VOL 1 - NOVEMBER

VOL 1 - NOVEMBER

You are welcome to this

inaugural edition of ‘Introspect’
– a newsletter from Wipro
Business Advisory Services.
This newsletter collates
knowledge gleaned from teams
undertaking various ‘innovation
projects’ in Wipro Infotech.
“ The endeavor of this
newsletter will be to reach
For business organizations, out to business managers
IT is a tool that is useful in with knowledge of how
achieving business objectives.
Sometimes business organizations invest in IT with businesses can really
ambiguous business benefits and may not rigorously benefit from latest IT tools.

“
audit post project implementation the business benefits
achieved. The endeavor of this newsletter will be to
reach out to business managers with knowledge of
how businesses can really benefit from latest IT tools.
The first step towards reaping business benefits is a
complete relook at the way a business is run today.
Business managers may seek assistance of external
business advisors or deploy some of internal senior
managers for such a study. applications or study latest IT innovations) to the
side, it will quickly become a completely reactive
If an organization allows itself to be driven primarily environment and will not look forward to properly
by urgent IT issues (application and network down align technology and business objectives. Adherence
times) while putting important IT issues (review new to strong operational and planning practices ensures
that an organization strikes an equal balance between
operational issues and future planning, and continues
to align technical resources with business objectives.

“ Adherence to strong
operational and planning
Business organizations are operating in an environment
that is fast changing. Factors that add competitive
advantage to a business organization are changing.
Lack of timely IT upgrades can set organizations
behind competition eroding their market share and
practices ensures that an profitability. One significant development which is
organization strikes an round the corner is adoption of IFRS (‘International
Financial Reporting Standards’) in India w.e.f 1st April
equal balance between 2011. IFRS may have significant overlap and cross-
operational issues and dependencies with ERP implementation, financial
reporting and consolidation. Our IFRS practitioners
future planning…

“
have outlined an approach companies may adopt.
We trust these articles would help our readers.

Sumit Goswami
VOL 1 - NOVEMBER

REAPING BUSINESS BENEFITS FROM IT

By Sumit Goswami

Relook at current assessing business processes must be identified.

