Hiperos – It’s So Hip To Be Square with 3rd Party Management! Part II

Hiperos provides a SaaS platform that allows an organization to manage the entire 3rd party lifecycle, which consists of registration, data collection, segmentation, control automation, assessment, management, and collaborative issue resolution.

Hiperos includes your standard SIM (Supplier Information Management) functionality that allows for supplier self-service registration and profile maintenance and data integration from third party sources. On top of that it implements a user-configurable rules-based workflow that allows third-parties to be segmented into different buckets that represent the different programs that they need to be subjected too – be it FCPA, REACH, WEE, HIPPA, or some other type of compliance or monitoring program. Each bucket has its associated monitoring rules that notify the third party when more information is needed and that automatically alerts the user when a violation is detected or when information is not provided by the third party in a timely fashion. Assessments are automatically run every time new data becomes available and can be run by a user at any time. The fact that all relevant third party information is available at all times allows users to pro-actively manage third parties, and associated risks, and then either work with third parties to mitigate risks, if the potential infraction can be corrected, or cut them loose if the risk of association is too great (because they showed up on a denied party list or use child labour in their supply chain).

The application, which loads the default user-defined dashboard, allows a user to manage third parties, engagements, relationships, products, and programs and to define programs, vendor communities, reports, and analytics.

The dashboard is multi-tabbed and allows a user to define relevant views on each of the application areas defined above, as well as a default dashboard that allows the user to see the information most relevant to him or her. At the top of the dashboard is a link to current action items that allows a user to quickly see what needs to be done in third party management, engagements, programs, etc. The dashboards can be configured using hundreds of pre-defined (reporting) widgets or the user can define their own widgets by defining appropriate reports in the reporting module. And the user can bring in real-time news and data feeds from sites of interest.

The application can track any compliance, performance, sustainability, or risk data elements of interest and, like any good SIM platform, is preconfigured to track hundreds of relevant data items, depending upon the programs you define as relevant for a given compliance, performance, or risk program (which minimizes the amount of configuration required to track custom fields). And not only is all relevant data available from any view that is program or user defined, but it’s all interlinked so a user can click on a third party included in a program, see the relevant report(s), and then dive into the third party data management screen to examine the raw data elements, and then run a report on just a data subset.

Program definition is flexible and allows for any type of compliance, risk, sustainability, or performance program you can think of. In addition, the fact that Hiperos also supports contract meta-data and third-party data feeds allows financial impact reports to be generated. That way, a user always knows what the impact of a third-party falling out of compliance is to the organization. Knowing that a tier-one supplier might be buying from a tier-two supplier that might be using child labour is one thing, but knowing that the organization is spending 20 Million across 5 categories on that tier-one supplier is something else. In the first case, the supplier is put on the “investigate” list and someone gets around to it when they get around to it. In the second case, the user knows that it is a high priority and an investigation has to be started immediately as the public backlash will be extremely damaging to the organization if it gets out that 20 Million is being spent on products and/or services that were partially produced by child labour.

Hiperos has also included extensive color-coded geo-mapping capabilities so that you can quickly see, for any program, where the highest risk areas are globally and dive in. While Hiperos is not the first company to do this, they have latched on to the fact that the visual representation of risk or non-compliance by region allows one to quickly see what regions have to be monitored. This allows resources to be properly applied, especially since proper monitoring will typically require subscriptions to appropriate data feeds for those regions.

The Market Intelligence capabilites are quite extensive too, and they have pre-configured watch-lists, diversity monitoring, parent-subsidiary monitoring, subcontractor monitoring, REACH/WEE monitoring, and dozens of other feeds of interest which can be enabled as required by the client.

And the analytics piece supports the full suite of slice-and-dice capabilities found in most sourcing products today, so that you can dive into the data and find out which suppliers, categories, or programs represent the highest risk to your organization.

There’s quite a bit of data, and the application can be quite busy at times, but Hiperos has one thing right, where compliance is concerned, it’s Hip to be Square.

Hiperos – It’s So Hip To Be Square with 3rd Party Management! Part I

When we last checked in with Hiperos, they had evolved from a Risk Management platform to an “Extended Enterprise Management” platform that integrated Contract Management, Compliance Management, Performance Management, and Sustainability Management into a 360° solution platform for an organization that wanted to get these various facets of risk under control.

However, as they have continued to roll-out their platform and work with clients in different verticals (beyond finance, which was their initial core strength and where they appear to be dominating the market), they have found that as enterprises get their internal(ly controlled) risks under control, their clients realize that typically the biggest risks they face are from their suppliers and vendors who provide then with all sorts of direct and indirect product and services. As a result, 3rd Party Management (3PM) has become critical to their operational success. How critical?

