Overview of Our Business Process and ERP Services

CTSS combines Managed Cloud Services and technology with business process management and Information Technology (IT) to drive business performance improvement especially for ERP implementations. Our clients are on a journey of continuous improvement. We support our clients’ journey by providing a wide range of services also related to the various types of certifications such as ISAE 3402/SSAE 16 (SOC 1,2 &3), ISO/ISE 27001 or PCI DSS, MTCS and CSA Star compliance services.

Overview of Our Outsourcing / Managed / Cloud Services

By outsourcing routine, high cost and less valued work to an outsourcing/cloud solution, companies can leverage these outsourcing/cloud computing organizations' extensive core competencies, experience and infrastructure support to reduce cost and improve quality of service, most importantly, to improve their service delivery to internal and external customers and increase its competitive edge and utilization of IT.

The company then has an opportunity to save anywhere from 20-40 percent of their IT costs by reducing their routine IT spend supporting infrastructure, platform and/or applications. Furthermore, companies can free up their IT budgets from as much as 30 percent maintenance spend by enabling the main/key cost/ benefit to paying only for services used (Metered Services). This concept is similar to electricity usage; you only pay for electricity when you "Flip the Switch" in addition to lowering a company's Capex requirements.

Our main focus will be to look at key existing Outsourcing, Managed and Cloud solutions such as Software as a Service (SAAS), Infrastructure as a Service (IAAS) and Platform as a Service (PAAS) as well as the various operating environments, Private, Public, Community and Hybrid. Our objective, again, is to understand each company's goals and objectives and provide the best cloud / outsourcing solution possible from an independent Advisory (vendor neutral) standpoint in Strategy development, implementation and integration and providing security & controls assurance. This will include initial TCO and ROI current state assessment which also identifies the matching of IT needs to meet the company's goals and objectives, developing the Request for Proposal (RFP) and helping to select the most qualified service provider that best meets the company's business and IT goals and objectives. Once the service provider has been selected, we will then use our proven tools to develop the road map and the required steps and procedures to ensure successful migration to the service provider.

As a part of our tool and methodology, we will assist in the development and negotiation of the Service Level Agreement (SLA) and Project Management leadership until successful sign off of satisfaction of the outsourcing / cloud transition by both parties. One of the most important considerations in moving to an outsourcing / cloud environment is ensuring that adequate data integrity controls and security exist with the service provider.

Our methodology and experience focuses on assessing a service provider's security and control capabilities as well as business continuity and that the appropriate industry accepted certifications exists to ensure that our client has the assurance that adequate controls and security are present over their data, not only at time of transition, but throughout their business relationship. It also focuses on these controls at the client site to ensure a complete end to end security solution is developed.

We offer three major categories of Outsourcing / Managed Services / Cloud Computing and related process improvement advisory services:

Adopting an outsourcing / managed services / cloud computing, like any other emerging technology, comes down to fundamentally figuring out how the investment in the cloud is going to yield positive returns to your business at an acceptable risk level.

Strategy Assessment

Our cloud computing strategy services includes:

• Performing a Total Cost of Ownership (TCO) Assessment of the current state IT and estimation of Return on Investment (ROI) to establish a benchmark for true cost of IT and its impact on earnings per share or other relevant performance measure the company uses.

 

• A one to two day workshop to develop common understanding of cloud/outsourcing among the leadership team and key stakeholders, assess company's goals and objectives, leverage the insights of companies who have experienced a successful transition, educate the leadership team on the transformation and drive organizational consensus for adoption where appropriate.

A 4 - 12 week engagement, depending on the number of applications, size and nature of outsourcing arrangement being considered, structured to identify and prioritize cloud solutions through the results of TCO and ROI analysis that can bring immediate, intermediate and long term business benefit, and then paint a picture for the future by developing a strategic plan and cloud road map. The cloud transformation road-map identifies numerous implementation opportunities and prioritizes into a workable and livable action plan.

