IIBA ECBA – Business Analysis and Strategy Analysis (IIBA – ECBA) Part 3

11. Exercise: Define Current and Future States

Exercise define current and future States after completing this topic, you should be able to recognize what’s involved in analyzing current state and defining future state. This involves the following task recognizing issues around current state analyzes data business Analysis analysts must consider recognizing the guidelines and techniques used in analyzing current state recognizing how stakeholders contribute to develop of the outputs of current state analyzes recognizing considerations when defining future state and finally, recognizing how guidelines and techniques are used when defining future state and identifying the outputs of the defined future state. Task the purpose of defining the current state is to understand the context and capabilities that are needed to meet business needs.

What elements should be considered when the current state is analyzed? Here you have the options business needs, organizational structure and culture capabilities and processes, organizational assets, policies, external influencers, accounting practices, or job security. Here you have the answer. Option one is correct. Business needs are derived from describing the problem and opportunities and organizational faces and is the starting point for business analysis work. Option Two this option is correct. The business analyst will assess the reporting, structure and communication channels in the organization and also determine whether any cultural changes are needed. Option Three this option is correct. A capability centric view takes into consideration the knowledge that the organization has and the process centric view addresses improvements that can be made to current activities. Option Four this option is correct.

By reviewing the business architecture, the business analyst can understand how the elements of the current structure fit together and how changes will affect the architecture. Option Five this option is correct. Current policies could limit certain actions, so business analysts need to take them into consideration when the current state is analyzed. Option Six this option is correct. The current state is impacted by external influencers which include macroeconomic factors, technology regulatory environments, suppliers, customers, competitors, and industry architecture. Option Seven this option is incorrect. Accounting practices do not form part of the elements that should be considered when the current state is analyzed.

Option Eight this option is incorrect. Job security isn’t one of the elements under consideration during a current state analysis. There are a few guidelines that can help business analysts analyze the current state. How are each of the guidelines used during the process of current state analyzes? Here you have the options. The business analyzed approach is used to guide the analysis of the current state. Organizational strategies are used to set goals and objectives. Solution performance goals are used to determine gaps between the current state and the desired state. Solution performance measures are used to guide the analysis of the current state. Solution limitation is used to set goals and objectives to guide the future state. And finally, Stakeholder analyzes is used to identify stakeholders who can contribute to the current state analyzes.

And here you have the answer. Option One this option is correct. In an adaptive approach, only enough effort is required to describe the current state in order to address changes. Option Two this option is correct by setting goals and objectives, an organization guides operations, establishes direction, and provides a vision for the future state. Option Three this option is correct. This guideline is used to determine the gaps between how the current state meets the goals and the desired state. Option Four this option is incorrect. Solution performance measures describe the performance of the existing solution. Option Five this option is incorrect. Solution limitation is used to provide insight into challenges of existing solutions.

Option Six this option is correct. Stakeholder analyzes identifies stakeholders who can provide information about and confirm the business analyst analyzes of the current state. Stakeholders are key to the current state analyzes how the operational and other stakeholders contribute to the outputs of a current state analyzes. Here you have the options the project manager uses current state information as input for planning. The sponsor can provide insight into performance of existing solutions. The domain subject matter expert provides insight into the current state and validates that a business analyst captured it correctly. The end user provides insight into issues with the existing solution beyond documentation and analyzes.

The regulator provides insight into how the current state complies with regulation. The customer performs the current state analyzes and finally, the regulator provides financial sponsorship. Here have the answers. Option One this option is correct. The project manager will use current state information to plan for the project as part of their contribution to the current state analyzes. Option Two this option is correct. The sponsor may have insight into the performance of the existing solution, such as how well is supported and does not support performance goals. Option Three this option is correct. The domain subject matter expert will also provide insight into what works and where there are issues. Option Four this option is correct.

The end user will provide information on how the current state works beyond the documentation, and the business analyst will confirm the current state through observation. Option Five this option is correct. The regulator can help the business analyst understand how the current state applies regulation and which regulation it does not support at the time of the analyzer. Option Six this option is incorrect. The customer contributes by providing information on how the solution is meeting their needs or need through customer satisfaction surveys and customer service records. Option Seven and the last One this option is incorrect. This isn’t a stakeholder contribution. The regulator will provide insight into how the current state applies regulation and which regulation it does not support at the time of the analysis. The future state is defined in order to describe the requirements for meeting business needs. Tagglers must understand and agree to the future state.

