Being a CISO in 2021 – our Head of Security David Clarke

Our Head of Security, and CISO Service lead, David is recognised as one of the Top 10 influencers by Thompson Reuters, and a Top 50 global expert by Kingston Technology. He is also one of the Top 30 most influential thought-leaders and thinkers on social media in risk management, compliance, and regtech in the UK.

 

In his role as Head of Security at QuoStar, David leads the CISO Service. The CISO service provides businesses with the cyber-security skills and experience necessary to manage the multitude of threats and rapidly changing risk landscape of today, on a flexible and cost-efficient basis. David take’s a moment to share his views on it all.

 

1. How did you get started in the security field and ultimately become a CISO?

David: I was around when some of the first Viruses went mainstream. Back then I worked for one of the only companies that made Multi Factor Authentication systems in the 90’s. It was “leading edge” at the time.

I built and ran one of the largest commercial remote access platforms using Multi Factor Authentication.  Then I ran Infosec for some FTSE 100 companies, one of which was the largest private trading network in the world – trading 3.5 trillion dollars a day.  Another was managing Global Security Services Operations Centres (24/7) across 4 continents, where most of the customers were FTSE 250.

 

2. What do you enjoy most about working as a CISO Service resource/consultant?

David: Meeting challenges of audit, due diligence, and breach management.

Audit is getting more involved and complex and due diligence is often 300-400 questions and an “interview” with the compliance department of potential customers.

Breaches is about managing with around 10% knowledge of the situation and making decisions in a very short time for the best outcomes – while ensuring buy in from the board. They always seem to happen on Friday evening!

 

3. As Head of  Security, what challenges or issues do you regularly see in small and mid-market businesses? Why do you think the same issues keep occurring?

David: 1. Robust management of access and privilege management. 2. Managing risk consistently. 3. Not aligning Cyber Security with Data protection requirements – as they overlap at a core level.

If you have control of the information assets servers and cloud, information security is much easier to manage. It enables savings in resource and effort if this happens and can demonstrate to the business control and improvement.

 

4. How do you think the security landscape has changed in the last five to ten years?

David:  As a CISO Service lead, I believe it is manging the hybrid of internal servers and cloud – and managing the challenge of access control. The company boundary is very fluid, especially where ‘what’s company and what’s personal’ is concerned.

One of the best frameworks is ISO27001. It is good for demonstrating accountability and decision making. It also aligns with SOC2 and parts of HIPAA quite well.

 

5. What do you think will be the emerging risks businesses need to consider in the next 1-2 years?

David: It used to be technology first, then followed by making technology safe and compliant. Now technology needs to be safe and compliant first, and performance orientated second – along the lines of what has happened in the automotive, aerospace, building and food industries.

The risks potentially surround the technology itself not having enough security management capability, or that if it does it can be resource intensive.  There’s also the globalisation of threat actors and the capability of managing multiple global data protection regulations.

More recently the US Biden government issued a memo to US Businesses in summary June 2, Stating the 5 best practices – one being Multi Factor Authentication. Other important aspects are multi-pronged backup Updates, Incident Response, external testing and network segmentation.

 

6. Has the Covid pandemic exacerbated security concerns or introduced new ones for businesses to deal with?

David: Probably, due to homeworking and fast transformations of moving office servers to the cloud, as well as an increase in Ransomware attacks, an increase in Data Protection legislation globally and the increase in corporate security concerns due diligence.

It has been an increasing challenge for a Head of Security. We have seen an increase in demand from due diligence enquiries, especially for more detailed homeworking policies and guidelines. So, the lines have blurred as to what is home device or a work device. The “physical office” is now the home office, and mandating rules now have to be guidelines that are appropriate – as well as using more layers of defence to protect staff and corporate assets.

 

7. Do you think businesses focus too much on the technical/technology element of security (e.g. AI solutions)? What other areas do they need to consider?

David: Potentially yes, without an end-to-end strategy, it makes security technology “tactics” unlikely to see a ROI, Return on Investment.

As Head of Security, I see the human element of security is also overlooked quite often. Especially when you consider that almost half of all security breaches are caused by human error. This is even more disconcerting when you consider that only 60% of employees will report a security breach too.

We are actually hosting a free webinar on that subject on 29th July 2021 at 1pm, so if you’d like to know more register for free.

 

8. How important is cyber-security education? What are the challenges for a Head of Security conveying the risk/educating business? Who in the business needs to receive education/training and how often?

Education is very important, as is having the appropriate training for each role ideally aligned to the companies risks – so that maximum benefits can be realised e.g. developers would require different training from HR staff, as the risk they are managing are different.

Of course, there will always be a need for baseline cyber and data protection training. You can find out more about what Security Awareness Training there is available for employers and employees in our article here.

 

9. Do you feel there is a security skills/talent shortage? What advice would you give to businesses to combat this?

David: I’m not entirely sure. If there is a shortage, there is definitely a misunderstanding of what skills are required.

Personally, I would align the risks and the strategy, then decide what skills are required to make it happen. It may be that companies would benefit from outside help – to formulate the strategy, and always have access to a range of skill levels onboard to achieve skills resilience.

The other issues that many companies seem to come up against are 24/7 and global, so having just one capable Security resource will not be enough to cover these time periods.

 

10. As Head of Security, what advice would you give to businesses who want to reduce risk and increase their security posture?

David: Manage Risk regularly with key stakeholders.

Ideally do not remove a risk or lower a risk without evidence, from at least the following e.g. a Policy, Procedure, Penetration test, Internal Audit, External Audit or risk committee approval. This will demonstrate accountability and assist in managing data protection, to enable a defensible position in the security posture.

Ensure a multi-layer approach to security. Utilise things like Access control, least privilege, Approved applications, strong email defences, layered endpoint security, centralised control of endpoints and access, plus multiple point backups.

 

11. If there was one security investment you could recommend to businesses what would it be and why?

David:

One piece of tech most companies aren’t using

To keep companies ahead, Secure Access Service Edge will help with Cyber security and Data Protection. The ROI is great! It releases staff time, and the payback can be in months.

 One Framework

You can manage risk and accountability using ISO27001 framework. If you are not going to be certified, ISO27001 also helps align with NIST, SOC-2 and can help align some components of Data protection. It can clearly demonstrate accountability.

Training that is focused to the role in the business is most appropriate, using the “Incident” metrics to tailor training and technology requirements.

 One practice
Have a data/Cyber champion in every business function so you’re able to manage threats, risk and increase incident reporting capability to enable “real-time” issue management.

 

We hope you found David’s current take on Cyber-Security insightful. During his career David has worked across multiple sectors, including financial services, government, utilities and FinTech, working with a variety of clients – from start-up level and SME up to FTSE 100. He previously held the role of Global Head of IT Security at BT and Radianz (formally Reuters). He’s also been responsible for managing the security infrastructure and delivery of ISO 27001 for multi-billion/trillion-dollar environments. He is also an active CISO consultant on our CISO service offering.

Find out more about how to improve security within your business by signing up for David’s free webinar The Important Role Your People Play in Cyber-Security  on Thursday 29th July at 1pm.

 

Book an online review with QuoStar’s consultancy team today.