Assessment and Implementation Services

Our Assessment and Implementation Services will include initial TCO and ROI current state assessment which also identifies the matching of IT needs to meet the company's goals and objectives, developing the Request for Proposal (RFP) and helping to select the most qualified service provider that best meets the company's business and IT goals and objectives. Once the service provider has been selected, the next component of the tool is the SLA generator, which is a comprehensive requirements consideration tool to help ensure all key business / performance requirements and as well as related legal considerations and regulatory points are properly considered and defined. We will also assist in the development and negotiation of the Service Level Agreement to help ensure that all performance and measurement considerations are in place at both the company and the service provider, but most importantly help to ensure that the company has negotiated the best deal possible from a cost and service perspective. We will then develop the road map and the required steps and procedures to ensure successful migration to the service provider.

The last component of the tool and methodology is our security and controls module that takes into consideration the pending ISO 27017/18 objectives that map these requirements to the service provider’s security and controls environment. Our methodology will also consider the operational and security aspects of the access anywhere, anytime on a variety of hardware and software platforms (including BYOD incl. mobile devices). Lastly, we also can provide project management leadership throughout the engagement until final sign-off of satisfaction by both parties indicating final completion of the engagement.

Cloud / Business Process (ERP) Security and Controls and IT Governance Assessment and Reviews

Cloud Computing or a major system change offers huge potential for your business to reduce costs and significantly increase operational efficiency, scalability and flexibility. But stepping into an outsourcing/cloud arrangement without a full understanding of the security and compliance risks as well as related governance challenges that you may be facing, can lead to compliance breaches, liability issues and brand damage as a consequence of hacking and accidental data and systems misuse both externally and internally. As such, a full understanding and knowledge of your own security and compliance and IT Governance issues in the Cloud is of critical importance.

Our Solution

To combat these security threats and risks and properly manage this risk that may arise within your organization, CTSS Security and IT Governance Assessment Services ensures that:

• You have knowledge of what your security risk and compliance issues are.
• You gain insight into the legislative and regulatory requirements relevant to the cloud for your industry.
• You will have absolute clarity on your cost versus business risk landscape.
• Ultimately, our Security Assessment Service will allow you to understand the investment required to address the identified risks in order that you can make balanced, solid business judgments.

The Benefits

Security Assessment Service delivers the following benefits:

• A Vulnerability Assessment is conducted using our toolkit of vulnerability scanning tools.
• We assess the Legislation, regulation and IT risk liabilities in each country that pertain to your outsourcing/Cloud computing needs and business. We then define specific benchmarks for your company. With this we can measure your relative security and compliance business performance, defining the gaps that need to be addressed.

Why CTSS

Our CTSS Security Assessment Service is built upon our 20 plus years of experience and understanding. Our years of experience allow us to analyze and interpret your business risk profile, not only in technical terms but also in how those risks will impact upon your general business-operating model. We show you the real life scenarios, not just the theoretical ones. We understand that Information Security and Business Process (ERP) Controls should be fit for business, consistent and reliable. But we also know that our role, as your partner, is to take the complexity out of the multifaceted security and compliance challenges of today's digitally enabled business world.

To do this we work with security professionals in the leading professional Security Organizations such as the Cloud Security Alliance (CSA), Information Systems Audit & Controls Association (ISACA), British Standards Institution (BSI) and other worldwide practices such as the Security Standards Council (SSC).

Our Approach

In order to deliver the service most effectively we conduct an overall security and IT Governance assessment:

• The 'Cloud Security/Business Process (ERP) and IT Governance maturity Assessment' evaluates the maturity of your security and compliance controls based on the best practices and standards of the CSA, ISACA (Cobit), BSI (ISO) and the SSC (PCI DSS).
• Security Issue Results are collected, sorted and reported against business impact, cost and benefit in order to align them with the needs of your business.
• We then develop a workshop to review the findings, balances security risk reduction against investment and co develop requisite solutions. The end result of the working group is to develop an actionable remediation roadmap with definitive timelines for evaluation of remediation results on a periodic basis.
• Most importantly, we will evaluate IT security & controls at the service provider to ensure that the provider has the appropriate controls, Governance and monitoring as well as the required certification such as ISAE 3402/SSAE 16, ISO/ISE 27001 or PCI DSS compliance seals.

