IS Core - Information Systems

Information Systems:

IS: A set of interrelated components that collect (or retrieve), process, store and distribute information to support decision making and control in an organization.

Data: Streams of raw facts representing events such as business transactions

Information: Cluster of data that are meaningful and useful to human beings  

Three Fundamental Role

·         Information Storage and Analysis

At the date of publication, many companies no longer manage their data and information manually with registers and hard-copy formats. Through the adoption of information systems, companies can make use of sophisticated and comprehensive databases that can contain all imaginable pieces of data about the company. Information systems store, update and even analyze the information, which the company can then use to pinpoint solutions to current or future problems. Furthermore, these systems can integrate data from various sources, inside and outside the company, keeping the company up to date with internal performance and external opportunities and threats.

·         Assist With Making Decisions

The long-term success of a company depends upon the adequacy of its strategic plans. An organization’s management team uses information systems to formulate strategic plans and make decisions for the organization's longevity and prosperity. The business uses information systems to evaluate information from all sources, including information from external references such as Reuters or Bloomberg, which provide information on the general economy. This analysis of and comparison to market trends helps organizations analyze the adequacy and quality of their strategic decisions.

·         Assist With Business Processes

Information systems aid businesses in developing a larger number of value added-systems in the company. For example, a company can integrate information systems with the manufacturing cycle to ensure that the output it produces complies with the requirements of the various quality management standards. Adoption of information systems simplifies business processes and removes unnecessary activities. Information systems add controls to employee processes, ensuring that only users with the applicable rights can perform certain tasks. Further, information systems eliminate repetitive tasks and increase accuracy, allowing employees to concentrate on more high-level functions. Information systems can also lead to better project planning and implementation through effective monitoring and comparison against established criteria.

 

The New Role of Information Systems in Organizations

·         Widening scope of information systems

Data processing -> management control -> decision support->

Information as a resource

·         Network revolution

·         Networked enterprise

o   Flattening organizations

o   Separating work from location

o   Reorganizing workflow

o   Increasing flexibility of organization

Mass customization: Products can be easily customized with no added cost for small production runs.

Changing management process – ERP

Inter-organizational systems: Information system that automate work flow of information across organizational boundaries

Electronic commerce

 

Functions of information systems

An information has four functions

·         Input

·         Storage

·         Processing

·         Output

 ·         Input

Inputting information in to an information system has two parts;

o   Detailed data: stored and processed and forms the basis for the rest of the system.

o   User tells the: system what sort of analysis they want from the system.

·         Storage

The data should be stored efficiently with the highest level detail available.

The IT department should take regular backups of the system and the stored data regularly, this should be kept in a different location in case of disaster

·         Processing

The processing of data is where the information is turned into knowledge.

·         Output

Outputted information can be displayed in many forms.

The main two forms are:

o   Graphical (e.g. Charts, graphs)

o   Textual (e.g. Reports, numbers)

 IS strategic Alignment

Strategic Information System Alignment

Today it is widely recognized that information systems knowledge is essential for managers because most organizations need information systems to survive and prosper. In the modern times, information systems have become an essential part of all types of business as information systems provide the opportunity for organizations to integrate with their business strategy.

A strategic plan is not the same thing as an operational plan. The former should be visionary, conceptual and directional in contrast to an operational plan which is likely to be shorter term, tactical, focused, implementable and measurable. As an example, compare the process of planning a vacation (where, when, duration, budget, who goes, how travel are all strategic issues) with the final preparations (tasks, deadlines, funding, weather, packing, transport and so on are all operational matters).

From a business perspective, an information system is an organizational and management solution, based on information systems, to a challenge posed by the environment. To fully understand information systems, a manager must understand the broader organization, management, and information systems dimensions of systems and their power to provide solutions to challenges and problems in the business environment.

Management needs to know what evaluation methods are already in place for alignment to be feasible. IS strategy can be defined as a strategy to implement information systems that recognizes organizational requirements, in other words ‘demand’ for the information and systems to support the overall business strategy and its plan to gain or maintain the advantage. An IS strategy should include the business needs for the future aligned closely to the business strategy. It should also define and priorities the investments needed to achieve the application portfolio.

Before setting an information systems framework, IT/IS professionals should set an IS planning framework that induces all the essential elements needed to be able to come up with an IS strategy that would surely work and be coherent in the alignment of the corporate strategy [1].

As the initial stage in the setting of an IS strategy, a detailed plan work must be set. According to Bhatnagar (2007) this is a typical framework for IS planning:

•Phase 1: The initial purpose, process and the scope of the IS strategy.

•Phase 2: IS planner should come to terms of these directions through in-depth analysis of the essence of the information needs, business processes and the needful business requirements.

•Phase 3: IS planner can envisage an IS plan that would be appropriate for the company. It is from these phases that the pre-requisites and considerations should carefully be looked into rather than overlooked into so that the IS planner would not miss out on something in the process of synthesizing the bits of the ingredients in successfully formulating an effective IS strategy that works.

•Phase 4: IS planning framework allows an IS planner to outline a well-documented IS strategic plan which can examine and explore the features most vital for the organization.

This will lead the planner to devise an IS strategy plan that shows the right direction.

ISP

In relation to information technology resource planning, strategic information system planning (SISP) at the most basic can be defined as “the process of determining an organization’s portfolio of computer-based applications that will help it achieve its business objectives” Before SISP, the information technology resource planning process was referred to simply as information system planning (ISP)

ISP is defined as:

IS planning is a set of activities directed toward achieving three objectives: (a) recognizing organizational opportunities and problems where IS might be applied successfully; (b) identifying the resources needed to allow IS to be applied successfully to these opportunities and problems; and (c) developing strategies and procedures to allow IS to be applied successfully to these opportunities and problems. (Hann & Weber, 1996, p. 1044).

