GRC
HR
SCM
CRM
BI
Expand +


Case Study

 

Taking Risk Management to the Next Level at Baker Hughes

by Lauren Bonneau, Senior Editor, SAPinsider | insiderPROFILES

January 1, 2011

Oilfield services company Baker Hughes wanted to ensure future growth, but it first had to figure out how to use its existing software, standardize its processes, and deploy new technologies rapidly. Discover how this particular business used the rapid application deployment methodology to implement SAP BusinessObjects governance, risk, and compliance solutions and gain efficiencies in risk management and process control.
 

As an oilfield services company dedicated to helping oil and gas operators make the most of their reserves, Baker Hughes, Inc., engineers products, technologies, and services that enable its customers to better manage operating expenses, reduce risk, and improve productivity — in essence, to create more value from the reservoir to the refinery.

The company sees a bright future; it looks forward to working with its customers for the next century to continue problem solving and expanding the limits of oil, gas, and alternative energy drilling and production. But to ensure that the business could sustain future growth and keep pace with technological advancements, Baker Hughes first needed to take stock of its own technologies and processes. The business needed to figure out how to use its existing software, standardize its processes, and leverage new technologies to take the company to the next level.

“We needed to organize how to deploy our large portfolio of software and capabilities and also how to leverage these investments as we plan to move forward,” says Jo Ann Kern, SAP Program Director at Baker Hughes.  “We were also very focused on how to deploy and deliver functionality more rapidly to keep up with the business — and better yet, get ahead of it.”

Delivering Solutions Rapidly

To balance all of these objectives, Kern and her SAP program team needed to standardize on an innovative yet reliable way to deploy SAP technology to the business. The team was also highly motivated by a directive from Baker Hughes’ CIO, Clif Triplett, who wanted to gather up all the software the company had sitting on the shelf, take it out of the box, stand it up, and get the business engaged around it.

To find the right solution, Kern researched extreme programming and agile methodologies. “We didn’t want to deviate from SAP’s endorsed methodologies and end up on a trajectory where we spent a lot of money and incurred a lot of investments for an end result that was not what the business wants,” she says.

Kern and her team soon arrived at a solution: a unique, internal version of the rapid application deployment (RAD) methodology that allowed them to deploy functionality in fewer than 90 days. Using this methodology, the team takes software out of the box, leaves it disconnected from production in a standalone environment, shows it to the business users in two-to-four weeks to get them engaged in an iterative process, and delivers it in production in fewer than nine days.

“Sticking with this methodology, we’ve delivered 19 projects over the last nine months,” says Kern.

Providing a Circular View of Risk

One of the projects completed using the RAD methodology was the implementation of a governance, risk, and compliance (GRC) solution — SAP BusinessObjects Risk Management. “The Baker Hughes Integrated Operations (BHIO) team was experiencing lots of challenges integrating risk management into their project methodology,” Kern says. “They were using a lot of different manual techniques and processes. So we were able to deploy SAP BusinessObjects Risk Management and assist them in those projects.”

At Baker Hughes, no one group is responsible for managing all the risks in the business. “Because people wear multiple hats, one of their job functions is to manage risk — and people at the rig have different objectives than executive management,” says Bobby Joseph, Senior Manager of SAP Security and Controls at Baker Hughes. With all of these different avenues for assessing and managing risk, keeping track of data in different locations was challenging.

Much of the risk management responsibility, however, tended to fall on the BHIO team, since its primary business is to be a customer front end for all operations, including finance and project risk. “Previously, BHIO kept track of thousands of risks in numerous worksheets and spreadsheets. There was no risk register,” Joseph says. “So we proposed to create one single source where they could harmonize and rationalize all the risks. The intent was to put all the risks in one place so that everybody — from the top to the bottom — could access them and create one complete risk management circle.”

           
         
“Our intent was to put all the risks in one place so that everybody — from the top to the bottom — could access them and create one complete risk management circle.”
Bobby Joseph, Senior Manager of SAP Security and Controls, Baker Hughes, Inc.
           

Following Baker Hughes’ RAD deployment methodology, the team achieved its objective. Project preparation took one week, followed by blueprinting and eight weeks of realization — gathering the requirements, configuring the system, working with the security issues, and setting up and validating the system. Transferring knowledge was the final step.

“BHIO was very pleased with the SAP BusinessObjects front-end screen, and they were ready to improve the process and rebuild the structure,” says Joseph. “Now, the executive team, managers, and people at the rig can all have the same idea about risk. The information is kept in one single location, anybody can access it, and everyone has a shared vision about what they are trying to achieve.”

Offering Continuous Process Monitoring

Another GRC project that Baker Hughes completed using its RAD methodology was an implementation of SAP BusinessObjects Process Control. “The audit committee was putting a lot of pressure on our internal audit group to do continuous audit monitoring,” says Kern. “So we took the GRC process and the RAD process and moved forward and implemented SAP BusinessObjects Process Control.”

“Our customer — the internal audit group, in this case — gave us very specific requirements, and we ultimately developed around 40 custom reports and queries for them. Implementing continuous monitoring for the procure-to-pay cycle was an important goal for them, for example,” Joseph says. Other rules the team developed in SAP BusinessObjects Process Control focused on identifying duplicate vendors and vendor payments.

Looking Ahead

Because SAP BusinessObjects tools for GRC integrate with the company’s existing SAP system, there’s no data extraction, so strong efficiencies are gained, according to Joseph. Based on the successful implementations of the risk management and process control tools, Baker Hughes is now implementing SAP BusinessObjects Access Control. The rest of the SAP BusinessObjects suite of solutions will soon follow. 

An email has been sent to:






More from SAPinsider



COMMENTS

Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!


SAPinsider
FAQ