Five Reasons Why You Should Audit RPA
You’ve finally moved your Robotic Process Automation (RPA) software robots (“bots”) out of their proof-of-concept (POC) trials and into production. Although many people at this point wipe the sweat off their brows and think their jobs are over, they’re mistaken. That’s because after production it's essential to continue monitoring your bots to make sure they’re performing as intended.
This monitoring or auditing should take place at regular (and frequent) intervals—once every six months is not enough.
An increasingly easy technology to deploy
RPA automates digital business processes, taking the weight of repetitive tasks off human workers. With the maturing of technology, RPA bots have become simpler and easier to configure. Today, almost anyone can be trained to automate basic manual tasks.
Bots can copy and paste data between applications, cross-reference and reconcile data between disparate systems, and even make decisions based on rules you set for them. When combined with artificial intelligence (AI), RPA can learn using real-time data and do even more sophisticated things such as onboarding new employees or delivering customer-facing support. In that way, RPA often serves as an intermediary step to much larger—and more mission-critical—initiatives based on machine learning, deep learning, natural language processing, or other forms of AI.
As such, RPA delivers significant value: increased productivity, happier employees, better quality, and speedier and more agile completion of processes. Small wonder recent research shows that 48% of companies plan to increase RPA spending over the next 12 months. Even so, there are potential associated risks to consider.
Be on the lookout for these issues
To realize the full value of RPA, you also need to regularly audit your bots. There are five potential risks that you should be watching for when checking whether the bots are performing as intended.
#1 Not enough (or unevenly applied) governance
If you have a decentralized or business-led RPA model, you run the risk that formal governance procedures—rules for making sure bots are created to comply with internal and regulatory standards—haven’t been formulated or are being applied unevenly across the various business units and divisions. In many cases, it’s a communications issue: different groups of users are unaware of what each other are doing or even what makes for a good governance structure.
The solution to this particular issue, if uncovered by an audit, would be to create an RPA center of excellence (CoE) that imposes a strong governance framework across all bot development in your organization. This should include clear guidelines on what processes are good candidates for automation, how you prioritize which processes to automate first, how to build a business case for a bot, and instructions on how to manage bots across the entire software development lifecycle (because bots are software, after all).
#2 The bots are less efficient than the manual processes they replaced
There is always a risk that a bot-assisted process can be less efficient than the (human-controlled) manual process it replaced. In such cases, it could be that the bot was created without capturing the full requirements of the job at hand or that the task in question was more complex than previously thought. In such cases, it’s best to catch the problem early, or the benefits of deploying RPA will not earn back a decent ROI. And the loss of productivity could harm the business.
The way to address this risk is to put in place a formal process for deciding which tasks get automated. You should consider factors such as:
- How complex is the process?
- Are the infrastructure and underlying applications stable, or do they change frequently?
- How important is the process to the business?
- Can decisions be programmed into the bots using straightforward rules, or is there some subjectivity or judgment involved?
#3 The data being fed to bots is of poor quality
Since bots are software, they depend on data. The data fed into them determines what they will do—and how well they will do it. As the long-used adage says, “garbage in, garbage out.” This issue goes to the heart of how data is managed within your organization. Are there controls to ensure data integrity, cleanliness, privacy, and security? For this, IT will need to get involved, as data generally falls under its purview. How robust is data lifecycle governance? This is a case where auditing your bots often can transform into a wider investigation that examines much more than just a single process.
#4 The bots keep breaking
Sometimes, bots stop working or churn out mistakes. This can be due to factors such as poor coding, inadequate testing of bots, or issues with the fundamental structure of the process being automated.
Bots should be developed according to IT’s standard application development processes, including adequate testing prior to being put into production. They should have monitoring and error-handling capabilities built into them. That way, problems can be detected early. You should program alerts and have “circuit breakers” to stop the bot in case it goes rogue. You should also have a clear business continuity plan in place so that if a bot breaks or needs to be shut down, operations won’t suffer.
#5 The bots have not been updated in response to changing business or operating models
A change in an application, infrastructure, or business model could cause a bot to malfunction. In many cases, when an application or environment is updated, bots downstream from that application or environment will need to have their rules adjusted. The reverse can be true as well: by updating a bot’s rules (for any reason), unanticipated fallout could cause an important business process to fail.
Clear lines of responsibility and accountability are required regarding who will make the changes to the underlying systems or bots. Putting a structured change management process in place is the best way to do this—one that lays out who can make changes, what testing is needed to ensure the changes don’t raise issues, how far to back up data for version control, and how to notify affected users.
For a smooth journey
To fully realize the benefits of bots, they must be managed with the same discipline as any other IT initiative. With the proper governance and monitoring framework, they can be valuable tools to help your business move forward on its digital transformation journey.