[print version]
Financial Executives International
Committee on Finance and Information Technology
Committee Meeting
Hotel Vintage Plaza
Portland, Oregon
June 17 and 18, 2010
MINUTES
ATTENDEES
Members |
|
Arthur Alderson |
Wal-Mart Stores, Inc. |
Margaret Boissoneau |
United Technologies Corporation |
Michael Cangemi |
Cangemi Company LLC |
Ann Flatz |
Intel Corp. |
Taylor Hawes |
Microsoft Corporation |
Arun Kumar |
KPMG |
William Overell |
Overell Solutions |
Carlos Passi |
IBM |
Robert Shultz |
Hewlett Packard |
David Taylor |
Trintech Group Inc. |
Carol Zoellner |
Hallmark Cards Inc. |
|
|
Guests |
|
Alexis Dow |
|
Karen Rasmussen |
The Rasmussen Group LLC |
|
|
Technical Advisor |
|
John Van Decker |
Gartner |
|
|
Guest Presenters |
|
Stephen Barbarisi |
Oversight Systems |
Mark Converse |
Oversight Systems |
Robert Gregg |
ID Experts |
Tim Haveron Jones |
BMR Advisors |
Sanjay Mehta |
BMR Advisors |
|
|
FEI Staff |
|
William Sinnett |
|
Maria Zadravac |
|
I. Welcome
Ann Flatz, Global Accounting & Financial Services Controller for Intel Corp., welcomed the committee members to “The City of Roses.” She welcomed two FEI member guests:
· Karen Rasmussen, FEI’s Western Area Vice President and past Chapter President of FEI’s Portland Chapter, and
· Alexis Dow, past chair of FEI.
Ann said that Karen and Alexis had been invited to help build a stronger connection between CFIT and the local chapter.
Ann also welcomed two guest presenters, Stephen Barbarisi and Mark Converse of Oversight Systems, who would discuss Continuous Controls Monitoring. Ann said that Oversight Systems would host that evening’s dinner.
II. Call to Order
Chairman Bob Shultz called the meeting to order at 8:45 a.m. PT on Thursday, June 17, 2010. Bob thanked Ann Flatz and Intel for hosting the meeting. He welcomed the CFIT members and guests present.
III. Committee Business – December CFIT Meeting Minutes
Bob Shultz asked for comments on the minutes from the March 2010 CFIT meeting. There were no suggested changes. Upon a motion duly made and seconded, the CFIT Committee accepted the minutes of the March 4, 2010, CFIT meeting.
IV. Small and Medium Business Subcommittee Report
In the absence of Mahesh Shetty, Bob Shultz asked Bill Sinnett to present the report of the CFIT Small and Medium Business Subcommittee.
Bill said that CFIT’s Small and Medium Business (SMB) Subcommittee currently had two major initiatives:
· Software as a Service and
· The September 2010 CFIT meeting
Software as a Service
Bill said that the SMB Subcommittee had developed a panel to discuss “Software as a Service” for the IT Track at the 2010 FEI Summit. He said that the panel, moderated by Mahesh Shetty, had received a good attendee evaluations.
Bill said that the SMB Subcommittee had also provided input for a new FERF research report to be titled, “Software as a Service: Experiences of SMBs.” Mahesh had identified one of the vendors and a couple of companies to interview for the project.
September CFIT Meeting
Bill said that the SMB Subcommittee had made the following suggestions for the September 16 and 17 CFIT meeting in Minneapolis:
· The theme of the meeting will be “Technology for SMBs”
· Each subcommittee will have an opportunity to present on a topic. Suggested topics include:
Emerging Technologies (Bill Overell Chair)
“Cloud” presented by Eric Openshaw, Deloitte.
“FEI Technology Issues Survey,” John Van Decker
Business Technology Optimization (Art Alderson Chair)
“Voice over Internet Protocol” (VOIP)
Governance (Peggy Boissoneau Chair)
“Cyber Security”
Small and Medium Business (Mahesh Shetty Chair)
“SaaS-Human Resource Solutions”
Technology and Reporting (Taylor Hawes Chair)
“XBRL from an Analyst’s Perspective”
Bill said that these suggestions could be further discussed during the monthly CFIT conference call on Tuesday, July 6, 2010.