Business Process Improvement (BPI)

CTSS’ BPI methodology is focused on building and supporting a team of business process owners. CTSS Consultants provide Lean, Six Sigma, and ERP expertise to support business process improvement projects. Business process documentation, best practice education, and visioning become the foundation for our client’s journey of continuous improvement.

ERP Implementation Management

By working with our client’s process owners to design the future processes, CTSS’ Consultants are in a unique position to facilitate the solution implementation. By combining CTSS’ project management skills and our knowledge of the future processes, CTSS’ assistance in the solution implementation reduces costs and risk.

Business Process Improvement

Business Process Education

A major concern in business process improvement projects (especially ERP implementations) is the understanding “what is possible”. CTSS offers its clients an education curriculum to educate the project team on what is possible with business process best practices for their industry. The education is designed for the business users that are part of a team charged with the task to improve business processes with new ERP and information technology.

The team will learn terminology for the industry, review “best practice” process flows, and see live demonstrations of modern ERP implementation for their industry.
This education is a critical cornerstone for a successful business process improvement project.

Business Process Analysis

The first step in a business process improvement project is the analysis of existing processes. When companies decide to consider improve business processes, this is where they start. CTSS provides a methodology to review and analyze existing business processes for companies that want to improve their business processes.

The methodology begins by structuring business processes with a top down diagram. The first level of review identifies the top hierarchy of business processes. Process users are identified. The most knowledgeable users are interviewed. The output of the interview is the development of business process mapping which show the flow of information and the interaction of the users in other departments.
As the maps are being produced, a business process consulting team will facilitate the analysis of the business process.

Components of a Business Process Analysis:

• Key performance metrics
• Redundant processes, data, and data entry (waste)
• Value of process
• Problems with the process
• Areas for improvement.

Business process analysis is the key first step to the improvement of business processes. It provides the structure and information needed for the development of new and improved business processes.

Business Process Review

Once the business processes have been documented, a review of the process should be conducted. The review should include the key business users, department management, and an expert business process consultant. An outsider helps by providing an independent opinion of the process. The process needs to be reviewed.

Then the team needs to ask the value of the process.
Is there waste in the process?
Are their redundancies in the process, in the data, and data entry versus other processes in the company?

In the business process mapping, the users and management identify key performance metrics that are used in managing the business day to day. In the review, the users and management need to input their opinion on the process:

Are their problems or issues with the process?
What are their suggestions for improvement?
An experienced business process consultant can guide the team through a thorough review of the process.
The process review is documented and added to the current state documentation folder.

Business Process Mapping

Business process maps provide an easy to read view of business processes. The maps need to be organized so they can be understood at a high level by top management, but also provide the detail that is need for review and analysis. CTSS provides a business process mapping methodology.

Process Maps should be broken into Levels:

• Top Level – identifies the major functions and process of the business. This map can be thought of as a high level “value stream” map
• Business Process Categories – identifies all of the major business process categories
• Category Map – identifies all of the categories of business processes in a swim-lane map showing the connectivity of information between departments
• Process Map – identifies the business process steps in a process map defining inputs, process performed on inputs, and outputs.

Many companies believe their ISO documentation can aid in this process. This is true, it can aid in the initial review of the processes but it does not go down to the level you need to identify problems and waste.

Business Process Are Plentiful in Most Companies. A typical manufacturing company will have upwards of 200 to 300 processes in the following areas:

• Marketing
• Sales
• Engineering
• Customer service
• Supply chain management
• Manufacturing planning
• Production
• Quality
• Service
• Accounting
• Human resources

These maps become a valuable component in a process improvement project, and ERP selection project, the ERP implementation project, and a business process improvement project.

Business Process Documentation

CTSS has a proven methodology for the development of business process documentation. During a review of business processes the following components are documented:

• Organization chart - identifies all of the users by business process category
• Discovery document – records information gained in business process interviews
• Business process organization map – identifies all the business process categories
• Business Process mapping – document business process steps
• Business Process analysis – identifies problems and waste in current processes.

When completed the organization (management and key users) need to review and approve the documentation.