While the definitions for SISP and ISP concepts align a great deal, the “differences between

SISP, and the planning practices that pre-dated it, are in terms of its explicit emphasis on strategic alignment and competitive impact” Due to the nature of SISP by definition, and the goals of strategic information system planning with regard to meeting organizational strategic goals, SISP can be considered a critical management issue

There are a number of SISP methodologies for an organization to choose from including (but not limited to)

KEY STAGES OF SISP METHODS

Business System Planning (BSP),

Strategic Systems Planning (SSP),
Information Engineering (IE),

Information Quality Analysis,

and Business Information Analysis state that choosing a specific SISP methodology is a critical issue; however, specific methodologies focus on “technique, procedure, or methodology employed” go on to express that any one SISP methodology may not be sufficient for the application of SISP, but that a combination of techniques utilized in different methodologies is a more balanced application of SISP

IS Leadership: The role of CIO and IS Management

 Information systems leaders have played important roles in the transformation of their organizations and, in turn, have themselves been changed by these transformations. I/S leaders have done more than contribute to a "re-engineering" of business; the successful ones have experienced a re-engineering of their own roles as well. It would be unrealistic to think that I/S leadership roles would remain static in dynamic business environments where information technology has been busily changing everyone else’s roles. On the contrary, as business has become more reliant on innovations in information technology to solve their problems of competitiveness and efficiency, the role of the I/S leader has grown in importance and visibility.

Executive-level I/S leadership can be described as follows:

Power is the capacity to exert influence, and leadership is the successful exercise of power to accomplish organizational goals. I/S leaders rely upon multiple sources of power including the legitimate power stemming from their organizational positions; the expert power they derive from their knowledge of information technology; and the referent, or personal, power they acquire through their alliances and relationships with other executives and managers.

The leadership function is multidimensional and dynamic, and I/S leaders are called upon to emphasize different dimensions of their roles as the circumstances in their organizations and the larger environment change.

There are two types of leadership that are essential to ensure the vitality of the I/S function: transformational leadership to produce innovation and effectiveness, and transactional leadership to produce stability and efficiency.

And finally, I/S leadership roles have been evolving in tandem with the evolution of information technology in business itself and have been taking shape through a process of role integration.

The I/S organization and the role of the CIO have evolved in parallel with information technology's development of increasingly more meaningful applications. For many pioneers and early adapters (to use Rogers' [1983] terms), the technology was little more than a curiosity. Few people in the 1970s and early 1980s had the vision to see where it was headed.

In the decade of the 1970s, I/S leaders were challenged to master the technology, to find out what it was capable of doing, and how it could be applied. Their progressive success in doing so through the 1980s gave them a firm grasp on their role as technologist – a role that persists to this day and is of such importance that the role of chief technology officer (CTO) has emerged as a separate position, one which serves in partnership with the chief information officer (CIO).

CIOs can stimulate innovation in at least three general ways. First, they can reach back to their expertise in information technology to articulate a vision of the changes such technology can make in the core functions of the organization, and use their experience as managers of this technology to map a course from the present situation to a desired future state. Senge (l990) calls this the leader's roles as "designer" and "teacher." By exercising these roles, they create policies, strategies, and structures that facilitate translating emerging technologies into valuable business tools.

Second, they can use this creative tension to create a climate for innovation. This is accomplished through creating a shared vision – getting people to align their personal visions with the leader's vision thereby attaining the synergism and commitment needed for sustained, constructive change. They can also begin to use team approaches and experimentation for problem solving and generative learning. If team approaches and experimentations are adopted, it will require changes in performance appraisal and reward systems and a greater tolerance for the temporary inefficiencies caused by such experimentation. Third, they can foster the early adoption of technology. In Roger’s (1983) terms, this means that, as "pioneers," the CIO must identify and seek out the influence leaders in the user community to serve as "early adopters" and thus champions of the innovation, thereby ensuring its success.

Obviously, the starting point for the CIO's successful implementation of the innovator role is his or her capacity for vision. But how does one acquire "vision"? Senge (1990) suggests that success in this area is proportional to the executive's capacity to engage in systems thinking, to "focus less on day-to-day events and more on the underlying trends and forces to change." He suggests that would-be leaders need to develop the following new skills:

Seeing interrelationships, not things, and processes, not snapshots – avoiding seeing the world in static terms and attempting linear explanations of what are actually systemic phenomena.

Focusing on areas of high leverage – finding "where a change, with minimal effort, would lead to lasting, significant improvement".

Avoiding symptomatic solutions – foregoing quick fixes to "keep the pressure on everyone to identify more enduring solutions".

Acquiring systems-thinking skills instead of merely reacting – "Many charismatic leaders manage almost exclusively at the level of events. They deal in visions and in crises, and little in between".

In summary, CIOs can do much to improve the environment of the I/S organization for innovation albeit, perhaps, at some expense to their roles as managers, where stability and efficiency are the hallmarks of success.