ACTION: CFIT Subcommittees are asked to suggest presenters and/or topics for presentations at the September CFIT meeting.
V. Governance, Risk and Compliance Subcommittee
Bob Shultz asked Margaret (Peggy) Boissoneau to present the report of the CFIT Governance, Risk and Compliance (GRC) Subcommittee, which Peggy chairs. Peggy said that the GRC Subcommittee was providing input on two FERF research projects.
The first project, Enterprise Risk Management: Insights & Operationalization, was being done by BMR Advisors. Peggy was a member of a focus group that provided guidance to the research team, and she said that the objective of the project was to help companies identify emerging risks and link contingency plans to strategic plans. (This research report would be released on June 17, 2010.)
The second project, Continuous Controls Monitoring (CCM), would be done by CFIT member Michael Cangemi and Bill Sinnett. Peggy said that UTC is interested in CCM, and uses Oversight Systems for their CCM program. She said that CCM can be used to monitor access controls and transactions in the Procure to Pay cycle, and can provide tremendous opportunities for companies.
Michael Cangemi said that he has developed a presentation for the Public Company Accounting Oversight Board (PCAOB), which has not yet paid much attention to CCM.
Peggy said that CFIT Technical Advisor Sri Ramamoorti had written an article for the April 2010 issue of Financial Executive magazine titled “Continuous Controls Monitoring can Help Deter and Prevent Fraud.”
Peggy said that she had provided a Power Point slide deck prepared by Sri on “Using CCM to Monitor Fraud Risk.” She said that the slide deck described his Fraud Life-Cycle Analytics Platform:
· Pre-Fraud: Identify Fraud Risks and Monitor Anti-Fraud Programs and Controls
o Scenario Analysis, Risk Assessment
o Continuous Monitoring of Fraud Indicia and Behaviors
o Penetration Testing, Ethical Hacking
· Fraud: Damage Control and Minimizing Fraud Impact
o Fraud Discovery and Analysis
o Fraud Investigation and Communications
o Litigation, Electronic Evidence Support
· Post-Fraud: Prevent Future Frauds
o Identify Controls Design Flaws
o Internal Controls Remediation
o Establish Responsive Monitoring and Auditing
Peggy said that she has not found one product that addresses all of these issues.
VI. Business Technology Optimization Subcommittee Report
Bob Shultz asked Art Alderson to present the report of the CFIT Business Technology Optimization (BTO) Subcommittee, which Art chairs.
Art reviewed the BTO Subcommittee’s Vision:
“The Business & Technology Optimization subcommittee will help FEI members understand the possibilities to optimize business processes and performance with technology.”
He then reviewed the BTO Subcommittee’s Mission:
“The subcommittee will act as a sounding board for members and technology providers, share best practices and provide communications to members through papers, presentations, articles and group sessions.”
Art said that the BTO Subcommittee holds a monthly conference call to discuss progress on its initiatives:
Corporate Performance Management
Art said that David Taylor and Ann Flatz presented on CPM (Corporate Performance Management) at the FEI Summit in April.
Art said that CPM could become Master Data Management. The primary question to address is “What are the key metrics that align with business strategy?”
Change Management
Ann said that after the Summit presentation, 10 CFOs from SMBs contacted her. She said that the topic of Change Management, including Policy, Process, People and Systems resonated with them more than CPM software. She said that Change Management could be a good topic for next year’s Summit. Arun Kumar added that one issue that large companies are dealing with is the new generation and how they use technology. He suggested a presentation on the new millenials for the Summit IT Track.
Teleconferencing
Art said that Garry Lowenthal is working with Mahesh Shetty on a presentation on Teleconferencing for the September CFIT meeting. He said that the September 2009 CFIT meeting included demos on two different teleconferencing solutions, Telepresence and Tandberg. Art added that Wal-Mart is testing Communicator by Microsoft.
