PUBLIC

openSAP
Your HR Journey to the Cloud

Week 4 Unit 1

00:00:05 Hello and welcome back to the upgrade to success 2022 course, week four, unit one.
00:00:11 I'm Oscar Ronferro and I'm the HR technology architect lead for EMEA. In this unit, I will
cover the relevance of security and data privacy
00:00:21 in the adoption of a cloud application and why companies must evaluate SAP in those
areas.
00:00:29 These two aspects are very critical to our customers and in this unit you will understand
why.
00:00:38 Let me start with the cyber security. When companies move to the cloud, there is a certain
security responsibility
00:00:48 between the company and the cloud vendor. And it's very important for companies to
validate that the cloud vendor
00:00:58 will secure the service to protect the data. Today, the cost of a cybercrime is above $6
trillion and will go above $10
00:01:11 trillion by 2025. The average cost of a data bridge for a company is above four millions
00:01:18 of dollars, and the attack techniques are evolving very fast.
00:01:24 Due to it, nearly 70% of companies recognize that the cost to protect themselves is
unsustainable.
00:01:33 Companies like Facebook, LinkedIn, or the Brazilian Ministry of Health have suffered data
glitches in the last few years,
00:01:42 exposing millions of records and causing them a big reputational impact.
00:01:49 But cybersecurity is not only relevant for large companies. In fact, 43% of the attack target
small businesses and organizations,
00:02:01 and the impact of a data breach in these companies could be huge. In fact, around 60% of
small companies go out of business after they are hit
00:02:12 by a cyber attack. That's why today a lot of the small and medium companies
00:02:17 consider that the move to the cloud with a trusted and secure cloud vendor like SAP could
help them to protect their business.
00:02:29 CIDA security is all about the protection of information against unauthorized access.
00:02:37 Additionally, companies are concerned about the data privacy when they move to the cloud.

00:02:44 Data privacy is all about the protection of individual rights regarding the processing of their
personal data.
00:02:54 There are multiple data privacy regulations in the world which are evolving very fast.
00:03:00 GDPR is just one of them, and it is very well known due to how strict it is and also due to the
high penalties it has associated.
00:03:11 It impacts all companies managing personal data of individuals in the European Union,
independently if the company is based
00:03:20 or not in the EU. The penalties associated to this law could go up to four percent
00:03:28 of the annual global revenue of the company or 20 million, whichever is greater.
00:03:34 And for a lot of companies, these high penalties would be unaffordable.
00:03:40 When a company moves its HR applications to the cloud, it remains the global responsible
of the protection of the rights
00:03:48 of their employees. That's why companies must get the right warranties
00:03:53 from the cloud vendor in that regard. Prior to any contractual relationship with cloud vendors
like SAP,
00:04:01 there are several questions that companies used to try to clarify. While these clarifications
provide the companies with the confidence
00:04:09 that SAP can meet their cloud needs, companies need to validate if this move to the cloud
will also respect their legal compliance
00:04:19 requirements. SAP supports companies in answering these questions.
00:04:29 SAP provides a comprehensive contract taking legal and compliance topics like privacy,
adequate security measures, and legal requirements into account.
00:04:43 Further, SAP's technical and organizational measures describe how SAP secures customer
data.
00:04:52 Additionally, some companies used to ask for evidences. SAP regularly undergoes audits
and review of its policies and controls.
00:05:03 This topic is also strongly driven by legal compliance requirements. The company needs to
provide evidence that the cloud provider he has chosen
00:05:14 can be trusted and has the appropriate security framework to secure the data accordingly.
00:05:23 As you have seen so far, cyber security and data privacy are two aspects very relevant to
companies when they move to the cloud.
00:05:32 And we'll review now how SAP gives them the confidence they need. Let's start reviewing
how companies can get information about the approach
00:05:46 of SAP to cyber security and data privacy. SEP provides multiple information in those areas
through a public website
00:05:58 called SEP TrustCenter. This website provides transparency to relevant documents,
security
00:06:07 certificates, and contractual information. It has seven main areas with relevant information.
00:06:15 Cloud service status. You could check there the availability of the different cloud services
00:06:22 offered by SAP. Security.
00:06:26 Every documentation about how SAP approaches security, privacy where you could get
visibility about how SAP protects the rights of individuals,
00:06:39 compliance. You could search and download security certificates of our cloud applications
00:06:45 in that area. Cloud operations.
00:06:49 It describes how SAP runs the cloud operations of the services. Data center, you could get
an overview of the different protections SAP
00:07:00 puts in place in its data center. And the last one is about agreements, where you could get
the contractual draft
00:07:10 to subscribe to the SAP cloud applications, where you could find relevant documents like
the SAP Data Processing Agreement,
00:07:19 which is the key contractual document around data privacy and aligned with the GDPR, or
the description
00:07:26 of the technical and organizational measures SAP puts in place to protect the service.
00:07:33 which are referenced in the subscription contract. Why SAP has developed this public
website?
00:07:43 The SAP CloudTra Center is targeted not only to customers and partners, but also to
prospects looking to get an understanding of how SAP Pre-approaches
00:07:56 cybersecurity and data privacy. Via this website SAP customers could also engage with
SAP if needed.

2 / 24
00:08:06 But is the SAP Trust Center all we provide to customers to get information about cyber
security and data privacy?
00:08:15 The answer is no. SAP has additionally released the MyTrust Center, which is a private
space
00:08:24 for customers, designed only to SAP customers and also to partners.
00:08:31 In this website, they could get access to much more detailed information about how SAP
approaches different cybersecurity aspects like risk
00:08:41 management, quality management, or vulnerability management. SAP customers could also
get access to the list of sub-processors used by SAP
00:08:54 for each of the cloud services and they could even subscribe to be notified in case of any
change to one of the documents.
00:09:06 Let's go now a bit deeper in how we approach security and compliance with SAP
SuccessFactors.
00:09:14 We'll focus at high level around five relevant points you should understand. The first one is
the third responsibility when moving to the cloud.
00:09:28 When a company uses an HR application in the data center, they take full responsibility in
the security and data privacy
00:09:36 of the physical data center, the infrastructure, the platform, and the application, including its
configuration.
00:09:43 But when a company decides to move to the cloud, they need to understand that they are
delegating part of this responsibility
00:09:53 to the cloud vendor, which is specialized in those activities and has a large dedicated team
of security experts and a security infrastructure
00:10:04 in place. Some years ago, companies were a bit reluctant to move to the cloud
00:10:11 because they had concerns about its security. Today, this is changing to the opposite
direction
00:10:20 and the cost of cybercrime and the speed of evolution of the attack techniques are some of
the drivers for some companies to move to the cloud to protect their data
00:10:30 by a specialized company like SAP. Moving to a software as a service like SAP
SuccessFactos
00:10:39 doesn't mean customers delegate all the responsibility to the cloud vendor because they will
be still responsible to create their users
00:10:49 and roles, determine how users should authenticate to access SuccessFactos and
configure the application in a way
00:10:58 which is compliant with the regulations around the business. Please feel free to download
this presentation to read its content in more
00:11:08 detail. The next topic to mention is about the secure platform
00:11:16 and the reliability of its infrastructure. It's important to consider that SuccessFactos was
designed
00:11:28 from the beginning to provide a strict segregation of our customer data.
00:11:35 In fact, customer data is stored in completely independent database schemas for each
customer and the data is always encrypted at rest
00:11:46 and also in transit. SAP has in place multiple measures to protect the data of the customer.

