A New Frontier: Securing the Internet of Things


The IoT is a new frontier. Projected to surpass 50 billion objects by 2020, with the potential to boost the global GDP by $142 trillion, the Internet of Things offers private consumers the ability to create app-controlled “smart homes” and offers businesses unprecedented access to real-time operational data monitoring, collection and analysis. With the rapidly-evolving, demand-driven industry of IoT devices, technologies are being introduced faster than they can be protected.

For individual consumers, IoT security breaches have the potential to violate privacy, steal personal information, and generally terrorize unsuspecting people by manipulating their home devices. On the industrial or business side of the IoT, the threat of a hack presents far more widespread consequences. Unsecured IoT devices present a perfect opportunity for hackers to wreak havoc by compromising operational and/or safety data being tracked by IoT devices, causing a Distributed Denial of Service (DDoS) incident for customers (like the October 2016 Internet Outage), and accessing, compromising, or ransoming financial systems and data by using connected IoT devices to infiltrate the corporate IT firewall. It is becoming increasingly clear to private consumers and businesses that more focus needs to be dedicated to securing the IoT.

  • Manufacturers and consumers have focused on “ease of use” over security- The vast majority of IoT devices are designed with “ease of use” as the first priority, which traditionally means security must take a back seat. In the name of “ease of use,” many of these devices do not require a username and password reset at the time of setup, relying instead on a manufacturer-provided default username and password. These devices will remain actively connected to the internet without additional credential input indefinitely. These default settings are about as secure as having no password at all.
  • IoT Devices often fall outside of the Corporate IT Cybersecurity Structure– IoT devices are typically categorized as Operational Technology and therefore, managed by Operations departments. They are often excluded from the corporate IT strategy. When employees connect unsecured IoT devices to company-provided workstations, they inadvertently provide a direct portal for hackers into a company’s secured IT environment.
  • Physical Security is often impractical – In traditional IT security, physical security is one of the basic tenants. IoT Devices may be spread all over the world, on oil rigs or remote sites, making isolation impossible. By nature, IoT devices are easily accessible, residing in common operational areas of businesses, or common living areas of homes.
  • There is currently no “McAfee” equivalent– The average internet user knows that it would be reckless to leave a computer vulnerable without the protection of anti-virus software. However, this type of software has yet to be developed for most IoT devices. This means that not only are most of these devices unprotected—but that they are also unmonitored. Devices could be hacked, and the end user would never know unless the hackers make their presence known. A potential solution would be for each manufacturer to develop security software for its own devices. But the IoT is made up of thousands of devices by thousands of manufacturers, and these companies do not have the expertise, nor the motivation, to develop this kind of software.

Inevitably sufficient security measures will be developed, but these developments will take time. Until then, here are several ways consumers and companies can keep hackers at bay:

  • Set Strong Usernames and Passwords – The easiest way to secure IoT devices is to change from the factory default credentials to a strong, unique username and password. Some devices are difficult to change, and some offer no credential change functionality. If a device does not appear to offer a credential change option, contact the manufacturer to be sure. If in the market for a new IoT Device, the ability to change credentials should be a critical measure when choosing between products.
  • Bring IoT Devices under the responsibility of IT– While Operations will remain the primary end users of Industrial IoT Devices, the security of these devices must be included in the corporate IT cybersecurity structure. Whenever possible, bring IoT devices behind the corporate firewall and ensure that IT tracks and deploys any updates provided by device manufacturers.
  • Educate employees/users about IoT Security – As in general cybersecurity, the greatest defense against hacking is a well-educated user base. By informing employees/users about the threat of IoT hacks and how they can prevent them through proper device setup and use, companies can minimize the risk of a hack occurring.
  • Prioritize increased security features– End user demand will drive manufacturers to improve security features and software companies to develop an anti-virus program for IoT Devices. As long as consumers continue to purchase devices with no regard for their security, manufacturers will continue to produce status quo. If currently-owned devices offer insufficient or no security features, consider upgrading to newer, more secure options. Consumers should continue to voice their security concerns in the marketplace, and when in the market for new IoT devices treat cybersecurity as a top priority.

