The excerpt from an IT consulting blog highlights the importance of companies developing policies and oversight for end‐user development of RPA processes. The interview is with Marcelo Blbajari, the RPA Service Practices director at IT Convergence.
Our main stakeholder, the IT director of the company, discovered that several business owners had executed automation projects without the IT department's involvement or approval, funding the activities with their own budgets and without even notifying IT about the initiatives.
This was done as a proactive activity from those business owners who could not afford to wait for the next yearly round of evaluation for candidate projects, which is the official process in the company to define and fund the projects that will be executed during the year.
Automated processes (usually referred to by the fancy name of “robots”) imitate the actions carried over by a human user to complete an activity, like entering an invoice into an application, or downloading files from different sources to consolidate a period closure report.
In order to be able to do that, robots hold passwords and system access credentials and have access to sensitive personal and company information.
The IT department has strict rules about how all types of security threats are handled and has some very specific processes that apply to system security, like password requirements, periodic regeneration, ...