Whether through their desire to mature business processes or fulfil compliance obligations, organisations are increasingly challenged by the overheads of maintaining multiple management systems and retaining their certifications. The seemingly administrative task of managing document sets is complicated by the differing lenses – risk, cyber governance, information lifecycle, privacy, quality, etc. – through which different information management systems view the same core policies and processes.

Management System Obstacles

Our clients frequently describe near-future compliance requirements as the main driver in adoption of a management system. The close horizon for these projects often produces a management system which is insular and focused solely on a specific customer compliance requirement. Supporting broader business objectives can be an afterthought.

As the organisation grows, additional management systems are added, but the lack of communication and coordination between these systems results in duplication of processes and documentation, and confusion as to precedence and scope.

Systems are frequently developed and managed by separate business teams, resulting in increasingly costly fiefdoms which duplicate effort and inflate the costs of maintenance.

Common Challenges

We have found that clients experience similar hurdles in operating multiple management systems and retaining their certifications:
+ Relinquishing certifications due to costs and complexity
+ Duplicated and conflicting documentation, processes and policies
+ Inflated audit costs and associated downtime
+ Management systems locked into organisational silos
+ Little appetite to adopt new standards due to existing overheads
+ Poor staff engagement due to a jigsaw of unconnected processes
+ Lack of clarity as to the capabilities each system governs
+ Focus is on keeping the plates spinning, rather than advancing

Pain Points

The lack of coordination across multiple systems, or the failure to future-proof a single system in an organisation wanting to expand, results in common pain points:

Integrated Information Management System

To address the difficulties in maintaining a suite of management systems and then stretching to adopt further standards, we recommend an Integrated Information Management System (IIMS), which synchronises all your activities.

Firstly we work with you to understand your business and its objectives. Once this context is analysed, we review your system suite to identify:
+ Existing capabilities
+ Common processes
+ Duplicated policies and documentation
+ How staff resources are applied to system maintenance
+ Existing audit structures
+ Current benefit realisation

Capability Framework

A core component of our Integrate Management System approach is a Capability Framework. The capabilities framework maps and details the business functions in each system: processes, controls, services, knowledge sets. This then becomes the common reference point for each management system to describe key functions.

Maturity Model

Paired with the Capability Framework is a Maturity Model. This provides an at-a-glance assessment for each capability of its:
+ Implementation status
+ Efficiency
+ Effectiveness
+ Calculated maturity level

The maturity model provides management with an easy to understand view of the strengths and weaknesses in your business processes and controls. This simplifies decision making on where to invest resources to strengthen your business.

Best Practise Foundations

Vital Advisory’s IIMS, capability framework and Maturity Model have been developed in alignment with  aligned with best practise models, such as ISACA’s COBIT model, to ensure that effective governance structures are in place, regardless of the business line you are in.