business processes The process being studied must be mapped and
process performance parameters measured. This
will help compare with similar processes in the
industry, and hence identify sub optimal processes.
Business process re-engineering
Internal / external customers of processes are the best
sources of feedback on whether the processes are sub
To optimize benefits of IT enabled transformation
optimal. A list of OFIs (opportunity for improvements)
initiatives, organizations undertake and implement
must be prepared and graded – from ‘easy to overcome’
process improvements / process re-engineering
grade to ‘difficult to overcome’.
through industry best practices studies, performance
improvement studies and benchmarking studies
In the next phase project team has to come up with
leading to well-defined processes. Business Process
redesigned processes that will optimize process
Improvement is at the heart of any successful
performances. Some of redesign may involve using
IT enabled transformation initiative, as new
functionalities of new IT software applications.
technology on old processes leads to expensive
Changed process must be presented before all
old process. Focus on change in ‘Processes’ and
impacted business managers to get ‘buy in’. Cross
change in ‘Mindset of the People’ is central to a
linkages with processes in other departments must
business solution approach.
be clearly identified. All document flows, information
flows, roles impacted and approval hierarchies must
To extract benefits from any IT initiative, it is imperative
be clearly highlighted. Non value added activities must
that the IT initiative is part of a larger strategic plan
be identified and removed, manual activities must be
and forms part of a larger transformation agenda. It is
automated, outsourcing options must be evaluated on
important to develop:
costs vs. risks parameters and adopted.
• A clear Transformation Vision;
• Well articulated Strategic Priorities & Risk assessment
Development Plans;
• Robust Performance Management Systems/ Following categories of risks must be looked into:
Balanced Scorecards;
• Project Monitoring & Evaluation frameworks. • Strategic risk
o What are inherent risks in critical strategies
Gaps in capacities of IT departments and weak adopted by the organization?
organization structures are some of the major o How will the organization identify, quantify and
challenges of IT driven transformation projects. manage these risks?
Training Needs Assessment (TNA) and corresponding o What is the risk appetite of the organization?
Human Resource Development (HRD) plans can o What risks emanate from e-business
address these gaps. developments?
• Operational risk
o What are risks inherent in processes which the
Project management
organization has chosen to implement?
o How does the organization identify, quantify
During IT project implementation, continual project
and manage the same?
monitoring and mid-course correction, issue logging,
o How does the organization adapt its activities
escalation, resolution and knowledge management
as strategies and process?
must be managed by a project management team.
• Financial risk
Ideally this team should have a mix of business
o Have operating processes put financial
managers and IT managers. Post implementation,
resources at undue risk?
security and controls surrounding the information
o Has the organization incurred unreasonable
systems must be checked thoroughly.
liabilities to support operating processes?
o Has the organization succeeded in meeting
Once the project team is mobilized, project structure
measurable business objectives?
and roles and objectives of each team member must
be communicated clearly. Sample work locations for
VOL 1 - NOVEMBER
• Regulatory risk
• Information risk
o Are data / information / knowledge reliable, routing and remote access. Network protocols, remote
relevant, and timely?
o Are information systems reliable and secure?
o Do security systems reflect any e-business
strategy?
• External risk
Timeframes for actions to realize improved processes
along with responsibilities must be drawn up. The
project team must thereafter start monitoring action
execution as per plan. New process owners must
start monitoring new process performances. Stable
processes must be recorded in operating manuals
and be made accessible to all related employees. It
is important at this stage to identify MIS reports that
managers in operating level and strategic level would
require, identify underlying data sources and methods
of data capture and validation. This would provide
inputs to an IT architecture plan for subsequent phases.
A communication strategy must be in place from the
start outlining source of communication, medium of
communication and frequency of communication to
all stakeholders.
Identify IT investments
Assess current state of IT infrastructure
Based on above analysis, a business organization
must move towards IT project decisions. Then the
first step for identifying IT investment areas is to
assess the current IT. Current infrastructure needs to
be studied:
• Assess existing infrastructure (hardware and
networking);
• Assess network and security architecture;
• Assess utilization levels of deployed architecture;
• Assess SLA agreements with service providers;
• Assess new infrastructure requirements.
The business organization needs to list all the
mainframes, mini computers, PCs and laptops being
used. Analyze company size and user and resource
distribution. Assess the available connectivity between
the geographic location of worksites and remote sites.
Assess net available bandwidth and latency issues.
Analyze performance, availability, and scalability
requirements of services. Analyze data and system
access patterns. Analyze network infrastructure,
protocols, and hosts. Analyze TCP/IP infrastructure.
Measure and optimize a DHCP infrastructure design.
Assess DNS design. Assess proxy server, firewall,
computing, network topologies, internet, intranet,
extranet, client / server need to be studied.
Assess current state of software applications
Current software application portfolio also needs to
be assessed:
• Asses existing transaction processing system;
• Assess IT application portfolio;
• Assess user adoption levels;
• Understand the existing application software
deployment systems like - alternate delivery
channels, reporting and MIS system.
Business organizations must make inventory of
programs, objects and files. An application is a
collection of computer programs and data that work
together as a system to perform one or more business
functions. Analyze and classify the applications into
categories like healthy, must-go, and needs technical
or functional improvements. Assess maintenance and
development lifecycle costs. The three measures used
to assess each application are:
• Technical Quality – The application is evaluated
against factors such as maintainability, stability,
and effective use of technology. This assessment
is performed in facilitated meetings with the staff
that supports the applications.
• Functional Quality –This is a measure of how
well the application meets the needs of the
business. Factors include system usefulness,
ease of use, reliability, and responsiveness to
changes to the business. This measure is
determined in a facilitated survey with the
operational users of the system, and managers /
executives who use the system for management
or strategic decision-making.
• Strategic Value – This measures the relative
importance of a business function to the company
and how critical the application is in performing
that function. The ratings (High, Medium or Low)
are assigned by company executives. A High
indicates that the function and application give the
company a competitive advantage. A Low implies
that the application is not critical to the business.
A Critical Success Factor in all of these
measures is “fair & balanced” comparisons.
VOL 1 - NOVEMBER
It is generally best if one person or a very small team
facilitate all of the measurement sessions to insure a
consistent approach. The approach may be:
Assess current state of software
deployment processes
Understand current enterprise software deployment
processes:
• Database systems, operating systems, office
automation tools, anti-virus and anti spam system,
mail messaging system;
• Model of IT deployment - managed in-house/ Data classification
