ITQMM: a new model for IT processes

Information Technology (IT) Governance and IT Service and Processes Management (ITSM) are one of the priorities in organizations. Although many organizations are aware of the importance of using well-defined quality IT processes, they face the problem of how to use and improve them in practice. One of the final objectives of any ITSM policy must be to guarantee an adequate IT quality. In this sense, the use of action frameworks as Information Technology Infrastructure Library (ITIL) is essential. However, several quality models and maturity models have been developed, but they are not focused on how to measure the IT quality. As they do not include the appropriate mechanisms, it is necessary to complement them with other quality frameworks, e.g. European Foundation for Quality Management (EFQM). This paper proposes a maturity model for IT quality improvement based mainly on ITIL and EFQM

ITQMM: A New Model for IT Processes

Information Technology (IT) Governance and IT Service and Processes Management (ITSM) are one of the priorities in organizations. Although many organizations are aware of the importance of using well-defined quality IT processes, they face the problem of how to use and improve them in practice. One of the final objectives of any ITSM policy must be to guarantee an adequate IT quality. In this sense, the use of action frameworks as Information Technology Infrastructure Library (ITIL) or Control Objectives for Information and Related Technologies (COBIT) is essential. However, several quality models and maturity models have been developed, but they are not focused on how to measure the IT quality. As they do not include the appropriate mechanisms, it is necessary to complement them with other quality frameworks, e.g. European Foundation for Quality Management (EFQM). This paper proposes a maturity model for IT quality improvement based mainly on ITIL and EFQM

Application the procedure of self-assessment in the function of of risk identification in internal audit

Predmet ovog naučnog istraživanja uključuje skup teorijskih, metodoloških i praktičnih aspekata primene postupka samoocenjivanja, koji su prilagođeni zadacima interne revizije u funkciji identifikacije i minimizacije rizika, kao njenih ključnih uloga u sistemu korporativnog upravljanja kompanijama. Osnovni cilj naučnog rada obuhvata istraživanje teorijsko – metodoloških osnova postojećih metodologija samoocenjivanja koje se primenjuju u internoj reviziji, a takođe i usavršavanje postojećih metodoloških instrumenata primenom inovacione autorske metodologije postupka samoocenjivanja, koja treba da omogući povećanje efikasnosti sprovođenja interne revizije i identifikaciju ključnih faktora rizika, sa posebnim osvrtom na analizu finansijskih rizika poslovanja. Rezultati istraživanja, a naročito imajući u vidu rezultate empirijskog dela istraživanja i testiranja predložene metodologije u praksi, su potvrdili hipotezu o tome da primena postupka samoocenjivanja u fazi identifikacije ključnih faktora rizika doprinosi efikasnosti interne revizije, pod uslovom da su metodološki instrumenti postupka samoocenjivanja: a) zasnovani na načelima teorije rizika i samoocenjivanja, uključujući zahteve važećih međunarodnih standarda i preporuke međunarodnih naučno – istraživačkih i profesionalnih organizacija i regulacionih odbora, b) da se baziraju na analizi naprednih praktičnih i teorijskih iskustava u oblasti sprovođenja postupka samoocenjivanja u savremenim kompanijama, i v) da su