Which elements need to be considered when business analysts define the future state? Here you have the options business goals and objectives, scope of the solution, policies and constraints, organizational structure, culture and architecture, resources, assumptions, potential value, external influencers, and business needs. And here we have the answer. Option One this option is correct. Goals inform a statement of desired needs. Objectives describe what needs to be done to meet a goal. Option Two this option is correct. The scope defines which options can be considered. Option Three this option is correct. Policies are a common source of constraints on the future solution. Other constraints include budget and timeline restrictions, technology and infrastructure limitations, and limited resources. Option Four this option is correct.

Organizational structure and culture can have a big impact on the future state, and business architecture can support organizational goals and objectives. Option Five this option is correct. The business analyst will determine which current resources can be kept and which new resources are needed. Option Six this option is correct. Strategies are based on assumptions. The business analyst must identify and document the assumptions. Option Seven this option is correct. The potential value of a solution needs to be identified and evaluated to support the change to the current state. Option Eight this option is incorrect. This isn’t a consideration when defining the future state. External influencers have an impact on the current state. Analyzes option nine and the last one. This option is incorrect. Business needs wouldn’t be considered when defining the future state.

Business needs have an impact on the current state analyzes. The task of defining the future state will have various inputs. What are the outputs business analysts can expect when they define the future state? Here we have the options business objectives, future state description, potential value, current state description, and business requirements. And here we have the answer. Option One this option is correct. Business objectives will provide guidance on how the desired future state can be achieved. Option Two this option is correct.

The future state description includes desired capabilities, policies that may need to be added or changed, resources and infrastructure that will be required, and dependencies and external influences that apply. Option Three this option is correct. The potential value of the proposed future state will be included as an output. Option Four this option is incorrect. The current state description is an output of defining the current state. Option Five the last one this option is incorrect. Business requirements are an output of the current state definition.

12. Assess Risks: Inputs and Elements

Assess risk inputs and elements. After completing this topic, you should be able to recognize considerations that are relevant when performing a risk assessment. The purpose of the task assess risk is to identify negative consequences of implementing the change and manage those risks. The inputs include influencers, both internal and external elicitations results, business objectives, the potential value of the solution, and prioritized requirements and designs. The task is to assess those risks using various techniques and the output is risk analysis results. There are some risks that are unknown or can be known.

The business analyst will work with stakeholders to identify those risks that are known or in the current state, but also brainstorm for possible risk by asking what if questions. For example, what if the customer doesn’t use the new online purchasing app? Constraints could be risk to the new state. For example, constraints related to the technology could limit a solution that will realize value. Assumptions may be restated as a risk. The assumption may be that the end user will adopt the solution within a certain amount of time. But what if they don’t? There are three interlinked areas inputs, tasks, and outputs.

The task assess risk, has the inputs influencers elicitation results, business objectives, potential value, and prioritize requirements and design. The output is the risk analyzes results. Dependencies may limit the realization of value, especially if value is related to the timing of the solution. For example, if a new operating system is the dependency for the new technology and is late, the organization may be at risk of missing a seasonal market opportunity. Events may also negatively impact value. For example, if there is a weather like incident, like a flood or something, or a tornado. There are three primary organizational attitudes toward risk. High tech companies tend to be risking. They want to come up with the latest gadget in the market risk neutral attitudes except that there is a risk as long as the resulting issue doesn’t impact revenue or cost. Sources of risk are unknowns. Constraints, assumptions, dependencies, and events that may negatively impact value.

Risk adverse organizations, such as banks do not accept much risk unless there is a good mitigation plan. Risk averse organizations will avoid risk or accept a lower value from the solution. To mitigate the risk, the business analyst will come up with a course of action. Possible recommendations include pursuing the change regardless of the risk when the benefits outweigh the risk. This is true when a new product is expected to exceed the value provided in the market to customers, for example, when the smartphone was introduced to the market. Another course of action could be pursuing change while investing in risk reduction. This includes a mitigation strategy. For example, if the product is very new, holding a focus group early will help mitigate the risk of customers rejecting a product. Another course of action is to identify ways to increase benefits versus risk.

Using prototypes and usability testing will help identify if the user interface is providing value and where it is not. Managing and optimizing opportunities is one way of managing risk or the organization could not pursue the change at all. Organizations are either risk seeking risk neutral or risk averse. Possible recommendations include pursuing change regardless of the risk, pursuing change while investing in risk reduction, identifying ways to increase the benefits versus the risk, managing and optimizing opportunities, and not pursuing the change.