IS Core - Business Drivers and Information Systems Valuation

The Changing Business Environment Business Drivers

·         Globalization and Strong Competition

o   Management and control in a global marketplace, Competition in world markets, Global work groups, Global delivery systems

·         Transformation of Industrial Economies

o   Knowledge- and information-based economies, Productivity,

o   New products and services, Knowledge: a central productive and strategic asset Time-based competition, Shorter product life

o   Turbulent environment, Limited employee knowledge base

·         Transformation of the Enterprise

o   Flattening, Decentralization, Flexibility, Location independence, Low transaction and coordination costs, Empowerment, Collaborative work and teamwork

·         Changing nature of workforce

·         Powerful customers

·         Technological Pressures

o   Technological innovation and obsolescence

o   Information overload

·         Social responsibility (Equal opportunity, environmental control, health, safety)

o   Government regulation

o   Government deregulation

o   Shrinking budgets and subsidies

o   Ethical issues

Organizational Responses
·         Strategic systems

·         Continuous improvement efforts
o   Improved productivity

o   Just-in-time (JIT)operation

o   Total quality management

o   Improved decision making

o   Information& amp; knowledge

o   Innovation

o   Change management, customer service

·         Business process reengineering

o   Reducing cycle time and time to market

o   Empowerment of employees

o   Customer focused approach

o   Restructuring and team based structure

o   ERP

·         Business Alliances

·         Electronic Business, Commerce

The Emerging Digital Firm

·         Digital Firm: Organization where nearly all significant business processes and relationships with customers, suppliers, and employees are digitally enabled, and key corporate assets are managed through digital means.

·         Business Processes: The unique ways in which organizations coordinate and organize work activities, information, and knowledge to produce a product or service.

Digital Divide

A term used to describe the discrepancy between people who have access to and the resources to use new information and communication tools, such as the Internet, and people who do not have the resources and access to the technology. The term also describes the discrepancy between those who have the skills, knowledge and abilities to use the technologies and those who do not. The digital divide can exist between those living in rural areas and those living in urban areas, between the educated and uneducated, between economic classes, and on a global scale between more and less industrially developed nations.

Multi-Criteria Analysis (MCA) is a decision-making tool developed for complex problems. In a situation where multiple criteria are involved confusion can arise if a logical, well-structured decision-making process is not followed. Another difficulty in decision making is that reaching a general consensus in a multidisciplinary team can be very difficult to achieve. By using MCA the members don't have to agree on the relative importance of the Criteria or the rankings of the alternatives. Each member enters his or her own judgments, and makes a distinct, identifiable contribution to a jointly reached conclusion. This manual is written for an audience that needs a clear, easy to follow manual that can be used in the field to implement MCA. The information is structured so that the reader is first introduced to the general concepts involved before delving into the more specific applications of Multi Criteria Analysis.
Total cost of ownership (TCO) is a financial estimate whose purpose is to help consumers and enterprise managers determine direct and indirect costs of a product or system. It is a management accounting concept that can be used in full cost accounting or even ecological economics where it includes social costs. For manufacturing, as TCO is typically compared with doing business overseas, it goes beyond the initial manufacturing cycle time and cost to make parts. TCO includes a variety of cost of doing business items, for example, ship and re-ship, and opportunity costs, while it also considers incentives developed for an alternative approach. Incentives and other variables include tax credits, common language, expedited delivery, and customer-oriented supplier visits. TCO, when incorporated in any financial benefit analysis, provides a cost basis for determining the total economic value of an investment. Examples include: return on investment, internal rate of return, economic value added, return on information technology, and rapid economic justification. A TCO analysis includes total cost of acquisition and operating costs. A TCO analysis is used to gauge the viability of any capital investment. An enterprise may use it as a product/process comparison tool. It is also used by credit markets and financing agencies. TCO directly relates to an enterprise's asset and/or related systems total costs across all projects and processes, thus giving a picture of the profitability over time.

ROI (Return on Investment) - A performance measure used to evaluate the efficiency of an investment or to compare the efficiency of a number of different investments. To calculate ROI, the benefit (return) of an investment is divided by the cost of the investment; the result is expressed as a percentage or a ratio.
 The return on investment formula:

ROI = (Gain from Investment – Cost of Investment)/ Cost of Investment

 In the above formula "gains from investment", refers to the proceeds obtained from selling the investment of interest. Return on investment is a very popular metric because of its versatility and simplicity. That is, if an investment does not have a positive ROI, or if there are other opportunities with a higher ROI, then the investment should be not be undertaken.

Keep in mind that the calculation for return on investment and, therefore the definition, can be modified to suit the situation -it all depends on what you include as returns and costs. The definition of the term in the broadest sense just attempts to measure the profitability of an investment and, as such, there is no one "right" calculation.
 For example, a marketer may compare two different products by dividing the gross profit that each product has generated by its respective marketing expenses. A financial analyst, however, may compare the same two products using an entirely different ROI calculation, perhaps by dividing the net income of an investment by the total value of all resources that have been employed to make and sell the product.
 This flexibility has a downside, as ROI calculations can be easily manipulated to suit the user's purposes, and the result can be expressed in many different ways. When using this metric, make sure you understand what inputs are being used.

Cost benefit analysis (CBA) sometimes called benefit–cost analysis (BCA), is a systematic process for calculating and comparing benefits and costs of a project, decision or government policy (hereafter, "project"). CBA has two purposes:

1. To determine if it is a sound investment/decision (justification/feasibility),
2. To provide a basis for comparing projects. It involves comparing the total expected cost of each option against the total expected benefits, to see whether the benefits outweigh the costs, and by how much.

