The cheese course of any dinner is usually a favorite. Everyone is more relaxed, after dinner drinks may be on the way, and the guests are open to more fluid discussions about almost any topic. In our last installment of our CIO dinner party we discussed the challenges of digital transformation and how the Chief Procurement Officer (CPO) and IT Director must manage the budget and spend once an organization moves onto the trajectory of digital transformation. Today, our guest of honor is the Chief Compliance Officer (CCO) to touch on the areas of risk and governance in terms of contracts, license consumption and audits. This is an area that is becoming increasingly complicated as companies move their applications and services to the cloud. Gone are the days of tracking entitlement, inventory and consumption of on-premises software contracts, as a new era of both transforming, yet confusing, cloud software takes off. In this environment, indirect use of software could be a violation of a corporate license agreement.
The CCO’s role is unique in that in the last few years it has moved out of the legal suite and into its own distinct role reporting directly to the CEO. This is key because the CCO’s breadth of issues it is dealing with has not only expanded, but also elevated. For example, according to a recent Thomson Reuters report the top 10 challenges facing compliance officers in 2017 are:
- Regulatory Change and Uncertainty
- Personal Liability
- Conflicts of Interest
- Sales practices, suitability, and risk disclosure
- Culture, conduct risk and compensation
- Insider trading or misuse of material non-public information
- Liquidity risk and valuation risk
- Data protection, technology management and cyber resilience
- Terrorist financing and financial crime
Further, in 2016, 69% of organizations felt their compliance budget would increase over the next 12 months to help address these myriad issues. This is obviously an extensive list and for the sake of our dinner party we are going to focus on topic nine – around technology management – as this is an area where SofwareONE has expertise and solutions.
When you look up the definition of compliance one of the top entries is “the act of conforming to fulfill official requirements.” In other words, follow the rules. What happens though if you don’t know all of the rules, and unintentionally break one? Software compliance is one of the most complicated areas for organizations to adhere to. But, it does not have to be as compliance and following the rules should be a byproduct of an effective software portfolio management strategy. Effective software portfolio management means you are proactively managing your software landscape:
- Entitlement – What do we own and how can we use it?
- Inventory – What has been installed?
- Consumption – How well (or not) is it being utilized?By having a view into entitlement, inventory and consumption, it helps the CCO answer questions around compliance gaps, audit risk exposure, and areas of overspend. All in, it helps the CCO minimize the risk exposure, and above all it helps the organization maximize the value of their software portfolio. From a security perspective, retiring or de-provisioning under-utilized software reduces the attack surface and improves the overall security posture of the organization.
As we spoke about in a prior post, different line of business units within companies today are simply going out and purchasing whatever software suits their needs, without a second thought to the CPO, adherence to existing contracts, or how those purchases might impact the bottom line. This is where the CCO needs to step in and ensure that the contracts being executed across the organization are being adhered to, and that the company isn’t either over or under paying for services rendered.
This is a monumental task however, and where the PyraCloud platform and SoftwareONE partners can help the CCO manage its entire software portfolio management lifecycle – in other words, follow the rules, starting from the point when software and cloud resources are procured. SoftwareONE and its partner, Flexera, will talk about this more in depth during our webinar on June 20, 2017 – “Show me the value! Accelerating time to value of your Software Asset Management practice.” Be sure to join us and register today to learn more.
The CCO has his work cut out for him, particularly as the Lines of Business (LoB) start to attain more autonomy when it comes to software purchasing and deployment. We will close out our CIO dinner party series next week as we talk to both the LoB and the CFO. Perhaps they will have the secret to getting our cake, and eating it too.