13. Assess Risks: Guidelines and Techniques

Assess risk guidelines and Techniques after completing this topic, you should be able to recognize how guidelines and techniques are used when assessing risk. The following guidelines and tools will help during risk analysis the Business Analyst approach contains information on how the business analyst will will analyze risk. Business policies define the limits within which decisions must be made, and may govern how risk is managed.

Change strategies are planned for transitioning from the current state to the new state. A risk assessment of potential issues must be conducted to reduce and manage risk, especially during this crucial time. Risk analysis should be conducted on the current state to identify any risk that may affect the future state. The future state description will include a risk assessment. Identified risks are used to conduct a thorough risk assessment that determine mitigation or other risk approaches based on the organization’s risk tolerance. The Stakeholder Engagement approach contains information about risk associated with stakeholder collaboration.

The following techniques are used to assess risk financial analysis is used to determine the cost of risk and the financial value of a solution. Root cause analysis is used to determine the underlying reasons for the risk. Mind mapping is a brainstorming technique used to identify and categorize potential risk and the business case describes and rates the risk of each solution.

Option guidance and tools include the business analysis approach, business policies, change strategy, current state description, future state description, identified risk, and a stakeholder engagement approach. There are four categories of techniques analyzes, group techniques, tools and document reviews. Analyzing involves decision analysis, financial analysis, risk analyzes and management and root cause analyzes. Group techniques involve brainstorming, interviews, surveys and questionnaire, as well as workshops. Tools involve the use of mind mapping. Document reviews relate to the business case, lessons learned and document analysis.

14. Assess Risks: Stakeholders and Outputs

Assess risk stakeholders and outputs. After completing this topic, you should be able to recognize the role of stakeholders play in assessing risk. These stakeholders provide input to the risk assessment because of their experience and knowledge of the area under analyzes. The domains subject matter expert is a critical contributor to the risk assessment. The tester will assess risk associated with the verification and validation of the solution. Operational support will identify risk to the support of the solution. The project manager assesses risk to the project and provides inputs to the business analyzes risk assessment of the solution and to change strategy. The sponsor needs to understand the risk in order to make informed decisions.

The implementation subject matter expert provides insight into the risk associated with the design, development and release of the solution. The regulator identifies risk associated with legislation impact to the solution and risk assessment should be conducted on suppliers to identify risks such as length of time the vendor has been in business or the vendor’s financial status in the market.

The following are outputs of the risk analysis risk associated with the future state, strategies for mitigating risk and strategies that can prevent risk, reduce risk impact and reduce the likelihood of the operational stakeholders include the domain subject matter experts who provide input to risk assessment the tester who identifies risk related to verification of change strategy operational support, who helps identify risk and their impact and the project manager, who helps assess risk and the sponsor who needs to understand risk.

Other stakeholders are the implementation subject matter expert who provides input to risk assessment, the regulator who identifies risk arising from complying with laws and the supplier. There may be risk related to the using of particular suppliers. The risk analyzes outputs are the risk associated with future state and strategies for mitigating risk. The strategies can prevent risk, reduce risk impact and reduce the risk likelihood.

15. Exercise: Performing a Risk Assessment

Exercise. Performing a Risk Assessment after completing this topic, you should be able to recognize what’s involved in performing a risk assessment. This involves the following task recognizing considerations that are relevant when performing a risk assessment, recognizing how guidelines and techniques are used when assessing risk, and recognizing the roles that stakeholders play in assessing risk. The assessed risk task will be performed based on a number of inputs and provide a business analyst with risk analyzes results as output. What are the inputs to the assessed risk task? Here you have the options influencers, confirm, elicitation results, business objectives, potential value, prioritized requirements and designs, policies and constraints and resources.

Option One this option is correct. Both internal within the organization and external influencers outside of the organization should be considered. Option Two this option is correct. You should use elicitation results as an input when assessing risk. This will give you an understanding of what the various stakeholders see as risk to reaching the desired future state. Option Three this option is correct. Business objectives is an input to the accessories task and describe the desired direction needed to achieve the future state. Option Four this option is correct. Potential value is one of the inputs of the assessed risk task and describes the value to be realized by implementing the proposed future state. Option Five this option is correct.

