Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
FINANCE FOR GROWTH
Implementing Meaningful KPIs and Dashboards
April 2018
Dublin
Agenda
• Introductions
• A brief history of Key Performance Indicators (KPIs)
• KPIs are everywhere
• Why develop KPIs?
• Developing meaningful KPIs
• KPIs and management information
• Introducing KPIs to your business
• Indicative Board and management reporting
• The role of dashboards
• Questions and Answers
INTRODUCTIONS
YOUR PRESENTER
Mobile: +353 (86) 0474002
www.rsmireland.ie
Terry McAdam
Management Consulting Partner, RSM Ireland
INTRODUCING RSM IRELAND
Network coverage map:Our firm’s history goes back to 1987 and since then we
have grown to become a top 8 professional services
firms in Ireland specialising in providing advice to mid-
market businesses and government agencies.
Our 150 people, across all areas of the practice,
provide clients with pragmatic, expert led, personalised
advice and insight that helps them succeed, grow and
prosper. Our firm is ideally placed to offer an
unparalleled level of experience and expertise to our
business partners in Ireland.
RSM MANAGEMENT CONSULTING
Transformation, HR
& Change
Technology
Consulting Outsourcing Risk Advisory Financial Advisory
Forensic &
Investigation
Process &
PerformanceTechnology Strategy Secondments SOX Commercial Reviews Workplace Investigation
Organisational Review Systems Delivery Company Secretarial HR Audit Financial Planning Asset Tracing
Training &
Development
Technology Project
Management
Outsourcing/
BookkeepingIT Audit Financial Advisory Regulatory Investigation
Project & Change
ManagementTechnology Procurement Payroll - Outsourcing Financial Audit
Feasibility/
Business PlansTax Investigation
Recruitment VAT Compliance Governance Audit Economics Advisory IT Investigation
HR Advisory Unaudited AccountsCorporate Governance
AdvisoryLitigation Support
Data GovernanceSpecial
Investigations
Our service lines:
RSM INTERNATIONAL120
COUNTRIES3,384PARTNERS763
OFFICES
38,353PEOPLE
FEES
$5.0bn
A BRIEF HISTORY OF KEY
PERFORMANCE INDICATORS
KEY DEFINITIONS
A KPI:
“a quantifiable measure used to evaluate the success of an organization,
employee, etc. in meeting objectives for performance”
Information:
“Facts provided or learned about something or someone”
All definitions as per Oxford English Dictionary
HISTORY OF KPIs
KPIs developed to support:
1. Individual performance management – practised for centuries and
notably since the 1800s. KPIs made popular by advent of self-
assessment with commentary by line manager
2. Operational performance management – embraced by General Motors
in 1950s. Du Pont chart focused on Return on Capital Employed and
ratio analysis
3. Strategic performance management – more recent development.
Advent of Balanced Scorecard developed by Kaplan and Norton.
Range of KPIs to monitor progress of business across strategic pillars
HISTORY OF KPIs (cont.)
Recently many organisations believe maximise likelihood of achieving
strategy by aligning individual performance management goals and
cascading KPIs to individuals
KPIs ARE EVERYWHERE
KPIs ARE EVERYWHERE
• Can be validly created in the context of a:
• Process
• Customer
• Activity/Task
• Machine
• Individual
• Department
• Site
• Project
• Company
• Jurisdiction
• Group
• Strategy
BALANCED SCORECARD CONTENT
• Typically a variety of KPIs may be created to monitor the following:
• Strategy delivery across domains:
• Growth – organic/inorganic
• Finance
• People
• Operations
• Risk management
BALANCED SCORECARD CONTENT (cont.)
• Typically a variety of KPIs may be created to monitor the following:
• Operational effectiveness across functions
• Design
• Manufacturing
• Procurement
• Quality/compliance
• Marketing
• Sales
• Business Development
• Customer Service
• HR
BALANCED SCORECARD CONTENT (cont.)
• Typically a variety of KPIs may be created to monitor the following:
• Financial effectiveness
• Return on Capital Employed (ROCE)
• Ratio analysis
• Margin performance
• Lock up – WIP and debtors
BALANCED SCORECARD CONTENT (cont.)
• Typically a variety of KPIs may be created to monitor the following:
• Individual effectiveness
• Chargeable time
• Value adding time
WHY DEVELOP KPIs?
WHY DEVELOP KPIs?
