Robert Kugel's Analyst Perspectives

Risk has always been an integral part of business, but as I’ve noted, companies deal with risk with varying degrees of effectiveness. A complex, ongoing process, operational risk management identifies risks to support successful operations of an organization, estimates the monetary and other measurable impacts if a risk event occurs, establishes methods for mitigating the severity of impacts should they occur, continuously measures the probability of a risk occurring within a relevant period of...

My colleague Mark Smith and I recently chatted with executives of Tidemark, a company in the early stages of providing business analytics for decision-makers. It has a roster of experienced executive talent and solid financial backing. There’s a strategic link with Workday that reflects a common background at the operational and investor levels. As it gets rolling, Tidemark is targeting large and very companies as customers for its cloud-based system for analyzing data. It can automate alerts...

At its annual Influencer’s Summit in Boston, SAP offered multiple perspectives on where the company’s strategy and products are heading. Overall, I was struck by the essential similarities to its message on its strategic direction a decade ago. The overarching objective in its roadmap now, as then, is to have information technology increasingly adapt to the needs of individual users and how they choose to execute established/repetitive or ad-hoc processes, rather than forcing them to adapt to...

Risk has always been an integral part of business, but dealing effectively with risk is a progression. Indeed, history shows businesses adapting and coping better with risk through innovation. The importance of using information technology to manage risk is growing because today’s systems can automatically measure and analyze a much broader set of risk factors than individuals can, and do so more reliably. But a key challenge companies face in implementing enterprise risk management is...

My colleague Mark Smith and I have frequently commented on the artificiality of the emerging software category governance, risk and compliance (GRC). To be sure, once stand-alone categories of software (IT governance, audit documentation and industry-specific compliance management, to name three examples) have started what I expect to be a long convergence process. Moreover, since just about all controls and risk management efforts require a secure IT environment to be effective, there is a...

IBM’s announced pending acquisition of Algorithmics is an important addition to the company’s portfolio of business applications aimed at financial services companies, and it is thematically consistent with its other acquisitions in risk management and analytics such as IBM’s OpenPages risk management documentation that I have already assessed. It’s also a good fit for IBM’s professional services organization, which has a significant position in the financial services industry.

Although I continue to believe that governance, risk and compliance (GRC) is not a firm software category, software vendors continue to add depth and breadth to their offerings that support corporate governance, help manage risks systemically in business and IT and provide greater visibility into compliance efforts. For example, with its release of OpenPages 6.0 IBM had made an important enhancement by marrying the document management capabilities of its OpenPages acquisition with Cognos’s...

Back-office operations in commercial and investment banks are among those critical functions that are underappreciated until they stop working well. This includes transaction reconciliations and the related exceptions management. Reconciliations are necessary to achieve a reasonable assurance of complete and accurate record of trading activity. The process is especially challenging now, partly because of today’s high and growing volumes in the wide range of asset classes in which all larger...

When the term “governance, risk and compliance” (GRC) was introduced almost 10 years ago, software for this purpose was not a real category but a loose grouping of disparate applications that had something to do with meeting the requirements of the recently passed Sarbanes-Oxley Act. (You can find my perspective on the GRC category from a couple of years ago here. Now, with the release 10.0 of SAP BusinessObjects GRC, SAP is taking another step toward making the software category a real,...

I have written before about enterprise risk management, which is an essential piece of both performance management and corporate governance. Every aspect of business entails risk. Everyone who makes a business decision is – whether consciously or not – making trade-offs between risk and reward. Assessing risk is tricky in business because it means different things to different people depending on where they work and their specific role in an organization. From a broad view, risk management...