Archive by Author

Quality Assurance Model

24 Feb

(McCarthy, Murphy, Ní Ghaora, Oppermann)


Our aim was to create a pre-implementation model to enable the identification of the quality attributes required by an organisation therefore ensuring the success of the Information System. The correct identification of the elements which align best with the business needs of the organisation is in our view the first step in determining the scope of the project that the management team has been tasked with. A clear vision of the areas of the Information System which are to be developed to deliver high quality to the organisation is imperative from the beginning of the project.

Our concept has been developed on the premise that there is a need for organisations to isolate the attributes that will deliver high quality to their firm and remain resource savvy in the pursuit of the ideal Information System.[1]

Our model will provide potential customers with specific categories of quality and associated attributes which they must focus on to ensure Information System quality.  We propose the ‘Quality Assurance Model’, we feel it fully encompasses the three main categories of IS quality and their underlying attributes.

The three main categories being;

1)      Service Quality

2)      System Quality

3)      Information Quality

These three categories are widely accepted as the main contributing factors of IS quality.[2]


Quality Assurance Model


We feel if companies use our model in the implementation and planning stage of the Information System then they can ensure that the system they intend to implement will provide high quality outputs in the areas which they have identified as essential to their organisation. We also propose a tool which a management team can use to consult & reach consensus on the areas of the Information System which must be focussed on to ensure the delivery of high quality, we call it the ‘100 Point System’. This model will be discussed in detail further on in this paper.

However we would first like to outline the attributes and categories of our ‘Quality Assurance Model’, why we chose them and why we feel they are of importance in relation to an information systems quality.

User Interface:

  • User Perspective – This ensures that you design your system with the end user in mind throughout the whole development process. Without thinking of the eventual end of day users then the design may be completed with fundamental flaws and require expensive re-designs, e.g. the Sony ‘Boomerang’ [3] 


While service quality is a broad term, it is stated in Pitt et al. 1997 that “commonly used measures of IS effectiveness focus on the products rather than the services of the IS function. Thus, there is a danger that IS researchers will mismeasure IS effectiveness if they do not include in their assessment package a measure of IS service quality”. This highlights the importance of usability and the other dimensions of it which are shown in the framework.

Whether the end user is a customer or employee, usability will play a role in the quality of an IS. In the paper “Framework for Quality Metrics in Mobile-Wireless Information Systems” by Ruti Gafni, he highlights usability as a “quality quantification of an IS”.

According to ISO/IEC 9126-1, 2001, an information security standard and best practices publication, usability can be broken further down to the following four dimensions;

  • Understandability – How simple a system is to understand is without doubt a huge aspect of its ease of use. This paper is entirely devoted to measuring understandability and highlights the importance of this dimension of usability.[4]
  • Learnability – is defined as how easy it is for a user to accomplish basic tasks the first time they encounter the design. If a system is easy to learn then it is very likely that a user will use it again.
  • Operability – Is the capability of the software component to enable the user (system developer) to operate and control it.
  • Attractiveness – The capability of the system to be attractive to the user [5]

System Design:

The way in which your system is designed may well be its competitive advantage. Design has become a central core competency to a great deal of S&P 500 companies;

“Anybody now can turn out any product, what will differentiate is that unique design flare that’s built into a product, that’s what creates the value.”  (David Frost, British Chamber of Commerce)

£20 billion is spent a year in the UK on design, leading the UK to the forefront of most design frontiers, design is also the largest single source of intangible investment in the UK. [6]

  • Future Proof – When ensuring the quality of your system it is important to plan ahead, create a system can be updated a new technology becomes available, e.g. future proof your system. These might include Distributed Systems, Multimedia Interfaces, Advanced Operating Systems and Human Computer Interface (HCI) Development Environment’s.[7]
  • Technology Optimisation – Your system is limited by the technology of the day, your design should maximise the current technology for the best quality and performance. [8]
  • Design Cycle – The design cycle ensures your system is evolutionary, it engages in design, prototyping and evaluating. Undergoing this process allows it to guarantee quality and maintain a good relationship with their users. [9]


Information Systems are inherently vulnerable and the information assets which it contains must be protected. This is true of all organisations however it may be that it is of more concern to certain industries, which is an issue for each individual organisation to ascertain. The main aspects which must be considered are the importance of the data which they hold and the implications if this data was to be released or was accessible to those without permission or authority and the potential damage to the business reputation if this data was to be hacked.

