Rozprawy doktorskie na temat „IT”

One of the best ways to get expected results from information technology (IT) in a business organization is to have a close look at the financial issues related to it. Financial issues such as IT investment, IT costs, IT resources should be dealt with special care if any organization wants to get best result from its IT systems. The purpose of this research is to investigate the condition of IT financial issues such as IT investment, IT costs, IT resources, IT business value etc. in the selected seven organizations of Sweden and to have an understanding behind the condition. First of all, a survey has been conducted with nine IT managers from these seven organizations to get an overview of the condition of dealing with various IT financial issues. Then follow-up interviews have been conducted with four of those IT managers that took part in the survey to find out the reason behind the condition dealing with those IT financial issues. The results of the study show that most the seven companies do not have proper capital budgeting technique, benefit identification plan for IT investment. Most of them do not calculate all the IT related costs. Most of them have lack of knowledge about the business value of IT. Their knowledge of impact of IT resources is not clear. The study further shows why those seven companies are having that kind of condition regarding the IT related financial issues.

Abstract

Date              2009-06-07

Level             Master thesis in Information Technology and Business Administration, 15 hp, EIK024

Authors        Anna Karlsson, akn05009@student.mdh.se                      Lena-Maria Lindström, llm05002@student.mdh.se

Tutor            Peter Ekman

Title              IT Governance with an IT investment focus

Keywords     IT Governance, IT investments, IT decisions

Problem       To control and manage IT and IT functions in the organization has been a big challenge for many businesses for a long time. In order to make the management of IT more efficient IT Governance is needed. If the organization is going to be successful IT Governance is necessary and this type of governance enables a more effective use of IT that supports the business and its operations. The problem questions for this thesis are: How is the company’s IT Governance built up? How are decisions regarding the company’s IT investments taken? How is the connection between the company’s IT investments and the company’s IT Governance?

Purpose        The purpose of this thesis is to describe and analyze how a company’s IT Governance is built up and how the company uses IT Governance to reach the desired results from the IT investments.

Method        The thesis is a qualitative study. The thesis group has made three interviews; one at Swecon Anläggningsmaskiner AB, one at Volvo Construction Equipment AB and one at Telge nät AB. The respondents are all IT managers. The interviews were semi structured as the authors of the thesis wanted it to be more of an interview / discussion.

framework

Theoretical   The theoretical framework of the thesis begins with a presentation of decision making in the organizations followed by a background to IT investments. Finally a presentation of IT Governance which is divided into four parts follows: who takes the IT decisions, which decisions are made, how are these decisions made and monitored and the fourth part that focuses on the company management’s involvement in IT Governance. The part is finished with a summarizing analytic model made by the authors of the thesis.         

Conclusion   We have concluded that the three companies all have some sort of IT Governance, but how the IT Governances are built up varies. We also have concluded that the companies' ambition by using IT Governance is to reach the desired results from their IT investments.  By using IT Governance the companies are forced to pay attention to certain aspects eg., that the investments really are aligned with the companies businesses and that certain metrics are estimated for investments in the IT investment approval process.

Godkänd; 2003; 20061106 (haneit)

Sedan IT-bubblan sprack 2002 har marknaden nu börjat återhämta sig. Allt fler mindre organisationer investerar i IT igen. Detta gör att IT-konsulterna blir mer eftertraktade på marknaden. I takt med att IT-konsulternas ökade arbete och ökningen av de mindre företagens investeringar, ökar vikten av IT-konsulternas råd angående kommunikation, ansvarsfördelning och samordning som förmedlas till de små och medelstora företagen under investerings processen.

Samtidigt presenterar dagens litteratur en mix av olika rekommendationer för hur organisationer bör hantera olika roller och dess ansvarsfördelning. Dessa teoretiska rekommendationer är både tydligt –och otydligt uttryckta av diverse författare. På grund av denna teoretiska kunskap, de små –och medelstora företagens (SME) ökade entreprenad av IT och vikten av en klar ansvarsfördelning vid IT-investeringar, har syftet med denna studie varit att undersöka vilka råd dagens IT-konsulter ger till SME i relation till de teoretiska riktlinjerna. Studien har sedan genomförts ur ett konsultperspektiv.

