IT effectiveness efforts as predictors of organizational outcomes : a normative model for assessing IT quality

Curry, Michael

January 2014

Information technology (IT) is a key enabler of modern business practices, yet reliably effective IT systems remain a significant challenge for many organizations. The consequences when systems fail to behave as expected becomes ever-more problematic as IT dependence grows. Therefore, methods for assessing IT effectiveness and generating actionable recommendations for improvement are key drivers of success. For this reason, large organizations often adopt IT best practice frameworks such as COBIT, ITIL or ISO/IEC standards which can offer greater assurances of IT effectiveness. However smaller organizations are rarely able to adopt these frameworks due, in part, to resource constraints, and a preference to eschew authoritative practices in favour of informal guides to action. Consequently, a significant research gap is the lack of IT effectiveness approaches for organizations unable or unwilling to adopt formal IT best practice frameworks. This thesis presents an alternative norms-based approach to IT effectiveness which some organizations might find more suitable. Norms are informal beliefs (e.g. ‘using a complex password helps safeguard data’) which motivate behaviours and can often be expressed using non-technical language. We review the literature to formulate a predictive model connecting norms to IT quality. Employing a scientific methodology defensible on philosophical grounds and accepted research practices, we distil a set of IT effectiveness norms from the COBIT 4.1 IT governance framework and adapt theories of motivation to justify our assertion that IT effectiveness norms can motivate actions. Our work is signficant in its formulation of an alternative approach for assessing IT operations and improving organizational IT outcomes. Our survey instrument –validated in four studies, which include a non-profit and government organization, multiple small businesses, a large pharmaceutical company and a university –is a light-weight and reliable assessment tool. Our predictive model is able to explain 26% of observed variance, and can offer actionable and non-technical insights which can improve organizational outcomes. A norms-based approach may bring many of the same IT effectiveness benefits offered by formal IT best practices into organizations, such as small businesses, which lack the resources for their implementation. This approach may also help bridge important communication gaps between IT professionals and others in the organization by providing a different, less technical perspective for framing, assessing, diagnosing, and communicating about IT processes.

658.4

Metodiky řízení informatických procesů, srovnání, vliv na efektivitu podnikového IS/ICT / Methodologies of information services management, their comparison and impacts on corporate ICT efficiency

Novák, Tomáš

January 2009

This diploma thesis engages with methodologies of managing processes in informatics. This thesis takes into account ITIL, COBIT and ITGPM frameworks considering primarily aspects of setting-up and ensuring SLAs of the services provided by informatics. The author of this thesis has chosen this topic with regards to his profession where as project manager has met typical problems related to the development as well as to the operation of information systems. The goal of this work is to find out what is the approach of each of the considered methodologies to SLAs and their fulfilment. In the second part the thesis is aimed in practical impact of SLAs to the development and operation phases of the service lifecycle. In the first part of the thesis, the given objectives are met on a theoretical level, where is for each of the selected methodological frameworks captured its approach to the issues related to an information service operation, its parameters and their ensuring. Next goal, still on theoretical level, is to find out, whether the individual methodologies (approaches) can be combined together in order to reach the needed quality of a service. In its second part is the thesis aimed on practical analysis of the SLA impact on the development and operational activities. As an example, the author describes necessary adjustments to the processes of both, the provider and the customer of any informatics service, beginning from the initial analytical phases to the live mode of the service. The practical part combines approaches of the given frameworks and adds author's experiences gained in the domain. In the end of the thesis, findings and conclusions resulting from the captured facts are briefly summarized, including the author's opinion and recommendations.

Modelování procesů zvoleného rámce pro komplexní řízení podnikové informatiky v ARIS Designer / Processes Modeling of Selected Framework for Complex Management of Business Informatics in ARIS Designer

Štanglica, Jakub

January 2014

This master's thesis deals with modeling of processes of the selected framework for complex management of business informatics using ARIS Designer tool. The reader is introduced into problematics of process approach to business management and process modeling. The next part of this master's thesis introduces some notations and approaches to process modeling and then closer describes the ARIS methodics and tools. The next part of this document focuses on a few frameworks for business IT management and closer describes the ITIL framework and its processes. The second half of this master's thesis describes creation of the model of ITIL framework processes.

