Starting the Digital Transformation Journey in a Pandemic

SAGESSE WINTER 2021 – AN ARMA CANADA PUBLICATION

By Sandra Bates and Amitabh Srivastav, IGP, CIP, PMP

Back to Sagesse 2021

Abstract

Digital transformation (DT) is a key drive and a critical factor for organizational success in the current digital business environment. The reality of the world-wide pandemic significantly affected normal business and social activities, and has vaulted DT to the forefront of management’s priorities. DT has forced management in businesses and governments alike to digitally transform in order to continue functioning and providing products and services. Although DT is not a new initiative, it has changed from an innovative journey to a business necessity leaving management lost and struggling as to how to proceed. This article will examine the business drivers for DT by linking them to key concepts and identifying the DT initiative’s scope. Next, the article will discuss preparing the business case via Use Cases and examining change management risks and mitigation strategies.

Introduction

Dating back prior to the invention of the abacus or compass, people have been using technology to improve the way they live and work in society.  For centuries now, transformation in society due to new technology inventions has been slow and the benefits were often easily realized. Digital technology has evolved primarily over the past 70 years. However, in the past 30 years, digital technology has developed at a rate never before experienced, which affects almost every industry. Before, people looked at digital technology and said “wouldn’t it be cool if we could…” to an environment where the technology develops at a rate where people were apprehensive, but needed to change with technology. Now, they can realize some of their imaginations, those crazy ideas. People no longer need to imagine, because digital technologies can make it a reality.

COVID-19 vaulted many organizations and government agencies into a world where digital technology and processes were forced upon them due to the current climate.  Now organizations have a “taste” of what digital technologies can do, and there is no turning back.  Organizations have introduced many digital processes, yet may still be thinking in manual ways and not realizing the full potential of the digital capabilities that are thrust upon them.

Hence the need for digital transformation (DT). DT is not solely about taking manual processes and using technology to replicate that process but rather it is about digitizing a process and using that technology to enhance or realize additional benefits.  Some examples of additional benefits are improved analytics, better self-serve capabilities, and effective collaboration.

For information professionals, DT is about realizing the organization’s information as assets and using them to their full potential. 

Defining Digital Transformation

Digital transformation is the integration of digital technology into all areas of a business, fundamentally changing how you operate and deliver value to customers. It’s also a cultural change that requires organizations to continually challenge the status quo, experiment, and get comfortable with failure. (enterprisers project, 2020)

Throughout this article, the authors will address DT from the information professional’s perspective and looking at terminology and best practices when engaging in the DT initiatives.

Digital Transformation Drivers

Looking at the technology trends, legislation, regulations and stakeholder expectations gives an idea of some of the key drivers of DT.

Technology Trends: Artificial Intelligence (AI) 

The past few years has seen a drastic improvement and uptake in Big Data (BD) and Machine Learning (ML). This is largely due to the vast amounts of data that is continuously collected. BD and ML offer solutions to use this data and give it value as an asset. Analytics and robotic process automation (RPA) reduce human effort, offer better, faster business decisions and improve customer experiences. 

Knowledge and information gained from AI is changing the way organizations do business. The ability to improve the customer experience will determine the success or failure of organizations. Ultimately the ability to digitally transform your organization is necessary to stay competitive and fiscally profitable. This is achieved through utilizing AI to understand and make decisions based on customer behaviours, values and needs. Not only can AI solutions provide the knowledge and information to accomplish this, but also, they are more effective and efficient people.

Legislation and Regulations

The Government of Canada has also recognized the value of DT. In understanding the value in DT, the government recognized the risks associated with it as well. To protect the privacy of Canadians and safeguard against the misuse of their data, Canada’s Digital Charter was introduced. The objective of the Charter is to keep Canada competitive by realizing the economic and societal benefits of DT, while safeguarding against privacy and security threats that can accompany a digital society.

(www.ic.gc.ca, accessed Oct 2020)

Canada is invested in this strategy.  In addition to empowering digital businesses, investing in DT can increase economic growth and accessibility. By 2030 it is expected that every Canadian business or home, regardless of geographical location, will have internet access to enable access. But currently, reliable digital access that is expected in more populous areas is not accessible to 16% of the population. That means there are over six million Canadians that cannot promote their businesses, file their taxes online, apply for jobs on-line, shop or connect with family via social media, etc.

Privacy

Another primary driver for DT in Canada is the information privacy. Canada’s privacy by design principles generate an environment where privacy of personal information is embedded into technology solutions. This is especially important with cloud-based solutions. It is essential in seeking solutions to ensure that understanding information privacy and security outside of Canada is not always equal to Canada’s mandate.