Genom detta syfte har metoden för att samla in data varit personliga semistandardiserade intervjuer med 12 olika IT-konsulter i Jönköpings län riktade mot SME. För att vi skulle kunna utvinna en djup förståelse för dessa konsulters syn på roller och ansvarsfördelning har vi använt oss av en kvalitativ metod. Dessutom har vi haft en utforskande och jämförande ansats genom vår granskning av studie området och vår jämförelse av roller och ansvarsfördelning som först mellan alla IT-konsulter och sedan mellan IT-konsulternas kategoriserade synsätt och de identifierare teoretiska synsätten.

En faktor som påverkar studiens tillvägagångssätt är den teoretiska studie som gjorts kring ämnet roller och ansvar vid IT-investeringar av Granehäll et al. (2005). Dessa författare presenterar tre olika teoretiska synsätt av roller och ansvarsfördelning vid applikationsinvesteringar. Vi fann dessa synsätt vara i behov av att kompletteras för att bli fullständiga och anpassade för små –och medelstora företag. Detta utgav grunden för den teoretiska del i denna studie och påverkat strukturen och presentationen av de teoretiska data som här presenteras.

Efter en presentation av ytterligare teori om roller och ansvar och en utökning av de tidigare fastställda teoretiska synsätten, kunde vi i denna studie identifiera tre nya teoretiska synsätt fokuserade på roller och ansvar vid applikationsinvesteringar

Den empirisk data som vi fått fram under studien av de olika medverkade IT-konsulterna presenteras var för sig. Detta har gjorts för att ökad förståelse och underlättad läsning.

Under studien av roller och ansvar i applikationsinvesteringar och IT-konsulternas synsätt på roller och ansvar i SME applikationsinvesteringar har vi kommit fram till att teorins rekommendationer riktar sig mot företag i allmänhet, då oftast mot större företag, vilket gör att teorins rekommendationer till viss del skiljer sig från IT-konsulternas syn på roller och ansvarsfördelning. Vi såg även att IT-konsulterna presenterar olika råd angående roller och ansvar. Vi har därför haft möjlighet att kategorisera dessa olika råd till tre synsätt med olika fokus.

As the market now has begun to recover from the IT-crash in 2002, many smaller organisations are now starting to invest in IT again. This makes the IT-consultants more wanted on the market. In proportion to the increasing work of the IT-consultants and the increasing SME investments, the IT-consultants advices becomes more important regarding communication, responsibilities and collaboration, given to the Small and Medium sized Enter-prises (SME) in the time of their investment process.

At the same time the theory presents a mix of recommendations for how roles and responsibility should be managed within the general organisation. These recommendations are clearly and vague expressed by different authors. Given this theoretical knowledge, the SME’s increasing outsourcing of IT-management and the importance of a clear structure of responsibilities in IT-investments, has the purpose of this study been to investigate in the advices the IT-consultants are communicating to SME in relation to the theoretical rec-ommendations. The study has then been accomplished through a consultant’s perspective.

Due to the purpose this study has been accomplished by face-to-face semi-standardised interviews with 12 IT-consultants within the County of Jönköping directed towards SME in application investments. Given that we wanted to gain a deep understanding of these IT-consultants recommendations on roles and responsibilities we therefore used a qualitative method. Furthermore, we also used an explorative effort due to our purpose to scrutinise the research area and a comparative effort when comparing the IT-consultants views with each other and then comparing the categorised IT-consultants views to the theoretical views identified in this study.

One factor influencing the mode of procedure is the theoretical study of roles and responsibilities made by Granehäll, Karlström and Uyanik (2005). These authors present three different views of roles and responsibilities in application investments. We found these views necessary to be further developed. This became the foundation of the theoretical data of roles and responsibilities in this study, setting the structure of the presentation of theoreti-cal data.

After presenting the additional theory and adding it to the all ready known views, we were in this study able to identify three new theoretical views on roles and responsibilities fo-cused on different roles.