AN ASSESSMENT OF THE IT GOVERNANCE MATURITY AT SL

Stanojevic, Petar

January 2011

Today Information Technology (IT) can be found in every modern enterprise. As IT has become one of the most crucial parts of an enterprise, it has made management aware of the impact IT has on the success of the enterprise. This has led to a significant increase on IT investments. IT governance aims at assuring that IT delivers more value from IT investments and enforcing IT‟s role as a business enabler. AB Storstockholms Lokaltrafik (SL) is a government owned company that is responsible for the general transportation system in the municipality of Stockholm. This master thesis aims at assessing the IT organization at SL from an IT governance perspective. The purpose of such assessment is to identify problem areas and suggest measures for improvement. The IT governance framework COBIT (Control Objectives for Information and related Technology) has guided the theory for IT governance throughout this study. A framework for the assessment of the IT governance maturity at SL was developed based on the IT Organization Model Assessment Tool (ITOMAT), a formalized method for assessing the IT governance maturity. The IT governance maturity of SL obtained the score 2,68 out of 5,00. Considering the fact that SL started with the process of introducing IT governance to the organization as recent as 3 years ago, the result obtained is higher than expected. It indicates that significant progress has been achieved in their IT governance. Nevertheless, the organization still has great potential for improvement.

IT Governance

IT Governance Maturity

COBIT

Process

IT

Elektroteknik och elektronik

Propuesta de transformación digital alineada al plan estratégico de una entidad de control gubernamental del Estado Peruano luego de ser evaluados los procesos de TI utilizando COBIT 5 PAM / Digital transformation proposal aligned to the strategic plan of a government control entity of the peruvian state after evaluated IT processes using COBIT 5 PAM

Ormeño Salazar, Carlos Alberto, Valdez Cordova, Hjalmar Neryght Yoght

06 November 2019

El siguiente trabajo de tesis presenta una propuesta de transformación digital alineada al plan estratégico institucional de una entidad de control gubernamental del Estado peruano luego de realizar la evaluación de los procesos con el uso de COBIT 5 PAM. En este documento, se encontrará como primer capítulo, la definición del proyecto, donde se detalla la entidad de objeto de estudio, la visión, misión, objetivos estratégicos y una explicación breve de los mismos. El segundo capítulo, nos muestra el cumplimiento de los Outcomes – ABET. En el tercer capítulo, se presenta el marco teórico utilizado para la tesis. En el cuarto capítulo encontraremos el desarrollo del proyecto, que está dividido en dos secciones, la primera relacionada al Gobierno Corporativo de TI donde hemos utilizado como instrumento de evaluación COBIT 5 PAM, aquí se detallan los procesos de TI, se realiza un contraste con los procesos de TI de COBIT 5 PAM, se evalúan los niveles actuales de cada proceso, la brecha encontrada y finalmente se plantea un plan de mejora. Como segunda sección, encontramos el tema de Transformación Digital, en el cual se detallan las tecnologías a utilizar, el proceso que se desea transformar y cómo las herramientas tecnológicas planteadas brindan soporte al mismo, así también, se determina una factibilidad técnica y económica de la propuesta. Como quinto capítulo, se detallan los resultados del proyecto de tesis, y finalmente, se presenta las herramientas para la gestión del proyecto y anexos. / The following thesis work presents a proposal for digital transformation aligned with the institutional strategic plan and after a self-evaluation has been carried out in relation to the use of COBIT 5 PAM on a government control entity of the Peruvian State. In this document, you will find as the first chapter, the definition of the project, which details the entity under study, the vision, mission, strategic objectives, process diagram and a brief explanation of them. In the third chapter, the theoretical framework used for the realization of this thesis is presented. In the fourth chapter we will find the development of the project, which is divided into two large sections, the first related to the Corporate Governance of IT where we have used as an evaluation instrument COBIT 5 PAM, here the IT processes are detailed, a contrast is made With the IT processes proposed by COBIT 5 PAM, the current levels of each process, the expected levels, the gap found are evaluated and finally an improvement plan is proposed. As a second section, we find the topic of Digital Transformation, in which the technologies to be used are detailed, the process that you want to transform and how the technological tools proposed support it, as well, a technical and economic feasibility of the proposal. As the fifth chapter, the results of the thesis project are detailed, and finally, the support tools for project management are presented. / Tesis

