A practical approach to enterprise IT security

As the Internet has matured, so have the threats to its safe use, and so must the security measures that enable its business use. Traditional piecemeal, single-layer, single-dimensional security approaches are no longer adequate. These approaches can create a false sense of security and create as many problems as they attempt to address. We propose a multifaceted framework to prevent, detect, and respond to ever more sophisticated threats to enterprise IT information and assets. We outline a practical implementation approach to building enterprise IT security mechanisms in an incremental and continuous fashion. We believe that enterprises should adopt a similar multifaceted framework, following a practical but disciplined implementation approach. Enterprises must treat IT security as a required business enabler rather than just a costly item with low priority     

Post-merger IT integration strategies: An IT alignment perspective

When a company decides to merge with or to acquire another company, a major question is to what extent to integrate the information technologies and the organization. Interpreting merger objectives to proper IT integration strategies is a complex and time-consuming process, due to a lack of explicit understanding of the problems involved. The current literature in this field is meager and has not yet resulted in a theory. For this purpose, we developed a variant of the IT alignment model. In this model, we identify three ambition levels of mergers and IT integration from the literature. Additionally, we describe four integration methods that fit with these ambitions. The relations between these objectives and methods are moderated by contextual factors. Three hospital cases, with different merger and IT integration ambitions, describe the practice of this model. The case studies also add several new variables and relations to it. This result facilitates further research in post-merger IT integration by delivering an empirical research model.     

The assessment of IT capability

Abstract  The 1988 Educational Reform Act established in England and Wales a National Curriculum which sets out in statute assessment objectives and teaching programmes for a range of subjects. IT plays an important part in this Curriculum, and is intended to permeate it in a natural way. Since IT has its own objectives-relating to what is termed IT capability-this raises particular problems of cross-curricular, context-led assessment, which this paper explores. In doing so, the paper sets up a model of pupil progression for IT capability development, which provides a theoretical basis to the practical problems of assessment.     

Using wikis in team collaboration: A media capability perspective

Wikis are widely acknowledged to be capable of promoting team collaboration. However, previous studies have not examined how the characteristics of the wiki media influence team members’ perceived collaboration effectiveness in the educational context. Drawing on media synchronicity theory, we examine five wiki capabilities and whether these capabilities are perceived to be effective in facilitating collaboration. Results based on data from 83 undergraduate students in 15 teams show that reprocessability, no other wiki capabilities, plays a dominant role in securing a more favorable evaluation of collaboration effectiveness by students. The findings and their implications on theory and practice are discussed.     

IT outsourcing and firm-level performance: A transaction cost perspective

We analyzed the effect of the level of low asset specificity IT outsourcing on firm-level financial performance. We used transaction cost economics (TCE) as the theoretical basis to explain the effect of the level of network and telecommunication services outsourced on financial performance. An analysis of 1444 Integrated Healthcare Delivery Systems revealed that higher levels of network and telecommunication services outsourced were associated with superior financial performance. Specifically, each additional network and telecommunication service outsourced resulted in an average $3,120,000 in savings, a 25% increase in profit. In addition, increases in IT budgetary expenditures were found to be associated with increased financial performance. Our study provided preliminary support for the use of asset specificity to guide outsourcing decisions. In particular, IT activities that have become commodities (having ‘low specificity’) should be outsourced to improve the firm's financial performance.     

IT capabilities and firm performance: A contingency analysis of the role of industry and IT capability type

Previous empirical studies examining the relationship between IT capability and accounting-based measures of firm performance reported mixed results. We argued that prior work has relied on aggregate overall measures of the firm's IT capability, ignoring the specific type and nature of IT capability; and also has not fully considered important environmental conditions that influence the relationship. Drawing on a resource-based view, we advanced a contingency perspective and proposed that IT capabilities’ impact on firm resources was contingent on the “fit” between the type of IT capability/resource a firm possesses and the demands of the industry in which it competes. Specifically, using publicly available rankings as proxies for two types of IT capabilities (internally and externally focused), we empirically examined the degree to which three industry characteristics (dynamism, munificence, and complexity) influenced the impact of each type of IT capability on measures of financial performance. After controlling for prior performance, we found there was general support for the posited contingency model. The implications of these findings are also discussed.     