outsourced/ hybrid;
• Data centre and DRC deployment;
• Facilities and application management.
Activities involved in enterprise software
deployment are:
• Release - all the operations to prepare a system classifications as a roadmap for retaining and storing
for assembly and transfer to the customer site.
• Install and activate - starting up the executable
component of software, make all the supporting Software acquisition, development
systems ready to use. Working copy of the software
might be installed on a production server in a
production environment. Other versions of
the deployed software may be installed in a test
environment, development environment and service is formally defined. Software development and
disaster recovery environment.
• Deactivate - shutting down any executing
components of a system. Removing infrequently
used or obsolete systems from service is often other attributes of the service.
referred to as application retirement or application
decommissioning.
• Adapt - process to modify a software system that
has been previously installed. It differs from
updating in that adaptations are initiated by local
events such as changing the environment of
customer site.
• Update - replaces an earlier version of all or part
of a software system with a newer release.
• Version tracking - help the user find and install
updates to software systems installed on PCs and
local networks.
• Uninstallation - removal of a system that is no
longer required.
• The typical roles involved in software deployments
for enterprise applications are:
Develop IT investment plans
While planning future IT state it is important to plan all
the aspects of IT:
IT organization structure
IT Organizations are typically structured around
vertical business units. Instead business processes
may serve basis for IT organizations. It might be a
good practice to appoint an enterprise architect. The
EA is more business focused than technical focused.
Business solution competency teams may focus on
business solutions applicable across vertical business
units. A programme management team can monitor
projects.
Companies often waste valuable storage resources
by retaining all data on expensive, high-performance
systems. The practice of data classification seeks
to overcome this potential weakness by aligning
information with business needs, categorizing the data
based on these needs and then using the resulting
information.
& maintenance
A Service Level Agreement (frequently abbreviated as
SLA) is a part of a service contract where the level of
maintenance can be outsourced if appropriate SLAs
can be designed. The SLA may specify the levels of
availability, serviceability, performance, operation, or
VOL 1 - NOVEMBER
Physical security
Physical security of IT assets is important. Physical
security provides the first line of defense in cyber
security - someone who can steal your machine - or
sit down at it and start working - represents as much
potential disruption to your work or data as cyber
incidents do. This may involve locking your workspace
after office hours, placing laptops in inconspicuous
locations when unattended in your office, home, or
hotel room, and using additional measures such as
laptop-locks and computer-locks where appropriate.
Hardware acquisition & maintenance
Process to develop specifications and call for bids
need to be assessed. Organizations should constantly
seek to use technology more efficiently and effectively
to meet business objectives. Multitasking and multi
processing features are assessed. Compatibility with
other hardware is reviewed. Usually CPU speed and
Input Output device speeds are critical. Personal
Digital Assistants (PDAs) are becoming important
for mobility solutions. Written acquisition policies and
process for feasibility studies, requirements gathering
and approval process of IT steering committee
are important.
Application security
Security aspects during SDLC (system development
life cycle), change (life cycle) management, database
security and malware need to be assessed.
License management
Technology that offers integration and automation
is now available and can be leveraged to address
the challenges surrounding software inventory,
compliance and license management. Solutions
including these capabilities offer visibility into an
organization’s software environment, and work toward
automatically associating all software licenses, use
rights and supporting purchase data to their respective
software. Aside from the inconsistent and incomplete
publisher and product names, version, edition and
language data is often published without a common
format; and in some cases, simply missing altogether.
Further complicating software inventory processes
are the practices of evaluations and bundling. The
process of simplifying the everyday complexities
of software license management begins with the
implementation of several tasks designed to automate
the administrative tasks of matching licenses to their
discovered instances.
Network security
In networking, network standards and protocols
facilitate the creation of an integrated environment of
application and services communication. A firewall is
a device (hardware / software) that restricts access
between networks. A firewall is implemented to support
the organizational security policy, in that specific
restrictions or rules are configured within the firewall
to restrict access to services and ports. The firewall
architecture for the organization depends on the type
of protection the organization needs. The architecture
might be designed to protect internal networks from
external; it might be used to segment different internal
departments and might include packet filtering, stateful
packet inspection, proxy / application gateways, or a
combination of these. The organization might decide
on hardware- or software-based firewalls to provide
network protection. Administrative, physical, and
technical controls should protect the network and its
associated components.
Backup & recovery
Backups are useful primarily for two purposes. The first
is to restore a state following a disaster (called disaster
recovery). The second is to restore small numbers
of files after they have been accidentally deleted or
corrupted. Many different techniques have been
developed to optimize the backup procedure. These
include optimizations for dealing with open files and
live data sources as well as compression, encryption,
and de-duplication, among others. Magnetic tape has
long been the most commonly used medium for bulk
data storage, backup, archiving, and interchange.
Blu-ray Discs dramatically increase the amount of
data possible on a single optical storage disk. Various
schemes can be employed to shrink the size of the
source data to be stored so that it uses less storage
space. Deduplication can occur on a server before
any data moves to backup media.
Virus protection
Many users install anti-virus software that can detect
and eliminate known viruses after the computer
downloads or runs the executable. Most common
method of virus detection is using a list of virus signature
definitions. This works by examining the content of
the computer’s memory (its RAM, and boot sectors)
and the files stored on fixed or removable drives
(hard drives, floppy drives), and comparing those files
against a database of known virus “signatures”. The
disadvantage of this detection method is that users
are only protected from viruses that pre-date their last
VOL 1 - NOVEMBER
virus definition update. The second method is to use
a heuristic algorithm to find viruses based on
common behaviors.
Email security
Viruses are a major email security hazard that
companies simply cannot afford to ignore. Various
studies have shown how employees use email to send
out confidential corporate information. Be it because
they are disgruntled and revengeful, or because they
fail to realize the potentially harmful impact of such a
practice, employees use email to share sensitive data
that was officially intended to remain in-house. Emails
sent by staff containing racist, sexist or other offensive
material could prove equally troublesome, not to
mention embarrassing. Spammers can use a corporate
mail server to send out their unsolicited messages,
often bringing trouble upon the unwitting organization.
A content checking tool is a must to prevent users
