Managing IT Risk during a Global Business Merger Cheryl Danson April 2005

Managing IT Risk My presentation is about Managing the IT challenges and risks in a Global Business Merger What are the IT challenges and risks to be addressed in a global business merger? What precautions should be put in place to manage these? What are the priorities for IT integration to support the new business? How should these be managed before, during, and after the merger? Managing the IT challenges and risks in a Global Business Merger

Managing IT Risk My career Vauxhall Motors, IT apprentice F International, IT consultant Lipton Export (Unilever PLC) Roles included IT manager, Supply Chain Logistics Manager, Head of business systems Lever Industrial, Global IT Director applications and development DiverseyLever Global IT (Unilever PLC) Roles included, Head of the Project management office including Help desk, Head of IT security, IT Director for emerging markets, IT Director Global Account Management Supply Chain DiverseyLever acquired by Johnson Wax to form a new company Johnsondiversey My current role is IT Director, Functional Account manager IT for Global Supply Chain and EMA Research and Development

Managing IT Risk Overview 1.Integrated approach to IT systems management 2.Integration steps 3.People 4.Costs and risks 5.Potential benefits 6.(some of) the risks 7.Summary

Managing IT Risk Integrated approach to IT risk management Processes Systems & data People Business & Strategy

Managing IT Risk Integration steps Pre-plan 1 Integrate 2 Assimilate 3 Best Practice 4

Managing IT Risk People Retain 1 Re-organise 2 Restructure 3 Retrain 4

Managing IT Risk Cost and risks Process Systems & data People During a merger cost spend increases from 2% NPS to typically 4% NPS. This will reduce with the implementation of improved business processes Merged companies spend about 12% of their IT budget on training, consulting and severance at the outset of the merger ;* source: Forrester research

Managing IT Risk Potential benefits Process Systems & data People During a merger cost spend increases from 2% NPS to typically 4% NPS. This will reduce with the implementation of improved business processes Merged companies spend about 12% of their IT budget on training, consulting and severance at the outset of the merger;* source: Forrester research IT Benefits to be gained: Opportunity to improve people, processes and systems Retain best IT resources IT savings in applications and infrastructure synergies IT Organisational efficiency Centralisation of data centre facilities IT Contract negotiations and Buying power Shared IT disaster recovery Best practice processes Do more for less

Managing IT Risk Risk 1 Risk: External and Internal Customers experience reduction in service Risk Management: Inform them about what is happening and what to expect Web systems Customer Invoicing Service level definition and monitoring internal and external

Managing IT Risk Risk 2 Risk: IT resources become unsettled and leave Risk Management: Get to know each other, Face to face Keep everyone busy Set up Retention schemes and Delivery bonus Selective use of contractors/consultants Ensure fair treatment in selecting people for roles in the New organisation

Managing IT Risk Risk 3 Risk: Customers and employees have inadequate Communication Risk management: Implement quickly the internal IT communication systems, for example office applications and Communicate regularly and appropriately to employees Communicate regularly and appropriately to customers

Managing IT Risk Risk 4 Risk: IT costs escalate and loss of control over IT spend Risk management: Align IT to business strategy Stop non priority projects Define the Governance processes and procedures Project priorities Project budget Project monitoring

Managing IT Risk Risk 5 (i) Risk: IT applications and infrastructure do not support the merged business Risk management: Prepare Applications and Infrastructure Inventory Determine interim Application and infrastructure systems strategy Stop projects Ensure quick integration of operations Safeguard Financial reporting

Managing IT Risk Risk (5) ii Risk: IT applications and infrastructure do not support the merged business Risk management: Determine location for Servers Define standards for PCs and management Set up Help desk support for: Application and system issue reporting Define Service level Monitor performance

Managing IT Risk Risk (6) Risk: Unclear IT processes and ways of working Risk management: Define the IT ways of working Set up a Project Management office Be clear on Roles and Responsibilities Monitor the implementation

Managing IT Risk Risk (7) Risk: Business becomes vulnerable due to out of date IT security systems and tools Risk management: Ensure IT security is safeguarded Identify IT risk and control Set up Disaster recovery plans and testing

Managing IT Risk Risk (8) Risk: Inadequate Management reporting to support the merged business Risk Management: Define the Key business statistics and KPIs Define and implement the business data structures Standards Products Hierarchies Develop reporting systems

Managing IT Risk Summary A merger is hard work and stressful for IT and the business Pre merger planning Conduct Due diligence Learn as much as possible about both companies IT systems Ensure early involvement of IT During the merger Determine the IT priorities Safeguard the external and internal customer interface Retain IT resources Implement Governance and controls Merge as quickly as possible After the merger Improve people, systems and processes