As the technology community begins to unravel and understand the concept of protecting vast amounts of personal data, IoT users must remain vigilant about securing their own devices. Increasing dependence on internet-connected objects makes securing them a top priority. While alluring, the new frontier of the IoT could leave many people very vulnerable.

Making Connections: The Internet of Things


There is a lot of confusion surrounding the term, “IoT.” It sounds like something from a Sci-Fi movie. However, the world has been consumed by the Internet of Things for quite some time. People carry it around in their pockets, wear it on their wrists, or use it each day to get work done. At its most basic level, the Internet of Things (or IOT) is simply a network of internet-connected objects capable of sending and receiving data. The Amazon Echo, FitBit, smart thermostats like NEST, smartphones, and laptops are a few easily recognizable examples.

The International Data Corporation estimates the IoT currently has 13 billion connected objects, and that number is projected to surpass 30 billion objects by 2020. This substantial growth suggests the IoT will drive major changes in every industry. Executives must understand why and how to use the IoT in order to maintain a competitive advantage.

Why use the Internet of Things

It is difficult to imagine a time when a person might require an internet-enabled toaster. Yet in 1990, a toaster became the “first” IoT device. This toaster was merely an experiment, but it highlights an important concept. Just because something can be connected to the internet does not mean it should be connected to the internet. Companies considering IoT opportunities should think first about the advantages connectivity provides.

There are two main reasons to invest in IoT:

  1. Monitor remotely
  2. Collect data in real-time

Smart sensors, the nucleus of IoT, allow users to monitor people, processes, and systems from anywhere in the world. For manufacturers seeking a better understanding of their supply chain, using the IoT makes a lot of sense. Sensors provide more accurate delivery estimates and real-time changes in inventory. This added visibility detects if shipments have been tampered with and mitigates damage risk. End-to-end data can be used to assess weaknesses, identify opportunities, and establish a more efficient supply chain.

How to use the Internet of Things

Data-driven devices give companies insight to processes and operations like never before. IoT allows users to extract enormous data sets and summarize them into actionable analytics. There are four distinct types of data analytics:

  1. Descriptive Analytics – What happened
  2. Diagnostic Analytics – Why it happened
  3. Predictive Analytics – What might happen in the future
  4. Prescriptive Analytics – What to do about what is happening

Companies use IoT data to lower maintenance costs, predict equipment failures, and improve business operations. B2C companies can better understand their target market by analyzing data collected from IoT devices used by their customers.

The Industrial Internet of Things (IIoT) allows manufacturing and energy companies to leverage big data to drive future action and business strategy. The IIoT is essentially the point where traditional information technology (IT) and operational technology (OT) come together. IIoT applications use smart sensors to track inventory (as supply chain managers do) and gather data on condition-based predictive maintenance. IIoT will have a significant effect on how Operational Excellence is defined and achieved in the next decade.

Implementing the Internet of Things

The Internet of Things will continue to revolutionize the way of doing business across every industry, but the transition will not be easy. Companies who choose to implement the IoT will face many challenges. They will encounter resistance to change from their own organization, their vendors and their clients. There will be obstacles to overcome from a security standpoint, including physical security and cyber-threat. The companies will need to be flexible as best practices, standards, and regulations evolve. Organization structures will change, processes will be re-designed, and budgets will be re-allocated to support the IoT. While there are advantages to adoption, companies should look to outside resources for assistance in change and implementation management.

How to Create a Cyber Security Culture


All companies continuously face cyber security threats from both inside and outside the organization. IT departments apply very basic defenses in order to reduce the chances and consequences of a data breach. Firewalls, operating system updates, secure connections, and spam filters are all standard, but they do not address the weakest and most fragile component of any cyber security strategy: people.

