IS Quality: Developing a framework to support management teams in determining the quality of their IS services and outputs

IS Quality

Developing a framework to support management teams in determining the quality of their IS services and outputs:

In my last post, I reviewed and discussed more about factors that cause the failure of Information Systems in organisations and how they can be avoided. I also talked about the success factors and how best to make them happen in order to achieve positive outputs that IS could offer to Firms and Organisations. However, in this post, I will further my review and discussions on Information Systems quality in relation , and with reference to business intelligence, also connecting with comments to some key points discussed in other blogs I have read. I will also include some of my findings from social media making News around the world.

Comments:

I keeping with team spirit, I would like to congratulate my Blog colleague with the author; davidoppermann who is also blogging on IS Quality, for the visual representations in his last blog entitled; (Fox or Hedgehog? A Guide to Developing a Framework for Decision Makers). Nevertheless, I will be quick to suggest that we should mix any chosen framework with some points to illustrate the likely positive results or outcome of such framework in relation to IS quality in organisations. In his analogies, he focused more, if not only, on the conceptual framework from Marc Clifton without telling us the exact or anticipated values IS could derive from such framework if implemented. This, I believe will help our team and even a granny to understand what we are talking about, thereby reducing much of brain storming for our readers. However, he did a good research.

Business Intelligence (BI) in relation to IS Quality:  

According to Solomon Negash (2004), in order to improve the timeliness and quality of inputs in decision process, Business intelligence systems therefore, combine operational data with analytical tools to present complex and competitive information to planners and decision makers. Negash in his own words defined Business Intelligence Systems as follows: “BI systems combine data gathering, data storage, and knowledge management with analytical tools to present complex internal and competitive information to planners and decision makers”. In furtherance to the above, Negash stressed that, business intelligence is a mirror-image with which firms’ capabilities in terms of; the-state-of-the-art, trends, future directions in the markets, the regulatory environment for competition, as well as competitors’ actions and the implications of their actions can be clearly understood.

From the above definition, we can understand that BI systems deliver actionable information at the right time, at the right location, and in the right form to help improve timeliness and quality of inputs to decision making process. According to Langseth and Vivatrat (2003), business intelligence can be view as proactive, and has the following components: real-time data warehousing, data mining, automated anomaly and exception detection, data visualisation, proactive alerting with automatic recipient determination, geographical information systems, etc.

Figure 1 below illustrates how BI uses various available information inputs to achieve the intelligence needed for decision making in organisation.

OLAP = On-Line Analytic Processing, DW = Data Warehousing, DM = Data Mining, EIS = Executive Information System, and ERP = Enterprise Requirement Planning.

Figure 1: Inputs to Business Intelligence Systems (Business Intelligence by S. Negash).

This article describes BI as a natural outgrowth of former systems designed to support in decision making process. Business intelligence became stronger and more relevant with the support of data warehousing as a repository, data cleansing, hardware and software, and the internet technologies with prevalent user interface. Business intelligence gathers information from various other systems to build its proactive capabilities as shown in figure 2 below.

OLAP = On-Line Data Processing, CRM = Customer relationship Management, DSS = Decision Support Systems, GIS = Geographic Information Systems.

Figure 2: Business Intelligence Relation to Other Information Systems (Business Intelligence by S. Negash).

To conclude, Business Intelligence converts data into information and, through human analysis, is converted into knowledge.

IS Quality Helping to Reduce Environmental Degradation

The important information systems play in our lives and environments cannot be over emphasised. It is my opinion that the quality of information system can only be measured by its outputs. Information Systems has continued to advance in so many ways, and in trying to change not only the way we do business, but also the way we live our live and how we conduct and protect our environment for the future generations yet unborn. The IS quality has greatly manifested itself in the campaign against environment pollution in the world’s most populous industrial region China. Information system is an embodiment of data, people, process, and IT artefacts. The latest technological breakthrough has come from the campaign against environmental pollution which has lead to the production of fresh clean air in a can in China.

Fresh Clean Air in a Can is being distributed freely on the streets of Beijing China by a Chinese Philanthropist Chen Guangbiao. The Philanthropist predicts that in the next ten years masks will be used in Beijing due to massive air pollution currently eating deep into the environment.

The fresh air is being harvested from the less polluted rural areas of China such as Tibetan and Shansi provinces. Each of the fresh canned air will cost about ¥45 or about US$7, but Chen Guangbiao has promised to donate 80c from each can sold back to the rural community.

Considering the amount of smog infiltrating the entire environment in Beijing, Mr. Guangbiao may be absolutely right in his ten years’ use of masks prediction. It has been reported, that nearly 50 percent of patients in the outpatients’ ward in a Beijing hospital, including children are currently suffering from respiratory related diseases. As at Tuesday 29 January, the reading from the air quality shows 400 in Beijing.  That is the index which measures particulate Matter in the air with a diameter of 2.5 micrometres, known as PM2.5. A level of 300 is considered to be dangerous, and the World Health Organisation recommends a daily level of no more than 20.

Should the authorities concerned not make serious efforts to bring this situation under control, it is no doubt that in no distance time, air will seriously become an essential commodity which the poor cannot afford to buy in China, and maybe, in due course, in some other countries too, and gradually so, the world will be drifting to, not only environmental degradation, but to what I may term “global environmental holocaust”.

Follow the link below and take a view on how fast the world is advancing in Information Technology (Source: – http://www.youtube.com/watch?v=I1DJdmU-XFs (“Canned Air” Hitting Beijing’s Smog-Filled Streets)).

References:

1. Solomon Negash: Computer Science and Information Systems Department

Kennesaw State University; (Communication for the Association for Information systems (Volume 13, 2004) 177 – 195): http://site.xavier.edu/sena/info600/businessintelligence.pdf.

1. http://www.youtube.com/watch?v=I1DJdmU-XFs. (“Canned Air” Hitting Beijing’s Smog-Filled Streets).

House of Quality: An IS Quality Tool (Extension from Quality Assurance Model)

The House of Quality Matrix (HOQ) is a tool that can be adapted to systematic planning of improvements in IS Quality process. The HOQ tool translates customer requirements, based on a customer questionnaire and benchmarking data, into an appropriate number of engineering targets to be met by the IS system. The HOQ matrix is a high level view of how the IS system meets the needs of the IS system customers. It becomes the nerve centre and the engine that drives the entire IS Quality system process. Looking specifically at the security of the IS system and adapting it to the HOQ.

The “Voice of the Customers” (Section1)
The initial steps in forming the House of Quality include determining, clarifying, and specifying the
Customer Requirements (Security Column). These steps lay the foundation for a clearly defined means of comparing the fit between customers’ needs and IS system specifications. The Voice of the customer is captured by listing the ranked customer needs from 1-10 (Importance Column):

 

The customer needs are then copied by the tool into SECTION_1 of the HOQ matrix (shown in blue box outline).

Rating the IS Functional Requirements (Section 2)
Customers buy benefits and the IS offers features. How well the customers’ needs are met by the IS specifications are captured by listing the features in SECTION_2 of the HOQ matrix which is done by scoring each customer requirement against each Functional Requirement. So the customer requirement “No intruders in any building” has a strong correlation (●) with the functional requirement “Biometric Access” and “Offices with badge access” but has a weak correlation ( ▽) with “Single network” functional requirement. This process is repeated for each customer requirement and each IS requirement. (○) denotes a medium relationship between customer and system requirements.

Customer Competitive Assessment (Section 3)
The next step in the HOQ process is comparing the in-house quality system with competitive products. This comparison is completed in SECTION_3 by scoring how well each competitor meets the customer requirements. Four different competitors were added for comparison:

Direction of Improvement 

This section is used to indicate in which way a product feature can be improved, example increasing the bandwidth might improve a product or reducing the number of failures might improve a product.

Correlations

This section allows us to observe the effect of making a change on all other Functional Requirements, for example decreasing the number of failures may improve one aspect of the  product but decrease negatively other aspects of the product such as “Cost”. In the HOQ matrix this is depicted by the pyramid like structure at the top.

Technical Competitive Assessment (Section 4)

 This section allows us to see the relative fit of the current IS Quality system compared to the customer requirements.
Any score = 1 (shown in RED) is an area of mandatory improvement. A score of 3 means satisfactory and 9 means the Functional Requirements are meeting the customer requirements. The assessment of the IS Quality system and its systematic improvement can be managed by the HOQ Matrix.

Step-by-Step Process

In the example shown above for IS security we proceed as follows.

1. For each of the IS functional Blocks (in our example the SECURITY block) we use a questionnaire to list all the ranked customer requirements.
2. We then list the product features in the Functional Requirements.
3. We then set the direction of improvement in the Direction of Improvement.
4. For each customer requirement a score is made against each functional requirement.
5. A competitive comparison with a selected number of customers is made, allowing us to see how well the IS QUALITY system is performing.
6. The scores are noted in the Technical Competitive Assessment, any score 1 or 3 are areas where the product needs to improved.
7. A target score is set for each of the technical requirements, priority being given to those areas with a low score.
8. Finally the score of the overall fit of the technical requirements against the customer needs are noted in the TOP LEVEL table. Overall score rating for security was calculated by dividing the sum of  your product points (Product row) over the total sum. This can be done for other quality sections:

A HOQ matrix can be done not only for security but also for; Database, System Design, Usability and User Interface following the same process. Customer and functional requirements will vary for each.

***Look at the excel file which provides you with template tables and HOQ matrix used for determining the Quality of your current IS***

Consider the Organisation as if it Were Granular Sand

Being Amended

Earlier group posts concerning performance management have taken a two strand approach. Firstly, some key business methodologies have been evaluated and compared. Secondly, the relationship between information/commentary media have been concerned in terms of meaning, abstraction, scale and complexity. This has been done with the purpose of reconciling the clarity of clear, reference-able breakdowns of organisational challenges and opportunities with the seismic shifts that big data will provide business models, strategies and tactics. In particular, the importance of language and social media to future BIS orientated models of governance, knowledge acquisition and communication will be most deliberated on.

—————————-

—————————-

Concerning Executive Decision Making

It is worth emphasizing that executives in the modern age are usually swamped informatically. They are too limited by their finite time and focus and potentially distracted by seemingly infinite demands (both internally and externally).

