Memocule sales staff co-ordinate the evaluation and bring in appropriate internal technical and management resource as required. The intention of this first part of the process is to:

1. Identify Memocule as the chosen supplier
2. Scope any required customisation

Once this step has been reached, we would then progress to Technical Due Diligence and Licensing & Pricing. These two steps are typically conducted in parallel. Having successfully passed due diligence, and agreed terms, we would then proceed to implementation.

Memocule has a formal process to assist Enterprise IT departments in conducting technical due diligence. The process often begins with Memocule answering an IT provided questionnaire. In the absence of this, and also as additional supporting information, Memocule can also provide the following elements:

Technical Review

Memocule staff from the Architecture & Operations Groups can conduct overviews with your own Architecture, Operations, and Standards IT staff as appropriate. All briefings and presentation materials made available are provided under strict NDA only.

IT Policy Documents

A set of ISO27001 policy documents is available upon request, commercially in confidence.

• Acceptable Use of Internal Systems
• Application Security Standards
• Asset Control
• Bring Your Own Device
• Business Continuity
• Clear Desk
• Data Backup
• Encryption Standards
• Incident Response
• Information Classification & Retention
• Information Security
• Network Security
• Passwords
• Personnel Onboarding and Termination
• Privacy (UK + EU GDPR, California CPA)
• Remote Access
• Security Training
• Security Patches
• User System Access
• Version Management
• Virus Prevention
• Vulnerability Management

Penetration Testing

If required, Memocule has an established process to work with your IT department directly, or a third party specialist organisation under your direction. The first step is to arrange a scoping call with Memocule Architecture and Operations groups to determine timescales and scope. Typically actual testing will occur over a one week period, with a review of findings after that. For ethical hacks, a separately maintained shadow system is used.

Findings are commercially in confidence between the client, testing organisation, and Memocule.

ᮿ Memoplan Methodology

A successful implementation is critical to both Memocule and our clients. To help achieve this, we use an established methodology - Memoplan - to ensure that both technical complexities and the introduction of new business processes do not derail the project.

Governance, Change Control & Reporting

Governance is a core part of this methodology with regular, formal reporting. The reason we emphasise this is because too often relying upon informal channels of communication can create confusion and delay. This is not to say such informal channels are not important - indeed, little work would ever get done without them - but they are not sufficient by themselves.

Every Monday, we provide a status report on the project, which is sent to all working parties, with the expectation that any errors or omissions are corrected within 48 hours. On the following Wednesday, that confirmed report is sent to all stakeholders. We believe it’s important that full, direct and clear communication with stakeholders is essential to ensure any required escalations are timely and diplomatically handled. This is the document of record for the project.

In terms of stakeholders, this includes senior management from Memocule and from the client should include an executive sponsor(s), and a user council made of up not solely of management, but of actual end users too. 3-5 individuals is a good size to both capture a diversity of opinion, yet remain manageable.

New Process Introduction & Advocacy

This is mainly managed by the client, but Memocule can help in a supporting role, drawing upon our experience with change management. This is a key focus for both the executive sponsor and the user council.

A user council should be formed from the very beginning and take an active role in specifying the system. This is not just to gain their insight and skills in the design phase, but crucially to gain their buy-in to the entire process - they need to feel they designed the solution themselves - not that it was something imposed upon them.

Customisation

Led by Memocule, we take an active advisory approach to ensuring the best and most effective customisations are built. We don’t believe simply saying “yes” to any request, if it is not in the best interests of the client from our experience. The evaluation process will have created a statement of work for this, but it is likely further changes will occur to the requirements.

Systems Integration

This is led by Memocule, but in conjunction with IT to integrate with existing systems, including single-sign on requirements.

User Provisioning

This is led by the client, supported by Memocule, and typically dependent upon the systems integration sub-project providing any required authentication and access integrations.

Data Migration

This is led by Memocule, supported by the client. Two main areas of focus are:

1. Data quality. There is an opportunity to improve this, and few enterprises can claim 100% quality.
2. New functionality. Often data analysis uncovers new requirements not captured in the initial scoping exercise.

Cutover & Training

The cutover, which may be phased, is best viewed as a project in its own right and typically shared between Memocule and the client. It can be a high stress time, but with diligent planning and pre-cutover testing, should be a smooth process.

Training is normally handled on a “train the trainers” basis, and also links heavily into New Process Introduction and Advocacy sub-project.

Review & PR

For Memocule, the project is only successful once our client has seen clear business benefit in the implemented system. Nothing gives us more pleasure than to participate in a joint press release telling the market how much this has improved your business.