Page 45 - DCAP305_PRINCIPLES_OF_SOFTWARE_ENGINEERING
P. 45
Unit 2: Software Processes and Models
compliance with the corporate Global Control Standard (GCS). Their primary objective Notes
for this initiative was to streamline their preparations for SOX activities and to ensure
compliance with GCS requirements. Using Interfacing’s Enterprise Process Center (EPC),
PCMIL effectively integrated their GCS implementation with day-to-day operations in
order to benefit from a unified approach to corporate governance and process management.
They achieved significant cost savings for their internal GCS audit and extremely positive
overall results. “Our auditors gave us excellent feedback on the use of the EPC as part of
our GCS implementation initiative. They were particularly impressed with our ability to
identify controls and relate them to risks prioritized with the Risk Matrix. They have since
recommended our approach to internal GCS compliance as best-practice for other PepsiCo
plants.” Control Officer Team, PCMIL.
Challenge Addressed
Without a formal and central documentation system, the preparation time – and, therefore,
business disruption – for internal GCS audits and SOX reporting was very high, and
inconsistent process knowledge was a source of insecurity as it pertained to the outcome of the
audits. PCMIL also needed to address an acute lack of easy accessibility to the documentation
and process flows for auditors and employees, as well as inconsistencies and gaps in their
process documentation that were compounding problems associated with manual audit
preparation. Although approximately 100 critical processes had been mapped with Microsoft.
Visio and role matrices had been documented in MS Excel processes were decentralized and
managed manually and independently of GRC programs. PCMIL did not have a system in
place to support their GCS implementation initiative, and frequent, manual process updates,
as well as the audit process itself, were proving time-consuming and costly due to a lack of
integration with business processes.
Process Undertaken and Roles Involved
The GCS implementation initiative was extremely successful as it received full support from
top management at PCMIL, the IT department, a dedicated Project Manager, and the core
team assigned to the program. It involved employees at all levels of the organization in
process modelling and training, so resistance to the end-result was effectively eliminated.
PCMIL process modellers captured and documented process-related information, including
documents, risks, controls, business rules, roles, and resources, that they then linked directly to
processes in the EPC. They utilized the EPC’s best-practice RACI (Responsible / Accountable/
Consulted/Informed) framework to define roles and responsibilities and leveraged the EPC’s
integrated Risk Matrix to quantify and prioritize risks in terms of impact and likelihood.
With their GCS compliance requirements embedded in their processes, PCMIL used the
EPC’s automatic reporting capabilities to generate process documentation and audit reports.
Questions
1. How to use challenge addressed in Pepsi-Cola Manufacturing International Ltd.?
2. Explain the process undertaken and roles involved.
Self Assessment Questions
6. The software process is a critical factor for delivering quality …………………. systems
(a) software (b) working
(c) model (d) None of these.
LOVELY PROFESSIONAL UNIVERSITY 39