CBA is related to, but distinct from cost-effectiveness analysis. In CBA, benefits and costs are expressed in monetary terms, and are adjusted for the time value of money, so that all flows of benefits and flows of project costs over time (which tend to occur at different points in time) are expressed on a common basis in terms of their "net present value."

Closely related, but slightly different, formal techniques include cost-effectiveness analysis, cost–utility analysis, economic impact analysis, fiscal impact analysis and Social return on investment (SROI) analysis.

 

Structuring the IS Organization

Gaining competitive advantage is critical for organizations. Baltzan and Phillips (2010, p. 16) define competitive advantage as ‘a product or service that an organization’s customers value more highly than similar offerings from its competitors’ (in other words, you have something useful (i.e. products, services, capabilities) that your competitors do not have). Competitive advantages are typically temporary as competitors often seek ways to duplicate the competitive advantage

Table 2.1: Competitive Strategies & Roles of Information Systems

Competitive Strategy	Roles of Information Systems
Innovation	Organizations can use information systems to identify and create (or assist in creating) new products and services or/and to develop new/niche markets or/and to radically change business processes via automation (i.e., using digital modelling and simulation of product design to reduce the time and cost to the market (Chui & Fleming 2011). They also can work on new initiatives of establishing pure online businesses/operations. At the same time, the Internet and telecommunications networks provide better capabilities and opportunities for innovation. “Combinational innovation” and Open innovation are two good examples. There are a large number of component parts on the networks that are very expensive or extremely different before the establishment of the networks, and organizations could combine or recombine components/parts on the networks to create new innovations (Manyika 2009). Meanwhile everyone is connected via personal computers, laptops and other mobile devices through cabled Internet or wireless networks or mobile networks, there are plenty of opportunities to co-create with customers, external partners and internal people.
Growth (including mergers and acquisitions)	Organizations can use information systems to expand domestic and international operations or/and to diversify and integrate into other products and services, i.e., establishing global intranet and global operation platform; establishing Omni-channel strategy to gain growth(Omni-channel strategy looks at leveraging advantages of both online (or digital) and offline (or non-digital) channels) (Rigby 2011).
Strategic Alliance	Organizations can use information systems to create and enhance relations with partners via applications, such as developing virtual organizations and inter-organizational information systems.
Cost Leadership	Organizations can use information systems to fundamentally shift the cost of doing business (Booth, Roberts & Sikes 2011) or reduce the costs of business processes or/and to lower the costs of customers or suppliers, i.e., using online business to consumer & business to business models, e-procurement systems to reduce operating costs.
Differentiation	Organizations can use information systems to develop differentiated features or/and to reduce competitors’ differentiation advantages, i.e., using online live chatting systems and social networks to better understand and serve customers; using technology to create inform diaries to offer value-added service and improve customers’ stickiness to your web site/business(Booth, Roberts, and Sikes 2011); applying advanced and established measures for online operations to offline practices (i.e., more accurate and systematic ways of measuring efficiency and effectiveness of advertising) (Manyika 2009).

Value chain

Another important concept and tool that can help a business identify competitive advantage and opportunities for strategic use of information systems is Porter’s value chain model. The value chain approach views an organization as a chain, or series, of processes, and it classified an organization’s activities into two categories: primary activities (i.e., inbound logistics, operations, sales & marketing, customer service, outbound logistics) and secondary/support activities (i.e., administration, human resources, technology, procurement). The value chain helps an organization determine the ‘value’ of its business processes for its customers. The model highlights specific activities in the business where competitive strategies can be best applied and where information systems are most likely to have a strategic impact. By creating/adding value and thus creating competitive advantages, information systems could contribute to each part of an organization’s value chain and extended value chain (including interactions/ties with external partners and strategic alliances)

Managing the Information Systems Function

o   Data Capturing

      o   Data Storage
      o   Data Processing
      o   Data and Information distribution
      o   Prediction/forecasting
      o   Planning
      o   Control
Evaluating Information Technology Investments
IT investments have had a tremendous impact on firms by reducing costs, improving product quality and increasing value to customers, thus enabling the firms to gain competitive advantage.
IT investments carry significant long term business implications. Assessing IT investments is thus difficult; both before the investment is undertaken, and after the new (or enhanced) systems have been acquired and implemented.
Taxonomy of IT Investment Appraisal Approaches

Classification	Appraisal technique
ECONOMIC APPROACHES (ratio based)	Gut feeling
	Payback
	Return on Investment (ROI)
	Cost Benefit Analysis (CBA)
Economic approach (discounting techniques)	Net Present Value (NPV)
	Internal rate of Return (IRR)
Economic approach (future value technique)	Real option pricing theory
STRATEGIC APPROACHES	Technical importance
	Competitive advantage
	Critical success factors
	Application portfolio approach
ANALYTICAL APPROACHES (portfolio)	Non numeric
	Scoring models
	Computer based techniques
	Fuzzy logic
ANALYTICAL APPROACHES (other)	Risk analysis
	Value analysis
INTEGRATED APPROACHES	Multi-attribute utility theory
	Scenario planning and screening
	Information economics
	Balanced scorecard

