White Papers

10 Things to Consider When Evaluating Enterprise-level Software

If you work for – or ever have worked for – a company of any size, then you’ve most likely been involved in or affected by an enterprise-level software implementation project that either didn’t go to plan, took way longer than expected, or simply failed. It happens, a lot!

Having been involved in the design, development, and implementation of enterprise-level software for over 20 years, the following is a list of the 10 most important factors we feel you should consider when evaluating enterprise-level software for use in your business.

  • Data Availability, Privacy, and Security
  • Your Data Collection Requirements
  • Your Integration Requirements
  • Customizability
  • Multi-purpose – Where Possible?
  • Your Reporting Requirements
  • Language Requirements
  • Central, Corporate-wide Administration
  • Implementation Resources & Support
  • Pricing / Cost Model
enterprise-level software

1. Data Availability, Privacy, and Security

All enterprise-wide software projects are led, managed or at the very least approved (or denied) by your company’s IT department. So, don’t waste time evaluating a solution your IT department would never approve. First make sure the solution will meet the data access, privacy, and security needs of your business and your business’s IT gatekeepers and guardians!

If your company is considering deploying cloud-based software – SaaS or otherwise – there are a number of key factors that should be considered:

  • Will the software vendor be able to meet the technical due diligence requirements of your own IT department?
  • Does your company have an IT security risk assessment questionnaire, and will the solution meet those requirements (e.g. vulnerability, recoverability, data protection, virus & malware protection, intrusion detection, etc.)?
  • Do their hosting and data security practices meet the data security requirements of your own business and IT department?
  • Does the solution provider conduct (and can they provide evidence of) regular vulnerability and penetration assessments on their own software and server environments (i.e. both web interface and network infrastructure)?
  • Is accessibility protected against distributed denial-of-service (DDoS)attacks?
  • Does the hosting environment have redundant firewalls to protect against malware and intrusion?
  • Do their backups (and schedules), redundancy and disaster recovery practices meet the standards required by your own business’s IT department?
  • Do you know where (and in what legal jurisdiction) your data is stored and does that meet the data storage requirements of your business?
  • Is the solution hosted by a third party and if so, are they reputable and do they meet the needs of your IT department and business?
  • Do you know who has access to your data? Only service provider employees or third parties?
  • Are service provider employees that have access to your data vetted and are they bound by Codes of Ethics and non-disclosure agreements? Is your company’s data stored completely separately from that of other clients’ data and if not, what protections are in place to ensure data privacy?
  • Is the solution (and provider) compliant with the latest international data privacy regulations such as the EU’s General Data Protection Regulations or Canada’sPIPEDA?
  • Will the service level (uptime) meet the needs of your business and does the provider have a software service level agreement (SLA) for review by your legal team?
  • Has the database been designed for scalability?
  • Does the provider have – and can they readily provide copies of – their own data security policies and procedures including:
  • Antivirus Policy
  • Code of Ethics
  • Cross Border Personal Data Transfer Procedure
  • Data Protection Policy;
  • Data Protection and Audit Polity
  • Data Subject Access Request Procedure
  • Employee Code of Conduct
  • IT Disaster Recovery and Service Continuity Plan
  • Security Incident Response Procedures
  • Media Sanitation & Destruction Policy

2. Your Enterprise-level Software Data Collection Requirements

Ok, so let’s assume the solution being evaluated meets the data accessibility, privacy, and security requirements of your discerning IT department. Now, do the data collection capabilities meet the needs of your users – throughout your business?

The larger a business, the more likely they are multinational, multilingual, and – by nature – diverse. Similarly, the larger a business, the more likely there will be a need for multiple data input options (e.g. browser, app, paper) to meet differing needs, constraints, or limitations across your business and its user base.

Remember, some users may not have a company cell phone or device they can use for work. Some users may have connectivity issues (e.g. poor or no cell coverage, no Wi-Fi connectivity, limited or no internet access). Some users may face safety or security constraints (i.e. can’t use cell phones due to the risk of explosion, cleanrooms, etc.).

As such, an enterprise-level solution (especially one for activities like field audits and mobile inspections) should provide as many data input options as needed to meet the constraints/limitations of your business and all users needing to collect, manage and report data.

