Monthly Archives: November 2015

101 Procurement Damnations – We’re Almost There!

Our upcoming post chronicles our 80th Procurement Damnation that you, as a Procurement professional, have to deal with on a regular, if not daily, basis. That’s a very large number of damnations and we’re still not done! As per our halfway post, the damnations we’ve chronicled to date aren’t the only pervasive damnations that get in your way and pester you on a daily basis! We still have 21 damnations to go!

However, before we start the final stretch, we thought it would be a good idea to summarize the list to date so that you could go back and review any posts in the series that you might have missed during your hectic conference season as this is SI’s biggest and most aggressive series to date, much longer than both the 15-part “Future” of Procurement series and the 33-part “Future” Trends Expose series (that followed) combined and double the length of the maverick‘s 50 Shades of Pay series (assuming it gets completed) which, to date, only has 14 parts up and available for your reading pleasure.

There’s more that could be said, but as we’ve already said so much and still have so much more to say, without further ado, here are the links to the first 80 for your reviewing pleasure.

Introductory Posts

Economic Damnations

Infrastructure Damnations

Environmental Damnations

Geopolitical Damnations

Regulatory Damnations

Societal Damnations

Organizational Damnations

Authoritative Damnations

Provider Damnations

Consumer Damnations

Technological Damnations

Influential Damnations

Bonus Posts!

There’s No Return on Customization.

the doctor does not attend many events, but hen he does one thing he regularly hears is Company B saying that there is no platform that meets there needs so they are buying Solution S from Company X and customizing it through the vendor or a third party.

Before one more organization does this, the doctor needs to scream DON’T! In this day of age there is no return on enterprise software customization … no matter what the vendor or 3rd party may tell you.

Why?

1) Time to Delivery

If the functionality is truly valuable, by the time it is delivered, another vendor is sure to have equivalent functionality on the market ready and waiting for your implementation.

2) Up Front Cost

Custom development is a huge cost — which may never be realized given the average IT project failure rate and the average return.

3) Maintenance Cost

Out of the box functionality is covered under standard warranty and standard maintenance agreements — custom modifications usually require high hourly rates to contract scarce development talent for as long as is needed to fix any bugs or do any required upgrades.

4) Delayed Upgrades

While everyone else gets upgrades and new, free, features on the provider’s schedule, you get to wait and wait and wait until the talent has the time to address, and complete, the necessary upgrades to the custom modifications you made to allow the base system to be upgraded — this can be months (or years) and efficiency losses will add up on a daily basis!

When you put it all together, the costs will typically outweigh the benefits. So put the effort in to finding the right vendor with the right system and when it comes to customization, just do NOT do it! The only company that profits off of customizations is the vendor doing the customizations, because they are the company at the bottom of the money pit while their clients keep shovelling the money in.

Seventy Five Years Ago Today

Disney released Fantasia, which contains The Sorcerer’s Apprentice, Mickey Mouse’s designated comeback role at the time. (Yes, even the great Mickey Mouse once needed to make a comeback.)

A modern classic, which is the American Film Institute’s 58th greatest American film, it contains a classic story line that is very important to modern enterprise professionals, and procurement professionals in particular, everywhere.

Simply put:

You cannot successfully employ the tricks of the master until you gain mastery yourself.

And, furthermore:

Trying to automate a process you cannot control will simply flood you.

For those of you who haven’t seen The Sorcerer’s Apprentice, Mickey decides that the best way to accomplish his chores is by animating, and then replicating, a broomstick to gather the water from the pool, carry it to the castle, and clean the floors. He does the classic set-it-and-forget-it, takes a nap, and the unintelligent automatons keep going and going until the castle literally floods, putting Mickey in quite a pickle of a situation until the Sorcerer comes home to undo the mess Mickey created.

In the modern enterprise, even if you are overwhelmed by a task, you can’t simply install the first piece of technology that comes your way to automate the task and expect the situation to improve if you don’t first understand what is required, define the right process, and make sure the right process is implemented, a bad situation will quickly become worse, much worse. For example, instead of having ten thousand invoices that can’t be adequately processed, a poorly implemented e-Invoicing solution will give you ten thousand invoices that are queued waiting for manual review and validation before they can be exported to the payment system. Instead of not having time to process the invoices between payment, and overpaying by about 1.5% on average (due to duplicate invoices, overcharges, and payments for goods not delivered), the organization can’t pay the majority of suppliers at all, and supplier sentiment goes from amicable to full fledged animosity in just a few months. (And your SRM efforts go down the toilet.)

If you haven’t watched The Sorcerer’s Apprentice, the only segment of the original Film that was included in Fantasia 2000, find 8 minutes and do so. The power of today’s technology is terrific, but never let technology replace wisdom.

