A Survey on Economic-driven Evaluations of Information Technology

The economic-driven evaluation of information technology (IT) has become an important instrument in the management of IT projects. Numerous approaches have been developed to quantify the costs of an IT investment and its assumed profit, to evaluate its impact on business process performance, and to analyze the role of IT regarding the achievement of enterprise objectives. This paper discusses approaches for evaluating IT from an economic-driven perspective. Our comparison is based on a framework distinguishing between classification criteria and evaluation criteria. The former allow for the categorization of evaluation approaches based on their similarities and differences. The latter, by contrast, represent attributes that allow to evaluate the discussed approaches. Finally, we give an example of a typical economic-driven IT evaluation

Goal based alignment of enterprise architectures

Business and IT alignment remains an ongoing concern for organizations. Enterprise Architecture has emerged as a possible tool for understanding and planning for BIA, but the current range of methods and frameworks for EA do not support precise measurement. In this paper, we propose a set of technologies and concepts - notably goals and computable functions which can be used to provide a measure of equivalence between as-is and to-be enterprise architectures. The goals enable description of business level requirements whilst the functions enable the goals to be evaluated at a technical architecture level. The technology is evaluated with a detailed and authentic case study from higher education

CONCEIVING A METHOD FOR VIEWPOINT-BASED MODELING USING RECOMMENDER SYSTEMS IN A MULTIPLE-USER ENVIRONMENT - CONCEPTUAL APPROACH AND PROOF-OF-CONCEPT

This paper conceives a viewpoint-based modeling method that applies the concept of viewpoints to collaborative modeling to foster the incorporation of multiple stakeholders. In collaborative modeling settings, problems like low model acceptance among involved stakeholders are typical du to their limited understanding of the overall model or system to be developed. The conceived viewpoint-based modeling method aims at solving such problems by introducing and using stakeholder-specific viewpoints on collaboratively created models. In doing so, the viewpoint concept facilitates and improves the involvement of multiple stakeholders from different domains into the collaborative modeling process. To effectively distribute and coordinate modeling activities among all participants, the method utilizes the concept of recommender systems with the eventual goal to end up with a consolidated, conflict-free model that has been collectively constructed. Besides the development of the viewpoint-based modeling method, the paper at hand ”following design science research ”additionally presents its Proof-of-Concept by means of a prototypical implementation and an evaluation of the proposed recommender algorithm

Model driven validation approach for enterprise architecture and motivation extensions

As the endorsement of Enterprise Architecture (EA) modelling continues to grow in diversity and complexity, management of its schema, artefacts, semantics and relationships has become an important business concern. To maintain agility and flexibility within competitive markets, organizations have also been compelled to explore ways of adjusting proactively to innovations, changes and complex events also by use of EA concepts to model business processes and strategies. Thus the need to ensure appropriate validation of EA taxonomies has been considered severally as an essential requirement for these processes in order to exert business motivation; relate information systems to technological infrastructure. However, since many taxonomies deployed today use widespread and disparate modelling methodologies, the possibility to adopt a generic validation approach remains a challenge. The proliferation of EA methodologies and perspectives has also led to intricacies in the formalization and validation of EA constructs as models often times have variant schematic interpretations. Thus, disparate implementations and inconsistent simulation of alignment between business architectures and heterogeneous application systems is common within the EA domain (Jonkers et al., 2003). In this research, the Model Driven Validation Approach (MDVA) is introduced. MDVA allows modelling of EA with validation attributes, formalization of the validation concepts and transformation of model artefacts to ontologies. The transformation simplifies querying based on motivation and constraints. As the extended methodology is grounded on the semiotics of existing tools, validation is executed using ubiquitous query language. The major contributions of this work are the extension of a metamodel of Business Layer of an EAF with Validation Element and the development of EAF model to ontology transformation Approach. With this innovation, domain-driven design and object-oriented analysis concepts are applied to achieve EAF model’s validation using ontology querying methodology. Additionally, the MDVA facilitates the traceability of EA artefacts using ontology graph patterns