In Canada, legislation such as Personal Information Protection and Electronic Documents Act (PIPEDA) guide the approach to governance regarding the protection of privacy of information by Canadian based businesses. 

In addition to the federal legislation, most provinces also have mandates such as the Freedom of Information and Protection of Privacy Act (FOIP) and the Local Authority Freedom of Information and Protection of Privacy Act (LA FOIP) in Saskatchewan which guide handling personal information by government agencies as well as access to information requests. The ability to provide information in response to access to information requests within legislated timelines often poses a challenge due to manual processes.  DT initiatives have the potential to improve response to requests as well as make information available through initiatives such as Open Government where the federal government is making more information accessible to the public through proactive publishing of information.

Although Canada’s PIPEDA may prove to be stronger than many countries if businesses wish to house information in Europe or conduct business with European agencies, the General Data Protection Regulation’s (GDPR) “right to be forgotten” require that all personal information of an individual must be erased upon request of the individual.

Technology solutions implemented within the organization must understand the need for privacy and security measures. In Canada, the privacy laws are more robust than in some countries and understanding where data residency issues may be a factor are essential to cloud solutions.  Knowing where your data lies physically and the understanding the local laws in those countries that may affect the privacy and security of the information. It is important to privacy protection that data residency issues are understood and addressed. 

Concepts and Definitions

When the organization’s senior management team decides to embrace DT and move forward with the initiative, the team may have varying ideas about DT, the key concepts, the scope of the initiative, the end product, etc.  The first question is – what is DT? As noted above, DT is very broad, encompassing technology and non-technology concepts.  Understanding these key concepts can help the organization define its DT journey, its business case, and increase the probability of its success.  Some of the key concepts are:

Cloud enablement: is about a “cloud-first mindset” to leverage capabilities and tools, and deploy services that are outside the firewall.  This implies a cloud computing model that ARMA defines as, “A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” (Glossary of Records Management and Information Governance Terms, ARMA International TR 22-2016, p 9)

Intelligent capture: focuses on opportunities to convert physical information into digital formats across multiple channels.  Intelligent capture can also leverage capabilities of RPA using artificial intelligence via machine learning and machine teaching.

Repository-neutral content: are storage locations that are independent of the underlying systems and technology creating content so the content is available to diverse business users.  Integrated collaboration leverages diverse technology platforms and disparate repositories to allow teams to save, search, and share content.  This can include knowledge management, data analytics, data management, etc.

Information governance (IG): is a very critical, if not the most important concept for a successful DT initiative.  It is acknowledged that IG, “… helps organizations achieve business objectives, facilitates compliance with external requirements, and minimizes risk posed by sub-standard information handling practices.” (Glossary of Records Management and Information Governance Terms, ARMA International TR 22-2016, p 28)

Content services: is recognized as another key and critical concept because it facilitates the capability to deliver content and / or services on-demand to any device, anywhere at any time independent of the source of the content.  In many cases, this is the end goal of a successful DT initiative. Since the content has business value, therefore IG, compliance, security, and privacy are critical considerations when delivering the content to internal users and external customers as a new service or a digital product.  More importantly, the success or failure of a new online service or digital product can determine the success or failure of a DT initiative.  The DT initiative needs to define the product scope of the initiative.  PMI defines product scope as “The features and functions that characterize a product, services, or result.” (PMBoK 6th ed ., p 715)  Therefore, the business case needs to clearly articulate the product, service, or result of the DT initiative – i.e. “What is the end-state or end goal?” In fact, the business case should identify the benefits and outcomes from the perspective of different stakeholders – i.e. “What does it mean to me?” or “How will it benefit me?”

Auto-classification: is the systematic identification and classification of content into categories according to a taxonomy representing logical structures such as functions, activities, procedures, methods, etc.  Auto-classification can leverage RPA using AI via machine learning and machine teaching to analyze the explosive growth of digital content and categorized it, including redundant, obsolete, and trivial (ROT) content.  “According to data compiled by Visual Capitalist, a single internet minute holds more than 400,000 hours of video streamed on Netflix, 500 hours of video uploaded by users on YouTube and nearly 42 million messages shared via WhatsApp.” (https://www.statista.com/chart/17518/data-created-in-an-internet-minute/, accessed Oct 2020).

