Describing the existing organization
The purpose of this step is to describe the org-units in the enterprise, its different processes, the risks encountered as well as the associated controls.
An org-unit represents a person or a group of persons that intervenes in the enterprise business processes or information system. An org-unit can be internal or external to the enterprise. An internal org-unit is an organizational element of enterprise structure such as a management, department, or job function. It is defined at a level depending on the degree of detail to be provided on the organization (see org-unit type). Example: financial management, sales management, marketing department, account manager. An external org-unit is an external entity that exchanges flows with the enterprise. Example: customer, supplier, government office.A risk is a hazard of greater or lesser probability to which an organization is exposed.A control is a set of rules and means enabling the assurance that a legal, regulatory, internal or strategic requirement is respected.
For further information on handling of Controls, see the HOPEX Risk Mapper guide.This consists of the following tasks:
• Describing controls and risks.
For more details on controls and risks, see the Managing Risks and Controls chapter.Describing the organization
With HOPEX Business Process Analysis the organizational chart shows the hierarchy of the org-units in the enterprise, their responsibilities with respect to the processes and specifies the persons associated with each org-unit and on which site.
Example of organizational chart:
For more information on describing enterprise org-units, see Organizational Charts and Responsibilities.Describing processes
Describing organizational processes
An organizational process is a set of operations performed by org-units within a company or organization, to produce a result. It is depicted as a sequence of operations, controlled by events and conditions.With HOPEX Business Process Analysis, organizational processes are described in the form of diagrams.
In the example of the purchase request process, the organization is represented by the following diagram.
For more details describing an organizational process, see Organizational Processes.Business process modeling
A business process represents a system that offers products or services to an internal or external client of the company or organization. At the higher levels, a business process represents a structure and a categorization of the business. It can be broken down into other processes. The link with organizational processes will describe the real implementation of the business process in the organization. A business process can also be detailed by a functional view.The business process diagram enables representation of product or service offerings proposed by the enterprise to each of its markets, as well as the processes that produce these.
For more details describing an organizational process, see Business processes.Describing value streams (option)
A value stream is an end-to-end collection of Value Stages that creates an outcome for a customer, who may be the ultimate customer or an internal end-user of the value stream.The following diagram presents an example of a value stream:
For more details on value stream description, see Value streams.Describing business capabilities and associated skills
.A business capability is a set of features that can be made available by a system (an enterprise or an automated system).A business skill is a capability acquired by a person or an organization through a specific training.This step consists, on the one hand, in defining what the enterprise can deliver (business capabilities), and on the other hand, how to it delivers it. For each business capability, you must define the necessary skills and required functionalities.
For more details on the use of business capabilities, see Business Capability Maps.Risk Management
The HOPEX Risk Mapper product provides HOPEX Business Process Analysis with the possibility to manage risks and controls with the processes described.
For more details on controls and risks, see the Managing Risks and Controls chapter.