Consider these statistics. Forty-four percent of data breaches involve third parties, and the most expensive data breach has cost 35.3 Million dollars to resolve. And while this is atypically high, a data breach will cost an organization millions to resolve (as even the cheapest data breach cost $780,000). And if there turn out to be traces of blood money or drug money in your supply chain, it could cost you as much as $160 Million to settle the resulting probe. In short, 3rd Party Risk, if not properly managed, is likely to end up costing your organization millions. The only question is when.

And if you believe that preventative spending to manage risks that might not happen is unwise in this economy, consider this. Organizations that implemented Hiperos 3rd Party Management saw a 75% reduction in customer impact incidents due to sole sourcing. One organization was able to eliminate a seven-figure spend of 4 Million in annual subscription fees that it was paying just to insure that it wasn’t using blacklisted or banned suppliers (and that it wasn’t working with suppliers who were known to bribe and/or be involved in anti-corruption investigations) as the Hiperos 3rd Party Management solution contained all the functionality they needed. And, overall, Hiperos’ clients saw a 300% increase in the assessment of 3rd parties with a high-breach potential — allowing them to be vetted or eliminated before a costly incident occurred.

And this is jus a short-list of costly compliance and reputational risk facing an average organization that operates globally and has to deal with ISO, SAS 70, Anti-Bribery, Anti-Money Laundering, FCPA, SOX, OCC, CFPB, REACH, WEEE, OSHA, HIPPA, and W9 security and reporting obligations, just to name a few. A third party management solution tracks all of this, and more.

So what does Hiperos do to help you with your 3rd Party Management? Stay Tuned for Part II.

Robotistan, I Think Not!

In a recent post over on Horses for Sources, Jim Slaby gives us Greetings from Robotistan, outsourcing’s cheapest new destination, and tells us that software robots are going to replace outsourced labour.

According to Jim, you will soon be able to have your own business process analysts create software robots to do the work instead of outsourced labour because you can get the robots up and running in five months and they will do the work for less than half the cost of Indian FTEs.

His rationale, the existence of a UK startup by the name of Blue Prism that makes a software development toolkit and methodology that lets non-engineers quickly create software robots to automate rules-driven business processes.

Pretty flimsy. For starters, here are the caveats that he finds:

01. The process must be repetitive back-office and not require human judgement or much exception handling.
Which probably limits it to data entry, account review, and creation of initial online access credentials.

02. IT buy in is required.
For starters, the software requires a virtual machine cluster. And the maintenance of such adds to what is probably already an excessive workload.

0.3 There is a learning curve.
It typically takes two to four months to master the tools to model, automate, test, and optimize the robots, according to Jim.

And this is just the beginning. Yes, a large wireless carrier and a major BPO services provider may have found some limited success, but you can’t overlook the facts that:

04. When you scale up, any unhandled exception has the potential to effectively crash the system.
Let’s say you created a robot for account review, a prime example for the technology as indicated by Jim, and you define an exception as any new account under a year that is overdue more than 10 days. Let’s say you are a wireless carrier, which typically has relatively high customer turnover thanks to the fact mobile numbers are portable, and you run the robot on a small test set of 1,000 records and only come up with 10 exceptions. You think it’s great and set it loose on the system with millions of subscribers, but fail to realize your sample set was abnormal and the exception rate is actually 5% and not 1% (and that you failed to insure the less than one year test was properly coded) and all of a sudden you get a queue with 100,000 exceptions that need to be manually processed. Chances are the robot will crash when the manual reviewer tries to load the entire queue!

05. BPM software is currently the be-all, end-all of bloat-ware, especially when you’re trying to create an “AI” application.
As a result, the amount of memory, processing power, and storage required to automate even simple queues is exponentially more than what would be required by an application set up to support a human. And while processing power and storage is still doubling on a regular basis, Moore’s Law is coming to an end as we are close to hitting the point where quantum uncertainty will prevent us from shrinking chips any further. This means that, as you try to build more sophisticated robots, the number of machines you require will double, quadruple, octuple, etc. until the cost to run the hardware will exceed what you could pay a human to do the same task in an emerging market (because machines require energy and energy costs and they are going nowhere but up). And, unlike the machine, the human won’t have to push every tenth transaction to the queue for someone else to process as she’ll know how to deal with the majority of transactions by the virtue of her intelligence, dedication, and desire to keep her job and have a better life.

Software is going to continue to get more powerful, and it is going to continue to automate more data processing, and continue to minimize the amount of data that requires human review, but human review is still going to be required and we’re not going to replace humans in any process that matters any time soon. We might reduce the number of humans we need, but we won’t eliminate the need for them or replace them with robots just yet.