Improving residual risk management through the use of security metrics

Introduction Reported security breaches over the last 3 years suggest that a large number of security procedures are not currently operating at full effectiveness. Security breaches have ranged from the loss of personal details of 25 million UK citizens to the disclosure of national security information assets. It is highly likely that the organisations involved in these security breaches performed risk assessments for their information assets and implemented a range of security controls to manage these risks, leading to the resulting residual risks being within acceptable risk appetites. But as investigations into security breaches have shown, these controls are often ignored, bypassed or incorrectly implemented [ICO07]. Organisations may not currently understand how ineffectively their security controls are being managed, resulting in higher levels of risk exposure through controls operating at below optimal effectiveness. By introducing real world effectiveness measurements into an organisation’s risk management activities, organisations can improve their understanding of their current risk exposure. Research We have found that a number of organisational issues exist with the use of security metrics in measuring control effectiveness, which can be summarised as follows: * Metrics that measure effectiveness can be difficult to define. * Resulting measurements can be difficult to interpret by non-security professionals. * Effectiveness metrics cannot be easily compared to allow benchmarking of an organisation’s performance. Our research has concluded that there is a gap in current IT governance models and management best practices for the definition of how to measure the effectiveness of security controls. While these standards do recognise the requirement for continual assessment of operational effectiveness, the definition of these measurements and how to interpret the results are left to the organisation. Information Security Effectiveness Framework (ISEF) This project introduces ISEF, a framework that assists organisations in defining, visualising and comparing security metrics. The framework uses the concept of grouping controls based on their implementation type and temporal objectives to present common characteristics that can be measured. The framework uses the relationship between controls and risks to align security metrics against organisational risk, and visualises these to support the direction of remedial efforts. The ISEF is designed to complement current IT governance models and standards such as COBIT and ISO27002. This is provided by its alignment with these ‘what’ should be done models and standards by providing the ‘how’. The ISEF provides a method of comparing security metrics based on the financial stock markets indices. This allows the comparison of security control management between organisations and allows the organisations to benchmark themselves against peers without revealing specific security control information. Conclusion A case study using ISEF has shown that the framework provides a method for defining metrics in order to obtain real world data to modify current residual risk levels. For organisations with a risk management approach, the framework can visualise effectiveness in the context of risk allowing resources to be focused on improving security management where it will make the greatest risk reduction

ERP implementation methodologies and frameworks: a literature review

Enterprise Resource Planning (ERP) implementation is a complex and vibrant process, one that involves a combination of technological and organizational interactions. Often an ERP implementation project is the single largest IT project that an organization has ever launched and requires a mutual fit of system and organization. Also the concept of an ERP implementation supporting business processes across many different departments is not a generic, rigid and uniform concept and depends on variety of factors. As a result, the issues addressing the ERP implementation process have been one of the major concerns in industry. Therefore ERP implementation receives attention from practitioners and scholars and both, business as well as academic literature is abundant and not always very conclusive or coherent. However, research on ERP systems so far has been mainly focused on diffusion, use and impact issues. Less attention has been given to the methods used during the configuration and the implementation of ERP systems, even though they are commonly used in practice, they still remain largely unexplored and undocumented in Information Systems research. So, the academic relevance of this research is the contribution to the existing body of scientific knowledge. An annotated brief literature review is done in order to evaluate the current state of the existing academic literature. The purpose is to present a systematic overview of relevant ERP implementation methodologies and frameworks as a desire for achieving a better taxonomy of ERP implementation methodologies. This paper is useful to researchers who are interested in ERP implementation methodologies and frameworks. Results will serve as an input for a classification of the existing ERP implementation methodologies and frameworks. Also, this paper aims also at the professional ERP community involved in the process of ERP implementation by promoting a better understanding of ERP implementation methodologies and frameworks, its variety and history

Analysis of limitations and metrology weaknesses of enterprise architecture (EA) measurement solutions & proposal of a COSMIC-based approach to EA measurement

The literature on enterprise architecture (EA) posits that EA is of considerable value for organizations. However, while the EA literature documents a number of proposals for EA measurement solutions, there is little evidence-based research supporting their achievements and limitations. This thesis aims at helping the EA community to understand the existing trends in EA measurement research and to recognize the existing gaps, limitations, and weaknesses in EA measurement solutions. Furthermore, this thesis aims to assist the EA community to design EA measurement solutions based on measurement and metrology best practices. The research goal of this thesis is to contribute to the EA body of knowledge by shaping new perspectives for future research avenues in EA measurement research. To achieve the research goal, the following research objectives are defined: 1. To classify the EA measurement solutions into specific categories in order to identify research themes and explain the structure of the research area. 2. To evaluate the EA measurement solutions from a measurement and metrology perspective. 3. To identify the measurement and metrology issues in EA measurement solutions. 4. To propose a novel EA measurement approach based on measurement and metrology guidelines and best practices. To achieve the first objective, this thesis conducts a systematic mapping study (SMS to help understand the state-of-the-art of EA measurement research and classify the research area in order to acquire a general understanding about the existing research trends. To achieve the second and third objectives, this thesis conducts a systematic literature review (SLR) to evaluate the EA measurement solutions from a measurement and metrology perspective, and hence, to reveal the weaknesses of EA measurement solutions and propose relevant solutions to these weaknesses. To perform this evaluation, we develop an evaluation process based on combining both the components of the evolution theory and the concepts of measurement and metrology best practices, such as ISO 15939. To achieve the fourth objective, we propose a mapping between two international standards: • COSMIC - ISO/IEC 19761: a method for measuring the functional size of software. • ArchiMate: a modelling language for EA. This mapping results in proposing a novel EA measurement approach that overcomes the weaknesses and limitations found in the existing EA measurement solutions. The research results demonstrate that: 1. The current publications on EA measurement are trending toward an increased focus on the “enterprise IT architecting” school of thought, lacks the rigorous terminology found in science and engineering and shows limited adoption of knowledge from other disciplines in the proposals of EA measurement solutions. 2. There is a lack of attention to attaining appropriate metrology properties in EA measurement proposals: all EA measurement proposals are characterized with insufficient metrology coverage scoring, theoretical and empirical definitions. 3. The proposed novel EA measurement approach demonstrates that it is handy for EA practitioners, and easy to adopt by organizations