• If meaningful, and attained, will help drive organisational outcomes
and strategy achievement
• Helps to visibly align the goals of the individual, the department
and the entity
• Provides regular, attainable and relevant goals for people to strive
for on a weekly, monthly, quarterly basis – may link to performance-
related remuneration
• Promotes accountability in workforce (at all levels) as everyone
becomes responsible for what they control, their performance
• Engenders team spirit as groups and collaborate to achieve their
KPIs
DEVELOPING MEANINGFUL KPIs
DEVELOPING MEANINGFUL KPIs
• Many organisations suffer from having too many KPIs, can cause
issues that KPIs were intended to detect or reflect being ignored
• Entities can expend considerable energy on monitoring matters
which do not greatly impact the performance of the business, be
aware of pet interests of the leadership
DEVELOPING MEANINGFUL KPIs (cont.)
• Remember less is more. Better to create fewer KPIs and track
them properly
• Focus on the key issues you need to attend to in your business:
• Cash collection
• Shipping on time
• Quality of raw material
• Attracting talent
• Reducing project overruns
• Include staff in developing KPIs especially at process/machine
level – they will understand the issue and the solution!
• KPIs can vary greatly across functions
• Retire and replace KPIs which are not working/relevant
DEVELOPING MEANINGFUL KPIs (cont.)
• Define the purpose of the KPI and explain its calculation
• Consider linking an element of remuneration to sustained KPI
achievement for some staff
KPIs AND MANAGEMENT INFORMATION
KPIs AND MANAGEMENT INFORMATION
• Normally the introduction of KPIs is an evolution of an already
functioning reporting regime where quality management
information is produced in a timely fashion – P&L, Balance Sheet
and Cash Flow.
• However, KPIs may also prove useful in a scenario where
management information is not reliable or delivered on time.
• If the source of the KPI data remains reliable then it may be
possible to readily report details such as turnover, quantities
shipped and staff wages on a timely fashion.
INTRODUCING KPIs TO YOUR BUSINESS
INTRODUCING KPIs TO YOUR BUSINESS
• The following checklist may prove useful when introducing KPIs to
your business:
1. Define and agree a reasonable set of KPIs for initial rollout (more
can be added later)
2. Ensure they address the most pressing matters in the business
3. Verify that the data needed to inform the KPI is captured, readily
available and accurate (otherwise system/process change may be
necessary)
4. Consider the frequency of KPI publication – real-time, daily, weekly,
monthly, quarterly
5. Create the report specification (if required)
INTRODUCING KPIs TO YOUR BUSINESS (cont.)
6. Consider the means of publication – Shopfloor screen, user
dashboard, scheduled reporting pack, gauges etc.
7. Regularly review KPIs to consider if remain fit for purpose (possibly
as part of the annual budgeting process)
INDICATIVE BOARD AND MANAGEMENT
REPORTING PACKS INCLUDING KPIs
PROPOSED REPORTING PACK REQUIREMENTS
Key elements of Board pack likely to include:
• Summary Income and Expenditure (I&E) account featuring current period (CP)
and current year-to-date (CYTD) performance compared to budgeted period (BP)
and budgeted year-to-date (BYTD) and prior year period (PP) and prior year-to-
date (PYTD). Note budget may be augmented by reforecast
• Summary balance sheet
• Summary of department performance for current year (CYTD) versus budget (BP
and BYTD)
• Summary of current cash position
• Summary projected cash flows across future X periods (to be defined)
• Summary of capital expenditure for current year-to-date (CYTD) versus budget
(BYTD)
PROPOSED REPORTING PACK REQUIREMENTS (cont.)
Key elements of Board pack likely to include:
• Summary of fixed asset disposals for CYTD
• Summary of sales by top 20 customers for CYTD (% of total sales)
• Summary of sales by top 20 products for CYTD (% of total sales)
• Summary of current sales orders and projected backlog
• Summary of current sales orders by top 10 customers (% of total orders)
• Summary of current sales orders by top 10 products (% of total orders)
• Average debtor days
• Summary of aging of debt by month
• Summary of stock holdings
• Average creditor days
PROPOSED REPORTING PACK REQUIREMENTS (cont.)
Key elements of Board pack likely to include:
• Value of current purchases orders placed, not fulfilled
• List of current projects and status (narrative)
• Summary financial report for each project for current period (CP) and since
inception versus budget. Latest expected financial outcome declared
• Current headcount (permanent, secondees, agency, contractors) by department
versus plan
• Movement in time bank in current period and current year-to-date – Time in Lieu
and Overtime
• Summary of future operational capacity (labour/machine) versus requirement
across future period (to be agreed) and issues arising (narrative)
PROPOSED REPORTING PACK REQUIREMENTS (cont.)
