Skip to Main Content

blogpost

Don't worry, just assess: Eight tips for reducing
go-live
stress

06.07.17

We all know them. In fact, you might be one of them — people who worry the words “go live” will lead to job loss (theirs). This feeling is not entirely irrational. When an organization is ready to go live from an existing legacy system to a new enterprise system, stress levels rise and doubts emerge: What can go wrong? How much time will be lost? Are we really ready for this?

We’re here to help. Here is a list of go-live essentials to help you mitigate stress and assess your readiness. While not all-encompassing, it’s a good place to start. Here’s what you need:

  1. A detailed project plan which specifies all of the implementation tasks
    A project plan is one of the most important parts of an implementation. A detailed plan that identifies all of the implementation tasks along with an assigned resource for each task is critical to success. The implementation vendor and the organization should develop this plan together to get buy-in from both teams.
  1. A completed system configuration
    New system configuration is one of the most time-consuming aspects of a technology implementation. If you don’t complete the implementation in a timely manner, it will impact your go-live date. Configure the new system based upon the best practices of the system — not how the existing system was — for timely implementation.
  1. External system interface identification
    While replacement of some external systems may be a goal of an implementation, there may be situations where external systems are not replaced or the organization has to send and/or receive data from external organizations. And while new systems have advanced interface technology capabilities, the external systems may not share these capabilities. Therefore it is imperative that you identify external system interfaces to avoid gaps in functionality.
  1. Testing, testing, testing
    End-to-end testing or User Acceptance Testing (UAT) is often overlooked. It involves completing testing scenarios for each module to ensure appropriate system configuration. While the timing of UAT may vary, allow adequate time to identify solutions to issues that may result from UAT.
  1. Data conversion validation
    When you begin using a new system, it’s best to ensure you’re working with clean, up-to-date data. Identify data conversion tasks in the project plan and include multiple data conversion passes. You must also determine if the existing data is actually worth converting. When you complete the data conversion, check for accuracy.
  1. End user training
    You must train all end users to ensure proper utilization across the organization. Don’t underestimate the amount of time needed for end user training. It is also important to provide a feedback mechanism for end users to determine if the training was successful.
  1. A go-live cutover plan
    The overall project plan may indicate go-live as an activity. List specific activities to complete as part of go-live. You can build these tasks into the project plan or maintain them as a separate checklist to promote a smooth transition.
  1. Support structure
    Establish an internal support structure when preparing for go-live to help address issues that may arise. Most organizations take time to configure and test the system and provide training to end users prior to go-live. Questions will arise as part of this process — establish a process to track and address these questions.

Technology implementations can significantly impact your organization, and it’s common for stress levels to rise during the go-live process. But with the right assessment and preparation, you can lessen their impact and reduce staff stress. Our experienced, objective advisors work with public and private sector organizations across the country to oversee large enterprise projects from inception to successful completion. Please reach out to us to learn more about preparing for your next big project.

Related Industries

Related Services

Consulting

Information Systems

Editor's note: read this blog if you are a state liquor administrator or at the C-level in state government. 

Surprisingly, the keynote address to this year’s annual meeting of the National Alcohol Beverage Control Association (NABCA) featured few comments on, well, alcohol. 

Why? Because cannabis is now the hot topic in state government, as consumers await its legalization. While the thought of selling cannabis may seem foreign to some state administrators, many liquor agencies are―and should be―watching. The fact is, state liquor agencies are already equipped with expertise and the technology infrastructure needed to lawfully sell a controlled substance. This puts them in a unique position to benefit from the industry’s continued growth. Common technology includes enterprise resource planning (ERP) and point-of-sale (POS) systems.

ERP

State liquor agencies typically use an ERP system to integrate core business functions, including finance, human resources, and supply chain management. Whether the system is handling bottles of wine, cases of spirits, or bags of cannabis, it is capable of achieving the same business goals. 

The existing checks and balances on controlled substances like alcohol in their current ERP system translate well to cannabis products. This leads to an important point: state governments do not need to procure a new IT system solely for regulating cannabis.