00:11:54 It has multiple independent VLANs where SAP has in place different technologies to prevent
and detect possible intrusions.
00:12:05 SAP uses a 24x7 monitoring system to react immediately in case of a security event which
would require it.
00:12:16 SAP SuccessFactos was designed with high availability and redundancy in mind, to
minimize the possible impact of a failure in one of the components
00:12:26 of its infrastructure. SAP has in place several data centers in the same region.

3 / 24
00:12:33 This helps to protect the service against an improbable catastrophe. SAP performs backups
in a recurrent basis which are stored not only
00:12:44 in the primary data center but also in the secondary data center. SAP guarantees by
contract a monthly availability SLA of 99.7%,
00:12:57 which is equivalent to an scheduled downtime below 2.18 hours in a month.
00:13:04 But you should know that SAP is currently delivering a much better availability SLA, well
above 99.9%.
00:13:15 Next topic is about data protection and privacy. Before we go into the features we include
within SuccessFactors to help
00:13:25 our customers to be compliant with their data privacy regulations, some quick definitions.
00:13:33 Personal data is any information relating to an identified or identifiable natural person, like
name, address, phone number, etc.
00:13:46 Sensitive personal data is a subset of personal information that may require additional
levels of protection.
00:13:53 It includes, for example, information on racial or ethnic origin, political opinions, religious or
philosophical beliefs,
00:14:04 trade union membership, health or sex life, etc. Now, let's discuss some of the features to
protect them additionally
00:14:13 to other basic measures, like the data authentication or the access restriction via
permissions offered by SAP SuccessFactors.
00:14:22 Data boards. One of the key articles in the GDPR is article 17 covering the right to be
00:14:29 forgotten. Essentially, organizations should delete or purge
00:14:34 personal data when there is no longer a business purpose for the data or if an individual
revokes consent.
00:14:42 This is also just good risk mitigation practice. Of course, it is more complicated than that.
00:14:51 Data may be retained for longer if it's needed to support legal claims or is needed for legal
compliance, such as a bank keeping data for seven
00:15:03 years. And different countries may have different requirements for how long data
00:15:08 needs to be retained. This feature enables customers to define country-specific data
retention rules
00:15:16 and to permanently delete data. Next one is consent management.
00:15:22 Requirements for consent are called out in Article 7 of the GDPR. Essentially, it means
companies must obtain explicit consent
00:15:32 from individuals to store or process their personal data and that this consent can be revoked
at any time.
00:15:40 This feature allows you to configure and manage consent statements and data acceptance.

00:15:47 Next one is data blocking. Best data privacy practice is to only grant access to personal
data to those who
00:15:56 need to see that data. This can be already done today with permissions but this feature
00:16:04 goes further. Next one is data blocking.
00:16:08 Data blocking can be used to restrict access to historical personal data which is within a
retention period and therefore still in the system.
00:16:17 One role may still have access to the data, while access for another role may be blocked.
00:16:25 Data Subjecting for Reporting is another interesting feature. This feature supports the
individual's right to information call-out
00:16:34 in various GDPR articles. It enables customers to generate a report containing all the data
subjects,
00:16:42 personal data, available across SuccessFactors applications.
00:16:47 Change audit is another important one. Once this feature is enabled, the system will keep a
log of any changes

4 / 24
00:16:55 made to personal data. You can then run reports to show who changed whose personal
data
00:17:04 along with additional context. Then next functionality is the special sensitive data protection

00:17:13 capabilities you will get in SuccessFactors. You can apply additional security measures to
sensitive fields to restrict
00:17:20 and control its access. Next topic is about the operational security
00:17:28 in place. We could take a lot about different aspects
00:17:34 of the operational security in place, but I focus in the security incident and event
management process SAP use.
00:17:44 SAP has a security incident and event management system in place with a 24x7 monitoring
system where it collects all the relevant security events to correlate
00:17:56 and analyze them. Automatic alerts will be triggered if there is a suspicious event.
00:18:03 SAP also performs a manual extended analysis to try to detect more sophisticated attacks.

00:18:11 SAP has in place a dedicated security task force team which is different from the team
doing the administration of the system and is in charge
00:18:22 of this security monitoring and protection process. Additionally, SAP performs multiple
vulnerability tests
00:18:31 to validate the security of the service, performing penetration tests with different scopes with
daily remediation scans.
00:18:41 Last topic to highlight is the contractual assurance we provide to our customers.
00:18:49 We'll focus here in one of the key contractual documents for the security and data privacy of
the service, which is the data
00:18:57 processing agreement. This document includes very relevant aspects
00:19:03 like the international transfer of personal data in compliance with different laws.
00:19:10 SAP has a large team of experts monitoring regulatory changes in the world, which could
impact in the operation
00:19:18 of the service. The data processing agreement is aligned with the GDPR, one of the most
00:19:24 strict data privacy regulations in the world, and it includes its standard contractual clauses in
it.
00:19:34 For the delivery of the service, SAP could engage sub-processors, but SAP will remain
responsible in front of the customer.
00:19:45 The last important point to mention is that the Data Processing Agreement references
another document where the multiple technical and
00:19:54 organizational measures to protect the service are listed. This is a quick summary of SAP's
cloud-secure approach
00:20:04 to help companies to minimize the risk when moving to the cloud. Global auditing and
compliance.
00:20:15 SAP SuccessFactos supports companies in their global data privacy and data handling
regulations.
00:20:25 Geographically dispersed data centers store data from any country in the world. SOC 2
compliance audits are produced every six months, not just yearly.
00:20:40 Control cloud for data data segregation, intrusion prevention and business continuity.
00:20:48 Recurrent vulnerability tests with daily remediation scans. The usage of a patented
technology, patented method
00:20:59 against CSRF cross-site request for agree attacks. A strong encryption of data at rest and in
transit.
00:21:08 Better Multitenancy with Segregation of Data at the Database Schema and Application
Instance Level.

