Impelementation of Information Technology Service Management at Data and Information System Center of XYZ University

Information Technology (IT) is increasingly progressing. Nowadays, the success of a business of the organization/company is highly dependent on the IT infrastructure used. Therefore, organizations/companies have to manage their IT service to be optimal to their customers. Looking at this matter and the increasing dynamics of XYZ University, then Data and Information System Center (Pusdatin) - an IT provider of XYZ University began implementing IT Service Management (ITSM) from 2013 using the latest version of Information Technology Infrastructure Library (ITIL), namely ITIL v3 as a framework for implementing ITSM in its business processes. However, along the way, there are still some problems happen in Pusdatin in order that ITSM can actually support and align with the objectives of XYZ University. Through this paper, the authors want to explain how the implementation of ITSM at Pusdatin, identify the problems related to the implementation of ITSM, and provide the solutions for each problem. The methods used are direct observation to Pusdatin, conductan interview with the Head of Pusdatin and Staff of Pusdatin, and also perform a literature review of books and papers that discuss about ITIL. The result of this research is that ITSM process of Pusdatin generally works quite well but there are still some shortcomings because ITSM is not 100% implemented in all areas

Maturity based approach for ISMS Governance

Information security is an integral element of fiduciary duty. The purpose of information security is to protect an organization’s valuable resources, such as information. Information security is also a subset of IT governance and must be managed within an Information Security Management System (ISMS). Key element of the operation of an ISMS are ISMS processes. Current research focuses on economics and cost benefit analysis of information security investment regarding single measures protecting information. ISMS processes are not in the focus of current research. Actually a specific ISMS process framework which clearly differentiates between ISMS processes and security measures controlled by ISMS processes as well as a description of ISMS processes and their interaction does not exist yet. ISMS processes as well as their maturity level need to be aligned to the implementing organization and their mission to be cost-effective. Considering limited resources as well as ensuring an efficient use of those resources not every ISMS process should be established and operated at the same level of maturity. Taking into account that business alignment and cost-effectiveness are important for the successful operation of an ISMS, research contributions must address both problems – ISMS processes as well as the determination their target maturity level. Therefore the overall objective of this doctoral thesis is to make the appropriateness of an ISMS transparent as well as to avoid unnecessary costs of information governance which is still a major issue/problem for many organizations. This doctoral thesis aims to fill this research gap by proposing an ISMS process framework, based on a set of agreed upon ISMS processes in existing applicable standards like ISO 27000 series, COBIT and ITIL. Within the framework, identified processes are described and their interaction and interfaces are specified. This framework helps to focus on the operation of the ISMS instead of focusing on measures and controls. By this the systemic character of the ISMS and the perception of relevant roles of the ISMS as a management system consisting of processes is strengthened. For an efficient use of the ISMS process framework a method to determine the individually necessary maturity level of the ISMS processes is proposed.La seguridad de la información es un elemento integral del deber fiduciario. El propósito de la seguridad de la información es proteger los recursos de una organización, incluyendo en los mismos la información. La seguridad de la información es también un subconjunto de la gobernanza de TI y debe gestionarse dentro de un Sistema de Gestión de la Seguridad de la Información (por sus siglas en inglés ISMS). El elemento clave del funcionamiento de un ISMS son los procesos del ISMS. La investigación actual se centra en aspectos económicos como el análisis de coste-beneficio de la inversión en seguridad de la información en relación a medidas individuales de protección de la información. De esta forma, los procesos del ISMS no están en el foco de la investigación actual. Así, todavía no existe un marco de proceso ISMS específico que diferencie claramente entre procesos ISMS y medidas de seguridad controladas por procesos ISMS, así como una descripción de procesos ISMS y su interacción. Para construir este marco, los procesos del ISMS, así como su nivel de madurez, deben estar alineados con la organización que los implanta así como con su misión. Tomando en consideración que las empresas presentan unos recursos limitados y que los recursos disponibles deben ser explotados de forma eficiente, no todos los procesos del ISMS deben ser establecidos y operados en el mismo nivel de madurez. Teniendo en cuenta que la alineación con el negocio y la rentabilidad son aspectos importantes para el funcionamiento exitoso de un ISMS, las contribuciones a la investigación del tópico deben abordar tanto los procesos del ISMS como la determinación de su nivel de madurez objetivo. Por lo tanto, el objetivo general de esta tesis doctoral es encaminar a las organizaciones hacia la construcción de un ISMS transparente, así como evitar costos innecesarios de la gobernanza de la información aspecto que sigue siendo una dificultad para muchas organizaciones. Esta tesis doctoral propone un marco de proceso ISMS basado en un conjunto de procesos acordados de ISMS en las normas vigentes existentes como la serie ISO 27000, COBIT e ITIL. Dentro del marco, se describen los procesos identificados y se especifica su interacción y las interfaces entre los mismos. Este marco ayuda a centrarse en el funcionamiento del ISMS en lugar de poner el foco en medidas y controles. Con esta aproximación, se fortalece el carácter sistémico del ISMS y la percepción de los roles relevantes del ISMS como un sistema de gestión que consiste en procesos. Para un uso eficiente del marco del proceso ISMS se propone un método para determinar el nivel de madurez individualmente necesario de los procesos del ISMS.Programa Oficial de Doctorado en Ciencia y Tecnología InformáticaPresidente: Antonio de Amescua Seco.- Secretario: Tomás San Feliú Gilabert.- Vocal: Rafael Valencia Garcí