Transformación digital

Big data

Machine learning

Auditoría digital

COBIT 5 PAM

Digital transformation

Digital audit

Propuesta de mejora de gobierno de TI para facilitar transformación digital para una empresa del sector pesquero

Suncion Araujo, Victor Raul, Oncebay López , Julio Jesús

09 November 2019

Durante los últimos 10 años la necesidad de contar con un efectivo gobierno de TI se hace indispensable para las empresas que quieren lograr una ventaja competitiva en el mercado. El plan estratégico de las empresas debe contener su plan a futuro y las acciones que debe realizar para lograrlo. Asimismo, sus objetivos estratégicos deben estar alineados con los procesos de TI. Bajo este escenario, en el que se presenta un constante cambio, muchas empresas se enfrentan a problemas de bajo nivel de control y uso inadecuado de recursos, causados por la baja concientización de un Gobierno de TI, que posteriormente desencadenan en una insuficiente definición de procesos, en la carencia de la evaluación de capacidades de procesos y en la falta de iniciativa para la mejora continua. Asimismo, a través de la tecnología se busca transformar el proceso de negocio de operación de pesca porque está asociado a los objetivos estratégicos de la empresa. Por ende, cualquier impacto negativo se ve reflejado en la rentabilidad y costos Ante esta situación, se desarrolla la propuesta para el caso de estudio de una empresa del sector pesquero, en el que se propone mejorar los procesos de TI mediante un marco de trabajo basado en COBIT PAM y transformar el proceso de operación de pesca utilizando la tecnología basada en internet de las cosas para consolidar este proceso obteniendo rentabilidad y reduciendo costos. / During the past 10 years the need for effective IT governance has become indispensable for companies that want to gain a competitive advantage in the market. The strategic business plan must contain its future plan and the actions it must take to achieve it. At the same time, its strategic objectives should be aligned with the IT processes. Under this scenario, in which there is constant change, many companies face problems of low level of control and inaddecuate use of resources, caused by the lack of awareness of an IT Government, which subsequently trigger an insufficient process definition, in the carence of evaluation of process capacities and in the lack of initiative for continuous improvement. Likewise, technology seeks to transform the fishing operation business process because it is associated with the company's strategic objectives. Therefore, any negative impact is reflected in profitability and costs. Given this situation, the proposal is developed for the case study of a company in the fishery sector, in which it is proposed to improve IT processes through a framework based on COBIT PAM and transform the fishing operation process using technology based on the internet of things to consolidate this process obtaining profitability and reducing costs. / Tesis

Transformación digital

Tecnologías de la información

Industria 4.0

COBIT 5 PAM

Digital transformation

Information technology

Industry 4.0

Melhores práticas para implantar política de segurança da informação e comunicação em instituições federais de ensino superior