Some things to consider about data collection and entry:

  • Does the solution provider for all the data collection needs of your users?
  • Do all users have smartphones or devices (and are they willing/able to use them for work-related activities) and if not, what other data collection options are available?
  • Are there areas in your business where mobile devices cannot be used (e.g. cleanrooms, explosive environments)?
  • Do people work in the field and possibly in areas without cell, Wi-Fi or internet connectivity?
  • Is the solution’s app (for mobile use on smartphones and devices) readily available from primary app sources (i.e. iTunes, Google Play)?
  • Is there an additional cost to download/use the solution’s app?
  • Is there a browser-based data entry option for laptops, PCs, and internet-connected devices?
  • Will the operating systems of your users’ devices (i.e. iOS, Android, Windows) be compatible with the solution’s app?
  • Is there a need for printable, paper-based data entry using scan-to-email in areas without connectivity and/or where it is impractical to use devices, laptops, and PCs?

3. Your Integration Requirements

The lifeblood of any business today is data and the software solutions used to collect, collate, store and report that data. Given the specialized nature of most corporate-level software packages (finance, HR, safety, production, maintenance, etc.), rarely is all the enterprise-level data needed to manage business risk, performance, and compliance stored in a single database or even a single location.

Whether it is integrating to create enterprise-wide (and multi-data source) performance dashboards, enabling Single Sign-On (SSO) to your network environment, or linking with HR databases to avoid the time and cost of managing user data in multiple locations, it is very rare these days that an enterprise-level software solution is standalone.

As such, it is virtually essential that any solution you aim to use across your business can integrate with other enterprise software solutions for security, reporting, and overall efficiency reasons.

Some things to consider:

  • Does the solution provide for integration if needed?
  • If you expect to have a large user community (i.e. >100 users), can the solution integrate directly with your HR database, so you don’t have to update user details in both locations as it changes over time?
  • Can the solution accept periodic (even daily or hourly) data uploads (such as HR database updates or checklist dropdown lookup data)?
  • Do you want users to be logged in automatically when authenticated to your corporate network environment and if so, does the solution provide for Single Sign-On (SSO) using an assertion protocol compatible with your infrastructure?
  • Will you need data from the proposed solution to be available in other ERP or business intelligence reporting tools for corporate-level reporting (e.g. executive management, board reports)?
  • Will data from other ERP or corporate databases be needed for reporting in the proposed solution?

4. Enterprise-level Software Customizability

When evaluating an enterprise-level software solution for your company, another key factor to consider is customization and the needs of your own team compared to the features of the solution in question.

Of course, if customization is not possible, then you must make sure that the solution in question meets virtually all your foreseeable needs right ‘out of the box. If it doesn’t meet 100% of your needs, make sure that any needs not met i.e. features not available (especially reporting) are not critical to the success of your project.

If, as is the case with most enterprise-level solutions, customization is possible, make sure you understand what can be customized by your own project team and System Administrators and what must be customized by the solution provider themselves. Also, in instances where only the solution provider can customize, make sure the scope and cost for that customization are within your budget and ensure that the provider is responsive to your needs and that they can be met in a timely fashion.

Another key factor related to customization is reporting. While most enterprise-level software solutions now have a wide range of reporting options, the larger the business the more likely you will have unique and unavoidable reporting requirements not met by standard canned report options. From monthly Executive Management Reports to Department-Specific KPI reports, make sure the key data you need can actually be provided and if not, is custom reporting offered to meet your needs?

Lastly, and as it is unlikely any enterprise solution will even meet 100% of the needs of 100% of its users – and your needs will likely mature and change over time – you should ensure that at least some customization is possible even if not needed in the earlier stages of your project.

Remember though, when it comes to customization, increased customizability of a software solution typically means an increased level of user training and product knowledge will be required and thus there is ultimately a natural trade off (and inverse relationship between) customizability and ease of use.

Some things to consider with respect to customization:

  • Does the solution meet 100% of your project’s needs and if not, is customization possible?
  • If customization is possible, how much can your team (i.e. your team’s System Administrators) change on their own and how much must be customized by your solution provider?
  • If your solution provider must do some or all of the customization required, how much do they charge, is that within your project budget and how long will that customization take for delivery?
  • Does the solution provide custom reporting options if needed?
  • Is there a comfortable balance between customizability and ease of use for your team?
  • Can you customize the look and feel of the solution to match that of your company’s own logos and colors to increase user acceptance, uptake, and thus project success?
  • Are you able to customize and define the access privileges your users will need – enterprise-wide?
  • While some enterprise-level solutions let your Administrators define exactly where users have access and exactly what type of access (view, edit, delete) they have, many solutions only allow for the use of canned or set access privileges.

5. Multi-purpose – Where Possible?

There are many enterprise-level software solutions that have been designed for a single-use, activity or discipline and will only ever be used for that activity in your business. HR software and financial accounting software are typical examples. Regardless of the people or currencies involved, the processes – and software used to manage them – remain the same across your business. There is likely no applicability for HR or financial accounting software outside of the HR and Finance Departments.