中国化工企业信息化路线图

企业信息化在方向上应回归企业资源(人、财、物、客户关系、供应商关系及信息)的优化,以达到提高营业收入,降低成本,从而取得利润的最大化。在操作上应注重行业特性,理解企业流程和终端用户水平与心理,找出符合实际情况的实施方案。在产品技术的选择上要讲实用性与技术方向的正确性。因此,本文将着重探讨有关大型实时企业信息化软件技术。     

Understanding the IT/business partnership: A business process perspective

From a business process perspective, the business value of information technologies (IT) stems from how they improve or enable business processes. At the same time, in the field of strategic IT/business alignment, the locus of discussion has been how IT/business partnerships enhance the value of IT. Despite this apparent relationship, the business process perspective has been absent from the IT/business alignment discussion. In this paper, we use the case of an industrial company to develop a model for understanding IT/business partnerships in business process terms. Based on our findings, we define these partnerships by allocating responsibilities between central IT and the local business during two stages of a process lifecycle: formation and standardization. The significance of the findings lies in how the model’s configuration leads to different types of IT units’ process centricity. This in turn affects the ability of the company as a whole to transform its operations with IT.     

Exploring the future of enterprise architecture: A Zachman perspective

Today, and for the foreseeable future, organizations will face ever-increasing levels of complexity and uncertainty. Many believe that enterprise architecture (EA) will help organizations address such difficult terrain by guiding the design of adaptive and resilient enterprises and their information systems. This paper presents the “Grand Challenges” that we believe will challenge organizations in the future and need to be addressed by enterprise architecture. As a first step in using enterprise architecture as a solution for overcoming identified challenges, the Zachman Enterprise Architecture Framework is used to guide and structure the discussion. The paper presents the “Grand Challenges” and discusses promising theories and models for addressing them. In addition, current advances in the field of enterprise architecture that have begun to address the challenges will be presented. In conclusion, final thoughts on the future of enterprise architecture as a research field and a profession are offered.     

IT infrastructure capabilities and IT project success: a development team perspective

In this research we investigate how IT infrastructure capabilities are related to IT project success from a development team perspective. We first conduct an extensive literature review and summarize the insights to suggest an IT infrastructure base model. Drawing upon several other bodies of literature, particularly the psychology literature, we then build upon the base model to propose an integrative research model for IT project success that considers both actual and perceived effects of IT infrastructure capabilities. This research model argues that (1) teamwork quality mediates the effect of technical and human IT infrastructure capabilities on IT project success, and (2) team perceptions of both IT infrastructure and team capabilities shape team perceived likelihood of project success, which subsequently affects team commitment that is crucial to IT project success. We also propose a direct-effect model that directly links all constructs to IT project success so that we can test the efficacy of our proposed research model by comparing all three models. We then collect empirical data (n = 91) through an online survey of CIO/CTOs and team leaders. All three models are evaluated and compared using the partial least squares method. The results show strong support for the proposed research model except for two IT infrastructure components. We discuss the practical and theoretical implications of the findings, and suggest several ways this research can be extended.     

Effective information technology (IT) governance mechanisms: An IT outsourcing perspective

Effective IT governance will ensure alignment between IT and business goals. Organizations with ineffective IT governance will suffer due to poor performance of IT resources such as inaccurate information quality, inefficient operating costs, runaway IT project and even the demise of its IT department. This study seeks to examine empirically the individual IT governance mechanisms that influence the overall effectiveness of IT governance. Furthermore, this study examines the relationship of effective IT governance, the extent of IT outsourcing decisions within the organizations, and the level of IT Intensity in the organizations. We used structural equation modeling analysis to examine 110 responses from members of ISACA (Information Systems and Audit Control Association) Australia in which their organizations have outsourced their IT functions. Results suggest significant positive relationships between the overall level of effective IT governance and the following mechanisms: the involvement of senior management in IT, the existence of ethic or culture of compliance in IT, and corporate communication systems.     