Whether actively or passively two key soft levers are used to build individual or macro level resistance points. These are in regards to how value is perceived  (in this example through transaction costs and how policy intersects with semiotics in the form of language

—————————————————————————————

Transaction costs can be divided into three broad categories:

• Search and information costs are costs such as those incurred in determining that the required good is available on the market, which has the lowest price, etc.
• Bargaining costs are the costs required to come to an acceptable agreement with the other party to the transaction, drawing up an appropriate contract and so on. In game theory this is analyzed for instance in the game of chicken. On asset markets and in market microstructure, the transaction cost is some function of the distance between the bid and ask.
• Policing and enforcement costs are the costs of making sure the other party sticks to the terms of the contract, and taking appropriate action (often through the legal system) if this turns out not to be the case.

Commons, J.R (1931). “Institutional Economics”.
American Economic Review

—

Organisations have to make tradeoffs between the differing transaction cost categories when it comes to deciding upon, searching for, agreeing upon, implementing, using, maintaining and upgrading information systems.

—

Communication in Organisations The Heart of Information Systems
Roland Holten and Christoph Rosenkranz; Sprouts (2008)
—

Language and Semiotics and Governance

Similar to wider or similarly specialist reform(s), there would exist certain norms (either explicit or otherwise) in the social culture, vision and outcomes. This is a complex interplay between individual, component and aggregate entities. This operates collaboratively, competitively and symbiotically, with pulses, resonance bleeding. As a method of institutional/collective expediency beyond professional clusters people develop and enforce (to varying levels) language codes, norms and understandings. These loose standards can be done to widen communication and also/simultaneously stifle/undermine it.

To understand this better and build on the previous posts [I] [II] on language and media it is best to give a breakdown of key language schema examples:

———————————–

———————————–

Issues

Public Affairs issue category

public consciousness

public attention

public support

Popular support

public rejection

public anger

pressure cause

Initiatives

General initiatives category

little help

arrangements

cross roads

comparison

situation

dangerous game

Events

General events category

poll tax riots

Equality Impact Assessments

technetronic era

world war

Types

People types category

couple

sociable friendly community

protected group

poorest members

friends

vigilante activists

Organisations

General organisations category

Spartacus group

Resolution Foundation

ATOS

Atos

BT

BBC

Guardian

Individuals

General individuals category

Christopher Thomond

Hooper family

Stuart Holden

Lord Freud

Steve Webb

IDS

Product Types

Finance products category

receipts

overheads

negative equity

non payment

arrears

Keywords

Fear keywords category

No-one

poor

pity

problem

gripe

astonishing effect

——————-

——————-

Reconciling Roland Holten and Christoph Rosenkranz’s model for understanding language ease/barriers and the aforementioned schema one can imagine an organisational structure similar to the activity beteen differing molecules in a space offering multiple/overlapping environments:

The model displays an organisation with a communicative executive core, as well as a (slightly?) disjointed outer layer comprised of medium and lower tier employees or external communication. With the ontological schema, it represents a membrane and distance that limits proximity to decisionmaking for individual commmunications/policies coming from outside.

—

—

“Organization”, understood in this sense, is closely related to the concept of “control”.
Control in big systems is defined as stable communication between sub-systems, meaning a
stable organization. Therefore, control is precisely the stable state of the variety interactions
between the nominated sub-systems

Beer, S. (1965) “The world, the flesh and the metal,” Nature205, pp. 223-231

—

—

Naturally, the failure of and organisations facets in regards  processes, artifacts or people can widen (or reduce) “communications power distance” between senior and lower level decisionmaking.

In this example the disharmony stems from Type categories and Keyword categories.

—-

—-

Reciprocation

When it comes to organisational habits the total distance as well as the outcomes of velocities as communications are improved or hindered in order to encourage strategic alignment. When it becomes too one sided, asymmetrical or overly confrontational between one or different camps reciprocal issues grow This is a sure sign that disharmony and alignment is being forgone increasingly for ulterior motives.

—

—

Weick (1988) describes the term enactment as representing the notion that when people act they bring structures and events into existence and set them in action. Weick uses this term in the context of ‘sensemaking’ by managers or employees. He also describes how they can enact ‘limitations’ upon the system to avoid issues or experiences. It is also seen as a form of social construction. To date enactment is related to organizations and their environment and strategic management.

—

In the diagram above, to counter increasing communications gaps from strategic groups to outside communications flows added core competence regions were added to provide ground up solutions and create a mid point using interdisciplinary stakeholders/emphases (notice the three coloured cluster in the top right direction of the image).

———————–

———————–

Ball of Confusion

For organisations operating on a significant level of complexity or sophistication a wider range of dimensions and components require consideration:

—–

—

A system that adjusts its way of behavior relative to changing internal or external conditions is termed self-organizing

Ashby, W. R. (1947) “Principles of the self-organizing dynamic system,” Journal of General Psychology (37) pp. 125-128.
Ashby, W. R. (1962) Principles of the self-organizing system, in H. von Foerster and G. W. J. Zopf (Eds.)
Principles of Self-Organization: Transactions of the University of Illinois Symposium, London, UK: Pergamon Press, pp. 255-278.

——

—

Below is a framework for encouraging eGovernment projects using a large and diverse range of stakeholders. It is particularly helpful in environments where operating in ‘silos’ with different approaches to artifacts, processes and  people exist. Its value is that the breakdown of complex problems into components can allow focus and harmonisation.

M. Wimmer A European perspective towards online one-stop government: the eGOV project (Electronic Commerce Research and Applications ) 2002 University of Linz (2002)

—

One of the disadvantages of this technique are the more complex abstraction requirements to handle complexity. As part of the tradeoff it may be more difficult to engineer consensus or even understanding for groups (even at an executive level.

To overcome this approaches need to be built in to ensure that individual perspectives and requirements are built into procedures and that this crystallizing is built into a cataloging that not only provides distinction between entities but also empathy.

One useful mechanism to deal with this is to embed a semantic framing of key policy and measurement communications. Sentiment analysis permits dashboards of keyword search for a variety of formats. However, most conventional approaches seem geared towards the tactics then strategies of organisations and how they relate to their/external communities.

An effective system for executive or senior level managerial decisions should be framed around the guiding strategic drivers that motivate direction and change.

Given the sophistication and limitations of human and computing logic as addressed in a previous post it is appropriate to draw from the logic that a single blog post and its responses is capable of generating hundreds of key terms, all which can be delinerated by the semantic schema explained above.

To extract and analyze ten pieces of concern and motivation of individual entities in regards to an organisational problem/opportunity could provide the starting point for articulating:

• What are the overriding
  • visions
  • priorities,
• What are the available
  • threats,
  • benefits;
  • limitors;
• Who the key community stakeholders are
  • internally,
  • externally
• What competences exist contextually
  • intenally
  • externally

Using human/and or algorithm techniques teams of specialists or lay researchers would be able to generate knowledge and/or communications competences as a scale previously unimaginable without the mixture of Internet community and machine learning sophistications (which is why big data is so important).

Returning to the keyword analysis of a social housing blog (creating a keyword list of around 500 unique terms) using a mixture of techniques involving:

1. Artifacts Search: Wide keyword category search to identify user profiles,
2. Process Search: Extract of specific terms (such as “bedroom”) within profiles,
3. People Search: Extract of relationships/contexts within individual identified media.

—

—

Doing this intensely over a short period is not only able to generate homogenous tweets (over 800) from a large user population (over 300) (accounts [I] [II] [III]) but also contextual, filtered [I] [II] or broader information flows (albeit with requirements in these instances for reinterpreting/synthesizing).

Given the complexity and significant time, cost and communications expenses involved in a major information systems project it is appropriate to build in appropriate necessitating of data mining and representation to engineer communications harmonizing or demarcation within/without an organisation.

Having a tight data set using a wider population has its advantages for allowing data drift, as well as timeline style benchmarking of processes, systems and infrastructures to highlight where disharmony ebbs or recedes (either internally, between rival organisations or between industries or technologies). The adaptive potential for using an information community for complementary analysis and engagement.

—

Returning to the frameworks our group has already analyzed, below is an evaluation of the perspectives focus on a semantic level, graded up to five for relevancy:

Description	Department for Trade and Industry	Balanced Scorecard Framework	Activity Basesd Costing	Economic Value Added	OBRiM	Cresswell’s ROI	Process Oriented	BSC
Processing Systems	3	3	2	2
Alert Systems	2	2	3	3				1
Inventory Systems	2	2	2	2				2
Management Information Systems	4	3	3	4				3
Decision Support Systems	3	3	3	3
Accounting Management Systems	3	3	4	4
Financial Management Systems	3	3	4	4
Payment Systems			2	2
Expert Systems	2	4	3	3
Databases	3	3	4	4
Human Resource Information Systems	3	4	3	2
Marketing Information Systems					3	2	5
Technology	3	3	2	3
Computer Science	3	3	2	2
Electronics	2	2
P2P					2	2	4	2
Information Technology	4	4	3	3
Internet Technology	3	3	2	2
Internet of Things								2
Software								2
ICT Change								3
Knowledge	4	4	3	3	3	5	5	3
Information	4	4	2	3
Meaning	4	3	3	3
Statistics	3	3	4	4
Data Integrity					3	5	4
Virtualisation								1
Cloud	1	1	1	1
Cloud Technology	1	1	1	1
IT Reliability	3	4	4	3
IT Quality Performance	3	4	4	3
Knowledge Management	3	4	4	4				3
Statistical tools					3	5	3	3
Analysis	4	5	2	2
Sentiment Analysis					5	4	3
Standards	4	4	4	4
Front End	3	2	4	4
Re/engineering	3	3	2	2
Security	3	4	3	3
networks	4	3	4	2
Relationships	3	4	2	3	4	3	1
Clusters	2	4	3	5
Social Businesses	4	3	2	2
Collaborative Working	4	3	4	4	3	4	5	4
Communication	4	4	3	2
Knowledge Share	4	3	4	3
Openness	4	4	3	2
Open Source	3	3	2	3
Internet	2	3	2	1
Globalisation	2		3	2
Mergers	2	3
Asymmetries								4
Innovation	4	4	3	3
Competition	4	4	4	2				4
Competitive Advantage	3	4	4	4
Cost Leadership	4	3	3	2
Quality Leadership	4	3	3	3
Differentiation	3	2	3	4
Cultural Issues	4	4	3	2				5
Strategic Drivers	3	4	2	4
Business Change	4	4	3	2				4
Disruptive Technology								3
New Markets	3	4	4	3				3
New Territories	3	3	3
Fads and Trends	5	5	3	3
Changing Roles	3	3	3	3				1
Macro Economics	3	3	3	2
Micro Economics	4	4	3	2	5	3	2
Risk	3	4	4	2	2	2	5
People	3	2	3	2
Organisation	4	4	3	3				4
Multinational	4	4	4	3				4
SMEs	5	4	4	4	3	2	2
Individuals					3	3	4	4
Business	4	4	4	3
Entrepreneurship	5	3	3	3
Government	4	4	3	3
Society	3	4	3	1
Social Enterprises	4	3	4	3
Professional Types	3	3						4
Executives	4	4	4	2				4
CEO	5	5	4	3
CTOs	4	3	4	3	3	2	1
CIOs	4	4	3	3	5	4	2