5 / 24
00:21:16 Here you have a quick summary of the key processes SAP has in place to protect the
service in all key areas from the product development to the secure
00:21:26 operation of the service, including physical security, platform security, and many others.
00:21:33 Please feel free to download this presentation to read its content in more detail.
00:21:40 SAP has in place an advanced IT security architecture with the right data segregation and
protection and it has a complete threat and vulnerability
00:21:52 management process to minimize the vulnerabilities of the service.
00:21:58 All this is complemented with a strict focus around data privacy and protection.
00:22:05 It's also important to mention that SAP SuccessFactors is certified in various strict
standards around security and data privacy,
00:22:14 including, for instance, ISO 27001, ISO 270017, and ISO 270018, and it's audited as part of
the SOC 2 audit process.
00:22:28 Customers can request via the SAP Cloud Tracenter a copy of the last SOC 2 audit report if
desired.
00:22:36 For more information, again, SAP Tracenter is the right start. To close this session, please
remember that SAP SuccessFactors
00:22:48 can help customers to operate in the cloud with confidence. SAP is dedicated to building
and keeping your trust by protecting
00:22:59 your data with a cloud security foundation based on the highest security standards. We
embody data protection and compliance because it's good for business
00:23:11 and is the right thing to do as it aligns with our values to improve people's life.
00:23:20 SAP is your partner to ensure your business is improved rather than disrupted by data
protection regulations.
00:23:28 That's why thousands of business trust us. SAP is dedicated to keeping our customers
ahead as GDPR and other data privacy
00:23:39 regulations evolve. SAP SuccessFactors will help customers to decrease legal risk and
meet
00:23:46 global compliance challenges. Rely on SAP SuccessFactors as your trusted partner
00:23:53 to provide functionality to help you meet global and local compliant challenges so you can
focus on your business.
00:24:03 SAP proactively monitors local data privacy regulations globaly and invests to keep our
solutions updated to enable our customers to be compliant.
00:24:15 And data protection and privacy is the DNA of SAP. Data protection and privacy are critical
aspects of any
00:24:25 digital transformation and that's what we do. We keep more than 2,000 security compliance
and localization experts
00:24:34 on staff. Our products are designed and developed according to the concept of privacy
00:24:42 by design, and compliance is built in from the beginning and not as an afterthought.
00:24:49 SAP is your trusted global partner with over 40 years of leadership in data protection and
privacy and has provided best practices and guidance
00:25:00 to enable customers to comply with regulations worldwide long before GDPR was
introduced.
00:25:09 ACPs, products, and services have data protection and privacy built in by design and
default,
00:25:16 thus helping our customers address GDPR requirements enterprise-wide. Thank you for
attending this presentation and goodbye.

6 / 24
Week 4 Unit 2

00:00:05 Hello and welcome back to the Your HR Journey to the Cloud course.
00:00:10 This is week four and unit two. I am Chiara Bersano and I am a global value advisor
00:00:18 for the SAP SuccessFactors organization. In this unit, I look forward to taking you through
00:00:24 how we approach globalization and localization. You will discover that the two are really
tightly connected
00:00:32 and how compliance is part of the discussion, including understanding the risks
00:00:37 of not taking localization seriously enough. Let's get started.
00:00:45 Many organizations nowadays operate in a global environment, or at the very least
internationally
00:00:50 and across borders. And this immediately fires up the requirement
00:00:55 for understanding what it means to be compliant in a multi-country environment, what it
means to be global,
00:01:04 and what means to be actually locally adaptive. In a recent Ernst and Young Global Payroll
Survey,
00:01:12 we identified that keeping up with regulatory compliance is the second highest compliance
challenge,
00:01:21 but that is not the only one by far. We have to bear in mind
00:01:25 that practically all areas of HR are invested in compliance, from recruiting and interviewing,
00:01:33 think of policies, social networking, and the regulations that are around that.
00:01:38 Labor laws, training, harassment, and of course safety and security, wellness -
00:01:45 that all became more complicated in our post-COVID times. The regulatory burden grows as
the employee number increases,
00:01:55 and really multiplies with each other country as every government creates the legal
framework
00:02:04 to protect workers, and yet it's often acting different and sometimes in opposite ways.
00:02:11 You can't quite count on local HR to understand it all and you need the backing of true
experts.
00:02:21 In fact, globalization and localizations are truly the two extremes of the same topic,
00:02:28 the two sides of the same medal. And success means that we need to keep both in full
view.
00:02:34 As we speak of HR, globalization is about ensuring
00:02:38 that the same rules apply everywhere in a standardized way and in a transparent approach.

00:02:45 And the data can be accessed and read in a relevant and organized way
00:02:52 that will ensure the decision making is based on data and that all employees can access
information
00:03:00 and collaborate freely. Localization, on the other hand, means
00:03:06 not only understanding how the global trends translate in a specific location,
00:03:13 but also how compliance varies from one place to another. In that way, each specific driver
that HR may encounter -
00:03:22 supporting a hybrid world or ensuring a lower TCO, total cost of ownership,
00:03:30 or extending organizational geographies - carries specific challenges
00:03:35 in regard to the localization effort. Most questions I hear when discussing localization
00:03:44 are how many languages, how many currencies, but this is just the tip of the iceberg.
00:03:53 In fact, it is a continuum of multiple types of data to store details to keep in mind

7 / 24
00:04:00 and reports to be provided according to specific guidelines,
00:04:04 from the easiest to manage with a long-term persistence, such as language
00:04:10 and time and date settings that don't change all that often, onto cultural and personal data
types
00:04:18 that can have adjustments, all the way to the complexity of data privacy
00:04:24 and local full compliance, areas that are not only very different
00:04:29 from one location to another, even between different counties and states in the US,
00:04:37 but also are subject to quick and difficult-to-forecast evolution.
00:04:43 Let's think of the continuous requirements and recalls that were going on
00:04:47 during the last couple of years thanks to the COVID-19 pandemic.
00:04:59 In fact, the complexity and the speed of change has been progressively increasing all
around the world
00:05:07 with major legislative and regulatory requirements. Only in the last five years we have seen
a rise
00:05:15 of about 36% in the number of legal changes, and they have also moved to more complex
00:05:25 and ever more complicated requirements. Someone in each local office needs to keep track
of them,
00:05:33 putting a huge and risky burden on your branch managers. We also have to note that, in a
number of countries,
00:05:43 we have a requirement for electronic reporting, which is yet another burden on your
managers.
00:05:52 We can think of eSocial in Brazil or RTI in the UK, and multiple others around the world.
00:06:02 Now, local requirements are one thing, and the other things are global regulation
00:06:13 and data privacy legal requirements in the making. In our global world,
00:06:21 it can come as a surprise, the need for so many local data centers
00:06:26 given that we are all living in a connected world, but even here there is a very strong
requirement,
00:06:34 the legal need for citizens' files to be stored within the border of a country
00:06:40 to ensure compliance with data privacy and integrity regulations.
00:06:45 SAP SuccessFactors atop of the data centers is there to support all such cases.
00:06:53 To solve the localization and globalization complexity, we have defined an approach based
on three principles.
00:07:01 First is that we enable localized compliance in every country you operate in,
00:07:06 and we are fully localized in 102 countries, regularly adding new countries
00:07:13 to our inventory, based on need and requirements. Second, we do manage the continuous
flow of new legal changes
00:07:22 with an amazing and robust team of local product managers who live in the country, who
speak the language,
00:07:31 and who are able to work with the regulatory authorities to find the best solutions.
00:07:40 And then we match them up with product developers and staff support.
00:07:47 And third part, we help you avoid non-compliance. We manage many local business
processes,
00:07:55 we translate into 45 languages, and we can give you payroll coverage in 49 countries,
00:08:02 plus some additional partner-supported ones. Further, we have a close working partnership
00:08:09 with local government, providing data privacy support, local best practices, and reports.
00:08:16 It's on one database and, last but not least, it's all part of our standard delivery
00:08:26 at no additional cost to you. When we talk about compliance,

8 / 24
00:08:35 we have to remember it is about risk management, and that means balancing the cost of
doing
00:08:42 with the cost incurred in protection. So if we look at the cost and damages
00:08:50 of not doing compliance, they are growing. We see fines growing exponentially,
00:08:59 we see penalties and damaged reputation, and we see the cost of legal discovery
00:09:06 being higher and higher. That is why we know that the extensive localization effort
00:09:14 that we do on your behalf to provide you with a ready-to-go country localization
00:09:23 is worth the price. We know that is providing you a beyond-par protection
00:09:33 in all situations. Here, it's a very high-level calculation.
00:09:40 If you look at one specific country localization, we, on average we account for the cost.
00:09:52 We evaluate the cost of localizing the whole HR solution in one given country at about 110
days of work,
00:10:02 including the study, including the experience, and of course it's average.
00:10:08 There are some countries that are more complex and some others that are less complex.
00:10:13 The cost of an expert resource is about a thousand, we put here $1,050 per day.
00:10:24 So that comes up to say that, in one country, the cost of localizing one country is $115,000.

