Company split-up: securing the Information System under high tension
December 2020 by Bertrand Augé, CEO of Kleverware
Whether to refocus on its core business following a period of crisis or to meet the requirements of new regulations aimed at deregulating markets, the reasons for splitting a company are multiplying and accelerating. The energy (EDF/GDF), transport (SNCF Mobilités / SNCF Réseau), finance (CityGroup) or industry (Pepsi-Cola or Beghin-Say) sectors may all be concerned by these operations aimed at separating entities that previously formed a more or less homogenous whole. In contrast to a sale or merger, which raises the issue of the "superposition" of two ecosystems and of life-saving rationalization, a demerger revolves around the question: on what basis and on what foundations will each of the companies resulting from the demerger be able to rely? A clear separation must take place for strategic but also legal reasons, in which each of the entities thus created must be able to perpetuate its new activity and have sufficient means to do so.
Demerger operations are most often carried out under a Transitional Service Agreement (TSA), which allows each company to continue to operate its business while the demerger operation is being put in place. As the TSA has a predefined duration (generally 12 to 18 months), the spin-off operations are carried out as part of a race against time which obviously puts all the players under pressure and strikes all decisions with the seal of urgency.
However, one aspect should not be overlooked, that of the separation of IT assets, with two main issues at stake.
Firstly, for all the systems inherent to the activities of each of the new entities, it is imperative that they are properly "transferred" to the company that needs them for the smooth running of its business. Accompanying the right data, the right settings...
Then, for all mutualized systems, it is necessary to agree which of the legal entities resulting from the demerger will keep this or that system and which one will have to acquire a new system to replace it. With the implementation of this new system, the data will have to follow as part of a migration project that will have had to be prepared in detail to distinguish the data owned by each entity. This is known as data "detouring". It is also possible that the company that keeps a system that will be dedicated to the other company as part of an agreement, but whose data will have to be clearly partitioned.
This naturally raises the question of who has access to the different applications and/or systems and therefore to the data hosted in the new Information System. Who had access to what before the split? Who should continue to have access to which application, and especially who should no longer have access to this or that data?
It would not be a question, in a project that aims to split entities, that certain employees still have access to potentially confidential information that would have been transferred, in contravention of the agreement in place.
As mentioned above, demergers are very often projects with a tight deadline. This can lead to a lack of control. However, the ability to have an exhaustive map, to be able to manage the transfer and reallocation of these accesses and to control, once the demerger project has begun, that the actual accesses correspond to what had been defined is crucial to its success.