The empirical data, established during this study, expressed by each participative IT-consultant is presented separately. This has been done to increase understanding and to facilitate the reading.

During this study on roles and responsibilities in application investments and the IT-consultants view on roles and responsibilities in SME application investments we found that the theory is directed to organisations in general, with an undertone that specifies the direction towards larger organisations, causing the theory to recommend different roles of responsibilities than the IT-consultants actually are practising. The IT-consultants we found to present different advice regarding roles and responsibilities. We have therefore been able to categorise these different advices into three different views with different focus.

Date: 2008-10-06

Level: Bachelor thesis within Information Technology and business economics, 15p, EIK021

Authors: Anna Karlsson, akn05009@student.mdh.se

Lena-Maria Lindström, llm05002@student.mdh.se

Magnus Wretlund, mvd05001@student.se

Tutor: Marie Mörndal

Title: Managing IT-incidents, a case study at ICAs IT department                            Operations

Keywords: IT-incident management, IT-incident management process, IT-incident, ITIL, CCTA

Problem: An organization can benefit by having an established management process of handling IT-incidents. But how can this be achieved? Are there step-by-step procedures? What´s included in the management process of IT-incidents? Is the size of the organization relevant to which model is to be chosen? Can the work of the writers of this essay result in a recommendation of a specific model for IT-incident management? These questions lead to the following essay question; How are IT-incidents managed?

Purpose: The purpose of this thesis is to describe and discuss how IT incidents can be managed.

Method: The writers of this essay have performed a case study at ICA, a Swedish food retail company. Eleven interviews with nine different persons have been carried out. The interviews are analyzed in the chapter called Resultat och analys.

Conclusion: Our conclusion is that there are both similarities and differences in Dept. Operations´ management process for handling IT-incidents compared to what is stated in the CCTA-model. Another conclusion is that it is of highest importance for a business to implement a standard procedure for handling IT-incidents. The lack of such a model could result in e.g. financial losses.

Introduction

IT-Outsourcing is a concept that describes the supply of part or all of Information Technology (IT) services by an external supplier company, known as IT-vendor, to a client company. The ‘IS-Improvement’ is one of the three strategic views of IT-Outsourcing for clients and involves advantages like focusing on core business, cost reductions and increase of IT-resources efficiency.

Objectives

The purpose of this project is to discover, describe and analyze the most critical aspects in implementing IT-Outsourcing and the critical aspects of the ‘IS Improvement’ view of IT-Outsourcing for clients, to further let IT-vendors know how they can improve on delivering their services to their customers.

Research Question

“Which are the most critical factors in implementing IT-Outsourcing and which are the critical aspects of the IS-improvement view of IT-Outsourcing for four organizations as clients?”

Method

This project follows an exploratory research method. It is mainly an action research but there is also an element of a realist research. The subject of IT-Outsourcing was chosen because it is part of IT-Management. The analysis is based on primary data collected from four organizations in the European Union (EU) that were chosen because they use IT intensively in their activities. Access to these organizations was because of convenience since it was enabled by personal contacts. Two organizations were in the shipping business, the third organization was an electronic-devices factory, and the fourth was a university. The data collection was based on three face-to-face interviews with the IT-Managers of the organizations, and one response was collected by electronic means since the fourth respondent (also IT-Manager) completed and sent the questionnaire by e-mail. The interviews were based on a semi-structured questionnaire, that in turn was formed based on the content of the critical literature review. The critical literature review was formed from books and articles found at Mälardalens Högskola’s library and databases, and interlibrary loans. The data were inserted in a table for content analysis that helped count the frequencies of the various factors of IT-Outsourcing. The results were drawn based on qualitative analysis and they were tested against dialectical critique.

Conclusions

The most critical factors in implementing IT-outsourcing for these four organizations are: Hardware maintenance is the most critical area to be outsourced. Low costs of services, supplier’s stability and reputation are the most critical factors in selecting an IT-vendor. Supplier’s understanding of client’s objectives is the most critical factor for a successful relationship between clients and IT-vendors. Precise definition of costs is the most critical factor to be included in an IT-Outsourcing contract, and selective/partial IT-Outsourcing is the IT-sourcing solution preferred by these organizations. The ‘IS-Improvement’ view of IT-Outsourcing for these four organizations is not valid, but the respondents’ words indicate ways that IT-Outsourcing can be improved to achieve increased IT-resources efficiency.