00:10:36 Now in this accounting, I'm not factoring the time that we need to spend on doing this.
00:10:43 We have calculated the cost of the developers to produce it, but that doesn't mean it is
available
00:10:50 the moment you need it. The other part that is not included in this cost
00:10:55 is the cost of non-compliance, the cost of legal discovery, fines, penalties,
00:11:00 and so on as mentioned. On this basis, we can say that, conservatively,
00:11:08 localizing an HR solution for 10 countries is about $1,150,000.
00:11:20 That means that while most HCM vendors will provide you with translation and
internalization,
00:11:30 we'll provide you with translations in a number of languages.
00:11:35 We can offer 45. And we'll provide you with the support
00:11:41 for specific time zone, currencies, and some specific types of data localization.
00:11:48 However, the localization capabilities that we can offer in 102 countries are very different.
00:11:55 It covers the end-to-end approach to deliver the regular standard solution.
00:12:02 It means that not only is there local regulation and reporting that are covered,
00:12:08 but they are also supported by ongoing maintenance, including based on the support
00:12:17 of a legal advisor, working with legal authorities and governments
00:12:22 in order to provide you the best translation of those regulatory changes in the software.
00:12:30 And that is provided by you by regular releases twice a year or by faster patching done in
the cloud.
00:12:44 Now, if we look at the design principles, this is a quick list, but all vendors globalize,
00:12:54 but sometimes you have to contract the work out or do it yourself.
00:13:00 It is a major expense as we just saw a couple of slides ago, and it's a major concern for the
consistency of application,
00:13:09 actively working to set up a system, but without a regular method of updating, maintenance,

00:13:15 and deploying laws as they change, it's obsolete very quickly.
00:13:23 And SuccessFactors can offer you the full stack of localization principles
00:13:30 in order to support your compliance needs. In this slide we see a quick list
00:13:38 of the supported countries, a full localization of an extensive value to you yearly

9 / 24
00:13:45 that covers most of the countries in the world. We are adding an additional one yearly,
00:13:53 and there are some additional ones that are covered thanks to partner efforts.
00:14:01 Some examples of the most recent changes that we have included in the last couple of
years.
00:14:12 Each column - these are not interdependent, some are provided by, are driven by country-
specific needs
00:14:22 for data capturing. Others are validation rules that are changing
00:14:29 to review the data that exists. Compliance reporting, we have already mentioned it,
00:14:34 it has been made more, in some cases has been made more electronic,
00:14:45 but in other cases it's simply the matter of a completely different need or requirement.
00:14:50 Country-specific rules, such as earlier this year all communication about leave in a specific
language
00:15:00 or changes in the way to manage data. All of these have been covered in localization
00:15:09 and are offered today in our systems. And as we mentioned earlier,
00:15:20 not only has localization been done once per country, but it has to be kept up to date.
00:15:29 If we consider that we have ongoing new requirement in every country,
00:15:35 the effort of doing so is accounted for here. In 2020, we saw about 715 HR-related changes
00:15:47 that had to be addressed by our system. In all countries in the world.
00:15:53 The cost of each is approximately $40,000. The cost is about estimating,
00:16:03 looking at the number of efforts, looking at the type of changes,
00:16:12 supporting legal support in each country, and so on. So we're talking about just short of $30
million
00:16:21 in those continuous updates of the localization for each country,
00:16:31 and the calculation of the savings for you is simply based on looking at the number of
changes
00:16:39 and the number of countries you are managing in the world. Based on that, you can easily
evaluate the savings
00:16:47 that the legal change support by SAP SuccessFactors will give you.
00:16:54 Finally, it's important that those changes are easy to implement.
00:17:01 In SAP SuccessFactors, thanks to our release management, you can see directly in the
upgrade center
00:17:07 what is available and how it can be applied. You see on the screen all the different types of
upgrades
00:17:15 that are available. There is no more need to go into an upgrade center,
00:17:22 but it is automatically supported and provided to you in our application.
00:17:32 Beyond that, we also note that you have not only the legal changes
00:17:39 in specific countries, but also suggested best practice introduction,
00:17:44 such as in the next one. How easy are they to apply?
00:17:47 Well, it's a matter of selecting it, reviewing the information provided,
00:17:52 and deciding to go for an upgrade. In some cases, you may need to learn more
00:18:00 or to read the description and understand what the tenants of the proposed solution are.
00:18:09 Here is an example of some of the localizations that were introduced in the last year
00:18:18 to support COVID-19 requirements and compliance. In this case, it was about India
00:18:23 and it was about emergency support and the new issues that were raised.
00:18:31 And you can see here how the law changed and how SuccessFactors was able
00:18:40 to support the modification in a timely and relevant manner, to be able to support all our
customers in India,

10 / 24
00:18:49 or having Indian subsidiaries. An additional piece of the puzzle
00:18:56 is, of course, data protection and data privacy. Data privacy has been changing
continuously
00:19:04 for the last, I would say, 15 years around the globe.
00:19:08 And there is a continuous explosion of new regulations across the globe.
00:19:14 We can see here a number of new countries that have recently introduced new laws,
00:19:25 including from South Africa. In the US, not only is there a federal law,
00:19:31 but there are multiple state laws that are continuously being introduced and modified.
00:19:36 Canada, and so on. There are many different jurisdictions
00:19:40 with different data protection applied in different ways. And we have about 2,000 security
compliance
00:19:50 and localization experts that are able to support you in those efforts
00:19:54 and that provide you with a solution that can face the challenges of today's data privacy
world.
00:20:08 What are truly the risks of non-compliance? We mentioned fines and penalties and the
growth.
00:20:17 But at the end, it's truly a continuously growing field. Think of today's social networking
world
00:20:26 and how the reputation of a corporation can be damaged in a flash by a scandal of a
broken, of disrupted files.
00:20:39 But there is also loss of culture, loss of trust from the employee toward the company
00:20:48 or from the customer toward the company. Civil litigation, which today has seen many
lawsuits
00:21:00 addressing misclassification of employees, in particular between different categories of
employment.
00:21:07 And finally, last, but by far not least, the missed business opportunities
00:21:12 that this will generate for the lack of time in addressing this situation
00:21:18 and for the lack of trust from a public environment toward an organization.
00:21:24 The fines paid only in 2020 in the United States for non-compliance were at about $2.1
billion.
00:21:39 Our goals in doing all this, our goals in enabling globalization
00:21:45 and with an environment that supports compliance is to make sure that you stay safe, that
your data files,
00:21:56 that your employee data, and that your approach to HR stays safe and compliant across the
globe.
00:22:06 Enabling globalization growth, it's important, and with SAP SuccessFactors,
00:22:12 it comes at a lower cost of ownership and with mitigated risk.
00:22:19 And now it's my turn to say thank you for your attention, and I'll see you in the next one.
00:22:28 Thank you.

