Jade Software Fri, Apr 29, '22 9 min read

Identifying and Mitigating Technology Key Person Risk

What is Technology Key Person Risk & how to identify it within your organisation

In today’s environment we see many companies whose core enterprise systems have stood their ground during the digital transformations of the late 2010s. This is not to say that there haven’t been new software purchases, with many adding-on barcode/QR readers, scheduling or workflow tools and booking systems - but the main ‘brain’ of the business has remained untouched. Whether it’s because the project was put into the ‘too hard’ basket, or there simply wasn’t the appetite or budget, given the natural ebbs and flows of a business this has meant valuable and complex system knowledge is now being held by very few individuals within an organisation.

In the face of cloud enablement, the global pandemic and the Great Resignation, if critical system knowledge is concentrated to one or only a few individuals, there is a high chance that if these employees leave the business, or become unwell for an unknown period of time, they could take with them valuable background knowledge, leaving behind a black box. This can result in a slowdown of activity, backlogs or a potential stop to work completely. Put simply, if there is a single point of entry for these systems, there is likely Technology Key Person Risk (TKPR) in the organisation.

Is this a risk you have? Below are two key questions to help determine if Technological Key Person Risk exists within your organisation:

How important is the application/system to the business?

Importance can normally be identified through two criteria – frequency of use and depth of integration. If this is a system accessed everyday then it’s important. Typically, these systems serve functions such as scheduling, stock management and the recording of financials. Secondly, a critical system will often be highly embedded in your business. This could mean that its function is simple, but it handles or translates data to, and from, multiple touchpoints in the business.

If the system is no longer business critical and you’re looking at replacing it with an off-the-shelf solution, then the risk in this case may not present an issue, simply a need for change management. However, if there isn’t a neat replacement for the system, or one that operates with the rest of your tech stack, then this application is definitely ‘important.’

Is it returning on your investment?

Investing in systems stretches beyond the initial install and monthly fees, to training and flexibility. User training should be easy enough, but the tell-tale sign of trouble is if you can’t train administrators easily. This could be because the training doesn’t exist or because of customisations made over time. Tailoring a system is common practice because not every business – even those in the same industry – have the same way of working. But if the processes desired weren’t in scope for the software then quirks and workarounds become the ‘in-the-know’ for administrators that isn’t written down.

If your application is more of a black box than an open book it can be difficult to gain insight into whether the most value is being derived from it. So more often than not it’s a question of - what opportunities there may be to develop and modernise the system for desired business outcomes.

Implications of Key Person Risk

If Technological Key Person Risk is present but not addressed, you’re left in a position where the ability to be proactive (enhance, unlock, build and develop systems) is extremely limited and the effort required to do so falls back on these few individuals - creating additional workload. If left untouched, the system can end up in a place where it no longer creates value and no one within the organisation understands if there is a better way to utilise it.

How to mitigate Key Person Risk

To technically de-risk and future proof the application the goal must be to create less reliance on a key person or key people. Each system has different pain points that create this reliance, so the solutions will vary. Here are some of the key user pain points we’ve seen, and the area of development applied:

Users circumventing the application: We look into the user interface (UI) and factors that influence the application running time. Sometimes this involves redesigning key elements, or adding accessibility benchmarks for performance.

Customisations are difficult: Depending on the vendor’s release schedule, we’ve rebuilt applications to enable greater control and independence for clients.

Innovation is stalled or slow: If you have the ability to roll out changes but it takes do-not-disturb dedication then the solution is often to decrease ‘noise’ in the system. This may include refactoring existing code to be uniform, or re-platforming to make the most of run-time advances.

BAU and new development are too much: Often capable people are excited by the new, but held back by the importance of maintenance. Partnering with a Managed Services provider can lift the time constraints for new development and decrease the weight of risk that sits on the shoulders of just a few.

How can Jade Digital help?

We are as excited as you are to ensure that things run smoothly, and that the new and exciting parts of your strategy get to see the light of day. If Technology Key Person Risk is an issue for you, modernising your application can relieve that risk. Wherever you are on the journey, getting external perspectives can broaden your viable solutions or validate your business case for change.

At Jade Digital, we have worked with, built, and currently manage an array of systems for clients globally. We can help unlock the value of your business’ black box. Reach out today for a confidential chat. 


Talk to us about unlocking the value of your systems