All right, so now let's talk about business process reengineering. The idea with this is that
organizations are always in need of
tweaks and adjustments to the way they do things.
Unless the organization's been around a very long time and has extremely well defined processes and procedures,
there's almost always some area where there is room for improvement.
So BP are gives us the ability to make the business more efficient over time, as your employees and workers gain more experience that can do their job well quickly with less errors,
basically raising their productivity after they reach a certain level of competency.
You could also consider be PR as being a way of introducing improved techniques
there might be might think of instances like manufacturing
where microchip manufacturers
improve their techniques on a regular basis every two years or so. The speed of the
processors and all of our PCs and laptops takes a significant jump. Sometimes it even doubles
and these air, because of new techniques come along. Maybe there's ways to fold multiple step processes into one step
because of some new tools or some new technology,
So that's a definite goal
be PR is important when we have new requirements,
so there might be a situation where organization has certain products and service is.
But now there's something new on the landscape or something new that their customers want, so they've got to rethink how they do things in order to satisfy that demand.
So what does the goals of
PPR and at the high level,
we're talking about continuous improvement,
any any adjustments, any tweaks.
Any rethinking of existing
processes is potentially going to be helpful.
We don't want us to get stuck into the mindset of doing something the same way
all the time because that's the way we've always done it. That's an easy, easy trap to fall into. We've always done it this way. It's been working fine for 10 years. Let's just keep doing it that way.
That might be fine, but if you could take the attitude of looking for ways to improve and become more efficient,
and possibly that helps the business
overall, Thio improve itself
financially, gaining more market, share new customers, who knows what the limits are there. We also have to remember that change introduces new risks,
so just because we find a better way of doing something doesn't mean that
that we haven't solved one problem and created two new ones.
really important to tie back to something like change control and doing business impact analysis.
So if you're introducing some new process, some new
there has to be some study conducted to make sure that that
new way of doing things doesn't break something else that's already in existence.
It doesn't open up some vulnerability that wasn't foreseen when the change was being proposed.
But, of course, that ties back to our security controls,
especially as it relates to them being continuously monitored.
If we're continuously monitoring the controls,
then we make changes to the environment. There should be some evidence of those changes
in the in the monitored controls. And maybe that can be correlated to know if your change was a good thing or a bad thing.
Any time you make an important change, always want to have a rollback plan anyway,
so that's something good to kind of close that loop a little bit. So
how do we go about BP? Are any structure way?
One way to think about it is to think big to think outside the box
if you're your organization, does seem certain things from certain tasks or provides products, and service is
an interesting concept. Would be, too
to basically try to wipe your mind clean to say I don't want to rely on anything that already exists. If we had to design this from from scratch right now, how would we do it?
accomplished the goals of the business without using anything that's already been done before.
And that might be a great opportunity to bring someone new into the situation. Who doesn't know how things were done before so they don't have that stuck in their mind, as as a reminder which may, you know, lead them down the wrong path.
Another approach is to do what I was mentioning earlier and more of an incremental approach where you look at all of your processes,
document how they work
see if there are little areas where you might be able to make small little improvements.
Maybe a few percent here, a couple of percent there.
All that might add up to a significant change if it's done carefully.
One down side with incremental approach is that
it might be easy to get lost in the details documenting the current process. And that might take a lot more time than
I'm just trying to redesign from scratch.
The thinking big idea anyway
doesn't hurt anything if you're just
putting ideas down on paper or discussing it.
So incremental is good as well,
because that's a more natural flow for the way most people think.
Like Oh, I just want to make a slight adjustment year, a slight adjustment there.
Another option is to use a hybrid approach,
meaning that you're you're looking from the top down, trying to get the big picture, but also trying to make incremental adjustments
so that you're not starting completely over. But you're trying to blend the best of those both worlds. You have to have a reasonable body of knowledge in order to
be successful at doing V P R.
For instance, having up to date skills for auditing makes sense.
You wouldn't want to attempt
business process reengineering if you're you're auditing skills were a little bit rusty
having the sea, I say
audit skills that we've talked about looking at the ASAC, a code of ethics.
to go about the methodology of auditing information system
would be an important consideration as well.
Knowing howthe company works like that, what is their business logic? Where the moving parts involved?
How do you analyze that in a way that makes sense,
especially when you have requirements to measure something and to provide proof
your analysis show is there could be improvements if we change this or if we change that.
Being a good people person doesn't hurt,
since you may have to interface with various different people all the way from CEOs down to, you know, regular users on the network,
asking them questions, trying to get them to cooperate,
getting useful information that you can pull together as your evidence
to support your opinions. All right, So if we're trying to apply the
the guidelines for BP are we have to think about different types of steps. Here
we have six major steps. First we can start with envisioning.
So here we're trying to say that we we can see if there's a need
to improve something.
We're trying to get a better return on investment
with a project plan and some other details that we think that we can modify this or this or this or redesign that
and produce some better result
after it's all completed.
So some deliver balls to think about. They're trying to find a project champion, someone who can work with you
to remove obstacles and to advocate for,
again, dealing with a project plan
to find your scope to find your goals and your objectives.
