The environmental impact of compliance
The costs and disruption associated with complying with new legislation and regulation will be familiar to a lot of IT professionals. For many companies, adhering to the likes of Sarbanes-Oxley, Basel II and MiFID often means a fundamental reorganisation of the way IT systems are run.
It may be heartening to know, then, that the compliance burden can be as big a headache to those public-sector organisations tasked with introducing new legislation as it is to those on the sharp end of new laws.
The Environment Agency is a non-departmental public body that is responsible for enforcing government policy around conservation and the regulation of the effects of heavy industry on the environment. When the Government introduced its pollution prevention and control regulation in 2002 — designed to ensure companies have sufficient waste production and disposal procedures in place — the agency was forced to consider whether its IT systems were up to the job of enforcing the regulation.
The person charged with making sure the changes happened was Gerry Kaspers, programme manager at the Environment Agency. The technology issues faced by the agency are not that different to those encountered by any company that has developed IT systems in a piecemeal way, she claims.
"We were looking at an organisation that had a lot of separate IT systems with very discrete query databases, primarily holding information about our customers and their permits,” says Kaspers. “A lot of them were about capturing information retrospectively, after we’d done an inspection of a customer site, for example."
The organisation’s existing IT systems and processes suffered from blockages in the flow of information out of its disparate databases. Staff would spend a lot of time matching records from a variety of sources to get a single view of each of the companies, or customers, it regulates, says Kaspers.
"We wanted to move towards providing operational staff with something that would support them in their daily jobs, managing information and the activities around the customers and sites that we regulate," explains Kaspers. "That way, we could offer staff joined up information with business-process support to get an overall view of each customer site we visit."
The creation of a brand new set of processes to manage the introduction of the pollution prevention and control permit scheme gave the agency the opportunity to examine how its existing IT was supporting staff in their day-to-day work. "We deliberately chose a new and complex process to test the strategy, which needed far less process re-engineering," says Kaspers. "The pollution prevention regulation meant we were going to be dealing with 8,000 sites using the new processes, and we just couldn’t have absorbed that change without upgrading our IT."
To keep the project's costs and complexity at a minimum, Kaspers claims the organisation was aiming to make the most of its existing IT systems. It opted for a strategy that today would be called business-process management (BPM), but back in 2002 was yet to be explicitly defined. BPM is essentially a set of software tools that can be used to optimise existing IT systems to make them work more effectively. "People weren’t thinking about BPM in the same way four years ago. The skills base and marketplace weren’t as mature," says Kaspers.
Kasper and her implementation team, which included enterprise IT architects and key business users, chose to use workflow software from Tibco (formerly Staffware in the UK, before Tibco acquired it in July 2004). The Environment Agency opted for a combination of Tibco Staffware Process Suite and Tibco’s main BPM product, BPM 9i.
With a highly distributed structure, which includes eight regional offices and many more local ones, the pilot was restricted to The Environment Agency’s Preston office to test the viability of using a BPM strategy to reduce existing systems and introduce new functionality. Although the pilot was largely a success, the agency had to make compromises between its initial testing of the product and its final cross-organisational configuration.
Working with an implementation partner, the company installed the Staffware software using a Windows-based front end, despite knowing that eventually it would have to be adapted to a Java-based graphical user interface (GUI). "Some customisation was needed, but part of our initial choice of Staffware was based on its product working out of the box. We traded the GUI work for speed of implementation," says Kaspers.
The Preston pilot proved the concept of using BPM to integrate disparate systems, and the IT team moved on to a wider first-phase implementation. "Going forward, we’re interested increasingly in the ability to mix and match infrastructure items within the enterprise architecture. So what’s important for us is the ability to put service access and wrappers around a whole variety of components."
The rollout of the first phase was not without its issues, points out Kaspers. "Performance and scalability were an issue," she says. "We also had to spend a lot of time doing performance testing to make sure the new Java front-end would scale."
For the pilot, the team ran the Staffware software on a free-standing local server, but load balancing and testing became key during the first phase of the rollout to the rest the organisation, as the software shared resources of a server environment that supported 12,000 users.
Preparing and cleansing all the data involved in the project was a key task. “We had quite a fraught time related to data migration — it was time consuming and expensive. But you can’t overestimate how important it was to get the data ready first,” says Kaspers.
There was also an element of cultural resistance to the changes, she adds. Kaspers's team had to work at persuading staff to take on the formalising of procedures, as well as the ability to monitor caseloads and work activity. "Our staff have a vast knowledge base about our work, and tend to operate with managerial authority and freedom. It’s always a trade-off of consistently logged and journalled workloads and micro-management with the benefit of being able to share case histories and see what any other agency officer has done on a particular case."
And when the rollout moved to some of the more outlying, rural offices, network connectivity to central communications and technology hubs, the already planned network upgrade for these offices came in particularly handy.
At the same time as helping the IT infrastructure better support its key compliance responsibilities, the new BPM strategy also helped the agency execute its own environmentally conscious remit.
"There have been clear benefits," says Kaspers. "The accessing of documents online has saved thousands of tons of paper. And the IT choices we have made around the issue of travel have reduced our travel costs and carbon emissions accordingly."