Strategi Peningkatan Mutu Layanan Kolaborasi Jaringan Transport Telekomunikasi di Indonesia

The study aims to analyze the factors that can improve service quality and formulate a strategy for improving the collaboration of telecommunication transportation network services at telecommunication companies in Indonesia. The method used in this study is an exploratory analysis based on the Information Technology Service Management (ITSM) framework and analysis of internal and external conditions as well as Analytical Hierarchy Process (AHP) calculations. Factors that can improve service quality are strategy, design, transition, operation, and Continual Service Improvement (CSI), while the preparation of service quality improvement strategies is accelerating the implementation of transport network roadmaps, developing resilience systems, forming agile teams and improving business processes. The results of the research can be used as a strategic proposal for improving the quality of transport network services in telecommunications companies

Data driven decision support systems as a critical success factor for IT-Governance: an application in the financial sector

IT-Governance has a major impact not only on IT management but also and foremost in the Enterprises performance and control. Business uses IT agility, flexibility and innovation to pursue its objectives and to sustain its strategy. However being it more critical to the business, compliance forces IT on the opposite way of predictability, stability and regulations. Adding the current economical environment and the fact that most of the times IT departments are considered cost centres, IT-Governance decisions become more important and critical. Current IT-Governance research and practise is mainly based on management techniques and principles, leaving a gap for the contribution of information systems to IT-Governance enhancement. This research intends to provide an answer to IT-Governance requirements using Data Driven Decision Support Systems based on dimensional models. This seems a key factor to improve the IT-Governance decision making process. To address this research opportunity we have considered IT-Governance research (Peter Weill), best practises (ITIL), Body of Knowledge (PMBOK) and frameworks (COBIT). Key IT-Governance processes (Change Management, Incident Management, Project Development and Service Desk Management) were studied and key process stakeholders were interviewed. Based on the facts gathered, dimensional models (data marts) were modelled and developed to answer to key improvement requirements on each IT-Governance process. A Unified Dimensional Model (IT-Governance Data warehouse) was materialized. To assess the Unified Dimensional Model, the model was applied in a bank in real working conditions. The resulting model implementation was them assessed against Peter Weill‘s Governance IT Principles.Assessment results revealed that the model satisfies all the IT-Governance Principles. The research project enables to conclude that the success of IT-Governance implementation may be fostered by Data Driven Decision Support Systems implemented using Unified Dimensional Model concepts and based on best practises, frameworks and body of knowledge that enable process oriented, data driven decision support

Framework of Six Sigma implementation analysis on SMEs in Malaysia for information technology services, products and processes

