Rev2 Networks

RiskView® financial case study

One of our customers is a Fortune 100 financial services organization with more than three million active and retired employees. With hundreds of billions of dollars in combined assets under management, this organization offers a range of investment products and services including personal retirement planning, income and wealth protection, insurance, and asset management.

To continue to meet the challenges of its customers, the organization makes a significant, ongoing investment in its information services infrastructure.  In 2010, the organization faced many challenges with managing this infrastructure, as most national-scale organizations do at some point.

One critical challenge facing the information organization at that time was a number of chronic outage events.  Chronic outages are common but can cause a threat to the availability of information services.  The infrastructure team was able to recognize that their biggest events were related to problems in the network.  To eradicate this issue, however, they needed to determine if there were systemic issues throughout all layers in their network stack.  To identify the sources and find a resolution to these outages, the organization implemented the RiskView Service Assurance & Business Continuity module of Rev2’s Risk Concentration Analysis™ framework and visualization engine.

RiskView collects data from many systems and sources throughout the organization’s infrastructure, including automated mainframe system data, application performance data, health and monitoring tools, and more than 300,000 trouble tickets per month.  RiskView correlates the data and generates reports that assign numerical values known as Materiality Scores. These scores help the team quantify the potential impact of each outage on the availability of its services.

As expected, the scores helped the team identify risks of outages at all layers of the network.  Unexpectedly, however, RiskView analysis also discovered previously unknown concentrations of risk in one of the organization’s key mainframe applications.  Significantly, the Materiality Scores helped the team ascertain that these application failures presented as great a risk to service availability as the network outages.

To resolve the issue and eliminate the threat to services, the application vendor was contacted.  It was determined that, over time, a workstream process had evolved around the application that presented challenges that the application was not designed to handle.  A new process was designed and implemented that took the extra load off of the application, enabling the team to maximize its performance.

“RiskView helps us find concentrations of risk in our infrastructure that are incredibly important to our service offerings but we can’t otherwise see,” says the organization’s CIO.  “This has enabled us to implement policies and processes that enable us to continue smooth service operations, save on support costs, and avoid costly disruptions of service.”

RiskView has added value to other areas of the organization’s information systems infrastructure as well.  In 2010, the team launched a nationwide initiative aimed at business transformation, which included the implementation of programs for application modernization and infrastructure stabilization.  Because of the investment committed to these programs, failure was not an option.  To determine concentrations of risks that could cause these developing programs to fail, the organization piloted the RiskView Program & Process module.

To contextualize the risks to the initiative, the team first had to define “Failure.”  It was determined that the crucial program metrics were Scope, Time, and Cost – and that falling short of the targets on any one of these three elements would constitute Failure.

RiskView collected and consolidated all of the proposed program management data and identified two types of material risk aggregated in the combined program’s Test Controls:  Those that weren’t defined, and those that weren’t measured.  Armed with this analysis, the team was able to revisit and redesign the Test Controls.

“RiskView discovered that the biggest risks in the program were that we hadn’t yet determined what needed to be tested,” says the CIO.  “With this crucial information we were able to generate a new set of program activities around upgrading our testing abilities, well before they had a chance to impact our overall business transformation program.  Today we are deploying the RiskView Program Management module as part of the entire initiative.”

For more information, please contact Rev2 at inforev2net.

Copyright © 2011, Rev2. All rights reserved. The RiskView® application is a registered trademark of Rev2. The Rev2 Managing Risks That Matter™ logo design and the Risk Concentration Analysis™ (RCA) methodology are trademarks of Rev2. All other trademarks in this document are the properties of their respective owners.