Information System Quality Assessment Methods / Metody hodnocení kvality informačního systému

Korn, Alexandra

January 2014

This thesis explores challenging topic of information system quality assessment and mainly process assessment. In this work the term Information System Quality is defined as well as different approaches in a quality definition for different domains of information systems are outlined. Main methods of process assessment are overviewed and their relationships are described. Process assessment methods are divided into two categories: ISO standards and best practices. The main objective of this work is application of gained theoretical knowledge in process assessment with CobiT 4.1 and CobiT 5.0 frameworks, and comparing results. The objective was achieved through consultation with processes owner and the completed questionnaires filled in by management of OnLine S.r.l. Additionally targeted level of capability in CobiT 5.0 is compared with actual, achieved level.

Problematika vymezení role vlastníka procesu / Matters of definition of process owner role

Hejda, Jan

January 2011

The aim of this thesis is to map how the most common process-oriented methodologies and standards govern the issue of process ownership, define the role of a process owner and a comparison of these with a current practice in the corporate environment. The first part describes the theoretical concepts related to process management, including a description of selected methodologies. The following part is a questionnaire and its description followed by the expected responses based on previous theories. The last, third, part of the thesis contains an analysis based on the data obtained from the questionnaire respondents compared with the stated hypotheses and its evaluation.

Model zralosti Green ICT jako východisko při zavádění Green ICT praktik v malých a středních podnicích / Green ICT maturity model as a starting point for the implementation of Green ICT practices in small and medium-sized enterprises

Mlejnek, Petr

January 2012

The general topic of this thesis is Green ICT and its support. But specifically is this work focused on Green ICT maturity model, as a starting point for the implementation of Green ICT practices in small and medium-sized enterprises in the Czech Republic. The main goal of this thesis is therefore the definition of this maturity model. This definition primarily consists of defining the questions, possible responses and assigning weights for these responses from the perspective of Green ICT maturity. By answering these questions, Green ICT maturity of any small or medium-sized enterprise can be measured. To achieve the main goal, the areas of Green ICT and Green ICT maturity levels for small and medium-sized enterprises were defined. However, for making this maturity model a relevant result of the thesis, testing it in practice was necessary. For this purpose was therefore created an interactive website with self-assessment form, through which companies were able to evaluate their Green ICT. Than the results of this self-assessment, were analyzed. The personal benefit of this thesis is definition of the Green ICT maturity model with a focus on small and medium-sized enterprises, including implementation and verification in practice. This part is considered as practical. For theoretical part I consider defining the areas of Green ICT for small and medium-sized enterprises, which is also seen as personal benefit.

Model zralosti zdrojového kódu objektových aplikací / Maturity model of source code of object-oriented aplications

Pavlíčková, Jarmila

January 2007

The goal of this disertation was to develop a maturity model for source code of object-oriented applications and to use this model to verify the quality of the source code of student's applications. The starting point of the thesis was devoted to the analysis of existing standards, norms, methodologies and summaries of best practice for assessing the quality of software products and analysis of the factors that affect the quality of the source code of object applications. To validate the results of the analysis of these factors, the analysis was complemented with a field research conducted among specialist with programming experience. The model to determine the maturity of source code of object-oriented applications was designed according to the analysis and the questionnaire. The statistical method of cluster analysis was used in the design of the model. The model was designed and the procedure of its use in the evaluation of source code was described. This model was pilot tested in education program at the University of Economics in Prague.

Hodnocení vyspělosti procesů IT / Evaluation of IT processes maturity

Horká, Kateřina

January 2014

The thesis deals with the evaluation of IT processes maturity. In the theoretical part, management of information technologies and methods of assessment in the organization are described. Four methods are selected and used for the maturity assessment of the Release Management process in Česká pojišťovna a.s. In the practical section, a questionnaire is evaluated and the Release Management process maturity level is set. The main objective of this thesis is to evaluate maturity of Release Management process and suggest possible improvements. The objective was achieved through the completed questionnaires of Česká pojišťovna a.s. employees and subsequent consultations with the process owner. The thesis consists of six parts. The first chapter deals with the management of information technology in an organization. The second chapter is devoted to the evaluation of process maturity and description of the selected methods of maturity evaluation. The third chapter maps processes according to ITIL, Cobit 4.1 Cobit 5 and provide their introduction. The fourth chapter introduce the organization of Česká pojišťovna a.s.. The fifth chapter describes the specific process Migrating applications in the Česká pojišťovna a.s.. The sixth chapter focuses on the actual comparison of individual methods of evaluating and interpretation of the results.