 

contact us button

How to find the best CIO Solution for your organisation.

IT Strategy: How to decide which CIO Solution is right for your business?

 

Having a CIO-level professional on your board is the first step to treating IT as a strategic asset rather than a cost. Question is, full time, interim or virtual CIO?

IT is no different from any other business-critical area. You know a transformational IT roadmap will bring significant operational and financial benefits, but you need a professional with the right skillset to pull it all together. It needs a strategy, leadership, and ongoing management if you want to achieve measurable returns and competitive advantage. A CIO – but do you need that position filled in-house or with a virtual CIO?

A CIO (Chief Information Officer) is usually the most senior technology executive inside a business. They hold responsibility for the IT strategy and determine areas for improvement and development within the IT systems and processes. A commercial mindset, extensive experience as well as a deep understanding experience of technology and its application, is necessary for a CIO. 

A CIO will focus on IT strategy and leadership, ensuring that IT is aligned with business goals.

Unlike an IT Manager, a CIO is more outward-facing. They will focus on IT strategy and leadership, ensuring that IT is aligned with business goals and works in unison with the overall business strategy. However, as the CIO is often the executive level interface between the IT department and the rest of the business, they need to keep abreast of day-to-day operations and issues. Any IT projects will likely be owned by the CIO, and they will be accountable for signing off on the solution and the implementation. They will ultimately be responsible for the project’s success, outcomes, and ultimately the ROI. A good CIO can see past emerging technology hype.

Many businesses assume that the only way to gain access to a CIO’s knowledge and experience is a permanent hire. While this is certainly one option, it can be costly and unnecessary for your current needs. If you’re flying blind how will you know they really are as experienced in the field as you require? There are alternatives available that may be a better fit for you. 

We explore four different ways businesses can fill the CIO role: Full-time Permanent CIO, Interim CIO, Virtual CIO and a CIO service. We look at pros and cons of each to help you with the decision-making process.

The 4 types of CIO you could hire

Discussing Information Officer needs

1. Full-time, permanent CIO

A full time permanent hire CIO is an experienced technology leader who sits within the business at board level, with full time generally meaning 40+ hour week for most – and doesn’t come cheap.

What are the benefits of hiring a full-time CIO?

  • Dedicated and experienced IT leadership at board level
  • Effective IT strategy that works in unison with the business strategy
  • Removes the load from senior leadership, allowing focus on their expert areas of the business
  • Delivery of operational improvements and a measurable return – they’ll advise on the right investments
  • Significantly reduces the likelihood of poor project outcomes, disruption and disgruntled staff.
  • Enables businesses to address and manage risk more effectively
  • Awareness of evolving threats, as well as changes in the commercial landscape
  • Gives a competitive edge, allowing the business to mitigate risk and capitalise on opportunities their competitors may be unaware of. 

What are the disadvantages of hiring a full-time CIO?

  • The CIO skillset is in high demand – these senior professionals can pick and choose their roles to some extent 
  • The specialist knowledge makes a CIO an expensive hire. (Average salaries are around £141,000 but can be upwards of £200,000)
  • If this is the first CIO a business has hired, then senior leadership may be unsure of what they need.
  • Difficulties assessing candidates’ experience and whether it aligns with business needs only serve to make the process even longer  
  • Mid-market businesses may not have the requirements for a full-time CIO
  • Although the strategic direction and commercial focus will undoubtedly be of benefit, a less complex IT environment and a lower capacity for projects could mean a limited scope for change  
  • Research shows that CIO tenures are short, with an average of just 4.3 years – making them the shortest-tenured C-suite exec
  • Two-year stints aren’t uncommon as CIOs often want new challenges and the opportunity to deliver real change.
  • A full-time CIO may turn out to be a very expensive, short-term hire. You might find yourself stuck in what feels like a constant recruitment cycle. 

 

Consultation

2. Interim CIO

Also known as a Contract CIO, an Interim CIO is an experienced technology leader who temporarily fills the CIO role.  The average tenure is between six months to two years and an Interim CIO is usually bought in to tackle a specific challenge while the business transitions between permanent CIOs. However, they are also sometimes hired to support and mentor a newly hired or promoted CIO. 

An Interim CIO’s role typically falls into one of two camps:

  1. Responsible for building corporate resilience so the business can maintain a competitive advantage. Essentially keeping the lights on.
  2. A transformational role, tasked with formulating a strategic plan and executing it. 

What are the benefits of an Interim CIO?

  • Quicker to hire – a benefit for businesses in ‘crisis mode’ who cannot afford to wait to make a permanent hire
  • A benefit to time-sensitive projects (such as an M&A) and need for immediate access to the skillset
  • Their laser focus on a specific project or business area allows Interim CIOs to add immediate value
  • A dedicated, experienced professional driving an initiative increases the likelihood of that project remaining on track and delivering expected outcomes
  • A rich and varied CV can make Interim CIOs valuable mentors
  • Experience across multiple industries, business types and environments. They will have seen a multitude of scenarios and challenges – knowledge that can aid the IT department
  • Can help senior leadership make better IT-related decisions 

What are the disadvantages of an Interim CIO?

  • Interim CIOs are an expensive hire
  • They are in high demand, and with a limited number of professionals available, they can cherry-pick their projects
  • An Interim CIO is only going to be available for a set period, so there may be limits as to what can be accomplished in that time 
  • Businesses will need to define a clear objective for the engagement and a fixed schedule for delivery
  • Existing problems in the business environment may affect the success of delivery
  • Long-term or chronic underinvestment in the IT environment, problems left behind by predecessors, or a need for overall business transformation can all affect project delivery 
  • An Interim CIO will need to quickly get up to speed with the organisation structure and technology portfolio, and quickly win round and influence key team members to ensure objectives are met. (of course, it’s not impossible, but the senior leadership team need to be confident in their hire). 

 

Hire a virtual CIO (vCIO)

3. Virtual CIO

Virtual CIO (vCIO)also known as a fractional CIO, provides consultation on IT and technology strategy as a third party. Compared to full-time and Interim CIOs, who take an active role in company operations, the vCIO is often an advisory role.  

They will have similar responsibilities to an in-house CIO, but the core difference is that the service is delivered virtually. You may not meet your Virtual CIO and there could be multiple people working on the business at different times, depending on the structure of service. 

What are the benefits of a Virtual CIO?

  • A vCIO Service offers significant cost savings compared to hiring internally
  • Most services are offered at an hourly rate or flat fee, making it easy to budget and account for
  • With a vCIO you will have someone dedicated to strategic IT management, even if its on a limited basis 
  • A good starting point for companies new to the strategic approach
  • Will be better than people within the business spending a few hours here and there trying to make improvements. 

What are the disadvantages of a Virtual CIO?

  • Virtual CIO Services focus more on the improvement of day-to-day operations, rather than long-term strategic planning, management and innovation  
  • A vCIO typically works across multiple businesses, so may not be as readily available to deal with issues that arise
  • Businesses which are tech-heavy or very reliant on technology will probably need a more heavyweight and involved resource 
  • As a virtual service, you may have little to no ‘face time’ with your CIO
  • It may be difficult to build trust as the CIO may feel disconnected from the business, affecting results delivery
  • Depending on the provider you have chosen, you may also need to factor in time zone and cultural differences. 

