Technology risk radar
2mQgADD
2mQgADD
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
16<br />
Consumer markets and retail<br />
Andrew Shefford<br />
Paul Holland<br />
Michael Isensee<br />
1<br />
2<br />
3<br />
4<br />
5<br />
6<br />
7<br />
8<br />
9<br />
Poor <strong>risk</strong> management alignment across<br />
organisation and process<br />
Dependence on inflexible and under<br />
supported legacy systems<br />
Poor cyber security, cyber-crime and<br />
unauthorised access<br />
Non-compliance with regulation and<br />
legislation, e.g. privacy<br />
Lack of IT strategy and lack of board<br />
representation<br />
Inadequate data quality and lack of<br />
capability to leverage data to manage <strong>risk</strong><br />
Inability to deploy and exploit<br />
emerging technology<br />
Failure to deliver programmes and to<br />
build in control, resilience and security<br />
Reliance on, and poor security and<br />
control in, vendors/third parties<br />
HIGHEST<br />
RISK<br />
11<br />
8<br />
1<br />
9<br />
10<br />
4<br />
7<br />
10 9 8 7 6 5 4 3 2 1<br />
2<br />
6<br />
3<br />
5<br />
12<br />
LOWEST<br />
RISK<br />
<strong>Technology</strong> continues to be a major business disruptor in the<br />
consumer markets and retail sector. Digital disruptors are<br />
driving every part of the sector’s biggest changes, from new<br />
delivery models such as drones and 3D printing to greater<br />
automation in industrial production and connectivity via the<br />
Internet of Things.<br />
Yet we believe that, despite these innovations, the technology<br />
<strong>risk</strong>s which consumer markets and retail businesses face are<br />
not so new.<br />
Take automation. New technologies that are driving<br />
developments in digital at the front end and connecting<br />
industrial control systems at the back end need to be safe,<br />
secure, repeatable and reliable. These are all issues that<br />
already apply to back-office functions, often running on legacy<br />
systems, such as administrative processing facilities and<br />
increasingly connected manufacturing systems.<br />
Now consider the integration of legacy systems with the<br />
newer digital systems required to connect with today’s<br />
consumers. These older systems are often neglected.<br />
There has been little investment in updating them and many<br />
are simply not as adaptable as modern systems. And yet<br />
businesses have a lot of valuable data in them. Providing safe<br />
access to this data for newer systems presents a set of <strong>risk</strong>s<br />
such as data integrity and privacy – <strong>risk</strong>s that businesses<br />
already face.<br />
10<br />
11<br />
12<br />
Ineffective service management<br />
and delivery<br />
Ineffective IT asset management<br />
Inadequate resilience and disaster<br />
recovery capability<br />
Digital also presents organisational challenges, with many<br />
businesses facing challenges where a digital team, either inhouse<br />
or working with a third party, in effect competes with<br />
the IT Department. This is an example of what is sometimes<br />
known as shadow IT, as discussed above, where digital<br />
products are developed and maintained by a business team<br />
rather than by the IT function. Again, creating IT products<br />
outside of IT is not new, but where the products are the digital<br />
© 2016 KPMG International Cooperative (“KPMG International”). KPMG International provides no client services and is a Swiss entity with which the independent member firms of the KPMG network are affiliated.