基于战略对应的IT项目组合选择模型

把信息技术项目当作组合来管理可以通过平衡风险和收益来促进企业目标和IT应用的结合,但由于决策信息的不确定性和IT项目目标与企业战略的难以对应,企业面临IT项目组合选择的挑战。构建基于战略对应的IT项目组合选择模型,其中模糊集和模糊层次分析法用来刻画不确定信息和评估IT项目风险、成本及收益,关键成功因素法用来提高IT项目与企业战略的对应,并建立模糊0－1整数规划。利用定性可能性理论把模糊组合选择模型转化为一般可求解的整数规划形式,最后用一个案例说明模型的用法。     

Quantifying requirements volatility effects

In an organization operating in the bancassurance sector we identified a low-risk IT subportfolio of 84 IT projects comprising together 16,500 function points, each project varying in size and duration, for which we were able to quantify its requirements volatility. This representative portfolio stems from a much larger portfolio of IT projects. We calculated the volatility from the function point countings that were available to us. These figures were aggregated into a requirements volatility benchmark. We found that maximum requirements volatility rates depend on size and duration, which refutes currently known industrial averages. For instance, a monthly growth rate of 5% is considered a critical failure factor, but in our low-risk portfolio we found more than 21% of successful projects with a volatility larger than 5%. We proposed a mathematical model taking size and duration into account that provides a maximum healthy volatility rate that is more in line with the reality of low-risk IT portfolios. Based on the model, we proposed a tolerance factor expressing the maximal volatility tolerance for a project or portfolio. For a low-risk portfolio its empirically found tolerance is apparently acceptable, and values exceeding this tolerance are used to trigger IT decision makers. We derived two volatility ratios from this model, the π-ratio and the ρ-ratio. These ratios express how close the volatility of a project has approached the danger zone when requirements volatility reaches a critical failure rate. The volatility data of a governmental IT portfolio were juxtaposed to our bancassurance benchmark, immediately exposing a problematic project, which was corroborated by its actual failure. When function points are less common, e.g. in the embedded industry, we used daily source code size measures and illustrated how to govern the volatility of a software product line of a hardware manufacturer. With the three real-world portfolios we illustrated that our results serve the purpose of an early warning system for projects that are bound to fail due to excessive volatility. Moreover, we developed essential requirements volatility metrics that belong on an IT governance dashboard and presented such a volatility dashboard.     

Comparing senior executive and project manager perceptions of IT project risk: a Chinese Delphi study

The success rate for information technology (IT) projects continues to be low. With an increasing number of IT projects in developing countries such as China, it is important to understand the risks they are experiencing on IT projects. To date, there has been little research documenting Asian perceptions of IT project risk. In this research, we examine the risks identified by Chinese senior executives (SEs) and project managers (PMs), and compare these two groups. The importance of top management support in IT projects is well documented. Prior research has shown that from the perspective of IT PMs, lack of support from SEs is the number one risk in IT projects. Surprisingly, senior executives' perceptions towards IT project risk have never been systematically examined. One reason why lack of support from senior executives continues to represent a major risk may be that senior executives themselves do not realize the critical role that they can play in helping to deliver successful projects. In this study, we use the Delphi method to compare the risk perceptions of senior executives and project managers. By comparing risk factors selected by each group, zones of concordance and discordance are identified. In terms of perceived importance ascribed to risk factors, PMs tend to focus on lower‐level risks with particular emphasis on risks associated with requirements and user involvement, whereas SEs tend to focus on higher‐level risks such as those risks involving politics, organization structure, process, and culture. Finally, approaches for dealing with risk factors that are seen as important by both SEs and PMs are provided.     

IT-Service-Management – Ein Modell zur Bestimmung der Folgen von Interoperabilitätsstandards auf die Einbindung externer IT-Dienstleister

This article examines the impact of interoperability standards such as Web Service standards or semantic annotation of services on the outsourcing of business processes or process activities. Especially the integration of external IT service providers is considered. Therefore a decision model is developed for optimizing service portfolios regarding risk-/cost-aspects. By using an extract of the application process for current accounts we exemplify the implementation and the results of the presented model.     

Crisis IT design implications for high risk systems: systems,control and information propositions

The systems view is presented as a complement to the more traditional scientific approach to help reduce and mitigate risk in high risk systems. Implications for this systemic approach are described, principally in the areas of control and information. Most generally, we investigate how high risk systems use information to maintain control, and how IT systems should be designed to support this activity. Two variations in the systems view – the objective and constructive – are distilled and compared, and for each, the implications for crisis IT systems design are discussed. The limitations of the two variations of the systems view are presented, as is a brief annotated bibliography for further reading about the systems view.     

