TechPar Group Thought Leadership
Navigating the New Normal with Enhanced Enterprise Risk Management (ERM)
Yan Cheung, Yosef Levine


The onset of the COVID-19 pandemic and the unprecedented impact on everything that we considered normal was unimaginable. Today’s environment is one not only of heightened risk, but of prolonged uncertainty. The pandemic has not only disrupted everything that was once considered normal but is also forcing us to navigate through the recovery period and further build a new normal in the post-crisis world. Leaders will need to examine the depth, strength and resilience of current operations and future plans within the context of Enterprise Risk Management (ERM) to enable processes to thrive under new, unforeseen challenges.

Click here to view / download the full published version of "Navigating the New Normal with Enhanced Enterprise Risk Management (ERM)"
Mixing it Up — Banks and Bitcoin
Avrohom M. Gluck


The traditional banking industry is rapidly evolving based upon advances by Fintechs focused on the cryptocurrency space. These changes may prove to be far reaching. Here is an article by a TPG associate that sheds light on the shifting tectonic plates which support the banking world.

Click here to view / download the full published version of "Mixing it Up — Banks and Bitcoin"
Digital Transformation and the COVID-19 Pandemic
Charles Popper


Companies, governments and individuals around the world today are fixated on the COVID-19 pandemic and its aftermath.   We all need to restore the global and national economies as we continue to protect the health of citizens.  Some companies are laser-focused on averting failure and bankruptcy; others are looking ahead to and planning for the post-COVID ‘new normal.’  Individuals are trying to understand how to balance their health, social and economic well-being.

Click here to view / download the full published version of "Digital Transformation and the COVID-19 Pandemic"
Secure by Design
Alex Berson


The complexity, variety, speed and profoundly negative impact of traditional and especially emerging cybersecurity threats forces organizations to adopt new defensive and preventive approaches, both at the infrastructure and at the application and data design levels.

Traditional cybersecurity concerns have drastically evolved and today address not just enterprise perimeter, network and platform security, but newer designs of containers and microservices, newer environments such as big data platforms and cloud, managing identities of new user types – people and devices – that emerged as a part of Internet of Things (IoT) ecosystem. Seemingly endless and very impactful regulatory changes not only elevate privacy concerns to the new heights but provide a strong motivation to merge privacy and security into one large, complex and trustworthy domain.

This white paper discusses these profound changes in cybersecurity defenses and threats, and describes a new approach to cybersecurity – Secure-by-Design – where cybersecurity is everybody’s responsibility. Secure-by-design principles state that cybersecurity is designed into systems, devices, platforms etc. from the inception, from defining business and technical requirements onto every step of the development and operational lifecycle.

Click here to view / download the full published version of "Secure by Design"
RPA Solutions and Services for Care Delivery Organizations
Jeff Cameron


Care delivery organizations are faced with unprecedented challenges to meet care delivery
demand. Tactically, streamlined and efficient operations can bring 30%-40% savings using
available automation solutions. Strategically, there is an increasing demand for care delivery
services. These increases are being driven by population increases, expanded insurance
coverage and the expected increases in the aging population. Additionally, there is shortage of
qualified care delivery professionals. Automation is a necessity to address today’s issues and to
provide adequate medical care to a growing population.

Click here to view / download the full published version of "RPA Solutions and Services for Care Delivery Organizations"
Improving the ROI on Business Process Robotics
Dr. Philip Pyburn


Business process robotics has been described by some as the next big thing in process automation. According to its proponents, the technology promises to transform clerical and operational functions by automating repetitive manual processes and dramatically reducing headcount while improving the customer experience. In an interview with The Financial Times, Jamie Farese, the CEO of Citi’s Institutional Clients Group predicted that robots (or just “bots”) would eliminate more than 20,000 jobs over the next several years in his organization alone.

For many organizations, however, the promise of robotics to transform business processes is not being realized. In part this is the result of unrealistic expectations driven by the hype surrounding the technology and a misunderstanding of what business process robots can and cannot do. But it is also the result of an incomplete robotics strategy, an unfocused robotics plan and haphazard identification of robotics target opportunities.

In this article we try to get beyond the hype and explore reasons why robotics technology hasn’t met with universal success. We also describe some things that can be done to improve the ROI on your business process robotics investment.

Click here to view / download the full published version of "Improving the ROI on Business Process Robotics"
Blockchain and Ledgers and Cryptos – Oh My!
Dr. Philip Pyburn


The basic concepts behind blockchain are relatively straightforward: a distributed database (the “ledger”) that maintains a complete transaction history on multiple nodes of a network.

Confusingly, much that has been written about blockchain conflates this simple concept with the applications of blockchain to things like cryptocurrencies (Bitcoin, Ethereum, Ripple etc.), smart contracts, trans-border payments, and securities settlements. In this article, we will try to clarify the differences and provide a high-level understanding of how blockchain works.

Click here to view / download the full published version of "Blockchain and Ledgers and Cryptos – Oh My!"
The Healthcare IT Landscape for 2011 and Beyond
Charles Popper, Tom Colberg


Health care is undergoing major change in response to pressure from numerous directions. Some of the drivers are forcing change upon the health care system, such as the realization that the cost to society of US health care as a whole is unsustainable. The good news is that there are also many change drivers that can properly be regarded as enablers, such as advances in information technology and new business models based on quality and accountability for outcomes.