from sending out confidential or sensitive corporate
information via email. A reliable virus scanner screens
all incoming and outbound messages and attachments
for email viruses and worms.
Logical access
Logical access control refers to the collection of
policies, procedures, organizational structure and
electronic access controls designed to enable safe
access to computer software and data files as well
as to networking. The logical access controls can be
embedded within operating systems, applications,
add-on security packages, or database and
telecommunication management systems.
Helpdesk management
Helpdesk must pick up the phone, log and process
incidents. Any non-scripted discussion with the user
will take 5-10 minutes on the average. With automatic
HD system (users logging the incidents themselves
via portal or email), reassignment, closure and
communication with users is full time job for at least
one person, if you have 200+ users. Some problems
can be solved using Knowledge Base set up, many
things require research / configuration or depend on
interaction with other specialists inside or outside of
your company.
Operating system security
Many information systems continue living in an
insecure condition that keeps the system at the danger
of a virus infection or at the total compromise by a
hacker. A firewall is a device or program that blocks
undesired Internet traffic, including viruses, from
accessing your computer. Manage the user accounts
on your computer, so you can control exactly who can
log into your machine.
Program change management
The purpose of the Change Management Program
(CMP) is to assure that the negative impact of
changes to a company’s Information Technology
system is minimized by using a standardized process
of governance. Develop a Request for Change (RFC).
Obtain Business Change Acceptance: The decision to
make a change is typically a business decision where
costs vs. benefits are weighed. Initiate the Development
Project: Development of the change (including testing)
is an IT-guided function. Careful attention must be
given to ancillary effects the new change may have
on existing systems. Pass the Change Management
Gate: a group of people with different perspectives,
backgrounds and areas of expertise is to review the
change from a process and governance standpoint to
assure that all foreseeable risks have been identified
and mitigated, and that compensatory techniques
are in place for any elements of exposure (things
that could go wrong). The entire process must be
thoroughly documented and the approved process
must be precisely followed.
Encryption
Encryption is used to protect data in transit, for
example: data being transferred via networks (e.g. the
Internet, e-commerce), mobile telephones, wireless
microphones, wireless intercom systems, bluetooth
devices and bank automatic teller machines.
Version control
Changes are usually identified by a number or letter
code, termed the “revision number”, “revision level”,
or simply “revision”. Systems to automate some or all
of the revision control process have been developed.
Baseline is an approved revision of a document or
source file from which subsequent changes can be
made. A change list, change set, or patch identifies
the set of changes made in a single commit. A check-
out (or co) is the act of creating a local working copy
from the repository. A commit or checkin is the action
of writing or merging the changes made in the working
copy back to the repository. The repository is where
files’ current and historical data are stored, often on
a server.
VOL 1 - NOVEMBER
Outsourcing guidelines
While outsourcing can bring cost and other benefits,
it may increase the risk profile of an organization due
to, for example, strategic, reputation, compliance
and operational risks arising from failure of a service
provider in providing the service, breaches in security,
or inability to comply with legal and regulatory
requirements by the institution. Outsourcing guidelines
contain prudent practices on risk management of
outsourcing. Outsourcing does not diminish the
obligations of an institution, and those of its board and
senior management, to comply with relevant laws and
regulations. The organization also needs to maintain
the capability and appropriate level of monitoring and
control over outsourcing, such that in the event of
disruption or unexpected termination of the service,
it remains able to conduct its business with integrity
and competence.
Internet / intranet security
For intranet developers, restricting access to the site
has been the primary security concern. The simplest
way to achieve this is to position the internal site where
it cannot be seen or accessed from the Internet at large
– behind a firewall. A significant improvement can be
achieved by encrypting communications between
a browser and server. The most common way of
doing this is to establish a secure connection using a
variation on HTTP (the standard web protocol) called
the Secure Sockets Layer (SSL). A virtual private
network (VPN) uses software or hardware to encrypt
all the traffic that travels over the Internet between
two predetermined end-points. Digital certificates
can provide a sophisticated means of controlling and
monitoring access.
Password security & control
While passwords are a vital component of system
security, they can be cracked or broken relatively easily.
One easy way for potential intruders to nab passwords
is through social engineering: physically nabbing the
password off a Post-It from under someone’s keyboard
or through imitating an IT engineer and asking over the
phone. In order to ensure their ongoing effectiveness,
passwords should be changed on a regular basis.
Network managers and administrators can enhance
the security of their networks by setting strong
password policies. The organization’s password policy
should be integrated into the security policy, and all
readers should be made to read the policy and sign-
off on it. They should set password expiration dates
on all programs being run on the organization’s
systems. Keep a password history to prevent reuse,
and lock of accounts after 3-5 password attempts.
Business continuity - disaster recovery
The foundation of Business Continuity are the
standards, program development, and supporting
policies; guidelines and procedures needed to ensure
an organization to continue its services without
stoppage, irrespective of the adverse circumstances or
events. Disaster recovery is a small subset of business
continuity. Ongoing management-level process to
ensure that necessary steps are regularly taken to
identify probable accidents, disasters, emergencies,
and/or threats. It also involves (1) assessment of the
probable effect of such events, (2) development of
recovery strategies and plans, and (3) maintenance
of their readiness through personnel training and plan
testing. Part of business continuity is ensuring that
all personnel in an organization understand which
business functions are the most important to the
business. This understanding must be manifested
in personnel training to take over those business
functions when personnel enter or leave the company
during normal business operations. A business impact
analysis is the primary tool for gathering this information
and assigning criticality, recovery point objectives and
recovery time objectives.
Disaster recovery is the process, policies and
procedures related to preparing for recovery or
continuation of technology infrastructure critical to an
organization after a natural or human-induced disaster.
Once the RTO and RPO metrics have been mapped
to IT infrastructure, the DR planner can determine the
most suitable recovery strategy for each system. Most
common strategies for data protection:
• Backups made to tape and sent off-site at
regular intervals (preferably daily)
• Backups made to disk on-site and automatically
copied to off-site disk, or made directly to
off-site disk
• Replication of data to an off-site location,
which overcomes the need to restore the data
(only the systems then need to be restored or
synced). This generally makes use of storage
area network (SAN) technology
• High availability systems which keep both
the data and system replicated off-site,
enabling continuous access to systems
and data
• Quality assurance
• Incident management
VOL 1 - NOVEMBER