Business Process Reengineering

Business process reengineering is the development of the future state of business processes. The reengineering effort is preceded by the review of the current state (business process review), and the education of the project team on business processes.

Optimizing the Business Process Reengineering Process

CTSS guides its clients through this process because the future state definition drives:

• The identification and evaluation of ERP vendors
• Business case for change
• Design for the implementation of a new ERP system
• Design for a Business Intelligence system
• Improvement of business improvement
• Improvement of business performance

After the team is educated on business process best practices, CTSS facilitates a workshop to develop the future state. Workshops are organized by functional areas. The team reviews the problems in the current state, best practices for the business process, and designs a new business process that eliminates waste and improves productivity.

As the design of the future state becomes clear, the team is asked to define the benefits of the future state. From this information CTSS guides management and the team through the development of the business case for change.

ERP Implementation Management

ERP Implementation Plan Creation

The ERP implementation project plan is a key element of the foundation of a successful ERP project. CTSSs begin the development of this plan in the vendor evaluation phase of an ERP Selection project. We work with the vendor implementation team and the client team to develop a detail plan.

Key Parts to an ERP Implementation Plan:

• Define the scope for each phase
• What are the software processes that will be implemented in phase I and later phases?
• Construct the team and team responsibilities
• Who are the members of the client team?
• Who are the consultants from the vendor team?
• What are the responsibilities?
• Define the project methodology. What are the project phases, steps, and deliverables?
• Develop the project plan. Assign tasks and hours to resources, both client and vendor. Get agreement from both parties as to the effort required in all phases of the plan.
• Included in the plan are the following:
• Core team education
• Future state design and configuration
• Conference room pilots
• Data conversion
• New system interfaces development
• ERP reports and forms development
• Cutover activities
• Project assumptions

It is very important to get both vendor and team buy-in to the plan.The components of the plan should be put in a formal statement of work that is agreed to by both vendor and client.

ERP Project Management

Project management is key to a successful implementation. Inadequate project management has played a major role in failed implementations. A qualified, dedicated project manager is rule number one in all ERP implementations. CTSS recommends the establishment of a project management office (PMO). The PMO should be staffed with experienced ERP project managers. The role requires full time management. A PMO can include multiple team members as long as responsibilities are clearly defined.

The PMO is responsible for managing the resources and the plan. The PMO will report directly to an executive steering committee. The project team, both vendor and client, report to the PMO. The team members are responsible for completing their tasks according to the plan. The following are characteristics of a good project manager:

• Previous experience managing projects
• Has respect of organization
• Has to be a leader
• Has to be firm about requiring satisfactory performance from the team, both client and vendor
• Has an understanding of the entire range of processes.

CTSS often supplement client resources with the execution of PMO duties.CTSS’ ERP Project Management Resources are all skilled, experienced ERP implementation project managers. We can assist our client with in any of the following capacities:

• Project Manager. CTSS can fill the position of Project Manager. In this position, CTSS will manage your staff and the ERP vendors to achieve an on-time, on-budget implementation. The CTSS will be on-site 100% of the time. CTSS clients request this service when they find they do not have a manager they can assign to this role.
• Project Manager Assistant. CTSS person or a CTSS Partner can fill the position of Project Manager Assistant. In this role, the CTSS assists the Client Project Manager with project management duties. We will be on site one (1) to three (3) days per week. Time requirements will vary based on how much time the Client Manager can give to the project. CTSS clients request this service when they have an internal manager, but the individual cannot devote 100%, and therefore needs an experienced assistant.
• Business Team Leader. CTSS can fill the position of Business Team Leader. Each ERP project requires several functional team leaders. An example is a Financial Team Leader. This individual leads the client staff through the implementation process. We will be on site three (3) to four (4) days per week. Clients request this service when they do not have an individual that has the time or the ability to lead a functional team.
• Steering Committee Advisor. A CTSS or a CTSS Partner can fill this position. In this role, CTSS provides advice and counsel to the project steering committee and project team throughout the project. The CTSS or Partner will be on site two (2) to four (4) days per month. Clients request this service when they have qualified a project manager, but want to maintain CTSS’ experience and knowledge into the implementation.