praćeni relevantnom dokumentacijom i procedurama za implementaciju postupka samoocenjivanja. Kao prioritetan pravac daljih istraživanja u oblasti primene postupka samoocenjivanja u cilju određivanja rizika u internoj reviziji, vidimo usavršavanje specijalizovanog instrumentarijuma za kvantitativno merenje rizika. Praksa pokazuje da samoocenjivanje može dati značajne rezultate na samom početku procesa stvaranja celovitog sistema upravljanja rizicima sa aspekta formiranja određene okvirne predstave o rizičnom profilu kompanije, čiji stepen adekvatnosti zavisi od kvaliteta informacije i stepena detaljizacije. Za stvaranje celovitog sistema upravljanja rizicima, neophodno je ostvariti i logički prelazak na tačnije (u poređenju sa danas postojećim) - kvantitativne metode merenja, izgraditi unificirani ekonomsko-matematički model, koji ima sposobnost predskazivanja i dobijanja rezultata koji su više bazirani na empirijskim podacima nego na procenama eksperata. Ovi aspekti određuju dalje pravce istraživanog problema u perspektivi i zahtevaju međudisciplinarnu integraciju naučnog potencijala za njihovo rešavanje.Subject of this scientific research includes a set of theoretical, methodological and practical as-pects about implementation of the self-assessment procedure which is adapted for identifying and min-imizing risks as the key internal audit’s role in the system of corporate governance. The main goal of this scientific research in-cludes analyzing of theoretical and methodological basis in existing self-assessment methodologies that are applied in internal audit, as well as improving the existing methodological tools by using innovative, proposed by author, methodology for self-assessment, which is directed to increase internal au-dit’s efficiency and to identify key risk factors, with special attention on the financial risks. The results of this research, especially given the results of the empirical part of the studying and testing of proposed methodology in practice, have confirmed the hypothesis that using of proposed self-assessment procedure contributes the effectiveness of the internal audit in identifying the key risk factors, in the case if methodological tools of self-assessment process are: a) based on the risk theory principles, includ-ing the requirements of applicable international standards and recommendations of the international scientific - research and professional organizations and regulatory boards, b) based on the advanced practical and theo-retical experience in the implementation of self-assessment procedure in international companies, and v) followed by the relevant documentation and procedures for the implementation of self-assessment procedure. As a preferred direction for further research in this area, we see development of specialized instru-ments for the quantitative risk measurement. Practice shows that self-assessment can provide good results at the beginning of creating a comprehensive risk management system in the organizations. In order to secure further developing of risk management sys-tem, it is necessary to make the logical transition to a more accurate (compared to the current ones) - quan-titative measurement methods, to build a unified eco-nomic-mathematical model, which would be able to provide results that are more based on empirical data rather than on experts’ estimates. These aspects de-termine the further directions in studying of this topic and require an interdisciplinary integration of the sci-entific potential for their further developing

