Understand what a manager should expect from the MIS organization. Describe why a manager must know the organizations particular needs. Define what a lean, competitive enterprise looks like and what role IT plays. Understand how decision rights are allocated. Identify the risks of a global MIS organization. What is IT Governance?
IT Governance focuses specifically on
information technology systems, their performance and risk management. The primary goals of IT Governance are to assure that the investments in IT generate business value, and to mitigate the risks that are associated with IT.
This can be done by implementing an
organisational structure with well-defined roles outlining the responsibility of information, business processes, applications and infrastructure. What is IT Governance?
IT governance should be viewed as:
How IT creates value that fits into the overall
Corporate Governance Strategy of the organisation... IT Governance Definitions.. The structure, oversight and management processes which ensure the delivery of the expected benefits of IT in a controlled way to help enhance the long-term sustainable success of the enterprise. IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organisational structures and processes that ensure that the organisations IT sustains and extends the organisations strategies and objectives. A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprises goals by adding value while balancing risk versus return over IT and its processes. IT Governance Definitions..
Specifying the decision rights and accountability framework
to encourage desirable behaviours in the use of IT.
Governance is not about what decisions get made that is
management but it is about who makes the decisions and how they are made.
IT governance is the term used to describe how those
persons entrusted with governance of an entity will consider IT in their supervision, monitoring, control and direction of the entity. How IT is applied will have an immense impact on whether the entity will attain its vision, mission or strategic goals. Why is IT Governance Necessary?
IT governance is needed to ensure that the
investments in IT generate value-reward - and mitigate IT-associated risks, avoiding failure.
How to balance risk and rewards when using IT
to enable organisational change... UNDERSTANDING THE IS ORGANIZATION CIO
The CIO (Chief Information Officer) is at the
helm of the IS organization. CIOs primary goal is to manage IT resources to implement enterprise strategy. Provide technology vision and leadership for developing and implementing IT initiatives to help the enterprise maintain a competitive advantage. As the importance of technology has increased so has the position of the CIO. Must work effectively with ALL units of the company, not just IS. Twelve Main CIO Responsibilities The following responsibilities often define the role of the CIO:
1. Championing the organization.
2. Architecture management. 3. Business strategy consultant. 4. Business technology planning. 5. Application development. 6. IT infrastructure management. 7. Sourcing. 8. Partnership developer. 9. Technology transfer agent. 10. Customer satisfaction management. 11. Training. 12. Business discontinuity/disaster recovery planning. CIO
Must have both technical and business
skills. Must see the business vision and how IT can help facilitate that vision. Is both a strategist and operations manager. Some organizations do not have a CIO. They hire someone to run their computer systems and do not give them much decision making authority. CTO, CPO, and Other Roles The CIO, particularly in larger organizations, cannot guide the enterprise toward the future alone. Other strategic areas require more focused guidance. The CTO is a critical role. Works alongside the CIO. Needs business savvy and communication skills. Must be able to create an organizational vision. New positions created to deal with this growing need. WHAT A MANAGER CAN EXPECT FROM THE IS ORGANIZATION Business Continuity Plan Approved set of preparations and sufficient procedures for responding to a variety of disaster events. What do we do in case of an emergency such as 9/11? Three major stages of BCP: Pre-planning - managements responsibility is defined, possible risks are evaluated, and a business impact analysis is performed. Planning - alternative business recovery operating strategies are determined. Post-planning - familiarizes employees with the plan through awareness and training programs. Managing Data, Information and Knowledge Managing information and knowledge in the enterprise is of particular concern to IS. Database administration. Includes the collecting and storing the actual data created, developed, or discovered. Deciding on format, location, and indexing of stored data. Managing Internet and Network Services
Intranets, extranets, Web pages, and e-mail are
becoming essential in most business environments. General managers must interact with the Web master, Web designers, and Web developers. Networking groups design, build, maintain, and manage the network architecture. Managers must be concerned with telecommunications and their costs. Managing Human Resources
IS must manage its own resources.
Provide business and technical training. Hiring and firing of staff. Tracking time, managing budgets, etc. Maintain skills inventory. Individual managers are responsible. Operating Data Centre
Houses large mainframe computers or rows of
servers on which the companys data and business applications reside. Managers rarely have direct contact with data centre staff. Many organizations outsource data centre operations. Providing General Support Providing support for users of IS. Support requests are normally centralized. Centralized help desk first contact point. Forward requests to knowledgeable staff. Many companies outsource this function. Not uncommon to call support and speak to someone in another country. User management activities What IS Does Not Do Does not perform core business functions such as: Selling Manufacturing Accounting.
