Spirit Management Platform - SMPProject Introduction

2

PERNOD RICARD GROUP

5

Spirit/1 APPLICATION

Spirit/1 - Context

500+ Userslocated in 25+ Sites

Martell – UVPC (since 1992)Chivas Brother Ltd (since 1996)

Irish Distillers (since 2007)Yerevan Brandy Co (since 2010)

SPA (since 2016)

25 Years of development

4 000+ programs

Martell, Augier, Ararat, Montesquiou, Chivas, Glenlivet, Ballantines, Beefeater, Jameson,

Midleton, …

250 000+ transactions/Year1.2 Billion lt of alcohol

1 000+ warehouses150 000+ Batches of spirit

8 Million casks4,4 Billion € of Spirit stock

A team of 3 people for conception,

development, evolution, maintenance and support

8 Million casks4,7 Billion € of Spirit stock

SPIRIT & Wood Stock

Management

Wine, Spirit & Wood

Purchasing

DISTILLATION Formulas & BlendingProcess

‘Calage’ &

Bottling

Traceability

Customs & Excise

Suppliers’ engagement

(XRM)

Spirit/1 - Business Capability MapFrom PURCHASING TO BLENDING TO BOTTLING

CasksManagement

Finance (COGs tracking)

External Partnership

SPIRIT/1 REPOSITORY& Database

Reporting & DashboardsOracle OBI

SPIRIT/1 - ADMINContrats & PurchaseStock mangt – C&EsDistillationMaturation Formulas & Blending

MartellIrish DistillersChivas BLYerevan Brandy

SPIRIT/1 - XRMSuppliers visitPersonal informationCommunication Incentive

MMPJ

SPIRIT/1 - SCADAFilling,dumping & Blending areas SCADA systems mangt

Martell (iFix)

SPIRIT/1 - PDAsWarehouse mangtPhysical movementsPhysical inventory

Martell ChivasYBC

SPIRIT/1 – Expert SystemAutomatic Batch Selection for BlendingDeveloped in Operational research technology

Chivas

Since 1992

Since 1994

Since 2011

Since 2014

Since 1997

9

SMP PLATFORM AND PROJECT INITIATIVES

FY17/FY18 – Birth Of The SMP Project

11

Minimize the risk related to people and technologies

➢ Transfer current knowledge dependent on very few people to a more securedenvironment respecting the segregation of duties (by restructuring the team).

➢ Close the gap with technological debt (by modernizing the application and simplifyingthe architecture)

➢ Develop a modular platform ready for future implementations (by opening the platform to external partners and being able to develop new modules and functionalities)

And create a platform of differentiation which …

➢ Increase productivity with a better integration with other industrials systems (e.g. ICS, SCADA, C&Es systems…)

➢ Increase efficiency, traceability and minimize business risk (e.g. cask tracking …)

➢ Harmonize approach and tools on decision tools (e.g. Long term inventory modellingsystem)

SMP- Our Ambition

SMP: Platform perimeter

New ModulesCurrent Modules

Spirit/1 – ERP – Client-server✓ Purchasing✓ Stock management✓ Formulas & blending✓ Distillation✓ QSE, traceability, Bottling

Spirit/1 – ERP – Web & services✓ Purchasing✓ Stock management✓ Formulas & blending✓ Distillation✓ QSE, traceability, Bottling

Inventory Modelling System✓ IMS (CBL)✓ Essbase (Martell)

Inventory Modelling systemAngels’ shares, …✓ Machine learning / AI (All)

SCADA – ifix (Martell) SCADA – ifix (Martell)

Vatting Instructions (Operational research - Chivas)

Vatting Instructions + New optimization models

HAND HELD TERMINALS (Martell)

HAND HELD TERMINALS(Martell)

TRANSACTIONAL

INDUSTRIAL

MOBILITY

REPORTING/

DASHBOARD

OPERATIONAL

OPTIMIZATION

PREDICTIVE

MODELS

STATIC REPORTS & DOCUMENTS EMBEEDED DAHSBOARDS (Power BI)DOCUMENTS (SSRS)

SMP : Risk Analysis

High

Level of Impact

Low

Low Level of Probability High

1

2

Risk # Risk description Mitigation plan

#1 Capability to phase modules implemention. Build coexistance between old and new application through a single database (SqlServer or Oracle : still to be defined)#2 Capability to phase implementation by affililiates.