 

4. The CIO Service – a better alternative for the mid-market… 

You may feel that a virtual CIO wont deliver the expertise and attention needed to achieve measurable outcomes – but you also don’t have the resources or requirements to justify a full-time hire, and an interim CIO just won’t do.

Often, it’s not operationally or commercially viable for mid-sized organisations to have a full-time senior internal IT professional. However, access to professional IT management expertise and skills offers a competitive advantage.  With the right management, IT can improve the business’s bottom line, aid client engagement and service delivery, and improve staff retention.

Luckily there is a fourth alternative that bridges the gap, while still delivering tangible value on a cost-effective and flexible basis – a CIO Service.

QuoStar’s CIO Service has been specifically designed to provide mid-market businesses with the strategic IT leadership necessary to deliver the benefits of a full-time CIO but without the significant costs.  

What are the benefits of a CIO Service?

  • Harness the transformational potential of IT
  • Enables access to the skills, expertise and commercial acumen of a CIO-level consultant
  • Flexible and cost-efficient
  • Supports organisations throughout their entire IT transformation journey; from evaluating current standing and areas for improvement, through to building and implementing a roadmap and change plans.

Our QuoStar CIO Service offers

  • Proven, seasoned sector-specific CIOs with a combined 60+ years’ experience 
  • A proven methodology and framework to deliver a strategy and transformation 
  • Completely embedded within your organisation – one of the team 
  • Guaranteed results backed by our Outcome Assured™ promise 
  • Delivering measurable outcomes for businesses just like yours!

Hear how Blanchards Bailey have benefited from using the QuoStar CIO Service here.

 

Get more from your IT with a strategy, on-demand CIO-level Consultant: We help businesses to us IT to gain security, stability and a competitive advantage in a rapidly developing marketplace. Click here to find out more.

 

QuoStar launches new on-demand CIO Service in shake up of digital transformation consulting

The CIO Service - Blanchards Bailey Client Spotlight

Leading IT consultancy QuoStar has announced the launch of a CIO Service that will deliver on-demand access to top-level IT leadership on a flexible, cost-effective basis.

QuoStar’s solution will provide businesses with a dedicated, experienced CIO-level Consultant who will work in partnership with the senior leadership team to ensure IT continually delivers measurable results. Businesses will benefit from a board-level understanding of performance and receive a clear roadmap for future tech investment and improvements. As a result, they will be able to reduce unnecessary spend, enhance client service delivery and engagement, and gain a lasting advantage over competitors. Based on co-sourced arrangements, this is a fresh approach to bringing external expertise into the business. It’s backed by QuoStar’s Outcome Assured™ guarantee, giving peace of mind that the expected results will be achieved.

IT investments require continuous management and businesses must consider them strategically to deliver the expected returns. While enterprise businesses can employ and retain highly skilled and experienced IT professionals to plan and lead their IT functions, many mid-market businesses cannot, even though the need for professional IT advice is just as great. QuoStar has recognised this challenge and has developed a service that effectively acts in place of the top-level internal CIO position while delivering the benefits of a full, expert external team.

The CIO Service will be headed by Chris White, Head of Consultancy at QuoStar and former Global CIO at international law firms, such as Clyde & Co, HFW and Ashurst. He leads a team of experienced IT leaders who have built and run complex IT environments across many sectors.

Chris comments:

“Technology is increasingly critical to the success of every business. The competitive landscape is changing in most sectors, clients require higher levels of service from their suppliers and remote working looks like it’s here to stay. Technology must be considered as a strategic asset. There’s no getting around the fact that transformation can be expensive, complex and time-consuming. But if you do it right it can provide a significant competitive advantage to your organisation.  We’re delighted to launch the CIO Service, which will help businesses to get the most out of their investments and move their IT estate forward.”

QuoStar has seen an immediate uptake of interest and has recently signed UK law firm, Blanchards Bailey to the service. The firm is already reaping the benefits of working with a dedicated CIO-level Consultant to drive their IT forward.

Paul Dunlop, Managing Partner at Blanchards Bailey, comments:

“At Blanchards Bailey we recognised the strategic importance of technology and its potential to deliver a significant competitive advantage and better client service. As lawyers, we don’t have all the necessary skills to achieve the results we want and therefore we partner with specialist IT firms to deliver the very best secure systems. We have recently partnered with QuoStar, to provide us with a Chief Information Officer Service, providing the board with strategic IT knowledge and expertise. QuoStar gives us the technical, operational, and strategic skillsets of a highly experienced senior IT professional, but on a basis that fits our firm’s needs and budget. We’re in the early stages of our partnership, but the initial reviews have already delivered dividends and we look forward to working with QuoStar on a long-term basis.”

Get more from your IT with a strategy, on-demand CIO-level Consultant: We help businesses to us IT to gain security, stability and a competitive advantage in a rapidly developing marketplace. Click here to find out more.

Seven reasons for outsourced IT support failure

7 REASONS FOR IT OUTSOURCING FAILURE

Outsourced IT support failure can be a huge problem for a business. However, when done right IT outsourcing can deliver numerous benefits to your business.

Like all large projects, the move to outsourced IT support is never guaranteed to be risk-free – but this guide to seven reasons for failure could help you mitigate those risks.

You only need to look a few years back to find some big-name failures caused by a failed outsourcing relationship – The UK Border Agency, BSkyB, the Child Support Agency and the Royal Bank Scotland are just a few.

One very pertinent example is TSB’s IT meltdown which followed a botched IT upgrade project involving the transfer of 1.3m customer records. Their outsourced IT support failure caused problems that spanned multiple weeks and many customers were completely locked out of their accounts during this time. TSB lost £330 million and 80,000 customers because of it – negating any cost savings this project was supposed to deliver the business. Not to mention the lasting damage this incident will have on the bank’s brand.

Situations like these highlight how important it is to select the right IT partner.

Engaging with the wrong one – or for the wrong reasons – could cost your company dearly in terms of financial outlay, staff morale, productivity and future performance. We have put together an honest list of seven common reasons for failure. These can apply whether you are outsourcing your entire IT function for the long term or have engaged a third party for a one-off IT project.

Remember it is a two-way partnership and both parties have important roles to play in the process.

1. Cost is the only consideration

Many businesses opt to outsource to simply reduce costs. This is typically already lining up problems from the start. Of course, the cost is a factor but value is more important than flat fees. As an example, many companies look to cheaper offshore companies without considering the potential issues such as communication problems, cultural differences, quality of staff or time zones. These areas can grind a project to its knees and almost always guarantee outsourced IT support failure.

Rather than simply choosing the lowest bidder or the one who offer the largest upfront discount, look for the provider who will deliver the highest quality of service. Take into account their previous record of accomplishment, obtain references from current clients, and look at the quality of the staff, the teams, their accreditations and experience. If you don’t know how to look at these areas with a complete understanding of all the factors then find a consulting firm that can assist in vendor selection. If your main criteria for selecting a provider is cost then you will get what you pay for.

A Cost Recovery Audit can help you reduce IT spend and get greater return on your investment. Find out how here.

