Streamlining risk management through low-code development and automation
November 30, 20213:28 pm
4 min read
This content is sponsored by Pegasystems, Inc.
Government IT systems have evolved over the course of decades, with agencies purchasing new capabilities as needed. This longtime accumulation of commercial off-the-shelf software has led to an amalgamation of siloed legacy systems that don’t talk to one another. That’s left agencies struggling to access and collate data from disparate systems, affecting their ability to accurately report on operations and often requiring employees to manually collect and enter data. Agencies need a way to resolve these pain points without negating the significant investments they’ve put into these legacy systems.
That’s where low-code development comes into play. Low code is designed to enable business users to help design software that can integrate with current systems and wrap new capabilities around them, specifically automation. Automation can help streamline the data collection and entry process, reducing the risk of manual errors and providing a more comprehensive view across disparate systems.
For example, the Office of Management and Budget’s Circular A-123 requires agencies to assess and report on their internal control effectiveness and risks associated with any disparities or discrepancies. But these audits require manual intervention to compile all necessary data from various legacy systems, increasing the risk of human error in the process.
With a low-code development solution, such as the Pega Government Platform, agencies can build an application designed to automate their entire risk management assessment and reporting process. This allows them to identify and resolve issues more rapidly, and provide greater transparency and visibility across the enterprise.
This can also help agencies achieve readiness targets more easily. For example, defenses agencies have made significant customizations to older financial and procurement systems in an effort to make them work in accordance with rules that govern how the agency purchases, pays and accounts for equipment. These older, highly customized systems are not agile, so making changes to them is expensive and time consuming. So even when the department has to change the number of characters in a part number to accommodate new equipment, these changes don’t automatically update in the existing systems. As a result, an invoice can be generated under one system with nine characters, but the payment system can only accept eight characters, therefore creating an error in processing. This error requires manual intervention to resolve, diverting resources away from more mission critical functions. This also creates inaccuracies in inventory reporting, which is a threat to readiness.
“Agencies need better visibility in to their operations so they can prioritize which risk to address first based on their readiness impact,” said Cynthia Stuebner, senior director and industry principal for Defense at Pegasystems, Inc. “PGP can help streamline the identification of and reporting on those risks, allowing agencies to mitigate them sooner so they can improve effectiveness.”
For example, using PGP, defense agencies could use robotic process automation to automate the addition of ninth digit in the payment system. That would reduce the need for manual intervention to process the invoice, free up those employees to focus on mission critical tasks, and enable that data to pass more freely between systems. And if the defense agency wants to build a dashboard to view this risk resolution alongside other data, Pega can enable that as well.
“The software platform capability can help integrate without data extraction. It enables agencies to build an application to access the data and report on discrepancies,” Stuebner said. “It can sit on multiple systems, access the required data, and combine that into a visual dashboard to make it easier to assess the risk and prioritize resolution. Because without real-time views, agencies have no situational awareness of their risk posture.”
And the beauty of a low-code platform is that it’s designed to allow the business owner to do all of this, rather than requiring traditional development skills. The interface is visual, meaning users can map out the process – such as adding a ninth digit to an invoice number – and the code is automatically generated in the background.
“You can insert automation to resolve something as simple as a correction an existing error. Or you can insert automation to generate a complete operational dashboard using PGP to access data in real time. Or you can create a complete integration layer by pointing to existing legacy systems and create new processes to account for changes in regulations or requirements,” Stuebner said. “So you’ve automated the correction, you’ve automated a process, and then you’re getting a report that shows you exactly what you’re looking at. So there can be several layers of automation inserted in an enterprise environment in order to account for the disparate legacy systems that don’t connect because they’ve been built and heavily customized over time.”
And that layered approach to automation is what allows agencies to simultaneously build that continuous enterprise risk management process to improve accuracy and efficiency in reporting, while reducing the potential for human error in the process, and reducing the burden of manual data entry on its employees. And through low code, all that can be accomplished without ripping and replacing customized legacy systems that agencies have invested significant time and money into.