11 / 24
Week 4 Unit 3

00:00:05 Hello HR friends and welcome back to the course Your HR Journey to the Cloud, week 4,
unit 3.
00:00:15 I am Chiara Versano and my work has been focused on identifying the value of our SAP
SuccessFactors solutions to our customers.
00:00:26 In this unit, I would like to introduce you to the value discussion, how we at SIP look and
define it, and how you can create a relevant business
00:00:36 case to win over your stakeholders. Let's go for it.
00:00:43 So, whenever we discuss a new HR technology, and even more clearly, an HR digital
transformation that is deeper and more
00:00:54 valuable to the organization, there are always multiple elements to keep in mind.
00:00:59 And that is why we have come up with this schematic of steps as a reminder of all the
pieces that you need to consider.
00:01:08 Each item is actually quite logical, but it is important to ensure it is covered.
00:01:15 Indeed, in this unit, the part that we're more concerned here is rather summarized in the first
three blocks.
00:01:23 We outline here the need to understand the current situation, what is the short-term view,
and what parts of the organization
00:01:31 should be part of the discussion. The internal working of each organization is like a
partnership.
00:01:39 One really needs to discuss with each party to understand what is going on. Sometimes that
makes the role relatively difficult and sometimes I
00:01:49 feel that we have been discussed, discussing for so long, working together to plan, support,
upgrade the HCM system on premise, that I feel I should know it
00:02:01 all, but most of the time, in fact, you know, the business has changed, the problems have
changed, the key stakeholders have changed,
00:02:13 maybe my role has changed in the process as well. So, we need to discuss and completely,
not from the start,
00:02:21 but we will need to re-initiate the discussion and make sure we review each piece.
00:02:27 Of course, not every piece of the model is totally relevant in every situation. You may find
that some require more attention this time
00:02:35 and some others may be disregarded as already covered or still well covered by your
current materials.
00:02:43 Then we need to look at where is the value. Each part of the success factor suite carry its
own value proposition,
00:02:53 but it is when it all works together in synergy that one can really visualize the interactions at
best.
00:03:01 This schematic is one of my absolute favorite and while it should be understood that each
module of the solution can be implemented
00:03:08 separately and if it is a priority, you may have a burning bridge or need to replace an older
and retiring legacy.
00:03:16 Yet, the core of HR, Employee Central, can really act as the glue. From there, you can see
that each module brings its own benefits
00:03:30 and enhance the benefits of each other part. If recruiting ensure the vacancies are filled
faster with better candidates,
00:03:38 for example, the synergy with succession brings more internal candidate opportunity and of
course that brings a better empathy and a better engagement of your employees.
00:03:50 Onboarding will accelerate the time to productivity for the new employees and together with
Employee Central will ensure a faster and more

12 / 24
00:03:58 accurate data entry and maintenance of the employee's record. And we all know how
complex it is to ensure data quality in our HR systems.
00:04:09 To dive a little bit deeper, we can divide motivation for change in three main parts. Let's
consider each different piece.
00:04:19 Most of the time we start by discussing the value that exists already. We want to build on
the existing investment, identify current pain points,
00:04:31 business issues and move to understand benefits and challenges of the new technology.
00:04:36 Then we move on to discuss the economic impact, evaluating ROI, return on investment,
and total cost of ownership,
00:04:47 but also the tremendous cost sometimes of doing nothing, the risk of doing nothing.
00:04:54 There are always a number of unquantifying benefits to account for. New processes that are
being just introduced do not have a baseline
00:05:04 to calculate the benefit. In other cases, the HR ways of doing, notably dealing with people,
00:05:13 are difficult to quantify in terms of time and money. In the end, these three main parts
cannot be compromised with.
00:05:22 Each need to be satisfied and it's up to each situation to evaluate what are the priorities.
00:05:33 In the end, to put it bluntly, it has to be desirable for people, technologically feasible and
economically credible.
00:05:43 At the core of each value discussion is the clarification of financing and business
justification.
00:05:50 To do that efficiently and in the most relevant way, it is imperative that we establish a
collaboration.
00:05:57 You, as the customer, know your business best. You know your challenges, you know your
stakeholders,
00:06:05 you know the consideration that you need to take and the situation of your employees.
00:06:11 On the other term, our long-term collaboration with so many customers has given us key
benchmarks that we now use to create a value
00:06:21 lifecycle tool. We have value baseline calculators and expect benefits calculated on what
has
00:06:27 been experienced by our many other customers. Of course, all the data is anonymized and
is used with averages to provide you
00:06:39 with realistic expectations. Steps to a business case can be outlined essentially in four
steps.
00:06:55 Starting with a discussion of what should be expected in the study. Sharing information and
discussing what key driver would be best suited
00:07:06 to the situation and solution proposed. And, of course, the more actual data we can
leverage in
00:07:13 the study, the more realistic the final number will be.
00:07:19 The data gathering step is sometimes very time-consuming and occasionally frustrating.
00:07:26 In my experience, it is quite rare to see that all data points can be collected.
00:07:31 Of course, some of the new processes introduce data that simply hasn't been collected
before.
00:07:38 In those cases, we usually introduce a benchmark and adapt it based on what makes most
sense in your specific situation,
00:07:45 industry and geography. I will approach you and say, hey, what makes most sense for you?

00:07:52 What is more relevant? What sounds more right to you in your situation?
00:07:58 It is never a cookie cutter that can be applied everywhere in the same way. Once the data is
collected, we generate baseline and expected benefits.
00:08:08 And we discuss always the results with the data owner to make sure, again, that it all makes
sense.

