IS 483 Information Systems Management
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
449
On Slideshare
449
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
8
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. IS 483 Information Systems Management James Nowotarski 15 May 2003
  • 2.
    • Recap training and help desk
    • Understand risk management
    • Understand procurement process (RFP)
    Today’s Objectives
  • 3.
    • Topic Duration
    • Recap last week 20 minutes
    • Assignment 2 reports 20 minutes
    • Quiz - Training & Help Desk 30 minutes
    • *** Break 15 minutes
    • Risk management 60 minutes
    • Procurement process 50 minutes
    Today’s agenda
  • 4.
    • Topic Duration
    • Recap last week 20 minutes
    • Assignment 2 reports 20 minutes
    • Quiz - Training & Help Desk 30 minutes
    • *** Break 15 minutes
    • Risk management 60 minutes
    • Procurement process 50 minutes
    Today’s agenda
  • 5. User training and total cost of ownership time call volume call complexity
  • 6. User training and total cost of ownership
    • Process-related, rather than application-specific training
    • Additional software functionality (new or existing software)
    • Providing FAQ’s from the help desk
    • Training new users
    • Retraining existing users on functionality they have forgotten
    • Not providing any training
    • Providing training at the wrong time
    • Providing ineffective training
    • Replacing software with same level of functionality
    • Providing functionality not required by user
    Source: Gartner Increases user productivity/ effectiveness Increases total cost of ownership Decreases total cost of ownership Decreases user productivity/ effectiveness
  • 7. Help Desk
    • Planning
    • Collect trend information and evaluates trends
    • Gather planning information to avert problems and promote the use and further development of network capabilities
    • Development
    • Provide development assistance to end users on business controls, recovery management techniques, etc.
    • Evaluate new applications for inclusion on distributed network
    • Deployment
    • Provide/Coordinate user training on hardware, software, procedures
    • Support
    • Provide first tier of support for problem resolution
    • Compile and maintain online knowledge base
    Responsibilities
  • 8. Tiers of Support Tier 1 Tier 2 Tier 3 Role Help Desk Product Specialists Product Developers
  • 9. Help Desk
    • Competent help desk representatives
      • technically competent, current
      • attitude (calm, patient, thick skin, empathetic, respectful)
    • Variety of help vehicles, e.g.,
      • FAQ/knowledge base
      • online chat/discussion groups
      • super users
    • Regular communication during problem resolution
      • report status
      • be available
      • practice effective listening skills
    • Follow-Up afterward
      • survey/feedback
      • ensure customer satisfaction
    • Measure and assess (SLA)
    • Train users to eliminate need for support in the first place
    Strategies used by successful Help Desks to obtain user satisfaction
  • 10. Help Desk
    • Performance goals are set for
      • all help desk agents
      • all support resources (e.g., vendors, tier 2, etc.)
    • Sample list of performance goals:
      • % of calls resolved on the first call
      • % of calls where user hung up before talking to agent
      • % of calls resolved at each tier
      • Mean Time to Repair (MTTR) for all trouble tickets
      • Number of tickets for each severity level
      • MTTR for each severity level
      • Number of tickets for each tier
      • MTTR for each tier
      • MTTR for specific hardware or applications
      • Number of problems resolved proactively before a telephone call made
    Help Desk Service Level Agreements (SLAs)
  • 11. Help Desk
    • Limits the amount of knowledge needed by help desk agent
    • Ensures users have same level/version of products, reduces complexity of multiple version support
    • Limits number of vendors and suppliers to be dealt with, enables more standardized interactions with these firms
    Product standards enable higher quality help desk service
  • 12. Help Desk
    • Coordination of support across tiers utilizing single point of contact and ownership transfer concepts
    • Ability to integrate and automate service, problem, change and asset management processes
    • Provision of quality and easy-to-use knowledge-based authoring tools
    • Capacity to offer tight integration of these elements:
      • legacy tools
      • telephony
      • Web chat
      • VoIP (voice over Internet protocol)
      • self-support
      • software distribution
      • remote control
      • network and system management (NSM)
    Consolidated Service Desk (CSD) Scope of Functions
  • 13. Help Desk
    • Provider Perspective
    • Lowers people costs associated with service
    • Offers complete picture of all application and system costs
    • Reigns in support “chaos” that resulted from multiple help desks
    • User Perspective
    • Higher quality support and service
    • More seamless interaction with help desk/IT
    • Anywhere, anytime support
    • Users can be more self-reliant
    Benefits of Consolidated Service Desk (CSD)
  • 14.