By leveraging existing ERP systems, state liquor agencies can sidestep much of the time, effort, and expense of selecting, procuring, and implementing a new system solely for cannabis sales and management. In control states, where the state has exclusively control of alcohol sales, liquor agencies are often involved in every stage of product lifecycle, from procurement to distribution to retailing.

With a few modifications, the spectrum of business functions that control states require for liquor—procuring new product, communicating with vendors and brokers, tracking inventory, and analyzing sales—can work just as well for cannabis.

POS

POS systems are necessary for most retail stores. If a state liquor agency decides to sell cannabis products in stores, they can use a POS system to integrate with the agency’s ERP system, though store personnel may require training to help ensure compliance with related regulations.

Cannabis is cash only (for now)

There is one major difference in conducting liquor versus cannabis sales at any level: currently states conduct all cannabis sales in cash. With cannabis illegal on the federal level, major banks have opted to decline any deposit of funds earned from cannabis-related sales. While some community banks are conducting cannabis-related banking, many retailers selling recreational cannabis in places like Colorado and California still deal in cash. While risky and not without challenges, these transactions are possible and less onerous to federal regulators. 

Taxes 

As markets develop, monthly tax revenue collections from cannabis continue to grow. Colorado and California have found cannabis-related tax revenue a powerful tool in hedging against uncertainty in year-over-year cash flows. Similar to beer sold wholesale, which liquor agencies tax even in control states, cannabis can be taxed at multiple levels depending on the state’s business model.

E-commerce

Even with liquor, few state agencies have adopted direct-to-consumer online sales. However, as other industries continue shifting toward e-commerce and away from brick and mortar retailing, private sector competition will likely feed increased consumer demand for online sales. Similar to ERP and POS systems, states can increase revenue by selling cannabis through e-commerce sales channels. In today’s online retail world, many prefer to buy products from their computer or smart phone instead of shopping in stores. State agencies should consider selling cannabis via the web to maximize this revenue opportunity. 

Applying expertise in the systems and processes of alcoholic beverage control can translate into the sale and regulation of cannabis, easing the transition states face to this burgeoning industry. If your agency is considering bringing in cannabis under management, you should consider strategic planning sessions and even begin a change management approach to ensure your agency adapts successfully. 

Blog
Considering cannabis: how state liquor agencies can manage the growing industry

A version of this article was previously published on the Massachusetts Nonprofit Network

Editor’s note: while this blog is not technical in nature, you should read it if you are involved in IT security, auditing, and management of organizations that may participate in strategic planning and business activities where considerations of compliance and controls is required.

As we find ourselves in a fast-moving, strong business growth environment, there is no better time to consider the controls needed to enhance your IT security as you implement new, high-demand technology and software to allow your organization to thrive and grow. Here are five risks you need to take care of if you want to build or maintain strong IT security.

1. Third-party risk management―It’s still your fault

We rely daily on our business partners and vendors to make the work we do happen. With a focus on IT, third-party vendors are a potential weak link in the information security chain and may expose your organization to risk. However, though a data breach may be the fault of a third-party, you are still responsible for it. Potential data breaches and exposure of customer information may occur, leaving you to explain to customers and clients answers and explanations you may not have. 

Though software as a service (SaaS) providers, along with other IT third-party services, have been around for well over a decade now, we still neglect our businesses by not considering and addressing third-party risk. These third-party providers likely store, maintain, and access company data, which could potentially contain personally identifiable information (names, social security numbers, dates of birth, addresses), financial information (credit cards or banking information), and healthcare information of your customers. 

While many of the third-party providers have comprehensive security programs in place to protect that sensitive information, a study in 2017 found that 30% of data breaches were caused by employee error or while under the control of third-party vendors.1  This study reemphasizes that when data leaves your control, it is at risk of exposure. 

In many cases, procurement and contracting policies likely have language in contracts that already establish requirements for third-parties related to IT security; however the enforcement of such requirements and awareness of what is written in the contract is not enforced or is collected, put in a file, and not reviewed. What can you do about it?

