It is, basically, 'to outsource' the so-called indirect business. Or, in some business conversation, it often refers to "a contracting service in response to the commission". Anyway, the company entrusts the duties such as general affairs, human resources, accounting and welfare and telephone correspondence to the trustee. These outsourced duties are essential, even though they do not produce any profit directly.
BPO in Japan, there are three major businesses which are "Customer service" "Order Management", and "ICT systems management".
The following workflow is "antivirus operations" which is the most costly in the "ICT systems management". Most notably point is that it admits use of personal belongings as an information terminal device, in order to ensure the convenience of employees. These are cases of companies in the so-called "BYOD" (Bring Your Own Device) framework, that are judged to be conducive to business improvement (quality / delivery / cost) in the core business even in light of the information leakage risk.
(However, "anytime email confirmation" has been realized in many companies nowadays. In that sense, I probably should not note it as "special mention".)
In this outsourcing operation, it has been devised to reduce the overall cost by the cooperation of commissioning side and the trustee side. To be specific, each user him/herself to actively report "security status" of the devices which have been registered in advance. For example, users can attach a screen capture of virus scan history, or describe the inconvenience and worries on the utilization. On the Trustee side, as well as checking the overview report of all employees, they would perform investigation and correspondence individually, if necessary. Really, it's sophisticated.
[Device Security Report flow]
In this example, a task of 'device Security Report' will be added to ToDo (My Tasks) of all employees automatically, at 9 o'clock in the morning of the first day of every month.
When an employee enters his/her report, it will go to both of
- Step of Supervisor Check [2a. Security Check] and
- Step of the Contractor [2b. Inspection on the Security Report].
The supervisor will be able to see the usage of the device used by members who are supervisory responsibility at anytime. It should be considered that Data Viewer authorization to be given to the internal audit team and officers. For mutual checking, it is also possible to grant data viewer authorization to all employees. Adoption of MDM (Mobile Device Management) may be good, but I can say that this alone will be sufficient management activity.
By the way, in case of Questetra, it has a limitation on the number of auto-Start of Issues. It is a mechanism to prevent from that a large amount of Processes being started unintentionally by an external system runaway or misconfiguration. Caution is needed in performing business design.
P.s.: As the advance preparation, it is necessary to arrange
- Business flow to register the user device,
- Business flow to report cancellation of the use of the device
[Device Security Report flow:'1. Device Security Report' screen]
[Data Items List]
[Free Download]
- Business Template: Device Security Report flow
- Age of Smartphone: Device Use Application Flow and BYOD Policy (2013-02-18)
- Manage Strictly "MAC addresses" that Connect to Wireless LAN! (2012-05-01)
- Example; BPO Service Company Proposes Flow Improvement (2011-07-25)
- M217 AUTO START: Auto Starting at the Time You Fix
- M223 AUTO EVENT: Sleeping in the Middle
- M302 ADMIN-PRIVILEGE: Assign Privileged Administrator of Each Business Process Definition
[Japanese Entry (εζθ¨δΊ)]
