Australian superannuation fund provider
Reducing time-to-market in security architecture
time taken for security architecture decisions to be made, down from 12 weeks.
New ways of working speeding up decision-making
About the client:
Our client is a Superannuation Fund provider in Australia supporting more than 1 million people to save for their retirement. The fund services more than 90,000 employers, has over 950,000 members and invests around $70 billion in savings.
Equal Experts services
Length of project
Unblocking bottlenecks in the security architecture process
Superannuation fund providers in Australia operate in a heavily regulated and increasingly competitive financial sector. To succeed, a provider must be able to respond quickly to new regulations as well as adapt to new investment opportunities to benefit their members. Our client recognised that it needed to improve the delivery speed for its security architecture to maintain compliance and capitalise on new opportunities.
Internal bottlenecks and limited collaboration between teams had slowed progress within the security architecture process to a crawl. Vital information about the proposed architecture was not being shared between relevant teams, resulting in difficult and time-consuming work to negotiate solutions.
A lack of collaboration meant decisions about crucial security architecture projects could take up to 12 weeks to be made, severely impacting the velocity and leaving teams unable to start work on projects for months at a time.
As this pattern of friction continued, issues remained unresolved and further breakdowns in communication occurred, resulting in a continuing decline in the number of architectural projects being delivered.
Empowering discussion, sharing knowledge and building trust
Equal Experts embedded a Security Architecture Consultant within the organisation, working across the client’s teams to understand their goals, where communication had broken down and support better ways of working. A consultative listening approach was adopted with each team empowered to share their priorities, challenges and concerns to progress projects.
Our Security Architecture Consultant encouraged an open dialogue between teams ensuring that requirements would be shared on projects in a collaborative and structured way, with regular opportunities for discussion. This open and regular cadence facilitated good security decisions to be made at scale, with all teams feeling valued and engaged in the process, which in turn sped up the process.
Creating a fast-track process for smaller projects
Improvements were made to the architecture review forum to enable the members to have access to the information they required in a timely and usable way. Previously this process was a bottleneck as every proposal, regardless of size or risk, would be required to go through this process. If there was any issue at the forum discussion, such as a team member’s absence or more time required, the velocity slowed down.
A fast-track approvals process was introduced where some projects would be able to get information security endorsement without needing to go through the formal forum meeting. The process used a risk calculator to provide a risk score and determine the amount of information and activities that would have to be undertaken before a plan could be assessed. For low-risk, smaller projects, approvals could be reviewed without a forum meeting required, leaving each team more time to work collaboratively on areas where there was a larger associated risk.
Faster decision-making from collaborative teams aligned behind the same goal
By acting as an impartial consultant, Equal Experts encourages open discussions about ways of working and collaborative approaches between the teams. This neutrality allowed a balance to be struck between the desire to architect a solution in a certain way and the security concerns that may result. It enabled progress to be made with the goals and needs of the overall business, not individual teams, in focus.
Internally the teams themselves are happier, more productive and more collaborative. They work together, aligned behind a goal to deliver good security architecture and are empowered to share relevant requirements and information at early stages and with regular frequency. Trust has been reestablished and it is enhancing the process by reducing the need for time-consuming meetings about smaller decisions. It also allows more space for the teams to discuss the specifics of risky, more complex projects and add value to these projects with a bigger impact on the business as a whole.
As a result of the engagement, the time to market for architecture projects has significantly improved, with many of the barriers and bottlenecks which originally slowed down the process now removed. Previously decisions could take between eight and 12 weeks to be made and enable engineers to start work. Now, most decisions are made within three weeks, a significant reduction in the approvals process timescales. This new process has improved engineering velocity while maintaining a high level of security standards.
Want to know more?
Are you interested in this project? Or do you have one just like it? Get in touch. We'd love to tell you more about it.