Marlène Fortin
Manager | Business Transformation

How do you plan for your business’s future in this unique environment? First and foremost, you need to undertake a strategic diagnosis to help you take stock, solidify your foundations and get pointed in the right direction.

The pandemic has shaken organizations. Entrepreneurs have had to be very flexible and creative in order to continue their activities.

While we can expect a return to normalcy in the coming months, a new reality is taking shape that requires adaptation. The first step to better respond to the changing market and sustain and even grow your business is to know where you stand.

Strategic Planning for a Well-Prepared Garden

Consider the example of a well-prepared garden, with enriched soil and appropriate plants—the crop will be all the more plentiful. Similarly, a richer and carefully crafted diagnosis will more clearly define the right course of action and show the next steps a business should take.

An objective and truly honest 360-degree diagnosis is designed to help you analyze your business’s various organizational functions and identify opportunities and threats that are specific to its field of activity. It synthesizes and interconnects strengths and weaknesses (internal environment) as well as opportunities and threats (external environment).

Here is a brief summary of some of the numerous tools and techniques that can be used to complete the diagnosis.

Set up a work plan

To maintain the focus on the main goal and avoid becoming overwhelmed by too much information, it is essential to set up a work plan that sets out the most important questions you may be asking:

  • What is your market share?
  • What markets are growing?
  • What products are the most in demand?
  • What are the latest consumption trends?
  • Who are the most innovative players on the market?
  • How does the market perceive my business?

The next step is to identify what sources of information are available. In some cases, these numerous sources require some resourcefulness. For instance, you may have to search for specific conference papers, or the particular findings of a specialized study on horticultural science. Other sources require a more complex analysis, like the reports published by Statistics Canada; Innovation, Science and Economic Development; or workforce sectorial committees.

However, these data can be highly beneficial to help you get clear insight into your organization and the issues it faces.

Secondary data

Secondary data are external, public or private, available data (whether free or not). They can consist of information gleaned from published studies or research, official statistics, scientific articles, reports, in short, existing literature.

These data are useful for various aspects of the diagnosis, to get a better idea, for example, of:

  • business trends in a specific sector,
  • growth expectations,
  • consumer spending,
  • competition factors.

Benchmarking is another tool that helps companies to compare their own situation to that of their main competitors in terms of criteria, such as:

  • the range of products and services,
  • rates,
  • distribution methods,
  • marketing.

If questions remain after consulting secondary data, you could consider collecting your own primary data.

Raymond Chabot Grant Thornton - image

Primary data

Primary data pertaining to your clients, suppliers, competitors and partners can be directly collected using various techniques, such as interviews, surveys, focus groups, mystery customers, etc. How primary data are collected depends on your business objectives, the level of precision sought, as well as time constraints to collect the information.

Assessing all information collected on the company’s external environment will enable it to capture market opportunities and understand potential threats.

As an example, let’s take a look at how the Lafleur Greenhouses could collect primary data to answer specific questions on the competitive environment (download the example).

Internal diagnosis

When conducting a diagnosis, it is also important to take the internal pulse of the organization by collecting useful information on its main strengths and weaknesses. To objectively assess the current situation, it is essential to have a global vision of the points of view of the employees and not just management.

This part of the investigation can be conducted as interviews or focus groups, but it is paramount to select the right method and ensure that participants can freely speak their mind in a constructive atmosphere to propel the organization forward. Here are a few examples of questions to ask in this context:

  • What are the company’s main strengths?
  • Which ones can be further developed to increase leverage?
  • What are the company’s main weaknesses?
  • What could potentially impede its growth?
  • Are all company products and services relevant?
  • Are you successful at fulfilling your mission?
  • What could you improve?
  • What do you know about your clients’ needs, satisfaction and expectations?
  • What should you improve?

A neutral and objective external party could be useful in facilitating the exchange of ideas and information during this process.