1. CTSS’ ERP Project Management Services
2. Project planning
3. Organization roles and responsibilities
4. Schedule
5. Reporting requirements
6. Data conversion plans
7. Communication and reporting
8. Weekly meeting management
9. Issues log
10. Project budget
11. Project reports
12. Steering committee meetings
13. Project monitoring
14. Issue resolution
15. Budget
16. Vendor performance
17. Core team performance.

CTSS project management services do not displace the vendor project manager, nor does the vendor project manger displace the need for a CTSS or Client project manager. CTSS services are designed to support the client’s responsibilities in the implementation.

Data Conversion

The Data Conversion Process

During an ERP project, the team should document data conversion requirements as part of the current state review and the development of the future state process. Data as well as process need to be documented and understood. From this review of processes and data, the team can identify all of the databases that will need to be converted. The documentation of the databases becomes a requirement that vendors need to address in the vendor evaluation phase. Immediately upon commencement of the ERP Implementation project the project management and the team, assisted by the vendor, need to map out a strategy to convert the databases to the new system. At this time process owners need to take ownership of the successful version of the data.

The ERP project plan should include tasks and responsibilities. CTSS clients usually employ their IT resources to prepare the data for conversion. They know the source of the data and are usually best suited to this task. The process owner that works with IT will own the data and is responsible for insuring the data is converted and cleansed for the new system. Data conversion issues are often encountered in the testing process.

The project team needs to develop a conversion strategy for the following types of data:

• Static files – master data such as customer
• Dynamic files – transaction data such as open Purchase orders
• History – transaction history

CTSS often helps the client process owners with the conversion, data cleansing, and data verification.

Data conversion is one of the major reasons for an ERP project missing its on-time objective. Planning and execution in this phase are critical. CTSS Technical Services Consultants are data base experts and have extensive experience in ERP conversions.

CTSS can supplement your IT staff in the following activities:

• Project management
• Data conversion planning
• Data mapping: current system to the new system
• Data migration: exporting and importing
• Managing data cleansing activities
• Quality assurance

CTSSs have had experience with various database systems:

• Oracle
• Microsoft SQL
• Informix
• Progress
• AS/400 DB
• OS2

CTSS can supplement your IT staff, work with your ERP vendors and provide the needed expertise to insure that data conversion does not become an obstacle to an on-time ERP implementation.

Standard ERP Reports and Report Writing

Current ERP systems come loaded with pre-written reports, but the list never covers all user needs. These systems all come with their preferred report that is advertised for the end user. CTSS has found that it often takes users weeks and often months to master these report-writing tools. The importance of report writing is often overlooked as a critical step in the implementation of a new ERP system. Information is the goal of the ERP implementation.

To achieve it requires both strategy and capable resources to achieve the goal. Report writing needs fall into the following categories:

• Forms such as invoices, order acknowledgments, purchase orders, receivables statements, payables checks, etc.
• Managed reports that are produced on a recurring basis
• Ad hoc reports that are usually, one-time, “I need this information now” reports
• Analytical reports that are views of data that help analyze “what is happening”
• Executive dashboards that provide the executives with a snapshot of business performance against the company’s key performance indicators (KPIs)

All of these needs need to be considered in a comprehensive report writing strategy, that identifies needs at all levels, report-writing tools, data deployment (data warehouse versus data marts), and report deployment methods.

CTSS’ Approach to ERP Reports

The development of reports and forms is a significant task that cannot be taken lightly. Often “access to information” is a key driver of the project.

During the Business Process Improvement (BPI) phase of the project, the project team should be sure to document forms and reports used in the business process. In addition, the team should gather key performance indicators used to manage the business.

In the development of the future state, the team will define the reporting strategy.

The strategy will document the following:

• Key performance metrics
• Transactions and dimensions
• Information needs
• Analysis needs
• In the education phase the team will understand the many types or reporting tools:
• Transaction grid queries
• Dashboards
• Scorecards
• Published reports
• Ad hoc reports

The reporting strategy will define how all these reporting tools are used to “improve access to information”.