Skip to main contentSkip to menu

IT Services Business Solutions and Consulting across UK and Europe

  1. Home >
  2. Industries >
  3. Government >
  4. Information Security >
  5. An information assurance ‘friendship’ for life?
Main contents start here

An information assurance ‘friendship’ for life?

There was a time when all that most organisations looked for in a security partner was an earnest group of consultants who would visit, pick over their systems and processes and then declare positive or negative compliance with security policies or standards. Subsequently the consultants would disappear, usually to be seen again during the next annual review cycle, and leaving you to put their “findings” into practice, often without knowing how or why.

This approach found its way into the emerging managed services environment. Despite the demand for creating a true partnership to make managed services successful, consulting-led frameworks became common. This was characterised by consultants engaging to define and negotiate the contract then handing over to the outsourcing arm, with an ensuing loss of relationship and knowledge of the key issues.

But the game has changed. The smart money is now moving to a more consistent approach to managed services. Today, organisations want to know that the people making all the promises are there to deliver them, particularly in crucial areas such as IA.

End-to-end service provision
Fujitsu has always had an extremely strong pedigree both in IA and meeting the particular needs of government, but if we’re being honest our approach was not always as co-ordinated as it should have been. Which is why, over the last year, we have united many of our IA capabilities into one practice with a joined-up delivery capability. Unlike the traditional consultancy-led approach, we now offer an end-to-end service, so the same people will often work on a project from initial engagement in the bid through to delivery.

For Fujitsu and our customers this means we can establish a good working relationship at a very early stage, because the people you negotiate with will be the people who are actually going to deliver. After all, these are the people that you are inviting into your ‘inner sanctum’ of critical services, so you need to be sure that they will do what you want and that you can work with them as your own.

I am an example of this approach. On joining Fujitsu in June 2003 I was assigned as a principal solution architect on Fujitsu’s bid for what is now the NHS “Connecting for Health” project. Working closely with the lead Enterprise Architect, I delivered the IA architecture and undertook contract negotiations all the way through to winning the bid. I became the chief security officer and was responsible for establishing the initial security organisation and processes, working on the project for a further seven months before handing over to my successor. I am now head of the Security and Business Risk Practice.

The buck stops here
A key factor in the success of Fujitsu’s integrated approach to IA is the coordinated ownership of service delivery. As the practice head, I own IA delivery for Fujitsu – the single focus for anything that’s right or wrong about what we do. But more importantly, the Practice provides leadership, underwriting the commitments made to our customers by IA practitioners across Fujitsu.

Our management structure not only provides specialist mentorship and professional guidance, but it also ensures that staff assigned to individual projects work consistently against agreed standards and practices. In this way our people operate with the full weight of Fujitsu behind them to deliver what we collectively promise. This professional oversight enables us to share best-practice approaches and recycle the experience and lessons learnt across new and existing projects, delivering consistency in our approach.

This combination of our end-to-end delivery capability and leadership in best-practice approaches to IA services enables a much stronger governance model, embracing the people, processes and technology aspects of IA services. As a result, risk and costs are reduced, because gaps in controls are eliminated and services can be tailored to suit the level of threat. Delivering IA is challenging enough without allowing internal divides to complicate it further.

Keeping our promises
So what does that all mean to you? Essentially, ownership and commitment. Since our people who win the deals are the same people who will deliver them, we won’t promise the impossible just to clinch a contract! Which is about as far removed from a consultancy-led approach as you can get. After all, why build a relationship only to walk away? As Fujitsu is now proving, it’s much more productive and cost-effective to work together in partnership across the entire solution lifecycle. An IA friendship for life, if you will.

Pete Shillito,
Practice Head,
Security & Business Risk Practice / Business Solutions,
Fujitsu Services



Top of Page

Related menu starts here

Driving Issues for the UK Government


Main menu starts here
End of the page