#3 Poor level of business requirements (due to lackof application knowledge and users’ involvment)

Strong Involvment of local IT (BRMs) and operationsteams is required

#4 Difficulties in processes / systems harmonizationbetween affiliates.

Involvment from Corporate Operations and finance required

#5 Capability to manage project and standard day-to-day activities

Freeze system enhancements for a periof of two yearstime (with the exception of legal requirements)

#6 Difficulties to integrate multiple technologies in a single and complex/multi-affiliates platform

Put in place DEVOPS organization

3

4

6

5

SMP : Required skills & resources

In continuation with what exists today and for the benefits of agility and efficiency, SMP is a platform where the team should be structured as a Center of excellence with a DevSecOps organization. Implementation of ‘segregation of duties’ within the team is key : this is done through the ‘assurance quality’ role.

Busines Requirements

Featuresdefinition

PlanChange

management

Business

Business expert , Application Platform design

Design Code Unit test Bug Fix Maintain

Dev

Continuous & Iterative development, sprint, agile, continuous deployment

Provision & configure

SecureOrchestrate& Monitor

Test & document

Deploy

SecOps

Platform build, Test & document, IT Automation, Monitoring

BusinessAgility

I.T.Agility

& Security

Local business requirements

Record & follow incidents

Escalate to Dev team

Maintain local knowledge

Support

Manage local requirements and end user application support

BusinessProximity

Cost benchmark

New HRIS project - Kick Off Preparation - Draft 16

SMP : high level project roadmap and scope

Fiscal year FY 2017 - 2018 FY 2018 – 2019 FY 2019 – 2020 FY 2020 – 2021 FY 2021- 2022

Calendar quarter

Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4

Architecturedef.

&Proof of Concept

Effort/budg. sizing

Spirit/1ERP

Spirit/1 SCADA

Spirit/1HHTs

Spirit/1 Vatting

Instructions

SMPIventory

Modelling

Definition

Proof of

Concept

Single WaveBuild

Deploy

Single WaveArchitecture analysis

Single Wave

DeployTechnology defintion

Deploy

Build ( APIs, Services)

Analyze &

Budget

Scope &

Application perimeter

Review.

Wave 1 (Martell)

Wave 2 : TBD

Wave 3 : TBDDeploy

Build (Front End / User interface)

Wave 4 : TBDDeploy

Deploy

Deploy

Build

( database model)

Build

Build

Connection Wifi / 4G ?

Single Wave

DeployTechnology defintion Build

Scope &

Application perimeter

Review.

Scope &

Application perimeter

Review.

17

MIGRATION

TECHNICAL PLATFORM (CLOUD)

Authentication & Technical data Database

Azure Traffic Manager(URL Translation Name)

BROWSER :HTTP REQUEST

Platforms

Azure Load BalancingSSO : ADFS / AZURE AD

Platform DEV

For eachPlatform:

1-n Web server

+

1-n App Server

+

1 Oracle DB server

(IAAS/BYOL)

http://PRG_SMP_DEV?envt=CHIVAS_TEST

http://prgazus1wsdev30:8080/dev1003/wrd/MAIN?envt=CHIVAS_TEST

Platform TEST Platform PROD

WS Server

AP SERVER

MS SQL DB Server

Oracle DB Server

WS Server

AP SERVER

Oracle DB Server

WS Server

AP SERVER

Oracle DB Server

+

1 SQL DB server (PAAS)

Microsoft Azure Pernod Ricard Group

Pernod Ricard Network

Load balancer

Azure R.G. Dev

App server App server App server

Azure R.G. Test Azure R.G. Prod

SMP – Infrastructure

Azure ADFS

RDP

Azu

re A

dm

in P

orta

l

HTTPS

HTTPS

Oracle DB server

A B C

A

Oracle DB server Oracle DB server

TCP

GUIAPI

Web server

GUIAPI

Web server

GUIAPI

Web server

B

TCP

MS SQL Server (PaaS)

SMP Admin DB

SMP Tracker DB

Dev / Admin Server

Uniface SMP Admin

Uniface SMP Tracker

2

3

1

4

5 5 5

SMP - Infrastructure• At the infrastructure level, the SMP platform is hosted within Pernod Ricard’s Microsoft Azure PRGDC-Cognac-

Prod-Dev subscription, which is physically hosted in both Dublin and Amsterdam and configured in High Availability.

