Strategic Business and IT Alignment : Addressing Assessment and Governance

Silva Molina, Enrique Javier

January 2010

Strategic business and IT alignment assessment is growing in importance. Different assessment methods have been used to try to pursue the complexity of this dynamic and evolutionary alignment. Despite the fact that alignment is a real problem and a challenge of utmost importance, no consensus can be found on what alignment really is, how it should be measured in the organization in practice, or what measures should be taken to maintain and improve it. Consequently, the key question about how to assess and accomplish (define, identify, measure, maintain and improve) the strategic business and IT alignment is still a great unanswered challenge for many enterprises. In this thesis work, three main research questions were formulated: how can the validity and reliability of an alignment assessment method be improved, what are the dominant topics in the area of alignment, and how to facilitate the analysis of the business and IT governance alignment based on business process simulation and balanced scorecard methods. This is a composite thesis work that includes an introduction and six papers (paper A-F). The main contributions and results of this thesis are described in published and included technical papers. In papers A and B an alternative organization-wide approach and metamodel for assessing strategic business and IT alignment are proposed. Two case studies were performed applying the proposed approach. In paper C, a prioritized diagram of the most widely accepted strategic alignment model, with the purpose of categorizing the most important topics in the research area of strategic business and IT alignment is presented. One of the relevant topics that were identified is governance. In papers D, E and F, there are presented a business process simulation approach and a balanced scorecard method in order to facilitate the assessment of the business and IT governance alignment. An illustrative example of the simulation approach is presented in an appendix of this thesis. This research work aims to improve the decision-making process for business and IT managers at different levels in an enterprise by means of increasing the level of understanding and knowledge as well as by enhancing existing models and methods, for evaluating strategic business and IT alignment. / <p>QC 20101110</p>

Enterprise Architecture

Strategic Business and IT Alignment

IT Governance

Business Governance

Business Process Simulation

Balanced Scorecards

IT Services

ITIL

COBIT

Information technology

Informationsteknik

Information technology audits in South African higher education institutions

Angus, Lynne

11 September 2013

The use of technology for competitive advantage has become a necessity, not only for corporate organisations, but for higher education institutions (HEIs) as well. Consequently, corporate organisations and HEIs alike must be equipped to protect against the pervasive nature of technology. To do this, they implement controls and undergo audits to ensure these controls are implemented correctly. Although HEIs are a different kind of entity to corporate organisations, HEI information technology (IT) audits are based on the same criteria as those for corporate organisations. The primary aim of this research, therefore, was to develop a set of IT control criteria that are relevant to be tested in IT audits for South African HEIs. The research method used was the Delphi technique. Data was collected, analysed, and used as feedback on which to progress to the next round of data collection. Two lists were obtained: a list of the top IT controls relevant to be tested at any organisation, and a list of the top IT controls relevant to be tested at a South African HEI. Comparison of the two lists shows that although there are some differences in the ranking of criteria used to audit corporate organisations as opposed to HEIs, the final two lists of criteria do not differ significantly. Therefore, it was shown that the same broad IT controls are required to be tested in an IT audit for a South African HEI. However, this research suggests that the risk weighting put on particular IT controls should possibly differ for HEIs, as HEIs face differing IT risks. If further studies can be established which cater for more specific controls, then the combined effect of this study and future ones will be a valuable contribution to knowledge for IT audits in a South African higher education context.

Electronic data processing -- Auditing

Delphi method

IT infrastructure library

Gestión de incidencias basado en ITIL v3, caso de estudio Centro de Operaciones de Red de AMERICATEL

Tomás Vásquez, Roxana Francesca

January 2014

Publicación a texto completo no autorizada por el autor / Analiza y mejora el proceso de gestión de incidencias para el Centro de Operaciones de Red de Americatel, haciendo uso de las herramientas propias del negocio y siguiendo las recomendaciones enfocadas en las mejores prácticas de ITIL v3. Con la implantación de ITIL v3, la empresa se beneficiará desarrollando un conjunto de procedimientos, que ayudarán a lograr calidad y eficiencia en las operaciones del negocio; teniendo como resultado de este proyecto la propuesta de mejora del proceso de gestión de incidencias, para que estos se solucionen con el menor impacto y en el menor tiempo posible, lo que permitirá ayudar en la toma de decisiones para ofrecer un mejor servicio. / Trabajo de suficiencia profesional

Control de calidad

Control de procesos

Ingeniería de Sistemas y Comunicaciones

Automatización y Sistemas de Control

Guía metodológica gerencial para la toma de decisiones de tercerización de servicios de TI en las PYMES del rubro comercial en Perú