2. Rushing to meet a tight deadline

As a simple example, if a 150 person law firm were to introduce a new practice management system we would typically expect the process to take around 12 months, from end to end. This would include things such as

  • Analysis of existing systems, people and processes
  • Vendor review and selection
  • Migration planning
  • Integrating legacy systems
  • Testing
  • Deployment and change management

Rushing to complete a project within an unrealistic deadline means one or many of these areas will be skimped on. This results in lower quality work and further issues down the line. Of course, situations do occur where you have no option but to operate to a tight deadline, but you should be scheduling plenty of time for a project. Also, remember to include some contingency. It is better to have it and not need it rather than letting a hurdle throw your timeline wildly off track.

3. Not seeing the relationship as a strategic partnership

In long-term IT projects and outsourcing, your service provider can become a valuable partner in achieving business growth. Try not to view IT-related tasks in isolation – or even worse, as a “necessary evil.”. If you do you will miss huge potential benefits.

4. Outsourcing the wrong functions

To gain the benefits of IT outsourcing you do not necessarily need to outsource your entire IT environment. This approach does not work for every business type and there are some situations where it may be better to keep some IT functions in-house. A good IT consultant will discuss these options with you and advise you accordingly. They won’t force you into a contract that is not quite right.

5. Failing to accept the need for flexibility

Technical advances and technology developments happen rapidly in the IT world, which can require a degree of flexibility. Agreeing to common-sense changes as the contract plays out will ensure you keep up with the latest advancements. That way your project remains relevant.

6. Poor communication can cause outsourced IT support failure in an instant

As discussed above, offshore outsourcing can cause issues due to language barriers, cultural differences and time differences. This can lead to your staff having to work extended hours in order to reach the outsourced team. However, some companies can have trouble with UK-based providers as well. It is important to make sure that all parties are on the same page. That they are working towards the same goal and the same timeline. Poor communication can seriously damage the outcome of an IT project.

7. Outsourced IT Support Failure can be down to Micromanagement

You will have chosen this IT consultancy to manage and deliver your project because you believe they have the skills and experience to do so – so let them use those skills. Of course, there should be regular communication between the business and the project manager. However, micromanagement just leads to bad feelings on both sides.

Build a good working relationship. That way you should be confident that the project manager will execute the work as defined in your contract.

Conclusion

Outsourced IT support failure is not limited to the biggest businesses. The issues outlined above could affect any organisation undertaking IT outsourcing. That being said, you should not let potential problems put you off altogether. Just keep them in mind when meeting with IT consultants to discuss outsourcing or project management. Trust is a crucial element for successful outsourcing. So, make sure your chosen provider is someone you can work in partnership with.

A cost-neutral value enhancement audit can show you if your IT support provider is delivering value. Click here to find out more

8 steps to get started with automation

IT strategy - 8 steps to digital transformation through automation

Digital transformation and automation are hot topics – they’ve been hot topics in one guise or another since IT was born. But despite their proven effectiveness and capability to enhance the way a business operates; many businesses only pay lip service to improving their internal processes in earnest.

Why is this? The two most common reasons are that either they’ve been burned by a project or initiative that was sold to them using automation and digital transformation tags as buzzwords which then failed to deliver substantial results, or they’re distracted by the more visible (but less impactful) new campaigns being generated by marketing or sales.

This obsession with searching for new horizons whilst leaving the internal business to fall into disrepair is seen all too commonly. Even in manufacturing, companies who have been improving their production processes relentlessly for decades seem to have forgotten to apply the same fervour for efficiency gains in the back-office. There are huge gains to be made from automation, but it must be business-led and with a focus on ROI.

So, how do we begin?

1. Understand where you are

This early on, you shouldn’t be looking at the tools to conduct your automation. Nor should you even be looking for external consultants. You need to instead get a general feel for what could be improved and what should be improved in the business.

This is a straight forward exercise of breaking down the business into its component parts –  typically into departments. Then list all the business operations/processes within that department, such as client onboarding, lead-processing, invoice processing and debt collection.

You should then break down these processes into steps and actions. If you can use a flow-chart then great, else just map it out in a way that the team understands.

Regardless of what method you use, it is imperative that you are as precise and detailed as possible at this point in your journey. Every concurrent step follows on from this one, so ensure you start on steady footing. The more detail you add, the simpler it is to see areas that can be automated which saves future you time and other resources.

2. Determine priority areas

As you go through your analysis you’ll start to see areas that can be improved quickly. You’ll also typically see that many internal processes can be broken down into two core types of task – actions and approvals.

Taking a typical and traditional expenses procedure as an example: An employee would open an expenses sheet and enter the details of their claims, scan in all their receipts, print the form and receipts, sign the form, hand it to their line manager, they sign-it, it’s scanned back in and finally sent to accounts for payment.

You can see from this that even with simple tasks, there’s a good deal of steps and many opportunities for automation. However, there are also some stages that are impossible to automate – the signatures are a notable example. These can still be digitised, however.

The real purpose of this step is to gauge how and where automation/digitisation can make an impact. By identifying processes that have wide stretches of actions which could be automated or lots of approvals that could be digitised you can create a priority list of tasks that you should address to have the biggest impact. The more steps and touches by people the greater the potential impact.

3. Look at technology

Thanks to the rampant rise of technology and globalisation, you are likely to be able to find tools and applications that fit your requirements relatively easy.

Of course, many systems will be able to take over many parts of your operations and the processes within them. If you can find one system that can deliver greater efficiency and ultimately customer service then it’s potentially going to save you costs, integration headaches and upgrade hassles.

On the flip-side it’s important that during this stage you find a system that maps directly to your requirements, rather than trying to change your operations to fit a system – which can happen with complete business systems that blend various applications and operations, i.e. Practice Management Systems in law firms, ERP in manufacturing, etc.

You may have to create a blend of systems to deliver a highly configurable system. As in essence you then get a much more powerful solution that will deliver you greater results and potentially a greater edge over your competition. Lots of tiny improvements soon mount up into a measurable advantage.

A clear requirements analysis is really going to help you see the gaps when looking at software solutions and systems. Do understand that it’s common to buy a total business system and then not use large pieces of it because those parts don’t truly map to your operations, i.e. you use the accounting and service elements but don’t use the CRM functionality – potentially using a 3rd party solution that integrates better.

4. Plan the project

Once you’ve mapped out your processes, bundled them into relevant categories, evaluated where the big wins will come from and have a solid system/application more or less identified then you have a clear starting point. Now it’s time to look at the project delivery.

A clear time-bound plan along with sensible milestones is essential to deliver returns from a digitisation project. You should be working in conjunction with vendors and (if relevant) developers, along with internal affected teams to create a project plan that you all buy into and approve. It’s important to of course consider costs, not just the hard costs but also the soft-costs – which will often make or break a project in terms of delivering a business-enhancing result.

If you are looking at numerous digital transformation projects, it’s important not to fall into the trap of rolling out too many projects at once or back-to-back. Too many companies go for fork-lift upgrades where they change numerous projects at once and that can cause fatigue and frustration in the user base at best. Create a considered road-map that will give staff time to become accustomed to new ways of working or new systems before undertaking more change.