Consulting other stakeholders could enhance your internal profile of the company. This could include suppliers, financial or strategic business partners, your Board of Directors. They can provide different, impartial insight—as external players they may compare your situation to that of competitors they deal with.

The focus of an internal diagnosis is to address all your organization functions, including sales and marketing, finances, operations, human resources, etc. Thus, it’s important to ask questions to address all aspects, in order to draw the most exhaustive profile possible of the company.

Preparing the global diagnosis

Many tools are available to analyze the information collected, and guide you through an in-depth analysis of interrelations between your findings. The most famous is the SWOT method, which provides a global, internal and external, profile of the organization.

For strategic planning purposes, it is important to understand what strengths to leverage, what weaknesses to work on, what opportunities to capture and what threats to consider and to define a strategy that reflects all of these factors. It is also important to connect each aspect by answering certain questions, which can provide very important insight:

  • What strategies are based on your strengths to leverage opportunities?
  • What strategies help offset your weaknesses and leverage opportunities?
  • What strategies enhance your strengths to address threats?
  • What strategies minimize your weaknesses to avoid threats?

Lastly, the diagnosis helps outline your true ability to implement your growth vision . Organizations may sometimes have high ambitions, but a careful analysis can reveal specific obstacles to overcome before they can reach their objectives. This is the purpose of the diagnosis.

01 Mar 2021  |  Written by :

Marlène Fortin is an expert in Business Transformation Consulting at Raymond Chabot Grant Thornton....

See the profile

Next article

The Grant Thornton International IFRS team has published the 2021 edition of Navigating the changes to International Financial Reporting Standards: A briefing for preparers of IFRS financial statements.

The publication is designed to give preparers a high-level awareness of recent changes that will affect companies’ future financial reporting.

This publication covers both new standards and interpretations that have been issued and amendments made to existing ones, giving brief descriptions of each.

Next article

Guillaume Caron
Chief Executive Officer VARS - Cybersecurity | Digital and technology consulting

What role does the Chief Information Security Officer (CISO) play in an organization?

A business falls victim to a cyber attack approximately every 14 seconds. Depending on the type of cyber attack and the size of the business, the costs can be up to well into six or seven figures. Nearly 60% of small businesses that were victims of cyber attacks end up shutting their business down permanently within 6 months.

These statistics exhibit the extent to which a successful cyber attack can have on a business financially, but there are also many other layered consequences. This can include loss of customers, damage to the business’ brand reputation and breaching of compliance and regulatory requirements.

According to VMware, 99% of Canadian companies have reported an increase in cyber attacks over the past 12 months. This shows now more then ever the importance to develop a well executed cybersecurity plan for your organisation. A Chief Information Security Officer (CISO) is there to do that.

What is the role of a CISO?

A CISO is an executive responsible for a company’s security strategy and ensuring the data assets are protected. The position requires the individual to be well versed with security risks, compliance management and internal security policies. Some of the main roles that a CISO fulfills include:

Security strategy

The CISO is a leader when it comes to security strategy for a company. Depending on the size of a company, the CISO may share this responsibility with other senior IT or tech executives within the company. The CISO is responsible for dealing with immediate security concerns and planning proactively to prevent future security issues from occurring.

The security strategy should be tailored towards the needs of a company. For example, if a business is in hyper-growth mode, the security strategy should accommodate all the vulnerabilities that can arise from scaling quickly and hiring many team members.

Manage security operations

In addition to security strategy, the CISO oversees day to day security operations within a company. The CISO should be actively finding and addressing any security vulnerabilities within a company. The CISO takes initiative on how to deal with immediate vulnerabilities by doing real-time analysis of threats and following a plan of action to mitigate risks.
The security operations on a day to day basis may include setting security policies, hiring the right security team member, meeting with senior executives to discuss strategy, analyzing security infrastructure, making sure programs are running correctly and more. With the help of the security team, the CISO can delegate and ensure that all the security needs of the company are being met.