Investment Optimization with the Cloud
Art said that Carlos Passi would present tomorrow on Cloud Computing and the four steps to virtualization. He said that this presentation would demonstrate how to optimize IT investment with virtualization.
Shared Services
Art said that Carlos Passi was looking at Shared Services, which includes both Business Process Outsourcing and Business Performance Management. Taylor Hawes said that Carol Zoellner was working on the intersection of the Cloud and Shared Services. Art said that he would invite Carol to a monthly conference call.
To recap his presentation, Art said that the BTO subcommittee will focus on:
· Change Management
· Investment Optimization and
· The Cloud
Art said that CFIT needs to be active at the chapter level to solicit new members. He suggested that each member of CFIT recommend three FEI members to join CFIT. Invitations should emphasize valuable information for the new members and their chapters.
ACTION: Bill Sinnett will draft a spreadsheet providing demographic information on the current members of CFIT.
VII. Technology and Reporting Subcommittee Report
Bob Shultz asked Taylor Hawes to present the report of the CFIT Technology and Reporting Subcommittee, which Taylor chairs. Taylor said that the Technology and Reporting Subcommittee is focused on five key areas:
IFRS and Technology
Taylor said that Bill Burns had drafted a white paper titled “Does Size Matter?” regarding adoption of International Financial Reporting Standards (IFRS). He said that Bill was working with Denise Cutrone of PriceswaterhouseCoopers on a series of Issue Alerts for FERF. Denise has contacts at companies with international operations who might be willing to be interviewed. Taylor said that the Issue Alerts will provide both high level concepts and practical guidance.
Art Alderson said that these Issue Alerts should explain:
· How IFRS will apply to your company;
· How technology can enable IFRS adoption; and
· The scope of IFRS and requisite staffing.
David Taylor said that Trintech would be able to help identify companies that have converted to IFRS.
ACTION: Bill Sinnett will work with Bill Burns and Denise Cutrone on a series of “IFRS and Technology” Issue Alerts.
How Technology Can Help SMBs
Taylor said that Carol Zoellner had asked members of FEI’s Kansas City chapter “What are your problems?” Based on responses, Carol had drafted a matrix titled “How can technology help SMBs?” He said that this grid listed “Tasks, Problems and Issues for the Financial Leader” on the y-axis, and “Technology solutions that might help” on the x-axis. Taylor said that Carol planned to focus on the Cloud and Outsourcing.
CFO Roundtables
Taylor said that FEI’s Fiscal Year 2011 budget calls for more conferences and CFO Roundtables, and FEI’s technical committees would be asked to provide content and resources.
David Taylor said that he would like to plan a series of quarterly CFO Webcasts that could be moderated by members of CFIT. The subcommittee would develop the structure, and would ask other members of CFIT for topics, such as change management.
ACTION: David Taylor with work with FEI to coordinate quarterly CFO Webcasts.
XBRL
Taylor said that Mike Willis plans to draft Issue Alerts for FERF on:
· The HMRC’s (the United Kingdom’s customs and tax service) XBRL Mandate; and
· Year 2 of the SEC’s XBRL Mandate (there have been misapplications of the XBRL taxonomy in SEC filings so far, and it has become a quality issue). This could be a best practices Issue Alert, and could be used for a joint Webcast with XBRL US.
Automating the Last Mile of the Close
Taylor said that a number of vendors, including Microsoft, Trintech and Clarity, have tools that can help automate the last mile of the financial close. He said that Microsoft would sponsor a research project that could compare and contrast these tools.
ACTION: Bill Sinnett will develop a research project on the Last Mile of the Close.
VIII. Emerging Technologies Subcommittee Report
Bob Shultz asked Bill Overell to present the report of the CFIT Emerging Technologies Subcommittee, which Bill chairs.
Bill said that the Emerging Technologies Subcommittee would “nurse” emerging technology topics until they became initiatives of other subcommittees.
Referring to his spreadsheet, Bill said that his matrix compares current CFIT subcommittee activity with FEI’s strategic goals. It also lists other topics not yet picked up by the subcommittees that the Emerging Technologies Subcommittee will follow. Bill said that one of these topics, The Cloud, would be the topic of a presentation by Eric Openshaw of Deloitte on “The Power of Pull” at the September CFIT meeting.