Alcala Garcia, Frank Ademir, Rojas Cuadros, Víctor Jean Franz

January 2014

Publicación a texto completo no autorizada por el autor / Elabora una guía metodológica gerencial para la toma de decisiones de tercerización de tecnologías de la información. Es un aporte para aquellas pequeñas y medianas empresas que se encuentran en la decisión de tercerizar sus servicios de tecnología de la información o ellas mismas son quienes los administran; debido al apogeo en que se encuentra la tercerización de servicios de TI y al aumento de los costos de adquisición, soporte y mantenimiento de los mismos. Existen tal cantidad de proveedores de estos servicios de tercerización que los empresarios de las pequeñas y medianas empresas que existen en el Perú no saben cuál o cuáles son los criterios que deben tener en cuenta al momento de elegir un proveedor, qué servicios o procesos deben o pueden tercerizar sin poner en riesgo la información más crítica del negocio. Con ayuda de esta guía los gerentes de dichas empresas podrán contar con un marco de referencia sobre el cual guiarse y tomar la mejor decisión para el beneficio de su empresa aplicado a la realidad peruana. Esta guía metodológica toma las mejores prácticas elaboradas por ITIL versión 3, CobIT versión 5, PMBOK versión 5.0 entre otras metodologías que permiten brindar un servicio de tecnología de la información de buena calidad. / Trabajo de suficiencia profesional

Contratación de servicios externos

Ingeniería de Sistemas y Comunicaciones

Automatización y Sistemas de Control

Estudo de caso: identificando fatores críticos de qualidade de serviços de TI de uma organização

Iwasa, Fabio Takeji

06 September 2013

Submitted by Fabio Iwasa (fabio@iwasa.com.br) on 2013-12-09T13:39:45Z No. of bitstreams: 1 Dissertacao_Fabio_Takeji_Iwasa_2013_FINAL.pdf: 897257 bytes, checksum: ae33ac67eec4462ef523c9298d2f9f75 (MD5) / Approved for entry into archive by Janete de Oliveira Feitosa (janete.feitosa@fgv.br) on 2013-12-10T11:39:32Z (GMT) No. of bitstreams: 1 Dissertacao_Fabio_Takeji_Iwasa_2013_FINAL.pdf: 897257 bytes, checksum: ae33ac67eec4462ef523c9298d2f9f75 (MD5) / Approved for entry into archive by Marcia Bacha (marcia.bacha@fgv.br) on 2013-12-12T13:52:14Z (GMT) No. of bitstreams: 1 Dissertacao_Fabio_Takeji_Iwasa_2013_FINAL.pdf: 897257 bytes, checksum: ae33ac67eec4462ef523c9298d2f9f75 (MD5) / Made available in DSpace on 2013-12-12T13:52:27Z (GMT). No. of bitstreams: 1 Dissertacao_Fabio_Takeji_Iwasa_2013_FINAL.pdf: 897257 bytes, checksum: ae33ac67eec4462ef523c9298d2f9f75 (MD5) Previous issue date: 2013-09-06 / As empresas no mercado atual estão em um ambiente de agressiva concorrência, e sua sobrevivência depende de fatores como a produtividade, inovação e atingimento de resultados, contudo, sem haver o comprometimento da qualidade. Os departamentos de Tecnologia da Informação possuem grande influência na operação e nos resultados da empresa, pois a importância da tecnologia, tanto no suporte, quanto na própria atividade fim das companhias, é vital. Diante deste contexto, este trabalho analisou as melhores práticas de mercado na gestão de tecnologia da informação como o framework Cobit (Control Objectives for Information Technology) analisada em conjunto com as ferramentas consagradas de mensuração de percepção de qualidade de serviços, de forma a identificar os fatores críticos de sucesso para qualidades de serviços em TI. Utilizou-se a metodologia SERVQUAL em um caso específico de uma empresa de comunicação e assessoria de imprensa, através de um questionário dividido em duas partes e vinte e duas perguntas cada, permitindo identificar as lacunas entre a expectativa e a percepção dos serviços fornecidos em cada uma das cinco dimensões da qualidade de serviço: tangibilidade, confiabilidade, responsabilidade, segurança e empatia. Foram identificados como fatores críticos as dimensões de confiabilidade e de empatia, e para cada uma delas, relacionou-se um conjunto de objetivos de controle do Cobit que permitem a atuação na melhoria das avaliações destes elementos. / The companies in the current market are immersed in an environment of aggressive competition, and their survival depends on factors such as productivity, i nnovation and achievement of results, however, without compromising the quality. The departments of Information Technology (IT) have relevant influence in the operation and in the company's results, due to the vital importance of the technology to the comp any support and to the core business operation. Given this context, this study aims at examining the best practices in managing information technology as for example the framework Cobit (Control Objectives for Information Technology) aligned with well kn own tools, so the critical success factors for the quality of the IT services could be identified. The SERVQUAL methodology was applied in a specific case for a communication and press office company, based on a questionnaire that split up into two parts and twenty - two questions each, which helped to identify the gaps between the expectation and the perception of the services provided in each of the five dimensions of service quality: tangibility, reliability, responsiveness, assurance and empathy. The d imensions of Reliabililty and empathy were identified as critical factors, and each of them were related to a set of control objectives of COBIT that allows the improvement of the performance evaluations of these elements.