Security architecture

The CISO is in charge of ensuring the organization is running on the best infrastructure for both security and performance. A lot of vulnerabilities that organizations have can be countered with buying up to date hardware and software. It takes the expertise of a CISO to select the best possible solutions for the organization while mitigating any potential security risks that can arise.

The CISO also designs the security infrastructure by ensuring that all network and IT infrastructure is built with the thought of security in mind. This makes sure that all aspects of the architecture of the organization are secure while performing at the highest level possible.

Incidence response

The CISO is at the forefront of any security incident that occurs within a company. Prior to an incident occurring, the CISO has made a plan of action for several possible scenarios. After an incident is reported to management, the CISO takes leadership and instructs relevant employees on what they need to do.

After the incident has been responded to adequately, the CISO will ensure all that relevant action that needs to be taken afterwards like filling out paperwork, meeting with clients, etc. is done. The CISO is likely the best equipped person within the organization that can handle a security incident from beginning to end.


The CISO is also one of the leaders within the company when it comes to meeting compliance and regulatory requirements. Depending on the location and industry a company operates in, there might be a variety of complex compliance requirements needed to operate a company.

For example, a healthcare company in Quebec would have to adhere to both the Personal Information Protection and Electronic Documents Act (PIPEDA) and all of the of the regional data laws. Since the CISO is in charge of several aspects that deal with compliance, they are generally well-versed in these topics and can help meet with compliance demands from regulatory agencies. CISOs can help meet with compliance officers and ensure the company completes all regulatory assessments that are required by local and federal governments.

Where can you find a CISO?

Hiring a full-time CISO may not always be feasible for most companies looking to adhere to general compliance and security requirements to keep their business open. A full-time CISO will likely cost a business well over six figures annually, but there’s an alternative solution: the VARS CISO Office.

The VARS CISO Office gives your organization the power to leverage the expertise of reputable and industry-leading Chief Information Security Officers without having to search for a one or pay for a full-time resource.

To learn more about the VARS virtual CISO office and how you can increase your business’ security, talk to our experts.

22 Feb 2021  |  Written by :

Guillaume Caron is a cybersecurity expert at Raymond Chabot Grant Thornton. Contact him today!

See the profile

Next article

Katy Langlais
Manager | CRHA, MBA | Human resources consulting

The pandemic has forced organizations to look at their everyday operations from a new angle. But despite the difficulties, the crisis also presents some opportunities for the future.

We’ve all had to adapt to the new reality. Business have had no choice but to review their work methods and their range of products and services. Organizations have been forced to modify their activities, sometimes radically, operate within strict health rules or adopt new technologies.

Of course, the environment remains challenging for everyone. We encourage you to be attentive to this crucial issue for organizations: don’t neglect your own health or the health of your employees.

However, there’s another side to the coin. A major disruption like the current pandemic can give entrepreneurs the creativity boost they need to face the major obstacles in their way. As they adapt, businesses introduce innovative solutions, some of which just might be the answer to emerging market trends.

Sometimes, innovation can be hindered by the inability to turn a creative idea into a brand, a service or a product. The pandemic presents an opportunity to break through this hurdle and increase innovative capacity.

Can uncertainty be an accelerator of change and a source of innovation?

Historically, many iconic companies were created during periods of crisis. For example, Disney, CNN, Burger King, FedEx, General Electric, Microsoft, Apple, Gillette, 20th Century Fox, IBM, Hershey’s and Adobe were all founded during a recession. These success stories lead us to ask an important question: how can organizations benefit in such stormy situations?

The pressure that organizations face during a crisis leads to a sense of urgency that spurs senior management into action, whether it’s to grow the business or simply stay afloat. The need for change becomes obvious and the motivation to make change happen rises spontaneously. To keep the business going, innovation becomes a must.

What are the benefits of a corporate culture focused on innovation?

