Last week, I attended the Software AG Process Forum in Darmstadt, where they had several interesting customer presentations. Among others, I listened to the presentation “Successful Management of Processes, Risks & Controls from Mr. Andreas Suppersberger from Hypo Alpe Adria (HAA) from Austria. Mr. Supperberger explained why and how they implemented process management and their internal control system (ICS) at HAA. They used ARIS Business Architect for process management and the COSO framework and ARIS Risk & Compliance Manager for the ICS. Besides the usual benefits, he shared some lessons learned from their project:
Process documentation must be realistic
Process responsibilities must be clearly defined and operated
Top management support is mandatory
Resources must be available (expert resources, process roles and ICS roles)
Tool implementation ≠ end of work
Mr. Suppersberger also explained that they had a lot of work at the beginning of the project, but over time they could reduce manual work significantly and leveraged the workflow support and automatic email notification from the system. Altogether, The HAA project was very interesting and well presented by Mr. Suppersberger.
It was followed by a very entertaining speech of Mr. Heinz Bozem from Heraeus Germany. They handle with precious metals and have many risks with high probability, for example in the production process or through burglary. So, they had the need for risk management to reduce their losses. They are now at a level, where they have modeled their risks and controls in the processes and know their risk landscape. For the future they plan to monitor the risks with ARIS Process Performance Manager. I look forward to hearing more about this project.
In general, I really enjoyed the Process Forum in Darmstadt. I was surprised how many people were there. A good opportunity to get in contact.