Service management

Service quality

Information technology

Cobit

Gestão de serviços

Qualidade de Serviços

Tecnologia da informação

Administração de empresas

Controle de qualidade

Gestão da qualidade total

Analýza slabin procesu IT / Analysis of the weaknesses of IT process

Bláha, Jan

January 2016

The thesis focuses on research of IT process weakness. In theoretical part are described basic terms and also frameworks or best practise of process maturity rating. Selected practice ITIL and COBIT are then used for rating in practical part. For this purpose is choosen one of process which is outsourced by external contractor. Rating is made using free accessible tools, which are offered by selected practice and which offer rating process. Result is established according to consultation with people involved in project and their rating using mentioned tools.

IT Governance &amp; Management : An ability to be more efficient and competitive

Salavati, Sadaf

January 2007

This thesis is written about IT Governance and Management, a phenomenon which can result in higher efficiency and stronger competition for the organization or enterprise in mind. By implementing good IT Governance and Management, IT can support business goals and optimize investments in IT while at the same time IT manages risks and opportunities. The main case study is done at County Administrative Board of Kronoberg where Kronoberg County is counted as one of the smaller counties in Sweden. The County Administrative Board of Kronoberg has an awareness of the importance of good and effective IT Governance and Management even though there is room for improvement.

IT Governance

Management

Corporate Governance

CobiT

Balance Scorecard

Governance Arrangement Matrix

Governance Performance Survey

County Administrative Board of Kronoberg

Information Systems

Audit aplikačních systémů / Audit of application systems

Smola, Martin

January 2009

This thesis is concerned with audit of application system in copany MCR Technology s.r.o., identification of problem areas and following suggestion of possibilities in solving problems, which were identified pursuant to realized audit. First part is focused on general definition and characteristic of audit with view to his goals, mission and effective realization. Then is thesis concerned with audit of information systems, where are defined instruments and methodics for IS audit realization. Second part is focused on audit of application system in company. Audit involves selection of relevant application control form COBIT methodics and their modification for conditions of small copany. After it follows realisation of audit base on select control, summary of audit finding in audit report and indentification of problem areas. The subject of the third part is draft of solutions of problem areas in application system which were identified pursuant to audit.

Zlepšování procesního řízení bankovního oddělení IT / Bank's IT department process management improvement

Holub, Jan

January 2013

This thesis deals with the topic of process management as a part of IT Governance. Cobit is the standard for the IT Governance. For the purpose of the thesis we use Cobit 5, the latest Cobit version published in 2012. Next part of the thesis is focused on describing the principles of process management and analyzing differences between line and process management. To be able to choose the appropriate modeling notation, the work uses the most common notation of process modeling -- BPMN, EPC and UML. The second part of the thesis analyses the current status of process management in an international bank using methods of questionnaire, document analysis and observation. Following the analysis, new concept of process management is created and applied to two specific processes.

Audit cloudových služeb pro malé a střední podniky / Cloud Computing Audit for Small and Medium Enterprises

Kroft, Karel

January 2014

Cloud computing brings to the world of information systems many opportunities but also new risks. The main one is decreased customer ability to directly control the security of information and systems, because administration responsibility passes to providers. This thesis focuses on cloud services auditing from the small and medium enterprises perspective. In introduction, this work defines information system audit terminology, characterizes cloud services and analyzes international legislation. Standardization organizations, published standards and methodologies that are widely respected in IT field are introduced. For the trust mediation in the cloud are important independent third-party audits and organizations specializing in the examination and control of cloud providers. The assumptions list is assembled on this basis to support screening process and to check, whether enterprise, service providers and services are ready for creating efficient and safe cloud system. The assumptions are applied to selected cloud service providers.