    • Topic Duration
    • Recap last week 20 minutes
    • Assignment 2 reports 20 minutes
    • Quiz - Training & Help Desk 30 minutes
    • *** Break 15 minutes
    • Risk management 60 minutes
    • Procurement process 50 minutes
    Today’s agenda
  • 15.
    • Topic Duration
    • Recap last week 20 minutes
    • Assignment 2 reports 20 minutes
    • Quiz - Training & Help Desk 30 minutes
    • *** Break 15 minutes
    • Risk management 60 minutes
    • Procurement process 50 minutes
    Today’s agenda
  • 16.
    • Topic Duration
    • Recap last week 20 minutes
    • Assignment 2 reports 20 minutes
    • Quiz - Training & Help Desk 30 minutes
    • *** Break 15 minutes
    • Risk management 60 minutes
    • Procurement process 50 minutes
    Today’s agenda
  • 17. IT Objectives IT Objectives
    • IT is aligned with the business, enables the business, and maximizes benefits
    • IT resources are used responsibly
    • IT related risks are managed appropriately
      • economic
      • technical
      • organizational
      • legal
      • terrorism
    Source: Control Objectives for IT (CobiT)
  • 18. IT Risk Management
    • Economic
    • Technical
    • Organizational
    • Legal
    • Terrorism
    Major Categories of Risk
    • Risks that can potentially affect the business
    • business environment changes
    • financial performance
  • 19. IT Risk Management
    • Economic
    • Technical
    • Organizational
    • Legal
    • Terrorism
    Major Categories of Risk
    • Risks that can affect the development, implementation, and operation of a system
    • integrating technology with legacy
    • applying unproven technology
    • conversion may uncover “dirty” data
    • management inexperienced with projects of this size
  • 20. IT Risk Management
    • Economic
    • Technical
    • Organizational
    • Legal
    • Terrorism
    Major Categories of Risk
    • Risks that can potentially result from lack of acceptance of a system
    • low morale
    • decline in effectiveness/efficiency
  • 21. IT Risk Management
    • Economic
    • Technical
    • Organizational
    • Legal
    • Terrorism
    Major Categories of Risk
    • Risks arising from potential lawsuits and liabilities associated with implementation of a project
    • shareholder lawsuits
    • data privacy
    • Foreign Corrupt Practices Act (FCPA)
  • 22. IT Risk Management
    • Economic
    • Technical
    • Organizational
    • Legal
    • Terrorism
    Major Categories of Risk
    • Risks arising from intentional destruction or malevolent modification of:
    • physical equipment
    • data
    • software
    • network
  • 23. IT Risk Management The process in which potential risks to a business are identified , analyzed and mitigated , along with the process of balancing the cost of protecting the company against a risk vs. the cost of exposure to that risk. Risk Management
  • 24. Importance of risk management
    • Dependence on electronic information and IT systems is essential to support critical business processes. Successful businesses need to better manage the complex technology that is pervasive throughout their organizations in order to respond quickly and safely to business needs. . .
    • . . . In addition, the regulatory environment is mandating stricter control over information. This, in turn, is driven by increasing disclosures of information system disasters and increasing electronic fraud. The management of IT-related risks is now being understood as a key part of enterprise governance.
    Source: IT Governance Institute
  • 25. Importance of risk management
    • One in three senior executives does not have any IT risk management process in place; only half of those who do are confident the processes are strong enough.
    • Two out of three executives say their companies do not understand IT-related risks well enough.
  • 26. Importance of risk management
    • Management needs it to benchmark the existing and planned IT environment
    • Users need it so they can be assured that adequate security and control exists
    • Auditors are increasingly being called on by management to proactively consult and advise on IT security and control-related matters; without a framework, this is exceedingly difficult
    Need for a risk management framework
  • 27. Risk Frameworks RISK MANAGEMENT MODEL Cost of protection Cost of exposure Identify Analyze Mitigate $$ $$ Measure
  • 28. Risk Frameworks Fidelity’s Risk Cube
  • 29. Risk Frameworks Risk Awareness Risk Management Risk Measurement ---------- Fidelity Risk Cube ---------- Identify Analyze Mitigate Measure
  • 30. Risk Frameworks RISK Cube - Key Questions
    • R is for R eturn
      • Are we achieving an appropriate return for the risks we take?