Key elements of Board pack likely to include:
• Current open positions and related recruitment process, new appointments,
resources onboarded, resignations and exits (narrative)
• Current long-term absences and status report (narrative)
• Number of performance reviews conducted during the current period and current
year-to-date and the number due which are outstanding
• Current grievance/disciplinary cases and update re actions and status
• Operational KPIs
PROPOSED REPORTING PACK REQUIREMENTS (cont.)
Key elements of Management pack likely to include:
• Detailed Income and Expenditure (I&E) account featuring current period (CP) and
current year-to-date (CYTD) performance compared to budgeted period (BP) and
budgeted year-to-date (BYTD) and prior year period (PP) and prior year-to-date
(PYTD). Note budget may be augmented by reforecast
• Detailed balance sheet
• Detailed department performance for current year (CYTD) versus budget (BP and
BYTD)
• Summary of current cash position
• Detailed projected cash flows across future X periods (to be defined)
• Summary of capital expenditure for current year-to-date (CYTD) versus budget
(BYTD)
PROPOSED REPORTING PACK REQUIREMENTS (cont.)
Key elements of Management pack likely to include:
• Summary of fixed asset disposals for CYTD
• Summary of sales by top 20 customers for CYTD (% of total sales)
• Summary of sales by top 20 products for CYTD (% of total sales)
• Summary of current sales orders and projected backlog
• Summary of current sales orders by top 10 customers (% of total orders)
• Summary of current sales orders by top 10 products (% of total orders)
• Average debtor days
• Summary of aging of debt by month
• Aged debtors listing and related provisions
• Summary of stock holdings
PROPOSED REPORTING PACK REQUIREMENTS (cont.)
Key elements of Management pack likely to include:
• Aging of stock held and related provisions
• Average creditor days
• Aged creditors listing
• Value of current purchases orders placed, not fulfilled
• Aging of current purchase orders
• Summary and aging of purchase requisitions (by approver)
• List of current projects and status (narrative)
• Detailed financial report for each project for current period (CP) and since
inception versus budget. Latest expected financial outcome declared
• Current headcount (permanent, agency, contractors) by department versus plan
PROPOSED REPORTING PACK REQUIREMENTS (cont.)
Key elements of Management pack likely to include:
• Movement in time bank, by person, in current period and current year-to-date –
Time in Lieu and Overtime
• Detailed analysis of future operational capacity (labour/machine) versus
requirement across future period (to be agreed) and issues arising (narrative)
• Current open positions and related recruitment process, new appointments,
resources onboarded, resignations and exits (narrative)
• Number of performance reviews conducted during the current period and current
year-to-date and the number due which are outstanding (analysed by reviewer)
• Operational KPIs
PROPOSED REPORTING PACK REQUIREMENTS (cont.)
Key elements of Management pack likely to include:
• Weekly reporting – Trading account and labour costs
• Ad hoc reporting – dashboard reporting
THE ROLE OF DASHBOARDS
THE ROLE OF DASHBOARDS
• In addition to being a venue for real-time KPIs to be reported, dashboards perform
another important service to the user in allowing the identification of workflow-
driven tasks requiring progression.
• These may include, for example:
– Timesheets awaiting approval
– Invoices awaiting approval
– Customer cases awaiting attention
QUESTIONS
THANK YOU FOR
YOUR TIME AND
ATTENTION
KPI Dashboards:
Lessons from Experience
Trevor Jobling
Owner
Dovetail Technologies Ltd
About me:
Trevor Jobling
About me:
Trevor Jobling
About me:
Trevor Jobling
About Dovetail
● Custom software solutions○ Business process tools
○ System integration
○ Creation of new products and services
● 16 years
● 20 staff, all in Dublin
Clients
Current status
● Biggest opportunity: growth market
● Biggest challenge: recruitment
Planning a KPI Dashboard
Project
● What are the right KPIs?
○ You can’t focus on everything
○ Beware the many voices
○ Deliver something useful
● Do you have the data?
○ Are you measuring it?
○ Are you recording it?
○ Can you access it… in a timely fashion?
○ Is it of suitable format/granularity/time period?
○ Can it be cross-referenced?
● Who may see the KPIs?
○ What user roles do you have?
○ Need multiple permission levels or views?
