Conference PaperPDF Available

La gestion globale des risques du système d’information au service de la performance

Authors:
Conference Paper

La gestion globale des risques du système d’information au service de la performance

Abstract

La gestion globale des risques du système d'information au service de la performance Retours d'expériences de BT Fatiha MORIN, Andrew CHURCH et Ion BERECHET 11 mars 2008
CARM
La gestion globale des risques du syst
è
me d
information
au service de la performance
Retours d
exp
é
riences de BT
Fatiha MORIN, Andrew CHURCH et Ion BERECHET
11 mars 2008
©
Copyright British Telecommunications PLC 2006
Ordre du jour
Introduction
Probl
é
matique BT Group
Approche BT ORM
Quelques exemples concrets
8h30 – 9h30
9h35 – 10h00
Questions & Reponses
©
Copyright British Telecommunications PLC 2006
Fatiha MORIN
Responsable Solutions S
é
curit
é
BT
Andrew CHURCH
Responsable de l
offre Gestion du Risque Op
é
rationnel
Ion BERECHET
Fondateur de Sispia et partenaire BT
©
Copyright British Telecommunications PLC 2006
Le groupe BT
Le Groupe BT
emploie plus de 100 000 personnes
dans le monde, pour un Chiffre d
Affaires de pr
è
s de
30 B
(19,5 B
£)
BT Global Services
est le fournisseur de solutions et
de services pour les Op
é
rateurs (GTM) et les
Grandes Entreprises (Major Business)
BT Retail
BT Wholesale
BT
Global Services
More than 100.000 people serving our
customers on a global basis
Free cash flow
£
1.6bn 8%
(3)
FY 2005/6
-
Headline financials
Group turnover
£19.5bn 6% / 3%
(1)
Profit before tax
(2)
£
2.2bn 5%
Net debt
£
7.5bn 5%
Earnings per share
(2)
19.5p 8%
Full year dividend 11.9p
14%
(1) Underlying excluding cuts in mobile termination rates,
Albacom
and
Infonet
(2) Before specific items
(3) Excluding receipts from disposals
BT Group
BT GS repr
é
sente, avec pr
è
s de 13 B
(8,63 B
£
),
plus de 40% du CA de BT
, avec un rythme de
croissance annuel > 10 %, et 29 000 personnes
bas
é
es dans 50 pays, qui d
é
livrent des services dans
plus de 170 pays.
Une situation financi
è
re solide
BT Global Services
Global Corporate
Customers
Global Telecom
Markets (GTM)
IP & Network Services
IT & Professional Services
Btexact / OneIT
-
R&D
©
Copyright British Telecommunications PLC 2006
Le nouveau visage de BT France
300 personnes
49,6 M
NET2S Group
(NET2S France, Predixio &
CyberNetwoks) en 2006
950 personnes
257 M
en 06/07
1400 personnes
137,7 M
en 2006
110 personnes
©
Copyright British Telecommunications PLC 2006
Problématique BT Group
Comment augmenter la performance (EBIT) ?
Comment assurer la croissance organique du groupe et des filiales
?
Comment r
é
duire les co
û
ts d
exploitation
«
inattendus
» ?
Comment r
é
duire les co
û
ts de R&D ?
Comment mieux appr
é
hender/ma
î
triser les risques associ
é
s ?
BT mise sur la transformation de son organisation, sur l
impl
é
mentation de sa nouvelle infrastructure
(21CN) et sur ses
«
services
manag
és »
pour mieux r
é
pondre aux attentes de ses
clients.
Cela implique des changements importants
notamment sur
:
les employ
é
s et leurs m
é
thodes de travail (ex. le t
élé
travail, le temps partiel, la mobilit
é
,
)
les processus internes (ex. normalisation) et externes (ex. audi
t, compliance, due diligence,
…)
les services et produits offerts aux clients (ex. optimisation d
es offres, outsourcing,
…)
Un contexte
é
conomique
et
un march
é
domestique
difficile >
un changement de comportement
la r
é
duction des marges tendent vers un
«
pricing
»
quasi non
rentables
pour
certains contrats
la robustesse de l
entreprise est soumise aux
«
chocs r
épé
titifs
»
(ex. Ofcom/LLU, NHS,
…)
la prise de risque