5. Go hard on testing

Testing can never be overrated. You can only ever deliver an effective digital transformation project through a rigorous and considered testing plan.

Ideally, you’ll be able to pilot the new process or system in a real-time test environment. That way you can see the difference whilst ironing out issues as you go, prior to a wide-scale rollout.

This is increasingly possible now since many applications and systems are now cloud-based, allowing you to trial a system in a fully-fledged test environment without signing up for long-term contracts.

If there isn’t a way to preview the effectiveness of the new process or system, it’s important to agree what success looks like with the vendor far in advance of signing an order or contract. Too many businesses sign-up on a sales person’s promise. A project can fail because clear deliverables aren’t agreed at the start.

If you have stakeholders, i.e. users of the system, ensure that they are happy with the testing. Without stakeholder and user group sign-off you can find yourself surrounded by disgruntlement and finger-pointing. Make sure you tie everyone into success.

6. Go Live

Once you’ve signed off your testing and pilot as a success, it’s time to finish your roll out and go live with your new system. If you’ve got to this stage successfully everyone should be raring to go (communication is everything) and fully trained.

You should now be following your project plan as you bring the solution live. It’s also important to document and analyse any issues that arose along the way. Discuss them in a ‘lessons learnt’ session with the project team during or after the rollout. We all grow through difficulties, and our experiences can help those who follow after us on other projects.

7. Evaluate success

After you’ve delivered your automation project it’s important to formally look back to what your objectives were at the beginning. Did you meet them? It’s also important to do a formal follow-up meeting. Ideally once everything has been running for a few months and then maybe after the first year.

If you can clearly demonstrate the value and business enhancement over a period that’s exciting. It will also transform a boards perception of IT. It will drive it to the centre of the board agenda – which it should be right now.

8. Start again

Digital transformation doesn’t have a clear end. It’s all about continual improvement and so should in effect be a never-ending cycle. It’s very unlikely that the change you have instilled is perfect and can’t be improved.

If you want to grow your competitive advantage and/or profit margin you should be managing change as you go; whilst also revisiting the whole process in specific time-frames. This could be every 3 months, 6 months, annually or longer if appropriate (unlikely).

Ideally, now you’ve gone through the motions, innovation, automation and transformation should have become part of your standard operations. Your board will hopefully be demanding it.

Conclusion

Digital transformation is without a doubt a buzz term. In reality, it’s LEAN and continual improvement rebadged. It’s something every business should be doing in a structured manner to survive and thrive in a global business environment. The challenges are there, but you can gain than ther is to fear.

5 common mistakes mid-sized law firms make when choosing a practice management system

IT strategy - 5 mistakes law firms make when searching for a practice management system

The legal business landscape is still changing at pace and thus the firms within it need to change to protect their client base, their staff, their brand and their margins. IT systems and platforms now sit at the heart of every firm and are key to supporting these important areas.

Within the IT estate, the practice management system is king and generally includes other important solutions, such as case management, document management and CRM. There’s certainly a renewed vigour in the legal sector around technology and the practice management system is the place where most firms are looking for an advantage.

There are however several common mistakes which all sizes firm continue to make time after time when it comes to choosing a practice management system.

1. Following the herd

The legal sector is notorious for having a herd mentality, particularly around IT. It’s common to see firms choosing the same practice management system based solely on another firm’s decision. And sometimes, before that firm has even implemented it!

It’s a dated strategy, basing decisions on what others are doing rather than being driven by specific strategic objectives. Whilst 10 or 20 years ago, in a smaller, less competitive market, there may have been some merit from being in the same boat. However, in an ever-increasing competitive market, this is no longer a sound strategy.

It’s important firms choose new business systems on their own strategic objectives and/or operational requirements. And to do this properly they must understand what’s available in the market and what’s possible; however, this needs to be a continual process, not just a something done once every 5 to 7 years.

To achieve a competitive advantage and increased margins, you must map the right technologies to specific and documented requirements, both operational and strategic. This doesn’t mean ticking off a features list – it’s about being in control of the sale and having a concrete understanding of the desired business outcomes before even looking at software products. If a firm just follows the herd, they aren’t generally in control of their firm’s direction and the move to a new practice management system is often unstrategic. This will significantly impact a firm in a rapidly changing landscape.

 

Our CIO Service helps law firms to effectively select the best practice management system. Find out how our experienced, legal-sector specialist CIOs can help your firm. 

 

2. Not defining the business outcomes first

Many firms choose new practice management systems for a variety of reasons:

  1. Their old system is going end of life;
  2. Other firms (the herd) are moving to a new system or
  3. They’ve seen a shiny presentation that promises buckets of gold.

These are fundamentally the wrong reasons to be choosing new software and will often lead to failed projects – at least in terms of a return on investment or getting any sort of competitive advantage.

New software purchases should be driven by the business need, defined by the business strategically and led by the business board. Strategic objectives should drive the decision-making process and it’s important to define the objectives you wish to achieve post-implementation. It’s therefore essential to analyse and define the real business requirements upfront to ensure the right business outcomes are delivered.

Many firms also don’t know where they stand in terms of the maturity of their IT systems and capabilities, particularly how they use their systems.  It’s essential to do work upfront and baseline where they are now across areas of the business and defining the key project success factors on a departmental and firm-wide basis. It’s also critical not to simply focus on the fee-earning side of the firm. Marketing, business development and back-office functions are more critical than ever when looking at a practice management system.

3. Looking at one solution to fit all IT requirements

It’s common for firms to believe that using a single IT solution to deliver multiple functions is a sensible move. This (with the exception of the smallest of firms) is a significant mistake.

Practice management, case management, CRM and the like are important business functions and you will struggle to find a package which delivers great functionality in every area. Whilst one may deliver great case management and finance functions, you’ll often find other areas are mediocre. This leads to frustration in some departments and missing out on critical features that can deliver a significant business advantage.

Typically, firms should be looking at solutions to deliver for specific business needs. They need best-of-breed (balanced against budget and ROI) and shouldn’t be afraid to purchase new systems and integrate them the core line of business applications, i.e. their financial and case management systems.

There’s no harm in having in-built time recording or CRM but not using it and choosing a best of breed add-on solution if there’s a clear business case or return. Too many firms also end up changing their operations negatively to fit into a system, rather than choosing a solution that moulds to exactly what they require. This is quite possibly the worst thing you can do as it hampers growth, flexibility and innovation.

4. Viewing IT related projects as the IT team’s responsibility

Most IT projects these days are business improvement and change projects; practice management systems’ probably being the biggest business change project most firms undertake. Although a practice management system may be software-based and run on an IT platform, the outcomes are definitely business ones, be it generally operational or departmental. To push these projects to the IT team is therefore negligent at best.

IT or course plays their part, but often, particularly around Practice Management, they shouldn’t be leading the project. They have their responsibilities, but generally, they shouldn’t be solely accountable for the business results.

If a firm has a CIO, they’ll typically be the link that bridges the ‘business side’ of a firm and the ‘IT side’. Ultimately they’ll take overall accountability for successful project delivery. However, most mid-sized firms don’t have the luxury of a CIO.