● Alerts
● Finally… Which tool?
Preparatory
Checklist
Sample Dashboards
www.QuickDBD.com
www.QuickDBD.com
Four Tips
1. Do the Simplest
Thing that Works
2. Beware of
Magical Thinking
● Requirements
● Tools
3. Manual Work
can have Value
Dovetail Internal Project Tracker
Dovetail Internal Project Tracker
4. Look at it!
FINANCE FOR GROWTH
General Data Protection Regulation (GDPR) Awareness Sessions
Date: 24.04.2018
STRICTLY PRIVATE AND CONFIDENTIAL
13.00 13.00
Course agenda
• What is data protection?
• GDPR overview
• The new changes brought by the GDPR
• Implications
• How to prepare for the upcoming GDPR
• GDPR Roadmap to Compliance
• The new Irish Data Protection Bill
• Questions & answers
67
What is data protection?
13.00 13.00
What is data protection?
As defined by the Data Protection Commissioner: “it is the safeguarding of the privacy rights of
individuals in relation to the processing of their personal data.”
You supply information about yourself to government bodies, banks, insurance companies, medical
professionals and many others in order to avail of services or satisfy obligations. Organisations or
individuals also obtain information about you from other sources. For the purpose of data protection
such organisations or individuals who control the contents and use of personal data are know as data
controllers
These rights apply where the information is held:
✓ electronically, or
✓ in a manual form, as part of a filing system that facilitates ready access to a specific individual’s
information
Personal data
Public/ private bodies
Compliant use of data
69
13.00 13.00
Current governing Act
Data Protection Act 1988 and 2003
At the moment, Irish data protection obligations are primarily governed by the Data Protection Act 1988
as amended by the 2003 Act. The act is governed by 8 principles:
1. Obtain and process the information fairly;
2. Keep it only for one or more specified and lawful purposes;
3. Process it only in ways compatible with the purposes for which it was given to you initially;
4. Keep it safe and secure;
5. Keep it accurate and up-to-date;
6. Ensure that it is adequate, relevant and not excessive;
7. Retain it no longer than is necessary for the specified purpose or purposes; and
8. Give a copy of his/ her personal data to an individual, on request.
70
GDPR overview
71
13.00 13.00
What is the GDPR?
• The General Data Protection Regulation
(GDPR) will come into force on the 25th
May 2018, replacing the existing data
protection framework under the EU Data
Protection Directive.
• The GDPR emphasises transparency,
security and accountability by data
controllers and processors, while at the
same time standardising and
strengthening the right of European
citizens to data privacy.
• Companies, government agencies and
non-profit organisations who interact with
personal identifiable data of EU citizens
have until 25 May when GDPR comes
into force to comply.
72
13.00 13.00
The GDPR terminology
PROCESSING
PERSONAL DATA DATA CONTROLLER
DATA PROCESSOR
DATA SUBJECTS
DATA PRIVACY
73
13.00 13.00
Sensitive personal data
Sensitive personal data is a
special category of personal
data.
These require a higherstandard of care by the GDPR.
Sensitive personal data
Names
Personal dataSensitive data
Banking details
Addresses
Medical condition
Religion
Convictions
Prejudice Criminal activity
74
13.00 13.00
GDPR - scope
75
13.00 13.00
So who has to comply?
An organisation has to comply if:
They control or process the
personal data of EU residents
This applies irrespective of where the organisation is based.
76
The new changes brought by
the GDPR
77
13.00 13.00
New concepts and key principles
Explicit consent Contracts PIAs
Individual rights Breach notice Incident register
78
13.00 13.00
Key changes - consent
ACTION: Procedures to obtain and record consent should be reviewed to check they are in linewith the new GDPR requirements.
Consent may be
withdrawn at any time
Consent cannot beinferred e.g. pre-ticked boxes or inactivity
Consent must be
“freely given, specific,
informed and
unambiguous”
79
13.00 13.00
Key changes – more information required
Details of their purposeand legal basis for
processing data
ACTION: Privacy/fair processing notices or other communications should be reviewed andamended to meet the new requirements. Information should be provided in concise, easy to
understand and clear language.
How long data will be
retained and any
transfers outside the
EU
Individuals can
complain to local
regulatory bodies if
they are dissatisfied
with how their data is
handled
80
13.00 13.00
Key changes – individual rights
ACTION: Ensure that processes are in place to respond in a consistent and timely manner tocustomers who assert these enhanced rights.