Improved vendor management

It is paramount that all organizations (no matter their size) have a comprehensive vendor management program that goes beyond contracting requirements in place to defend themselves against third-party risk which includes:

  1. An inventory of all third-parties used and their criticality and risk ranking. Criticality should be assigned using a “critical, high, medium or low” scoring matrix. 
  2. At time of onboarding or RFP, develop a standardized approach for evaluating if potential vendors have sufficient IT security controls in place. This may be done through an IT questionnaire, review of a Systems and Organization Controls (SOC report) or other audit/certifications, and/or policy review. Additional research may be conducted that focuses on management and the company’s financial stability. 
  3. As a result of the steps in #2, develop a vendor risk assessment using a high, medium and low scoring approach. Higher risk vendors should have specific concerns addressed in contracts and are subject to more in depth annual due diligence procedures. 
  4. Reporting to senior management and/or the board annually on the vendors used by the organization, the services they perform, their risk, and ways the organization monitors the vendors. 

2. Regulation and privacy laws―They are coming 

2018 saw the implementation of the European Union’s General Data Privacy Regulation (GDPR) which was the first major data privacy law pushed onto any organization that possesses, handles, or has access to any citizen of EU’s personal information. Enforcement has started and the Information Commissioner’s Office has begun fining some of the world’s most famous companies, including substantial fines to Marriott International and British Airways of $125 million and $183 million Euros, respectively.2  Gone are the days where regulations lacked the teeth to force companies into compliance. 

With thanks to other major data breaches where hundreds of millions’ consumers private information was lost or obtained (e.g., Experian), more regulation is coming. Although there is little expectation of an American federal requirement for data protection, individual states and other regulating organizations are introducing requirements. Each new regulation seeks to protect consumer privacy but the specifics and enforcement of each differ. 

Expected to be most impactful in 2019 is the California Consumer Privacy Act,  which applies to organizations that handle, collect, or process consumer information and do business in the state of California (you do not have to be located in CA to be under the umbrella of enforcement).

In 2018, Maine passed the toughest law on telecommunications providers for selling consumer information. Massachusetts’ long standing privacy and data breach laws were amended with stronger requirements in January of 2019. Additional privacy and breach laws are in discussion or on the table for many states including Colorado, Delaware, Ohio, Oregon, Ohio, Vermont, and Washington, amongst others.      

Preparation and awareness are key

All organizations, no matter your line of business must be aware of and understand current laws and proposed legislation. New laws are expected to not only address the protection of customer data, but also employee information. All organizations should monitor proposed legislation and be aware of the potential enforceable requirements. The good news is that there are a lot of resources out there and, in most cases, legislative requirements allow for grace periods to allow organizations to develop a complete understanding of proposed laws and implement needed controls. 

3. Data management―Time to cut through the clutter 

We all work with people who have thousands of emails in their inbox (in some cases, dating back several years). Those users’ biggest fears may start to come to fruition―that their “organizational” approach of not deleting anything may come to an end with a simple email and data retention policy put in place by their employer. 

The amount of data we generate in a day is massive. Forbes estimates that we generate 2.5 quintillion bytes of data each day and that 90% of all the world’s data was generated in the last two years alone.3 While data is a gold mine for analytics and market research, it is also an increasing liability and security risk. 

Inc. Magazine says that 73% of the data we have available to us is not used.4 Within that data could be personally identifiable information (such as social security numbers, names, addresses, etc.); financial information (bank accounts, credit cards etc.); and/or confidential business data. That data is valuable to hackers and corporate spies and in many cases data’s existence and location is unknown by the organizations that have it. 

In addition to the security risk that all this data poses, it also may expose an organization to liability in the event of a lawsuit of investigation. Emails and other communications are a favorite target of subpoenas and investigations and should be deleted within 90 days (including deleted items folders). 