Modeling uncertainties involved with software development with a stochastic Petri net

Abstract: Due to the rapid growth of the IT industry as well as the high failure rate of software development projects, it is highly desirable to develop a qualitative approach for dealing with uncertainties in the software development process. In order to manage risk and uncertainty, a software project uncertainty management approach based on a generalized stochastic Petri net is proposed. It consists of two main components: model building based on a Petri net and a Markov process algorithm. The technique is presented with an example. Finally, the proposed model is demonstrated with a real-world case.     

Strategic alignment and value maximization for IT project portfolios

Managing project portfolios has been a challenge to many IT organizations due to the size and complexity of their initiatives that are often cross-functional, fast changing, and transformational in nature. A governance process on project solicitation, evaluation, and monitoring is thus essential to ensure the resulting portfolio creates tangible values, balances across priorities, and supports business objectives. An optimization model to streamline the decision processes for IT portfolios and programs is proposed. We consider project characteristics such as the extent of strategic alignment, expected benefit, development cost, and cross-project synergy to maximize the portfolio value. We also consider team proficiency and resource availability to determine a project portfolio that could be implemented within the overall development time. The multi-objective model identifies the optimal mix among project types and the solution procedure efficiently produces recommendations that are superior to those found with current empirical techniques. We also describe an evolutionary algorithm to find approximate solutions to the optimization model. Possible extensions on how the optimization procedure can go beyond projects to also streamline decisions such as the renewal or replacement of in-flight applications is discussed.     

Information Security Risks in Enabling e-Government: The Impact of IT Vendors

The purpose of this article is to identify information systems security risks in local governments resulting from the cooperation with IT vendors. We focus on government-to-government projects where the confidentiality, integrity, and availability of information is a key concern. In our risk identification process, we take a systems thinking approach, taking into account actual and perceived risks. We identified 13 causes of risk in three risk areas and analyzed them using outsourcing literature.     

IT项目风险管理模式研究

在对风险管理的五个核心子过程和两个附加子过程研究的基础上,结合IT项目的特点和IT项目风险管理所处的阶段的分析,介绍了“P2I2=成功风险管理”的方程式,提出了由风险管理指南(G)、P/T过程模型(P)、风险状态图(S)组成的GPS风险管理框架。     

A methodical procedure for designing consumer oriented on-demand IT service propositions

IT providers are increasingly facing the challenge to adapt their previously resource oriented service portfolios in order to offer their customers services which explicitly support business processes. Such customer centric service propositions, however, seem to contradict the demand for standardized and automated operational IT processes more than traditional IT service offers, as they are even more subject to customer individual reengineering efforts due to permanently changing business requirements. In order to reconcile increased efficiency in operational processes and effectiveness in consumer oriented service propositions, we propose (1) to predefine all service propositions in consideration of both consumer oriented commitments and operational processes, and (2) to allow for standardized customization by offering a selection of complementary service propositions that extend commitments regarding customer oriented functionality and performance. Such service propositions are aligned with a company’s entities such as workplaces. Thereby the customer organization is enabled to trace, control and adjust commitments, value and expenses of IT services per entity in its business. We introduce a procedural model for designing and on-demand requesting this kind of service propositions, and we illustrate the model’s application and impact by examples taken from two large projects with an associated IT provider.     

A method for the evaluation of risk in IT projects

Information technology projects are particularly prone to failure due to their specific characteristics, making risk management become one of the critical elements in IT projects management. That is why several authors have developed risk evaluation methods, some of them based on fuzzy logic. This article proposes a new risk assessment method based in a combination of fuzzy analytic hierarchy process (FAHP) and fuzzy inference system (FIS). FIS is used for the integration of the groups of risk factors. These risk factors are the evaluation criteria of a modified FAHP which minimizes the disadvantages of the classic implementation of FAHP in order to obtain a more intuitive and easily adjustable model for multicriteria decision analysis with a lower computational need. The proposed model takes into consideration the different levels of uncertainty, the interrelationship among groups of risk factors, and the possibility of adding or suppressing options without losing the consistency with previous evaluations. The new method is especially suitable for the evaluation of development projects in the area of IT in which multiple interrelated risk factors can be particularly uncertain and imprecise. To implement the evaluation method, a hierarchy of risk factors was implemented. A numerical example is presented with data from three actual cases of IT projects, showing the applicability of the new method, the suitability of the selected taxonomy, and the significance of a few risk factors. Several future lines of work are proposed.     