Introducing a PMO in XYZ Company

The purpose of this field project is to explore and build awareness about the main aspects—types, hierarchies, maturity models, and competency frameworks—related to establishing a Project Management Office (PMO) in a company. This study, inspired by a real case, examines a failed attempt to create a PMO in XYZ Company, which operates in the IT industry providing e-services. Through this analysis, the main elements needed for a successful PMO are identified and explained along with the steps needed to implement related theories. Furthermore, potential reasons for the failure of the initial PMO are investigated and recommendations for better alternatives are suggested. As a result, the lessons learned from this research can assist with making more informed decision when creating PMOs in the future

IT quality and organization development: using action research to promote employee engagement, leadership development, learning, and organizational improvement

Within IT areas, Quality is often reduced to visions strongly influenced by operational and tactical instruments, relegating to minor dimensions crucial Organization Development (OD) aspects which sustain Learning, and Innovation. The current Program, grounded on the relevance of these aspects, has targeted, within a Bank’s IT Division, an approach to induce organizational change, and to produce strategic actions and behavioural changes which have led to an effective improvement on Customers, and Employees’ Satisfaction. It has followed an Action Research paradigm – addressing a complex, transformational, planed change, and using a multidimensional, integrative approach, based on a holistic, open systemic view – not targeting for the development of new theories, but, mainly, the fulfilment of existing empirical, and methodological gaps. It has integrated a two-cycle OD approach, where a first cycle focused on Service Culture, Leadership, and Employee Engagement has developed the conditions for a second cycle based on the acquired knowledge (double loop) and devoted to strategy implementation. Although the intervention’s achievements cannot be generalized outside the context, they can be transposed to other settings. They’ve revealed important Management Implications which form the relevance basis for this doctoral dissertation, namely a holistic, values-based, and participative framework to address organizational transformation, and the associated critical success factors. An opportunity exists to further research in the field, linking together an OD approach with a TQM approach to organizational excellence. Also, a metamodel of the Action Research process which has been followed – evidencing, at a conceptual level, the main sub-processes, data groups, and linking points between the action and the research dimensions – has been produced. An opportunity exists for further research on the development of this metamodel, including a conceptual data model and a system behavioural perspective (responding to events).Nas áreas de TI, a Qualidade é frequentemente reduzida a visões fortemente influenciadas por instrumentos táticos e operacionais, menorizando aspetos de Desenvolvimento Organizacional (DO) que são essenciais para sustentar a Aprendizagem e a Inovação. O presente programa, alicerçado na relevância destes aspetos, visou, no contexto da Divisão de TI de um Banco, desenvolver uma aproximação indutora de mudança organizacional; produzindo ações de índole estratégica e mudanças comportamentais; tendo conduzindo a um incremento significativo na Satisfação de Clientes Internos e de Colaboradores. Um primeiro ciclo – focado na Cultura de Serviço, na Liderança e no Envolvimento dos Colaboradores – criou as condições para num segundo ciclo, baseado no conhecimento organizacional adquirido, e nas decisões estratégicas emergentes (“double loop” learning), proceder à respetiva implementação. Foi seguido um paradigma de Investigação-Ação – endereçando uma mudança complexa, transformacional, planeada; usando uma abordagem multidimensional e integrativa; baseada numa perspetiva holística e de sistemas abertos – não visando diretamente o desenvolvimento de novas teorias, mas, fundamentalmente o colmatar de lacunas de índole empírica e metodológica. Embora os resultados obtidos não possam ser generalizados fora do contexto, eles podem, contudo, ser transpostos para outras intervenções; evidenciando-se como importantes Implicações para a Gestão que integram a base de relevância desta tese: um Quadro de Referência para a Transformação Organizacional Holística, Participativa e Baseada em Valores e respetivos Fatores Críticos de Sucesso. Numa perspetiva de Desenvolvimento Organizacional abrem-se ainda oportunidades de investigação-ação futura, no mesmo contexto, progredindo para uma abordagem à Qualidade Total e à Excelência Organizacional. Para além disso, outro dos resultados relevantes da investigação corresponde à produção do Metamodelo do Processo de Investigação-Ação que foi seguido – evidenciando, ao nível conceptual, os seus principais subprocessos, grupos de dados e pontos de articulação entre a vertente de ação e a vertente de investigação. Nesta vertente, abrem-se ainda oportunidades de investigação futura em termos de desenvolvimento do metamodelo, por forma a incluir uma visão conceptual de dados e uma perspetiva comportamental de sistema (resposta a eventos)

Towards a framework for building security operation centers

In this thesis a framework for Security Operation Centers (SOCs) is proposed. It was developed by utilising Systems Engineering best practices, combined with industry-accepted standards and frameworks, such as the TM Forum’s eTOM framework, CoBIT, ITIL, and ISO/IEC 27002:2005. This framework encompasses the design considerations, the operational considerations and the means to measure the effectiveness and efficiency of SOCs. The intent is to provide guidance to consumers on how to compare and measure the capabilities of SOCs provided by disparate service providers, and to provide service providers (internal and external) a framework to use when building and improving their offerings. The importance of providing a consistent, measureable and guaranteed service to customers is becoming more important, as there is an increased focus on holistic management of security. This has in turn resulted in an increased number of both internal and managed service provider solutions. While some frameworks exist for designing, building and operating specific security technologies used within SOCs, we did not find any comprehensive framework for designing, building and managing SOCs. Consequently, consumers of SOCs do not enjoy a constant experience from vendors, and may experience inconsistent services from geographically dispersed offerings provided by the same vendor

Assessing the business value of software process improvement using CMMI® in South Africa