With that in mind, it’s often sensible to build project teams and boards to own the delivery of a project, such as including key stakeholders, relative partners, departmental representatives along with IT. This way everyone has buy-in, rather than pointing fingers, shrugging shoulders and saying the change was forced upon them.

5. Not checking the contractual details and deliverables

Lawyers, of course, pay attention to the contractual details around the general terms of business when engaging with a software vendor. However, they often forget to ensure that the contract factors in successful project delivery, in terms of clearly defining the deliverables at various stages of the project life cycle.

It’s critical to define the stages and key milestones of the delivery, typically alongside staged payments. This certainly helps focus the mind of the vendor and ensures that expectations are managed on both sides.

Vendors will often link payments to key stages of project delivery. However, these staged payments are not typically in place for the firm’s benefit, but rather simply to ensure the vendor is paid. It’s, therefore, a good idea that a firm leads in defining project deliverables and what the measurements of success are prior to signing any deal.

These need to be documented clearly, agreed by both parties and then form part of the contractual terms. Too often are firms left with a solution that doesn’t provide any advantages over the one previously in place, because they did not define ‘success’ at the outset.

Firms need to understand that they are entering into a long-term partnership with the software vendor when they select a practice management system. Contracts are typically multi-year so pay attention to the vendor’s obligations, the service level agreements and where additional costs may come from. This is more critical now that many vendors are delivering their services via the cloud and thus firms are getting multiple services from traditional software vendors, not just software licensing and software support.

Looking ahead

I understand that firms do not change their practice management system very often but, when they do, see it as an exciting stage of transformation. It’s a big business change project and the risks are significant. However, the advantages are also significant if managed and implemented correctly.

I’d generally advise firms to seek some vendor-neutral, external assistance when considering a move, even if it’s just a half-day session to understand all the factors that need consideration and to show them what they don’t yet know.

Get more from your IT with a strategy, on-demand CIO-level Consultant: We help businesses to us IT to gain security, stability and a competitive advantage in a rapidly developing marketplace. Click here to find out more.

The Optimisation Contradiction: One key thing manufacturers forget when optimising their factory

Manufacturing - The Optimisation Contradiction: How to improve factory efficiency

It is well known that inefficient operations reduce margins and weaken your competitive position in the global market. It is also well known that manufacturers are famous for their dedication to cutting out inefficiencies wherever they can in their operations.

But whilst the shop floor has received the benefits of technologies such as robotics, softer practices such as visual management and initiatives such as lean, manufacturers’ dedication to optimisation is seemingly contradicted by how many of them have forgotten to apply the same fervour to another key area of their operations: the back office.

This is the Optimisation Contradiction.

Why should you optimise the back office?

What happens in the back office doesn’t stay in the back office. Inefficiencies here directly counter the rewards of your wins on the shop floor and since inefficiencies are often allowed to build up, their counterproductivity is multiplied.

As an example, there’s little point holding the shop floor to incredibly high-efficiency standards if at the same time as much as 68% of the paper being printed in the back office is unnecessary. Imagine if there was a 70% material wastage on the shop floor. That would be unacceptable.

So how can you make your back office a productivity powerhouse like the shop floor? We believe that through the intelligent application of IT, it’s not just possible but it provides additional opportunities to improve your firm.

How to make IT deliver an advantage in the back office

1. Embrace Software as a Service

Monthly instalments will give you more control over your IT budget, better-optimised software and often live support to assist with overcoming roadblocks. All of which keeps operations in the back office running smoothly.

However, there is some ill will towards Software as a Service (SaaS), as many manufacturers see subscriptions as more expensive.

The issue with this mindset is that it looks at the software in a static point of time and ignores the continual updates and support SaaS applications have. When you buy a one-off piece of software, you get what it is and nothing more. Any bug fixes, feature updates or integrations will need to be acquired separately, either as an add-on or as part of the next major release. When you buy software on a subscription, you get continual updates and new features as standard.

2. Categorise and control your talent

To complete work effectively, you need people with the right skills in the right place. This might seem obvious but so many firms fail to assign their talent optimally – probably because they’re trying to assign 100 people with different skillsets to 20 tasks which require different combinations of these skillsets. It’s impossible to do in your head but IT systems excel at this sort of thing.

With a talent management system, your HR team can see exactly the skills each employee has and therefore allows you to intelligently recruit whilst controlling and developing your existing talent. Employees also gain visibility into their training program – resulting in greater engagement.

By managing your talent pool this way, it leads to a better-skilled workforce, better allocation of these skills and an overall more engaged and efficient workforce.

3. Optimise processes with ISO

Every manufacturer should have already strived to ensure their shop floor processes are to ISO standards, but few turn their sights to the back office once this goal is achieved.

In the back office, ISO 22301 and ISO 27001 are the two key accreditations.

  • ISO 22301 is about minimising IT downtime and ensuring data integrity with redundancy and network resilience, and backups and encryption.
  • ISO 27001 is about securing your assets (personal information, intellectual property e.t.c.) through policy, software and hardware with the aim to prevent an intrusion or breach.

If you do decide to proceed with accreditation, an external consultant can help you to identify and resolve any weaknesses before the assessment process. Once you’re adhering to ISO principles and have become ISO certified, you’ll not only be far more resilient against disruptive incidents which threaten your efficiency and productivity but it’ll be easier to pick up business since it’s proof of your dedication to continual improvement.

4. Secure your position

In March 2019, Norsk Hydro – a global manufacturer of aluminium – was hit by the LockerGoga ransomware. The malware spread from the back office into networked machines on the shop floor and ended up impacting global processes, forcing the company into manual operation mode. Overall predicted losses were £41.2 million.

To put this into perspective, Norsk’s quarterly sales volumes for Extruded Solutions were 333,000 tonnes. Factoring in the losses equates to an increased unit cost of £123.72 per tonne or 12.4 pence per kilogram. Cleary a massive hit to the bottom line.

Cyber-security in the back office should now be important for obvious reasons. But despite being essential, some companies negligently assume they can get away without basic security in place. Typical areas of negligence are multi-factor authentication, patch management and rights management – the lack of even one of which instantly compromises the optimisations you’ve worked so hard for, not to mention endangering your reputation.

If you want to improve your security posture but don’t know how then Cyber Essentials accreditation is a good place to start. You’ll need to go beyond this since it only addresses the basics so something like ISO 27001 should be your true goal since it’s much more robust.

5. Digitise and automate

Another clear sign of the Optimisation Contradiction is that whilst manufacturers have strived for 100% automated shop floors in their quest for efficiency, they have at the same time forgotten to automate and digitise even the simplest tasks in the back office.

For example, even something as simple as obtaining a signature requires a long, physical process. First, you would need to print and hand over the paper for the person to sign. Then, scan the document to send a digital copy to the requester and shred the physical one for security. Finally, upon arrival, the digital signature would be stored in a safe location. With e-signatures, you can remove the physical processes of printing, sharing and shredding.

Automation can also help tackle highly repetitive or routine tasks in the back office, to free up time for more strategic, value-add work. By implementing automation in the back office, you should see more KPIs being hit and a more efficient workforce overall.