That way, it's clear to anyone who looks at this documentation. Here's where you are now here's what you're trying to accomplish. You can get to some other place,
and it helps with the person doing the work to keep track of where the hour of the process as well. Then, of course,
describing all the other deliver bols that are expected
and as much detail as possible is going to be helpful to anyone looking at this. And
if you're trying to get people to help
showing them good, detailed documentation to build confidence and make them want to be part of the project
after we envisioned, then we have to think about initiating
talk with your sponsor that you, you ah,
start to work within the first step
and agree upon some goals.
If you can agree upon the goals, then you could start going about the process of gathering the evidence to support
some deliverables to think about here,
looking at internal external requirements,
maybe doing a business impact analysis or business
trying to show that if we change
the way we do things, we can make an extra 10% profit or something of that nature.
Put together a formal project plan.
Find out how much your your sponsor or the project manager
how much authority they have to actually help you make changes.
Look at your profit and loss statements.
details like this to work with, you can say
we're spending this much money on this. If we do this project that I'm proposing, we'll end up spending this much money, which is hopefully less
and then try to get your sponsor to sign off on your project charter
showing that they truly support the effort.
And I'm not just giving it lip service
and we move on to part three
of the of the application where we diagnose
problems, So this means you're studying the processes
in a very low level detail. Try and understand
where the value comes from and doing things the way they've been done before.
That helps to identify areas where that might be able able to be improvements instituted
some deliverables to think about here.
Try to document the existing processes best as you can
again, this could be it an area where things might slow down, but it's worth
doing because you wanna be able to compare the existing process with the one that's being proposed. As as the new process,
Try to find a way to measure the performance of the individual steps
in the process. The current process anyway.
If you could do this, then it should be easier to show where the improvements might be. Once the process gets redesigned,
then you're trying to look for ways to add value to your customers, to your users, to your management, to the bottom line,
wherever, wherever the value might be.
Also, you want to find those areas in the procedure of the process that do not add value
so that you can consider redesigning those separately, or maybe even removing them all together
because there might just be taking time and effort without any changeable benefit. Then you also want to think about what are the attributes
that are defined that show that this is a process does provide some value, does provide some meaningful use to the organization,
moving on to part for where we think about redesigning the process. Now that you've gathered some information you've done, the analysis have diagnosed the problems
that you think the process has
and you can consider redesigning. It may take several attempts at redesigning before you get a solution that works everyone's satisfaction. That's normal and expected
it would be very difficult to just redesign the first time and have everything be great unless you've been doing the work for a long time and you have a
some brilliant insight. Most likely, there will be some it orations that will have to happen,
but that's okay, so you analyze your alternatives
when you come up with a solution, you build a prototype, do some testing,
do some more analysis and determine if
the prototype is a successful replacement for the process that was
and then you formally document
the final redesign. Once you've determined that that's going to be a suitable alternative,
then we move on to the reconstruction so you can take your process. He's apart
and put them back together. By following the BP. Our plan,
you might have instructions that were generated. Say that we
you want to start every process over from scratch. We're going to
just just regard any existing processes and start with the top down approach that has talked about earlier.
Or you might say, Well, we're gonna We're gonna go with the bottom up, incremental approach and look at every process documented and figure out where we can tweak it and where we can change something. Thio provide some small improvement,
hoping for a large net improvement once that process is completed.
So deliverables to think about here
having a conversion plant
paying attention to dependencies. If you're going to redesign something, you have to make sure that you don't break something else in the process,
so process a depends on process. Be when understood, redesigning process be I need to keep process a in mind. Otherwise, something will break between those two dealing with change control. That's an important consideration.
Making sure that you're
monitoring the progress of the BCP.
I'm sorry, the B p r.
Making sure that that if you do design
something new or you redesign an existing process that you have training materials or training program ready to go,
it would be foolish to redesign a process without educating the user's off that process as to what to expect.
How did they do things differently now than the way they used to do it To support the new way, the new method.
And of course, you want to be able Thio set up a pilot.
This means that you're going to potentially run the new process in parallel with the old process. Have some people use it, have people test it, make sure that it actually performs as expected.
Then you can finally go for some formal approval by the sponsor of the project,
getting them to sign off, to say that we went through all the appropriate steps and this looks to be a good solution, so we're gonna move forward with that.
All right. Moving on to be PR step number six where we evaluate
this isn't an important step because now that the process has been redesigned, you gather all your evidence putting into production.
You need to start measuring the performance of this process
and finding ways to contrast that with the performance of the previous process.
Would then close the loop to show that this was a worthwhile effort.
You did all the research. You found all the details you needed to gather all the evidence required.
Did the analysis redesigned redeployed something new? Now you're measuring it and you find that it actually works, and it's
generating the improvement that you was expected.
So some deliverables to think about here, comparing the forecast to the actual performance.
So you you expected a 10% improvement
in the time, or maybe profits. But the process redesign actually produced a 12% improvement. So that will be a great result to achieve
trying to find those lessons learned the post boredom, if you will. What did we discover when we were redesigned? This process that we didn't know before?
How can we use this information for the next be PR exercise? That will be good documentation tohave.
And then, of course,
we have to make sure that your quality assurance process or program works with the new process to make sure that everyone is aware of it properly trained
and that it's being monitored for problems just like all the other processes in the organization.