Morgan Stanley’s IT department is well known for implementing world-class cyber security protection. However, in a recent security breach, data from over 350,000 customers was stolen by an employee. The SEC found Morgan Stanley responsible, citing a failure to employ “written policies and procedures reasonably designed to protect customer data.” Creating a work culture centered around cyber safety is essential. Most companies understand that better training and executive involvement are key elements in promoting cyber safety awareness. But what about the not-so-obvious actions companies can take to promote this culture? Learn more about these approaches below:

Ensure the top sets the tone.

The only way to ingrain practices that support cyber security and lower the risk of cyber-threat is to start with embedding these principles in senior executives and management. This group is responsible for setting the company culture. Consider changing compensation and incentives to include cyber security compliance points. In addition, recent studies show a direct correlation between CEO approval ratings and cyber security risk assessments. The higher the CEO approval rating the lower the cyber security risk, which analysts believe prove the theory that the happier employees are at the company, the less likely they are to cause a security breach. A company culture that fosters loyalty and happiness among employees will lessen the risk of an “inside job” in terms of hacking or using company data for malicious purposes but also, a CEO who takes cyber security seriously will influence his or her employees to do the same.

Get certified.

The ISO/IEC 27001 is the best-known standard for providing requirements to keep information assets secure. Companies are not required to implement these standards, but many companies are now choosing to take this extra step to get certified. Not only does it serve to outline standards for protecting the company, it also helps to reassure customers and business partners that their information is safe and protected. Leverage the certification to set a company-wide standard that is documented, followed, and backed by top level management. Hold trainings to ensure employees understand and follow the policies.

Create a cyber security scorecard.

The US Department of Defense is constantly under the threat of cyber-attacks. The cyber security scorecard is used as a way for the Secretary of Defense to better understand cyber security compliance and exposure. The scorecard assesses cyber security control across multiple areas: people, process, technology, facility and compliance. The purpose of the scorecard is to ensure organizations can effectively and regularly perform security assessments that highlight areas for improvement and gaps in cyber security policies. Once the gaps are detected, communicate them throughout the company and schedule trainings to specifically target and mitigate these issues.

Inventory and Protect All Networked Devices.

The technology that people wear and carry are often more powerful than they realize, so companies and employees should be aware of the associated risks. Because users rarely think about cyber security as it applies to their personal devices, they put the company in a vulnerable position to hackers when they default their devices to the least secure settings. Training around the risks is crucial to establish awareness. Publish company policies around what to do if a wearable device is stolen or put at risk and address them in employee onboarding. Put programs in place to educate employees on how a hack on their device could put the company in danger.

It is not a matter of “if” a company will get hacked, but “when.” Embedding cyber security, cyber safety, and cyber-threat awareness into an organization’s culture helps delay and minimize the impact of the inevitable. Trenegy helps companies create and implement customized strategies to reduce cyber security risks.

I Have Never Met a Perfect Person: Dealing with an Imperfect World


Standard economic theory is based on the assumption that people are perfectly rational.  In other words, people rationally weigh the costs, benefits and risks before making decisions.  But, except for my wife, I have never met a perfect person.  (I love you, honey.)

A new line of behavioral economists is proving that people make irrational decisions that are driven by biases that can be anticipated.  One such economist, Dan Ariely, summarizes this in his book Predictably Irrational:  The Hidden Forces That Shape Our Decisions:

(We assume) that we are rational… But, as the results presented in this book (and others) show, we are far less rational in our decision making… Our irrational behaviors are neither random nor senseless — they are systematic and predictable. We all make the same types of mistakes over and over, because of the basic wiring of our brains.

These irrational choices that humans make not only affect the economy, but infect every aspect of our lives.  As we studied the root causes of major business “black swan” events – from major oil spills to worldwide automotive recalls – we have identified several of these human factors that must be taken into consideration when designing your company’s operational excellence program.  Organizational structures, policies and procedures, and underlying technology tools must all recognize that humans are not always rational and build checks and balances that account for these human biases.


