In-Depth

Convergence of IT, Business Processes, and Security Delivers Sustainable Value

One way organizations can gain maximum value from IT is to unify the entire enterprise IT portfolio into a single, cohesive whole. Only with this kind of "convergence" can technology truly deliver the ROI, and bottom-line benefits, so avidly sought.

• By Richard Lord
• 03/16/2004

One way organizations can gain maximum value from IT is to unify the entire enterprise IT portfolio into a single, cohesive whole. Only with this kind of "convergence" can technology truly deliver the ROI, and bottom-line benefits, so avidly sought.

Webster defines converge as "to come together and unite in a common interest or focus." Convergence is an accurate way to describe the simultaneous alignment of the IT infrastructure with business processes, policies, and security for the purpose of optimizing the IT value stream while minimizing risk. Adopting a pragmatic, value-based convergence strategy is an effective way to ensure that:

• The right information flows to the right people, at the right time, and in the right way

• Critical industry or government regulatory compliance is factored into all processes that require it

• Adequate levels of security protocols are implemented—determined in advance, fully integrated, and appropriate to the organization's needs, industry, and mission

While it sounds like an impossible mission, there is a road map organizations can follow—encompassing technology, process reengineering, and change management—to achieve these goals.

Implementing a Convergence Strategy

Launching a convergence strategy is a life-changing event for any organization and is best managed in conjunction with an experienced practitioner. Most companies do not have the internal resources required to plan, manage, and deploy a project of this size and scope. They minimize risk and avoid business disruption by working with an implementation partner. The steps involved in planning, designing, and implementing a successful convergence strategy include:

• IT Infrastructure Assessment. Part of the planning process is a complete assessment of the existing IT infrastructure to determine what components may be required to build and maintain a sustainable IT foundation to meet current needs and future technology expansion plans.

• Business Process/Policy Review and Definition. This phase involves intensive planning, during which the internal and external business and IT teams—led by an experienced project manager— map key business processes, assess and define information access and workflow needs, and formulate a detailed plan and roadmap for the project, including budgets, timelines, and performance benchmarks.

• Building an Enterprise "Knowledge Portal." An enterprise portal is the key enabling technology for real-time collaboration across the enterprise and beyond. Services associated with building a knowledge portal as a vehicle for integrated information flow will likely encompass network infrastructure architecture, security systems design, programming, application development, implementation, and maintenance.

• Overall Security Planning. Expert services in this category may include a security needs assessment, followed by the design, implementation, and integration of enterprise-wide security layers covering physical, corporate, and information security. The security plan should be based on an organization's business model to provide a security "umbrella" tailored to the organization's unique security requirements.

• Technology Education and Training. In most cases, custom-tailored education and training programs are recommended for specific technology implementations and/or packaged applications. Flexible training options might include e-learning and customized on-site training, including end-user and "train-the-trainer" programs.

In selecting an external partner, it's important to assess each candidate's systems integration and project management skills to find one familiar with the concept of value-based convergence, as well as with the best practices associated with the alignment of business processes, security, and information flow.

Key Goals of Convergence

The primary goals of convergence are collaboration, integrated security, and IT value optimization. With globalization and the growing complexity and speed of business, companies today require secure, timely information flow across the enterprise and between partners—regardless of geography or time zones.

In many industries, global teams need access to real-time market and corporate data to make decisions, serve clients, and generate reports. Manufacturers rely on interaction with a network of global suppliers to keep production flowing. To reduce costs and increase efficiency, many organizations are seeking to consolidate processes, share services, and outsource services across regional and international boundaries. Without a high level of collaboration and assurance of reliable information flow, none of these scenarios would be possible.

Sharing the stage with real-time collaboration is security. With increased abuse of the Internet and more stringent privacy regulations, information security can no longer be an afterthought. It must be high priority and fully integrated throughout the network—from access control to IT infrastructure protection, and from intellectual property protection to customer transaction confidentiality—all while ensuring 24/7 information access and availability when, where, and by whom it is needed.

Reaping the Benefits of Convergence

What impact will the convergence of business processes, IT, security, knowledge management, and optimized technical resource utilization have on organizations? For those that have succeeded in pursuing the new paradigm, the value proposition is impressive.

Business performance benefits typically include: internal and supply chain cost savings, reduced operational costs, increased efficiency and productivity, and reduced workload in service (and maintenance for) the IT staff. These quantitative benefits typically occur quickly and drop right to the bottom line.

Less obvious are the qualitative, long-term effects of convergence, which for most organizations include:

• An end to "silos of information" hidden in obscure databases, replaced by a knowledge portal capable of delivering secure, just-in-time information to those who need it.

• Higher levels of security for business processes and transactions across the enterprise, which minimizes risk to confidential corporate and financial information, lessens security threats to intellectual property and sensitive customer or client information, and improves compliance with industry, auditing, and government regulations.

• Faster, more responsive collaboration across global internal operations, and between the organization and remote business partners, suppliers, and customers.

• Increased opportunity to re-allocate experienced IT personnel away from tedious, repetitive troubleshooting and into more strategic, value-added activities.

• Smoother, more integrated business processes result in better customer service, which improves customer satisfaction and can potentially generate higher sales and revenues.

These qualitative results may be hard to measure, but they are deep and lasting. When business processes and security are successfully converged with IT, employees can perform their jobs more efficiently and productively. Management gains greater visibility and control over operations, financial management and business performance. With greater collaboration and communication, external stakeholders—the suppliers, distributors, business partners and customers—often gain a new perspective on, and respect for, the organization's vision and leadership.

In short, the effects of convergence contribute to sustainable improvements that can lift an organization to a whole new level of performance, competitiveness, growth, and profitability.