Informační bezpečnost jako jeden z ukazatelů hodnocení výkonnosti v energetické společnosti / Information security as one of the performance indicators in energy company

Kubík, Lukáš

January 2017

Master thesis is concerned with assessing the state of information security and its use as an indicator of corporate performance in energy company. Chapter analysis of the problem and current situation presents findings on the state of information security and implementation stage of ISMS. The practical part is focused on risk analysis and assessment the maturity level of processes, which are submitted as the basis for the proposed security measures and recommendations. There are also designed metrics to measure level of information security.

Implementace CMM při posuzování kvality business procesů / CMM Implementation on Officiating of Business Processes Quality

Slobodník, Tomáš

January 2012

The paper examines the characteristics of quality management, business process management and process maturity models. Presents a prototype of web-based tool to support the implementation of CMMI for Services, its concept, implementation and application in the selected company. It analyzes the main activities of the company and suggests improvements in accordance with the CMMI model.

A Conceptual Model of the Revised CAI-NPD-Systems Maturity

Hüsig, Stefan

11 November 2015

This article aims to turn the attention of researchers and practitioners in the innovation and engineering management field towards a more fine grained view on the influence of Information Technologies (IT) and New Product Development (NPD) capabilities on innovation outcomes in different stages of maturity. Computer Aided Innovation (CAI), as a specific but often overlooked category of IT-tools for innovation activities, is introduced as having the potential to positively influence the innovation supporting capabilities. Based on current and emerging developments in the fields of CAI and NPD, a revised version of the conceptual model of the CAI-NPD-systems maturity framework is proposed.

info:eu-repo/classification/ddc/330

ddc:330

Modelo de referencia para identificar el nivel de madurez de ciberinteligencia de amenazas en la dark web

Aguilar Gallardo, Anthony Josue, Meléndez Santos, Ricardo Alfonso

31 October 2020

La web oscura es una zona propicia para actividades ilegales de todo tipo. En los últimos tiempos los cibercriminales están cambiando su enfoque hacia el tráfico de informacion (personal o corporativa) porque los riesgos son mucho más bajos en comparación con otros tipos de delito. Hay una gran cantidad de información alojada aquí, pero pocas compañías saben cómo acceder a estos datos, evaluarlos y minimizar el daño que puedan causar. El presente trabajo propone un modelo de referencia para identificar el nivel de madurez del proceso de Ciber Inteligencia de Amenazas. Esta propuesta considera la información comprometida en la web oscura, originando un riesgo latente que las organizaciones no consideran en sus estrategias de ciberseguridad. El modelo propuesto tiene como objetivo aumentar el nivel de madurez del proceso mediante un conjunto de controles propuestos de acuerdo a los hallazgos encontrados en la web oscura. El modelo consta de 3 fases:1. Identificación de los activos de información mediante herramientas de Ciber inteligencia de amenazas. 2. Diagnóstico de la exposición de los activos de información. 3. Propuesta de controles según las categorías y criterios propuestos. La validación de la propuesta se realizó en una institución de seguros en Lima, Perú con datos obtenidos por la institución. Los resultados preliminares mostraron 196 correos electrónicos y contraseñas expuestos en la web oscura de los cuales 1 correspondía al Gerente de Tecnología. Con esta identificación, se diagnosticó que la institución se encontraba en un nivel de madurez “Normal”, y a partir de la implementación de los controles propuestos se llegó al nivel “Avanzado”. / The dark web is an area conducive to illegal activities of all kinds. In recent times, cybercriminals are changing their approach towards information trafficking (personal or corporate) because the risks are much lower compared to other types of crime. There is a wealth of information hosted here, but few companies know how to access this data, evaluate it, and minimize the damage it can cause. In this work, we propose a reference model to identify the maturity level of the Cyber ​​Intelligence Threat process. This proposal considers the dark web as an important source of cyber threats causing a latent risk that organizations do not consider in their cybersecurity strategies. The proposed model aims to increase the maturity level of the process through a set of proposed controls according to the information found on the dark web. The model consists of 3 phases: 1. Identification of information assets using cyber threat intelligence tools. 2. Diagnosis of the exposure of information assets. 3. Proposal of controls according to the proposed categories and criteria. The validation of the proposal was carried out in an insurance institution in Lima, Peru with data obtained by the institution. Preliminary results showed 196 emails and passwords exposed on the dark web of which 1 corresponded to the Technology Manager of the company under evaluation. With this identification, it was diagnosed that the institution was at a “Normal” maturity level, and from the implementation of the proposed controls the “Advanced” level was reached. / Tesis