An IT management assessment framework: evaluating enterprise architecture scenarios

Enterprise architecture, EA, is an established approach for the model-based and holistic management of IT. The scope of EA is however wide and the predominant EA frameworks suggest the creation of broad and detailed models. IT management cannot control all areas spanned by the present frameworks for EA models. In order to ensure well-informed decisions, IT management has a series of questions that need to be answered. This paper proposes an assessment framework that can be used to identify relevant questions for assessments of EA and EA scenarios, within the areas of EA that IT management can control. Three top dimensions in the proposed framework are presented: IT organization, IT systems, and Business organization. The framework further includes sub dimensions for identifying questions. An application of the assessment framework, as it was applied to assess EA scenarios in a power company, is also described.     

Availability of enterprise IT systems: an expert-based Bayesian framework

Ensuring the availability of enterprise IT systems is a challenging task. The factors that can bring systems down are numerous, and their impact on various system architectures is difficult to predict. At the same time, maintaining high availability is crucial in many applications, ranging from control systems in the electric power grid, over electronic trading systems on the stock market to specialized command and control systems for military and civilian purposes. This paper describes a Bayesian decision support model, designed to help enterprise IT system decision-makers evaluate the consequences of their decisions by analyzing various scenarios. The model is based on expert elicitation from 50 experts on IT systems availability, obtained through an electronic survey. The Bayesian model uses a leaky Noisy-OR method to weigh together the expert opinions on 16 factors affecting systems availability. Using this model, the effect of changes to a system can be estimated beforehand, providing decision support for improvement of enterprise IT systems availability. The Bayesian model thus obtained is then integrated within a standard, reliability block diagram-style, mathematical model for assessing availability on the architecture level. In this model, the IT systems play the role of building blocks. The overall assessment framework thus addresses measures to ensure high availability both on the level of individual systems and on the level of the entire enterprise architecture. Examples are presented to illustrate how the framework can be used by practitioners aiming to ensure high availability.     

Strategic context and patterns of IT infrastructure capability

The importance of a firm's information technology (IT) infrastructure capability is increasingly recognised as critical to firm competitiveness. Infrastructure is particularly important for firms in industries going through dynamic change, for firms reengineering their business processes and for those with multiple business units or extensive international or geographically dispersed operations. However, the notion of IT infrastructure is still evolving and there has been little empirically based research on the patterns of IT infrastructure capability across firms.We develop the concept of IT infrastructure capability through identification of IT infrastructure services and measurement of reach and range in large, multi-business unit firms. Using empirical case research, we examine the patterns of IT infrastructure capability in 26 firms with diverse strategic contexts, including different industry bases, level of marketplace volatility, extent of business unit synergies and the nature of firm strategy formation processes. Data collection was based on a combination of quantitative and qualitative methods with multiple participants.More extensive IT infrastructure capability is defined as a combination of more IT infrastructure services and more reach and range. More extensive IT infrastructure capability was found in firms where: (i) products changed quickly; (ii) attempts were made to identify and capture synergies across business units; (iii) there was greater integration of information and IT needs as part of planning processes; and (iv) there was greater emphasis on tracking the implementation of long term strategy. These findings have implications for both business and technology managers particularly in regard to how firms link strategy and IT infrastructure formation processes.     

企业级IT项目管理中多项目计划编制的研究

有效进行多项目管理是金融IT行业在IT项目管理中面对的关键问题。企业级项目管理需要在资源有限的情况下完成和企业战略密切相关的各项目的平衡和调度。如何确定各项目的优先级以及在优先级确定的情况下如何编制各项目的计划进度是多项目管理的核心和关键前提。首先分析了金融IT的特点,然后结合传统的甘特图计划方法,提出了一种优先级确定情况下项目计划编制简便方法,使得企业在实施多项目管理时能够参照进行计划安排,使得项目群整体最优从而提高企业核心竞争力。