Leadership	5	4	3	3	3	2	1
Governance	4	5	4	3
C Level Commitment								4
Orientation / Focus / Vision	4	4	4	3
Value Systems	3	3			4	2	2
Gut Instinct	4	4	3	3	3	4	3	4
Strategy	5	5	4	4				5
Strategic Alignment	5	5	4	4				4
Executive Strategy	4	4	4	3				4
Business Strategy	5	5	4	4	4	3	2	5
IT Strategy	3	3	3	2	4	3	2	4
Strategic Planning	4	5	4	4	3	3	2
Business Development	5	4	3	3	5	3	3	4
Accountability	4	4	4	4	2	4	3
Transparancy					4	5	3
Regulation	4	4	4	3	4	5	2
Consulting	4	5	3	3	3	4	4	3
Business Models	5	4	3	4
Free					5	5	4	4
Business Intelligence	4	4	3	4	2	3	2
Business Plans	5	5	4	4	5	2	3
Organisational Flexibility	4	4	4	4	1	2	1
Outsourcing	2	2	1	1	3	4	3
Mesurement	5	5	5	5	4	4	4
Objectives	4	4	4	3	2	3	3
Concerns					3	4	6	4
Goals	5	5	5	5	4	3	2
Mission Statements	4	3	4	4
Stakeholders	4	3	4	4
B2B	4	4	4	4
B2C	4	4	3	3
Distributers								4
Employees					4	5	2	5
Performance	5	5	5	5
Deployment	4	3	4	3				4
Planning	4	4	4	4	2	2	5	4
Process Management	3	4	3	2	5	4	2
Division Management	4	4	4	4	3	4	5
Length of Time	4	4	3	4
Supply Chain Management	4	4	4	2
Total Quality Management			3	3
Just in Time Processes	3	3	4	5	4	5	3	4
Six Sigma								3
Management	4	4	4	3
Front Line	2
Human Resources	4
Customer Centricity	4	4	3	2
Marketing	4	3	4	3
Sales	2	3	3	4
Distribution	3	3	3	3	4	2	5
Financing	4	4	4	4
Accounting	2	2	3	4
Legal	2	1	1	1
Information Technology	4	3	3	4				5
Bring Your Own Device	1
Investment	3	2	2	4
Venture Capital	4	2	3	2
Capital Projects	4	3	3	4	3	2	5	4
Costs	3	4	3	2
Costing					2	2	4	4
Expenditure	4	3	2	3
IT expenditure	3	4	3	3
Revenues	2	4	3	4
Services	4	3	4	3
Service Provision	3	3	4	4
Products	2	2	2	1
Observation	3	3	3	2
Methology	5	5	5	5
Administration	1	1	1	1	2	4	3
Efficiency	3	2	4	5	5	3	2	4
Operational Efficiency	5	4	3	4
Decision Making	3	4	3	2
Evaluation	2	3	4	4
Informal Evaluation					2	5	3	3
Metrics	4	4	4	4				4
Benchmarks	4	4	3	2
Quality	3	3	2	3	5	3	3
Service	4	4	4	4	3	4	2	5
Flexibility					2	5	3	5
Scorecard	5	5	4	4	3	5	3	5
Key Performance Indicators	5	5	5	5	5	5	4
Measurement	5	3	3	3	4	4	4
Financial Measurement	5	4	4	4
Multi Criteria Measurement	4	4	4	4
Ratio Measurement	4	4	4	4
Portfolio Measurement	3	4	4	4
Net Present Value	4			5
Internal Rate of Return	4			5	4	5	4
Economic Value Added	4	4	3	5	3	4	4
Return on Investment	4	4	2	4	2	5	3
Payback Analysis					1	2	3
Game Theory or Role Playing	4				4	5	2
Simulation	4					3	4
Quantification	2				2	4	3	4
Qualification	2	3	4	3	3	2	4
Intangibles	4	4	4	3				5
Tangibles	4	4	4	4				4
Outcomes	4	4	4	4
Communication	4	4	4	4
Messages	1
Social Media	1
Online Communities	1
Military								3
Mining Industry								3
Healthcare Industry								4
Pharmaceutical Industry								4
Travel Industry								4
Finance Industry								4
Banking Industry								4
Computing Electronics Industry	3	2	3	2
Consumer Electronics	4	2	3	2
Technology Industry	4	3	4	3
IT Industry	4	4	4	2
Internet Industry	3	3	3	3
Internet Search Engines	4	3	3	3
Internet Forums	3	4	3	2

—–

The weightings from the combined methodology could be built to provide rank and contextual parameters based around the motivations of the stakeholders providing material (and therefore weighting depending on submissions and feedback.

Quality Assurance Model

(McCarthy, Murphy, Ní Ghaora, Oppermann)

Objective:

Our aim was to create a pre-implementation model to enable the identification of the quality attributes required by an organisation therefore ensuring the success of the Information System. The correct identification of the elements which align best with the business needs of the organisation is in our view the first step in determining the scope of the project that the management team has been tasked with. A clear vision of the areas of the Information System which are to be developed to deliver high quality to the organisation is imperative from the beginning of the project.

Our concept has been developed on the premise that there is a need for organisations to isolate the attributes that will deliver high quality to their firm and remain resource savvy in the pursuit of the ideal Information System.[1]

Our model will provide potential customers with specific categories of quality and associated attributes which they must focus on to ensure Information System quality.  We propose the ‘Quality Assurance Model’, we feel it fully encompasses the three main categories of IS quality and their underlying attributes.

The three main categories being;

1)      Service Quality

2)      System Quality

3)      Information Quality

These three categories are widely accepted as the main contributing factors of IS quality.[2]

 

Quality Assurance Model

We feel if companies use our model in the implementation and planning stage of the Information System then they can ensure that the system they intend to implement will provide high quality outputs in the areas which they have identified as essential to their organisation. We also propose a tool which a management team can use to consult & reach consensus on the areas of the Information System which must be focussed on to ensure the delivery of high quality, we call it the ‘100 Point System’. This model will be discussed in detail further on in this paper.

However we would first like to outline the attributes and categories of our ‘Quality Assurance Model’, why we chose them and why we feel they are of importance in relation to an information systems quality.

User Interface:

• User Perspective – This ensures that you design your system with the end user in mind throughout the whole development process. Without thinking of the eventual end of day users then the design may be completed with fundamental flaws and require expensive re-designs, e.g. the Sony ‘Boomerang’ [3] 

Usability:

While service quality is a broad term, it is stated in Pitt et al. 1997 that “commonly used measures of IS effectiveness focus on the products rather than the services of the IS function. Thus, there is a danger that IS researchers will mismeasure IS effectiveness if they do not include in their assessment package a measure of IS service quality”. This highlights the importance of usability and the other dimensions of it which are shown in the framework.

Whether the end user is a customer or employee, usability will play a role in the quality of an IS. In the paper “Framework for Quality Metrics in Mobile-Wireless Information Systems” by Ruti Gafni, he highlights usability as a “quality quantification of an IS”.

According to ISO/IEC 9126-1, 2001, an information security standard and best practices publication, usability can be broken further down to the following four dimensions;

• Understandability – How simple a system is to understand is without doubt a huge aspect of its ease of use. This paper is entirely devoted to measuring understandability and highlights the importance of this dimension of usability.[4]
• Learnability – is defined as how easy it is for a user to accomplish basic tasks the first time they encounter the design. If a system is easy to learn then it is very likely that a user will use it again.
• Operability – Is the capability of the software component to enable the user (system developer) to operate and control it.
• Attractiveness – The capability of the system to be attractive to the user [5]

System Design:

The way in which your system is designed may well be its competitive advantage. Design has become a central core competency to a great deal of S&P 500 companies;

“Anybody now can turn out any product, what will differentiate is that unique design flare that’s built into a product, that’s what creates the value.”  (David Frost, British Chamber of Commerce)

£20 billion is spent a year in the UK on design, leading the UK to the forefront of most design frontiers, design is also the largest single source of intangible investment in the UK. [6]

• Future Proof – When ensuring the quality of your system it is important to plan ahead, create a system can be updated a new technology becomes available, e.g. future proof your system. These might include Distributed Systems, Multimedia Interfaces, Advanced Operating Systems and Human Computer Interface (HCI) Development Environment’s.[7]

• Technology Optimisation – Your system is limited by the technology of the day, your design should maximise the current technology for the best quality and performance. [8]

• Design Cycle – The design cycle ensures your system is evolutionary, it engages in design, prototyping and evaluating. Undergoing this process allows it to guarantee quality and maintain a good relationship with their users. [9]

Security:

Information Systems are inherently vulnerable and the information assets which it contains must be protected. This is true of all organisations however it may be that it is of more concern to certain industries, which is an issue for each individual organisation to ascertain. The main aspects which must be considered are the importance of the data which they hold and the implications if this data was to be released or was accessible to those without permission or authority and the potential damage to the business reputation if this data was to be hacked.

There are three elements which must be considered when considering the levels of security required from the Information System:

• Confidentiality – Managers must insure that information is shared only with authorised personnel within the organisation. The encryption of data is a method of ensuring data cannot be accessed by unauthorised users.

• Integrity – This involves ensuring that the data is accurate and has not been changed inappropriately to give misleading or false information.

