Xerox Tries To Wring Waste Out Of Risk Management
Based on lean Six Sigma processes and tools, Xerox's Information Security Risk Assessment Process 4.0 is the foundation for many of its information risk management processes, including compliance with Sarbanes-Oxley, Safe Harbor, and Payment Card Industry standards. Xerox completes an annual risk assessment for each business-critical environment and an every-other-year assessment for noncritical environments. This covers 1,230 applications, 683 databases, and 3,629 servers.
ISRA 4.0 uses a Web tool with automated compliance and vulnerability-scanning capabilities. Remaining manual data is input into Web forms, and weighted questions now prioritize environments based on their risk factors. ISRA 4.0 features a custom Web interface that uses Microsoft technology to pull together the scanning tool feeds, thereby automating the back end.
The simplified process eliminated 59% of all process steps and 60% of non-value-add steps. It increases data accuracy, reduces the risk of subjectivity, provides an accurate inventory, forces compliance, and provides a risk-based approach for prioritizing assessments.
Sirva's Tool Points To Answers
Sirva, which provides relocation services from moving vans to mortgage services, has built a Web-based performance assessment tool that creates a scorecard showing Sirva's agents' performance against corporate goals and against each other. Based on Business Objects, the tool measures sales, revenue, quality, branding, and claims. The tool gives agents direct visibility into the performance of their operations, and it suggests courses of action to correct or improve performance that's not up to snuff, linking agents to a library of best practices from other agents and from the company.
Sirva already has seen success in one metric--sales customer lead conversion, which is up more than 8% year over year on average across all agents, with some agents earning double-digit increases. Overall, the program, called inside Performance Management, is projected to improve service quality and agent retention, resulting in 0.5% increased moves in 2011 and 1% in 2012, equaling $1 million in incremental revenue.
Bar Codes Save Lives At Evanston Northwestern
In hopes of preventing medication errors, Evanston Northwestern Healthcare implemented bar-code administration of in-patient medications, where bar codes for patients and medications are used in conjunction with electronic medical records. When caregivers scan the bar codes on patients' wristbands, their electronic charts open on the computers of bedside wireless carts used in the company's three hospitals. The medications are then scanned and checked against patients' e-records to ensure that the medications and their method of administration are correct. If there's a discrepancy, a nurse is alerted and the medication process is stopped and rechecked.
In one pilot study, Evanston Northwestern experienced 16 "near misses" in two 30-bed units over two months. This translates into a potential 1,000 near misses during a one-year period. Those aren't chances the health care company is willing to take, and the bar-code system makes sure it won't have to.
Quest Gets Doctors Online Fast With 3G
As cellular data access gets cheaper, more companies will make it a part of their businesses. Look at Quest Diagnostics. Its Project Firefly lets the company, which provides diagnostic testing and services, quickly deploy its Care360 service to physicians for ordering tests and receiving lab reports via the Internet. Quest used to depend on Internet service providers to set up data lines before it could train physicians on Care360. Now it uses 3G cellular services from wireless providers and EV-DO routers to provide service within hours of a physician signing on. Once the landline's installed, the Firefly team returns and switches routers.
Secure Doesn't Mean Hard To Access, Motorola Shows
Motorola's E-zones architecture is a new approach to information access and data protection. Each E-zone is a collection of users, applications, and systems that have a similar need for connectivity and protection. The concept facilitates sharing of information with mobile employees, business partners, and customers, while improving data protection.
Used by more than 65,000 Motorola employees in 50 countries, E-zones eliminate the traditional corporate firewall perimeter and historical friction that security compliance generates. A business unit or department can support any number of E-zones, and there can be any number of systems per zone. E-zones architecture abolishes the concept that physical location is a reliable measure for protecting companies against the risk of information leaks. E-zones are created to let business managers balance network protection with connectivity for their applications and digital assets. The business benefits are many: E-zones slashed secure partner integration time, in some cases to two days; enabled deployment of business-critical dashboards to more than 10,000 smartphones; and facilitated collaboration on more than 60,000 daily knowledge assets.