Using IT Governance Frameworks

IT is essential to manage transactions, information and knowledge necessary to initiate and sustain economic and social activities. These activities increasingly rely on globally cooperating entities to be successful. In many organizations, IT is fundamental to support, sustain and grow the business.While many organizations recognize the potential benefits that technology can yield, the successful ones also understand and manage the risks associated with implementing new technologies. Among the enterprise's challenges and concerns are:

o   Aligning IT strategy with the business strategy
o   Cascading strategy and goals down into the enterprise 
o   Providing organizational structures that facilitate the implementation of strategy and goals 
o   Insisting that an IT control framework be adopted and implemented 
o   Measuring IT's performance
Effective and timely measures aimed at addressing these top management concerns need to be promoted by the governance layer of an enterprise. Hence, boards and executive management need to extend governance, already exercised over the enterprise, to IT by way of an effective IT governance framework that addresses strategic alignment, performance measurement, risk management, value delivery and resource management. Simply put, IT governance and the effective application of an IT governance framework are the responsibilities of the board of directors and executive management. IT governance is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategies and objectives. An IT governance framework, such as Control Objectives for Information and related Technology (COBIT) can be a critical element in ensuring proper control and governance over information and the systems that create, store, manipulate and retrieve it.
Frameworks
There are quite a few supporting references that may be useful guides to the implementation of information technology governance. Some of them are:
AS8015-2005 Australian Standard for Corporate Governance of Information and Communication Technology. AS8015 was adopted as ISO/IEC 38500 in May 2008
ISO/IEC 38500:2008 Corporate governance of information technology,(very closely based on AS8015-2005) provides a framework for effective governance of IT to assist those at the highest level of organizations to understand and fulfill their legal, regulatory, and ethical obligations in respect of their organizations’ use of IT. ISO/IEC 38500 is applicable to organizations from all sizes, including public and private companies, government entities, and not-for-profit organizations. This standard provides guiding principles for directors of organizations on the effective, efficient, and acceptable use of Information Technology (IT) within their organizations.
COBIT (Control Objectives for Information and related Technology) is regarded as the world's leading IT governance and control framework. COBIT provides a reference model of 34 IT processes typically found in an organization. Each process is defined together with process inputs and outputs, key process activities, process objectives, performance measures and an elementary maturity model. Originally created by ISACA, COBIT is now the responsibility of the ITGI(IT Governance Institute).
ITIL (IT Infrastructure Library) is a high-level framework with information on how to achieve a successful operational Service management of IT, developed and maintained by the United Kingdom's Office of Government Commerce, in partnership with the IT Service Management Forum. While not specifically focused on IT governance, the process-related information is a useful reference source for tackling the improvement of the service management function.
Others include:

• ISO27001 - focus on Information Security
• CMM - The Capability Maturity Model: focus on software engineering
• TickIT - a quality-management certification program for software development

Non-IT specific frameworks of use include:

• The Balanced Scorecard (BSC) - method to assess an organization’s performance in many different areas.
• Six Sigma - focus on quality assurance
• TOGAF - The Open Group Architectural Framework - methodology to align business and IT, resulting in useful projects and effective governance.

AS 8015

The AS 8015-2005 standard for corporate governance of information and communication technology was published in 2005 by Standards Australia . The standard provides principles, a model and vocabulary as a basic framework for implementing effective corporate governance of ICT within any organization.

The committee which drafted and recommended the publication included representatives from the Australian Computer Society, The Australian Bankers Association, the Australian Institute of Company Directors, Academia and Government Agencies. AS8015 was submitted for fast track ISO adoption and published largely unchanged, in May 2008 as ISO/IEC standard for corporate governance of information technology.

ISO/IEC 38500

ISO/IEC 38500 is an international standard for Corporate governance of information technology published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It provides a framework for effective governance of IT to assist those at the highest level of organizations to understand and fulfill their legal, regulatory, and ethical obligations in respect of their organizations’ use of IT.

ISO/IEC 38500 is applicable to organizations of all sizes, including public and private companies, government entities, and not-for-profit organizations. This standard provides guiding principles for directors of organizations on the effective, efficient, and acceptable use of Information Technology (IT) within their organizations. It is organized into three prime sections, specifically, Scope, Framework and Guidance

The framework comprises definitions, principles and a model. It sets out six principles for good corporate governance of IT:

• Responsibility;
• Strategy;
• Acquisition;
• Performance;
• Conformance;
• Human behavior

It also provides guidance to those advising, informing, or assisting directors.

COBIT

Control Objectives for Information and Related Technology (COBIT) is a framework created by ISACA for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks.
Overview
The Information Systems Audit and Control Association first released COBIT in 1996; ISACA published the current [update] version, COBIT 5, in 2012.
COBIT aims "to research, develop, publish and promote an authoritative, up-to-date, international set of generally accepted information technology control objectives for day-to-day use by business managers, IT professionals and assurance professionals".
COBIT, initially an acronym for "Control objectives for information and related technology" (though before the release of the framework people talked of "CobiT" as "Control Objectives for IT"), defines a set of generic processes for the management of IT. The framework defines each process together with process inputs and outputs, key process-activities, process objectives, performance measures and an elementary maturity model.
The framework supports governance of IT by defining and aligning business goals with IT goals and IT processes.[citation needed]

The COBIT framework
The framework provides good practices across a domain and process framework.
The business orientation of COBIT consists of linking business goals to IT goals, providing metrics and maturity models to measure their achievement, and identifying the associated responsibilities of business and IT process owners.
The process focus of COBIT 4.1 is illustrated by a process model that subdivides IT into four domains (Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate) and 34 processes in line with the responsibility areas of plan, build, run and monitor. It is positioned at a high level and has been aligned and harmonized with other, more detailed, IT standards and good practices such as COSO, ITIL, ISO 27000, CMMI, TOGAF and PMBOK. COBIT acts as an integrator of these different guidance materials, summarizing key objectives under one umbrella framework that link the good practice models with governance and business requirements.
The COBIT 4.1 framework specification can be obtained as a complimentary PDF at the ISACA download website. (Free self-registration may be required.)
COBIT 5 was released in April 2012. COBIT 5 consolidates and integrates the COBIT 4.1, Val IT 2.0 and Risk IT frameworks, and draws from ISACA's IT Assurance Framework (ITAF) and the Business Model for Information Security (BMIS). It aligns with frameworks and standards such as Information Technology Infrastructure Library (ITIL), International Organization for Standardization (ISO), Project Management Body of Knowledge (PMBOK), PRINCE2 and The Open Group Architecture Framework (TOGAF).
Components
The COBIT components include:

• Framework: Organize IT governance objectives and good practices by IT domains and processes, and links them to business requirements
• Process descriptions: A reference process model and common language for everyone in an organization. The processes map to responsibility areas of plan, build, run and monitor.
• Control objectives: Provide a complete set of high-level requirements to be considered by management for effective control of each IT process.
• Management guidelines: Help assign responsibility, agree on objectives, measure performance, and illustrate interrelationship with other processes
• Maturity models: Assess maturity and capability per process and helps to address gaps.

Other ISACA Publications based on the COBIT framework include:

• Board Briefing for IT Governances, 2nd Edition
• COBIT and Application Controls
• COBIT Control Practices, 2nd Edition
• IT Assurance Guide: Using COBIT
• Implementing and Continually Improving IT Governance
• COBIT Quickstart, 2nd Edition
• COBIT Security Baseline, 2nd Edition
• IT Control Objectives for Sarbanes-Oxley, 2nd Edition
• IT Control Objectives for Basel II
• COBIT User Guide for Service Managers
• COBIT Mappings (to ISO/IEC 27002, CMMI, ITIL, TOGAF, PMBOK etc.)
• COBIT Online

Information Technology Infrastructure Library

ITIL (IT Infrastructure Library) provides a framework of Best Practice guidance for IT Service Management and since its creation, ITIL has grown to become the most widely accepted approach to IT Service Management in the world. This pocket guide has been designed as an introductory overview for anyone who has an interest in or a need to understand more about the objectives, content and coverage of ITIL. Whilst this guide provides an overview, full details can be found in the actual ITIL publications themselves.

This guide describes the key principles of IT Service Management and provides a high-level overview of each of the core publications within ITIL:

_ Service Strategy

_ Service Design

_ Service Transition

_ Service Operation

_ Continual Service Improvement          

Introduction

It has become increasingly recognized that information is the most important strategic resource that any organization has to manage. Key to the collection, analysis, production and distribution of information within an organization is the quality of the IT Services provided to the business. It is essential that we recognize that IT Services are crucial, strategic, organizational assets and therefore organizations must invest appropriate levels of resource into the support, delivery and management of these critical IT Services and the IT systems that underpin them. However, these aspects of IT are often overlooked or only superficially addressed within many organizations.

Key issues facing many of today’s senior Business Managers and IT Managers are:

o   IT and business strategic planning

o   Integrating and aligning IT and business goals

o   Implementing continual improvement

o   Measuring IT organization effectiveness and efficiency

o   Optimizing costs and the Total Cost of Ownership (TCO)

o   Achieving and demonstrating Return on Investment (ROI)

o   Demonstrating the business value of IT

      o   Developing business and IT partnerships and relationships

o   Improving project delivery success

o   Outsourcing, insourcing and smart sourcing

Using IT to gain competitive advantage

o   Delivering the required, business justified IT services (i.e. what is required, when required and at an agreed cost)

o   Managing constant business and IT change

o   Demonstrating appropriate IT governance

o   The challenges for IT managers are to co-ordinate and work in partnership with the business to deliver high quality IT services. This has to be achieved while adopting a more business and customer oriented approach to delivering services and cost optimization

o   The primary objective of Service Management is to ensure that the IT services are aligned to the business needs and actively support them. It is imperative that the IT services underpin the business processes, but it is also increasingly important that IT acts as an agent for change to facilitate business transformation

o   All organizations that use IT depend on IT to be successful. If IT processes and IT services are implemented, managed and supported in the appropriate way, the business will be more successful, suffer less disruption and loss of productive hours, reduce costs, increase revenue, improve public relations and achieve its business objectives

What is IT Service Management?

To understand what service management is, we need to understand what services are, and how service management can help service providers to deliver and manage these services.A service is a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks.A simple example of a customer outcome that could be facilitated by an IT service might be: “Sales people spending more time interacting with customers” facilitated by “a remote access service that enables reliable access to corporate sales systems from sales people’s laptops”.The outcomes that customers want to achieve are the reason why they purchase or use the service. The value of the service to the customer is directly dependent on how well it facilitates these outcomes. Service management is what enables a service provider to understand the services they are providing, to ensure that the services really do facilitate the outcomes their customers want to achieve, to understand the value of the services to their customers, and to understand and manage all of the costs and risks associated with those services. Service Management is a set of specialized organizational capabilities for providing value to customers in the form of services.

These “specialized organizational capabilities” are described in this pocket guide. They include all of the processes, methods, functions, roles and activities that a Service Provider uses to enable them to deliver services to their customers. Service management is concerned with more than just delivering services. Each service, process or infrastructure component has a lifecycle, and service management considers the entire lifecycle from strategy through design and transition to operation and continual improvement. The inputs to service management are the resources and capabilities that represent the assets of the service provider. The outputs are the services that provide value to the customers.