est
«
augment
ée »
en faveur d
une
rentabilit
é
imm
é
diate, souvent
au d
é
triment de la qualit
é
©
Copyright British Telecommunications PLC 2006
©
Copyright British Telecommunications PLC 2006
©
Copyright British Telecommunications PLC 2006
©
Copyright British Telecommunications PLC 2006
Une méthode simple et accessible visant l’amélioration en continue
Experience
©
Copyright British Telecommunications PLC 2006
©
Copyright British Telecommunications PLC 2006
©
Copyright British Telecommunications PLC 2006
©
Copyright British Telecommunications PLC 2006
Privilégier une démarche projet
©
Copyright British Telecommunications PLC 2006
Strategic
Risks
Customer
Service Risks
Supplier
Delivery Risks
Service
Management
Risks
Gérer les risques globaux de sécurité chez OneIT
Aggregation
Correlation
Board
Group Risk
External
Audit
Internal
Audit
Line of
Business
Line of
Business
Risk Manager Risk Manager
Group Risk
Register
& Dashboard
LOB Risk
Register
& Dashboard
Review
Maintain
& Manage
C O C K P I TC O C K P I T
BT Risk
P
rocess &
A
ctivity
L
ifecycle
Operations
Automated
Risk Data
connectors
& collectors
Manual input
Risk
repository
Risk engine
KRIs/KPIs
Navigation
Attestation
Assess
& Attest
Integrated into
Integrated into
©
Copyright British Telecommunications PLC 2006
C O C K P I TC O C K P I T
©
Copyright British Telecommunications PLC 2006
Key Objectives YTD
TGT
Service Delivery
8%
10%
Customer Satisfaction
42% 45%
Risk Reduction
10% 15%
OPEX Reduction
5% 7%
Initiatives
Mainframe Planned Phase Out
Product Launch
Management Training
New Business Marketing Launch
Watchlist
ISO 27001 Certification
SAS70 Request for Customer A
Euro SOX Alignment
ITIL Alignment
5
Customer B1
8
Customer C1
10
Customer A1
Net
Customer
RFP
NEG
IMP
OPS
CHG TER
Hot topics / news / audits pending for RFP process
5
Account Services
8
Order Management
12
Inventory Services
Net
Services
1
Capacity Reqts.
5
Resource Avail.
5
New Technology
8
N/W link delays
10
SLAs
Net
Key Risks / Issues
4
Financials ROI
10
Commercial Legal
12
Capacity Demand
23
Supplier Relations
25
Customer Relations
Net
Contract Criteria
1
Business Devel
5
Security
5
Projects
8
Service Delivery
10
System Planning
Net
Business Areas
5
Systems
5
Process
8
External
11
People
Net
Risk Classes
Dashboard information refreshed as of dd/mm/yyyy mm:hh
BT Risk Cockpit
BT Risk Cockpit TM
TM
©
Copyright British Telecommunications PLC 2006
Vision Stratégique / Tactique / Opérationnelle
©
Copyright British Telecommunications PLC 2006
“Lessons Learnt”
This is major cultural journey
an eye opener for many
Key to RM is Communication and Organisation of people, process a
nd resources
Not all risks are quantifiable or should be quantifiable
Make the RM process non
-
emotional
Straight
-
forward or sophisticated (only when required)
Simple but effective (Plan
-
Do
-
Check
-
Act)
must be remembered
Talk / discuss with experts both within and outside the company
don
t do this
alone
Think BIG but do things in small steps (BT Agile Method –
no more than 3
months)
results are possible in that time.
Dedicated Sponsors and as high up as you can
-
often means the message has
to be as simple as possible !
Internal / External Benchmarking can be useful to identify those areas in the
company that are more mature in Risk Management
Benefits of RM however intangible must be identified and agreed –
focus on the
easiest for quick wins.
©
Copyright British Telecommunications PLC 2006
ResearchGate has not been able to resolve any citations for this publication.
ResearchGate has not been able to resolve any references for this publication.