a play-by-play handbook it will give you the roadmap to succeed during your journey in your position. And to be honest, at your level of competency you have grown beyond the need for a play-by-play handbook as you want to bring your personal touch to the business and the department you’re managing.

The Self Assessment for IT Strategy will clearly show the gaps in your knowledge, understanding and the communication breakdown within the company. It clearly shows you a path to leadership by addressing what you don’t know.

IT Strategy Toolkit: store.theartofservice.com/it-strategy-toolkit-best-practice-templates-step-by-step-work-plans-and-maturity-diagnostics

If you’re interested in Digital Transformation, why not try this toolkit: store.theartofservice.com/digital-transformation-toolkit