Develop IT integration roadmap of service. The Information Technology Infrastructure

Library (ITIL) is a set of concepts and practices for
• Understand delivery channel and existing & new Information Technology Services Management
system’s requirements; (ITSM), Information Technology (IT) development
and IT operations. ITIL gives detailed descriptions
There are many possible delivery channels that can of a number of important IT practices and provides
be used to provide information or news, including: comprehensive checklists, tasks and procedures that
any IT organization can tailor to its needs.
• Intranet;
• E-mail;
• Internal newsletters and magazines; Implementing IT projets
• Staff briefings, meetings and other face-
to-face communications methods;
• Notice boards in communal areas; Project management
• Manuals, guides and other printed resources;
• Hand-held devices (PDAs, etc). During actual implementation, project management
team must monitor the following:
• Understand requirements to integrate existing
software with new software & technology; • Project charter formulation;
• Develop system integration requirements, • Steering committee setup;
define interface standards and develop strategy • Project risk analysis;
for integration; • Project delivery team identification and
• Develop system integration rollout strategy. resourcing;
• Change management procedures;
Develop IT services model • Project planning and detailing;
• Project quality management procedures;
• Develop IT service delivery process; • Project tracking and monitoring template;
• Develop IT service support process; • Project management policies and templates;
• Define KPI’s for IT operations; • Identify projects for implementation by grouping
• Identify SLA parameters; initiatives into discrete and coherent projects;
• Develop SLA parameters for various components • Identify and agree criteria to prioritize projects/
of IT infrastructure and services; initiatives into ‘quick wins’, short term and long
• Define SLA measurement and evaluation term initiatives;
method; • Identify critical path for implementation of project
• Define escalation matrix and escalation success;
procedures; • Identify all the KPI’s and set benchmark;
• Functional specifications document for HO, • Prepare Template to capture data to monitor
branches, CFAs; progress;
• MIS requirements; • Stakeholders Commitment;
• Technical specifications document; • Risk Mitigation;
• Interfaces with existing applications; • Team Performance;
• Establishment of helpdesk – incident handling, • Scope Management;
change handling, configuration management; • Work and Schedule Management;
• Training needs; • Benefits Management;
• Completion criteria for each stage; • Prepare detailed plan of monitoring and
• Framework for hardware sizing; reporting progress of the implementation;
• Integrated IT strategy document; • Develop, agree and finalize the reporting hierarchy
• Vendor / technology selection policies / criteria. and schedule;
• Review vendor documentation and understanding
Global delivery models are becoming popular due of business functionalities;
to lower costs. From basic workflow management • Obtain sign-off of documents;
tools to complex tools tracking actual delivery against • Define product parameterization methodology;
agreed SLAs are available. The term Service Delivery • Define parameter change management
Platform (SDP) usually refers to a set of components methodology;
that provide services delivery architecture (such as • Define UAT methodology for clean database
service creation, session control & protocols) for a type testing, migration testing, unit t esting and
VOL 1 - NOVEMBER