For the past two decades, the majority of Malaysia’s IT companies have been widely adopting a Quality Assurance (QA) approach as a basis for self-improvement and internal-assessment in IT project management. Quality Control (QC) is a comprehensive top-down observation approach used to fulfill requirements for quality outputs which focuses on the aspect of process outputs evaluation. However in the Malaysian context, QC and combination of QA and QC as a means of quality improvement approaches have not received significant attention. This research study aims to explore the possibility of integrating QC and QA+QC approaches through Six Sigma quality management standard to provide tangible and measureable business results by continuous process improvement to boost customer satisfactions. The research project adopted an exploratory case study approach on three Malaysian IT companies in the business area of IT Process, IT Service and IT Product. Semi-structured interviews, online surveys, self-administered questionnaires, job observations, document analysis and on-the-job-training are amongst the methodologies employed in these case studies. These collected data and viewpoints along with findings from an extensive literature review were used to benchmark quality improvement initiatives, best practices and to develop a Six Sigma framework for the context of the SMEs in the Malaysian IT industry. This research project contributed to both the theory and practice of implementing and integrating Six Sigma in IT products, services and processes. The newly developed framework has been proven capable of providing a general and fundamental start-up decision by demonstrating how a company with and without formal QIM can be integrated and implemented with Six Sigma practices to close the variation gap between QA and QC. This framework also takes into consideration those companies with an existing QIM for a new face-lift migration without having to drop their existing QIM. This can be achieved by integrating a new QIM which addresses most weaknesses of the current QIM while retaining most of the current business routine strengths. This framework explored how Six Sigma can be expanded and extended to include secondary external factors that are critical to successful QIM implementation. A vital segment emphasizes Six Sigma as a QA+QC approach in IT processes; and the ability to properly manage IT processes will result in overall performance improvement to IT Products and IT Services. The developed Six Sigma implementation framework can serve as a baseline for SMEs to better manage, control and track business performance and product quality; and at the same time creates clearer insights and un-biased views of Six Sigma implementation onto the IT industries to drive towards operational excellence

Understanding how organizations operate their IT capacity-management processes

There is a lack of understanding of how organizations operate their IT capacity-management processes. Within the body of literature on IT capacity-management there is an abundance of advice for organizations on how to set up or run the processes for IT capacity-management, but very little in the way of describing the processes as performed and operated in organizations out in the field. Using qualitative methods this research sought to gain an understanding of how organizations are operating their IT capacity-management processes in the field. A dozen subjects from 10 organizations were interviewed and the data were analyzed with a grounded theory approach. Cloud computing was found to be a disruptive technology providing the occasion for major changes in the structures of IT capacity-management. The differences in these structures were expressed through an IT capacity-management structures spectrum. The relative relationships between the roles in these structures as plotted along this spectrum were found to have the IT capacity-management role migrate from mediator, to directly linked to the data center, to largely absent. The results provide the IT capacity-management field and managers in IT a starting point from which to shape career development and organizational change management efforts as an organization migrates from a classic structure to a cloud structure

Framework of Six Sigma implementation analysis on SMEs in Malaysia for information technology services, products and processes

For the past two decades, the majority of Malaysia’s IT companies have been widely adopting a Quality Assurance (QA) approach as a basis for self-improvement and internal-assessment in IT project management. Quality Control (QC) is a comprehensive top-down observation approach used to fulfill requirements for quality outputs which focuses on the aspect of process outputs evaluation. However in the Malaysian context, QC and combination of QA and QC as a means of quality improvement approaches have not received significant attention. This research study aims to explore the possibility of integrating QC and QA+QC approaches through Six Sigma quality management standard to provide tangible and measureable business results by continuous process improvement to boost customer satisfactions. The research project adopted an exploratory case study approach on three Malaysian IT companies in the business area of IT Process, IT Service and IT Product. Semi-structured interviews, online surveys, self-administered questionnaires, job observations, document analysis and on-the-job-training are amongst the methodologies employed in these case studies. These collected data and viewpoints along with findings from an extensive literature review were used to benchmark quality improvement initiatives, best practices and to develop a Six Sigma framework for the context of the SMEs in the Malaysian IT industry. This research project contributed to both the theory and practice of implementing and integrating Six Sigma in IT products, services and processes. The newly developed framework has been proven capable of providing a general and fundamental start-up decision by demonstrating how a company with and without formal QIM can be integrated and implemented with Six Sigma practices to close the variation gap between QA and QC. This framework also takes into consideration those companies with an existing QIM for a new face-lift migration without having to drop their existing QIM. This can be achieved by integrating a new QIM which addresses most weaknesses of the current QIM while retaining most of the current business routine strengths. This framework explored how Six Sigma can be expanded and extended to include secondary external factors that are critical to successful QIM implementation. A vital segment emphasizes Six Sigma as a QA+QC approach in IT processes; and the ability to properly manage IT processes will result in overall performance improvement to IT Products and IT Services. The developed Six Sigma implementation framework can serve as a baseline for SMEs to better manage, control and track business performance and product quality; and at the same time creates clearer insights and un-biased views of Six Sigma implementation onto the IT industries to drive towards operational excellence