Over the past several years, the COVID-19 pandemic brought dramatic growth for many companies in the technology sector, but a lot of it was unorganized. Today, as the pressure eases, tech executives are revisiting business plans, assessing their enterprise risk management (ERM) practices, evaluating cybersecurity and data governance policies, and bringing accounting and back-office processes up to date. If your company has put off some of these more complex business problems “for another day,” here’s four things you should be doing now to be ready for the opportunities and challenges ahead.
1. Review your plan for global expansion
Whether it’s selling to customers worldwide or employing talent from another country, tech companies have a huge advantage when doing business over large distances. But cross-border business also brings with it a unique set of challenges that must be addressed in a controlled manner. If you’re “thinking global,” the all-important first step is to develop a strategic plan, validate the plan, execute, and revisit and adjust the plan as necessary.
The top item on the plan for many tech companies is finding and recruiting top talent in other countries. Many companies start with independent contractors — often using employment agencies to help with recruitment and compensation — but as the operations reach a critical point, they want to employ workers and set up a permanent office and tax presence in those countries. This calls for the creation of a legal entity and business structure that ensures the laws and business regulations of the foreign country are met. Planning early will help mitigate risk and accelerate your growth when that day comes.
Depending on your products, your company may also aspire to expand its marketplace internationally. If global expansion is part of your strategy, now’s the time to plan how you’ll manage and structure it and set up the business and data governance framework necessary to be in compliance from day one.
2. Ensure your enterprise risk is properly managed
Whether your ultimate goal is an IPO, a private sale, or building the business organically, enterprise risk management— the process of managing your operational, financial, and strategic risk — is essential to protecting your company’s assets and operations today, while being prepared for whatever may come tomorrow. Start with an ERM assessment — a “fresh eyes” approach to uncovering potential unseen internal and external risks to your strategic objectives — and address them through standardizing practices, policies, and procedures.
Answer these questions when evaluating your risk factors:
- Resources: Do we have adequate resources to deploy our strategic plan? Do we have the right headcount? Do we have the right mix of talent and experience to staff our future roadmap?
- Efficiency: Are we using our resources efficiently and optimizing throughput and output?
- Products: Do our products function as designed? Are they adequately tested and vetted from a user experience and security standpoint?
- Back office: Are our operations and controls up to standard? Are we compliant with required auditing and disclosure requirements such as Sarbanes-Oxley? Are we adequately addressing our books, records, accounting, and reports for investors?
- Competition: Do we fully understand our competitive landscape? How do we measure up to our competitors? What are their barriers to entry? Are there other entrants out there we’re not factoring in?
- Supply chain risk: Does our company outsource critical inputs, infrastructure, or staff? What will we do if key vendors or critical services are lost?
- Environmental, social, governance (ESG): Are we aware of how ESG factors may impact our business? Do we have an ESG program? If not, do we have a plan to get started?
3. Be ready for merger and acquisition opportunities
Whatever your current strategy for growth or exit, it’s likely at some point your company will be involved in a sale, acquisition, or merger. Are you ready? Given the rapidly changing business environment, opportunity could come sooner than you think. If your business isn’t properly structured, it can get very expensive to reorganize it during negotiations. It’s far better to “pay it forward” now — when opportunity knocks, you’ll pass your due diligence with flying colors. If you’re looking for the perfect acquisition, having standardized business processes will make your company more attractive to potential sellers. And it will substantially reduce your post-merger integration headaches (and costs) while increasing your chances of a successful combination.
4. Stay up to date with cybersecurity best practices and data privacy regulations
The final area of focus should be your company’s computer information systems and governance of the data under your control. It’s critical to understand what data you have, the risks associated with holding the data, and any contractual requirements you may have. You should ensure your company meets all compliance-related reporting requirements such as SOC examinations, ISO certifications, or HITRUST assessments when storing, transmitting, or processing customer data, and PCI reporting when processing and storing credit card data.
If your products or services utilize customer data, there’s an expanding array of privacy regulations to consider. Many companies don’t think of data protection laws until late in their product development cycle only to find themselves faced with expensive retrofits to ensure compliance.
Lastly, is your organization adequately prepared for a cybersecurity incident? Do you have a plan in place to immediately respond? Time is a vital factor in reducing the impact of a data breach or ransomware attack and minimizing the length of time it takes to normalize operations. It’s imperative that your staff know what their roles are and that they’re trained and exercised on the cyber incident response plan so they can respond effectively.
Adding it up
How does your company rate on these important business factors? Depending on your size and the stage you’re at in the business life cycle, there may be work to do in some of these areas — or all of them. Being nimble and able to respond to changing market dynamics will help you run a better organization and be prepared to seize opportunities that come your way.
