Digital Evolution Automation

In today's competitive business environment, it is more important than ever to protect your intellectual property (IP). This is especially true for companies that work on internal or client projects that involve sensitive or proprietary information.

Whether your procurement and engineering groups are working on internal projects, or many Client projects, protecting intellectual property (IP) is critical.  At the same time, it is hard to maximize efficiency if stakeholders cannot access the data they need at the right time. It is critical that the full lifecycle of your procurement process protects confidential information, whilst simultaneously ensuring the project team have the data and visibility to do their jobs effectively… seems like an impossible task right?

The problem with disjointed systems:

At some point in our careers, we have all worked in businesses processes that are a Frankenstein like collection of spreadsheets, task-specific software, and maybe an old-fashioned form for good measure. Would you trust your company’s or department’s reputation for controlling disclosure in that world? Now sprinkle in manual emails to communicate to a large project team including outside vendors. Would you bet $1000 that no data leaves the project team? What about $1,000,000?  

A prototypical “Frankenstein” system:

  1. Multiple software tools with varying or asymmetric access control systems: If your contracts or internal controls require you to guard proprietary data at the project level, but your software cannot grant roles at that level you are stuck between not allowing access to the software (and through that losing collaboration) or breaking confidentially rules.
  2. Offline file stores: managing internal networks is difficult in a normal business, and even more difficult in project-based organizations. Project teams grow and shrink during their lifecycle, and while your company might have strict rules around granting initial access to resources, how does it react when someone is redeployed and is no longer on the team? Layer in a complex folder structure within the project intended to segregate data and this maintenance can become a full-time job.
  3. Manual processes. Manual processes are subject to human error, and generally have low to no accountability or control. Is it possible that the excel based workbook you use for tracking was fouled by a bad formula, or modified by someone acting outside of their job function?
  4. Email based communication within the project team. Like the above, project teams ebb and flow. There are costs on both sides: what if someone who should not have seen this communication receives an email? What is the cost if someone is out of the loop because their address was missed when sending the email? Using a distribution list tries to solve this problem, but it relies on timely upkeep, and relies on the assumption that everyone on the distribution list has the same level of access.

The tradeoff:

In the absence of sufficient control, companies have the impossible decision of either risking intellectual property breaches that can lead to reputational loss, or substantial financial penalties, and lawsuits, or reducing collaboration, and efficiency by minimizing data access.

Mitigating the risk without giving up efficiency:

  1. Using comprehensive tools:  Your system must allow your team to complete most if not all your procurement activities within the tool to minimize the need for your teams to bring data outside the system or pass documents through unmonitored channels.
  2. Access control: Your procurement system should have stringent access controls that allow individual role grants at the project level.
  3. Your project procurement system should allow for file storage, team communication, and task management within the system to avoid data-bleeding. There is no risk of your proprietary data being lost from your procurement network folders if these never exist, right?
  4. Use trackable, cancellable, and auto-expiring links to share data with external or non-project members instead of email attachments.  These technologies allow you to track receipt, revoke access, and ensure compromised emails cannot access your private data by auto-expiring.

How Current Solves the problem.

At Current SCM we leveraged our 40 years of corporate history in executing engineering projects in proprietary technologies to design what we feel is the best project-centric procurement system through three critical features.

  1. Two-Level Role Based Access Control

Many applications give users singular roles (e.g., the User is a Project Manager across the entire organization), others allow for perhaps an additional level of control via a team or tenant (e.g., User is a Buyer I for the Utilities team). Current found these solutions were insufficient to meet real-world project needs. Instead, we utilize a two-level role-based access control (2xRBAC)

Customers can have one or many teams, and within those teams they can have one or many projects. Data is both segregated at the Team level, and then again at the project level. Within each team your employees or clients can be granted zero or many roles, and at the project you can again assign them no, or many roles.

Two-Level RBAC can allow many unique use cases:

  1. Users should be able to action all team level resources for their geographic team, and have reporting only access to another geographic team. In addition, within their geographic team, they are a project manager on one project, responsible engineer on another, and cannot access your other 5 projects that are ongoing.
  2. You want your client to have live reporting access to keep tabs on the project, but do not want them to access any of your team level resources or open any transactions.
  3. An administrator should be able to do just one task across all projects (process invoice submissions for example).
  4. A super user who should be able to see everything at any time.

The bottom line is that you can rest easy ensuring those people who need information will have real-time access through our single-source-of-truth model, without risking unintentional disclosure of confidential data.

  • Covering the Full Lifecycle of Procurement

Starting with importing data from your material take off tools, or engineering design systems, your teams can split this data into requisitions, issue these for competitive bid, evaluate responses, award, and convert these to orders, and manage the entirety of the material management, delivery and document expediting process all within a single tool.

  • Monitoring and Auditing

Every record within the system retains a full audit history showing the initial state, as well as the previous and modified state of all edits. This functionality can help administrators both detect abnormal access patterns, as well as understand how data has changed over its lifetime.

background image of waves pattern l
Free your procurement projects from process bottlenecks and scale your operations with Current SCM
Contact Us