Businesses have a lot to gain from developing a culture of innovation, especially in the post-COVID era.

The first advantage is a better mobilized workforce. Layoffs, cuts to work hours and remote work have all taken a toll on employees. Involving the workforce in the company’s innovation approach sends out a clear message: employees are an integral part of the organization’s development initiatives. It also promotes social connectedness in the workforce and empowers employees to act confidently and independently. All these factors positively influence sense of belonging, motivation and performance at work.

The second advantage of developing a culture of innovation is the ability to meet the needs of the post-crisis era. Businesses that foster a culture of innovation tend to be more agile and therefore better able to deal with unexpected situations. No one can predict what the exact consequences of the crisis will be on society and individuals. However, it’s safe to assume that people’s needs and behaviours will change. Therefore, organizations need creative minds that will be able to rise up to the new challenges and adapt to new changes.

How to foster pro-innovation practices and a culture of innovation?

Stimulate innovation

For businesses that have always relied exclusively on continuous improvement practices, stimulating innovation on a daily basis begins with changing the organizational culture. This shift does not happen overnight. It’s a long-term process guided by the organization’s core values and culture. Leaders play a key role in introducing and developing a culture of innovation at their organization.

Make innovation part of the message

The statements and decisions made by senior management should embody the values of teamwork and openness. Besides the role of management, successfully fostering a culture of innovation involves two other key actions:

  1. Involve employees
    Innovation requires the involvement of all the individuals involved in the daily running of the organization. Although rarely used to their full potential, employees are undoubtedly an organization’s greatest asset in terms of ideas and innovation. While employees will need some time to adapt to the new approach, and indirect costs are involved, it should be seen as an investment. Possible ways to involve employees in innovation initiatives include:

    • Brainstorming sessions;
    • Project committees (permanent or ad-hoc) with a specific objective;
    • Knowledge sharing sessions among employees, etc.
  2. Welcome failure as a step toward success
    As human beings, we’re instinctively driven to glorify success and condemn failure. However, failure is often what leads us to eventually achieve success. With that insight, all individuals working at the organization must learn to welcome failure as an opportunity to improve, and it’s important for them to know that their managers support them using this approach. It can be very useful to give employees training on the processes and mindset of a culture of innovation. While it’s often easier to picture the final outcome, paying more attention to the process involved in getting there will facilitate the transition.

Adopt a culture of innovation across all policies and processes

You can’t promote innovation if you don’t adapt your organizational practices accordingly. In other words, in order to see results, staff management policies on pay, performance reviews, recognition, training, talent management and succession planning must all be aligned with the culture of innovation.

Strategic planning (the business model) and operational and administrative procedures also need to be adapted to reflect this cultural shift. In particular, integrating new technology can be an effective way to create innovation while improving organizational efficiency.

Propel your business forward with technology

Many innovations, especially those related to operational and administrative procedures, involve the development or integration of new technologies. Therefore, organizations should view innovation from an “Industry 4.0” angle as a means to improve the value proposition of their business model and boost their organizational efficiency.

Some technologies that facilitate communication between people can also indirectly spur innovation. For example, applications for collaborating and sharing ideas are now easily accessible on smartphones and tablets. That means people no longer need to physically be in the same room as their co-workers to participate in brainstorming sessions. The crisis can also become a source of creativity for employees, who are able to let their ideas flow and come up with new concepts for products and services. Remote communication tools can help harness this knowledge.

Now that you have some tips on how to start thinking of new ways to protect the continuity of your operations, take a step back and look at your business as a whole. What is your current business model? What skills do your current employees bring to the organization? And what might tomorrow look like if you let your creativity flow and rebuilt your business model today?

This article was written in collaboration with Éloïse Labrecque, a management advisor with Raymond Chabot Grant Thornton.

17 Feb 2021  |  Written by :

Katy Langlais is a recruiting and human resources consulting at Raymond Chabot Grant Thornton.

See the profile