Effective service management is itself a strategic asset of the service provider, providing them with the ability to carry out their core business of providing services that deliver value to customers by facilitating the outcomes customers want to achieve. Adopting good practice can help a service provider to create an effective service management system. Good practice is simply doing things that have been shown to work and to be effective. Good practice can come from many different sources, including public frameworks (such as ITIL, COBIT and CMMI), standards (such as ISO/IEC 20000 and ISO 9000), and proprietary knowledge of people and organizations.

What is ITIL?

ITIL is a public framework that describes Best Practice in IT service management. It provides a framework for the governance of IT, the ‘service wrap’, and focuses on the continual measurement and improvement of the quality of IT service delivered, from both a business and a customer perspective. This focus is a major factor in ITIL’s worldwide success and has contributed to its prolific usage and to the key benefits obtained by those organizations deploying the techniques and processes throughout their organizations. Some of these benefits include:

o   Increased user and customer satisfaction with IT services

o   Improved service availability, directly leading to increased business profits and revenue

o   Financial savings from reduced rework, lost time, improved resource management and usage

o   Improved time to market for new products and services

o   Improved decision making and optimized risk

ITIL was published between 1989 and 1995 by Her Majesty’s Stationery Office (HMSO) in the UK on behalf of the Central Communications and Telecommunications Agency (CCTA) – now subsumed within the Office of Government Commerce (OGC). Its early use was principally confined to the UK and Netherlands. A second version of ITIL was published as a set of revised books between 2000 and 2004. The initial version of ITIL consisted of a library of 31 associated books covering all aspects of IT service provision. This initial version was then revised and replaced by seven, more closely connected and consistent books (ITIL V2) consolidated within an overall framework. This second version became universally accepted and is now used in many countries by thousands of organizations as the basis for effective IT service provision. In 2007, ITIL V2 was superseded by an enhanced and consolidated third version of ITIL, consisting of five core books covering the service lifecycle, together with the Official Introduction.

Check below guide for detailed information on ITIL

http://www.best-management-practice.com/gempdf/itSMF_An_Introductory_Overview_of_ITIL_V3.pdf

Balanced scorecard

The balanced scorecard (BSC) is a strategy performance management tool - a semi-standard structured report, supported by design methods and automation tools that can be used by managers to keep track of the execution of activities by the staff within their control and to monitor the consequences arising from these actions. It is perhaps the best known of several such frameworks (it was the most widely adopted performance management framework reported in the 2010 annual survey of management tools undertaken by Bain & Company.) Since its original incarnation in the early 1990s as a performance measurement tool, the BSC has evolved to become an effective strategy execution framework. The BSC concept as put forth by Drs. Robert S. Kaplan and David P. Norton is now seen as a critical foundation in a holistic strategy execution process that, besides helping organizations articulate strategy in actionable terms, provides a road map for strategy execution, for mobilizing and aligning executives and employees, and making strategy a continual process.
Characteristics

The characteristic of the balanced scorecard and its derivatives is the presentation of a mixture of financial and non-financial measures each compared to a 'target' value within a single concise report. The report is not meant to be a replacement for traditional financial or operational reports but a succinct summary that captures the information most relevant to those reading it. It is the method by which this 'most relevant' information is determined (i.e., the design processes used to select the content) that most differentiates the various versions of the tool in circulation. The balanced scorecard also gives light to the company's vision and mission. These two elements must always be referred to when preparing a balance scorecard.

As a model of performance, the balanced scorecard is effective in that "it articulates the links between leading inputs (human and physical), processes, and lagging outcomes and focuses on the importance of managing these components to achieve the organization's strategic priorities."

The first versions of balanced scorecard asserted that relevance should derive from the corporate strategy, and proposed design methods that focused on choosing measures and targets associated with the main activities required to implement the strategy. As the initial audience for this were the readers of the Harvard Business Review, the proposal was translated into a form that made sense to a typical reader of that journal - one relevant to a mid-sized US business. Accordingly, initial designs were encouraged to measure three categories of non-financial measure in addition to financial outputs - those of "customer," "internal business processes" and "learning and growth." Clearly these categories were not so relevant to non-profits or units within complex organizations (which might have high degrees of internal specialization), and much of the early literature on balanced scorecard focused on suggestions of alternative 'perspectives' that might have more relevance to these groups.

Modern balanced scorecard thinking has evolved considerably since the initial ideas proposed in the late 1980s and early 1990s, and the modern performance management tools including Balanced Scorecard are significantly improved - being more flexible (to suit a wider range of organizational types) and more effective (as design methods have evolved to make them easier to design, and use). In the latest book by Kaplan & Norton related to the BSC, "The Execution Premium", the BSC forms only a part of a broader Execution Premium Process (XPP) to implement and monitor strategy.

Design

Design of a balanced scorecard ultimately is about the identification of a small number of financial and non-financial measures and attaching targets to them, so that when they are reviewed it is possible to determine whether current performance 'meets expectations'. The idea behind this is that by alerting managers to areas where performance deviates from expectations, they can be encouraged to focus their attention on these areas, and hopefully as a result trigger improved performance within the part of the organization they lead. The original thinking behind a balanced scorecard was for it to be focused on information relating to the implementation of a strategy, and, perhaps unsurprisingly, over time there has been a blurring of the boundaries between conventional strategic planning and control activities and those required to design a Balanced Scorecard. This is illustrated well by the four steps required to design a balanced scorecard included in Kaplan & Norton's writing on the subject in the late 1990s:

1. Translating the vision into operational goals;
2. Communicating the vision and link it to individual performance;
3. Business planning; index setting
4. Feedback and learning, and adjusting the strategy accordingly.