This, however, is not the case for many other enterprise-level solutions and when considering a solution to solve your team’s (or department’s) problem, you should consider giving it the best chance of buy-in, support, and long-term success by choosing a tool that can easily be configured for your workflow and problem but that can also meet the needs of other teams and departments with similar workflows and problems.

Enterprise-level solutions for assessing, reporting, and managing compliance, risk or performance are a great example. The audit and inspection protocols/checklists may change depending on the discipline involved, but the process and workflow is essentially the same. You assess compliance, risk, or performance against a set of pre-determined questions or protocols and rectify/resolve/manage issues and non-conformances identified. The only thing that really changes is the questions and checklists themselves.

As such, when assessing the viability of a software solution to meet the needs of a discipline or department in your business, improve the probability of long-term success by ensuring that the solution you are considering will work for others like you across your business.

If, for example, you are looking for an enterprise-level audit and inspection management solution to improve risk, compliance, and performance, make sure the solution will work for all the audits and inspections needs of your business including:

  • Safety Audits (job site safety, behavioral based safety, food safety, etc.)
  • Incident Reporting & Investigations
  • Quality Assurance and Control Audits
  • Environmental and Sustainability Audits
  • Supply Chain Compliance Audits
  • Process Control Inspections
  • Cleaning, Inspection, and Lubrication (CIL) Inspections
  • Facility and Maintenance Inspections
  • Vehicle and Equipment Inspections
  • Loss Prevention Audits
  • Certification (ISO, GMP, etc.) Audits
  • Risk Assessments
  • Etc.

6. Your Reporting Requirements

Without a doubt, one of the most important factors to evaluate when considering enterprise-level software is reporting. Are you buying into a solution that has fabulous data entry options, a slick user interface, and end-user bells and whistles – but that has limited capability to report the data you have collected?

Beware – all software solutions are not created equal and one of the most important factors to consider is whether the solution will provide you – and all users in your business – with the data they need to actually improve compliance, performance, and risk management.

Some things to consider when it comes to reporting:

  • Can you create user-specific dashboards for your own metrics, analytics, and graphs or do you have to rely on canned/set reports?
  • Can you report across all audit/inspection data (regardless of where it was in the business it was entered) to get key metrics for your entire business in one view?
  • Does the solution include a business intelligence (i.e. Microsoft PowerBI, Tableau, etc.) analytics tool or do you have to export data or use external third-party reporting tools to generate the aggregated enterprise-level metrics, analytics, and reports you will need?
  • Does the solution allow for enterprise-wide data roll up and drill through reporting?
  • Can you report enterprise-level metrics, analytics, and reporting by:
  • Site (e.g. location, projects, store, lab, facility, etc.)
  • Site Groups (e.g. Business Units, Divisions, Regions, etc.)
  • User
  • User Groups (e.g. Safety Managers, Contractors, Shifts, etc.)
  • Checklist (i.e. audit, inspection, observation, etc.)
  • Question Sets
  • Questions
  • Answers

If the many reporting tools don’t provide what you need, or you have unique/custom reporting requirements, can (and will) the solution provider create custom reports for you?

Does the solution offer automated report subscription services that can email reports to those who are not licensed (or regular) users of the system (i.e. Executive Managers, C-level team members, etc.)?

7. Enterprise-level Software Language Requirements

Officially – or unofficially – most companies have a designated corporate ‘operating’ language used for company-wide communication and reporting. However, that doesn’t mean that most companies operate solely in one language.

In fact, many companies today – large and small – operate in numerous countries, cultures, and languages. So, when considering a software solution that will be used by many across your company, make sure it will work for all users regardless of language.

Furthermore, make sure that the solution doesn’t just offer a multi-lingual user interface but is truly multilingual and will allow your team to use the solution (e.g. complete and report audits or inspections) in their own language.

So, when considering an enterprise-level solution for your business, ask yourself these questions:

  • Is the product interface offered in multiple languages and those that your business needs?
  • Can you add your own languages and translations to the solution?
  • Can data be collected (e.g. conduct audits and inspections) in any language?
  • Can data be reported (e.g. report audit and inspection results) in any language?

8. Central, Corporate-wide Administration

Having been in the enterprise-level software industry for decades, we have been involved in hundreds of projects in dozens of industry sectors with companies that are large and small, national and multinational, and leaders and laggers.

Over the years, experience has proven that time and again, when it comes to successful enterprise-level software projects, they all have one key factor in common. They have clear objectives and are well managed to ensure those objectives are met.