integration testing;
• Define test case documentation formats; IFRS
• Define test monitoring frameworks and formats; By Ganesh Srinivasan
• Formulate the gap analysis methodology;
• Define the version control and change management
methodology.
International Financial Reporting Standards (IFRS)
Project review is a globally accepted set of accounting standards
and interpretations established by the International
Periodic review must cover: Accounting Standards Board (IASB). On January
22, 2010, the Ministry of Corporate Affairs issued
• Monitor progress of implementation; the road map for transition to IFRS with subsequent
• Identify schedule slippage if any; clarifications in May 2010. The Institute of Chartered
• Analyze the issues if any; Accountants of India (ICAI) has announced that IFRS
• Address issues and schedule slippage and take (International Financial Reporting Standards) will be
appropriate actions; mandatory in India for financial statements for the
• Assess project metrics; periods beginning on or after 1 April 2011. This will
• Evaluate open defects, defect density, defect be done by revising existing accounting standards to
severity, defect priority, defect closure, adherence make them compatible with IFRS. Reserve Bank of
to quality and development standards, resource India has stated that financial statements of banks
allocation, baseline change, critical success need to be IFRS-compliant for periods beginning on
factors, risk mitigation; or after 1 April 2011.
• Periodic review of software performance;
• Periodic review of hardware performance; In the first phase large companies (net worth
• Review ‘go live’ in departments. Rs. 1,000 crores as of 31st March 2009), companies
that are included in Nifty 50 or Sensex 30 and
Change management companies whose securities are listed in a foreign
exchange will adopt the new set of accounting
Change management activities need to be managed: standards. Companies, whether listed or not, having
net worth of more than Rs 500 crore will convert
• Identify change champions and sponsors; their opening balance sheet as at April 1, 2013.
• Define roles and responsibilities; Listed companies having net worth of Rs 500 crore
• Define the stakeholder management plan; or less will convert their opening balance sheet as at
• Develop change management plan; April 1, 2014.
• Define change management roadmap / initiatives
to be undertaken; India has opted for the ‘convergence’ approach
• Develop change management initiatives as per versus the ‘adoption’ approach, while transitioning
transformation roadmap; to IFRS. Indian standard setters can review the
• Define the change communication framework; prevailing IFRS standards, and determine that certain
• Define roles and responsibilities for each node; specific provisions under these standards are not
• Develop the communication templates and acceptable for application in India. One benefit that
protocols within the hierarchy to identify and act supports transition to IFRS is that Indian companies
on change requirements; can use their statutory financial statements to
• Define KPI’s for change management initiatives; raise capital in the overseas markets, and foreign
• Develop templates to capture data and produce investors can interpret financial statements of Indian
metrics; companies easily.
• Review change management and report periodic
status;
• Training employees at different levels in the
hierarchy, in achieving their envisioned roles and
responsibilities after the implementation.