These steps go far beyond the simple task of identifying a small number of financial and non-financial measures, but illustrate the requirement for whatever design process is used to fit within broader thinking about how the resulting Balanced Scorecard will integrate with the wider business management process. This is also illustrated by books and articles referring to Balanced Scorecards confusing the design process elements and the balanced scorecard itself. In particular, it is common for people to refer to a "strategic linkage model" or "strategy map" as being a balanced scorecard.
Although it helps focus managers' attention on strategic issues and the management of the implementation of strategy, it is important to remember that the Balanced Scorecard itself has no role in the formation of strategy. In fact, balanced scorecards can comfortably co-exist with strategic planning systems and other tools.

Balanced Scorecard used for incentive based pay

A common use of balanced scorecard is to support the payments of incentives to individuals, even though it was not designed for this purpose and is not particularly suited to it.

The four perspectives

The 1st generation design method proposed by Kaplan and Norton was based on the use of three non-financial topic areas as prompts to aid the identification of non-financial measures in addition to one looking at financial. Four "perspectives" were proposed:

• Financial: encourages the identification of a few relevant high-level financial measures. In particular, designers were encouraged to choose measures that helped inform the answer to the question "How do we look to shareholders?"
• Customer: encourages the identification of measures that answer the question "How do customers see us?"
• Internal business processes: encourages the identification of measures that answer the question "What must we excel at?"
• Learning and growth: encourages the identification of measures that answer the question "How can we continue to improve, create value and innovate?"

These 'prompt questions' illustrate that Kaplan and Norton were thinking about the needs of small to medium sized commercial organizations in the USA[citation needed] (the target demographic for the Harvard Business Review) when choosing these topic areas. They are not very helpful to other kinds of organizations, and much of what has been written on balanced scorecard since has, in one way or another, focused on the identification of alternative headings more suited to a broader range of organizations. 

The Open Group Architecture Framework

The Open Group Architecture Framework (TOGAF®) is a framework for enterprise architecture which provides a comprehensive approach for designing, planning, implementing, and governing an enterprise information architecture. TOGAF is a registered trademark of The Open Group in the United States and other countries.
TOGAF is a high level and holistic approach to design, which is typically modeled at four levels: Business, Application, Data, and Technology. It tries to give a well-tested overall starting model to information architects, which can then be built upon. It relies heavily on modularization, standardization and already existing, proven technologies and products.

The Role of TOGAF

TOGAF in its Enterprise Edition remains what it has always been, namely an architecture framework - a set of methods and tools for developing a broad range of different IT architectures. It enables IT users to design, evaluate, and build the right architecture for their organization, and reduces the costs of planning, designing, and implementing architectures based on open systems solutions.
The key to TOGAF remains a reliable, practical method - the TOGAF Architecture Development Method (ADM) - for defining business needs and developing an architecture that meets those needs, utilizing the elements of TOGAF and other architectural assets available to the organization.
A number of enterprise architecture frameworks already exist and are widely recognized, each of which has its particular advantages and disadvantages - and relevance - for enterprise architecture. They are discussed in Part IV: Resource Base, Other Architectures and Frameworks .
Although a number of enterprise frameworks exist, there is no accepted industry standard method for developing an enterprise architecture. The goal of The Open Group with TOGAF is to work towards making the TOGAF ADM just such an industry standard method, which is neutral towards tools and technologies, and can be used for developing the products associated with any recognized enterprise framework - such as the Zachman Framework, Federal Enterprise Architecture Framework (FEAF), Treasury Enterprise Architecture Framework (TEAF), and C4ISR/DoD Framework - that the architect feels is appropriate for a particular architecture.
The TOGAF ADM therefore does not prescribe any specific set of enterprise architecture deliverables - although it does describe a set by way of example. Rather, TOGAF is designed to be used with whatever set of deliverables the TOGAF user feels is most appropriate. That may be the set of deliverables described in TOGAF itself; or it may be the set associated with another framework, such as the Zachman Framework, FEAF, etc.
In fact, TOGAF has always done this: it does not prescribe a specific set of "architecture views", but describes an example taxonomy of the kinds of views that an architect might consider developing, and why; and it provides guidelines for making the choice, and for developing particular views, if chosen.
With the migration of TOGAF to an enterprise architecture framework, this flexibility becomes even more important. TOGAF is not intended to compete with these other frameworks; rather, it is intended to perform a unique role, in distilling what these other frameworks have to offer, and providing a generic ADM that can be adapted for use with any of these other frameworks.
The Open Group's vision for TOGAF is as a vehicle and repository for practical, experience-based information on how to go about the process of enterprise architecture, providing a generic method with which specific sets of deliverables, specific reference models, and other relevant architectural assets, can be integrated.
TOGAF and Architecture Governance
As governance has become an increasingly visible requirement for organizational management, the adoption of governance into TOGAF aligns the framework with current business best practice and also ensures a level of visibility, guidance, and control that will support all architecture stakeholder requirements and obligations.
The benefits of architecture governance include:

o   Increased transparency of accountability, and informed delegation of authority

o   Controlled risk management

o   Protection of the existing asset base through maximizing re-use of existing architectural components

o   Proactive control, monitoring, and management mechanisms

o   Process, concept, and component re-use across all organizational business units

o   Value creation through monitoring, measuring, evaluation, and feedback

o   Increased visibility supporting internal processes and external parties' requirements