Customer experience: is the collection of experiences, emotions, expectation, impressions, etc. as a result of interacting with online services and digital products across all platforms and delivery channels from an organization’s website, mobile apps, chat, call centres, etc.  Customer experience is closely associated with content services, because from an existential perspective a “thumbs up or down” on social media can materially affect the success or failure of new content services as mentioned above.

Product Scope

While the above concepts help define a DT initiative, it still needs to define the product scope of the DT initiative – in other words what will content services deliver to its stakeholders and how?  When the organization accepts a “cloud-first” strategy of a cloud computing service model, it includes Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).  The nomenclature includes other services such as Content as a Service (CaaS), Managed Content as a Service (MCaaS), Data as a Service (DaaS), etc. More recent technology trends include Blockchain as a Service (BaaS) and Artificial Intelligence as a Service (AIaaS) from third-party cloud-based providers, amongst other services and products.

CaaS / MCaaS infers a “digital mindset” too, for the product scope to deliver services and products.  This means digitizing business processes for the content throughout the information lifecycle from the “cradle-to-the-grave.”  The scope for content services can be just as board as the DT initiative itself.  So, the second question is – what is the product scope?  The scope can include the following key ones:

Information architecture: overlaps many areas of design, but some key ones are navigation, user experience, user interface, security model, taxonomy, etc.

Artificial Intelligence: can perform data analytics on content from many sources, such big data, various types of sensor (i.e. Internet of Things (IoT)), wearable devices, social media, etc.  The analysis can focus on trend analysis, predictive analytics, modelling, etc.  AI can also identify trending topics, curate content from disparate repositories, and deliver it, based user-defined rules.

Document management (DM): traditional document management was “save, search and share,” but now DM is more collaborative with real-time co-authoring on any device, from anywhere, anytime (assuming authorized access).

Records management (RM): has traditionally focused on physical records management, but now the greater emphasis is on digital content such documents, presentations, reports, websites, social media posts, chats, email, video conference, multi-media (images, video, and audio), etc.  Access to the records should be on any device, from anywhere, anytime (again, assuming authorized access).  Records management can include archival storage for long-term preservation.

Knowledge management (KM): is now becoming critical due to the exponential growth in content creation.  It includes digital content that is not a record.  Knowledge management can help derive insight, drive innovation, improve organizational performance, reduce operational risks, increase market share, etc.  Furthermore, “… not knowing what your organization knows is definitely a recipe for rework, stagnation, and inefficiencies.”  (The Official CIP Study Guide, AIIM, 2019, p 49).  Lew Platt, HP’s former CEO once famously stated, “If only HP knew what HP knows, we would be three times more productive.”

Search experience: goes to the heart of finding content using search technology and rendering search results from disparate repositories.  The search technology needs to crawl the content on a regular basis, and update a searchable index.  The search technology also needs to process queries to locate content matching the search criteria, and process the search results to sort them based on filters.  Finally, the search technology needs to format the results and render them for the user’s device.

e-Discovery: is closely related to the search experience, but the focus is on discovering content in order to respond to litigation, compliance, investigation, and information requests.

Digital asset management (DAM): is a mindset shift to thinking, treating, and managing information business assets, applying a value to the information assets, and perhaps monetizing the information asset.  This includes digital content mentioned above, but with a greater emphasis on multi-media such as podcasts, video, digital images, movies.  Digital assets can also include architectural and design documents, intellectual property, logos, trademarks, copyrights, etc.

Digital rights management (DRM): If the digital asset has business values, then the organization has to manage and control access to the asset.  DRM is a “… form of managing digital content to limit access from a specific device and / or prevent unauthorized copying or conversion …” (Glossary of Records Management and Information Governance Terms, ARMA International TR 22-2016, p 15)

Archival services: is really a combination of KM, DAM and DRM for organization to develop and deliver new content services and products to internal business users, customers, and other stakeholders.  In some cases, it is also an opportunity for organizations to monetize their archived audio, video, and other types content libraries.

Data management: has traditionally focused on structured data in warehouses and data marts (and now data lakes) for business intelligence, key performance indicators, decision modeling, and other analytics. Now data management should be included within KM because of the large volume of unstructured data, or visa-versa – i.e. KM should include data management.  In fact, data structures, such as data lakes, store structured (e.g. financial, customer information, etc.) and unstructured (e.g. email, multi-media, social media, etc.) data / content.  Managing this data and content to derive knowledge and actionable insight is both data and knowledge management.