RIOS, Orlivaldo Kléber Lima

30 November 2016

Submitted by Rafael Santana (rafael.silvasantana@ufpe.br) on 2017-08-31T19:26:08Z No. of bitstreams: 2 license_rdf: 811 bytes, checksum: e39d27027a6cc9cb039ad269a5db8e34 (MD5) Dissertação_Orlivaldo_Kléber_Ciência da Computação_UFPE_.pdf: 2557373 bytes, checksum: ce725c091789d262ff35ae1f87b18a37 (MD5) / Made available in DSpace on 2017-08-31T19:26:08Z (GMT). No. of bitstreams: 2 license_rdf: 811 bytes, checksum: e39d27027a6cc9cb039ad269a5db8e34 (MD5) Dissertação_Orlivaldo_Kléber_Ciência da Computação_UFPE_.pdf: 2557373 bytes, checksum: ce725c091789d262ff35ae1f87b18a37 (MD5) Previous issue date: 2016-11-30 / O Tribunal de Contas da União, por meio da Secretaria de Fiscalização de TI, publicou, em 2015, por meio do Acórdão 3117/2014-TCU-Plenário, o quadro crítico em que se encontravam os órgãos da Administração Pública Federal, direta e indireta, concernente aos processos de segurança da informação, onde apenas 51% daqueles órgãos utilizavam integralmente a Política de Segurança da Informação. Considerando que há recomendações e orientações do Governo Federal para a institucionalização da Política de Segurança da Informação e Comunicação em todos seus órgãos, essa pesquisa buscou identificar o cenário em que se encontram as Instituições Federais de Ensino Superior, quanto à existência e às práticas utilizadas para implantação de Política de Segurança da Informação, considerando que tais instituições estão inseridas nesse panorama de fiscalização do Tribunal de Contas da União. Como objetivo de pesquisa, buscou-se a elaboração de um guia de melhores práticas para implantação e revisão de Política de Segurança da Informação e Comunicação nas Instituições Federais de Ensino Superior. Como metodologia foram utilizadas as abordagens quantitativa e qualitativa, empregando procedimentos bibliográficos, com o uso da revisão sistemática, e o levantamento de campo com aplicação de questionário Survey. Ao final da pesquisa, percebeu-se que o fator humano é a maior criticidade para o sucesso da implantação da Política de Segurança da Informação e Comunicação, principalmente a participação da Alta Gestão, entretanto, a elaboração do guia promoverá ações estratégicas nos processos de segurança da informação das Instituições Federais de Ensino Superior, quanto à implantação e revisão de Política de Segurança da Informação e Comunicação. / The Court of Auditors of Unity, IT Supervisory Office, published in 2015, through Decision 3117/2014 - TCU-Plenary, the critical situation in which they found the agencies of the Federal Public Administration Office, both direct as indirectly, concerning the information security processes, where only 51% of those agencies fully used the Security Policy information. Whereas there are recommendations and guidelines of the Federal Government for the institutionalization of the Information and Communication Security Policy in all its agencies, this research sought to identify the scenario where the Federal Institutions of Higher Education are, regarding the existence and the practices adopted in the implementation of information security policy, considering that such institutions are inserted in this prospect of the Brazilian Federal Accountability Office surveillance. In this research we aimed to formulate the a Guide for the best practices to the implementation and revision of Information Security Policy in Federal Institutions of Higher Education. It were used both quantitative and qualitative approaches, employing, employing bibliographic procedures, with the use of a systematic review and also a field survey. At the end of this research it was realized that the human factor is the most critical aspect for the successful implementation of Security Policy information, especially the participation of the High Management. However, the formulation of a guidance will promote strategic actions in the information security processes of Federal Institutions of Higher Education, towards the implementation and revision of Information and Communication Security Policy.

Information System Quality Assessment Methods / Metody hodnocení kvality informačního systému

Korn, Alexandra

January 2014

This thesis explores challenging topic of information system quality assessment and mainly process assessment. In this work the term Information System Quality is defined as well as different approaches in a quality definition for different domains of information systems are outlined. Main methods of process assessment are overviewed and their relationships are described. Process assessment methods are divided into two categories: ISO standards and best practices. The main objective of this work is application of gained theoretical knowledge in process assessment with CobiT 4.1 and CobiT 5.0 frameworks, and comparing results. The objective was achieved through consultation with processes owner and the completed questionnaires filled in by management of OnLine S.r.l. Additionally targeted level of capability in CobiT 5.0 is compared with actual, achieved level.

Hodnocení vyspělosti procesů IT / Evaluation of IT processes maturity

Horká, Kateřina

January 2014

The thesis deals with the evaluation of IT processes maturity. In the theoretical part, management of information technologies and methods of assessment in the organization are described. Four methods are selected and used for the maturity assessment of the Release Management process in Česká pojišťovna a.s. In the practical section, a questionnaire is evaluated and the Release Management process maturity level is set. The main objective of this thesis is to evaluate maturity of Release Management process and suggest possible improvements. The objective was achieved through the completed questionnaires of Česká pojišťovna a.s. employees and subsequent consultations with the process owner. The thesis consists of six parts. The first chapter deals with the management of information technology in an organization. The second chapter is devoted to the evaluation of process maturity and description of the selected methods of maturity evaluation. The third chapter maps processes according to ITIL, Cobit 4.1 Cobit 5 and provide their introduction. The fourth chapter introduce the organization of Česká pojišťovna a.s.. The fifth chapter describes the specific process Migrating applications in the Česká pojišťovna a.s.. The sixth chapter focuses on the actual comparison of individual methods of evaluating and interpretation of the results.

Hodnocení informačních systémů. / Information System Assesment

Matuška, Marian

January 2008

This work is evaluating information system from several different aspects. First of them is evaluation from customers point of view when choosing or using the information system. Second aspect is evaluation of information system itself by producer. The goal of this evaluation is to have high quality information system.