And anyone that disagrees with me can bit my gloomy fleshy ass. 😉

So Hip to Be Square

I used to be a renegade, I used to fool around
But I couldn’t take the punishment, and had to settle down
Now I’m playing it real straight, and yes I data share
You might think I’m crazy, but I don’t even care
Because I can tell what’s going on

It’s hip to be square
It’s hip to be square

I like my news from business suites, I get it on the ‘Net
I’m watching risk most everyday and tracking what I get
They tell me that it’s good for us, but I don’t even care
I know that it’s crazy
I know that it’s nowhere
But there is no denying that

It’s hip to be square
It’s hip to be square
It’s hip to be square
  So hip to be square

It’s not too hard to figure out, you see it everyday
And those that were the farthest up have gone the other way
You see them on the market, It don’t look like a lot of fun
But don’t you try to fight it; “An idea who’s time has come.”
Don’t tell me that I’m crazy
Don’t tell me I’m nowhere
Take it from me

It’s hip to be square
It’s hip to be square
It’s hip to be square
  So hip to be square

Here, There, and everywhere!
Hip, Hip, so hip to be square!
Here, There, and everywhere!
Hip, Hip, so hip to be square!

… and practice 3rd Party Management!

Stay Tuned! All will be explained.

Iasta: Smart Source-Style! Part II.

To the tune of Gangnam Style.

Sourcing Smart-Source Style.
Smart-Source Style.

Sourcing platform for users and bosses too. Sweet.
SaaS on the cloud, always on, real-time reporting complete. L33t.
Analyze this. Auctions, Performance. Real time data.
Optimize It. Contracts, and vendor schema.
One. Two. Smart-Source Success!

In Part I, we covered the first three significant changes to the Iasta platform since we last covered Iasta in depth on SI three years ago. Today, we cover the remaining significant changes.

Extensive Support for Third Party Data Feeds
Realizing that no analytics platform is complete without the ability to enhance the data with supplementary data that makes it meaningful (like index data for raw materials / components, inventory cost data from an ERP, services spend from a third party management [3PM] system, etc.), Iasta has developed native in-house capabilities to pull in data from a plethora of ERP/MRPs, e-Procurement/P2P systems, and third-party data feeds (like D&B, etc.) as well as custom feeds from sources you already use.

P2P Integration Capabilities
Iasta knows that the best sourcing event is all for naught if the sourcing plan, ultimately embedded in a contract, is not properly implemented and followed through and 40% of the negotiated savings leaks and goes down the drain. Thus, they have developed powerful P2P integration capabilities in-house and can suck in all of the transactional data from your e-Procurement and/or P2P systems, map it against your contracts, and let you monitor spend in near-real time as the contract progresses. This way, if the contract is being neglected, the buyer can detect that after the first or second purchase, and not three years down the road during the re-sourcing event when all of the negotiated savings have been lost due to maverick spending or dishonoured discounts and/or rebates on the part of the supplier.

Customizable Reporting and Dashboards for Users and Executives
While Iasta, like other (e-)Sourcing and (e-)Procurement providers has always had sourcing dashboards, by module and by suite, it has developed the ability for users to create their own dashboards using pre-configured reports and widgets, custom reports (which can be created by its custom reporting engine), or existing dashboard templates. Most clients don’t, choosing to have Iasta do it for them, but the extensive reporting and dashboard configuration capabilities allow Iasta to create extensive summary dashboards to meet any need or desire in a matter of hours. Buyers can see what they need to see to be most effective on a daily basis, supervisors can see what they need to see to make sure all of their buyers’ programs are progressing appropriately, and high-level executives can get their traditional 6-gage 30,000 foot view dashboard and see that everything is, or is not, under control.

A Broader Services Offering
Iasta is finding what many other software and services providers are finding, that most organizations that (still) don’t have a (modern) (e-)Sourcing platform don’t have the resources to manage one, the skills to fully apply one, or the support to acquire either. The fact that an average organization still is not hiring or putting money back in the training budget means that a new supply management software acquisition is not beneficial to an organization without vendor or third party support. Due to the lack of talent, and training, most of the advanced functionality ends up being shelf-ware unless it’s used by an appropriately knowledgeable third party. So, like BravoSolution, Iasta has extended their suite of services and are now doing as much, or more, services work than software support. In addition to being able to fully manage events, they can fully manage sourcing programs, spend analysis efforts, integrations with P2P or ERP systems, and training efforts.

Other changes include enhanced category management and sourcing pipeline management capabilities, built-in trend reporting and variance analysis, geographic reporting, enhanced project management with milestone-level tracking, and built-in supplier scorecards.

It’s an extensive suite, and exemplative of why Iasta is now a clear-leader in the e-Sourcing mid-market.


We are the Priests of the Temples of Syrinx
Our great computers fill the hallowed halls!