Constructing information technology (IT) portfolios to achieve enterprise strategic goals in multi-business unit firms

This study aims to develop a new methodology in IT Portfolio Management (ITPM) to address the impact of portfolio priorities on IT strategies in a multi-business unit firm. The methodology includes a new ITPM model and uses simulated scenarios to overcome limitations due to insufficient real-world organizational IT portfolio data. The weight scores generated by the proposed ITPM model can enable the firm to create a rational viewpoint to improve its IT investment efficiency while establishing IT priorities to achieve enterprise strategic goals. Such an approach would enable firms to reduce their reliance on CIO intuition in guiding firms’ technology portfolios.     

Quantifying IT estimation risks

A statistical method is proposed for quantifying the impact of factors that influence the quality of the estimation of costs for IT-enabled business projects. We call these factors risk drivers as they influence the risk of the misestimation of project costs. The method can effortlessly be transposed for usage on other important IT key performance indicators (KPIs), such as schedule misestimation or functionality underdelivery. We used logistic regression as a modeling technique to estimate the quantitative impact of risk factors. We did so because logistic regression has been applied successfully in fields including medical science, e.g. in perinatal epidemiology, to answer questions that show a striking resemblance to the questions regarding project risk management. In our study we used data from a large organization in the financial services industry to assess the applicability of logistic modeling in quantifying IT risks. With this real-world example we illustrated how to scrutinize the quality and plausibility of the available data. We explained how to deal with factors that cannot be influenced, also called risk factors, by project management before or in the early stage of a project, but can have an influence on the outcome of the estimation process. We demonstrated how to select the risk drivers using logistic regression. Our research has shown that it is possible to properly quantify these risks, even with the help of crude data. We discussed the interpretation of the models found and showed that the findings are helpful in decision making on measures to be taken to identify potential misestimates and thus mitigate IT risks for individual projects. We proposed increasing the auditing process efficiency by using the found cost misestimation models to classify all projects as either risky projects or non-risky projects. We discovered through our analyses that projects must not be overstaffed and the ratio of external developers must be kept small to obtain better cost estimates. Our research showed that business units that report on financial information tend to be risk mitigating, because they have more cost underruns in comparison with business units without reporting; the latter have more cost overruns. We also discovered a maturity mismatch: an increase from CMM level 1 to 2 did not influence the disparity between a cost estimate and its actual if the maturity of the business is not also increased.     

Balanced IT-Decision-Card Ein Instrument für das Investitionscontrolling von IT-Projekten

Balanced IT Decision Card — An Instrument for Investment Controlling of IT Projects p]This paper introduces a Balanced IT Decision Card. It aims at overcoming the shortcomings of common decision making processes on large information technology (IT) projects. The investment decision should be based on an evaluation process that takes into account monetary and non-monetary measures. Given this infinite amount of data, decision makers need tools that present the important information in a simple and structured way. Therefore, this working paper makes use of the latest findings of cognition theory. Furthermore, the IT project must be integrated in the overall IT strategy, so that synergies with other IT projects can be realized. Following this argumentation, the Balanced Scorecard approach is adopted to control the investment process of IT projects.     

The use of fuzzy cognitive maps to simulate the information systems strategic planning process

In the early 1980s articles began to focus on Strategic Planning of Information Systems (SISP) and to argue the critical importance of Information Technology (IT) in today’s organisations. Since then, a large number of models were presented in order to analyse IT from a strategic point of view and suggest new IT projects. However, researchers urge for alternative approaches to SISP, as current ones fall short in taking into consideration both the business and IT perspectives as well as they fail to tackle the complexity of the domain and suggest specific IS opportunities. This article suggests Fuzzy Cognitive Maps (FCM) as an alternative modelling approach and describes how they can be developed and used to simulate the SISP process. FCMs were successfully developed and used in several ill-structured domains, such as decision making, policy making. The proposed FCM contains 165 variables and 210 relationships from both business and IT domains. The strength of this approach lies in its capability not only to comprehensively model qualitative knowledge which dominates strategic decision making, but also to simulate and evaluate several alternative ways of using IT in order to improve organisational performance. This approach introduces computational modelling, as well as it supports scenarios development and simulation in the SISP domain.     

