TECHNOLOGY
Standardisation (ISO) accreditations l disaster recovery policy, plan, last test date and results l business continuity plan and last test date l external penetration test – summary results l HR policy – pre-employment background checks l third-party management policy l if development is outsourced, details regarding where l if support is outsourced, details regarding where. Governance, risk and controls The success of technology depends on the strength of its underlying core processes. A management and governance framework helps businesses to assess strengths and weaknesses, understand best practices and improve each core process. By prioritising key processes, payroll can build an improvement roadmap and good vendors will typically want to go on this journey with you. Consider whether there’s clear ownership of the core processes, roles and responsibilities within your organisation. Also, see if there are service level agreements (SLAs) and key performance indicators (KPIs) placed on your payroll to measure your core internal audit risk areas. IT security is a business-critical function, there to ensure technology is as protected as possible. Data breaches which originate in the supply chain are more commonplace than businesses may be aware. According to a 2022 data breach investigation report, 62% of system intrusions happened through a business partner. If your payroll uses middleware or third-party software, it’s important this is fully assessed and not just a core payroll platform. Detailed due diligence of what you have and what to invest in should always be at the forefront. Remember that automating inefficiencies only serves to magnify them. A parting thought Technology is a key enabler and provides a surmountable level of benefits to payroll with future possibilities, but it isn’t a driver. At the centre is leadership and culture – this is the force and influence payroll professionals need to drive the change. n
the rewards of using available integrations and automation.
invest in data management processes and technologies to ensure data quality and availability for AI systems. Implement explainable AI models to increase transparency / build trust with stakeholders and upskill the workforce through training programmes to close skills gaps and effectively use AI technology.
Artificial intelligence (AI), robotics and automation Brankica Malic of Luna Technology GmbH advises us that RPA is designed to automate repetitive, rule-based tasks, while AI aims to replicate human intelligence and decision-making capabilities. RPA is effective at structured processes, while AI excels at handling complex, unstructured tasks. Both technologies have their strengths and applications, and companies can benefit from using them according to their specific needs and goals. RPA and AI technologies offer businesses huge potential, and each technology has its unique benefits and challenges. By understanding the differences and providing appropriate solutions, companies can harness the power of technology to increase efficiency, improve decision-making and stay ahead in an increasingly competitive environment. Recommended approach to RPA Clear process documentation and standardisation can improve the compatibility and efficiency of RPA implementation, and so can collaboration between IT and other departments. To reduce potential risks, strong security measures such as user authentication and data encryption should be in place. Recommended approach to AI Develop clear ethical guidelines and regulations to address the potential social impacts of AI and ensure responsible implementation. Organisations should
Cybersecurity Technology has pros and cons, like
everything in life. With cloud-based software as a service (SAAS) evolution, cybersecurity attacks are on the rise. Will Jackson, chief executive officer at C2 Risk, warns of the impact breaches have and stresses the importance of mitigating financial and legal risk, safeguarding business reputation, ensuring personal data security and minimising errors / oversight. How is this approached? Strong governance. Below are some key areas payroll must consider from a technology perspective: General Data Protection Regulation (GDPR) Consider whether: l your data protection impact assessment is up to date l you can map all payroll data forensically – this means you know where it comes from
and how, and then where it goes l your data workflows map to your processes; they should
l a solution architecture map is available, noting key data flows and integrations. If not available, it should be. Vendor risk management You could request the following evidence: l System and Organisation Controls (SOC) 2 type 2 audit report l International Organisation for
41
| Professional in Payroll, Pensions and Reward |
Issue 99 | April 2024
Made with FlippingBook - Online magazine maker