Groupthink occurs when the momentum of a group influences acceptance of a decision or course of action that may not have been reached by the individual members.  In groupthink, an individual may be hesitant to go against the group from fear of looking dumb in front of the crowd.  They may be thinking “the whole group seems so sure, so I must be wrong.”

In your company, traditional brainstorming exercises may be especially prone to the effects of groupthink.  That is one reason why Trenegy uses the ACEtm Methodology for meeting facilitation.  This approach alternates between convergence (group brainstorming) and divergence (outside party review) cycles to ensure the consequences of groupthink are mitigated.

Confirmation Bias

Confirmation bias is our tendency to view evidence presented to us through the lens of what we believe to be true.  Confirmation bias explains why the same economic data can be seen by the government in power to be good, while it is used by the opposing factions to prove the economy is bad.  Each group is seeing the evidence through their individual belief that their base position is correct.

Your company’s internal reporting can be easily influenced by confirmation bias.  If the definition of the data presented is not clearly understood, and how that information relates to the ultimate company strategy is not effectively outlined, people will tend to draw conclusions based on their own interpretations.  One way to mitigate confirmation bias is to seek out data that may contradict the popular beliefs in your organization and try to uncover why that is.  For example, if the conviction in your organization is that you are a safe work place, solely reporting lost time incidents may only be confirming that opinion (since those types of incidents are few and far between).  Conscious reporting of near miss events and first aid injuries may show that maybe you are not working as safely as you thought.

Normalization of Deviance

Normalization of deviance occurs when unacceptable practices become gradually more acceptable after the unacceptable behavior avoids negative consequences.  Some normalization of deviance is harmless.  The rise of “business casual” dress is a good example.  In the 1970’s President Carter called for thermostats to be raised to save energy during the energy crisis.  This led to business people leaving their ties and jackets at home.  When there were no repercussions from doing so, the acceptable dress for companies continued to drift toward what we now call “business casual.”

In some cases, though, normalization of deviance can have catastrophic results.  The original design parameters of the Space Shuttle’s Solid Rocket Booster O-Rings anticipated no blow-through of gases through the O-Ring.  But early in the Shuttle program some blow-through was observed after launches.  Although minor modifications were made to the design, over time some blow-through became acceptable to the Shuttle team.  In 1986, blow-through of gases through the Solid Rocket Boosters O-Rings of the Challenger resulted in an explosion and death of the crew on board.

The design of safety critical and reliability systems (organizational, procedural, or technological) must include barriers that prevent normalization of deviance from occurring.

Optimism Bias

Optimism bias is the tendency of humans to be overly-optimistic and developing a “this won’t happen to me” mentality.  Dan Ariely found that 95% of drivers believe they have above average driving skills (for those of you who are mathematically challenged, by definition only about half of all drivers can be above average).  This tendency can have undesirable effects.  People may put off diagnostic tests such as colonoscopies, or not wear a helmet because they believe they are unlikely to be in a motorcycle accident.

In companies, decision-making needs to guard against optimism bias.  This is particularly true in the Project Management process.   A pervasive tendency to think “this won’t happen to me” while planning projects contributes to 64% of energy mega projects going over budget, and 73% being delayed (according to a study by EY).   A robust risk identification and mitigation process can help fight this tendency to be overly optimistic.

Expectation Bias

Expectation bias occurs when we hear or see what we expect rather than what is actually happening.  Most of us have experienced this as kids (e.g., your sister was always “the good kid” so when your mother saw the broken lamp she automatically assumed you broke it even though she did, and does not believe you when you tell her so).

Although this example is harmless, expectation bias can have tragic consequences.   In the 2010 Macondo blowout in the Gulf of Mexico, the rig crews were told incorrectly that a critical test had passed successfully.  Because they believed the well was safely secured (even though it wasn’t), they failed to see the indicators of a blow out in the data they were receiving, contributing to a catastrophic blow out that took 11 lives and spilled five million barrels of oil.