Take an inventory before you act

Organizations should first complete a full data inventory and understand what types of data they maintain and handle, and where and how they store that data. Next, organizations can develop a data retention policy that meets their needs. Utilizing backup storage media may be a solution that helps reduce the need to store and maintain a large amount of data on internal systems. 

4. Doing the basics right―The simple things work 

Across industries and regardless of organization size, the most common problem we see is the absence of basic controls for IT security. Every organization, no matter their size, should work to ensure they have controls in place. Some must-haves:

  • Established IT security policies
  • Routine, monitored patch management practices (for all servers and workstations)
  • Change management controls (for both software and hardware changes)
  • Anti-virus/malware on all servers and workstations
  • Specific IT security risk assessments 
  • User access reviews
  • System logging and monitoring 
  • Employee security training

Go back to the basics 

We often see organizations that focus on new and emerging technologies, but have not taken the time to put basic security controls in place. Simple deterrents will help thwarting hackers. I often tell my clients a locked car scares away most ill-willed people, but a thief can still smash the window.  

Smaller organizations can consider using third-party security providers, if they are not able to implement basic IT security measures. From our experience, small organizations are being held to the same data security and privacy expectations by their customers as larger competitors and need to be able to provide assurance that controls are in place.  

5. Employee retention and training 

Unemployment rates are at an all-time low, and the demand for IT security experts at an all-time high. In fact, Monster.com reported that in 2019 the unemployment rate for IT security professionals is 0%.5 

Organizations should be highly focused on employee retention and training to keep current employees up-to-speed on technology and security trends. One study found that only 15% of IT security professionals were not looking to switch jobs within one year.6  

Surprisingly, money is not the top factor for turnover―68% of respondents prioritized working for a company that takes their opinions seriously.6 

For years we have told our clients they need to create and foster a culture of security from the top down, and that IT security must be considered more than just an overhead cost. It needs to align with overall business strategy and goals. Organizations need to create designated roles and responsibilities for security that provide your security personnel with a sense of direction―and the ability to truly protect the organization, their people, and the data. 

Training and support goes a long way

Offering training to security personnel allows them to stay abreast of current topics, but it also shows those employees you value their knowledge and the work they do. You need to train technology workers to be aware of new threats, and on techniques to best defend and protect from such risks. 

Reducing turnover rate of IT personnel is critical to IT security success. Continuously having to retrain and onboard employees is both costly and time-consuming. High turnover impacts your culture and also hampers your ability to grow and expand a security program. 

Making the effort to empower and train all employees is a powerful way to demonstrate your appreciation and support of the employees within your organization—and keep your data more secure.  

Our IT security consultants can help

Ensuring that you have a stable and established IT security program in place by considering the above risks will help your organization adapt to technology changes and create more than just an IT security program, but a culture of security minded employees. 

Our team of IT security and control experts can help your organization create and implement controls needed to consider emerging IT risks. For more information, contact the team
 

Sources:
[1] https://iapp.org/news/a/surprising-stats-on-third-party-vendor-risk-and-breach-likelihood/  
[2] https://resources.infosecinstitute.com/first-big-gdpr-fines/
[3] https://www.forbes.com/sites/bernardmarr/2018/05/21/how-much-data-do-we-create-every-day-the-mind-blowing-stats-everyone-should-read/#458b58860ba9
[4] https://www.inc.com/jeff-barrett/misusing-data-could-be-costing-your-business-heres-how.html
[5] https://www.monster.com/career-advice/article/tech-cybersecurity-zero-percent-unemployment-1016
[6] https://www.securitymagazine.com/articles/88833-what-will-improve-cyber-talent-retention

Blog
Five IT risks everyone should be aware of

Editor’s note: If you are a higher education CFO, CIO, CTO or other C-suite leader, this blog is for you.

The Gramm-Leach-Bliley Act (GLBA) has been in the news recently as the Federal Trade Commission (FTC) has agreed to extend a deadline for public comment regarding proposed changes to the Safeguards Rule. Here’s what you need to know.