The purpose of this thesis is to develop a decision model for how small audit firms should decide to bring an external IT specialist into the audit process. This model primarily aims to help identify those characteristics of IT in a client company that is being audited that a financial auditor should consider in this decision.

This decision model is our proposed solution to a problem that we have identified through previous research; that financial auditors may not have an understanding of risks related to IT and hence infrequently bring an IT specialist into the audit process. The extent of the decision model is limited to small audit firms, because they are the ones requiring external IT specialist while larger audit firms today usually have internal IT specialists.

To fulfil the purpose we conducted a qualitative study consisting of an expert study and a user study which identified and classified criteria to include in the decision model. The expert study included two interviews with Certified Information Systems Auditors while the user study included two financial auditors working at small auditing firms. In addition a model validation was conducted with the help of the financial auditors from the user study.

The presented decision model has its starting point in the identification of a client company’s most critical process and how this process is affected by the IT in the client company. The expert study showed that the dependency on IT is crucial during an IT audit. The user study instead indicated that the primary criteria when assessing small client com-panies are the presence of software which have been created or adapted for the purpose of the client company. Other criteria that were included in the model were audit trails, access, routines and transaction intensity.

The three empirical steps of our research process; the expert study, the user study and the model validation, indicated that all relevant criteria are included in the decision model and that it is useful. Our conclusion is that the decision model may increase the use of IT specialists through the identification of those questions that should be asked in a decision to bring an IT specialist into the audit process and through increasing the awareness of the limits of the users IT knowledge and the risks associated with IT.

Syftet med denna uppsats är att skapa en beslutsmodell för hur små revisionsbyråer skall besluta att ta in en extern IT-specialist i revisionsprocessen. Det främsta syftet med denna modell är att hjälpa till att identifiera de kvaliteter hos IT, i ett klientföretag som revideras, som en revisor skall överväga i detta beslut.

Denna beslutsmodell är vår föreslagna lösning till ett problem som vi har identifierat genom tidigare studier; att finansiella revisorer möjligen inte har en full förståelse för de IT relaterade riskerna och till följd av det sällan tar in en IT-specialist i revisionsprocessen. Omfattningen av beslutsmodellen är begränsad till små revisionsbyråer eftersom det är de som behöver externa IT-specialister medan större revisionsbyråer idag ofta har interna IT-specialister.

För att uppfylla syftet har vi genomfört en kvalitativ studie bestående av en expertstudie och en användarstudie vilka har identifierat och klassificerat kriterier som bör inkluderas i beslutsmodellen. Expertstudien bestod av två intervjuer med CISA-certifierade IT specialister, medan användarstudien bestod av intervjuer med två finansiella revisorer som arbetar på små revisionsbyråer. Utöver detta genomfördes en modellvalidering med hjälp av revisorerna från användarstudien.

Den presenterade beslutsmodellen har sin utgångspunkt i identifieringen av ett klientföretags mest kritiska process och hur denna process är påverkad av klientföreta-gets IT. Expertstudien visade att beroendet av IT är avgörande under en IT-revision. Användarstudien indikerade å andra sidan att det främsta kriteriet när man bedömer små klientföretag är närvaron av mjukvara som har anpassats för klientföretaget. Andra kriterier som inkluderades i modellen var revisionsspår, rutiner för behörighet och transaktionsintensitet.

De tre empiriska stegen i vår undersökningsprocess; expertstudien, användarstudien och modellvalideringen, indikerade att alla relevanta kriterier inkluderats i beslutsmodellen och att den är användbar. Vår slutsats är att beslutmodellen kan öka användandet av IT-specialister genom att identifiera de frågor som bör ställas i ett beslut att ta in en IT-specialist i revisionsprocessen och genom att öka medvetenheten om användarnas begränsade kunskap om IT och om risker med IT.