Right not to besubjected to
automated data profiling (where
this would produce a legal
effect)
Right to data portability
(have data provided
electronically in
commonly used format)
Right to be forgotten
(have personal data
removed from systems
or online content)
81
13.00 13.00
Key changes – individual rights
Right to request that businesses delete personal data without undue delay where:
it is no longer necessary for the purpose it was collected
the data subject withdraws consent and there is no other legal ground for processing
the data subject exercises their right to object and there is no overriding legitimate ground for processing
the processing is unlawful
82
13.00 13.00
Breach notifications
• Organisations are now under legalobligation to notify local authorities within72 hours if EU resident data is lost.
– Only exception is if the data was encrypted.
Organisations have to inform individuals if an “adverse impact” is determined from the breach.
–
• Service providers (data processors) nowhave obligations to data controllers.
72
83
Implications
84
13.00 13.00
Penalties for non-compliance
If organisations do not comply, they face a maximum fine of:
Other consequences – reputational damage, financial loss, litigation etc.
85
13.00 13.00
Examples of penalties
• Uber
• Admitted it paid hackers responsible for a data breach $100,000 (€84,790) not to disclose the
data breach to authorities.
• November 2017
• Carphone Warehouse
• Fined £400,000 after serious failures placed customer and employee data at risk.
• 10th January 2018
• Department of Social Protection
• A civil servant who sold personal data of citizens to private investigators working for insurance
companies was jailed.
• 26th January 2018
86
How to prepare for the
upcoming GDPR
87
13.00 13.00
Key activities we are seeing (1)
WHY?
WHERE?
HOW?
Carry out an information audit
and data flow mapping
exercise
Update all policies and
procedures
to reflect changes
Reviewing data-related service
provider contracts to reflect
impact of the GDPR on controller
and processor obligations
88
13.00 13.00
Key activities we are seeing (2)
Form a data governance group Implement / review breach
notification procedures and Incident
Management Plans
Review impact of GDPR on data retention policies e.g. on archiving
72
89
13.00 13.00
Key activities we are seeing (3)
Review IT development and
purchase procedures – ‘Privacy by
Design’
Consider the position of the
existing DPO within the
management structure
Consider and record lawful
bases for processing
90
13.00 13.00
Key activities we are seeing (4)
Create and maintain an
information asset registerCheck accountability for data
governance is clear and precise
Check how consent is
obtained. Are changes to this
process required?
Retain records of consent
91
GDPR Roadmap to Compliance
Mobilisation
• Critical first phase
• Define scope
• Expected outputs
• Agree plan
• Commit resources
• Establish governance
• Create PID or Charter
93
Discovery
• Review documentation
• Interviews
• Review policies &
procedures
• Discuss functionality of
systems to meet the
GDPR requirements
94
Analysis
• Analysis and evaluation
• Processes and policies in
place
• Identification of missing
policies and measures in
order to comply
• Assistance in
implementing the
processes, procedures
and policies to comply
95
Reporting
• Concise report
• Finalised post-client
feedback
• Focus on key findings in
gap analysis
• Recommendations
reflected in budgeted
roadmap to compliance
96
GDPRROADMAP TOCOMPLIANCE
97
The new Irish Data Protection
Bill
New Irish Data Protection BilI
• Ireland’s new Data Protection Bill was published on 1st February 2018.
• The new bill transposes much of the GDPR text directly and addresses the powers of the Data
Protection Authority.
• The Bill will establish a Data Protection Commission in place of the current Office of the Data
Protection Commissioner (ODPC)
• A controversial inclusion in the Bill is the exemption of Public Bodies from the administrative fine
regime, except where acting as an “undertaking”, (i.e. providing goods or services for gain)
• The existing 1988 Act is not repealed but amended, meaning that three Data Protection Acts will
then be in force – an amended 1988 Act, the 2003 Amendment Act and the 2018 Act
99
Questions & answers
13.00 13.00
Useful information sources
The GDPR text
https://gdpr-info.eu/
Information Commissioners Office (UK)
https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/principles/
Data Protection Commissioner (Ireland)
https://www.dataprotection.ie/docs/Home/4.htm
Article 29 working party updates
http://ec.europa.eu/justice/data-protection/index_en.htm
“Preparing for the General Data Protection Regulation (GDPR): 12 steps to take now V2”
https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf
101
Thank you for your time
and attention.
RSM Ireland
Trinity House
Charleston Road
Ranelagh
Dublin 6
Ireland