• Availability – This means that the information system responsible for delivering, processing and storing the information is available when needed. This can refer to the downtime of a system, and its percentage of downtime per year is a good indicator on how available that system is.[10]

Database:

As discussed in the team’s blogs, the importance of databases cannot be understated. It is impossible to evaluate the quality of an IS without looking at its database. What is more, when deciding what you want from your database, it is essential to realise that trade-offs must be made.

This further supports our quality assurance models principle, that frameworks being used to implement Information Systems can be too broad and that individual firms must decide their own needs. Here are elements of the database which we feel are most important;

• Data Accuracy – Dallas Dogger, CEO of Storman Software says; “when other members of the operation rely on management data to make decisions for the business, it’s crucial to be consistent and accurate”. This video highlights the problems poor data accuracy can cause. http://www.youtube.com/watch?v=k4gj_RdtKCw
• Data Completeness – Is the extent to which the expected attributes of data are provided, for e.g. a customer field would not provide the end user with sufficient data if it did not have complete info about the customer including contact number and name etc.
• Data Format – Data must be structured for consistency as well as performance, so data format can have a huge bearing on this.
• Database Performance – The overall function of a database is to satisfy the end user. Database performance can be defined in different ways, depending on the end user and the data at hand, as well as the goals. Response time is a factor, as well as capacity and scalability. (via Girtab)

Databases can be built in several different structures, each of which will satisfy the end user in different ways. Databases can be indexed differently, and several different schemas exist. This can affect the end users experience, and therefore the quality.

100 Point System:

To ensure the Quality of an Information System we propose a points system.

A management team is presented with an allocation of 100 maximum points, these points can be invested into the subcategories which they highlight as representative of the areas which require most investment to provide them with a high quality IS.

The system works by assigning values to our IS Quality hierarchy as seen above.  For this model prototype we have chosen 100 points as the total which the company can spend on its quality assurance information system. These 100 points may be divided amongst the different sub categories and attributes allowing them to be customisable to the client’s needs. Each of our five subcategories is assigned 20 points by default. These 20 points is divided between the underlying attributes. The company may for example require less an emphasis on the user design perspective and reduce its 20 points to 5.  In this instance they have identified that this aspect of the IS less significant to the company and now have an additional 15 points in their ‘Available Points’ to spend on other factors  which they deem have greater importance e.g. Security.

So as an example, Bank of Ireland may place less importance on how their online banking system looks, but still want to ensure a basic quality, in this scenario they can use the Quality Assurance Model to rank the required quality output using the 100 points system. As shown above they may reduce the importance of the design features to use their ‘Available’ points to spend on performance or online security.

Here is an example of the ‘100 Point System’ in default with an even spread of points

 

Here is an example of the 100 Point System being used by a Financial Services Business

You can see that the bank has only used 77 points of their allotted 100, therefore they have 23 points left to use in the Information Quality category. It is clear immediately that the bank has placed more of an importance on its security needs compared to its user design.

We would recommend a questionnaire to be completed by department heads to enable them to establish the level of importance of & therefore the quality required from each subcategory, e.g. a bank and its’ security requirements.

The questionnaire may contain questions like;

1)      How significant out of 10 is user interaction with your system?

2)      How significant out of 10 is security to your system?

3)      How significant out of 10 is database performance to your system?

4)      How significant out of 10 is it that your system is future proofed?

The questionnaire however may be an idea for further research.

Summary:

We developed this framework as a tool to be used by management teams, the aim of this hierarchy model & the ‘100 Point System’ is to encourage management to focus on the areas of the Information System which are most important to the organisation. We believe by visualising & identifying these elements of the Information System which they deem to be the most important to their organisation will ensure high quality deliverance from the system.

The concept for this model was developed based on our belief that the high failure rate of Information Systems is due to the attempts to achieve high quality in all areas of an Information System and the misuse of the organisations resources in these attempts. A misalignment of the vision for the Information System & the business needs creates frustration for the users and in many cases leads to its failure. One example of the catastrophic failure of an IS due to the lack of a coherent vision & the incorrect allocation of resources is the Student Universal Support Ireland(SUSI) [11]

We believe this framework provides management with a tool to create a vision of the high quality system they want but also a system that is realistically aligned with their business needs.

 

---

1https://sopinion8ed.wordpress.com/2013/02/10/context-is-king/

2 http://www.asiaa.sinica.edu.tw/~ccchiang/GILIS/LIS/p9-Delone.pdf

[3] https://sopinion8ed.wordpress.com/2013/02/03/information-system-quality-design/

[4] http://personales.upv.es/jopana/Files/Conferences/Understandability_Measurement.pdf

[5] Source: Usability metrics for software components – Manuel F. Bertoa and Antonio Vallecillo

[6] https://sopinion8ed.wordpress.com/2013/02/10/information-systems-quality-design-3

[7] https://sopinion8ed.wordpress.com/2013/02/10/information-systems-quality-design-4/

[8] https://sopinion8ed.wordpress.com/2013/02/03/information-system-quality-design/

[9] https://sopinion8ed.wordpress.com/2013/02/08/information-systems-quality-design-2/

[10] https://sopinion8ed.wordpress.com/author/ah88rockybay/

[11] https://sopinion8ed.wordpress.com/2013/02/10/information-systems-fail/

Framework for Evaluating IS Success

Group 2 Members:

Christine Coughlan, Clifton Moore, Dermot Lucid, Niamh O’ Farrell &
Ronan Murphy

Introduction

We have created a framework which allows an organisation to evaluate the success of an information system unit. In order to develop our framework, we researched a number of IS success models developed by key authors in the IS field, for example, DeLone & McLean, Sedera, Gable, Seddon and Nelson. In researching these models we have identified both value and flaws within these models and have developed our own framework based on what we think are the most important IS dimensions to evaluate when measuring the success of an IS unit for any organisation today.

Our framework identifies key dimensions which must be measured to evaluate the overall success if an IS unit. Any firm, large or small, can use our success framework to measure the success of their IS unit by choosing suitable metrics to measure each dimension contained in the framework. We have created a framework that we believe to be both flexible and customisable. In our framework we have identified possible metrics used to measure each dimension but it is up to an organisation to decide on the most appropriate metrics to suit their organisational context and IS strategy. It is imperative to choose appropriate and agreed measures or this framework will fail to deliver its potential value.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Framework for Evaluating the Success of an IS Unit

Click on the image for a better view

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Explanation of Dimensions

[1] Context

Seddon et al (1999) presented the Cameron and Whetten 1983 (Fig 1, Below) framework for contextualising and evaluating Organisational Performance, adapted in Seddon et al (1999) to IT Effectiveness. [1] We have adopted the same seven-point framework to contextualise IS Success, as endorsed by Petter, DeLone, and McLean (2008) and outlined in the earlier post ‘Relatively Successful IS’.

Though all seven points are important, we suggest, in line with Seddon et al, that
1. Stakeholder Perspective? 2. Type of Information System, and 7. Against which referent is Success to be judged? are central to contextualising Success. The Context dimension of our Success framework is designed to establish, and justify, what is to be deemed ‘Successful’ from the standpoint of the stakeholder concerned, regarding the relevant IS system, and in the particular situation/organisation. To this end the Context aspect should be regarded as a Canvas to identify and outline the perspective or varying perspectives from which the analysis is based.

Stakeholder

“A stakeholder is a person or group in whose interest the evaluation of IS success is being performed” (Seddon et al, 1999). Seddon believes that due to a range of different individuals within an organisation they are going to evaluate IT success in different ways and perspectives. The inclusion of the “stakeholder” section in the framework is aimed to provide an organisation with the tool to adapt and understand the view of a projects success from all stakeholders’ views. Each stakeholder may use their own dedicated canvas, or if deemed useful, multiple stakeholders may outline their perspectives/concerns on a shared canvas. As is the case with Osterwalder’s Business Model Canvas, participants might post their views into the various categories using ‘stickies’, perhaps colour-coded to their individual stakeholder perspectives etc, to build up a visual representation of where their various priorities lie. In either case, this approach allows for comparison of stakeholders various perspectives, priorities and concerns, and will lead various parties to a more complete understanding of the success/weaknesses of the system in question. For example, a user might acknowledge a manager’s concerns for cost and the IT department’s concerns over reliability, versus their own concerns regarding usability, and vice-versa.

The elements ‘Timeframe’, ‘Type of Data’, and ‘Purpose of Evaluation’, are important for clarity, while acknowledging whether the system is for ‘Voluntary or Mandatory Use’ is a key factor to keep in mind within the backdrop to the evaluation. In the operational canvas these four elements (shaded) might be replaced by more relevant concerns, and so, should be regarded as suggestions. Once the vision of success is established stakeholders can turn their attention to the Quality & Impact sections and prioritise and even assign weighting to the various underlying dimensions. The relevant, prioritised/weighted dimensions can be measured using a Likert Scale against Sedera et al’s 27 corresponding measures Figure 3 (Below) as mentioned in the earlier post ‘ IS Success Canvas’.

The table borrowed from Seddon et al (1999), Fig 2 (below) contains examples of various stakeholders and information systems, and this table can be employed to inform the context dimension of the framework. The table column and row headings are useful as prompts but are not exhaustive of potential perspectives. However, the strength of the canvas approach is that it is blank and can therefore accommodate all stakeholder/perspectives and various information systems. Also, though informative as regards Stakeholder and IS type, we favour Sedera’s refined four-dimensional model and its tested measures (Fig 3, below) over the measures contained in Seddon’s table (Fig 2, below)
In a nutshell, the left side of the framework is a canvas to establish and outline what is to be deemed IS success. The right side of our framework is concerned with evaluating the IS against this established vision of success.

[2] Quality and Impact

The DeLone and McLean original IS success model classified measures of success into six constructs; System-Quality, Information-Quality, Organisational-Impact, Individual-Impact, Satisfaction, and Use.
Gable et al (2008) later proposed that information quality and system quality as identified by McLean and DeLone should be elements of a greater construct – IS Quality, while individual and organisational impact should be sub elements of an IS Impact construct.
Furthermore, Gable et al proposed that the ‘Satisfaction’ and ‘Use’ concepts as identified by DeLone and McLean should only be used as a metric to measure IS Impact and IS Quality and should not be treated as dependent constructs.
Thus, in our framework we considered both models and have confined the 6 constructs identified by DeLone and McLean into 2 key constructs as put forth by Gable et al; IS Impact and IS Quality. These constructs can be seen on the top level of the diagram.