Business Case for a DT initiative

Success for DT in any organization relies heavily on making a good business case. A business case is often required several times throughout the DT work you are looking to accomplish. A well-developed business case demonstrates the value of the initiative to your organization and provide the rationale required by your executive to support the initiative whether it is approval to proceed with developing a framework for a particular line of business or the implementation of a technology solution to advance DT in your organization.

Executives are responsible for the success the organization and require sufficient information to support and approve funding for operational activities. The decision to support or provide funding is strongly influenced through the business case. Ensuring that the reason, problem or current state that requires addressing is clearly defined along with the benefits, risks, costs and impact the initiative will have for the organization.  It is important to be clear, concise and accurate in the statements provided.

Use Cases for the Business Case

How does one determine and decide the scope of the DT initiative when preparing the business case?  One approach is to identify and use personas for business users and determine their needs.  Creating personas can be time consuming and complex, but they can be the foundation for good requirements and user experience.  Common personas are Executive, Director, Senior Manager, HR Manager, Marketing Manager, Financial Analyst, Administrator, Records Manager, etc.  Specific industries would have specialized personas, e.g. hospitality would have Hotel Manager, Restaurant Manager; life sciences might have a Compliance Manager, Patient Care Manager, etc.

Developing Use Cases require identifying the appropriate ones in order to define the scope of the DT initiative.  This is 4-step process for selecting the Use Cases and prioritizing them.

Select and identify many representative Use Cases in order to have a good sample of personas.  When identifying and assessing the Use Cases, the organization should consider strategic, financial, compliance, and operational risks.  As well, determine whether the Use Case has business value or not; and determine whether the Use Case is worth the risk or not.  Finally, “filter out” and prioritize about 10 to 15 Use Cases for the business case.  Note that the size of the organization and the focus of the DT of the initiative will influence the final number of Use Cases prioritized in the business case.

Governance, Compliance and Risk Management

Governance in any organization is essential to ensure the appropriate framework and procedures are in place to give credence to the direction the organization has decreed as the official strategy. Likewise, to ensure the accountability and efficiency of DT strategy in the organization the DT governance framework is crucial to the success of the DT initiatives.

Compliance must also be a consideration when engaged in strategic planning and establishing oversight. The ability to understand and function within the mandate is imperative. The governance strategy must be achievable as well as understood. Information must be clear and readily accessible. Once implemented, a good practice is to have an audit process in place to assure compliance, monitor performance management, determine corrective actions and future improvement needs.

As with all initiative there is risk associated with DT.  The first step in risk management is identifying the risks associated with embarking on the DT initiatives as well as to understand the risks associated with not proceeding. Threats to the organization are identified as anything that can cause disruption in services, financial loss or damage to reputation.  

The needs for risk mitigations should be identified in the business continuity plan. Understanding the risks associated with operations may be paramount to the success of the business. Risk mitigations include any factor that may occur, including pandemics, that cause a disruption to business as usual. Dating back to the Spanish Flu of 1918, Canada has had many flu pandemics (www.thecanadianencyclopedia.ca, Oct 2020) three of which have occurred since the SARS outbreak in 2003. In understanding that pandemics pose a greater risk in recent years the necessity to include the mitigations for a pandemic event equal or surpass the need for mitigations due to natural disaster depending on your geographical location.

Change Management and Stakeholder Risks

Change is ubiquitous and permeates every organization. The cliché, is truer today than ever, because technological change is so rapid.  Consequently, digital technologies are forcing organizations to embark on DT initiatives that fundamentally change how they operate.

Organizational Change Management (OCM) is often overlooked in technology implementations, which is unfortunate as it has the power to “move the needle” from failure to success. OCM is about initiating a “mindset shift” to change the organization’s culture. Recall the phrase originated by Peter Drucker, and made famous by Mark Fields, President at Ford, “Culture eats strategy for breakfast, lunch and dinner.” (https://www.supplychain247.com/article/organizational_culture_eats_strategy_for_breakfast_lunch_and_dinner/legacy_supply_chain_services#:~:text=Organizational%20culture%20eats%20strategy%20for%20breakfast%2C%20lunch%20and,of%20each%20other%20to%20create%20true%20organizational%20transformation, accessed Oct 2020)  In other words – “culture is everything!”