Technological Damnation 76: Cybersecurity / Cyberattack

Recently we discussed technological damnation 78: e-Privacy, where we hinted at the difficulty of maintaining privacy in an era where keeping the data encrypted and secure is getting harder by the millisecond. We followed that with a discussion of technological damnation 92: data loss that noted that intrusions are hard to trace and like privacy, loss prevention requires secure, encrypted, digital vaults that, with advances in computer technology, often get less secure by the millisecond, starting the millisecond they are implemented.

But the damnation of cybersecurity goes well beyond (e-)privacy, which consumers are very concerned about and data loss, which your C-suite is concerned about, to fraud, sabotage, and fear.

Fraud

A cyberattack might be perpetuated to steal customers’ data, especially if it has value (because it contains credit card numbers, health records that snake oil charlatans can use to target desperate people, or incriminating information or photos); to steal proprietary data (that a competitor would pay a pretty penny for); or to covertly steal company funds by inserting false supplier records into the e-Payment system (that would allow fake invoices to be automatically approved by the e-Payment or e-Procurement system) or accessing a company’s bank account through the bank integration so that the hacker can ACH the funds to another account controlled by the hacker that will allow the hacker to electronically wire all of the available funds to a bank account in a country where the funds cannot be recovered.

Sabotage

A cyberattack might be perpetuated to take down core systems that run production lines, as modern production lines are software controled and the right malware can physically damage equipment by causing it to overheat or operate beyond safe parameters. Damaging a multi-million production line, taking down a power grid, or contaminating multiple batches of product can shut a company down for weeks and do considerable financial damage to the company in the short term, and reputational damage to the company in the long term as it struggles to recover from an inability to meet its customers needs for a prolonged period of time and keep its operations safe.

Fear

A successful cyberattack can install fear in a company and its upstream and downstream supply chains all the way from the company that mines or produces the raw materials that are consumed by the company to the end consumer that buys the products. Sometimes that’s enough to do significant damage.

Defense

Defending against a cyberattack is nigh impossible. You don’t know when it’s coming. You don’t know where. You don’t know what zero-day vulnerability the hacker is going to try and take advantage of. You don’t know what communication lines the hacker is going to use and what machine they are going to try and route through. Can you encrypt everything? Secure every line? Patch every known security hole on every machine? And insure that not a single employee can be socially engineered to accidentally give a hacker any additional information to help the hacker in her quest? Defense is almost impossible.

As hinted at in our previous damnation posts on e-Privacy and data loss, cyberattack and cybersecurity is a damnation that is becoming more damning by the day.

Technological Damnation 90: Open Source

When it comes to software, proprietary madness (Part I and Part II) is one damnation — but open source, the other side of the coin, is another.

This is another damnation that is probably making you huh?, because it seems that open source, which not only give us free software, but some of the best software out there, should be a great thing, and it is, but from a Procurement point of view, it’s a damnation. Why?

How do you cost it?

There’s no such thing as a free lunch, and where open source is concerned, this is a free lunch at the Bawabet Dimashq Restaurant where you have to wash the dishes — for the entire floor (that contains 6,014 seats) all by yourself! Unlike most proprietary software which comes with a warranty, a maintenance plan, and support, open source simply comes with a license that says you have to right to use it if you see fit, but you waive all warranties and liabilities while doing so. If it is broken, you can ask the community for help fixing it, but you might have to fix it. You have to maintain and update it. You have to install it. And in some cases, you have to even compile it! That takes development manpower — and sometimes lots of it. Whereas all you might need for vendor provided software is an admin to create and maintain accounts, you might need a dev team backing up the open source.

How do you protect it?

Chances are you will find something that doesn’t quite do what you need, or that needs to be fixed, and will have to fix, and augment it. Under the terms of most open source agreements, any modifications you make must also be open source and released, so if you want to do any custom upgrades, you better be prepared to give them away for free. At least with proprietary technology, you can always negotiate with a provider for custom developed technology exclusive to you.

How do you defend your investment against it?

Maybe the best choice today is that proprietary enterprise software license that costs you high six or low seven figures for enterprise wide deployment — but which should net you a nice return based upon the value you expect to get from it under the assumption that the vendor’s promises will materialize. However, you will only get the advantage you expect in the market if your competitor cannot get a solution for any less. What if an open source with equivalent, or better, capability hits the market next year and the only cost is the cost of training or a few consultants to implement it plus an ongoing system admin after that? If your competition can get equivalent software for a fraction of the cost in a year, will you net your return? And will you be giving up a greater return by locking into proprietary software now when the open source that could materialize in the near future might even allow your organization to take an accelerated path to savings?

Just like proprietary madness, open source is also a technology damnation. When it comes to technology, it’s damned if you do and damned if you don’t.