    • I is for I mmunization
      • Do we have controls and limits in place to limit downside risk?
    • S is for S ystems
      • Do we have systems in place to measure and report risk?
    • K is for K nowledge
      • Do we have the right people, skills, culture, and incentives for effective risk management?
  • 31. Risk Management Approaches Risk Management Approaches
    • Interdisciplinary Approach
    • Portfolio Approach
    • Options Thinking
    • Chaos Theory
  • 32. Risk Management Approaches
    • Interdisciplinary Approach
      • Applies an integrated assessment of the risks from various groups in a company to determine and assess all dimensions of risks
      • This approach is critically important when analyzing cross-functional risks because of the number of different stakeholders involved (e.g., when implementing an ERP system)
    • Portfolio Approach
      • Treat IT resources such as hardware, software, services and personnel as collection of investments
      • Creates mix of low-risk, low-payoff initiatives along with high-risk, high-payoff ones
  • 33. Risk Management Approaches
    • Options Thinking
      • Similar to Portfolio Approach
      • Creates financial options approach to create a guide for managing IT investments
        • Allows the business unit to change deals to avoid losses in bad outcomes and enhance gains in good outcomes
      • Create risk profile using decision “tree” extending 5 years into future
      • Group ends up with many possible outcomes along with probability of each outcome
      • At end of each project stage, stakeholders re-evaluate the risks and benefits of continuing or ending the project
  • 34. Risk Management Approaches
    • Chaos Theory
      • Utilizes the approach of assuming that over time very small, almost unnoticeable differences can start a chain reaction that will eventually generate big changes
      • Projects planned with cutting edge technology should focus on near-term big returns on the investment
      • Focus less on ROI (return on investment) and  more on what business impact the project will have
  • 35. Risk vs. Technology Maturity Impact of Technology Maturity Risk Early Adopter Mid Adopter Late Adopter hands-on implementation experience little exper / high risk more exper / mid risk much exper / low risk vendor survival for project after shake-out high risk mid risk low risk sudden changes in direction of technology high risk mid risk low risk integrating technology with existing portfolio high risk mid risk low risk Benefits Period for Start of Payoff  Short term Mid term Long term Size of Returns per period Biggest Bigger  Big 
  • 36. Risk Management at Project Level Steps Taken by Prudent Managers
    • List the risks that could occur and when they could occur
    • Determine what detection method can alert IS that risk occurred
    • Establish detection method
    • Estimate each risk’s probability of occurring
    • Formulate plans that can mitigate each risk
    • Establish teams that will monitor and mitigate the risk
  • 37. Risk Assessment Example
  • 38. Group Problem Describe two types of risks giving an example of each that an IS manager should consider when evaluating the options on replacing a legacy system that will no longer correctly process transactions when a new law goes into effect in six months.
  • 39.
