MIS 5202 Online

Temple University

1 6 7 8 9 10

Week 8: Reading Questions & Case

Published October 9, 2015 | By Richard Flanagan

Readings

  1. Name 5 IT services and do a flow diagram of one.
  2. Who decides what quality looks like for an organization’s IT function?
  3. Why is empowerment so important to TQM? What would it look like in an IT function?
  4. What does all of this have to do with IT?

The Claim Proof Insurance Case

Change management is an essential control in any IT organization. What does quality mean in the context of change management and how well is Claim Proof doing in attaining a high quality change process?  Consider these questions for our discussion Tuesday.

Posted in | 186 Comments

Week 7 Wrap-up: Policy

Published October 6, 2015 | By Richard Flanagan

Up until now we have been talking mainly about doing the “Right Things”.  Policies is our first topic focused on “Done Right”.  The basic idea of policies is that they simplify decision making and encourage consistant orginzational behavior.  The idea works something like this:

  1. Senior management desires the organization to follow a certain objective behavior.
  2. It is impossibile, or impractical, for senior management to make all the decisions that are necessary to acheive this objective.
  3. Instead, management approves a policy that describes its objective and how they expect the organization to make related decisions and behave in a  compliant manner.  The policy may also set up a structure or role to which it delegates additional policy making responsibility in relation to this objective.
  4. The larger the organization, and the more complex the behavoir associated with the objective, the more likely it is that there will be several related policies organized under an overview policy.
  5. At the end of the day, an employee facing a decision on how to behave in a certain situation should be able to look at the policy and decide for him or her self what to do.

Once available, a policy is apt to generate any number of standards, guidelines and procedures that are intended to help realize the objective.  These can all be thought of as controls.  Thus, a security policy may say that employees will have unque userids (with least priviledge access)  and are accountable for how their userids are used.  This generates any number of controls from how userids are provisioned, who needs to approve a new role,  what tasks are not permitted in the same role, what passwords are acceptable, how often they need to be changed, etc.  These controls are then audited to see how the organization behaves in relation to the objective (sufficiency) and how well each control works (effectiveness).

Posted in | Leave a comment

Week 7: Reading Questions & Policy Project

Published October 2, 2015 | By Richard Flanagan

Readings

There will be no reading questions this week.

Policy Project

Work with yourteam and pick one of the security topics listed in the  syllabus that interests you.  Use the readings as a guide to writing your policy statement.  Then prepare a 5 minute or less video that introduces your new policy to your hypothetical company.

The possible topics are:

  • Acceptable Use Policy
  • Social Security Number Policy
  • Security Response Policy
  • Remote Access Policy
  • Web Application Security Policy
  • Work Station Encryption Policy
Posted in | 3 Comments

Week 6 Wrap-up: Portfolio Management

Published October 1, 2015 | By Richard Flanagan

For me, IT Portfolio Management is the most important one of the year.  Why?  Because this is where the organization turns from strategy to execution.   Up to this point, the business and IT have been able to talk about purpose and alignment, what an architecture should look like, how they are going to help the company.  Now its time to actually do something.  As Yogi Berra once said,

In theory there is no difference between theory and practice. In practice there is.

Portfolio management is where theory meets reality.

If a business is using portfolio management, it is probably being done by an IT Steering committee or similar body.  Senior business representives serving on the committee are essential. They must be able to examine projects from a corporate perspective so that decision are made on what is best for the company, not any particular interest.

The Gartner article asks five great questions that can serve as your guide to portfolio management.  Our discussion focused mainly on question #1 but the other four are also important.

  1. Are we investing in the right things? – Key techniques here include value orientation,business alignment, standardized business cases, reviewing multiple projects at each meeting, etc.
  2. Are we optimizing our capacity? – Key questions might be, do we have the right resources? Could we increase our capacity with selected outsourcing? Should we cancel an existing project to fund something new?
  3. How well are we executing? – This same group needs to be monitoring how existing projects are running.  Are they on time? On scope? On budget? Quality good?
  4. Can we absorb all the changes? – This is about the culture of the organization.  How much change can it handle?  Will people burn out?  Will we be confusing them with too many objectives?
  5. Are we realizing the promised benefits? – This is the least answered  of the five questions.  Usually IT has so much to do that it never stops to see if completed projects actually produced the anticipated value.  Unless a steering committee or senior executive is forcing the issue, value evaluation is not apt to happen.
Posted in | Leave a comment
1 6 7 8 9 10

Weekly Topics

Readings

Weekly Videos

Video Slides

Recent Comments