13 / 24
00:08:15 It is rare to see that there are no corrections to be added at all. At a very high level, these
are the value driver, most broad category that we
00:08:29 work with most of the time. With each of these, there are some generally expected
00:08:36 benefits. Most of the time, it is calculated in a nearly base.
00:08:41 Exception, of course, is the DCO calculation. Let's have a look to a couple of examples that
may ensure that there
00:08:50 is a clear understanding of what we mean here. Now, let's look here, for instance, in this
example,
00:08:58 we look at how the enhancing reporting and analytic capabilities can improve the outline
and the baseline of it all.
00:09:11 Now, the foundational data is currently the cost of reporting is 220,000 euros in this case.
00:09:25 Well, how do we calculate that? The customer tells us we have 5.5 FTEs that work on
analytics and reporting.
00:09:39 Maybe the 0.5 is a part-timer or maybe there are three part-timers at 50% and four full-time
equivalent.
00:09:49 But in the end, there are 5.5 full-time equivalents that work year-round on reporting.
00:09:57 We know that there is a cost to each FTE. Each FTE carries, in the case of the customer as
an average,
00:10:07 and this is an example that is unrelated to any actual situation for good information.
00:10:13 Let's say in this situation each FTE carry in HR 40,000 euros of yearly salary or yearly cost
rather.
00:10:22 Okay, so here we actually get the 220,000 per year of cost for reporting. Now, the 18% is
based on our own benchmark.
00:10:33 It means that we have had a number of customers who actually have gone through the
effort of improving reporting analytics and have verified that an 18%
00:10:46 improvement is credible. There are a number of options.
00:10:50 We can decide, we expect better acceptance, we expect worse acceptance, so we want to
choose a higher or lower
00:10:57 percentage of improvement, but that's something we will discuss at this stage.
00:11:02 At this point, it's pretty arithmetical and the potential economic benefits of improving
reporting and analytics capabilities is 18%
00:11:13 to 220,000, so 39,600. Rapidly, another quick example.
00:11:21 In this case, we look at what is the benefits of improving manager self-service.
00:11:29 Well, there is of course an invisible improvement that cannot be put in numbers and that is
the improved relationship
00:11:39 of the improved trust between the manager and the employee because the manager at this
point is able to act faster and support each employee faster.
00:11:51 but beyond that we can also calculate the benefit based on time saved. Let's say that this
company has 800 managers.
00:12:01 Let's say that the average time that each manager spends on HR admin tasks is about
12%.
00:12:10 It's huge. It's not a small fee to manage employees.
00:12:15 And you know, this of course is a company data, but in case you haven't been collecting
that, we can take benchmark data and we will evaluate how realistic it
00:12:24 is in your specific situation. This data can vary quite a bit from industry to industry
00:12:29 and from organizational style to organizational style. Again, manager cost on average in the
company is 64,000.
00:12:38 A simple multiplication brings us to more than 6 million euros spent, cost on a poor manager
self-service approach.
00:12:51 The potential improvement we get from our benchmark is on average 7%.

14 / 24
00:12:56 It could be higher if it's very well adopted. And if the managers have service cover a wide
number of functionalities,
00:13:03 it could be smaller if we actually introduce just a part of the functionality.
00:13:09 Again, arithmetic brings us to almost half a million euros of savings a year. Now, moving on
to how to build the value outline.
00:13:26 We can think about in which kind of areas this ROI will hit. These are broad categories, you
see all the different drivers,
00:13:38 and you see what we usually have witnessed as improvement for each. Some of these will
drive an improvement of bottom line and actual improvement.
00:13:55 Others are rather transformational. Improvement in engagement, improvement in project
execution is more
00:14:02 transformational and strategic rather than really saving in money. That depends and I often
mention that in HR cases savings are often
00:14:14 time saved. We can calculate it in dollars based on people's salaries that make some
00:14:20 time explaining and comparing apple to apple a lot easier. But those time savings are in fact
improvement and shifts of employee time
00:14:28 to value added activities. That means that to reap those savings, we need to introduce the
organizational
00:14:36 and process change management that will support it. And that's an important piece.
00:14:47 So, here are some examples of actual achievement that we have seen from customers.
00:14:57 These are anonymized, but not averaged out. Imagine an 87% time savings for headcount
reporting.
00:15:09 Account reporting is often a nightmare in many organizations. When it can be done at the
push of a button with a few corrections,
00:15:19 because you know your data is correct, that's a huge improvement. And that's a result of a
single source of truth.
00:15:27 Making sure that a global rollout can be done in six months in all your countries. Making
sure the reports can be generated in two seconds, the push of a button.
00:15:38 These are all advantages that we have seen and that our customers have truly witnessed.
00:15:46 Here is a general forester study of the actual value of SIP success factors overall.
00:15:55 I am not going to read the details of that. This is based on a composite organization that
could be representative but actually
00:16:04 mix different points from various different customers. Each of these customers had
experienced the SIP SuccessFactor application
00:16:19 between 2.5 to 5 years using various pieces of the solution. It's still relevant to look at it.
00:16:28 What I want to provide you with is an even more relevant resource, that is our most recent
piece of research.
00:16:36 Our most recent piece of research is an analysis by ESG of the benefits of moving from
HCM on-premise to SIP SuccessFactor HXM.
00:16:52 That means bringing out the proof of what return on investment realization can be verified
when moving to SIP SuccessFactor Cloud, building a model that includes cost
00:17:07 of implementation, hardware cost avoidance, application administration, localization cost,
operational efficiency,
00:17:14 productivity and business agility. This white paper is freely available.
00:17:21 Just follow the link on the slides that are provided to you in attachment. And last but not
least, it's a year older, came out maybe in 2022, I believe.
00:17:37 It's still an interesting relevant piece with a lot of data detail in it. I would definitely suggest
that you have a look at it,
00:17:47 because it's really outlining in detail what is to be expected from an implementation of HR
transformation.
00:17:57 Our usual benchmark base. It still spells out so clearly the different section,

15 / 24
00:18:04 what are the HR challenges, how the right technology can deliver value, making it a
compelling read for all parties involved in HR technology
00:18:14 selection and management. And now I want to thank you for having listened to me and
wishing you the best
00:18:24 of luck for the end of the course. Thank you.

16 / 24
Week 4 Unit 4

00:00:06 Hello and welcome back to your HR Journey to the Cloud course,
00:00:11 week four, unit four. That's the last one.
00:00:14 You made it to the end. I am Chiara Bersano and I am a global HR advisor
00:00:21 within the SAP SuccessFactors organization. In this unit, I'd like to discuss change
management.
00:00:28 It's one of those elephants in the room for each HR project management office team.
00:00:36 It is common sense, it can be completed without deep expertise,
00:00:41 and it makes a huge difference in the end result of the project,
00:00:45 yet it is the most frequently overlooked item. Perhaps the true reason why
00:00:51 it is so poorly attended to is that, one, it requires ownership, stakeholder buy-in,
00:00:59 and a follow-up. Two, for credibility and trust,
00:01:04 all change management communication and effort must be owned by the internal team of
the customer,
00:01:10 not outsourced to partners and consultants. Partners and consultants can help
00:01:15 in creating the material to support the communication, but the communication must be really

00:01:19 proceeding from you, the internal team. And finally, it is often descoped
00:01:26 at some point during the project because it adds visible costs.
00:01:32 Let's clarify the topic, point out some obvious and easy steps, and align expectations.
00:01:38 Ready? Let's go. So, if we don't plan to change,
00:01:46 the isn't usually much change happening. KPMG, a few years back defined a survey,
00:01:56 the outcome of which was that 75% of all HR initiatives fail because of a moderate or not
sufficient
00:02:06 or nonexisting HR change management capability. John Kotter evaluated that only 30%
00:02:15 of change management effort succeeds, which sort of implied that 70% fails.
00:02:22 They are terrible numbers. Typically, resistance to change is human.
00:02:28 It proceeds from a very human fear of change and that translates into a lack of trust in the
program,
00:02:38 in a misunderstanding or lack of communication, or not adoption of the true vision of the
program.
00:02:50 Sometimes the program may be perceived as a high risk. And we don't have visibility of the
urgency
00:02:59 that is requiring this change, no burning bridge. There is nothing to gain
00:03:06 and people don't perceive and don't see what's in it for them.
00:03:11 What's in it for me? The acronym, WII4M. If we can analyze the scope,
00:03:19 make sure that the people affected by the proposed change are addressed and feel heard,
00:03:26 that we understand the geographies and the cultures we need to align
00:03:30 and spot the risk and readiness that we have in front of us, we can prepare for what is
coming,
00:03:37 and we can help the whole workforce to see how the new vision and how the new normal
00:03:44 will help them to achieve their objectives. And they will then, in turn, adopt the change.
00:03:53 There are always multiple areas that may need addressing in a change management
process.
00:04:00 In any HR technology project, all of these are involved in one way or another.