    • Topic Duration
    • Recap last week 20 minutes
    • Assignment 2 reports 20 minutes
    • Quiz - Training & Help Desk 30 minutes
    • *** Break 15 minutes
    • Risk management 60 minutes
    • Procurement process 50 minutes
    Today’s agenda
  • 40. Procurement - Process RFP Process Objective : Identify best solution to meet stated business need while minimizing cost and risk 1. Pre-RFP 2. RFP 3. Proposal Submissions 4. Proposal Evaluations 5. Vendor Selection 6. Procurement Method 7. ROI Analysis 8. Negotiate Contract
  • 41. 1. Pre-RFP
    • Also known as Requirements Definition
    • Preliminary analysis for management (not given to vendor)
    • Serves as basis for Request for Proposal (RFP) and evaluation criteria
    • May be a simple presentation (small firm) or a formal report
    • Most important step in the system procurement process
  • 42. 1. Pre-RFP Steps in the Pre-RFP
    • Problem is noticed
    • High-level requirements are identified
    • Preliminary alternatives proposed
    • Request for Information (RFI) issued
      • Vendors are called/consultants consulted/research conducted
      • Breadth of alternatives is identified
      • Vendors identified to participate in future stages
    • Ideally, 3-6 vendors found for each alternative
    • Collect information from each vendor for the Pre-RFP report to management
  • 43. 1. Pre-RFP Sections of the Pre-RFP Report
    • Problem statement
      • Current state
      • Gaps
      • Risks
    • Alternative solutions
    • Ratings (of each alternative)
    • Range of costs and benefits
    • Recommended alternative and rationale
  • 44. 2. RFP
    • Blueprint for system functionality
    • Confirms in detail the exact requirements stated in both business and technical terms
    • Limited distribution (e.g., 3-5 vendors)
      • Protect confidentiality
      • Keep selection process manageable
  • 45. 2. RFP
    • Business need/Functional requirements
    • Statement of Work to be done
      • Software characteristics
      • Implementation plan
      • Training strategy
      • Maintenance and support
      • Cost budget
    • Procedural details
      • Form and structure of proposal
      • Schedule (meetings, demos, selection)
      • Key contacts
    • Selection criteria
    Contents of an RFP (see also Assign. 3)
  • 46. 2. RFP
    • Multiple solutions available that will fit the need
    • Multiple vendors can provide the same solution
    • Products for the project cannot be clearly specified
    • Project requires vendors to combine and subcontract products and services
    • Lowest price is not the determining criterion for award
    • Final pricing is negotiated with the vendor
    • Corporate policy requires it
    When should an RFP be used?
  • 47. 2. RFP
    • RFP team develops better understanding of the project from both a technical and business perspective
    • Compels vendors to create competitive solutions
    • Does not favor one vendor over another (in theory)
    • “ Everybody singing from same hymn book”
      • vendors working from same set of rules and requirements
    • Facilitates evaluation of competitive solutions
      • provides a foundation on which to base a more rigorous evaluation of a vendor
    Advantages of Using an RFP
  • 48. 2. RFP
    • Should the purchaser include info on budget? on number of RFP’s issued?
      • It is recommended that the purchaser provide indicative figures in both instances
    • Maximum of five qualified vendors should be invited to submit a proposal
    • Presentations/demos only for those making the short list
    • Give vendors $$$ to encourage higher-quality submissions
    Additional points from Assignment 2 papers, past quarters
  • 49. 3. Proposal Submissions
    • Forums to answer vendor questions (written, oral)
      • Vendor conferences before proposal submission
    • Response content and format
    • Sometimes requires "proof" statements, such as "This feature was implemented 12 months ago and is currently installed at 10 sites. Names and addresses are provided in the reference section."
  • 50. 4. Proposal Evaluations
    • Business and Technical Solutions
      • Rating scale: (0=unresponsive, . . ., 5=exceptional)
    • Vendor qualifications (site visits, reference checks)
    • Preliminary cost, value, and risk analysis
      • Cost proposal may be a separate document from technical proposal
    • Vendor demo
    • Personnel assignment
    • May be a two-stage process, with only a “short list” of 2-3 vendors doing demos and making “best and final” offers
    • Question: Who are the key stakeholders in this process?
  • 51. 4. Proposal Evaluations
    • Ability and track record of vendor to meet schedule and budget commitments?
    • Satisfaction levels of vendor’s current customers, particularly long-term customers?
    • Vendor’s project management capabilities, including estimation, project planning, project tracking, and project control?
    • Vendor’s ability to protect your confidential information?
    • Vendor’s track record for providing support?
    • Any litigation pending against vendor?
    • Is the vendor financially stable?
    In selecting a vendor, there are major management and technical considerations Management considerations
  • 52. 4. Proposal Evaluations
    • Ability and track record of vendor to meet technical challenges of project?
    • Evaluation of vendor’s development capability (both work products and development processes)?
    • Level of vendor’s expertise in your industry (e.g., Financial Services)? In this application area (e.g., CRM)?
    • Level of vendor’s expertise with the development and execution environments for the system?
    • Quality of vendor’s past work? Are metrics available?
    In selecting a vendor, there are major management and technical considerations (cont.) Technical considerations
  • 53.
    • End of slides