Value-driven Security Agreements in Extended Enterprises

Today organizations are highly interconnected in business networks called extended enterprises. This is mostly facilitated by outsourcing and by new economic models based on pay-as-you-go billing; all supported by IT-as-a-service. Although outsourcing has been around for some time, what is now new is the fact that organizations are increasingly outsourcing critical business processes, engaging on complex service bundles, and moving infrastructure and their management to the custody of third parties. Although this gives competitive advantage by reducing cost and increasing flexibility, it increases security risks by eroding security perimeters that used to separate insiders with security privileges from outsiders without security privileges. The classical security distinction between insiders and outsiders is supplemented with a third category of threat agents, namely external insiders, who are not subject to the internal control of an organization but yet have some access privileges to its resources that normal outsiders do not have. Protection against external insiders requires security agreements between organizations in an extended enterprise. Currently, there is no practical method that allows security officers to specify such requirements. In this paper we provide a method for modeling an extended enterprise architecture, identifying external insider roles, and for specifying security requirements that mitigate security threats posed by these roles. We illustrate our method with a realistic example

The Country-specific Organizational and Information Architecture of ERP Systems at Globalised Enterprises

The competition on the market forces companies to adapt to the changing environment. Most recently, the economic and financial crisis has been accelerating the alteration of both business and IT models of enterprises. The forces of globalization and internationalization motivate the restructuring of business processes and consequently IT processes. To depict the changes in a unified framework, we need the concept of Enterprise Architecture as a theoretical approach that deals with various tiers, aspects and views of business processes and different layers of application, software and hardware systems. The paper outlines a wide-range theoretical background for analyzing the re-engineering and re-organization of ERP systems at international or transnational companies in the middle-sized EU member states. The research carried out up to now has unravelled the typical structural changes, the models for internal business networks and their modification that reflect the centralization, decentralization and hybrid approaches. Based on the results obtained recently, a future research program has been drawn up to deepen our understanding of the trends within the world of ERP systems.Information System; ERP; Enterprise Resource Planning; Enterprise Architecture; Globalization; Centralization; Decentralization; Hybrid

Some empirical evidence on business-IT alignment processes in the public sector: A case study report

An empirical study that explores business-IT alignment processes in a networked organization among the province Overijssel, the municipalities Zwolle and Enschede, the water board district Regge & Dinkel and Royal Grolsch N.V. in The Netherlands, is summarized in this report. The aim of the study was to identify processes that contribute to improve such alignment. This study represents a continuation of previous validation efforts that help us to confirm the business-IT alignment process areas that should ultimately be included in the ICoNOs MM. Evidence was sought for the alignment of business and IT through the use of information systems to support the requirements of the organization in a specific project. The results of this study in the public sector also are relevant to the private sector where (i) business-IT alignment plays an increasingly valuable role, and (ii) the characteristics of collaborative networked organizations are present

Applying Real Options Thinking to Information Security in Networked Organizations

An information security strategy of an organization participating in a networked business sets out the plans for designing a variety of actions that ensure confidentiality, availability, and integrity of company’s key information assets. The actions are concerned with authentication and nonrepudiation of authorized users of these assets. We assume that the primary objective of security efforts in a company is improving and sustaining resiliency, which means security contributes to the ability of an organization to withstand discontinuities and disruptive events, to get back to its normal operating state, and to adapt to ever changing risk environments. When companies collaborating in a value web view security as a business issue, risk assessment and cost-benefit analysis techniques are necessary and explicit part of their process of resource allocation and budgeting, no matter if security spendings are treated as capital investment or operating expenditures. This paper contributes to the application of quantitative approaches to assessing risks, costs, and benefits associated with the various components making up the security strategy of a company participating in value networks. We take a risk-based approach to determining what types of security a strategy should include and how much of each type is enough. We adopt a real-options-based perspective of security and make a proposal to value the extent to which alternative components in a security strategy contribute to organizational resiliency and protect key information assets from being impeded, disrupted, or destroyed

Modified Stage-Gate: A Conceptual Model of Virtual Product Development Process

In today s dynamic marketplace, manufacturing companies are under strong pressure to introduce new products for long-term survival with their competitors. Nevertheless, every company cannot cope up progressively or immediately with the market requirements due to knowledge dynamics being experienced in the competitive milieu. Increased competition and reduced product life cycles put force upon companies to develop new products faster. In response to these pressing needs, there should be some new approach compatible in flexible circumstances. This paper presents a solution based on the popular Stage-Gate system, which is closely linked with virtual team approach. Virtual teams can provide a platform to advance the knowledge-base in a company and thus to reduce time-to-market. This article introduces conceptual product development architecture under a virtual team umbrella. The paper describes all the major aspects of new product development (NPD), NPD process and its relationship with virtual teams, Stage-Gate system finally presents a modified Stage-Gate system to cope up with the changing needs. It also provides the guidelines for the successful implementation of virtual teams in new product development.Comment: 24 page

Towards a business model for cellular network and telecommunication operators: a theoretical framework

Cellular networks and telecommunications bring major change to the way businesses are conducted. Mobility has become one of the main priorities for users and this has impacted on cellular networks and telecommunication operators (CNTOs). However, entrants into the cellular industry have been confounded primarily by inexistent or weak Business Models (BMs). Designing a BM for a CNTO is complex and requires multiple actors to balance different and often conflicting design requirements. Nevertheless, most research about CNTOs has been technically oriented and has mainly addressed the technological and engineering issues related to their infrastructure. Less attention has been given to the business model of CNTOs. Hence, there is a need to enhance our ability to determine what constitutes the optimal and most viable business model to meet the various strategic objectives and goals for these CNTOs. In this paper an overview of research into the cellular business model and the main issues to be resolved is provided. In particular, the authors propose guidelines as a basis on which to develop a more comprehensive definition which may lead to a consensus. Moreover, a generic model (V4 Model) is proposed for the BM of these companies based on value proposition, value architecture, value network and value finance

Modified Stage-Gate: A Conceptual Model of Virtual Product Development Process

In today’s dynamic marketplace, manufacturing companies are under strong pressure to introduce new products for long-term survival with their competitors. Nevertheless, every company cannot cope up progressively or immediately with the market requirements due to knowledge dynamics being experienced in the competitive milieu. Increased competition and reduced product life cycles put force upon companies to develop new products faster. In response to these pressing needs, there should be some new approach compatible in flexible circumstances. This paper presents a solution based on the popular Stage-Gate system, which is closely linked with virtual team approach. Virtual teams can provide a platform to advance the knowledge-base in a company and thus to reduce time-to-market. This article introduces conceptual product development architecture under a virtual team umbrella. The paper describes all the major aspects of new product development (NPD), NPD process and its relationship with virtual teams, Stage-Gate system finally presents a modified Stage-Gate system to cope up with the changing needs. It also provides the guidelines for the successful implementation of virtual teams in new product development