When a risk assessment is being performed, prioritized requirements and designs are an input to be considered. Depending on their priority, requirements will influence the risk to be defined and understood. Option Six this option is incorrect. Policies and constraints are not an input to the assessed risk task. Policies are a common source of constraints on the future solution. Option Seven this option is incorrect. Resources are not an input to the assessed risk task. Resources are an element that needs to be considered when defining the future state. By performing a risk assessment, the negative consequences of implementing change can be identified and managed. What are sources of risk? Here we have the options announce constraints, assumptions, dependencies, events that may negatively impact value, benchmarking and organizational strategy. What do you think? Option One this option is correct. Some risks are unknown.

Business analysts will work to identify those risks that are known by asking what if questions. Option Two this option is correct. Constraints like technological limits can be risked to the new state. Option Three this option is correct. Assumptions can be seen as risk since the wrong assumption can be made. Option Four this option is correct. Dependencies are risk because they can limit the realization of value, especially if value is related to the timing of the solution. Option Five this option is correct. Certain events like bad weather, can have a negative impact on value. Option Six this option is incorrect. Benchmarking is not a source of risk. It is a tool used when defining the future state. Option Seven this option is incorrect. Organizational strategy is not a source of risk. It is part of the toolset for the current and future state analyzes.

When a risk is encountered, a business analyst will take a course of action to mitigate the risk. What courses of action can be taken when there is a risk involved in pursuing change? Here you have the options pursue the change while the benefits outweigh the risk. Pursue the change while investing in risk reduction. Identify ways to increase the benefits over the risk. Manage and optimize opportunities. Do not pursue the risk. Purse the change even when there are no benefit and finally, avoid risk by avoiding change. Option One this option is correct. When benefits outweigh risk, such as when a new product is expected to exceed the value provided by the market to customers, the change can be pursued.

Option Two this option is correct. The change will be pursued, but the organization will also include a mitigation strategy to reduce the risk. Option Three this option is correct. An organization can employ various means, including testing and prototyping, to increase the benefits of the risk. Option Four this option is correct. An organization can manage and optimize opportunities to mitigate risk. Option Five this option is also correct. In some instances, the chance will not be pursued because the risk is too high. Option Six this option is incorrect.

While change may be pursued even if there are risk, this is only done when the benefits of the change outweigh the risk. When there are no benefits, only risk, pursuing the change would be a bad idea. Option Seven this option is incorrect. Change is a necessary part of business operations. Other courses of action should be taken to mitigate risk. When business analysts perform a risk assessment, they can use different guidelines and techniques to help guide them through the process. How are these guidelines and techniques used when assessing risk? Here we have the options. The business analyzes approach provides information on how to analyze risk. The current state is analyzed for risk that may affect the future state.

The cost of risk and the financial value of a solution is determined through financial analysis. Change is not pursued when the risks are too great. Metrics and key performance indicators are used to determine if desired results are achieved. And lastly, mind mapping is used to identify and categorize potential risk. And here we have the answer. Option One this option is correct. The business analyzed approach is a guideline for assessing risk. It provides the business analyst with information on how to analyze the risk the organization faces. Option Two this option is correct. One of the guidelines for assessing risk is that risk analysis should be conducted for the current state to identify risk that may have an influence on the future state. Option Three this option is correct. One of the techniques used for risk assessment is financial analysis. By determining the cost of risk and the financial value of a solution, business analyst can obtain a better perspective on the financial implications of certain risk. Option Four this option is incorrect.

Avoiding risk is a course of action to mitigate risk, not a technique for assessing risk. Option Five this option is incorrect. This is a technique used when defining the future state. It doesn’t contribute to risk assessment. Option Six this option is correct. Mind mapping is a brainstorming technique that can be used for risk assessment. Business analysts use it to identify potential risk and categorize them in order to gain a more structured understanding of the risk involved with a specific course of action or solution, business analysts can expect outputs once they assess risk task has been performed. What are the outputs of a risk assessment? Here have the options risk associated with a future state, strategies for mitigating risk, strategies that can prevent risk and reduce risk impact and likelihood business objectives to help achieve the desired future state.

And lastly, a description of the current state. And here you have the answer. Option One this option is correct. An understanding of the risk associated with achieving the future state is an output of the assessed risk task. Option Two this option is correct. Once the risk assessment is performed, one of the outputs will be strategies for mitigating risk. Option Three this option is correct. Strategies to prevent risk and reduce risk impact and likelihood will be outputs of the risk assessment. Option Four this option is incorrect. The business objective is an output of a future state description. And lastly option Five this option is incorrect. A current state description is an output of current state analyzes you.