IT工程时间风险的度量方法——基于正态假设和蒙特卡罗模拟的度量

IT工程时间风险是IT工程中的最主要的风险之一, 现有的IT工程时间风险的度量方法大多是直接基于专家打分的度量结果, 导致结果的精度不够, 给实际应用带来了不便. 为了改善该问题, 文中提出两个不同的分析路径来解决估计结果的离散问题, 一种是特定分布假设条件下IT工程时间风险度量方法, 主要步骤是首先设定每一步IT时间服从的分布, 然后在理论上推导出特定概率保证下IT工程时间风险的计算公式, 最后利用专家打分值计算得到IT工程时间风险的度量值; 另一种是利用蒙特卡洛模拟度量IT工程时间风险方法, 在设定好分布形态后计算相应的IT工程时间风险度量值. 最后文中利用上述两种方法度量了一个简单小型项目在不同概率情况下的时间风险值, 结果表明利用蒙特卡洛模拟度量IT工程时间风险方法在满足度量精度的条件下, 具有更广的适用面.     

A milp bi-objective model for static portfolio selection of R&;D projects with synergies

This paper presents a multi-objective MILP model for portfolio selection of research and development (R&D) projects with synergies. The proposed model incorporates information about the funds assigned to different activities as well as about synergies between projects at the activity and project level. The latter aspects are predominant in the context of portfolio selection of R&D projects in public organizations. Previous works on portfolio selection of R&D projects considered interdependencies mainly at the project level. In a few works considering activity level information the models and solution techniques were restricted to problems with a few projects. We study a generalization of our previous model and show that incorporating interdependencies and activity funding information is useful for obtaining portfolios with better quality. Numerical results are presented to demonstrate the efficiency of the proposed approach for large models.     

Strategic IT alignment Projects. Towards Good Governance

The senior management of organisations frequently perceive IT Projects as merely technological in nature. They fail to realise that in reality, the mission of IT is to provide technology-based support to business processes that can be key to the organisation. This lack of understanding means that these IT projects are not aligned with the business objectives and that investments in resources and personnel are not adequately prioritised. This can lead to an opportunity loss: a mere computerising of the business is sought, and processes that could turn out to be transformative, generating added value, driving a true digital transformation of the business are overlooked. This article proposes a model for implementing and operating a portfolio of strategic IT projects. Based on Good Governance principles, these latter projects move strategic decision-making up to an organisation's senior management, succeeding in gradually implicating these managers into the IT strategy. But above all, the model succeeds in achieving the targeted strategic alignment of IT projects with the organisation's business objectives and interests. The model has already been implemented in fourteen medium and large size public universities. The follow-up through interviews of the nine longest-standing experiences—some are nearly a decade old—revealed that the portfolio implementation strategy had helped to markedly improve the following elements: the institutions’ state of maturity of Good Governance; senior management's involvement in IT projects; and the identification of the most interesting IT projects for the business. To conclude, based on our experience, we can affirm that the strategic IT alignment projects is an effective IT Governance tool and, by extension, an example of Good Governance practice.     

基于人工神经网络的IT项目风险评价模型

[摘要]：首先本文在构建IT项目风险评价体系的基础上,提出一种基于人工神经网络的多指标综合风险评价模型。其次,利用神经网络的自学习和自适应能力,经过训练的神经网络系统能够将专家评价思想以连接权的方式赋予风险评价模型。最后,通过实际IT项目评价数据的验证,该风险评价模型能够准确地按照专家评价法进行工作。     

Determinants of relationship quality for IS/IT outsourcing success in public sector

Relationship has become an influential aspect for the success of IS/IT outsourcing projects. Although some studies have explored the issues of IS/IT outsourcing relationship in the past, these studies are limited to the private sectors. Whereas, studies implicate that the issues related to private and public sectors should be addressed differently. Therefore the main purpose of this study is to examine the IS/IT outsourcing relationship in the public sector by determining relationship quality factors. Based on the social exchange and the relational exchange theories a relationship model is proposed and hypotheses are tested. Ninety three IS/IT outsourcing projects in the public sector of Korea are examined and the results indicate that the outsourcing success is greatly determined by relationship quality. This study will serve as useful guidelines in understanding how to develop a successful IS/IT outsourcing relationships for IT practitioners in the public sector and the vendors undertaking those outsourced projects.