There are three elements which must be considered when considering the levels of security required from the Information System:

  • Confidentiality – Managers must insure that information is shared only with authorised personnel within the organisation. The encryption of data is a method of ensuring data cannot be accessed by unauthorised users.
  • Integrity – This involves ensuring that the data is accurate and has not been changed inappropriately to give misleading or false information.
  • Availability – This means that the information system responsible for delivering, processing and storing the information is available when needed. This can refer to the downtime of a system, and its percentage of downtime per year is a good indicator on how available that system is.[10]


As discussed in the team’s blogs, the importance of databases cannot be understated. It is impossible to evaluate the quality of an IS without looking at its database. What is more, when deciding what you want from your database, it is essential to realise that trade-offs must be made.


This further supports our quality assurance models principle, that frameworks being used to implement Information Systems can be too broad and that individual firms must decide their own needs. Here are elements of the database which we feel are most important;

  • Data Accuracy – Dallas Dogger, CEO of Storman Software says; “when other members of the operation rely on management data to make decisions for the business, it’s crucial to be consistent and accurate”. This video highlights the problems poor data accuracy can cause.
  • Data Completeness – Is the extent to which the expected attributes of data are provided, for e.g. a customer field would not provide the end user with sufficient data if it did not have complete info about the customer including contact number and name etc.
  • Data Format – Data must be structured for consistency as well as performance, so data format can have a huge bearing on this.
  • Database Performance – The overall function of a database is to satisfy the end user. Database performance can be defined in different ways, depending on the end user and the data at hand, as well as the goals. Response time is a factor, as well as capacity and scalability. (via Girtab)

Databases can be built in several different structures, each of which will satisfy the end user in different ways. Databases can be indexed differently, and several different schemas exist. This can affect the end users experience, and therefore the quality.

100 Point System:

To ensure the Quality of an Information System we propose a points system.

A management team is presented with an allocation of 100 maximum points, these points can be invested into the subcategories which they highlight as representative of the areas which require most investment to provide them with a high quality IS.

The system works by assigning values to our IS Quality hierarchy as seen above.  For this model prototype we have chosen 100 points as the total which the company can spend on its quality assurance information system. These 100 points may be divided amongst the different sub categories and attributes allowing them to be customisable to the client’s needs. Each of our five subcategories is assigned 20 points by default. These 20 points is divided between the underlying attributes. The company may for example require less an emphasis on the user design perspective and reduce its 20 points to 5.  In this instance they have identified that this aspect of the IS less significant to the company and now have an additional 15 points in their ‘Available Points’ to spend on other factors  which they deem have greater importance e.g. Security.

So as an example, Bank of Ireland may place less importance on how their online banking system looks, but still want to ensure a basic quality, in this scenario they can use the Quality Assurance Model to rank the required quality output using the 100 points system. As shown above they may reduce the importance of the design features to use their ‘Available’ points to spend on performance or online security.

Here is an example of the ‘100 Point System’ in default with an even spread of points


Here is an example of the 100 Point System being used by a Financial Services Business


You can see that the bank has only used 77 points of their allotted 100, therefore they have 23 points left to use in the Information Quality category. It is clear immediately that the bank has placed more of an importance on its security needs compared to its user design.

We would recommend a questionnaire to be completed by department heads to enable them to establish the level of importance of & therefore the quality required from each subcategory, e.g. a bank and its’ security requirements.

The questionnaire may contain questions like;

1)      How significant out of 10 is user interaction with your system?

2)      How significant out of 10 is security to your system?

3)      How significant out of 10 is database performance to your system?

4)      How significant out of 10 is it that your system is future proofed?

The questionnaire however may be an idea for further research.


We developed this framework as a tool to be used by management teams, the aim of this hierarchy model & the ‘100 Point System’ is to encourage management to focus on the areas of the Information System which are most important to the organisation. We believe by visualising & identifying these elements of the Information System which they deem to be the most important to their organisation will ensure high quality deliverance from the system.

The concept for this model was developed based on our belief that the high failure rate of Information Systems is due to the attempts to achieve high quality in all areas of an Information System and the misuse of the organisations resources in these attempts. A misalignment of the vision for the Information System & the business needs creates frustration for the users and in many cases leads to its failure. One example of the catastrophic failure of an IS due to the lack of a coherent vision & the incorrect allocation of resources is the Student Universal Support Ireland(SUSI) [11]

We believe this framework provides management with a tool to create a vision of the high quality system they want but also a system that is realistically aligned with their business needs.




[5] Source: Usability metrics for software components – Manuel F. Bertoa and Antonio Vallecillo


Information Systems FAIL!