GLBA, also known as the Financial Modernization Act, is a 1999 federal law providing rules to financial institutions for protecting consumer information. Colleges and universities fall under this act because they conduct financial activities (e.g., administration of financial aid, loans, and other financial services).

Under the Safeguards Rule financial Institutions must develop, implement, and maintain a comprehensive information security program that consists of safeguards to handle customer information.

Proposed changes

The FTC is proposing five modifications to the Safeguards Rule. The new act will:

  • Provide more detailed guidance to impacted institutions regarding how to develop and implement specific aspects of an overall information security program.
  • Improve the accountability of an institution’s information security programs.
  • Exempt small business from certain requirements.
  • Expand the definition of “financial institutions” to include entities engaged in activities that the Federal Reserve Board determines to be incidental to financial activities.
  • Propose to include the definition of “financial institutions” and related examples in the rule itself rather than cross-reference them from a related FTC rule (Privacy of Consumer Financial Information Rule).

Potential impacts for your institution

The Federal Register, Volume 84, Number 65, published the notice of proposed changes that once approved by the FTC would add more prescriptive rules that could have significant impact on your institution. For example, these rules would require institutions to:

  1. Expand existing security programs with additional resources.
  2. Produce additional documentation.
  3. Create and implement additional policies and procedures.
  4. Offer various forms of training and education for security personnel.

The proposed rules could require institutions to increase their commitment in time and staffing, and may create hardships for institutions with limited or challenging resources.

Prepare now

While these changes are not final and the FTC is requesting public comment, here are some things you can do to prepare for these potential changes:

  • Evaluate whether your institution is compliant to the current Safeguards Rule.
  • Identify gaps between current status and proposed changes.
  • Perform a risk assessment.
  • Ensure there is an employee designated to lead the information security program.
  • Monitor the FTC site for final Safeguard Rules updates.

In the meantime, reach out to us if you would like to discuss the impact GLBA will have on your institution or if you would like assistance with any of the recommendations above. You can view a comprehensive list of potential changes here.

Source: Federal Trade Commission. Safeguards Rule. Federal Register, Vol. 84, No. 65. FTC.gov. April 4, 2019. https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/safeguards-rule

Blog
Higher ed: GLBA is the new four-letter word, but it's not as bad as you think

Focus on the people: How higher ed institutions can successfully make an ERP system change

The enterprise resource planning (ERP) system is the heart of an institution’s business, maintaining all aspects of day-to-day operations, from student registration to staff payroll. Many institutions have used the same ERP systems for decades and face challenges to meet the changing demands of staff and students. As new ERP vendors enter the marketplace with new features and functionality, institutions are considering a change. Some things to consider:

  1. Don’t just focus on the technology and make change management an afterthought. Transitioning to a new ERP system takes considerable effort, and has the potential to go horribly wrong if sponsorship, good planning, and communication channels are not in place. The new technology is the easy part of a transition—the primary challenge is often rooted in people’s natural resistance to change.  
  2. Overcoming resistance to change requires a thoughtful and intentional approach that focuses on change at the individual level. Understanding this helps leadership focus their attention and energy to best raise awareness and desire for the change.
  3. One effective tool that provides a good framework for successful change is the Prosci ADKAR® model. This framework has five distinct phases that align with ERP change:

These phases provide an approach for developing activities for change management, preparing leadership to lead and sponsor change and supporting employees through the implementation of the change.

The three essential steps to leveraging this framework:

  1. Perform a baseline assessment to establish an understanding of how ready the organization is for an ERP change
  2. Provide sponsorship, training, and communication to drive employee adoption
  3. Prepare and support activities to implement, celebrate, and sustain participation throughout the ERP transition

Following this approach with a change management framework such as the Prosci ADKAR® model can help an organization prepare, guide, and adopt ERP change more easily and successfully. 

If you’re considering a change, but need to prepare your institution for a healthy ERP transition using change management, chart yourself on this ADKAR framework—what is your organization’s change readiness? Do you have appropriate buy-in? What problems will you face?