6. Modernise legacy systems

The general rule for hardware is you should refresh laptops or PCs every 3-5 years and servers every 4-5 years. Whilst it’s tempting to sweat IT assets, the lost efficiency and increased volatility means doing so will likely cost you much more than you ‘save’ by not upgrading.

Updating hardware allows back-office workers to work much faster. Less waiting and more responsive systems result in more streamlined workflows and therefore higher employee uptime.

But it’s not just the raw speed and efficiency values to look at. There’s also the matter of reliability. As hardware ages, it rapidly becomes more prone to failure. A study undertaken by Google revealed that one-year-old hard drives have an average failure rate of >2%. A figure which quadruples to 8% by the time the hard drive is two years old.

The wasted time and potential for data loss due to ageing hardware is something to bear in mind when considering the cost of an upgrade. Ask yourself if you can afford to spend time recovering or recreating key data and then decide whether you should upgrade to current hardware.

7. Make things lean

Much like the ISO standards, lean is something many manufacturers already apply to the shop floor, but you can gain similar benefits in the back office. By managing the IT systems in use, eliminating excessive bureaucracy and redistributing talent and resources, you can create major improvements to efficiency.

Lean in the back office ranges from small changes such as moving the office printer into a more ergonomic location to undertaking upgrades to IT infrastructure and setting up a rolling upgrade cycle for hardware.

Performing a thorough analysis of back-office functions against lean can give you valuable insights into where problems are arising, allowing you to make genuine process improvements and cost savings.

Below is an infographic to help you with applying lean in the back office.

Applying lean can help with improving factory back office optimisation

In summary…

To truly improve the efficiency of your firm, you need to be directing attention to the processes and systems both on the shop floor and in the back office. It’s easy to think that processes not directly related to production have no influence on efficiency, but they do.

Is your business ready to hire a CIO?

IT Strategy - Is your business ready for a CIO?

What is a CIO?

If you don’t know what a CIO is, or want a refresh, check out our existing article on the role of a CIO. Since this article is aimed at businesses who are aware of what a CIO is but want to know if they need one, we won’t be covering it here.

Does my business need a CIO?

A widely held notion is that only large, multi-national corporations need the service of a CIO. This may have been true a decade or so ago, but with IT now central to the whole business it’s no longer the case.

The skills of a CIO are now useful to any size or type of business from a 50 person legal firm to a 300 person manufacturing business.

So then, if every business can have a CIO, how do you know if you need one? Here are some key indicators you can look for which show you’re ready for a CIO:

1. You lack the information to make business decisions

When there are plans to make a change in the business, a lack of data and information can plunge even a good idea into uncertainty. Lacking the knowledge for major IT-related business decisions results in project delays. And when the time does come to choose, it’s a decision made on the promises of a salesperson rather than on proven facts.

These factors often limit the scope and effectiveness of projects. Resulting in a lower value or poor performing outcome.

A CIO helps by de-risking the decision-making process. By using their knowledge of technology and the wider business, they can find a solution that has its base in hard facts and proven performance, rather than going by guesswork and hope.

The CIO also gives an amount of certainty to making IT-related business decisions. This can help drive change and adoption, giving you an edge over your competitors who may be uncertain about how to review and apply new technologies such as AI or initiatives such as process improvement and automation to their business.

2. There is friction between departments

When one system or department’s poor performance and operations restrict the ability of another department to get work done, animosity and frustration can arise. This friction is often made worse by siloed departments. This causes rifts of communication, priorities and strategy to form and makes employees feel like they are fighting against their co-workers to get work done.

By being a mediator who ties together the IT and operations sides of the business, a CIO can help reverse this friction. Producing a unified strategy and operating environment means employees will be working towards a complementary outcome. And since everyone will be working in tandem, the likelihood of bottlenecks forming is also reduced.

Finally, because the CIO is in a neutral position, not aligned to any specific department they can be an impartial judge over which department is in the most need of IT resources and systems.

By relying on the facts and listening to each case, they can determine whose requests and priorities to address first. Rather than having each department claim that they are in the most need.

3. There are regular complaints about IT system performance

When constant IT issues are occurring, employee performance will decrease. For a 40-employee firm, even five minutes of disturbance per employee per day will waste over 16 hours a week.

A CIO will listen to the complaints being made and use their knowledge to identify and address the root of the problem. Be that through their own team, a service provider or a software vendor.

This not only minimises employee’s frustrations but it also improves their efficiency. Making a difference to your bottom line.

A CIO can also help you understand where issues might arise in the future as your business grows. They have the expertise and experience to know when you’ll meet friction and pain from an IT or operational standpoint. Allowing them to smooth out the road before you get there.

4. The business is going through a period of change

When your business is experiencing change (moving premises, going through a merger or acquisition, moving to the cloud, expanding teams, e.t.c.) there can be uncertainty around the potential threats which arise and unseen opportunities which pass by. Large scale change in the business’ use of IT can also create unease from a strategic standpoint.

A CIO has the experience, skills and expertise required to get things done in this situation. And thanks to their knowledge of both IT and business, they’re able to take advantage of the opportunities and mitigate the threats which may arise during a period of change.

5. You don’t understand the benefits IT can bring / You see IT as a necessary evil

When a business sees IT as a necessary evil, it’s inevitable that they’ll commit the least money, time and effort towards it. But businesses which do this only end up handicapping themselves since IT is not only ‘a cost’. Instead it’s the main area where you can gain a competitive advantage in the modern business arena.

The ‘IT is a cost’ mindset arose in the early 2000s due to a decline in business intelligence and a lack of understanding in what IT is. Investments were being made based on trends and hype, not fact. And when people were burned by their mistakes, it leads them to think of IT as a waste of resources.

The CIO helps bring back the business focus and knowledge that so many businesses have lost. Allowing IT to once again become a performance enabler.

Through wise technology investments, addressing deficiencies and ensuring that the IT strategy aligns with the strategy of the wider business, the CIO can re-kindle faith in IT and drive it back into the heart of the business, where true business gains lie.

6. No one in the C-suite is excited about IT

When there is no interest, there is no innovation.

There needs to be someone on your board who is excited about the potential of IT. Without this momentum, you risk projects being put on the backburner or dropped altogether. Slowing your pace of innovation, or even causing stagnation.

So in a world where you either innovate or go out of business, the CIO’s interest and proven experience in technology are vital.

By staying abreast of the latest trends and opportunities a CIO can ensure you’re always getting a business advantage. And with their understanding of the business applications of IT, new technologies and systems can deliver improved business processes and productivity. Giving you a competitive edge.

How big of an investment is a CIO?

To hire an in-house CIO, you can expect to be paying a salary of ~£150,000 per year. And for a highly qualified candidate, up to £240,000 per year – almost a quarter of a million.

A CIO’s salary is likely to eclipse that of any existing senior IT employees you already have such as an IT Director or Chief Technology Officer. It may also surpass many of your other C-level executive’s salaries as well. This is because the role demands a blending of technical and business knowledge alongside at least a decade of experience in similar roles and so employees can command a premium for their employment.

If you’re unable to part with this much cash or are already concerned about cash flow, you may now be thinking that a CIO is out of reach. Fortunately, there’s a second and increasingly popular route: a CIO service.