Long-term project success will require that at least most of those involved contribute as they are required too but more importantly that the data you collect (for example to reduce risk, improve performance or ensure compliance) is consistent, comparable, and accurate both now and as your project develops.

So, when evaluating an enterprise-level solution you should ensure it has the administrative tools to define things like what data is collected and who has access to change data collection requirements and thus ensure you have a framework for data consistency, comparability, and accuracy.

Furthermore, for larger multinational, multilingual, multifaceted companies, while there will always be a need for corporate-level ‘top down’ direction and dictation of the data that must be collected to ensure corporate-level data consistency and comparability, an enterprise-level solution should also provide for country, region, or location-specific additions and modifications to those ‘corporate’ data collection requirements to ensure both the needs of the corporate centre and local operations can meet their reporting and management needs using the same solution.

Lastly, when it comes to the long-term success of larger enterprise-level software projects, an additional must is the ability for a central corporate-level project manager to define, administer and control the access and privileges that users (and teams of users have). Trust me, there is nothing worse than the project lead in the US deleting the last 3 years of data entered by the team in Europe by mistake because you couldn’t specify – exactly – who has access to what.

From corporate-wide audit and inspection checklists and thus data collection to user access and privileges, without the tools to manage and administer at a corporate level, it is unlikely that a software solution will remain effective or provide for consistent, comparable, and actionable data and reporting.

  • Are there features/tools that allow for corporate-wide data collection consistency and comparability?
  • Can the solution be configured to allow for local, regional, and national variations without compromising corporate data reporting requirements?
  • Can you administer user access privileges – exactly as needed?
  • Can your own team restrict/configure user access sufficiently to protect data privacy and allow user access for people and teams across your business to do what they need in the solution?

9. Implementation Resources & Support

If a well-managed project with clear objectives is a key driver of project success, then a close second would be a good start to the process itself. Nothing like hitting the ground running.

Just as projects without good leadership and clear objectives will most likely fail, projects that are not implemented well will likely struggle to meet your needs and eventually wither.

So, when considering an enterprise-level solution, ensure that the solution provider has a track record for implementing enterprise-level projects and can offer all the training, tools, and support (i.e. onboarding procedures, data upload templates, project reviews) needed to ensure your project will be a success from day one.

Some things to consider:

  • Does the solution provider offer support for initial project implementation and configuration?
  • Is technical support provided (free of charge) and can you submit support requests 24/7?
  • What onboarding/project implementation resources are available (e.g. onboarding procedures and/or implementation guides, training material, initial data upload templates)?
  • What support is offered by the solution provider (e.g. training, configuration, customization)?
  • Does the solution provider offer ‘test’ or ‘sandbox’ environments for the initial rollout testing, new releases, user-testing, etc.?

10. Enterprise-level SoftwarePricing / Cost Model

Obviously, when considering the purchase of (or subscription to) an enterprise-level software, price and budget are key factors to consider both now and as your project grows.

If your project is small or starts small, the price may not actually be a big factor or influence your initial decisions. However, when considering an enterprise-level solution (or one that may start small but could become enterprise-wide), be mindful of both the future expansion needs/possibilities of your project and ensure that the price moving forward doesn’t itself become a barrier to project success.

Enterprise-level solutions providers should offer volume discounts (and you should expect them) for larger projects and if your project is large (or expected to become large) you should also expect to be able to negotiate a ‘corporate’ license (i.e. unlimited users, sites, locations, data, etc.) for an agreed and fixed price. Remember that the solutions you choose to solve your problem today may also be applicable for other workflows, disciplines, departments, and users across your business in the future. So, make sure the pricing model for the solution of choice meets your budget and the needs of your project today but also as it possibly might grow in the future. The last thing you want is the growth of your project to be limited by a pricing model that becomes unavoidably costly down the road.

Some things to consider:

  • Are the costs (and the metrics used to calculate them) clear, understandable, and known?
  • Do you know what the costs for future expansion are (i.e. additional users, sites, etc.)?
  • Are you paying the same price as others (i.e. are prices publicly available and not inflated based on your company’s size or prospective user base)?
  • Is there an option for a reasonably-priced corporate license (e.g. unlimited users, unlimited sites, unlimited data, etc.)?
  • Is the solution provider bound by ‘most favored nation (MFN)’ clauses with other customers (meaning that they can’t offer you a discounted price without offering that same discount to existing customers) that will make the potential expansion of your project prohibitively expensive?

For more on Certainty Software’s Enterprise-Level Software, click here.