You now know that this framework can help your changes stick, and have an idea of where you might face resistance. We’re certified Prosci ADKAR® practitioners and have experience guiding Higher Ed leaders like you through these steps. Get in touch—we’re happy to help and have the experience and training to back it up. Please contact the team with any questions you may have.

1Prosci ADKAR®from http://www.prosci.com

Blog
Perspectives of an Ex-CIO

Law enforcement, courts, prosecutors, and corrections personnel provide many complex, seemingly limitless services. Seemingly is the key word here, for in reality these personnel provide a set number of incredibly important services.

Therefore, it should surprise no one that justice and public safety (J&PS) IT departments should also provide a well-defined set of services. However, these departments are often viewed as parking lots for all technical problems. The disconnect between IT and other J&PS business units often stems from differences in organizational culture and structure, and differing department objectives and goals. As a result, J&PS organizations often experience misperception between business units and IT. The solution to this disconnect and misperception? Defining IT department services.

The benefits of defined IT services

  1. Increased business customer satisfaction. Once IT services align with customer needs, and expectations are established (e.g., service costs and service level agreements), customers can expect to receive the services they agreed to, and the IT department can align staff and skill levels to successfully meet those needs.
  2. Improved IT personnel morale. With clear definition of the services they provide to their customers, including clearly defined processes for customers to request those services, IT personnel will no longer be subject to “rogue” questions or requests, and customers won’t be inclined to circumvent the process. This decreases IT staff stress and enables them to focus on their roles in providing the defined services. 
  3. Better alignment of IT services to organizational needs. Through collaboration between the business and IT organizations, the business is able to clearly articulate the IT services that are, and aren’t, required. IT can help define realistic service levels and associated services costs, and can align IT staff and skills to the agreed-upon services. This results in increased IT effectiveness and reduced confusion regarding what services the business can expect from IT.
  4. More collaboration between IT and the organization. The collaboration between the IT and business units in defining services results in an enhanced relationship between these organizations, increasing trust and clarifying expectations. This collaborative model continues as the services required by the business evolve, and IT evolves to support them.
  5. Reduced costs. J&PS organizations that fail to strategically align IT and business strategy face increasing financial costs, as the organization is unable to invest IT dollars wisely. When a business doesn’t see IT as an enabler of business strategy, IT is no longer the provider of choice—and ultimately risks IT services being outsourced to a third-party vendor.

Next steps
Once a J&PS IT department defines its services to support business needs, it then can align the IT staffing model (i.e., numbers of staff, skill sets, roles and responsibilities), and continue to collaborate with the business to identify evolving services, as well as remove services that are no longer relevant. Contact us for help with this next step and other IT strategies and tactics for justice and public safety organizations.

Blog
The definition of success: J&PS IT departments must define services

While new software applications help you speed up processes and operations, deciding which ones will work best for your organization can quickly evolve into analysis paralysis, as there are so many considerations.

Case in point: Software as a Service (SaaS) model
The benefits of the SaaS model, in which a vendor remotely hosts an organization’s applications, are fairly well known: your organization doesn’t have to shell out for costly hardware, the vendor tackles upgrades, backups, data recovery, and security, and you have more time and money to focus on your business goals.

There are multiple factors to look at when determining whether a SaaS solution is right for you. We’ve compiled a list of the top three SaaS considerations:

1. Infrastructure and capacity
Your organization should consider your own people, processes, and tools when determining whether SaaS makes sense. While an on-site solution may require purchasing new technologies, hiring new staff, and realigning current roles and responsibilities to maintain the system, maintaining a SaaS solution may also require infrastructure updates, such as increased bandwidth to sufficiently connect to the vendor's hosting site.

Needless to say, it’s one thing to maintain a solution; it’s an entirely different thing to keep it secure. An on-site hosting solution requires constant security upgrades, internal audits, and a backup system—all of which takes time and money. A SaaS model requires trust in your vendor to provide security. Make sure your potential vendor uses the latest security measures and standards to keep your critical business data safe and secure.

