Preface

Contemporary Enterprise IT landscapes have become increasingly heterogeneous, simultaneously running numerous applications such as ERP, CRM, PM, BI, TMS and other systems, sourced from different software vendors. Business initiatives cannot be imagined evolving or merely functioning without these technologies, having market leaders utilizing the most advanced solutions, while always balancing between innovation, practicality and conservatism – the essential parts of Enterprise’s corporate culture.

While BI and its derivative categories are perceived as the “glasses” or “compass” for decision making and analysis of corporate information flows, with the recurrent, annual increase in budgets, little attention is paid to the Process Event Management category (briefly: PEM).

PEM category is neglected or hardly addressed by many organizations, yet the consequences of such disregard could come at a high cost.

What is an Event?

An event is anything that happens at a defined time and that can be specifically recorded. In extremely diverse Enterprise IT landscapes, hundreds of processes and thousands of events are being executed daily or even hourly. Regardless of the nature of the process (business, technical, or any other type of process), they all consist of the sequences of multiple events or streams of events. Enterprises process a giant number of events, manifested through various processes. Examples:

EXAMPLE FOR BUSINESS PROCESS

A Purchase Order (PO) was created. Possible related events to check daily/hourly by PEM (e.g., what can go wrong?):

Continuously check for missing or inaccurate data during the creation of a PO and throughout its validity period (until Order fulfillment):

• Material description in PO is outdated / incorrect
• Vendor’s address (or / and other Vendor’s credentials) are missing / incorrect
• Vendor’s payment terms differ Invoice’s payment terms

Continuously check for changes, made to a PO throughout its validity period. Check also by whom those changes were carried out:

• Material description in PO was changed
• PO’s vendor’s master data details were changed (e.g., bank account, address etc.)
• PO’s vendor’s payment terms were changed
• PO’s amounts / quantities were changed
• PO’s contract details were changed (and now they are inconsiistent with a PO)
• Another Alert-Relevant and Status-Relevant Changes:

—- Goods recipient
—- Customer location
—- Ship-to location
—- Product
—- Requested quantity
—- Requested delivery date
—- Incoterm
—- Price
—- Manufacturer part number
—- Manufacturer

Continuously check for timing thresolds that were exceeded:

• PO is open for too long (e.g., Goods Receipt date is in the past)
• PO was released and waiting for Goods Receipt for too long
• PO is waiting for approval in a certain status for too long
• PO was created retroactively (e.g., after the invoice was issued by vendor)

Continuously check for posiible fraud / misbehavior and SoD related violations:

• Purchase Requisition and PO have different prices (possible misconduct or fraud)
• Alternative payee was assigned to PO’s vendor
• PO’s amount has exceeeded the desired threshold (e.g. too high / too low)
• PO is assigned to one-time vendor (possible misconduct or fraud)
• PO was approved by a person who created it (possible fraud, related to the SoD)
• Was the PO issued on behalf of One-Time Vendor? (possible misconduct or fraud)
• PO’s, issued for One Time vendor is used to pay to a regular vendor (fraud)

Needless to say, that all the aforementioned events should be continuously checked as part of organization’s control routine… and this is a relatively simple process, one out of hundreds or other processes that run in the corporate ERP systems.

EXAMPLE FOR TECHNICAL PROCESS

Background Job (BJ) was created and scheduled. Possible events to check daily/hourly or even more frequently (e.g., what can go wrong?):

• BJ has failed
• BJ has failed multiple times in a row
• BJ is running for too long or finished rather too quickly
• BJ didn’t start on time (has started earlier or later than expected)
• BJ didn’t start at all
• BJ’s scheduled start has been repeatedly delayed
• BJ has started again, before the previous job’s run has finished (duplicated BJ runs)
• Suspiciously big number of jobs have failed in a short period of time (anomaly)
• BJ’s duration has been elongated (e.g., upon creation, the job ran on average for 10 minutes, but now it takes 5 hours to finish)
• BJ was permanently deleted from the system by somebody, who was not supposed to do that
• User, assigned to the BJ’s step/s should have not been assigned to the step
• Person, who has scheduled the BJ run differs from user/s, assigned in each BJ step
• There are identical jobs (yet with different names) running in the system
• There are active jobs with program’s variants that have expired

All above are events that might affect system performance and in certain cases disrupt business logic. Surely, they should be managed and controlled.

What is a Process Event Management (or to be precise an IT Process Event Management) and why organization should consider to implement one?

PEM is a category, which is dedicated to track (what happens now?), trace (what happened in the past?) and in certain cases warn and prevent (what is going to happen?) unwanted or unexpected events from happening, providing a complete visibility of your end-to-end processes across all the informational boundaries.

Having right technology in place, your company can manage events across distributed processes involving different dispersed partners and assets. PEM solution will capture events from your systems, analyze them against its predefined plan and alert or workflow a response to the required people to react of deviations are found.

PEM enables organizations to increase the transparency of IT based activities, enhancing control upon business and technical processes, having an ability to reveal problems and bottlenecks earlier, prevent unwanted outcomes and quickly compensate the damage while diminishing inconsistencies and restraining further risks. Mistakenly precepted as “not that important” category, PEM will allow an organization to see through the information systems, be informed in a timely manner about important occurrences, including (heads up!) suspicious and fraudulent activities. PEM also should allow to quickly adapt to changing conditions in your processes, heading off issues before they become an issue…

If Enterprise IT environment could be imagined as a “live organism”, the PEM solution should be described as its “nervous system” which continuously monitors, tracks and validates the correctness of events and processes, instantly responding to the inconsistencies and (heads up!) timely and precisely informing the stakeholders.

Note: Tis is the first part of the article. In the next chapter (to be published shortly) I will discuss:

1. Why the Business Intelligence systems are not entirely fit to manage and control events?
2. What is the ROI, expected from PEM systems and how it can be measured?