When designing your company’s operational excellence programs, proper attention must be paid to these expected faults in the way our minds work.  For example, organizations must mitigate groupthink and confirmation bias by allowing cross-function interactions to occur.  Policies and procedures must guard against exceptions so that normalization of deviance does not set in.  A robust risk management process must force the organization to realize that, despite optimism bias, bad things can happen.   And technology must be in place to ensure the right information is driving decisions so that the organization is not blinded by expectation bias.

Trenegy helps companies successfully manage any aspect of their operational excellence program using proprietary methodologies tailored to our client’s needs. We help our clients get value of out their new system quickly and relatively painlessly.  This is the fifth in a series of articles on operational excellence.

Using Platforms to Transform the Supply Chain


An effective supply chain has three key elements: market exposure to products and services, direct collaboration between buyers and suppliers, and cost efficiency. Managing these elements in a traditional supply chain model is not easy. Buyers have to actively manage relationships with a variety of suppliers and often do not have clear visibility when new products or services are offered by new suppliers. Buyers fall into a one-sided Supplier Management rhythm; working the phones and email with ‘who they know,’ as opposed to suppliers who provide the best products or services at the best price.

Today’s cloud-based platforms eliminate the old-fashioned routine. For example, consider Airbnb’s platform. The online dashboard creates value by enabling direct collaboration between home owners and renters. Cloud-based supply chain models work in the same way. Buyers use the platform space to efficiently work with a broad range of suppliers, who in turn gain access to buyers in real-time.

Platforms are creating value for both buyers and suppliers by:

  1. Increasing exposure and reducing prices

Platform business models provide a space for consumers to openly interact with producers, and vice versa. Likewise, a good supply chain platform will provide this space, and it will also offer incentives for becoming a member. As more members join the platform, seller presence becomes visible to an increased number of buyers, heightening product exposure. Then, as the network effect kicks in, elevated purchasing traffic drives down the cost of the product, allowing purchasers to obtain products at a lower cost.

  1. Discontinuing Service Level Agreements

Platforms define base compliance standards, reducing the need to manage SLAs. Standards for doing business are built within the platform itself and platform members agree to these terms in order to participate. Cloud-based supply chain platforms hold both sides accountable for meeting standards relating to shipping time, response time, annual fees, payment methods, refunds, etc. Terms and conditions will vary depending on the platform, so it is important for potential participants to consider which guidelines are important and correspond with their business strategy.

  1. Granting access to real-time information

Cloud-based supply chain management platforms place an emphasis on needs planning and scheduling. Buyers can upload inventory with pre-defined depletion notifications, allowing suppliers to bid on replacements in near real-time. Both sides have the ability to respond quickly to changes in the supply chain. If a shipment is late, suppliers can provide up-to-date tracking information.  If a shipment is extremely late, buyers can access the platform to identify what is available and when.

  1. Eliminating approved vendor lists

Because supply chain platforms ensure procurement from only ‘approved’ suppliers, the practice of managing an approved vendors list becomes obsolete. Previously, buyers invested a great deal of research and vetting into determining which suppliers were approved. Now, buyers can use platforms to filter suppliers by established company protocols and purchasing criteria (e.g., product quality, timely delivery, and supplier ratings). Most importantly, existing suppliers can be by-passed or banned based on real-time evaluation of performance.

  1. Making it easy to connect with and review new partnerships

Platform business models make it easy to shop around for potential suppliers and partners by providing direct feedback from other platform members. Similar to checking Yelp for restaurant reviews, business partners evaluate buyers and suppliers based on their experience. When your long-time pipe supplier is out of stock, there is no need to wait for inventory to be replenished. Instead, users can search for comparable products on the platform and review supplier ratings to make the best decision for current purchasing needs. References and reviews are beneficial for users looking to establish new connections or alternative options. They also help instill confidence in transacting with unfamiliar customers and suppliers.

