SYNTHESIS™: Risk Management in Atlassian
As an Atlassian Solution Partner, we are passionate about finding unique ways in which we can maximize the value of the Atlassian portfolio of products. From the unparalleled experience and expertise of our consulting staff to our white-glove dedicated license management team we are perfectly situated to assist customers through every stage of their Atlassian journey. We also have a number of unique offerings including our MARS™ Database of 3rd party apps and SYNTHESIS™ Solutions.
SYNTHESIS™ is our framework of Solution Blueprints that enable our consultants to implement solutions faster, more comprehensively, and to as high a standard as possible. These Blueprints cover every organizational need (from PPM, GRC, HR, Procurement, DevOps, Marketing, and so on… ) and have been implemented in numerous organizations. Whatever you envision doing, chances are Contegix (formerly Blended Perspectives) has the experience or prior work to get you going faster.
These SYNTHESIS™ blueprints are formulas and preconceived sets of templates made up of issues/items, workflows, 3rd party apps, and industry best practices. Establishing a single source of truth across the enterprise, SYNTHESIS™ allows for real-time collaboration and reporting, thus ensuring visibility within teams and across the enterprise.
Today, we’ll be diving into the Risk Issue Type in our PPM and GRC Blueprints.
How Organizations Manage Risk
Due to a range of different methodologies and functional reasons, many organizations today manage risk across many 3rd party tools. While this is standard practice in seemingly the majority of organizations, at Contegix we see this as a major problem. For instance, in Governance, Risk, & Compliance (GRC) we would see many risks being identified and indeed duplicated across other areas such as the Project Management Office (PMO). This siloed approach leads to many problems:
- Inconsistent definitions leading to confusion
- A lack of transparency leading to organizational risk (a fragmentation of evidence)
- Increased licensing costs and the high cost of maintaining multiple risk management platforms
This disjointed approach leads to what, at Contegix, we refer to as “Fortress Architectures”. These “fortresses”, across all IT segments, tend to be very good at protecting their own functional areas while integrating insufficiently between one another. This approach flies in the face of most frameworks such as ITIL4, SAFe, and, in the GRC space, Integrated Risk Management (IRM) as teams tend to get very tribal around their specific tool and focus on cross-organizational success is forgotten.
In the GRC space often Lockpath and MetricStream are the “fortress” chosen to manage GRC in the same way that Clarity or Planview manage PPM and ServiceNow manages ITSM. However, at Contegix, our SYNTHESIS™ approach to risk management offers a much more flexible and integrated approach to managing organizational risk.
SYNTHESIS™ & Risk Management
Consolidating risk management into your existing Atlassian investment, the SYNTHESIS™ approach to risk management provides organizations with a fully integrated approach that minimizes their costs by leveraging existing tools.
As a “low code/no code” platform, Jira can operate as a platform to help you manage anything, including risk. If it is a risk, a story, a control, a request, a sale, an “anything”, then it’s configurable out of the box. Impressively, this means that Jira can be used to deliver an integrated solution that breaks up fortress architectures without significant custom coding. Today we have a number of large clients (2,000+) who are managing risks in Jira with this trend only growing.
By utilizing the SYNTHESIS™ risk issue type, organizations can bring risk management to the same platform being used by DevOps and IT. Jira can easily support all GRC teams plus any lines of business that want to understand these risks. This robust risk issue type is based on the PMI definition and Contegix’ industry experience of risk management best practices. Furthermore, regardless of the source of the risk (project, GRC, etc…), the Atlassian platform enables real time visibility to risks across the organization, enhancing your ability to respond appropriately to risks as they are identified.
The Base Risk Workflow
Based on industry best practices, the SYNTHESIS™ base risk workflow is essentially a scaled back PMI based workflow
As with all SYNTHESIS™ Blueprints, the risk workflow represents a starting point that accelerates the engagement but can be customized to your organization’s specific needs
Using the Atlassian Marketplace
By leveraging Jira Issues to represent risks, Atlassian Marketplace Applications can be leveraged to report and visualize.
Leveraging our MARS™ database we selected BigPicture by Appfire to manage projects. The BigPicture risk module visualizes risks by impact and probability, allowing risks to be properly prioritized.
Furthermore, Rich Filters for Jira Dashboards by Qotilabs allows for robust interactive risk management dashboards that consolidate risks across your organization.
Conclusion: SYNTHESIS™ as a Holistic Solution
With our range of SYNTHESIS™ Blueprints, workflows, and issue/item type library, at Contegix, we are uniquely able to help our customers overcome siloing and create holistic solutions that reduce organizational waste and leverage their existing investments.
While our PPM and GRC blueprints leverage our risk workflow and issue type (among others), we also have an extended range of SYNTHESIS™ Solutions that solve other business problems. From DevOps, ITSM, & SDLC, to Marketing, HR, & Procurement, these Solutions can be configured for any organization and will benefit from the accelerated engagement that comes with all SYNTHESIS™ Solutions.