The week of 17-23 November was Fraud Awareness Week (www.fraudweek.com), and this makes it an appropriate time to highlight key issues around manufacturing governance and compliance.
There was a time not long ago that the manufacturing staff who had the most concerns about governance and compliance were those working in finance. Not anymore. Whether you are on the factory floor or the executive floor, governance, and compliance is either an issue that does directly impact you or you should be aware of it.
Businesses that run operations via files, spreadsheets, and a basic accounting system are the most vulnerable to governance and compliance problems. But even if your organization has moved beyond that level and is looking for a more integrated solution, you still need a system that ensures governance and compliance throughout.
If you are a manufacturing business, consider the key areas that you need in-depth governance and compliance:
– system administration
– manufacturing and inventory
– customer services
Securing Your System Administration
As a system administrator, you secure your system by only allowing people with the right credentials and authority to log in. Authenticating people to computers and software requires validating the identity of a registered user attempting to access an application. The traditional way of doing this is a user-id and password. But passwords are no longer seen as an adequate form of protection, as events at Yahoo, LinkedIn, and Twitter have shown. With modern high-powered computing, even so-called strong passwords can be cracked in a minute. You need to find a balance between security and productivity.
What can be done if passwords are flawed? One option is to add additional layers of authentication to provide a higher level of assurance. Multi-factor authentication can assist in this regard as this a process that identifies a user by validating two or more authentication methods from independent credential categories. A user is granted access after successfully presenting two or more items of evidence to the authentication mechanism. Common mechanisms are a one-time password sent via email or Google authentication.
Another option is single sign-on, which provides a single set of login credentials and allows login using Microsoft Active Directory (AD). The need for users to remember a unique complex password is eliminated. With AD, users can be added, changed, disabled and deleted seamlessly, and this automatically reflected throughout other applications in the system.
Frequently governance and compliance controls can be floated in the area of procurement, and because processes are paper-based and manual this occurs. As the business world becomes more digitalized, companies can engage with suppliers online, minimizing document handling and reducing potential fraud.
Supplier Web Portal
With an online web portal, a business can post requests for quotes and invite suppliers to tender. The procurement process is more transparent, and it assists with standardized policies. Even better, if the supplier portal can be integrated with other parts of the businesses then there can be tighter alignment between procurement and other parts of the business.
Simplifying Manufacturing with Traceable Inventory
If organization can track the utilization of products and their components in production, this can result in improvements in governance and compliance in the manufacturing process. Being able to track specific lots of finished goods is critical for identifying and recalling defective items. Also, if the manufacturing function has traceability on components, it can ensure that material requirements planning does not use expired items.
For inventory management, businesses need to track items, so they know that the items were stored in the correct place and under the right conditions. Traceability will also allow you to retrieve sub-standard stock and report when items have passed their expiry date.
Surpassing Customer Service Standards
Manufacturers are increasingly becoming subject to the impact of product recalls, whether it directly affects the business, or there is an issue with a downstream customer. If it occurs, the business requires fully compliant processes that can manage recall policies and plans. The way an organization evaluates and updates its recall system is by testing it through practicing mock recalls. Governance will be improved, and are required to satisfy regulators, and ensure standards of quality control are maintained. Mock recalls allow you to test and report on the organization’s ability to achieve time to completion and lets you confirm that your traceability system meets regulatory requirements in the event of an actual recall.
So often, companies choose point solutions to address their governance and compliance requirements. Point solutions require significant investment in integrating the solutions with other applications in the business. In the past that was often the only option. These days the options are more open, and businesses can consider an integrated system that provides governance and compliance as part of the complete system, allowing different functions to work together rather than operating in separate silos.
Look out for my next blog in which I discuss the issue of Governance and Compliance in Cloud ERP.