The Impact construct is concerned with the eventual outputs delivered by an IS. The reason organisations invest heavily in information systems is because they expect the IS to have positive impacts on individual users and the organisation as a whole. Individual-Impact looks at how the IS has influenced the productivity and capabilities of individual users. Possible measures which can be used include individual productivity, learning and decision effectiveness.
Organisational-Impact is concerned with how the IS contributes to overall organisational results and capabilities. Business process change, cost reductions and overall productivity can be used to measure organisational impact.

The Quality construct is used to measure the IT-Artefact or technology element of IS.
Information-Quality is concerned with the quality of the information produced by the system, for example in reports and on-screen. Some measures which have been developed and successfully measured according to gable et al (2008) include importance, relevance and accuracy.
System-Quality measures the success of IS from a technical and design perspective. Tried and tested measures of system quality include reliability, flexibility, and potential for customisation.

Underneath Quality and Impact in the diagram we have the structure of the IS unit and Net Benefits.

[3] Structure of IS Unit

The structure or make-up of an IS unit can greatly impact its success, for example the level of commitment and support from top management, the quality of communication, culture and the skills of the employees. We will explain each of these to give a greater view of how the structure of an IS unit can influence IS success.

Top Management Support

It is extremely important that top management do not forget about a project after the planning stage but instead are commitment at the time of system implementation. By being directly involved in a project, top management guides the implementation team, allocating resources for projects, and stepping in to solve critical issues likely to affect implementation.

Communication

Management of an IS unit also affects communication within an organization and ultimately the productivity of users. Communication in an enterprise is vital in managing a company more efficiently, keep close monitor on strategies, strong relationships with employees and to have strong relations with partners/clients.

Culture

Culture within an organisation is also critical in determining success as it can impact how innovation affects IT practices and overall performance. Culture can impact organisations in the following three ways
1) Culture within an organisation can provide unwritten guidelines for employees in how to create a good workplace and strengthen relationships in order to improve the social system in the organisation.
2) Culture in an organisation can also affect the ability to deal successfully with issues from both internal and external integration.
3) It can also determine the differentiating between in-group and out-group people.

Employee Skills and Training

Employee skills being one of the most important factors within an organisation are critical in achieving success. If the employee does not meet the requirements/skills needed to carry out the required tasks, it can affect productivity and efficiency. It is also important that a business has a well-established training program for new employees in order to gain the appropriate skills that may be required specific to the company.

[4] Net Benefits

As a group we felt that Net Benefits is needed within an IS framework to support management teams in determining the success of their IS unit. The Net benefit dimension was also used in the DeLone and McLean model (2003) for organising IS success measurements. [ ] Net benefits are the extent to which IS are adding to the success of individuals, organisations and groups. The support management team needs to identify what their net benefits are. Examples of organisational net benefits may include: improved decision making, productivity, increased sales, reductions in cost, profits, economic development and creation of jobs, (DeLone & McLean, 2008).

Conclusion

Our framework is a synthesis of the key dimensions evident in the IS Success model research, and we feel that the framework is applicable or adaptable to all IS evaluations. The framework is intentionally open in nature with regard to its dimensions and measures making it ideal for quickly establishing and explaining across various stakeholders the success or less successful aspects of a system, while if necessary, thorough quantitative methods may be applied to the various dimensions, depending on the nature of the evaluation.

References:

• Seddon, P. B., Staples, S., Patnayakuni, R., & Bowtell, M. (1999). Dimensions of information systems success. Communications of the AIS, 2(3es)
• Petter,S., DeLone,W. & McLean,E. (2008). Measuring information systems success: models dimensions, measures, and interrelationships.
• Gable, Guy G. and Sedera, Darshana and Chan, Taizan (2008) Re-conceptualizing information system success: the IS-Impact Measurement Model. Journal of the Association for Information Systems.
• DeLone, W. and McLean, E. (2003). The DeLone and McLean Model of Information Systems Success: A Ten-Year Update.

Figure 1: Seven Questions to Answer when Measuring Organisational Performance – Cameron and Whetten (1983)

Figure 2: IS Effectiveness Measures used for different combinations of Stakeholder and System – Seddon et al, (1999)

Figure 3: Gable et al (2008) Impact Measures

A new framework for IS-Business Cases

Introduction

We have chosen to begin our framework by introducing a Business Canvas to introduce the successful components of a business case. They are outlined as;

1. Drivers
2. Objectives
3. People
4. Change
5. Benefits
6. Costs
7. Risks
8. Post-Evaluation.

Business Case Canvas

 Mobile phone company that is experiencing increased customer defections caused by a combination of service failures and the extended product and service offerings of competitors.

We believe that with any framework or business model undertaking including both frameworks and ERDs, the firm should also implement the Canvas as a tool of monitoring finances, customers, targets, goals and potential hazards of the model can be identified in the primary stage of development, an important feature to help to maintain the success and alignment of any implementing model.

Figure X: Developing a successful business proposal.

 

1) Drivers

Our framework begins with the drivers of the IS business case. Drivers are required in order to make decisions and set objectives for a business. They do this by providing a foundation for setting goals in order for a business to strive and have targets to hit.

These drivers consist of both internal and external drivers. The internal drivers are the situations or events that occur inside the business, and are generally under the control of the company. Some examples of these are:

• Management Systems
• Financial Management
• Employee Morale
• Reducing customer fall-off

The external drivers, on the other hand, are the events and situations that occur outside of the company and are usually beyond the control of the company. Some examples of these are:

• Economy
• Demographics
• Competition
• Political Interference

2) Objectives

After the drivers have been identified, the framework progresses to identifying the objectives of the business. These objectives are usually aligned with the drivers and are specific to the company. There are three primary objectives for a business case:

• To present decision-makers with key information about a business proposal in a consistent, balanced format that facilitates the evaluation, comparison, and prioritising of competing initiatives.
• To guide teams in developing their vision and plans to prepare for an upcoming project.
• To ensure that resources are allocated based on a sound business rationale and consistent with the priorities of the sponsor organisation.

3) People

This involves including a diverse range of skills, departments and people. The Belbin personality test will ensure a broad range including creative types, leaders and the conscientious dissenters which ensure the creation of a fair and balanced IS-business case.

The role of the manager/leader is paramount. The smart leader though involves other actors from outside the IS sphere benefits and problems arising are shared out amongst the user community. This is achieved by involving all departments of the firm and by aligning the needs of these departments with that of the business case. Support for the business case is also built through this method.

By involving the right mix of both technical and non-technical you are spreading the importance throughout the firm

4) Change

Before the implementation begins business cases must highlight potential conflicting interests, resistance/immunity to change and general office politics. For instance if the workforce is heavily unionized then chances is that there will be heavy resistance to any IS automation of processes. Business cases must take this into consideration when justifying the investment.

All business cases must be made in the context of the firms current environment, its organizational culture resistance to change is a natural reaction from a workforce proper transparency and communication can alleviate this problem while the necessity of the investment and the overall vision must be made clear to employees.

• People change
• Process change
• Organizational change

5) Benefits

Having agreed on the objectives of the investment, what users to involve and planned for change, management must now identify the expected benefits that will arise if the objectives are achieved. These are the advantages provided to specific groups or individuals as a result of meeting the overall objectives. For most investments, meeting each of the objectives will usually generate a number of benefits to many different groups of users. Once the expected benefits from the investment have been identified, they can be managed by:

a)      Deciding how the benefit can/will be measured; and

b)      Attaching an owner to the benefit.

• All financial benefits are the result of applying a financial value to a proven quantifiable benefit. For example, projected positive financial outcomes as a result of achieving an objective – such as cost savings or increased profits – are readily accepted as business benefits and are easily expressed in financial terms.

• Non-financial or non-quantifiable benefits must be translated into something that has some financial value or meaning. For instance, customer satisfaction is commonly referred to as being a “soft” or “intangible” benefit due to its inability to be directly measured.

• These non-financial benefits will be expressed as a financial value through their measurement value expressed within already identified KPIs; through existing tangible measures such as customer satisfaction survey scores, customer retention rates and so on; or through methods such as piloting and external benchmarking.

• Making individuals – particularly those in senior positions within the organisation – benefit owners not only builds commitment to a project but also demonstrates the importance of the investment, adding weight and reputation to the business case. This owner ideally is an individual who personally gains from the benefit or represents the interests of the user group that gain from the benefit. This owner thus is willing to closely assist the project team in ensuring the benefit is realised.

6) Costs

Costs can be divided in to five sections:

• Purchasing costs which deals with initial purchase of software and hardware like licence fees and telecommunications.
• Development, the cost incurred here occurs when training up staff and developing programs and systems to meet the needs of the firm, given the uncertainty often surrounding I.S. projects this element often overuns.
• Infrastructure both internal and external costs occur through the changes that must occur to accommodate the system.

It is important to also include recurring costs associated with the new system once it goes live. Cost of changes must also be included and are often the most elusive because they are so difficult to predict particularly when there is a wide variety of stakeholders involved.

7) Risks

One of the primary risks with any framework is the fear that the overall framework results in loss of alignment with the company goals and targets. To prevent such measures it is strongly recommended that any business case be continually monitored in relation to the initial objectives and ensure alignment. Simply ensuring continual monitoring can help decrease any degree of risks by identifying problem areas at an early stage.

One method that could prevent risks becoming problematic may be to carry out Risk Assessments at regular intervals. The assessment helps to identify risks associated with specific pre-determined circumstances unique to the company as well as giving recommendations of how to alleviate the issues before they become a significant issue

• Technical Risks- The overall difficulty in determining the boundaries of the system.

• Organizational Risks- Leadership absence with little to no senior or ministerial responsibility being designated.
• Lack of communication between associated stakeholders, lack of team integration and issues between business users, technicians and clients.
• Misalignment between firm’s strategic targets and the overall priorities of the framework with no agreed measures of success.
• Financial Risks outlined in costs below but also the project runs the risk of significant overrun potential derailing the entire project.

8) Post-Evaluation

A final note should be considered for the post-business case stage. Evaluation of the effects of the initiative after it has been implemented is a key element which is sometimes overlooked in preparation of a business case but is vital in transferring the lessons learned to new projects. Without post-implementation evaluation of the proposal the business case is not complete.