2. Expense
When you purchase major assets—for example, hardware to host its applications—it incurs capital expenses. Conversely, when you spend money on day-to-day operations (SaaS subscriptions), it incurs operating expenses.

You should weigh the pros and cons of each type of expense when considering a SaaS model. On-site upfront capital expenses for hosting hardware are generally high, and expenses can spike overtime when you update the technology, which can be difficult to predict. And don’t forget about ongoing costs for maintenance, software upgrades, and security patches.

In the SaaS model, you spread out operating costs over time and can predict costs because you are paying via subscription—which generally includes costs for maintenance, software upgrades, and security patches. However, remember you can depreciate capital expenses over time, whereas the deductibility of operating expenses are generally for the year you use them.

3. Vendor viability
Finally, you need to conduct due diligence and vet SaaS vendors before closing the deal. Because SaaS vendors assume the responsibility for vital processes, such as data recovery and security, you need to make sure the potential vendor is financially stable and has a sustainable business model. To help ensure you receive the best possible service, select a vendor considered a leader in its market sector. Prepare a viable exit strategy beforehand so you can migrate your business processes and data easily in case you have any issues with the SaaS provider.

You must read—and understand—the fine print. This is especially important when it comes to the vendor’s policies toward data ownership and future migrations to other service providers, should that become necessary. In other words: Make sure you have final say and control over your data.

Every organization has different aspects of their situation to consider when making a SaaS determination. Want to learn more? It’s a snap! Contact the authors: Clark Lathrum and Matthew Tremblay

Blog
SaaS: Is it right for you? Making SaaS determinations a snap.

Because we’ve been through this process many times, we’ve learned a few lessons and determined some best practices. Here are some tips to help you promote a positive post go-live experience.

The road to go-live is paved with good intentions. When an organization identifies a need to procure a new or upgraded system, that road can be long. It requires extensive planning, building a business case, defining requirements, procuring the system, testing it, and implementing it. Not to mention preparing your team to start using it. You’ve worked really hard to get to this point, and it feels like you’re about to cross the finish line. Well, grab some Gatorade because you’re not quite there yet. Post go-live is your cool-down, and it’s an important part of the race.

Preparation is key.
If you haven’t built a go-live plan into your overall implementation plan, you may see stress levels rise significantly in the days and weeks leading up to go-live. Like a runner prepares for a big race, a project lead must adequately prepare the team to begin using the new system, while still handling unexpected obstacles.  While there are many questions you should ask as you prepare to go live, you need to gain buy-in on the plan from the beginning and manage it to ensure follow-through.

Have your contract and deliverables handy.
Your system vendor implementation team will look to hand you off to their support team soon after go-live. It is crucial that you review all of the deliverables outlined in your contract to ensure all of the agreed-upon functionality is up and running, and all contracted deliverables have been provided and approved. Don’t transition to support until you’ve had enough time to see the system through significant processes (e.g. payroll, month-end close). In the period immediately after go-live, the vendor implementation team is your best resource to help address these issues, so it’s a good idea to have easy access to them.

Encourage use and feedback.
Functional leads and project champions need to continue communications past go-live to encourage use and provide a mechanism for addressing feedback. Employing change management best practices will go a long way in ensuring you use the system properly — and to its best capabilities.

Plan ahead for expanded use and future issues. 
Because a system implementation can be extremely resource-intensive, it is common to suppress or forgo functionality to implement at a later date (e.g., citizen and vendor self-service). In addition, we sometimes see issues arise during significant operational milestones (e.g., renewal processing, year-end close). Have a plan in place to decide how you will address known and unknown issues that arise.

While there is no silver bullet to solve all of the potential go-live woes, you can promote a smooth transition from a legacy system to a new system by implementing these tips. The time you spend up front will help offset many headaches down the road, promote end-user engagement, and ensure you’re getting the most from your investment.

Blog
We're live! Now what?

This site uses cookies to provide you with an improved user experience. By using this site you consent to the use of cookies. Please read our Privacy Policy for more information on the cookies we use and how you can manage them.