Cloud-based platforms are changing supply chain procurement strategies for the better. With increased market exposure, easily realized cost efficiencies, and an environment for direct collaboration, platform business models are equipping buyers and suppliers with the tools necessary to succeed in supply chain management. Trenegy helps companies identify innovative solutions that streamline the procurement process. To learn more, contact us.

Leveraging Digital Pricing Solutions to Drive Revenue Growth


Dynamic pricing, or charging based on customers’ willingness to pay, was once thought of as an airline gimmick, or at worst as price discrimination. The public consciousness’ shift on dynamic pricing is best exemplified by the ride-sharing behemoth, Uber. Steven Levitt, of Freakonomics fame, recently analyzed Uber’s surge pricing model to determine the UberX demand curve. In the working paper developed with several other economists, Dr. Levitt noted that even with Uber’s demand-based surge pricing, they were leaving $6.8 billion on the table in consumer surplus. Uber’s pricing strategy may need tweaking to capture some of those billions, but the preliminary results emphatically show that customers accept and appreciate a demand-driven dynamic pricing model, and that the inflexible pricing model that taxis use is woefully outdated.

Not every firm is Uber. However, any company can rethink their pricing strategy to drive revenue. The development of powerful price optimization and management (PO&M) tools has provided our clients with top-line growth. Using a digital PO&M solution allows companies to automate and facilitate the Inquiry-to-Order process, creating actionable data about purchasing behavior. As a result, PO&M is a hot trend. Unfortunately, the immaturity of the market is leading to consistent pitfalls in implementations. We at Trenegy have consolidated the struggles and pitfalls we often see into four key considerations that organizations must read before purchasing:

Understand Complexity and Timing

Implementing the right PO&M solution is a complex undertaking. Most firms have experienced the challenges of implementing ERP and other EPM solutions, and often those challenges are exacerbated by a lack of planning. Similarly, PO&M implementations require a robust planning phase to prepare the data integration and the underlying algorithms which enable dynamic pricing. The firms that achieve the least amount of value from their digital pricing solutions are the firms that expect it to be “plug-and-play.” Because of the solution’s complexity, companies must invest in training, change management, and defined roles and responsibilities to roll out a PO&M tool effectively.

Know Your Data

The process of streamlining and cleansing data required for pricing analytics is often the most pain-staking and time consuming activity of an implementation. Ensuring this is done correctly prior to go-live is paramount. All of our manufacturing and distribution clients have similar issues with their master data. Common pain points include: ERP data that does not align with business intelligence data, sales team price lists on outdated Excel spreadsheets that do not match contracts in the contract database, or budgeting tools that have different product roll-ups than the S&OP tool. Because PO&M systems pull from a variety of sources, key rationalizations must be made during the project’s design phase:

  • What data, and at what level, does the PO&M system need?
  • Which sources have this data and will it be integrated?
  • Have you reconciled the source data at all levels?

 Design a Strategy

Our clients seek a PO&M tool because their current cost-plus, absorption, or contribution margin pricing strategy isn’t capturing enough value. Dynamic pricing is a powerful business concept that can help grow revenue by up to 10%, but purchasing a PO&M solution without a defined dynamic pricing strategy is like leaving the engine out of your Uber LUX sports car. What drives the tool is the consensus between finance, sales, and operations: what will they charge for each SKU in each region while accounting for key dynamics like supply/demand, customer base, and sales promotions? All of these factors develop the algorithm that is the foundation of the PO&M solution.

Manage the Organizational Impact

Effectively implementing a standardized pricing strategy and solution relies on change management initiatives. Throughout the project, the team must develop clearly defined roles and responsibilities, process flows, and policies to align the customer-facing functions. After the tool goes live, the sales and marketing groups need to work together to leverage their capabilities to generate greater revenue.

Trenegy has assisted a number of companies with implementing effective pricing systems. For additional information, please contact us at: info@trenegy.com.