17 / 24
00:04:07 However, most of the time, the only one that is truly considerate
00:04:11 is the technical change. Technical change, of course,
00:04:14 we're changing a technical platform, we're adding a technical process,
00:04:18 we're adding a technical way of doing things. Yes, of course that implies that there will be
00:04:24 some trainings on the new system, but that is by far not sufficient
00:04:29 because there are the two other parts of the puzzle that need to be taken into account.
00:04:35 The processes, any change of a technical platform will imply the processes will change too,

00:04:42 way of doing things, the priorities, the supports, but also the way of collaborating
00:04:51 from one person to another to get workflow approval, to discuss new options and new ways
of doing things,
00:04:59 that all will change. And finally, the organizational chain that is supported.
00:05:04 Let's consider a new system that will introduce self-service and shared services.
00:05:10 That is not unusual, yet that implies a huge difference in the processes
00:05:16 and a large difference in who is going to be doing what part of the process.
00:05:24 Now, of all the change methodologies, there are many that have become popular and have
been known,
00:05:31 but in the end they all have many common points. The need is to inform, to educate,
00:05:40 and to help to get over the slump of fear that change implies so we can create adoption.
00:05:50 We have the classic ADKAR acronym. We have Mr. Kotter,
00:05:59 iceberg or penguin fleeing climate change, which is very fashionable and very up to date.
00:06:07 The topic of change is essentially the same everywhere. There is no need to apply
incredible complex theories.
00:06:15 Sometimes having an acronym or a methodology helps coalescing the ideas behind.
00:06:26 But in fact, it is essentially good old common sense. In order to transition to the desired
future state,
00:06:34 we need to evaluate, understand, and communicate. Now, when I describe change
management
00:06:44 in the context of HR technology adoption, I realize that in fact,
00:06:51 it is a discipline universally needed and instinctively adopted.
00:06:57 Teachers explain in advance to the students how the study plan is going to work,
00:07:03 when they will need to apply themselves the most. Governments share visions and project
plans.
00:07:11 If we consider Mrs. Kübler-Ross' change curve, in fact, Mrs. Kubler-Ross is,
00:07:19 or was, a well-known psychologist, and her curve was designed to support overcoming of
grief.
00:07:28 But in fact, the framework is valid when coping with change as well.
00:07:34 Going from the initial shock or denial, "That doesn't make sense,
00:07:40 we're not going to change system again", to a moment of disenchantment, worry,
00:07:46 concern, reacting, experimenting, learning, and eventually adopting are the stages of
change in all situations.
00:07:56 It's the human factor that we are addressing here. So, we need to understand
00:08:01 that the true role of change management is to help all the employee population
00:08:07 to go through all these phases as quickly and as painlessly as possible
00:08:12 so they get from the denial to the integration and adoption final stage as fast as possible.
00:08:25 A simple summary is like a runner getting ready for a challenge,
00:08:31 a runner getting ready for a race. Ready. Set. Go.

18 / 24
00:08:37 The main difference is that, in the case of a race, the end is, well, the end and we all go
celebrate afterwards.
00:08:44 In the case of change management, well, at the end we still can go celebrate with a team,
00:08:51 that's a given, but the end is truly the beginning of the new processes
00:08:58 and the processes that will need to be supported in the long term. So we need to repeat
some of the steps in a regular manner
00:09:06 to make sure that the change will stick in the organization, that it is sustainable in the long
term.
00:09:14 If we look at the "getting ready" phase, we need to identify who are the actors
00:09:18 and assess the reach, the extent of the chain that is being planned.
00:09:24 In the set phase, it's time to outline the plan as it will unfold, hopefully.
00:09:30 And finally, it's the time of execution and sustain. Let's see each of these steps more in
depth.
00:09:40 So, the first step is really to look around yourself and identify the actors of the play that
you're writing.
00:09:47 First, all the various stakeholders. They are usually project team members
00:09:53 but you often have also external stakeholders, such as other functions that may have
competing projects,
00:10:06 or external stakeholders, such as in cases, for instance, of public sector projects
00:10:14 or controlled industries, there may even be elected officials.
00:10:23 Second, understanding the various types of users that will access the system.
00:10:28 In the old times, an HR system was essentially in the hands of HR.
00:10:35 User groups were simple to spot - HR, executives, HR executives.
00:10:42 Today the HR system is in the hands of every single worker within the organization,
00:10:47 internal employees or contingent workers. There is data collected, information exchanged,
00:10:53 processes to be run, and trust that needs to be established. To do all this, the project must
address the concerns
00:11:01 and make sure everybody understands, well, the concerns, such as, will that generate more
work?
00:11:09 Will that be compensated? What is in it for me?
00:11:13 Will I still get the service I need? And then explain, share, update, and train.
00:11:18 And second, make sure we study what kind of readiness to change the organization has
00:11:28 and what will be the impact of change, of the processes that are being planned to change.
00:11:34 Let's look at some examples of those three key items. This is the typical stakeholder map -
internal stakeholders,
00:11:46 maybe top management, project sponsors. External stakeholders are also important
00:11:52 to remember and to consider. They can be vendors, for instance.
00:11:56 In this situation, we have red and green dots. Why? Because let's say in the example,
00:12:02 Jack is the current system owner, is the HR system lead.
00:12:15 He has been instrumental in the creation of the old system. He has been generating
00:12:20 and planning much of the existing system. He's defensive. He wants to keep things as they
are.
00:12:27 He's very fond of the status quo. He's afraid of change.
00:12:31 We need to either win him over and convince him or to mitigate his negative influence.
00:12:37 On the other hand, we have Jane. Jane is the new HR lead.
00:12:41 She is very fond of creating new systems that will create a better engagement with the
employees,
00:12:48 that will create collaboration, that will support her new ideas.

