Virtualization Technology News and Information
VMblog Expert Interviews: Agiloft Talks IT Risk Management Fundamentals for the Digital Age

Agiloft QA 

VMblog recently spoke with Colin Earl, the founder and CEO of Agiloft, who shared his expertise around topics that are related to IT risk management fundamentals and how to mitigate those risks in the digital age.

VMblog:  What are the biggest IT risks for enterprises today?

Colin Earl:  Potential IT risks continue to grow in number and complexity with the rapid pace of technology. Today's legacy business processes regularly expose enterprises to risks that could result in reputational damage, fines, financial losses, legal liability, and unhappy customers. The top risks for enterprises include:
  • Data Security: Security risks are a top-of-mind issue for all enterprises today. Data breaches that expose consumer data and break trust with customers are a CEO's worst nightmare. Whether it's valuable IP, pricing information, or confidential customer and employee data, once the perimeter is breached, the potential damage is catastrophic.
  • Compliance and Governance Failure: Another major risk involves managing compliance. Whether it's HIPAA, Sarbanes-Oxley, or GDPR, businesses are challenged to meet a variety of changing regulatory requirements, which inevitably require new IT systems and policies to manage. Just as damaging are failures in governance, where there are no systems in place to keep track of and enforce a company's own internal policies.
  • Implementation Failure: Any software implementation exposes a business to a certain level of risk. Traditional, code-heavy solutions come with an enormous price tag, take many months or years to deploy, and their prices increase as more and more custom code is required to keep the system running. And for most companies today, their business applications require extensive custom coding for changes. As a result, changes take a long time and frequently introduce bugs, which must be tested for, further extending deployment time frames and technology risk failure.

VMblog:  How have those risks changed recently?

Earl:  IT systems are at the heart of just about every business activity today, and an increasingly connected world exposes organizations to several hidden threats. For example, if your company stores contracts and other documents with confidential information on individual computers, you are basically sending an open invitation for theft.

Additionally, the quickening pace of modern commerce generates all kinds of risks, which enterprises must work overtime to guard against. As regulations multiply, so do the chances of a compliance failure, which can cause enterprise-threatening damage from big fines to lawsuits and even criminal prosecutions.  

VMblog:  How do companies know if they have a problem?

Earl:  Organizations operating on legacy systems that are too busy putting out fires to implement a new system are at extreme risk of IT failure. This is also a strong indicator that your business processes need improvement. It's easy to get caught in the trap of only responding to urgent tasks, especially when they seem to bury the business. But if you do not take time to address the root problems, like improving efficiency and the costs of managing compliance, then you will never solve the larger process issues that are causing these fires in the first place.

VMblog:  How can they mitigate those risks?  What step should companies take first?


Data Security: Enterprise must take a strategic approach to IT security that identifies threats, protects sensitive information, and keeps critical systems running. The best enterprise software gives organizations the ability to carefully control access to data. A contract and commerce lifecycle management (CCLM) system that manages access with well-defined permissions is critical to ensuring data security. For instance, Agiloft offers secure interfaces for vendors, providers, and internal staff with the ability to define precise access controls down to the field level such as contract value, workflow status, location, and any other desired group or individual permissions. In addition to standard CLM features like two-factor authentication and data encryption, these features can ensure your most valuable IP, customer data, and contracts don't end up in the wrong hands.

Compliance and Governance Failure: If you are attempting to monitor compliance manually, you are exposing your company to tremendous risk of compliance failure. Contract management software simplifies the process by digitally auditing current contracts to ensure they have the appropriate clauses related to data privacy, arbitration, confidentiality, or other regulations that affect your business. Agiloft helps you build compliance into your current business processes as well as integrate with other existing systems vital to those processes.

Chevron's approach to Sarbanes-Oxley is a good example of a company that automates management of complex compliance requirements. As one of the largest energy companies in the world, Chevron must document every change in its accounting process to comply with Sarbanes-Oxley requirements. Chevron uses Agiloft process automation software to automatically track and enforce all change requests, providing auditable records. Since the process from entry to reporting is completely automated, it frees up staff for more productive activities and nobody worries about manual errors or inaccuracies.

Implementation Failure: Many business leaders and IT professionals face an uphill battle when thinking about how to complete successful IT projects. To help mitigate software implementation risks, start by asking your vendor to take on some of that risk through a guarantee on software and services. After all, if the vendor is not able to guarantee their work, how can you trust that they will deliver the product you want? The value of the guarantee is not that you'll get your money back, it's that you won't need to ask for it. While rare in the industry, this type of guarantee is worth seeking out as it can greatly reduce the risks of implementing automated software that can defend against today's technology risk failure. At Agiloft, we offer our customers a 100% satisfaction guarantee on both the software licenses and services. If a customer is not satisfied with the results or wants to cancel for any reason within 90 days of purchase, they pay nothing. Over 27 years and thousands of implementations, the guarantee has only been invoked three times.


About Colin Earl

Colin Earl is the founder and CEO of Agiloft, a Silicon Valley pioneer in no-code development platforms for business applications.

Published Wednesday, July 31, 2019 7:37 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2019>