Control Origins is dedicated to the delivery of high quality, value add technology solutions. Our teams leverage world class technology and best practice frameworks to implement business processes that closely align regulatory requirements, industry standards and business strategies.
Our solution focus areas include:
Our solution model is driven by an analytical approach that is delivered through a multi-tenant, cloud hosted solution leveraging Microsoft technology (Azure, ASP.Net, SQL Server).
Control Origins was founded on a unique approach to building a logical relationship between an organization’s policies, procedures, standards, roles and skills to industry best practices (COSO, Cobit, ISO and ITIL) as well as regulatory requirements (SOX, HIPAA, Basel II, SSAE 16, PCI, CISP etc.). Additionally, industry specific regulations can be significant.
Whether you are charting the strategic direction of a business unit, ensuring regulatory compliance, transforming operations or optimizing sourcing models, there are a wealth of best practices that can be leveraged to assess the current state, structure transformation efforts and implement a continuous improvement lifecycle.
Rapidly cross-referencing and analyzing an organization's processes against both regulatory requirements and best practice frameworks is a critical component of any transformation assessment. Mapping those varied elements to an organization's roles, skills and responsibilities can only be efficiently accomplished with a robust data and analytics model.
There is a wide variety of best practices, regulatory requirements and business requirements that must be addressed in any transformation strategy. The "origin" and approach of each of these components is highly varied demanding a unified modeling framework that will provide many benefits including:
Projects by Control.Origins.
The Control Origins approach to transformation and optimization is based on best practices for implementing change in an organization. There have been many methods, processes, standards and practices that have been published over the past few decades which have been used to guide the development of our approach. The following list is representative but not all inclusive:
The Control Origins approach is first and foremost the major phases and steps of the strategic transformation and/or optimization methodology. However, the importance of a well defined approach is also core to the structure for our 'practices taxonomy', a very key component of the Control Origins modeling framework. The practices taxonomy is used to classify all components of the framework including documents, tools, templates, digital assets and other information relevant to the strategic transformation process.
ITIL® and IT Infrastructure Library® are Registered Trade Marks of AXELOS Limited.
The Discover phase of the Control Origins methodology is targeted at developing a detailed understanding of the organization's business goals and objectives as well the alignment of the organization being analyzed to those business goals and objectives.
This phase of the Control Origins approach is targeted at developing a detailed understanding of the organizations service delivery quality, process maturity and cost effectiveness.
The Define phase of the Control Origins methodology is targeted at the detailed definition of all components of the transformation or optimization alternatives that have been prioritized for implementation.
The Design phase of the Control Origins methodology is targeted at developing the detailed specifications for building the components of transformation or optimization from the Define process.
The Implement phase of the Control Origins methodology is targeted at constructing or building the transformation and/or optimization components that were specified in Design.
The Optimize phase of the Control Origins methodology is targeted at continuous improvement of the transformation and/or optimization components that were delivered in Implement
Includes current state assessment, portfolio analysis, financial base case, resource allocation analysis, scenario analysis and future state design and implementation.
The following Business Alignment tools are leveraged for for establishing an understanding of how the current business strategy aligns with current services:
Regulatory compliance solutions include discovery, verification, remediation, reporting and analytics across industry segments.
We have demonstrated the ability to rapidly identify compliance exceptions and establish an efficient remediation business process. Innovative analytics are applied to continuously update stakeholders regarding progress on the compliance process across very large organizations.
Control Origins provides clients with a wide variety of portfolio analysis services across industries as well as portfolio domains including applications and infrastructure.
The approach for analyzing application and infrastructure portfolios must be multi-dimensional and aligned to systems development lifecycle (SDLC) or service management best practices (ITIL).
The goal for outcomes of portfolio analysis includes the following:
Control Origins provides a wide variety of financial analysis services with the goal of developing a financial 'base case' for an organization followed by modeling transformation or optimization alternatives and their impact or business value.
Rapidly cross-referencing and analyzing an organization's processes against regulatory requirements and best practice frameworks is a critical component of any transformation assessment. Mapping those varied elements to an organization's roles, skills and responsibilities can only be efficiently accomplished with a robust data and analytics model.
Evaluating enterprise IT processes should begin with creation of a clear 'baseline' of the current process and control environment. To establish the baseline, the relationship between procedures, standards, roles, skills, best practices, regulatory requirements must be explicitly defined. Once defined, the baseline is used to complete a 'gap analysis' of an organization’s process and control hierarchy through a capability maturity assessment process.
Bottom line: The Control Origins team leveraged deep experience in processes and industry best practices as well as cloud-based application development and hosting to build a modeling framework accessible through web-based, mobile or 'stand-alone' windows user interfaces. Web-based user interfaces can be cumbersome and ineffective for data collection across complex data domains (applications, roles, skills etc.). Data collection, data analysis, data visualization and relational evaluation is tailored to the most effective approach for the data domain being analyzed.
Comparing an organization's processes and controls to both regulatory requirements and best practice frameworks is a key component of developing a transformation or optimization strategy. The ability to assess the maturity of an organization from a process and control perspective is essential to developing that strategy.
The assessment and analysis of transformation or optimization alternatives must include domains 'portfolios' or collections of assets that are not commonly included in the analysis process. Asset types or categories included in a 'portfolio' are sometimes referred to as 'resource units' in strategic sourcing strategy development. Portfolios can include applications, physical or logical servers, network nodes, storage etc. In order to comprehensively assess transformation or optimization alternatives for any organization, varying levels of 'portfolio' analysis must be completed.
Roles define an associated set of tasks or activities. Roles may be performed by many people; and one person can perform many roles. For example, an organization may have several resources that perform the role of Database Administrator, although traditionally each application group or business process team only has one Database Administrator at any one time; and a person who is able to perform the role of Database Administrator may also be able to perform the role of Database Architect or Database Designer.
An industry best practice for defining the level of responsibility assigned to a specific 'role' is the RACI matrix which is an abbreviation for Responsible Accountable, Consulted and Informed. Also referred to as Responsibility Assignment Model (RAM), this approach maps activities and deliverables to roles for a business process.
Control 