19 / 24
00:12:53 Well, they're both players in the system but we need to understand how each of the two will
function
00:12:58 so we can communicate according to the need and make sure we actually support Jane
00:13:04 in her positive communication and mitigate Jack. When we actually look at change
readiness,
00:13:13 we're looking at how the organization is ready to change. In fact, we need to actually run a
few surveys,
00:13:25 interview some of the key players to understand how they see and understand the company
readiness
00:13:33 and the company openness to different activities. Most of the time,
00:13:40 here the output of this is essentially to spot the areas of weakness
00:13:45 and to understand the extent and the changes that we need to support
00:13:52 for the future state. When we look at an example of such an effort,
00:14:02 here I'm representing the result of a survey. We have targeted a couple of different user
groups.
00:14:09 You could target more, less, depending on what makes sense. Here we have targeted users
and executives
00:14:16 to actually have an understanding of the general users, but we could actually have had as
well a separate category
00:14:24 and a separate group of users, such as HR. The questions have been as few as possible
00:14:31 to help us categorize and group results. And our goal was to spot where there were
differences
00:14:40 between the perception of users and executives, but also where there was a perceived
general weakness.
00:14:48 In this situation, we could see, for instance, that in the area of achievability,
00:14:56 in the area of leadership commitment and in the area of training, there is a very low score.
00:15:04 So these are obviously the areas that we need to support with change management
priorities in this example.
00:15:13 Then we need to combine this result with the concept of change impact.
00:15:19 What are the processes that are truly changing in the current project?
00:15:25 And how is this going to be perceived? What amount of change is going to happen
00:15:31 for each category of users? Here, the difference is, rather than through a survey,
00:15:38 we may actually want to discuss internally and evaluate how much each process is going to
change.
00:15:45 Because oftentimes the project team has a better idea of the depth of change
00:15:51 that is being introduced. In the end, that comes up to a definition
00:15:57 that is similar to something like this. The colors may not be fantastic here,
00:16:01 you may have something much more aesthetic, but that's what you are trying to capture.
00:16:06 What are the processes of change? Here, it's a high-level list of processes and sub-
processes.
00:16:12 It could be consolidated, it could be more extensive and more detailed.
00:16:17 When we look at that, we see that of course and that comes to no surprise to anybody,
00:16:24 the fact that the system is changing the most for HR and the managers.
00:16:31 Employees are not impacted in all areas of change for the system,
00:16:38 but they're going to be exposed for the first time to some processes, such as hiring and
leave of absence,
00:16:44 you see the horizontal line of yellow, and they're going to be exposed for the first time
00:16:49 to employee self-service. That's where we need to intensify training

20 / 24
00:16:55 for the employees. When we talk about managers and HR,
00:17:00 we probably need to make sure that the training and the contextual training for both HR and
managers
00:17:08 are consistent and communicate correctly. And we may want to consider if there are other
areas
00:17:15 on specific processes that we need to support more. So the segmentation,
00:17:22 and here in this picture, in fact you are looking at the fact that,
00:17:28 the pre-work for this is, identify the process that we want to focus on
00:17:33 during the project. Identify,
00:17:35 and here we're using the first part of the discussion, what population segments
00:17:41 we want to consider in change management. And each group and each area will be
assigned
00:17:48 different points that will be then summed up to facilitate consideration.
00:17:57 Second, well, at this point we should be on a roll. We have the input, hopefully we have a
budget,
00:18:04 we know where we want to get. Now, what is left is to formalize
00:18:10 and make sure to assign ownership at each step. Based on the input that is gathered in the
previous step,
00:18:17 we know how large the effort will be based on how many high-impact areas
00:18:22 appear in the impact assessment, how many population segments we need to address
separately,
00:18:28 how much difference there is between all of these because that will impact how many
training materials
00:18:35 and communication materials we need to create. And then we can start evaluating cost and
ownership.
00:18:42 As you draft a plan, we need an owner for each step. That doesn't imply that we need a new
position
00:18:49 in the project plan, but rather that we need to assign a face of change
00:18:53 that will be a single point of contact for anybody needing more information,
00:18:59 having questions, wanting to provide feedback. Identify who will craft the message
00:19:04 and who will deliver the details. At the plan level
00:19:12 we are overlapping the project plan with the messaging and the communication plan
00:19:20 to have a detailed, time-bound approach. We need to make sure that we have
00:19:29 evaluated the channels we want to leverage for each different group of users.
00:19:36 By channel, I mean are we going to send an email to everybody?
00:19:39 Are we going to create videos to make it faster and easier? Can we send SMS?
00:19:45 Do we want to use Slack to communicate to some project teams?
00:19:52 Do we want to create flyers that will be distributed in lunch areas?
00:19:58 Every industry, every situation may need to consider slightly different approaches
00:20:04 and slightly different channels. In most cases, we want to consider
00:20:08 more than one type of communication for each type of user, including formal and informal
communication,
00:20:15 ensuring feedback loops are created because that will empower people to tell us
00:20:20 what works for them and what not and allow us to create corrections.
00:20:27 This is an example of a plan. As you see, and when I say, it's not rocket science,
00:20:34 it is not rocket science. It just implies saying, who is creating the message?
00:20:42 Who is going to deliver it? What kind of message?

21 / 24
00:20:46 Who is the recipient? And what kind of timeframe does it need to be communicated in?
00:20:54 Usually at that point, you get down to dates and you make sure that there is a person that
sends
00:20:58 the weekly communication and the monthly communication when needed.
00:21:03 You make sure that there is a specific day to start, once you have the project plan
00:21:08 and you know when the user acceptance test plan is going to happen.
00:21:16 You actually deliver the planning and deliver the communication,
00:21:20 and send meeting requests so people have saved the time for that, and so on.
00:21:25 It's all in an Excel sheet and you don't need anymore complex
00:21:30 communication tools for this. Then at this point, you execute.
00:21:37 Execute means involving leadership so the communication cascades down as well as
possible
00:21:43 and as efficiently as possible. That there is an organizational development plan and strategy

00:21:51 that will be able to communicate the next steps. That a communication plan is ready,
enacted,
00:22:01 and includes just-in-time communication. You don't want to communicate eight months
before
00:22:07 or two years before something that will happen later on. People will change roles, people
will forget.
00:22:12 You need something that is in time. And never forgetting that
00:22:17 we are talking about HR technology and HR processes. HR is at the center of attention.
00:22:24 We need to, on one side, communicate to HR as clearly as possible
00:22:30 so they are actually aware of what's coming up and so we win them over
00:22:35 as champions of change for the rest of the organization. Phase five is really about
sustaining
00:22:46 and keeping going in the long term with this plan. We're talking about long-term adoption.
00:22:54 And that's essentially about the repetition of training. We need to remember that in most
organizations
00:23:02 people change roles, move on. We need to make sure that A,
00:23:06 there is a package of information that will be passed to the next part of the project teams
00:23:14 and the next people responsible within the organization. We need to identify when an
employee changes role,
00:23:22 what kind of information he or she will need to get. If someone moves from being an
employee to a manager,
00:23:28 what type of information we will need to repeat and make available to this person
00:23:34 so they're available and they're aware of the change of their role within the HR processes.
00:23:43 Information packages can be adopted, can be prepared, and can be repeated as needed.
00:23:51 Let's remember also, that training needs usually in SAP SuccessFactors systems are
relatively limited
00:24:00 and are essentially contextual information that allows activities to be carried out without
blockage.
00:24:10 Measuring success is the last part. Not to be forgotten.
00:24:16 The early surveys of adoption that we have run in phase one to understand the impact of
change
00:24:24 and to understand the company readiness can be rerun in a similar way to measure
00:24:31 the maturation of the organization and the cultural aspects. Measuring the employee
experience

22 / 24
00:24:38 and the adoption of the employee experience. The effort of change management in this
extent
00:24:46 is that it makes sense. The complexity of this approach is
00:24:52 the internal ownership that must be taken. So, it is about building trust within your own
organization.
00:25:00 I hope I have convinced you that change management is an easy
00:25:05 and useful part of any HR project. I hope this content has been useful for you
00:25:12 and it has given you ideas of how to approach it within your organization.
00:25:17 Now, I wish you all luck for your exam. And till next time,
00:25:24 bye.

23 / 24
© 2023 SAP SE or an SAP affiliate company. All rights reserved.
See Legal Notice on www.sap.com/legal-notice for use terms,
disclaimers, disclosures, or restrictions related to SAP Materials
for general audiences.