The focus of software process improvement is on enhancing product quality and productivity to increase business competitiveness and profitability. The Capability Maturity Model Integration or CMMI® remains the dominant standard for software process improvement globally. The lack of software quality standards such as CMMI® is seen as one of the causes of the current uncompetitive state of the South African software industry and so in 2007, a pilot programme called “Bringing CMMI® to South Africa” was launched. This research focused on the experiences of the South African organisations participating in the South African CMMI® pilot study through a combination of semi-structured interviews and questionnaires. The aim was to assist future managerial decision making to assess the business value CMMI® can bring to South African software organisations. The research found that the adoption of CMMI® improved both the internal quality and efficiencies as well as opportunities for growth. The research also established that CMMI® cannot be regarded as a silver bullet solution and that while process improvements can cause short-term upheaval, there are longer-term tangible and intangible benefits. It is, however, key that the organisational aspects of the change be properly managed. A lack of awareness of quality standards or actual demand for CMMI® along with the relatively high implementation and support costs are further preventing its adoption in South Africa. The recommendations resulting from the research, including a model, are discussed and suggestions for future research are provided. CopyrightDissertation (MBA)--University of Pretoria, 2010.Gordon Institute of Business Science (GIBS)unrestricte

Supply chain sustainability: towards a maturity model

Sustainability has become a very relevant issue due to several factors such as increased pollution, climate change, scarcity of resources, high waste, social problems related to human rights such as exploitation of child labour, lack of acceptance of diversity in the workplace and wage inequalities, workers' health and safety problems, among others. In this context, pressures also increase from different stakeholders, external and internal, for organizations to change their behaviour concerning sustainability. Given its role in production and consumption systems, it is considered that organizations can proactively contribute to sustainability. The integration of sustainability objectives /principles in all aspects of the organization, in different activities and functional areas, including those involving its supply chain partners and other stakeholders such as non-governmental organizations, are critical factors for improving sustainability. Sustainability requires thinking beyond the boundaries of an entity or organization. To manage and improve sustainability in supply chains is essential to consider several aspects such as: taking into account a Triple Bottom Line perspective, where the different dimensions of sustainability (economic, environmental and social) are considered; have a short-term and long-term perspective; consider the expectations and needs of supply chain organizations and their stakeholders; and, integrate sustainability objectives at intra and inter-organizational levels in the management of the different processes or flows of materials, information, and capital between companies along the supply chain. However, embedding sustainability in organizations and supply chain requires developing efforts and the implementation of sustainability practices and creates some challenges for organizations. The main objective of this thesis is to propose a Supply Chain Sustainability Maturity Model that can be used as: i) a self-assessment tool to provide a diagnosis and broader understanding of how and which organizational sustainability practices are implemented in individual organizations and their supply chain; ii) an instrument to help develop a roadmap for sustainability behaviour improvement, and iii) a benchmarking tool to evaluate and compare standards and best practices among organizations and supply chains. A methodology based on six steps, suggested in the literature on the development of maturity models, was used to develop the model. The construction of the maturity model was based on a literature review and had the participation of five Portuguese companies in the mould sector for its improvement, application and validation. The model aims to mitigate the shortcomings of previous models and offer a holistic perspective aligned with the supply chain sustainability components. Thus, the model presents a differentiating character when considering three integrative perspectives: Intra and inter-organizational sustainability practices involving different partners in the supply chain; the economic, social and environmental dimensions of sustainability; and other critical areas for sustainability: sustainability governance, product and process level, customer and supplier management, and focus on stakeholders. The model considers five maturity levels, making it possible to determine the maturity level for each critical area globally considering the company and its supply chain. As it makes it possible to monitor the progress