Title: Risk Analysis in B2B E-Business Relationships: A Model for Continuous Monitoring and Assurance in Partnering Relationships
1Risk Analysis in B2B E-Business Relationships A
Model for Continuous Monitoring and Assurance in
Partnering Relationships
- Vicky Arnold (UConn)
- Clark Hampton (UConn)
- Deepak Khazanchi (Nebraska-Omaha)
- Steve G. Sutton (UConn)
2B2B E-Commerce Market
- Projected between 4.3 to 7 Trillion by 2005
- Dynamics Changing in Business Relationships
- Business Partnering
- Market Exchanges
- Private
- Public
- Traditional EDI (Estimated 3.8 Billion)
3E-Business Facilitated Change in Organizational
Focus
- Emphasizing Core Competencies
- Advanced Production Planning and Scheduling
Systems - Co-Dependence on Upstream / Downstream Supply
Chain Partners - Just-in-Time Inventories with Minimal Safety
Stocks - Required Use of Electronic Linkages
4Business Partner Relationships
- Cooperative and Extensive Electronic Linkages
- Forced Implementation of Electronic Linkages
- Influenced by Power Balance
- Varying Levels of Technology Integration into
Internal Business Processes
5Associated Business Risk Issues
- Process Alignment w/ Technology (IFAC)
- Poor Integration of B2B Capabilities With
Internal Processes Limited Operations Efficiency
Improvements (Khazanchi and Sutton 2001) - Match Between IS Strategy and Business Strategy
(Sabharawal Chan 2001) - Coercive Power Forcing B2B Integration Leads to
Vulnerability and Becomes a Constraint on
Relationship (Hart Saunders 1997) - Power Negatively Related to Quantity and
Diversity of B2B Transaction Usage (Hart
Saunders 1998)
6Assessing Business Risk in Advanced IT
Environments
B2B ASSURANCE SERVICES
D. Khazanchi S.G. Sutton (2001) Assurance
Services for Business-to-Business Electronic
Commerce A Frameworkand Implications Journal
of the Association for Information Systems
7Application-User Level
- Understanding potential benefits of E-business
- Current business environment and internal
processes - Organizational readiness for adoption
- End-users reliance on paper-based transactions
- Overcoming the impersonal nature of e-business
- Pilot tests of transactions for reliability
- Adequacy of educational and training programs in
preparing organizations staff to handle above
8Business Level
- Appropriate changes made to traditional business
processes and controls to incorporate new methods
of conducting business - Appropriateness of e-business for company
- Are direct/indirect e-business benefits being
realized? - Legal issues (electronic orders, signatures,
legal trading partner agreements) - Managing data and transmission security and
auditability - Reassessing workflow procedures for efficiency
improvements - Adjustments in Internal Control systems to assure
privacy of data, reliability of systems and
secure electronic transmission
9Technical Level
- Assuring necessary technical elements are in
place - Integration of internal and external applications
is feasible given financial and technological
resources - Implementation of multiple trading partners
- Mapping customer/supplier data for direct use in
internal applications - Business transaction processing works
- Appropriate means of communications and vendors
for transaction integrity and completeness
(includes ISP/ASP assessment) - Data integrity and control
- Integration Issues
10Assessing Business Risk in Advanced IT
Environments (cont)
B2B ASSURANCE SERVICESApplication-User
LevelBusiness LevelTechnical Level
EDI Adoption
EDI Outcomes(Benefits)
EDI Integration
D. Khazanchi S.G. Sutton (2001) Assurance
Services for Business-to-Business Electronic
Commerce A Frameworkand Implications Journal
of the Association for Information Systems
11Research Method
- Structured Group Process for Identifying Key
Business Risks in Each Level (Sutton 1991 Sutton
Lampe 1994 Havelka et al. 1998) - Discuss and Define B2B Organizational Context
- Structured Brainstorming of Risks by Level
- Round Robin Listing of Risk Factors
- Reflection Upon and Addition of New Risk Factors
- Consensus on Risk Definitions
- Individual Identification of Key Risk Factors
Ranking
12Study Participants
- IT Audit Specialists, Security Specialists and
E-Commerce Development Leaders - ConAgra
- Mutual of Omaha
- Union Pacific
- External IT Audit (Partner/Mgr), CIO Staff
- PricewaterhouseCoopers
- E-B Consultants (Team Leaders in Business
Applications, Infrastructure, Strategy) - Rising Tide Consulting
13Results
- KPIs for Technical Level Risks
- KPIs for Application/User Level Risks
- KPIs for Business Level Risks
14Continuous Monitoring Assurance of E-Business
Relationships
B2B ASSURANCE SERVICES
Periodic
Continuous
15(No Transcript)