VOL 1 - NOVEMBER

The IFRS Foundation (www.ifrs.org) currently provides statements. During this transition phase, both Indian
free access to the current year’s consolidated GAAP and IFRS accounting and reporting are to be
unaccompanied IFRSs (i.e. the core standards, carried out simultaneously.
without implementation guidance and the basis for
conclusions) in English and the IFRS for SMEs. Phase V – Adoption of IFRS
There are differences between IFRS and Indian The final phase includes switching over to IFRS
Accounting Standards, e.g.: standards by adopting all the reports and statements
that IFRS demands.
1. ‘Prudence’ is an assumption under IFRS
accounting that rules out unrealistic gains out
of available for sale securities.
2. IFRS places more emphasis on the Statement
of Cash Flows as it provides information on
the ability of a company to generate cash and
cash equivalents with timing and certainty.
3. IFRS emphasizes ‘control’ over economic
benefits of an asset and not legal ownership.

IFRS may have significant overlap and cross-

dependencies with ERP implementation, financial
reporting and consolidation.

To achieve a seamless transition to an IFRS compliant

enterprise and derive the best results out of SAP
investments, Wipro has formulated a structured
and phased approach to resolve the challenges in
IFRS transition.

Phase I – Assessing the Impact

Analytical review will be carried out in this phase

to assess the areas of impact on existing ERP
system,including financial reporting, valuations,
depreciations, supporting business processes,
information systems and tax compliance.

Phase II – System Building

This involves designing of conversion strategy,

installation and implementation of necessary
applications and tools for achieving dual accounting
standards, establish IFRS accounting policies, carry
out operational and systems changes and extensive
testing of the results/outcome of these tools

Phase III – Training

This phase involves training to the users of the ERP

system on the tools deployed for IFRS compliance.

Phase IV – Initial Conversion

This critical step includes preparing and posting of

IFRS adjustment entries, prepare IFRS financial