Click here to view / download the full published version of "The Healthcare IT Landscape for 2011 and Beyond"
Master Data Management and Customer Data Integration for a Global Enterprise, 2/E
Alex Berson, Larry Dubov


Gain a complete and timely understanding of your customers using MDM-CDI and the real-world information contained in this comprehensive volume. Master Data Management and Customer Data Integration for a Global Enterprise explains how to grow revenue, reduce administrative costs, and improve client retention by adopting a customer-focused business framework.

Learn to build and use customer hubs and associated technologies, secure and protect confidential corporate and customer information, provide personalized services, and set up an effective data governance team. You’ll also get full details on regulatory compliance and the latest pre-packaged MDM-CDI software solutions.

Click here to view / download the full published version of "Master Data Management and Customer Data Integration for a Global Enterprise, 2/E"
Database Access, Security, and Auditing for PCI Compliance
Le Grand, Charles and Sarel, Dan (2008) 'Database Access, Security, and Auditing for PCI Compliance', EDPACS, 37:4, 6 - 32. DOI: 10.1080/07366980802063582
Charles H. LeGrand, Dan Sarel


Now eight years into the aught decade, we ought to be proficient with the controls, monitoring, risk management, and governance needed to prevent and detect the debacles that ushered in the Sarbanes Oxley act of 2002. And we should have a pretty good idea how to protect against Internet attacks and identity theft. But while you are considering that, remember the “Billion Dollar Bubble” or Equity Funding scandal (the first major so-called computer fraud) was started in 1964 and brought the company down in 1973. And the first major electronic privacy legislation was the Privacy Act of 1974 following revelations of privacy abuse during the Nixon administration.

We are in a seemingly endless race to protect our information, systems, and communications before the bad guys can bring us down—and preferably before onerous legislation forces us into rigid requirements about how to solve problems. We have built some spectacular information infrastructures, and left enough holes in them to present an inviting target to those who would hijack systems and data for fun or profit. Now, while the technology capabilities continue to expand, we are trying to plug the holes in our existing systems while hoping the new systems we implement will not create the next wave of vulnerabilities and attacks.

Click here to view / download the full published version of "Database Access, Security, and Auditing for PCI Compliance"
Roots of the 2008 Financial Crisis
Prior Publication Notice:
Robert Mankin


“On one side of the table sat Treasury Secretary Henry Paulson, flanked by Federal Reserve Chairman Ben Bernanke and Federal Deposit Insurance Corp. Chairman Sheila Bair.

On the other side sat the nation’s top bank executives, who had flown in from around the country, lined up in alphabetical order by bank, with Bank of America Corp. at one end of the table and Wells Fargo & Co. at another.

It was Monday afternoon at 3 p.m. at the Treasury headquarters. Messrs. Paulson and Bernanke had called one of the most important gatherings of bankers in American history. For an hour, the nine executives drank coffee and water and listened to the two men paint a dire portrait of the U.S. economy and the unfolding financial crisis. As the meeting neared a close, each banker was handed a term sheet detailing how the government would take stakes valued at a combined $125 billion in their banks, and impose new restrictions on executive pay and dividend policies.

Click here to view / download the full published version of "Roots of the 2008 Financial Crisis"
Achieving High-Quality Software Systems: A Comprehensive Approach to Testing and Validation
Copyright © 2004 by the President and Fellows of Harvard College. Posted with permission of Harvard University
Charles Popper


In the twenty-first century, when software has become a key force in daily life and its malfunctioning can threaten the public health, safety, and economic well-being, the challenge is to ensure that the quality of software systems is the highest possible. This report presents an approach to analyzing poor quality software systems, by examining their effects, the nature of their defects, and the causes of these defects. A broad theory of quality management is applied to evaluating the quality of software, and broad concepts of total quality management and six sigma are related and applied along with such concepts such as the prevention and detection of defects and estimations of reliability.

Four principles of high-quality software are developed. The first principle is that metrics for the evaluation of quality and other, associated targets need to be defined for each stage of the development life cycle for software. Second, a method for the management of quality is essential to keep the process of improvement going forward. Third, experience, expertise, and training in the planning and use of testing procedures focused on quality also are essential. And, fourth, whether or not a software system meets its requirements should be determined by independent agents-neither the developers, who were paid to produce the systems, nor the technology vendors, who sell off-the-shelf products, have the objectivity required for impartial review.

The report concludes with an analysis of the benefits of a good, comprehensive program for testing the quality of a software program, in particular, the benefits of using independent experts to manage the quality of the program.

Click here to view / download the full published version of "Achieving High-Quality Software Systems: A Comprehensive Approach to Testing and Validation"
Holistic Framework for IT Governance
Copyright © 2000 by the President and Fellows of Harvard College. Posted with permission of Harvard University
Charles Popper


The challenge of governing an enterprise’s Information Technology (IT) function, although of interest within the IT community for years, has recently become a concern of senior business management. Strategic alignment of IT with the business is now being emphasized, as well as approaches to management of the IT portfolio, yet efforts so far have not attained the alignment and integration senior management want. An approach to management of IT is needed that is inclusive-with a scope that truly reflects the range of activities and responsibilities of IT-and specific. This report offers such an approach to IT as a holistic framework that addresses three primary objectives: (1) it fosters strategic and tactical alignment of IT with the business; (2) it relates the cost of IT to the value brought to the business; and (3) it supports a drive toward operational excellence.

Click here to view / download the full published version of "Holistic Framework for IT Governance"