Ciberseguridad

Ciber inteligencia de amenazas

Modelo de madurez

Web oscura

Cybersecurity

Cyber threat intelligence

Maturity model

Dark Web

Sales & Operations Planning: Utvärdering, förbättring och implementering : En fallstudie på Höganäs Sweden AB / Sales & Operations Planning: Evaluation, improvement and implementation : A case study at Höganäs Sweden AB

Gladh, Isac, Lindahl, Aron

January 2020

Titel: Sales & Operations Planning: Utvärdering, förbättring och implementering. En fallstudie på Höganäs Sweden AB.  Kurs: 4FE19E Examensarbete i Logistik för Civilekonomprogrammet. Författare: Aron Lindahl & Isac Gladh. Handledare: Peter Berling.  Bakgrund: Höganäs Sweden AB upplever att deras S&OP-arbete i nuläget inte fungerar effektivt. Missförstånd och oklarheter uppkommer ofta mellan avdelningarna och det är brist på standardiserade arbetssätt att förhålla sig till när det kommer till arbetet med S&OP. S&OP är ett verktyg som kan användas för att stärka samarbetet mellan olika avdelningar inom en verksamhet samt göra informationsdelningen mer transparant och effektivare vilket i sin tur leder till en högre grad av planeringsintegration. Representanter från företaget menar att det finns förbättringspotential kopplat till deras arbete med S&OP.  Syfte: Syftet med uppsatsen är att generera ett ramverk som tillverkande företag kan använda för att utvärdera, förbättra samt implementera sin S&OP-process.  Metod: Detta arbete är en fallstudie på företaget Höganäs Sweden AB där empiri har samlats in genom direkta observationer, strukturerade-, semistrukturerade samt ostrukturerade intervjuer med olika representanter från företaget. Arbetet grundar sig i ett kvalitativt angreppssätt med en deduktiv ansats.  Slutsats: Denna studie har fastställt mognadsgraden för S&OP-processen vid Höganäs Sweden AB och konstaterats att det finns förbättringspotential. Studien har, utifrån nuvarande mognadsgrad, tagit fram en rad åtgärder och verktyg som syftar till att förbättra processen och på sikt öka mognadsgraden för S&OP-processen vid Höganäs Sweden AB. För att kunna implementera dessa förbättringsförslag har författarna genererat en modell som behandlar hur tillverkande företag ska implementera S&OP. Implementeringsprocessen som beskrivs i modellen är en utveckling av befintlig teori där viktiga faktorer och åtgärder från olika källor har sammanfogats till en modell för effektiv implementering. / Title: Sales & Operations Planning: Evaluation, improvement and implementation. A case study at Höganäs Sweden AB. Course: 4FE19E Degree project in Logistics, the Business Administration and Economics Programme. Authors: Aron Lindahl & Isac Gladh.  Tutors: Peter Berling. Background:  Höganäs Sweden AB is experiencing that their current S&OP is not operating effectively. Misunderstandings and ambiguities often arise between departments and there lack of standardized ways of working when it comes to S&OP. S&OP is a tool that can be used to strengthen the cooperation between departments within a business and make the information sharing more transparent and effective which in turn leads to a higher degree of plan integration. Representatives from Höganäs Sweden AB states that there is potential for improvements when it comes to their work with S&OP.    Purpose: The purpose of this case study is to generate a framework that manufacturing companies can use to evaluate, improve and implement their S&OP-process.  Method: This is a case study at Höganäs Sweden AB where the empirical data has been collected through direct observations and unstructured, semi-structured and structured interviews. The work is based on a qualitative strategy with a deductive approach. Conclusion: This case study has determined the maturity level of the S&OP process at Höganäs Sweden AB and established that there is potential for improvements. The case study has, based on the current maturity level, generated a number of improvement suggestions with the purpose of improving the process and in the long run increase the maturity level for the S&OP process at Höganäs Sweden AB. In order to be able to implement these improvement suggestions the authors have generated a model that cover how manufacturing companies should implement S&OP. The implementation process that is described in the model is a development of existing theory where important elements and actions from different sources has been collected and merged into one model for effective implementation.

Sales and Operations Planning

S&OP process

Improvements

S&OP implementation

Maturity model

Organisation culture

Plan Integration

Sales and Operations Planning

S&OP-processen

Förbättringar

S&OP-implementering

Mognadsmodellen

Organisationskultur

Planeringsintegrering

Business Administration

Företagsekonomi