of efforts towards sustainability, the model includes also a temporal dimension inherent to the concept of sustainability. Future research may help consolidate the model.A sustentabilidade tornou-se numa questão muito relevante devido a vários fatores como aumento da poluição, alterações climáticas, escassez de recursos, elevados desperdícios, problemas sociais, falta de respeito pelos direitos humanos, exploração do trabalho infantil, falta de aceitação da diversidade no local de trabalho, desigualdades salariais, problemas de segurança e saúde dos trabalhadores, entre outros. Neste contexto, aumentam também as pressões dos diferentes stakeholders, externos e internos, para as organizações alterarem o seu comportamento em relação à sustentabilidade. Tendo em atenção o seu papel nos sistemas de produção e consumo, considera-se que as organizações podem contribuir proactivamente para a sustentabilidade. A integração dos objetivos/princípios da sustentabilidade em todos os aspetos da organização, nas diferentes atividades e áreas funcionais, incluindo as que envolvem os seus parceiros da cadeia de abastecimento, e outros stakeholders como as organizações não governamentais são fatores críticos para melhorar a sustentabilidade. A sustentabilidade requer pensar para além das fronteiras de uma entidade ou organização. Para gerir e melhorar a sustentabilidade nas cadeias de abastecimento é essencial considerar vários aspetos como: ter em conta uma perspetiva Triple Bottom Line, onde sejam contempladas as diversas dimensões da sustentabilidade (económica, ambiental e social); ter uma perspetiva de curto e longo prazo; considerar as expectativas e necessidades das organizações da cadeia de abastecimento e dos seus stakeholders; e, integrar os objetivos de sustentabilidade aos níveis intra e inter-organizacional na gestão dos diversos processos ou fluxos de materiais, de informação, e de capital entre as empresas ao longo da cadeia de abastecimento. Contudo, incorporar a sustentabilidade nas organizações e na cadeia de abastecimento exige o desenvolvimento de esforços e a implementação de práticas de sustentabilidade, e cria alguns desafios para as organizações. O principal objetivo desta tese é propor um Modelo de Maturidade para a Sustentabilidade da Cadeia de Abastecimento que possa ser usado como: i) uma ferramenta de autoavaliação para fornecer um diagnóstico e ter uma compreensão mais ampla de como e quais práticas de sustentabilidade são implementadas nas organizações em termos individuais e na sua cadeia de abastecimento; ii) um instrumento para ajudar a desenvolver um roadmap para a melhoria do comportamento de sustentabilidade; e, iii) uma ferramenta de benchmarking para avaliar e comparar standards e melhores práticas entre organizações e cadeias de abastecimento. Para o desenvolvimento do modelo foi usada uma metodologia assente em seis passos, sugerida na literatura sobre desenvolvimento de modelos de maturidade. A construção do modelo de maturidade baseou-se numa revisão da literatura e contou com a participação de cinco empresas portuguesas do setor dos moldes para o seu aperfeiçoamento, aplicação e validação. O modelo procura mitigar as insuficiências de modelos anteriores e oferecer uma perspetiva holística e alinhada com as componentes da sustentabilidade da cadeia de abastecimento. Assim, o modelo apresenta um carácter diferenciador ao considerar três perspetivas integradoras: Práticas de sustentabilidade intra e inter-organizacionais envolvendo diversos parceiros da cadeia de abastecimento; as dimensões económica, social e ambiental da sustentabilidade; e, diferentes áreas críticas para a sustentabilidade: governança da sustentabilidade, nível de produto e processo, gestão de clientes e fornecedores, e foco nos stakeholders. O modelo considera cinco níveis de maturidade, permitindo determinar o nível de maturidade para cada uma das áreas críticas, e considerando globalmente a empresa e a sua cadeia de abastecimento. Para acompanhar o progresso dos esforços em direção à sustentabilidade, o modelo inclui também uma dimensão temporal inerente ao conceito de sustentabilidade. Investigação futura pode ajudar a consolidar o modelo

The association of total quality management and financial performance in selected South African information technology organisations.

Abstract This study evaluates Total Quality Management (TQM) implementation and its association with financial performance in ten South African Information Technology (IT) organisations listed on the JSE. It uses a cross-sectional survey that uses questionnaires and interviews to obtain data on TQM at the selected organisations. A descriptive analysis of the data indicates that the organisations with higher TQM scores prove to do better in the financial area, but the null hypothesis of no association between TQM and financial performance cannot be rejected. An exploration of current and future trends with regards to TQM, quality management philosophies in general, and the IT industry in particular is also undertaken. The traditional ideology behind TQM remains in place, but needs an adjustment. A model is formed for an integrated management system that includes concerns for internal and external influences in the IT sector