4 Keys to Automating the S&OP Processes


Manufacturing companies’ ability to compete oftentimes hinges on meeting customers’ delivery expectations. Customers want the product when they want it, and delivery failures result in customer attrition. With the introduction of platforms connecting producers to consumers, moving from one supplier to another can happen overnight.  Unfortunately, customer product demands are difficult to predict.  Customer unpredictability requires manufacturing companies to closely manage the balancing act between material requirements, production capacity and inventory levels.

To address the predictability challenges, manufacturing companies must have a robust integrated business planning process aligning sales, operations and finance.  In many organizations, the Sales and Operations Planning (S&OP) process is disjointed and cobbled together with various spreadsheets and emails.  Companies can leverage technology to innovate and streamline the S&OP process. An S&OP platform can automate processes across sales forecasts, demand planning, materials planning, network optimization and financial planning.

Keep in mind, processes must first be standardized and organizations aligned before investing in a technology solution in order to realize any real benefits. Before starting an implementation, consider the following:

Know where you stand today. Business functions operate in silos and have unique processes, systems, success metrics, and terminologies.  Understanding the current state and identifying pain points within the process is key.  For example, the sales organization speaks in “dollars” and the plants speak in “units.” This means that the pricing process must be well-defined to interpret what sales is saying versus what the plant must produce.  Assess the current processes across the supply chain, then determine actionable steps for improvement. Automating an ineffective process will not yield greater effectiveness. Be realistic about the current state and develop a plan to implement the desired future state.

Roles within the organization will change. To effectively implement and utilize a S&OP tool, everyone involved in the S&OP process should understand their individual role and accountability. Undefined roles and responsibilities lead to duplication of effort and multiple versions of the truth. The plant receiving one forecast from sales and yet another version from the demand planners will experience confusion and second guessing.  Developing a RACI (Responsible, Accountable, Consulted, Informed) model for each step in the S&OP process is a great tool to align roles.  Clarifying how each individual contributes to the S&OP process and fostering collaboration across teams are essential to success.

Data is everywhere. Identify authoritative data sources and clearly define data inputs, calculations and outputs. Most companies with a manual S&OP process have data stored in multiple systems, spreadsheets, servers and hard drives. With data coming from multiple sources, companies spend the majority of the time validating the data, leaving little time for analysis.  Demand Planners plan production at a more product SKU level, and finance forecasts production at a product line level.  The two versions are rarely reconciled or shared between operations and finance. This creates a tedious and time consuming task, leaving little time for analysis. Before implementing an S&OP tool, the team should design a data model that aligns the company’s sales, financial, supply, and operations planning process and requirements.

Build consensus among key stakeholders. It is difficult to argue the benefits for implementing a platform for S&OP process automation.  Sales, finance, operations, supply, pricing, marketing and product management teams must be aligned, given the cross-functional nature of S&OP.  Establishing who will be accountable for the S&OP implementation isn’t always easy. Organizations need top management from commercial, finance and operations commitment to be aligned.   This includes aligning project objectives.  A good exercise to start the S&OP implementation, includes developing S&OP Guiding Principles. The Guiding Principles set the tone for the implementation and give all functions a clear understanding of the path forward.  Any disagreements will be resolved by the Guiding Principles for the project.  With executive leadership in place, buy-in from key stakeholders and the rest of the team in place, the S&OP process can succeed.

While technology can automate and simplify the S&OP process, processes, data, organization roles and expectations must be aligned across the business.

A Practical Guide to Transfer Pricing Policy Design and Implementation


Guest author David North, Corporate Controller at L.S. Starrett Company, provides a detailed look into transfer pricing policy design:

From what we see in the news media, transfer pricing is a tool used by unscrupulous corporations to “rig the system” of global trade as they’re caught paying single digit tax rates on enormous profits.  Such stories dominate the business headlines and political rhetoric only because scandal sells and because the business news media give disproportionate coverage to the world’s very few extremely large corporations.

