A part of the CIO challenge is to define the IS/IT strategy to support the business needs. For example IT-systems supporting, logistics, payroll, finance, CAD and platform related issues. Or new IT-strategies to move the business and communication to the web. These areas are often close to the core business needs.

But a second layer of business need can be recognized that often lack coordination and systematic approach. Examples of such areas are:

• Quality management
• Project management
• IS/IT governance
• Corporate security
• Loss prevention
• Risk management
• BCM, Business Continuity
• Incident reporting
• Crisis management

Often the needs are solved in local applications, Excel spreadsheets or manually.

The iFACTS Concept shows that all of these areas are connected and can be handled integrated in one systematic approach. There will be one "master database" sourcing all the statistics and reports for management decision making. The reward can be summarized in three:

1. BCM (Business Continuity Management) in a keystroke. Organizational assets, risks, and events are all documented in one systematic approach and being connected to each other. For example, chose Production line in the organizational tree and all the connected activities and resources will be plotted, each with a performance score. A red line will indicate critical exposure.
2. Drastically reduced administration - by documenting all systems and resources duplicates will be found or not active systems but still being hosted. Systems doing the same thing can be identified. Compliance efforts such as SOX, Information security, Crisis management etc. can all be integrated and handled more efficiently
3. A new dimension of control. By connecting all organizational assets the value chains will emerge relieving vulnerabilities not seen before - IT dependency or external suppliers not fulfilling requirements.

It is a challenge integrating all these different areas. There will most likely be organizational resistance, be prepared for:

• "Why should we change incident system, we have had this since 1989 and they are really nice guys..." [Yes, but we have 12 incident systems and we have to agree on one, please...]

-or

• "Here at Business Development we have very special needs and do not want to work in you application exposing the Strategies to everyone! [But it is essential to have the Strategies in the Business Continuity Process, there might be events and risks affecting the strategies that we will never see if not handled in a systematic approach, it is really important, please...]

If you do not take this fight, important business activities will continue to be sub optimized in silos, endless expensive administration and maybe most importantly, no communication between the business activities. How can a supply chain be controlled if the different parts are isolated?