• It is basically composed of 3 main Resources Group (RG) one per environment (DEV, TEST, PROD), each of which is composed of 3 VM at least each:

• 1 Tomcat Web server;

• 1 Web application server;

• 1 Oracle database server (one cluster per Brandco).

• Infrastructure management

• The IT Ops team is managing the infrastructure and access control to the infrastructure using Azure administration Web portal. There are only 3 administrators, MFA is strongly enforced. Backup and patch management of VMs and SQL database fully rely on Azure capabilities and policies.

• SQL and Oracle databases are logically managed by the project team.

• Network

• Microsoft Azure cluster is connected to Pernod-Ricard datacenter in a redundant way via IPSEC. This datacenter acts as the network distribution point (i.e. users at other locations access SMP via Cognac thanks to the MPLS network).

© 2019 Deloitte 20Security Diagnostic - SMP - CONFIDENTIAL

21

MIGRATION

CLIENT SERVER TO WEB APPLICATION

The Future : from C/S SPIRIT1 UNIFACE 9.6

To Web SMP UNIFACE 10.3

From Forms to Web Pages : Trying to minimize the change management

SMP - Application

Description

At application level, SMP is primarily composed of:

• “SMP portal”, a Web application used by ~500 Pernod Ricard users among each Brandco;

• “SMP Admin”, a uniface software developed to administrate its key components;

• “SMP Tracker” a uniface software developed to support development lifecycles;

• An API, exposed approximately 20 methods.

Operations

Administrators access the platform using a specific access, through Remote Desktop Protocol, to an administration server within Azure. From there, SMP environments are reachable. This server also hosts both “SMP Admin” and “SMP Tracker”.

© 2019 Deloitte 25Security Diagnostic - SMP - CONFIDENTIAL

SMP – Application development

© 2019 Deloitte 26Security Diagnostic - SMP - CONFIDENTIAL

Scenario DevelopmentAcceptance

testsProd

implementation

The developers team is composed of 6 Pernod Ricard employees and 5 Unifaces employees.

A DevSecOps process is in place. Five different roles exist: platform leader, project leader, platformarchitect, internal developers and finally assurance quality.

4 steps exist for DevSecOps processes: demand, supply, test document & secure and deploy.

Pernod Ricard’s SMP team has developed a tool (in Uniface) to assign development work, keep track, andput in production. This tool is used to keep track of the components and their modifications (code, etc.). Italso allows restoring to an older version.

Environments

The SMP platform is composed of 3 different environments: development, test and production.

Technologies used are:

• Uniface framework for the overall project;

• Java language, only for basics functions.

The Uniface framework has the advantage of including security mechanisms and requirements (e.g.templates, libraries and Snippets). Moreover, uniface supports its framework in case of changes orincident.

Process

SMP – Application development

© 2019 Deloitte 27Security Diagnostic - SMP - CONFIDENTIAL

Technologies

The Web application is now migrated by 60%. Thenumber of components has been drastically reducedwith a plan to finish with 1800 components (instead of4000 components in the 9.6 C/S application). It is nowconfirmed that more than 50% of the code has been re-used.

An optimization exercise has started in order toconsolidate various report, eliminate obsolete ones, andmove as much as possible report functionalities toMicrosoft PowerBI.

To complete the migration, We just started to workwith Uniface from the migration of our mobileapplication (industrial hand held terminals), currentlyrunning on Windows mobile.

• Android devices (Honeywell CT60)

• Uniface framework for the overall project;

• Buildozer for encapsulating Uniface web applicationand the various plugins (barcode scanner, DMABluetooth connection, …)

Spirit/1 vs SMP technical components