ACT Logsys Ltd, the hardware-independent provider of consultancy services, systems integration, and turnkey projects, has entered into a three year collaboration with Bob Charette, president of software specialist company Itahbi Corp (CI No 1,484) to provide a consultancy and management service in risk engineering, targeted particularly at financial services, retail, and local and civil government. Risk engineering is encourages companies to seek to identify and minimise all the risks involved in the acquisition and implementation of a computer system in their business. It also involves an analysis of a system’s suitability for a particular company, and the effect it will have on the running of its business. Itahbi specialises in risk management consultancy, and its clients include the US and UK governments, as well as British Telecom, Unisys, and Mobil. The story goes that Itabhi demonstrated its services internally for ACT Logsys which, in turn, was so impressed that it made a bid for a licence to resell the technology. Charette’s Risk Engineering service, which he has named after his nature, Cynic, is simply a prescriptive approach. He wants to help companies to help themselves, saying that many companies today are wasting too much time and money on calling in expensive management consultancies to correct or re-direct runaway projects, when they should be disciplining themselves to analyse all the risks involved at the point of investment rather than let themselves be seduced by technology. According to Charette, no-one else offers the sort of service that ACT is now marketing, although Itabhi is talking to other management companies, who may also soon be licensing Charette’s Cynic methodology. The Ministry of Defence, with its introduction of mandatory risk analysis, has stimulated the market, says Charette, so there should soon be a response from other companies. SD-Scicon has an internal system for crisis management, and there are one or two organisations offering specialist services, for example defence-oriented risk assessment, whereas ACT provides a full risk engineering framework, for any type of organisation, comprised of two aspects – Risk Analysis and Risk Management. Says Charette, the acquisition, development, marketing and use of computer systems all involve some level of risk, and factors such as the safety of the system, its protection from viruses and computer hackers, and the financial impact of operational disasters need to be considered. Once all potential risks have been identified, a level of acceptability is set. In some cases, such as government defence, any risk at all to system security will be totally unacceptable, whereas other organisations will have a maximum cost that can’t be exceeded and so must forego some of the benefits. Risk Management involves the monitoring and controlling of all the risks and ensuring that the systems function effectively and all targets for the development are met.
Cynical smile
Risk engineering is already a mandatory inclusion, albeit unspecific, in all computer contracts tendered for the UK government and, Charette feels that with commercial companies moving towards open systems, risk minimisation must increasingly become a vital component of all computer policies. He reckons that some of the success of Japanese companies can be attributed to their risk management stategies and it’s time the issue was taken more seriously in Europe and the US. The cost of a base licence from ACT is around UKP15,000 per project, but the methodology has then to be tailored to the clients’ needs and the size of the project. The idea is that ACT eventually transfers the technology to its clients, just as Itabhi passed it on to ACT. Meanwhile, Bob Charette just sits back with a cynical smile as the money rolls in. – Susan Norris