Does not set business strategy.
General managers must not delegate critical technology decisions. Centralized vs. Decentralized Organizational Structures
Centralized bring together all staff,
hardware, software, data, and processing into a single location.
Decentralized the components in the
centralized structure are scattered in different locations to address local business needs.
Federalism a combination of centralized and
decentralized structures. Federal IT Another Perspective on IT Governance
Weill and his colleagues define IT governance
as specifying the decision rights and accountability framework to encourage desirable behavior in using IT. The focus is not what, but who! Good IT governance provides a structure to make good decisions. The assignment of decision-making authority and responsibility The decision-making mechanisms Examples of Affected Category Description IS Activities High-level statements about how IT is Participating in Setting IT Principles used in the business Strategic Direction An integrated set of technical choices to Establishing architecture IT Architecture guide the organization in satisfying and standards business needs. The architecture is a set of policies and rules for the use of IT and plots a migration path to the way business will be done IT Infrastructure Strategies for the base foundation of Managing internet and Strategies budgeted-for IT capability (both technical network services; providing and human) shared throughout the firm general support; Managing as reliable services, and centrally data; Managing human coordinated resources Business Application Specification of the business need for Developing and Needs purchased or internally developed IT maintaining information applications systems IT Investment & Decision about how much and where to Anticipating new Prioritization invest in IT including project approvals technologies and justification techniques
Five major categories of IT decisions
Decision-Making Mechanisms
Policies may be used.
The steering committee is common and works well in the federal archetype. IT Governance Council steering committee at the highest level. Reports to board or CEO. Comprised of top-level executives. Provides strategic direction and funding authority. Lower level steering committees are responsible for effectively allocating scarce resources. Companies usually have one or the other. Managing the Global Considerations
Large global MIS organizations face
many of the same organizational issues as any other global department.
For IS, a number of issues arise that
put the business at risk beyond the typical global considerations.
Table in the next slide summarizes how
a global IT perspective affects six information management issues. Issue Global IT Perspective Example Political How risky is investment in a India, a country that faces country with an unstable conflict with Pakistan Stability government ?
Transparency Domestically, an IT network can SAP-R3 can be used to support
be end-to-end with little effort production processes but only if compared to global networks installed Business When crossing borders, it is Concern when crossing important to make sure that boarders is will data center be Continuity contingency plans are in place available when/if needed Planning Cultural IT systems must not offend or Using images or artifacts may insult those of a different culture be insulting to another culture Differences Sourcing Some technologies cannot be Exporting it to some countries, exported or imported into specific especially those who are not countries political allies is not possible Data Flow Data, especially private or For example: Brazil personal data, is not allowed to across Borders cross some borders.
Global Considerations for the MIS Organization
Summary
The CIO is a high-level IS officer.
There are a variety of key job titles in the IS organization. IS organizations can be expected to anticipate new technologies, set strategic direction, etc. Managers must work with IT leaders to develop a lean, competitive enterprise, where IT acts as a strategic enabler. Seminar
Read the case study and answer the following
questions:
1. Describe the IT governance mechanisms used at
UPS. 2. What does the representation of UPSs executive steering committee suggest to you? Do you think that IT plays a strategic role at UPS? Why or why not? Solutions
1. Answer: Most students have some work experience on
which to draw an answer to this question. Some students will be familiar with very large fortune 500 companies, consulting firms or service organizations, which usually have a CIO. In that case, they will most likely describe an executive type individual who is a strategist for the company. In other cases, the student will have worked for a company where the most senior information systems person is either the person running the data center or someone who makes sure all the PCs are running. IN that case, the description will be of an operationalist, someone concerned with operations but not involved with the business strategy on a regular basis. Solutions 2. Answer: The CIO brings both a business and a technical perspective to a business. He or she typically has a technical background (although not always) and a general business background. The CIO helps the senior executive team make decisions with information systems impacts in mind. Not having a CIO might mean that a business decision is made which either costs too much to implement or is technically infeasible. A disadvantage of having a CIO might be that this person is often expensive. Finding someone who understands the business side of the equation as well as the technical side is difficult, and for some organizations it is too costly. Another disadvantage is that in some cases, having a CIO is seen by other managers as a signal that they, themselves, do not have to understand or worry about information systems impacts. Their thinking goes like this, if there is a CIO, then he/she is going to worry about the IS side of things and I dont have to. But in an increasingly web-based marketplace every manager must be knowledgeable about IS and understand the impacts as they are wide reaching and devastating if problems occur.