Conclusion

The difference between a good business case and a bad one is pretty easy to spot. A good one involves multiple players, tangible metrics, constantly updated and reviewed and is employed as a touchstone for decision-making concerning things such as budget, benefits, costs and key drivers. Business cases aren’t a box ticking exercise, they uncover hidden costs, agendas, preconceived notions all designed to stimulate discussion and create informed decision making. With the framework we have created we believe that brings the dispirit elements of the IS-business case together to offer a comprehensive step-by-step guide as to how management teams can create successful business cases.

A 3-Stage Business Continuity Framework

We have designed a framework that we believe companies could use when preparing a business continuity plan (BCP). This framework will be divided into three stages:

The first is the initiation phase, which generally encompasses all that will be completed when a BCP is first proposed. This involves defining the event for which we are preparing for, identifying the key players involved and the main aspects of the BCP.

The second is the continuous phase, which incorporates many activities that take part at inception of a BCP and also take place regularly during the lifespan of a BCP. This is carried out to prevent the BCP from becoming out of date. These activities include identifying threats, establishing a “whole business approach” and carrying out regular tests, reviews and updates.

The final phase is implementation, which involves putting the BCP into action and ensuring it is in place should a disaster ever affect the business.

Phase 1: Programme Initiation

Crisis Definition

Before an event can be addressed, one must first adequately define it. Is it simply an incident or a crisis “one that can interrupt anything that the organisation considers critical” This will be assessed accordingly by a crisis management team, who will be recruited to properly assess a situation.

Forming the BCP Team

As pointed out by the group the business continuity process should be an enterprise-wide activity rather than just an IT issue. Just viewing business continuity as an IT issue may lead to inadequate resource allocation for the business continuity plan. Therefore it is important to establish a programme which chooses key people within the entire organisation and not just within the IT department.

Choosing people from different departments to participate in the preparation of the business continuity plan (BCP Team) will increase the variety of skill available and also will act as a voice for their department when planning the contingency plan. The CIO can have a key role in identifying these key individuals. The business continuity plan should be the responsibility of a senior manager (business continuity manager) who will lead the development of the business continuity plan. Within this initial phase the programme roles, responsibilities and processes will be defined and agreed by the BCP team. Also the team should identify the key personnel, resources and suppliers needed in the event of a crisis and those identified should be assigned specific tasks in the event of a crisis. Once the BCP team is assembled they can go about discussing what should be included in the business continuity plan.

Aspects of BCP

These are the main areas of interest in relation to a forming a BCP.

1. BCP Governance

BCP Governance is concerned with how aware management are of their commitments and roles. This section needs to contain a structure, possibly in the form of a committee who are responsible for overseeing the plan as a whole.

2. Business Impact Analysis (BIA)

The importance of a BIA is in relation to identifying the main products/services that the company provides, while clarifying the impact a disruption may have on these. Another area that is looked at in this section is identifying areas that could potentially lead to revenue loss, additional expenses and intangible losses. At this phase it is important to identify the organisations insurance requirements and identify inter-dependencies that exist between a company’s products/services.

3. Plans, Measures and Arrangements for Business Continuity

This stage of the plan requires the company to prepare a detailed recovery/response arrangement to maintain business continuity. The aim of these arrangements is to provide the organisation with an idea of when they would be able to provide a minimum level of service during a time of disaster. BCPs need to be made specifically for each product/service that the company provides. They also need to ensure continuity within each business process of an organisation.

4. Readiness Procedures
These procedures ensure that all staff members are adequately briefed on the plans contents and the measures that will be going ahead in the event of a disaster. Everyone needs to be aware of their responsibilities while those staff members who have direct responsibility need to keep up to date on their role in the event of an incident.

5. Quality Assurance Techniques
This process is essential for helping companies evaluate what part of their plan needs to be updated and improved on. These techniques may include an internal review or an external audit, or possibly a combination of both methods.

Phase Two: Continuous

Internal and External Threats

There is a need for both a company’s internal and external threats to be explored at the outset of a BCP.

An internal threat is something that occurs within the company. Examples include interruption to supply chain, security breaches, and data loss. As a company evolves other internal threats may become a bigger risk to the company, for example if the company is customer orientated, a power outage could cause adverse effects. External threats are those that come from outside of the company, something the company cannot control, for example natural disaster and terrorism. Another example is hack attack on the company’s system. In order for a company to prepare for these attacks a stringent and well organised business continuity plan needs to be in place within to company.

Identification of these threats will serve to increase the company’s resilience by being prepared for all eventualities. Flexibility needs to exist within the BCP to ensure all threats are prepared for. For example, the same action would not be taken for supply chain interruption as would be for the occurrence of an earthquake.

Whole Business Approach

As pointed out in the Initiation Phase of our framework, a Business Continuity Plan needs to be an enterprise-wide activity. There needs to be a whole business approach in adopting the BCP in order to gain full advantage of the plan when it is called upon.

The programme initiation phase of our framework and building the right team is crucial in making a BCP an enterprise-wide exercise. If the correct team is put in place, it will insure there is strong leadership (Business Continuity Manager from top management of the business) and an active involvement from all sectors of the business (BCP Team). By the importance of the BCP being recognised from the top down, the plan should become a crucial part of the business that is integrated into the everyday functioning of the company. If this ‘embedding’ of the plan into the company’s culture is successful, then each member of staff will be aware of the importance their role has in its success and pay due diligence to that role. For the recognition of this importance to continue into the future, beyond the initial setup stage, testing and reviewing will be crucial.

As part of an all-encompassing “whole business” approach, recognising the need for suitable secondary protocols are essential. We propose that this should involve an assessment of the company itself by professionals in the area of disaster recovery. This will provide the company with the necessary instructions to accommodate for financial strains that secondary protocols can cause.

Testing

A BCP is defunct unless it has been proven to be effective. In order to ensure this, companies perform full tests on their BCPs which are performed at initiation to ensure a new plan is effective, and at regular designated times until further changes have to be made. This is necessary in order to keep the plan up to date as the external environment and threats change constantly.

As discussed in a previous post there are three different types of tests:

1. A Plan Review
This is a theoretical review of all BCP documentation.

2. Table-top Test
All of those involved in the BCP gather together to discuss and examine the plan and how it would be implemented.

3. Simulation Test
This is a practical demonstration of the company’s procedure under particular circumstances or in an unexpected event. It is the most exhaustive of BCP tests, and will prove the best indicator of a plan’s effectiveness.

These tests are measured based on the following standards, which incorporate the main aspects of a BCP as discussed.

1. Participation
This refers to those taking part in the test.

2. Attendance
Were people present and prepared for the test?

3. Plans (Early and Later Stages)
How well did those involved react to the initial stages of the issue? How exhaustive were the plans drawn up for issues including the co-ordination and allocation of key resources?

4. Support and External Players
How helpful were the support groups? Who was needed the most?

5. Leadership
Did those in charge during the co-ordination of the plan during the test react well?

6. Information Flow
Were those in relevant positions kept well informed during the process?

7. Quality Assurance
Reviewing the test regularly will help to ensure quality and effectiveness.

Mistakes

Testing shouldn’t be about “ticking the boxes”. Companies must account for all exceptional circumstances, and place their business ahead of all else. In the case of an unexpected event that a BCP doesn’t specifically address, there are critical areas that must first be looked at. As already discussed “The testing should challenge and surprise the organisation and its stakeholders”. This of course means that tests should also accommodate for all business processes, not just IT and IS. By recognising these pitfalls, a company is ensuring the continued survival of their business in a thorough and comprehensive way.

Updates

Our framework also takes into consideration past mistakes that others have made with regards to BCP. Over-reliance is addressed through assessing all possible areas of concern. The scope of the BCP will cover all aspects of the company, not just IS and IT, as this has become an increasing issue recently. Other issues such as security, insurance and service evaluation will also be addressed. Regular assessments of the company’s BCP will be a part of the BCP tests that will be carried out.

Phase 3: Implementation

The implementation of the BCP is one of the most critical aspects of the project. The role of the BC Manager and the BC Team is crucial here, as is the “Whole Business Approach”.

Other stages required in a successful implementation are;
• Actively encouraging employees to embrace the operation activity of the BCP by conducting internal discussions/study meetings etc. Encourage employees to gain knowledge themselves to enhance their skills with regards to disaster prevention and responses. This can be done by providing incentives for taking part in emergency-response courses and seminars related to BCP.

The BCM should also conduct their own training session on their BCP. Regular training sessions for the employees that focus on BCP-education will ensure if/when a disaster occurs that the organisation is adequately prepared. These sessions should involve the following aspects;
1. Evaluate and re-evaluate the effectiveness of the BCP
2. Help employees gain an understanding of the BCP and clearly identify their own roles
3. Actively promote cooperation and collaboration amongst employees in the case of a disaster.
It is the role of the manager to keep everyone informed and updated on the BCP.

The group also pointed out that even if a good continuity plan is implemented and tested regularly there is no guarantee of success, as the Lehman brothers showed during the 9/11 attacks when they were denied access to their recovery center, they had to draw on emerging processes in creative ways, showing that crisis adaptability is the key to continuity. Regular reviews of the BCP will be carried out to ensure that it remains accurate and up to date, depending on the external environment.

Figure 1.1 Proposed Framework

We believe that the above framework incorporates all aspects that are essential when it comes to business continuity planning. By assessing literature, previous successes and failures, we have feel that we have accounted for the obvious and the unexpected. As with every framework, there is room for interpretation, but it is our belief that it should prove successful.

Group 10

Tim Ahern
Briain Dollard
Ross Leahy
Cian O’Brien
Eileen O’Brien
Claire O’Sullivan

Business Continuity Framework

Introduction

As per Assignment 2 and as part of our module IS6118, we have developed a Business Continuity framework based on our previous blogs regarding Business Continuity. We have used different components discussed in our blogs regarding the topic to produce a framework for building organizational resilience with the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities [1][3]. We have researched different components of the framework and also background to business continuity to get a better understanding of the topic. We have also looked how technologies can be used to help with business continuity and also how a framework has been used in real life case studies. We have decided on 7 main components of a business continuity framework:

1)      Policy/Planning

2)      Management

3)      Communication

4)      Reporting

5)      Identify Critical Business Functions

6)      Analysis

7)      Implementation

Business Continuity Framework

 

1) Policy/Planning

Business continuity planning is an essential future plan for a business in order to provide a service without any factors affecting its performance. A business can never foresee future events such as a crime, natural disaster, IT failure, power failure, fire, etc. [1]. When it comes to policy and planning service level agreements are fundamental to achieving business continuity. Downtime whether it is planned or not can be hugely damaging to an organisation and it is for this reason why SLA’s are incorporated. They effectively ensure the minimum levels of availability from suppliers and then lay out a plan to define what actions will take place in the event of disruption. The challenge comes when trying to link business continuity and SLA’s together as there are certain services which most definitely require service-level-agreements to be put in place. There are internal and external services which will require necessary SLA’s and they vary from RTO’s, RPO’s, review of BIA, risk assessment, network recovery, time required to recover and restart from failover etc. Such companies as IBM have developed a solution to organisations which enables them to improve business continuity much more efficiently and effectively to data protection strategy and storage infrastructure by applying service level concepts [2] [3].

Business continuity plan is devised to lessen down the distraction that could be caused by the disaster and keep the business competitive. The Business Continuity plan should include the occurrence of several events including equipment failure; disturbance in power supply or telecommunication; application failure or database corruption; human fault, disruption or strike; malicious Software (i.e. viruses, trojan horses or worms) attack; hacking; other Internet attacks; social disturbances or terrorist attacks, fire, theft and natural disasters like flood, hurricane, earthquake etc. [5].

2) Management

Managing the Business Continuity Policy or plan is essential to its success. Assessing the risk(s) that threaten(s) the company is an essential prerequisite to crafting a BCP. Conducting a risk assessment to develop response strategies is vital to a successful BCP. Another management priority is to frequently Rehearse, Maintain and Review the BCP [4]. Management from the top is crucial to the framework as there will be a clear outline of procedures and processes and the risks which need to be eliminated. The strategy of the organisation needs to be clearly defined in order to ensure the BCP is utilised appropriately and the management should also aim to create a culture of business continuity in the organisation and drive home the significance the BCP and this in turn will contribute to the success of it. If this isn’t driven home by the management then the business could be in jeopardy as the costs associated with business continuity could spiral. The Business Continuity Program should be aligned with the enterprise business objectives and that is the responsibility of the management [2].

3) Communication

Communication involves producing plans for training staff that would be involved in the business continuity process and also plans for testing the systems that are involved in the recovery. Identify key staff and potential backup staff in the event of a disaster. Hold staff meetings. Every employee should be made aware of the BCP and should be reminded of it on a regular basis. Test the BCP and put it into action sop that if the day arrives that it needs to be implemented then at least you have practice runs completed [1][5][3]. The idea of communication as part of the business continuity framework is a hugely important aspect as it allows for the framework to be tested before implementation. There is a huge gap here in the framework to utilise the medium of social networks and it is time that businesses start thinking about incorporating social media into their business continuity. One of the main reasons social media will be used during a business continuity plan is for communication during a crisis, disaster or planned and unplanned downtime. Through analysing the opportunities available to businesses through the use of social media to support the business continuity, tools such as ‘Yammer’ can support the HR team in terms of being able to communicate with employees and provide better care in the midst of an incident of downtime. Social media allows the employees a greater influence over an organisation than ever before whether they like to admit it or not. Other social media outlets include, Facebook, Twitter, LinkedIn, Google+, YouTube etc. By using in-house social media tools will aid in improving business processes and procedures due to feedback generated by employees whether it be good or bad and as a result this will help provide more information on areas for improvement which then in turn leads to better BCM. Also in order for a business continuity plan to work the professionals need to be in direct contact with the powers that be in a company in order to understand the company they are working with to ensure that the right risks are mitigated with effective approaches and methods [2].

4) Reporting

A document should be prepared outlining all the remedies in the event of a BCP been implemented and should be easily accessible in an identified location. Duplicate copies should be distributed to employees and also digitally and in an off-site location [3]. In reference to an off-site location this is where the cloud comes into the equation when an organisation is in partnership with a trusted cloud service. These reports, data and information can be stored in the cloud and that is one of the major advantages of utilising the cloud. In the event of planned or unplanned downtime the organisation can rely on the trusted cloud service to have the data readily available and easily accessible. However there may be certain issues when it comes to storing information depending on the jurisdiction and territory but this only applies to regulated organisations. Data integrity will also need to be addressed for the Business Continuity Plan [2].

5) Identify Critical Business Functions

If a business has a plan in place to deal with such events, then the essential functions of a business are fail safe and a business can provide an uninterrupted service. Identify critical external contacts which includes essential information about the contact and the contact list should also include solicitors, IT consultants, landlord etc. information. Identify essential equipment. Make sure there is a back-up system in place such as RAID in the event of a disaster or emergency. Also back up generators and hardware should be ready to use in the event there is a computer failure or power failure [3]. Identify Essential Documents. Documents regarding employee information, premises lease, tax papers, legal issues etc. should be duplicated and stored off site in the event of a fire or natural disaster. The business should be able to set up again [1]. The cloud can aid with the running of business critical functions in the event of downtime as when organisations are in partnership with a trusted cloud service they will have access to a secure and exclusive network with an extremely high availability and this will allow this critical business functions to operate [2].

6) Analysis

Analyse what roles and responsibilities are given to employees during disaster recovery, along with full contact details and capability profiles. Identify Essential Documents. Documents regarding employee information, premises lease, tax papers, legal issues etc. should be duplicated and stored off site in the event of a fire or natural disaster. The business should be able to set up again [1]. The purpose of the risk analysis is to identify procedures that could possibly prevent or reduce the effect of a disaster. These procedures include educating personnel about issues such as security, Vandalism, workplace violence and so on. Risk Analysis involves the analysis of the organisational environment to identify threats that could lead to a disastrous situation.

Areas to be reviewed for such threats are the actual physical location of the organisation, access security, the organisation’s policies, practices and the construction of any of the organisation’s facilities. The objective of this analysis is to identify the vulnerabilities that could cause the most damage to the organisation and to select the appropriate controls for providing effective protection.

The Business Impact Analysis (BIA) can be divided into 3 steps:

1)      Performing the BIA

2)      Determining the minimum processing requirements

3)      Analysing the risk.

Analysing the risk differ from the traditional risk analysis because it actually refers to the prioritisation of resources as well as the identification of possible loss situations for resources [5].

7) Implementation

Implementation involves providing details of services and equipment available to be utilized during recovery. Also, outlining details of all the steps in the recovery process, both to get an initial basic operation up and running, and for full restoration of business. Create a list of responsibilities for implementation of a BCP. This should identify which employee does what and how. Such as person who should phone the fire brigade, this person could be appointed as the Fire Safety Officer [1]. When the development of the strategies recovery is done or completed, then it is now time to implement these strategies. While waiting to implement or to develop these strategies much preparation is needed. For example set up procedures for backup, contracts and agreements. This would also involve assigning personnel to various tasks in case disaster strikes. These tasks are called emergency response practice and should be performed by a team [5].

 Conclusion

Based on our above framework and from our previous blogs we feel that for business to continue during a disaster the organisation should follow the guidelines mapped out in our framework. By using the components discussed we feel that a business will be fully prepared in the event of planned or unplanned downtime which affects the performance of the business and thus in turn will lead to loss in revenue. Management needs to be involved from the outset in order to clarify the needs of the organisation and insure that critical business functions will be made a priority and aligned with the enterprise business objectives.

 

Source [1] https://sopinion8ed.wordpress.com/author/billynomates2012/

Source [2] https://sopinion8ed.wordpress.com/author/ericlynch1/

Source [3] https://sopinion8ed.wordpress.com/author/gashe2k12/

Source [4] https://sopinion8ed.wordpress.com/author/jamesdaly1990/

Source [5] https://sopinion8ed.wordpress.com/author/mirra2/

 

Group 5
Greg Ashe
Shane Counihan
James Stephen Daly
Ruth Kapinga
Eric Edward Lynch

 

IS Business Case: “Water-flow Framework”

“Water-flow Framework”

Group 6 members
Edward Quinn, Christopher Corcoran, Timothy Halpin, Paul Haughney & Jerry Peleke

Introduction

This blog aims to provide a conceptual framework to support management teams in creating business cases for IS investments.  It is important to note that this blog will draw directly from the individual blogs previously created by the group members based on academic research, original opinions and collaboration between the group. The conceptual framework created will assist in supporting management teams when trying to accomplish investment plans, in particular for IS business cases. The framework is designed to aid in all steps, from the original thought process through to the implementation.

*The above framework is an original creation*

(Click on image for a clearer view.)

Water-flow framework explained

The above framework draws from the idea of a water-flow feature, whereby until such time as the water fills each compartment, then and only then can the over spill flow into the next compartment. This flow process is repeated until the end, when usually the last compartment over spill is pumped back to the start, thus restarting the process from the beginning.

Applying this “water-flow” concept to the above framework, each of the four stages (compartments) has a number of steps that must be completed in order to move onto the next stage.

Stage 1 – “Logical Rational”

Steps include:

Assuming at management level a decision to create a business case for IS Investment has occurred,  at a theoretical level, a logical rational needs to be clear and transparent to all involved at the creative and planning  level. This logical rational should be based on accurate and up to date research, where the basic yet essential questions are answered such as:

– “Why do we need an IS investment?”

– “What are the tangible and intangible benefits we might envision for the firm?”

– “How much will it cost?”

– “Will the change be accepted within the organisation?”

Once these essential yet fundamental questions are examined in depth, and more importantly answered, the planning step can then begin.The planning step builds on the previous step, whereby a logical rational provides a clear justification for the need to apply for and create a business case for a particular IS investment. Also, it is important to note at this stage that the planning step needs to ensure that the future IS investment is aligned with the organisation’s core capabilities.

Stage 2 – “Financial Justification”

Steps include:

Once the logical rational stage has been completed, the next stage moves on to the financial justification. This section is concerned with assisting management in deciding whether or not, based on financial grounds, to go forward with a proposed IS investment. Financial justification entails answering questions such as:

– “Can this proposed investment pay for itself?”

– “Will investing in this technology constitute optimal use of our funds?”

– “Will our financial position be improved in the long-run by this investment?”

It is imperative that the business case focuses on the cost analysis of the investment in question, which includes consideration for both the cost and the payback of it. Depending on management priorities, financial justification may be decided on by one or more cost-benefit analyses including Net Present Value (NPV), Payback Period (PBP), Internal Rate of Return (IRR), Return or Investment (ROI), etc.

Cost-benefit analyses assess the impact and net benefits of the chosen option in achieving the desired outcomes, in comparison with other feasible approaches. This will include the evaluation of both tangible and intangible factors, as well as quantitative and qualitative factors, which will accurately assess the value of specific technologies (i.e stated monetary values for specific software / hardware, hidden costs, calculated depreciation costs). It will apply for the lifetime of the proposal as opposed to just the implementation period.

Stage 3 – “The Human Element”

Steps include:

Having completed the financial justification stage, the next stage is concerned with the human element attached to creating the business case for securing investment within the organisation. In many organisations, more often than not, human involvement can be the most critical component which may in fact determine the overall success or failure of a project – regardless of how logically or financially sound the IS business case may be. This issue can often go overlooked in academia and in industry, thus the human element stage can assist in highlighting areas for management which can improve the chances of a positive reaction. Mistrust and fears are often the basis for resistance to change within firms, where employees particularly against IS or IT changes, may have many uncertainties such as:

– “Will this affect my current employment and pay?”

– “Why are they changing the system if it works fine as-is?”

– “Will we receive sufficient training?”

– “Will I be made redundant?”

Creating an honest, transparent and inclusive process to all affected parties can overcome this obstacle. If the uncertainties in question are addressed adequately, an IS business case not only gathers crucial support, but it also minimises potential objectors. Subsequently, the process is made smoother whilst improving the organisation’s culture to change. Finally, this stage is quite significant as it combines all three stages (Logical Rational, Financial Justification and The Human Element) and, provided each stage(s) are correctly completed, one can assume that the signing-off / granting of the IS investment will be approved (for the purpose of this framework).

Stage 4 – “Implementation Stage”

Steps include:

The implementation stage is the final part to the “Water-flow” framework.  Within this stage, a number of steps should be followed to ensure greater security and monitoring. Within the monitoring step, clear agreed timelines, delegation of workload, resource allocation and budgetary expectation should be clearly outlined (as forecasted in the Financial Justification stage). As alluded to before (in the Human Element stage), people are greatly affected in the implementation process. Therefore, the introduction of an Organisation Change Management (OCM) plan can help inhibit unforeseen negative and potentially harmful consequences that may arise.

Lastly, this stage should constantly filter back to the logical rational step at crucial and planned incremental periods, thus mapping progress. This ensures that the IS business case plan is on the correct path, the financial constraints are within budget, and also the people affected within the organisation due to the change are satisfied with the new transition.

Conclusion

In summary, we believe that the Water-flow framework can help management teams overcome many of the challenges faced in organisations today, especially when trying to create and implement a successful IS business case with an attempt to secure investment. The conceptual framework represents certain procedures and steps that must be completed before progressing onto the next stage. One could argue that the Water-flow framework highlights key and fundamental areas for creating a“watertight” IS business case, which in essence provide direction and clarity for all parties involved. However, it is important to note that, although each stage is quite clear in definition, the internal steps can be altered depending on the specific needs of an organisation. The Water-flow framework is targeted at IS business cases, although one could argue that with a few adjustments, the same concepts can be applied when trying to secure investments in other areas such as IT and Human Resources.

A Framework to Support Management Teams in Determining the Quality of their Information Systems.

Introduction
This framework is designed to aid management teams in determining the quality of their Information Systems services and outputs. The purpose of a framework is to give a description of a complex entity or process. In this case our framework in figure 1 takes the form of a step by step process or checklist, which will allow the user to methodologically assess the quality of either a new or existing Information System. The framework consists of five main phases, each with their own individual attributes. The five phases are organisation, planning, evaluation/testing, implementation and review.
Methodology
We developed this framework by posting blogs on the topic of IS Quality. We then brought our ideas together and discussed and analysed them in order to develop a comprehensive framework to measure IS Quality. We developed a blueprint of our potential framework by reviewing the issues we raised in our blog posts and is roughly based it on the PIRI model described by pm1083. This blueprint formed the basis of our final framework which is located below.
Framework
This framework is made up of five steps. It begins with organisation which is followed by planning, evaluate/testing. After this it then splits into two depending on the situation of the organisation whether the system is being newly implemented or if it is an existing system that the quality is being determined. We decided to follow method due to its clear structure and as we felt it fitted in well with what we were trying to achieve.

Figure 1

Explanation of the Framework

Organisation
Culture – The organisational culture will be determined by the external environment, and this will include the language, the way of life of the people, and their work ethic. All of these factors must be compatible with the Information System. There are other problems that can arise due to differing cultures, such as the different formats in which the date can be displayed.
Alignment – The system must align with the business goals of the subjects. Even if the system is fully functional if it does not align with the business goals then the system may be deemed low quality as it will not provide what is required.
Organisational Context – It must take into account the organisational context for example some sectors may require some special characteristics of an information system or may require that certain things be left out of a system depending on an organisation individual situations
Cost Vs. Benefit – The overall possible benefits of the system must outweigh the possible costs of the system. While this is often very difficult to do before a system has been implemented it must be estimated to have an initial overall idea.
Inputs – Technical capability and technical hardware to be able to cope with the system must be present in the organisation. These have to be of a certain standard in order to be able to deal with the requirements of an IS. The data going into the system must be quality data. The inputs of the system will determine the quality of the outputs, and so, the overall information system. The quality of the overall system will be determined by its inputs and so it must be established that these are of high quality to ensure the resulting system will be of high quality.

Planning
Needed from system – This is what is required from the system for the organisation that is implementing the system. This again goes back to the central issue of what are the user requirements. This is what the output the system will have for the organisation and the overall goal they will have from implementing the system.
User requirements – These are the requirements that the user of the system needs in order to maximise the potential output of the system. All aspects of the system being implemented must be user friendly and also allow the user to realise the potential the system can offer. User requirements may differ as a range of variety of users may be using the system and have different or even conflicting requirements. These requirements must be established and balanced in this planning phase in order to ensure the system will be able to successfully deliver these requirements.
User expectations– This is what the user expects the system to be able to do. This relates to what a user wishes to gain from working with the system being designed. It relates to the work that they wish to achieve from the system and what they can achieve for the organisation. The user requirements must match the user expectations otherwise they may deem the system to be of a low quality.
Ease of use – When a system is being developed, the easier it is to use the better it is for the user of the system. The ease of use would allow a user get familiar with the system much faster and this in turn would prove more beneficial for the company and the output from the new system as fewer errors will occur when the users find the system easier to use.
Measurements-Measurements from the system must be established here. You cannot control something unless you can measure it and so the management team must decide how they are going to measure the system- what will they determine the system must output or how. They can then use these in the review stage to determine if these have been achieved. If these measurements have been achieved it will be easier for the organisation to determine the quality of the IS.

Evaluation/ Testing
Potential users – In order to ensure that the system is meeting the users’ requirements and expectation, it must be established who the users are.
Conduct tests- Select a sample of the current staff to evaluate the existing or new system. They should rate this in order to give the management team an idea of how it is currently being used and received.
Ease of use – The system must be usable for the users. If the users find the system too difficult to use then it is most likely they will not use the system to its full potential and so the quality of the system will not be realised resulting in a system which seems of lower quality.
Usefulness – The system must be useful to the organisation. If it is not useful then this again will impact on the user requirements. It will not be able to fulfil these requirements and so the management team would determine this as low quality.
Test system capabilities – The system should be tested for its capabilities to ensure it is up to the level to what is required by the organisation.

Implementation
Ensure users are trained – Ensure that all users of the system have sufficient knowledge and training on the new system before it is fully implemented. This will reduce the number of errors made and ensure they are able to solve issues that come up themselves and so reduce the number of issues brought to management.
Implement in stages – It is important to implement the new system in stages to allow for the resolution of any unforeseen problems or errors that may occur during the implementation process. This will ensure a smooth transition from the old to the new system. It will also allow for the resolving of issues as they occur rather than have them build up.

Review
Alignment – The system must align with the business requirements of the organisation. If it does not align it may not be providing the required information and if it does not provide the required information then most likely it will be determined as poor quality as mentioned that the users will often determine the quality of the system and will determine this by seeing if it matches their requirements as mentioned “beauty is in the eye of the beholder”.

Alignment of user expectations & requirements – As mentioned above the user requirements will determine if the system is a success and so it is important to ensure that the users’ expectations and requirements align. Otherwise the user may view the system as not being of high quality if it cannot meet their expectations even if it is technically sound. This is important to consider in the review stage as it may be necessary to address this if these do not match.

Measurements – There must be clear measurable goals set out so that the management team will be able to assess the quality level of the IS. It is important to have established measurements in the planning phase so as to have something to be able to compare whether the aim of the system has been achieved. However as was mentioned measuring the quality of a system is very difficult and there is no one universal method.

Does it fulfil its function– This is one of the most important questions to ask when determining the quality of an IS. Often it will come down to whether the IS fulfils its function will be the deciding factor in determining the quality of an IS.

An Alternative Framework
This alternative framework is different in its inclusion of environment, its splitting up into the organisation and information system, the user then evaluating the system and the system then being reviewed by the organisation and the results then being feed back into the organisation and the information system. How it affects the organisation and the information system to produce an output of information is then to be evaluated by the users. This is then reviewed in such a way that the findings will feed back into the organisation, the information system.

Figure 2.

Conclusion
It is very important for a management team to be able to determine the quality of an information system as it is hugely important because of its effects on the organisation as a whole. This is because decision making is based on the information that will be produced from the Information System. This decision making can have massive and wide reaching effects on the organisation and its future success or failures.
We felt the above proposed frameworks in figure 1 and figure 2 will allow a management team to successfully determine the quality of an Information System in any organisation.  By providing an alternative framework this will allow a management team to choose which they feel will be most suitable to their own specific circumstances and allow them to feel that they have more control in the matter and so they may be more willing to use one of the proposed frameworks.
It is important to note that often these frameworks may seem incomplete on their own however once a company attempts to actually use the framework and they can input their own circumstances the framework will become much more usable and seem more complete.

Group 8

Deirdre O Leary
Patrick Meehan
Christopher Moloney
Rowland Njoku
Lawrence Ogboani