10 Feb

 My series of blogs have been an attempt to perhaps look at the idea of a framework and the extraction of quality from an Information System from a different perspective & rather than approach it in an expansive way, that it could be better to have a pared down approach i.e: what do we really need & what would be a bonus if we can get it!

Unfortunately there are many examples of Information Systems failures however I have chosen an Irish example which I think represents a situation where the business needs were misunderstood and this in turn resulted in a low quality output.

The SUSI debacle came to light in October 2012, Student Universal Support Ireland, a new body which had been set up to centralise the student grants system which had previously been dealt with by individual Local Authorities had begun to flounder. Reports in the media of students having to drop out of college and being unable to pay for food,uncovered that thousands of students nationwide were still awaiting both tuition & maintenance grants. It was deemed a “bureaucratic nightmare” by a T.D in the Dáil. [1]

The system had been unable to cope with the amount of applications it received and had “underestimated the complexity of detail required from the students”[2]

As an applicant myself I was mystified that any time I rang to check on the status of my application I was dealt with promptly, unusual for an organisation which was under so much pressure, however I found through my research that in fact the helpline for SUSI had been outsourced & therefore the people on the phones were not involved in processing the applications, that to me is a huge misallocation of resources, the helpline was outsourced however they had not employed enough staff to process the applications! When looking at this example through the prism of IS Quality, does it really matter that the service level agreement with the outsourced company was producing the high quality required of the helpdesk when the Information System had clearly failed the end user.

I look forward to discussing these ideas with my blog group.

[1] James Bannon-

[2]Jacinta Stewart-

Banking 24/7

10 Feb

In this blog & in an attempt to highlight my believe that IS frameworks should be more Industry specific, I will focus here on a particular industry which I feel demonstrates the viability of a ranking system of importance (as mentioned in my first blog- Context is King) when constructing a framework which will ensure the provision of outputs of high quality from the Information System.

In this age of technology, the efficiency & speed of an Information System is most likely a measure of quality for most organisations seeking to compete. These expectations are largely due to the amazing advances there have been in technology & the huge amounts of capital being invested by organisations in Information Systems. However it is accepted that the main aim of an Information System is to improve the overall efficiency and effectiveness of a process. The term ‘Real Time’ has entered the fold, particularly in the banking industry & also in the provision of Business Intelligence applications.

Internet Banking in particular could not function without real time updating of data, consider the implications of a delay in that information system, the chaos that could be caused if it was possible to withdraw cash from an ATM & due to a delay on the system that amended balance would not be recorded instantaneously & therefore the transaction could be attempted over & over before the system recognises that the account is in fact empty. It would be unfathomable that due to delays in processing transactions that billions could be lost.

But then of course data security would also be of huge concern, the loss of a customers’ data or ease of hack-ability to the sensitive information contained in an Information System would also be disastrous. We saw this with the Ulster Bank fiasco, what was a technical glitch triggered by a software upgrade has cost the bank millions & inconvenienced thousands of customers, the issue might have been an IT problem but it had an immediate effect on the IS, the information was now unreliable and therefore unusable.

This incident highlights the emphasis which must be placed on ensuring that the quality of what is seen as the more important elements of the information system are maintained at all cost and its seems logical that directing resources into achieving this will affect the quality of other elements of the IS such as ease of use which could be deemed less important due to its’ overall impact on the organisation.

Context is King

10 Feb

As I am entering the arena quite late & having read the comprehensive blogs which have been written by my colleagues on IS quality, my observation as I and my group move towards constructing a framework is the necessity of a ranking system of importance in terms of what the organisation requires from the Information System. If as reported between 50- 80% of Information systems are failing, perhaps it is due to trying to tick every box & trying to meet every need of the organisation. Perhaps it is necessary to focus on achieving higher quality from certain outputs/needs & a lower quality from others.

The use of resources when implementing a new IS system especially in these economic times must be paramount. There seems to be a general consensus in society & in what is a most definite shift in attitude from the  Celtic Tiger era that it is no longer necessary to have it all.

In terms of an Information system what does that mean? Well it means being realistic, assessing your business needs, and recognising that an Information System can bring huge advantages to your organisation while also recognising that to successfully implement an IS you will need to decide what really matters to you, For example on a scale of 1-10: If your business need is speed then  that ranks number 1 & if your system operates on an Intranet then having very secure data is most likely not a major concern and therefore ranks 10 and therefore could be seen as a bonus if you can achieve data security but in reality it is not a measure of quality for your IS.