Bill asked each of the Subcommittees to send their suggestions for his matrix.
ACTION: CFIT Subcommittee Chairs should forward information about the topics that they are working on to Bill Overell.
ACTION: CFIT Subcommittee Chairs should look for ways to link their activities to the FEI Strategic Plan Goals.
IX. Technology Issues Survey
John Van Decker of Gartner joined the meeting by conference call to discuss the results of the 2010 Technology Issues Survey, and to discuss plans for the 2011 survey.
John said that the 482 responses to the 2010 Technology Issues survey were a good increase from the 267 responses to the 2009 survey.
John then reviewed the top 10 themes from the 2010 survey.
The CFO is a Major Technology Influencer
Q: To whom does your organization’s most senior IT executive report, and to whom to you think this person should report?”
John said that 42% of organizations responded that IT reports to the CFO, compared to 25% in Gartner’s CIO survey. John noted that this statistic provides a good perspective.
Q: What best describes who in your company makes technology investment decisions?
John said that the Technology Issues survey shows that the CFO has more clout than the CIO. He said that next year, we should ask “Does your organization have a CIO?” He added that next year, the questions in the two surveys could be more similar.
Leading Technologies to Impact Finance
Q: Are there any emerging technologies or other technology related issues that will directly impact your company or your industry in the next few years?
John said that the top technologies that would impact finance included:
· Web-oriented software, for the second year in a row, though the term may be misunderstood
· Cloud computing, which jumped up
· Social networking, which also jumped up, and
· Governance, risk and compliance, which is still high.
Art Alderson suggested that the survey should define some of these terms which could be misunderstood. John said that he would define each of these terms.
ERP Projects are Largely Successful
Q: How would you rate the completed ERP/financial management project in terms of meeting schedule, providing anticipated business value, expected cost and risk reduction/mitigation?
John said that 54% of respondents gave their completed ERP projects a successful rating, down from 66% in 2009. Carol Zoellner asked that the survey define successful.
CFOs Promote “Return to Growth” Strategies for IT
Q: How is the current economy changing the investments and plans for technology related initiatives?
John said that the top choice was “Investing in initiatives with competitive advantage,” which was also the top choice last year.
CFOs See the Critical Nature of Improving Data Quality
Q: How important are each of these technology issues to your organization?
John said that the top choice was “Improving data quality/information integrity so that finance, management and operational reports are consistent.” He added that we need to revisit the terminology that we use next year. David Taylor asked that we include reconciliation management next year.
CFOs Aren’t Yet Sold on XBRL
Q: How do you currently use or plan to use XBRL information?
John said that over 50% (53.3%) of the respondents said that they had not yet made a decision on how to use XBRL information. John suggested that we ask this question next year, but specifically ask whether the company planned to outsource XBRL processing. He said that there should be a call to action. David Taylor said that XBRL preparation could take several days, so companies would have to become more efficient in their financial close. Ann Flatz said that many companies would decide to bring XBRL preparation in-house.
CFOs Are Still Resisting Action on IFRS
Q: In light of the SEC’s road map for the transition to IFRS, in what time frame would your company plan to implement?
John said that the 46% who responded “Not applicable for my organization” could have been from privately-held companies. However, 30% responded that “All conversion activities to be deferred until closer to the required adoption date.” Ann Flatz said that she was on Intel’s IFRS planning team, and that Intel will need a new General Ledger for IFRS, to be included in a new ERP system. She said that it would take 30 months to implement the new ERP, so companies should start adoption preparations in 2011.
CFOs View Profitability Management as the Top Technological Constraint
Q: Please rank the top three areas in which you believe your organization is most constrained by a lack of appropriate technology solutions.
John said that “Measuring product and customer profitability” was the top choice for the second year. He added that most organizations cannot allocate expenses to customers or products.
CFOs Focus on BI and CPM Investments in 2010
Q: How would you grade the relative maturity of your management information environment in terms of its ability to readily provide relevant analyses, decision making and management reporting information?
Exceptional |
2.0% |
Superior |
21.8% |
Average |
56.4% |
Poor |
18.8% |
Failing |
1.7% |
John said that these results were similar to those of last year, but there has been some year over year improvement.
Outsourcing Implementations to Grow 24%
Shared Service Implementations to Grow 23%
John discussed his goals for the 2011 Technology Issues Survey:
· Consistency with the Gartner CIO Study
· Leverage 2010 study
· 30% increase in responses
· 10% decrease in questions
· Less preparation needed to ensure survey completion
· Move from Survey Monkey to internal Gartner support
· Launch October 1
John then discussed his timeframe for the 2011 survey:
· August 1: Determine survey vehicle
· August 1: Draft survey
· September 1: Finalize survey
· October 1: Launch survey
· January 15: Close survey
· April 15: Finalize research report
Ann Flatz asked that the current survey be reduced because it was too long. Bill Overell suggested getting rid of those questions that required advance preparation.
Bill Sinnett said that the FERF Research Committee will meet by conference call on Thursday, August 19, and CFIT should have an opportunity to review the revised survey before then.
Ann Flatz suggested that we communicate how the survey helps members. Bill Sinnett said that he would draft an article for the September issue of Financial Executive magazine on the value of the Technology Issues survey. He asked CFIT members for quotes on the benefits that they receive from the survey results.
Art Alderson suggested a similar article for the monthly FEI Toolkit (which used to be called FEI Spotlight).
ACTION: John Van Decker will submit a draft 2011 Technology Issues survey by August 1.
ACTION: Bill Sinnett will interview CFIT members in July for an article for the September 2010 issue of Financial Executive magazine.
X. Continuous Transaction Monitoring
Bob Shultz welcomed Mark Converse, Director of Sales and Business Development for Oversight Systems.
Mark first discussed trends in Internal Audit:
2009:
· Cost of Compliance Focus
o Resource reductions (by 25%)
o Outsourcing considered
o Technology leverage considered, but delayed
· Increased Board Activity
o Overall risk exposure
o Specific risk initiatives
2010:
· Value Creation/Continuous Improvement
o Fact-based, data-driven
o Advise the business
o Enable the business
· Automate “Low Value” Tasks
o “More with less”
o Focus on high value, bottom line results
o Leverage advanced technology
Mark then discussed the benefits of continuous transaction monitoring
Compliance Benefits and Risk Improvement
· In-process, real time controls
o Extend existing system controls
o Replace, automate post transaction audits
· Gain visibility/accuracy into business
o Policies
o Stakeholder behaviors
o Process improvement
o Financial accuracy
· Audit Automation
o Expanded use of data analytics
o Detect fraud early
Operational Benefits
· Deliver bottom-line results
· Automate “lower value” tasks
· Real time continuous improvements
· Detect issues early
XI. Enterprise Risk Management
Sanjay Mehta of BMR Advisors joined the meeting by conference call to present the results of BMR’s research project on “Enterprise Risk Management: Insights & Operationalization,” which was done for FERF.
A Perfect Storm
Sanjay said that ERM has been a topic of discussion and analysis since the mid 1990s, but today’s economic turmoil has thrown risk management into sharper focus. He added that regulatory developments, such as the introduction of SEC rule 22-9089, act as catalysts for ERM adoption.
Focus on Practical Implementation
Sanjay said that rather than review theoretical frameworks, FERF and BMR agreed that this study should interview company ERM managers to learn how ERM is actually being implemented. ERM managers interviewed were primarily from Fortune 500 companies.
Current State of ERM Implementation
1. There is a broad consensus as to the purpose of ERM: ERM exists to make risks more visible before they impact an organization.
2. The typical ERM program is still in an early stage of development
3. The “drivers” of ERM programs fall into three main categories:
a. Proactive decision
b. Reaction to events
c. Requirements of regulators
Two Types of ERM Programs
1. Enterprise Level: Programs that take a mainly strategic view of risk, and manage it in a qualitative way, and
2. Enterprise Wide: Programs that take a more financial/operational view, and manage risks through quantitative control
Organization of ERM Functions
· Ownership of risks must be with the business, not with the ERM team
· Functional ownership of ERM process is less important
· Small ERM teams can introduce a risk all of their own
· Role of ERM function is different in each company
· Risk culture drives engagement, which drives success
· ERM is generally believed to have very “long arms”
XII. Managing Cyber Risk
Bob Shultz welcomed Bob Gregg, CEO of ID Experts Corp.
Bob Gregg described some of the major Web 2.0 threats:
· Spam
· Phishing and Spear Phishing
· Social Engineering
· Scrapping
· IP Infringement
· Unauthorized Access
· Malware
· Fraud
Bob said that the participants in the Internet Security Alliance (ISA) agree that “the single biggest risk involving cyber security is ignorance.”
Bob suggested that we shift our focus from considering cyber security as a technical-operational issue to an economic-strategic issue. He added that cyber security has historically been viewed as a cost, but he said that it should be viewed as an investment.
Bob participated in a research project of the Internet Security Alliance. This project resulted in a publication titled “The Financial Management of Cyber Risk: An Implementation Framework for CFOs.”
Bob said that this document outlines an enterprise-wide process to attack cyber security broadly and economically. It includes:
· CFO strategies;
· HR strategies;
· Legal/compliance strategies;
· Operations/technology strategies;
· Communication strategies; and
· Risk management/insurance strategies.
Bob concluded his presentation by saying that:
· Cyber security is an enterprise problem, not an IT problem.
· The risk is growing rapidly.
· The CFO is the best person to own and manage all aspects of the risk.
· Cyber security should be a strategic investment.
XIII. Cloud Computing and Smarter IT Delivery
CFIT member Carlos Passi, Assistant Controller, Business Transformation for IBM, quoted statistics from Morgan Stanley’s 2010 CIO Survey (of 50 CIOs):
· CIOs plan to virtualize 55% of their production service environment next year, up from 42% today;
· By next year, half of the CIOs surveyed plan to virtualize more than 10% of their PC environment; and
· 56% of CIOs plan to increase storage spend next year, based on their virtualization plans.
Carlos defined Cloud Computing as:
“Convenient, on-demand access to standardized offerings:
· Rapidly provisioned,
· Flexibly priced, and
· Elastically scaled.”
Carlos then described some of the attributes and benefits of Cloud Computing:
Standardization
· Internet Access
o Access anywhere, anytime
· Metering and billing, with flexible pricing
o Improving cost transparency
o Offering more flexible pricing schemes
· Service catalog ordering
o Enabling self-service, consumer concerns are abstracted from provider concerns through service interfaces
Automation
· Elastic scaling
o Optimizing IT resources utilization
o Increasing flexibility
· Automated provisioning
o Reducing IT cycle time and management cost
Virtualization
· Advanced virtualization
o Providing more efficient utilization of IT resources
o Reducing hardware cost through economy of scale
XIV. 2011 FEI Summit
Bill Sinnett said that the 2011 FEI Summit will be held at the Arizona Biltmore in Phoenix on April 4 and 5, 2011. Bill said that FEI has asked CFIT to develop a program for an IT Track. Longview Solutions, the sponsor of the 2010 IT Track, is close to making a decision to sponsor the 2011 IT Track.
Bill asked the members to suggest possible topics for the 2011 IT Track. He added that the traditional Summit attendance is primarily members from Small and Medium Businesses.
The Summit Program Committee approves speakers and presenters for the FEI Summit. Bill will attend meetings of the Summit Program Committee, and he will discuss CFIT’s ideas for the IT Track during their first conference call, to be held in late July.
ACTION: Members should send ideas for topics for the 2011 IT Track to Bill Sinnett.
XV. Future Meetings
September 16 and 17, 2010
Gary Petrangelo of Japs-Olson Company will host the September 2010 meeting in Minneapolis.
December 9 and 10, 2010
Carol Zoellner of Hallmark Cards will host the December meeting in Kansas City, Missouri.
XVI. Adjournment
The CFIT meeting was adjourned at 1:30 p.m. ET on Friday, Ju
[print version]