Because a CIO service has many clients, you get to benefit from the economies of scale which allows prices to be much lower on average.

Combined with how you only pay for the time you use their consultancy, rather than a yearly salary, a CIO service will typically be far more accessible than an in-house employee; all whilst offering the same benefits.

Get more from your IT with a strategy, on-demand CIO-level Consultant: We help businesses to us IT to gain security, stability and a competitive advantage in a rapidly developing marketplace. Click here to find out more.

5 easy ways to streamline your business

IT consultancy - How to streamline your operations

Running a business can be difficult, particularly when it goes through a rapid growth phase. As a business owner, you may be feeling overwhelmed, overworked or just not as efficient as you know you could be. To remain competitive, businesses must boost operational efficiency, this is especially true in the SME market where organisations may have more limited resources. Efficiencies can be gained in a number of places, but here are five areas to start with.

1. Reduce paper usage

Reviewing your paper consumption and usage is often one of the quickest ways to streamline your business. Paperwork can quickly pile up and increase waiting times – internally and externally. Trace the paper trail and ask key employees:

  • What information do you add to the paperwork and why is it needed?
  • What information do you take from the paperwork and why do you need it?
  • Why is this paperwork important for your job?

You may find that while the information is necessary, individuals do not necessarily need to have paper copies. One way to address this would be to look at document management solutions that would allow you to make the move to start digitising information.

Document management solutions can help your business to operate more efficiently by putting documents at employees’ fingertips instantly and providing an easy way to categorise, store and organise documents. With the right solution, you will be able to scan documents in a matter of seconds, and use workflows to automatically route that document to the right folder or person. When choosing a solution some of the things you will want to look for include: being able to create customised workflows that fit your business operations, easily search scanned documents and assign access levels by employee role.

File cabinets and storages boxes can also take up valuable office space – or even be an additional expense if you require offsite storage. So you should look at using a document management system for the long-term storage and retrieval of documents. Not only will this save floor space, but could prevent staff from having to make trips to and from your offsite storage to retrieve documents – saving you both time and money.

2. Outsource

Businesses of all sizes can benefit from outsourcing, whether that’s choosing to outsource their finance and IT support or HR and marketing. There are a number of ways your company can benefit from outsourcing. When done correctly it can help your business to run more efficiently and reduce costs. For example, outsourcing tasks will allow you to focus on business growth, without sacrificing quality and service in the back office.

For small businesses outsourcing can help ensure certain tasks (such as billing) are performed at a consistent and affordable rate. It can also help reign in the spiralling operational costs of certain departments in larger organisations. If you suspect there is an area of your business that could be more efficient, scope the requirement and desired outcomes, and investigate potential options.

3. Automate repetitive tasks

Does your business have a lot of time-consuming tasks which need to be performed on a regular basis? Do you have to use multiple systems to complete single tasks? Look to see whether these tasks could be consolidated, so they can be performed with a couple of clicks. See whether you can use workflows to automate processes, freeing up your staff to focus on higher-value tasks. One example could be billing emails. If you send regular reminders to customers about direct debits or upcoming payment dates automating this process could save you hours.

4. Develop a long-term technology plan

Replacing outdated or ineffective hardware can majorly impact your employees’ productivity. You can minimise or reduce these disruptions by planning for the long term. You should determine your short and long-term business objectives, and map where technology solutions can help you achieve these.

5. Reduce unnecessary travel time

While face to face meetings are an important part of a business, they are not necessary for every situation. Particularly where you might have customers spread across the country or even the globe. Time spent travelling is typically less productive, and any time saved can be spent on higher-value tasks.

Nowadays it is straightforward to talk face-to-face virtually with video conferencing and collaborate via screen and application sharing using systems such as Skype for Business. Of course, the price points do vary so mapping technologies to their correct applications are crucial. Additionally any out of the office training seminars, conferences or exhibitions should be reviewed on a cost-benefit basis. This is not to say you should stop employees from attending these events – as they can deliver high value. Just ensure you’re choosing ones that will help your employees meet their objectives.

These five areas are just a starting point there are many other things you can go on to consider. You can also review software, recruitment, remote working, mobile access and communications. Remember to evaluate the impact each area will have on your bottom line and how it will impact your employees, suppliers, business partners and your customers. If you commit to taking the time to streamline your business operations, you will see the results take shape.

Discover how to reduce IT costs and get a better return from your spend. Click here to find out more about QuoStar's Cost Recovery and Value Enhancement Audit

How to choose the right document solutions provider

how to choose the right documents solutions provider

Managed print and document solutions can bring a wealth of benefits, including increased employee productivity and efficiency, the ability to maximise billable hours, and greater document and data security. But in order to truly harness these benefits and enhance your operations, you need to choose the right print and document solutions partner.

Many companies will feel under pressure to simply pick the lowest cost option, or are blinded by a dazzling list of benefits which seem impressive on paper, but in reality, don’t quite deliver after installation. This why it’s critical to do your research, to ensure you’re choosing a solution that delivers a return on your investment, beyond simply the cost per print.

How to choose a solution that suits

The Installation Process

If planned and executed correctly, the impact of installation on day-to-day management and activity should be insignificant. If the print and document solution takes days to install and is difficult to integrate with your other applications, then it’s only going to have a negative impact. In the short-term, it’ll be costing your firm on the bottom line and will damage the end user’s perception of the solution. Inefficiencies will swallow up any potential returns in the long-run as users try to find a workaround for the solution.

How Does It Integrate?

If the platform will only integrate with a few pieces of third-party software then it’s going to be a struggle. Or it will become more of an expense in the long run. You want a solution that fits your needs and operations. Not one that you have to work around it, or which restricts future decisions. In order to truly integrate, you should be looking at firms who truly understand systems, and who can analyse your business and operations. You don’t want a provider who only looks at printer location and the cost per print. This is where so many traditional copier businesses fall down.

Flexibility

Your chosen print and document solution may integrate perfectly with your current infrastructure, but you don’t want it to affect software choices you make in the future. Otherwise, you could be left with an ineffective, cumbersome solution. Or have to pay out to start this whole costly process again. The right print and document solution should, as your IT infrastructure does, grow with you, allowing you to capitalise on new opportunities and changing markets.

Management & Long Term Planning

When most law firms receive a proposal from a print provider, the first things they will notice is a lower cost per click, due to standardisation, and a drop in paper consumption and waste. Whilst these are positives, there is only so much you can gain without further optimisation. You can achieve greater productivity and efficiency through scanning solutions, but this takes time, planning and ongoing management. Many print providers simply don’t have the knowledge to deliver this properly.

You need a provider who is in it for the long-haul, who will take the time to learn end-user trends and revisit the solution to see where they can change processes and automate staff functions. These are the areas which will make the solution completely bespoke and will enhance your margins. The provider needs to stage the solution, with every step optimised before progressing to the next. If a print company tries to deliver everything in one big project then something is probably not quite right.

Ask yourself, what do you want to achieve from this process? Do you just want to achieve quick wins? Or do you want to also optimise processes for ongoing operational and margin improvement? The answer to that question should give you an idea of what sort of providers you should be engaging with.

NEXT>> 9 ways law firms can reduce costs with managed document solutions