The needs of organisations differ industry wide and I feel what is lacking in the frameworks which have been presented to us all in class in the last few weeks is the need for context, is it really possible to construct a framework which can be applied to all Information Systems, regardless of Who the organisation are, What they want from the information system and What can realistically be achieved. Could this be part of the issue with the high failure rate of Information Systems that in an attempt to gratify every need we are aiming too high & in a situation akin to Business Process Reengineering while the reward might be great perhaps the risks are too high.

It’s not the End, only the Beginning…

29 Nov

In my final blog on BPM, I would like to say I fully understand BPM initiatives and that I would have no issues listing the pros and cons of them, however I have to admit that this is not the case!

The multitude of definitions for BPM & the rhetoric surrounding it makes it quite a difficult topic to pin down for a novice like myself, however if you have look at the video below which I found on Youtube in my quest to find the answer to the illusive question ‘ What is BPM?’ you will see that people in the industry don’t seem too sure either. Oddly enough I think this video was being used to market a BPM software tool, I have to say I wouldn’t be convinced after seeing this!

Is this a bad note to end on? Not at all, a clear definition might not be that easy to find but as my previous blog has demonstrated an organisation should first decide on what it wants to achieve and then decide on the BPM tools that they require & reach a BPM definition of their own!

BPM & Management by Maxims

29 Nov

When an organisation enlists a BPM initiative it is doing so in the hope that it will lead to… What?  What is the end of that sentence?

In an article I’ve read on a BPM blog, it highlights the need for management to understand what exactly the end of that sentence is within the context of their own firm, it illustrates that an organisation must know what it wants BPM to improve, automate or eliminate before it decides to implement it!

But isn’t that obvious? Is it really the case that it is necessary to drive that point home? If we consider the definition of BPM the author of that article uses : “BPM is the entirety of the way work is done in an enterprise” then perhaps determining the tangible results expected from BPM is very necessary.

There was one particular part of the blog, which reminded me of a discussion I was involved in recently, while debating the relevance of the paper Management By Maxim (Broadbent & Weill), a paper written in 1997, it was mentioned that the framework produced in the paper was too simplistic & that the emphasis that was placed on the importance of clear communication of a firms strategy and the effect that strategy could have on determining its’ IT infrastructure was resoundingly obvious!

However here in a blog written in 2012, a similar premise is being advocated, that CEO’S, CTO’S etc. must determine first what it is their strategy is, is it cutting costs, automating processes or customer retention and only when that decision is reached is it sensible to focus on what BPM tools will be employed to achieve that strategy!
Could it be that the Management by Maxim framework is alive & well?!

Asking employees to embrace BPR akin to persuading turkeys to vote for Christmas?

19 Nov

In my last blog I spoke about the importance of the people behind the processes, in this seasonally entitled blog I want to continue in this vein and look at the challenges posed for management to get employees on board when implementing Business Process Re-engineering.

What is clear, from the literature and from previous blogs on BPR, is that BPR creates drastic change and in turn massive upheaval , however what is not clear from the literature is how management will convince employees that this upheaval will not negatively affect their own future within the organisation.

In 1996, Davenport wrote an article entitled ‘Why Re-engineering  failed: the Fad that Forgot People’, he suggests that the high failure rate at that time was due to the focus on process design and the failure to give any attention to the implementation of those new processes, but is it that simple, to change the focus and give employees more input into the changes that are being proposed?

As discussed in a paper from Marie-Claude Boudreau and Daniel Robey, ‘Coping with contradictions in business process re-engineering ‘, how does an organisation convince employees to support & implement process changes when the automation of those processes they are implementing could mean the loss of their job -“People will not sensibly commit time and effort into major programmes of change that eliminate their own roles in organizational success”(Boudreau & Robey) and Wilmott (1995)is quoted as saying it is akin to “persuading turkeys to vote for Christmas”.

The literature I have quoted is from the late 90’s, I believe that the focus of BPR is no longer on downsizing but that a legacy of fear exists amongst employees when confronted with the proposition of BPR & it is managements role to ensure that this fear does not lead to the failure of the project by communicating clearly the true purpose of BPR.

Human re-engineering

12 Nov

Since my last blog & a discussion with ismisetusa, I have been thinking about processes and the people behind them and I came across an interesting  article written by MBA & MS students in Baruch College

It reviews much of the literature on BPR and uses Re-Engineering the Corporation from Hammer & Champy  discussed by cmcoughlan as an initial source.

Many of us have spoken about the risks inherent in the choice to re-engineer an organisation, the necessity of ensuring that the newly formed processes align with the organisations strategy and the need to eliminate non value adding processes, we have also discussed the need to ensure all stakeholders are committed to change.