For the rest of us the situation is the opposite – a threat of confiscation rather than a temptation to exploitation.  Only the giants can afford departments of full-time experts to design and maintain international tax and treasury strategies involving shell companies to act as “coordination centers” around the world.  The rest of us couldn’t possibly talk to national governments, let alone negotiate special tax treaties.  Instead we struggle to establish and maintain a transfer pricing policy that might protect us from double taxation and even when that’s achieved, the operational obstacle caused by the remedy is often worse than the problem it was meant to cure.

For all but the giants, designing and implementing a transfer pricing policy that’s acceptable to tax authorities without impeding the ability to do business is a tough challenge…

Click here to download the Transfer Pricing Do It Yourself Guide.

7 Signs a Difficult Person is Preventing Progress


The root cause of project delays, failures, and missed deadlines is often traced back to a single cause: a difficult (or insert adjective here) person.  Difficult people get in the way of progress.  They contribute to a workplace environment saddled with major time wasters: lengthy meetings discussing minutiae, circular arguments, tangential debates, non-productive discussions, and let’s not forget the ancillary meetings dedicated to getting a “difficult person” focused appropriately. Before we know it, a project lags behind schedule.

Although difficult people have seemingly good intentions, their work style is toxic. Below are the obvious signs of difficult people and recommendations for coaching them toward progress:

  1. They frequently remind others of their tenure (or lack thereof) with the organization.  Statements like, “I have been here for 20 years, so….” or “I have only been here for 4 months…” are typically followed with excuses for not taking action.  While it’s often essential to utilize one’s expertise in decision-making, a better way to mention it would be: “Based upon my experience with our company (or other companies), we could consider…”
  2. They wait for others to make decisions. Declaring, “If only management would decide what we should do…” is a hallmark of inaction. Oftentimes, difficult people will involve as many other non-decision makers as possible and lure them into the conversation as a deflection tactic. Instead, the difficult person should be direct and express any suggestions or concerns they have. They should say, “I am going to take a recommendation to management for feedback.” Engaging the final decision maker moves things forward.
  3. They find others in the company to be annoying. Difficult people might say, “Everyone else here acts like (fill in the blank) …” Statements like these suggest that the real problem is in the mirror. When faced with conflicting attitudes, a better response is, “I must be doing something wrong. How can I help others succeed?”.
  4. They are overbearing in meetings or they choose not to participate at all. “I have to take over every meeting!” or “I have nothing to say because they won’t listen!” indicates that true collaboration is not valued.  It is important that difficult people ask questions, encourage others to provide a perspective, and honor the cooperative forum.  If this is an issue, ground rules for meetings, such as “silence is agreement,” are critical to forward progress. Opting for smaller in-person meetings, instead of conference calls can also keep meetings concise and focused.
  5. They believe they are smartest people in the room. When a difficult person says, “Nobody understands my recommendations…” it’s usually a failure to provide better explanations or the recommendations are really bad ideas. A better approach to decision-making is to encourage others to ask questions and collaborate.
  6. They believe their requests go unanswered. “I email requests out to the team and nobody ever responds!” is a common attitude of difficult people. They may attribute this to their intimidating intellect, but a complete lack of response is likely a problem with how their message is delivered. Requests should include at least two of the following: (a) what’s in it for the recipient, (b) a personal touch of kindness, and/or (c) an explanation of the purpose of the request. It is important that, when able, people should refrain from emailing and engage face-to-face.  Engagement helps build a more collaborative environment and people may share more information face-to-face versus email.
  7. They do not consider their co-workers as confidants. “I cannot trust anyone in this place…” is a statement no one wants to hear in a healthy work environment. Building trust is a worthy investment in the company’s culture.  When trust is lost, it is important to address it and understand it in order to repair it. Taking the time to coach difficult people to engage with others helps to eliminate untrustworthy behaviors.

Using these coaching points can help a difficult person discover how a few communication techniques can make a world of a difference in project success.