Obsolescence Risk Management Dashboard

Overview

Technology Risk and Compliance offers a dedicated obsolescence risk management dashboard. The dashboard provides a centralized overview with relevant KPIs for monitoring the progress of your risk management initiatives. It helps you stay informed and also facilitates better communication with various stakeholders.

All KPIs in the dashboard are calculated on a daily basis. They are also retained to provide a history of KPI trends through the timeline graph in the panel.

From the KPI panel, you can navigate to the inventory to review the fact sheets used to calculate a specific KPI by selecting it. However, not all subsets of fact sheets can be listed in the inventory with the available filters, especially those based on lifecycle filters. Therefore, there might be differences between the subset of fact sheets used for KPI calculation and those displayed in the inventory after selecting a KPI. These discrepancies do not impact the accuracy of the KPI calculation.

Inclusion of Fact Sheets for Calculation

In the obsolescence risk management dashboard, the following fact sheets are excluded from the calculations of KPIs related to obsolescence risk:

• Applications with the End of life life cycle state
• Fact sheets with the Draft or Rejected quality seal

However, IT component fact sheets with the End of life state are included in KPI calculations as active applications might still be using them.

Configurability of Dashboard Panels

The obsolescence risk management dashboard comes with four default panels and is not configurable. However, you have the option to create a custom dashboard based on it and add more panels relevant to your needs. To find out more, refer to Creating and Editing Dashboards.

You can include elements such as reports, to-dos, survey statuses, KPIs, and so on. By creating your own KPIs and adding them to the dashboard, you can encourage stakeholder participation, provide actionable insights for use cases, and display strategies and objectives. To learn more, see Dashboard Configurable KPIs.

Dashboard Panels

Applications - Unaddressed Obsolescence Risk

This panel offers an overview of the number of applications in your organization facing obsolescence risk. These applications are either directly or indirectly linked to IT components that are at End of life lifecycle state.

The Unaddressed Obsolescence Risk KPI indicates the current number of at-risk applications, while the subsequent KPIs project this risk into the future. This helps you to identify whether your organization is running into serious risk. Handling a few outdated components might not be too difficult. However, when the problem scales and hundreds of IT components are starting to be outdated, dealing with obsolescence risks becomes much harder. It is important to act promptly if the number significantly increases with the projected time.

The projected future count of at-risk applications may decrease if your organization is also sunsetting some applications currently posing an obsolescence risk.

Applications - Addressed Obsolescence Risk

This panel displays the number of applications with addressed obsolescence risk status. The count is determined by the number of applications supported by IT components with Risk Accepted or Risk Addressed statuses in the Obsolescence Risk Status field of the fact sheet. Applications with missing lifecycle information are also considered in the count, but applications in end-of-life lifecycle state are not included.

• Risk Accepted status indicates situations where you acknowledge the risks of outdated software or hardware as low and acceptable. This may apply to certain environments, such as testing or legacy systems.
• Risk Addressed status indicates that the obsolescence risk was deemed unacceptable, and you are taking required actions, such as technology upgrades, migrating to another application or IT component, sunsetting the application, and so on.

The Addressed Obsolescence Risk KPI indicates the current number of applications with addressed obsolescence risk status, while the subsequent KPIs show the projected risk in the future.

For the accepted risk, once it is acknowledged, the standard practice is to leave it as accepted. Therefore, Risk Accepted is not projected into the future, as those statistics are not relevant to addressing obsolescence risks.

Unaddressed Obsolescence Risk - Details

This panel contains the specifics of unaddressed obsolescence risks.

• Mission Critical Applications with unaddressed obsolescence risk in 24 months: This KPI displays all mission-critical applications facing unaddressed obsolescence risk within the next 24 months. If the count is greater than zero, it is crucial to investigate the affected applications and the responsible IT components.
• At least one IT Component End of Life / Phase Out: These KPIs show the applications with at least one of their IT components reaching end of life or phase out.
• End of Life / Phase Out IT Component with link to 5+ Applications (today): These KPIs show the count of IT components that have reached the end of life or are in phase out status and are used by five or more applications that are in active state.
• End of Life / Phase Out IT Component with link to 5+ Applications in 24 months: These KPIs show the count of IT components expected to reach end of life or phase out status within 24 months, and are used by five or more applications that are in active state.

Data Completeness

This panel serves to check the data quality crucial for assessing obsolescence risk. It considers the following parameters:

• IT Components with Lifecycle
• IT Components with link to Lifecycle Catalog
• Applications with Lifecycle
• Applications with link to IT Components
• Applications with Subscriber: Responsible
• Applications with Business Criticality