The paper from Baruch college students discuss all these issues drawing from and developing on available literature however they also present an interesting case study on a company which seemed to be in much need of re-engineering but rather than focus on processes, management chose to focus on people.

When the founder suddenly died, GTO a Floridian company, manufacturing automatic gate openers, the organisation was in flux – the company was losing money and needed change fast! The response was as CEO Chuck Mitchell called it “…a strategy made up of small gestures rather than sweeping moves.”  And it worked – he gained the support of the employees by taking on board their suggestions and by providing them with better health insurance, and when thing started to look up pay was increased and a profit sharing plan was set up. But it was the little things that bolstered the turnaround- the coffee machine was kept stocked, the leaky roof repaired and short breaks were allowed and with profits of $500,000, an increase in sales, a decrease in costs within a year. I believe the students of Baruch college are right to call it a ‘cultural & company turnaround’

So what does this tell us? Is risky re-engineering necessary, is it possible to improve processes incrementally without wiping the slate clean and also risk alienating what I believe to be a firms’ biggest assets- the people!

Or am I putting too much faith in us mere mortals??

The Value of BPM

7 Nov

When considering the question what can BPM achieve for its’ adopters, first it is necessary to assess the deliverables which an organisation wants to achieve. The CIO agenda 2010 puts the top two priorities as ‘Business Process Improvement’ & ‘Reducing Enterprise Costs’.

So now we are aware of what organisations want, how can the value of BPM be proven?

In the last few weeks we have been discussing the difficulties that companies face when measuring IT value within an organisation and how this difficulty can be a barrier for introducing new IT systems, I came across a paper ‘ Building a Business Case for BPM – a fast path to real results’ which indicates that BPM can overcome these issues.

In the summary for this paper, Palmer states that ‘Business Process Management (BPM) initiatives are growing in popularity – largely because so many organizations have proven the value that BPM can deliver’. He intends to introduce a framework for the development of business cases for new BPM projects, he believes there are three characteristics, which make BPM technology a game changer, that BPM is Incremental, Measurable and Repeatable.

What I found most interesting was his definition of ‘measurable’- ‘BPM is unique among technology-based initiatives in its ability to incorporate metrics and measurement parameters at the outset of the project and to automatically capture and track them along the way. BPM presents the opportunity for an immediate and material impact on business performance and visibility’ (Palmer 2011)

Palmer also refers to his view that the impact of BPM is significant and quantifiable, he references what I interpret as his attempt to differentiate BPM from other types of IT systems which promise change and innovation.  ‘The opportunity for realizing business value from Business Process Management (BPM) initiatives is significant and unlike virtually any other area of software. This is due in part to the intimacy and interplay between BPM systems and the core business activities within which they exist’ (Palmer 2011)

Is this the reason that BPM is becoming more popular than BPR, is it the simple fact that in this economic climate before an organisation implements a system it needs to know it will work & needs to feel that impact immediately?

Any thoughts?

Process Management and Re-Engineering

17 Oct

“ defines Business Process Management (BPM) as the definition, improvement and management of a firm’s end-to-end enterprise business processes in order to achieve three outcomes crucial to a performance-based, customer-driven firm: 1) clarity on strategic direction, 2) alignment of the firm’s resources, and 3) increased discipline in daily operations” (Tom Dwyer)

It could be suggested that many companies in todays’ market looking to improve their business would be attracted to this definition of BPM, Clarity of strategy, alignment of resources & increased discipline all infer that BPM will tighten up the existing structures rather than change them all together – this would be an attractive option to a company wanting improvements but needing to keep costs low.

BPM would also be more suited to a smaller company in which huge changes are not necessary or suited to a company which had allowed processes to develop rather than invented them, in this case implementing BPM could quickly identify if those processes were fit for purpose.

See Table below for a breakdown of the differences between BPM & BPR – (

BPR as discussed here is much more radical but will produce more quantitative results than BPM.

What do you think are the differences between BPM & BPR?

Marked difference between BPR and BPM
Aspect BPR BPM
Level of change Radical, one step change Evolutionary & continuous
Time taken for implementation Long Short time and smooth takeover
Starting point Drawing board Current processes and automation levels
Implementation Huge effort required for the disruptive change Incremental
Expanse One major process at a time Flexible – simultaneously across one or more / small or major processes
Methodology Redesigning of business processes Process and decision models
Enabling technology Primarily IT Primarily process technology
Involvement Business and process experts Process experts and all related people
Risk High Low
Outcome Drastic Incremental improvement
Cultural issues Major concern Not much concern
Implementation stress and concern High Low
%d bloggers like this: