Business resiliency in finance operations isn’t something that is unique to Accenture. Any large organization needs some degree of it to mitigate risks to business continuity. Global operations and geographically distributed teams provide risk mitigation to business disruption—but only if prepared.
We have always had some form of disaster recovery approach for our finance operations, especially with nine shared services centers around the world. But efforts were mainly focused at the local level. How would a center react to political instability? To a monsoon? To an earthquake? This was the typical scope of thinking.
Now, 70 percent of Accenture Finance’s services are performed in these shared services centers and many provide complex accounting, business and tax advisory activities. This distinction increases Finance’s dependency on our centers delivering critical aspects of our operations and increases our level of risk if the centers go down. For these reasons, we knew we needed to be smarter with how we did business resiliency. We saw the need to develop an industrialized business resiliency capability.
Five stages of development
Our Controllership organization, which includes the shared services centers, took the lead within Accenture Finance to develop a broader capability. We knew we couldn’t do this overnight, so we gave ourselves time to do what we needed to do to get the program to a point where we could respond to various scenarios.
We laid out a plan and were rigorous about how we went about rolling it out and testing it. The program team collaborated with other areas within Accenture, like risk, security and asset protection.
The entire effort involved working through five major stages:
- Organization and governance – We used the ISO 22301 Business Continuity Planning Framework as our structure and established a governance model. Roles and responsibilities were defined and spanned our locations globally. These initial steps were important in helping to instill business resiliency in the mindsets of everyone within our Controllership network.
- Document review – The program team reviewed every Controllership activity and drilled down to how many are critical and at what point in the month they are critical. They also determined which centers performed which tasks since not all processes are done in every center. We needed to do this to figure out what could be dropped and picked up. And how we could provide support with fewer people. One of the steps that came out of this exercise was making sure the right level of training documentation was in place for the receiving teams.
- Incident response planning – This stage involved preparing an extensive location and recovery strategy—not just for a few locations, but all shared services center locations. An important step that came up during testing was the need to establish accelerated access management rights for critical systems during an incident. This is needed for when work is shifted to another team in another geography.
- Testing – Testing and retesting many times are what I think made the program successful. If things didn’t go right the first time around, that was OK—as long as individuals learned from the lessons, fixed things and moved on. The first wave of testing was planned, and people were aware. For waves after that, there was no notice. So, people were truly put to the test.
- Results analysis and actions – After each wave of testing, the program team analyzed the results, did quality assurance reviews and audited transactions for accuracy. The testing outcomes were shared, learnings documented and improvements made where needed.
There was truly a sense of pride when everyone was able to come through all the testing successfully.
Achieving our objective
After 18 months of rigorous planning, implementing and testing, our program team and Controllership groups reached a point of achieving our objective of elevating the state of our business resiliency capability.
Teams felt a sense of ownership with what they had accomplished. They also collaborated well across geographies and reaffirmed that our organization has a “One Controllership” mindset. There was truly a sense of pride when everyone was able to come through all the testing successfully. And our timing was fortunate.
Our business resiliency capability was put to a real-live test when the COVID-19 pandemic set in.
Controllership and other Finance teams facilitated continued quality and accuracy of financial information and data. A robust capability contributed to Accenture Finance’s ability to carry out business as usual without delays and meet our commitments.
Looking back, I’d say that the top three keys to the program’s success included a dedicated business resiliency team, knowledge sharing with other corporate functions and locations, and aggressive testing. For more about our program’s journey, read about it here.