OCM is managing the human impact of organizational change.  The Information Governance Body of Knowledge (IGBOK) states, “OCM … is a framework that describes … ‘changes to processes, job roles, organizational structures and type and uses of technology.’” (Information Governance Body of Knowledge, 1st ed., ARMA International, p 120).  In the context of a DT initiative, an OCM strategy is essential for a successful initiative.  OCM will involve challenging the “way things are done” with respect to people, process and technology.  This means initiating conversations not only around technology, but also how teams collaborate today, and how they can collaborate more effectively and efficiently tomorrow.  Digitalizing business processes is more than just applying new technology.  Digitizing must focus on understanding the growing and changing business drivers, improving those processes, applying governance, and educating business users in “new ways of working” — in other words changing the culture.  The challenge for OCM is to “how to make the culture work with the DT initiative rather than against it?” To that end, it is imperative to first understand the organization’s desire for change, so that culture becomes an enabler of change.

In a DT initiative, the organization needs to examine the OCM and stakeholder risk along two dimensions – cultural mindset and using new processes with new technology.

Firstly, if the culture is rigid, i.e. “stuck in the past” – then changing the mindset will be challenging.  In general, this is evident in large organizations with heavy bureaucracy that continue to “do things as they were done.”  This risk can lead to diminishing organizational performance and even reduce the chance of survival.  Only when the pain of the status quo exceeds the ability to survive, then only transformative change is forced onto the organization.  On the other hand, organizations with an entrepreneurial culture are all about change, and “doing things differently and better.”  This is evident especially in start-up organizations because they need to continuously adapt and transform to survive.  As an example, this risk can affect intelligent capture, integrated collaboration, IG, customer experience, etc.

Secondly, if the culture is rigid, then organizations are prone to use legacy processes and tools.  Unfortunately, the imperative to develop new process that will use new technology is absent.  Furthermore, when organizations implement new processes and technology, the business users view the change as a “threat” to themselves to learn new skills, their job, and their daily business routine.  This risk can introduce conflict in the workplace between those who feel threatened and management, and even co-works who embrace the new processes and technology.  As an example, this risk can affect cloud enablement, repository neutral content, content services, auto-classification, etc.

Below is a quadrant grid that illustrates these risk relationships.  Along the x-axis is the organization’s cultural mindset to change from “Rigid” to “Adaptable”.  Along y-axis is the organization’s ability to accept new processes and technology tools.  Quadrant I represent the highest probability of failure for the DT initiative, while Quadrant IV represents the highest probability of success, i.e. probability of success is ¼.

Quadrants II and III represent high probability of failure, because only one of the two dimensions has moved from a “Low (0)” towards “High (10).”  The middle of the grid represents medium probability of success.  The organization recognizes it must change and is willing to do so, but there is significant resistance.  This most likely corresponds to the organization changing from legacy processes to new processes using new tools, but the organization is facing resistance, as just mentioned. 

The DT initiative will not be a straight line from Quadrant I to IV as the business users eagerly start adapting and are willing to change such that the DT initiative’s risk reduce over time.  Instead, the initiative will zigzag from decreasing risk to increasing risk, and back to decreasing risk.  Consequently, the risk management response will change according to the attributes that the organization is transforming.  For example, the DT initiative’s effort to improve content enablement might face less resistance because the IT department is eager to adopt the new cloud-based tools.  However, IG related to new developing processes and training to use auto-classification tools in the cloud faces resistance from the business users.  These could hinder the DT initiative. So, the risk management response needs to address these two attributes in order to the get the DT initiative “back on track.”

Summary

DT is a very complex, broad, diverse and yet advantageous undertaking. It is an inevitable chapter in the success of business in a technology-driven world. When beginning the DT journey, it is important to understand that DT is the new normal for business and society, and is not “a” project. Instead, DT is a culmination of innovative solutions and constant change that will provide advantages, and is necessary to help organizations remain competitive. Additionally, in the information industry, DT adds value to the information assets and data holdings of an organization allowing for the use of its information assets and data to be used to make better business decisions.  

Research and experience are the key to success with DT initiatives. It is important to remember that DT is relatively new and this is the time to explore, experiment and be comfortable with the understanding that organization will have successes and challenges along the way.

About the Authors

Amitabh Srivastav is an IG/IM transformation strategist. He provides CxO/VP-level consulting advice on digital transformation and focuses on content convergence, process automation, change and risk management, and governance and compliance. He writes and speaks at industry conferences about digital transformation and participates in the development of standards and certification exams.

Sandra Bates is passionate about digital transformation and a recognized professional in the security, information and privacy industries. Her passion is evident through her work within the Executive Government of Saskatchewan and is an engaged “industry” volunteer as President-Elect, ARMA Saskatchewan Chapter, while being actively involved in AIIM Digital Transformation groups.