Part 1: SAP S/4HANA® Implementations: What’s Trending? A Report from GRC 2018 and Financials 2018

The 2018 GRC and Finance SAP Insider Conferences featured a wealth of knowledge and insight around new areas of interest, including SAP S/4HANA updates, Central Finance strategies, the importance of managing risks during S/4HANA implementations, and some newer topics around General Data Protection Regulation (GDPR), lease accounting (IFRS 16 and ASC 842), and SAP’s big announcement of the upcoming GRC 12.0 version (more on that in a separate post).

Out team spent time delivering and attending the conference sessions, and our key observations on what’s trending across the industry are compiled in a five-part series of blog posts.

In part 1 of this blog series, we’ll discuss the importance of proactively addressing implementation risks during S/4HANA migrations. We’re starting with this topic because we’ve been hearing that more companies are in the beginning phases of the migration process, or are already in the implementation path, and it’s important to know what to expect from a risk management perspective.

Ronan O’Shea, our ERP Solutions global lead, delivered an insightful session reviewing the different responsibilities of the business during a system implementation. As he pointed out, systems must be designed from the outset to support the business. Organizations cannot expect system integrators (SI) to develop these designs alone, as SI are technical experts – not business process experts. This is why the business should be responsible for defining the vision and operational expectations for the future state of each business process that the new system will impact.

During his session, Ronan shared key system Implementation Statistics, including:

  • 74.1% of ERP projects exceed budget
  • 40% report major operational disruptions after go-live

What do you do to ensure your implementation does not become a part of statistics like these?

The role that the business plays in an ERP system implementation is at least as critical as those played by IT and the system integrator (SI). The business owns the top four risks on an ERP implementation:

  • Program Governance
    • Misconception: The SI will manage the governance of the entire ERP implementation.
    • The truth: Typically, it is beyond the scope of the SI to provide the level of management needed to oversee the implementation end-to-end.
    • What should companies do? Establish a comprehensive PMO structure that manages the program beyond just the SI deliverables i.e. it includes things like:
      • Oversight of business and IT resources
      • Management of other vendors
      • Open engagement with company leadership on the risks and issues within the program
      • Unrelenting commitment to the transformation goals of the program.

These implementations are complex and have impact across many functions; the incentives of different parties must be checked and balanced.

  • Business Process Design
    • Misconception: The SI will guide us to adopt leading design practices baked into the software.
    • The truth: The requirements and design of the future solution emerges over time (if at all), leading to rework, changes, delays and missed user expectations both pre- and post-go-live. The SI is primarily a technical expert and not a business process expert.
    • What should companies do? The business retains the responsibility to define the vision for what to expect operationally of the new system with regard to each business process. This vision can take the form of:
      • Future-state end-to-end process flows that outline the automation level expected
      • Governing business rules (e.g., customer price calculations, cost allocations, tax computations)
      • Data requirements and event triggers for integrations to other systems
      • Controls and contingency or exception workflows
      • Who takes action

Take your time to define this vision so that you have a baseline against which to evaluate the technical solution delivered by the SI and make sure you are meeting your transformation objectives. Assess process owners’ awareness and understanding of key design decisions’ expected outcome.

  • Data Conversion
    • Misconception: Data conversion is a technical task with no business involvement and we can just move the data from legacy to the current system.
    • The truth: Companies leave this activity till too late, without any business involvement resulting in incorrect mapping of data and poor data quality that cause delays in implementation and impact operational effectiveness of the new system.
    • What should companies do?
      • Review the plans and design for the overall information strategy, data governance and data conversions and ability to ensure complete and accurate data will be available at Go-Live
      • Perform project-specific quality assurance procedures
      • Provide recommendations for longer-term initiatives to maintain data quality

Data is key, the business should treat data conversion design and data cleansing as a top priority work stream and take operational and audit considerations into account. The business must establish strong data governance that extends beyond successful rollout of the new system.

  • Organizational Change
    • Misconception: Organizational change is training, right?
    • The truth: Users and business process owners are unprepared to participate effectively on the project, business requirements, design, testing, training and adoption. Lack of focus on building user and management support, adoption, and readiness leads to ineffective and inefficient processes, and post-Go-Live disruptions, regardless of the quality of the system implemented.
    • What should companies do?
      • Examine user adoption / enablement plans for the system and processes, including ongoing user support and training processes, process organization change, and process performance measurement.
      • The business must plan to develop policies and procedure and define new roles and responsibilities as well as delivering practical training.

Prepare the organization well for the transformation project you are undertaking. Engage the users frequently to prepare them for the change to increase user adoption.

These four key risk areas, in addition to other risk areas, are explored in detail in this white paper.

Mithilesh Kotwal

Managing Director
Enterprise Application Solutions

Subscribe to Topics

Many often overlook the potential impact—both positive and negative—a #TechnModernization project can have on operational #resilience. #ProtivitiTech's Kim Bozzella shares her thoughts with #Forbes Technology Council. https://ow.ly/1FLA50TYIaE

Establishing a scalable #AI #governance framework is crucial for balancing innovation with #risk and #compliance. Dive into our latest ebook, co-authored with #OneTrust, to explore key steps and technologies that will elevate your AI governance strategy. https://ow.ly/QqKy50TVUx3

News reports implied that China has managed to break "military grade" encryption using quantum computers. But the truth is more complicated than that. Protiviti's #quantum expert Konstantinos Karagiannis explains it all to #VISIONbyProtiviti. https://ow.ly/Zb9z50TWNuh

The #IIoT can help organizations collect and analyze data to optimize operations and maximize resources. #ProtivitiTech's Kim Bozzella details how IIoT can yield benefits for businesses and the people they serve with #Forbes #Technology Council. https://ow.ly/V5I250TVLAj

Protiviti has earned the AWS DevOps Competency, which complements our existing Migration and Security Competencies. These competencies reflect Protiviti's ability to deliver comprehensive AWS system integration services. https://ow.ly/Baj550TWR9I

#AWSDevOps #AWSCloud #AWS

Load More