cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Risk Management Plan ERP WW Implementation

Former Member

on ‎01-12-2007 7:12 PM

0 Kudos

Hello All

I´m developing a Risk Management Plan and need to identify risks related to ERP implementation in multiple geographies. The implementations will be based on the same template and the template, a base model, will be managed in a centralized way by the corporation, both from a process and from an IT perspective, e.g., process changes that impact the base model will be approved by a centralized group responsible for the integrity of the base model. These changes, if approved, will be incorporated to the base model under a strict versioning and configuration management policy. The Business and IT organizations will have to manage both the integrity of the base model (and its versions) and the rollout of specific versions to the geographies. Geographies include Latin America, North America, Africa.

I´m willing to identify risks of the strategy to the business itself (the strategy I described above) and it´s impact on the IT organization/processes that will need to support it. This company already runs SAP on it´s biggest business unit, now it will be expanding the solution to smaller BUs in other countries. The base model currently used by the corporation is different than the base model (template) that will be implemented in the smaller BUs, for historical reasons.

A good start could be a Risk Assessment (part of a typical Risk Management Plan) of an ERP implementation project with similar characteristics, e.g.: multiple geographies, different Business Units in these geographies, having to ensure integrity of the base model (template), etc...

Does anyone have anything similar to this that I could use as a start? Thanks.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎01-24-2007 1:46 PM
0 Kudos

The challenges could emanate from the following areas:

1] Diverse culture.

2] Conflicting Statutory requirements.

3] Different accounting Standards.This puts pressure on version control.

4] Different Reporting requirements.

5] Different languages

6] Availability of competent local guys in IT,legal and Accounting and auditing

Areas.[ This will be pronounced if you implement in the local language,for example,German / Chinese].In some African countries,local professionals can get away with poor /faulty working.The local laws protect them from being sued.This affects the firm millions of dollors.If such guys form part of your rollout team,they can play a havoc.As a corallory,the quality control is another challenge.

7] Security problems associated with the Remote access like VPN etc.

8] The local IT laws.-some countries resist the transborder encryption.

Thus integrity,confidentiality and availabity -all are the serious candidates that require close scrutiny,both in long and short term perspective.

Before proceeding to assess the impact you should define your vulnerability in these areas and ascertain their materiality and the work arounds to mitigate them.

For the residual risks,rank them in terms of criticality,assess the impact and provide for the risks.

It is a good practice to allign the IT with the business processes,lest,the changes in the processes of any one of these sub units will severely affect the over all deliverables.

hope this will be useful to you.

Regards,

Ramesh.

Show replies
Show replies
Former Member
‎01-30-2007 9:05 PM
0 Kudos

Many good points! I would also add the following:

1) Central support group's understanding of the local processes

2) Time/process needed to roll out future changes (all businesses/locations may be affected by every change if you're not careful; and the change process may become VERY bogged down in beauracracy)

3) Ability to do future divestitures or spin offs. Ease of segregating data.

Regards,

Julie

former_member184494
Active Contributor
‎01-16-2007 8:30 AM
0 Kudos

Jose,

Since it is a global template rollout - did you check out the ASAP roadmaps provided by SAp ? they have risk management , Change Management and disaster recovery plans along with them ..

I believe there is an ASAP version on SDN otherwise you can get the same @

service.sap.com/asap and the roadmap has been enhanced recently and is available for download..

Arun

Show replies
Show replies
Former Member
‎01-16-2007 7:27 PM
0 Kudos

Thanks Arun, I have downloaded the ASAP roadmaps and I´m right now in the process of analyzing the content. But I suspect the content might be oriented to the rollout itself and I was trying to look at the problem from a broader perspective, both risks associated to the rollout itself and risks associated to the adoption of a "single" template in the long run. What are the challenges and risks for IT in managing a centralized model? There´s a subtle difference but there is a difference.

former_member184494
Active Contributor
‎01-18-2007 5:29 AM
0 Kudos

Jose,

I do accept your point that the ASAP is geared towards the rollout - and as you have mentioned , it gives some points towards identifying Organizational change issues at the very beginning...

Risk management could be at many levels -

Organizational -

Impact of M&A

Impact of new regulations

Impact of changes to business processes

On the IT side of things :

Disaster recovery management systems

Escalation procedures

Availability of systems

Even backup and restore mechanisms in place

Business Criticality vis-a-vis IT availability

Backup systems and failover systems in place

On the Softer side of things :

Personnel and succession plans ( what happens if the design leads quits )

Personnel availability management ( it can go right upto issues of managing absences...)

Backup resources and availability of additional resources

Project Models ( have the entire team in house or outsource??)

Many of the issues highlighted above would have to be looked at at some point or other and it might not be domain specific but then they do make some sense... and also with respect to an overriding question..

Will these really impact us and should we go to extraordinary lengths to cover the same - this would be more restricted to the person leading the initiative and the time frame available for the same and the importance given to the same..

My 0.02

Arun

Ask a Question