IT Outsourcing Risk Management at British Petroleum

This paper reports the results of a study of three successive IT outsourcing contracts at British Petroleum (BP). We offer an operational definition of IT outsourcing risk and use it to assess the risk exposure associated with each contract. We then examine how the management at BP dealt with outsourcing risk. Our results show that careful and deliberate risk management can substantially attenuate the level of risk exposure, and that IT outsourcing risks can be managed. Ce document présente les résultats d'une étude de trois contrats d'impartition successifs. L'étude fut conduite chez British Petroleum. Une définition opérationnelle du risque d'impartition est donnée. Cette définition est ensuite utilisée pour déterminer le niveau de risque associé à chacun des contrats. Les mécanismes de gestion de risque sont également identifiés. Les résultats démontrent qu'une gestion active du risque permet de réduire sensiblement les niveau d'exposition au risque, notamment dans le cas de contrats d'impartition des technologies de l'information.Outsourcing of IS, IS risk management, agency theory, transaction cost economics, case study, Impartition des systèmes informatiques, gestion du risque d'impartition, gestion du risque, théories de l'agence et des coûts de transaction, étude de cas

Developments in Practice X: Radio Frequency Identification (RFID) - An Internet for Physical Objects

This paper explores the applications and future commercial impacts of radio frequency identification (RFID) technology. Its objective is to summarize the ways in which organizations and academics are thinking about these technologies and to stimulate strategic thinking about their possible uses and implications. It first provides an overview of this technology and how it works. Then it explores the surprisingly wide variety of current applications of RFID. Next it looks at several classes of potential RFID applications and how these might affect how organizations work. Finally, it examines the cost and implementation considerations of this technology. The paper concludes that RFID is a viable technology with many possible applications. However, only some of the impacts on organizations and society can be anticipated at present

Developments in Practice IX:The Evolution of the KM Function

In 2000, a group of knowledge managers from twenty-five companies met to discuss the current state of knowledge management (KM) in their organizations. KM was then in a very early stage of its existence and took a wide variety of forms. Most KM groups were experiencing difficulties determining an appropriate role and function for themselves. Organizations were undertaking many different activities under the banner of KM. These activities were often fairly wide-ranging in scope with broad, general goals. To better understand how KM had matured and to explore its likely future development, the authors convened a similar focus group of knowledge managers in 2003. We found that KM\u27s objectives are now focused into more achievable goals. Increasingly, the emphasis is on delivering immediate, measurable benefits by leveraging knowledge that is already available in an organization rather than on creating new knowledge. KM also carved out some key responsibilities for itself, such as creating and maintaining both an Internet framework and a portal to internal company information, and content acquisition, synthesis, organization, and management. Overall, the KM function became considerably more practical in focus and much less academic. The biggest challenge facing KM in the future continues to be the need to demonstrate tangible, measurable value to the organization. Disillusionment with KM tools and an inability to find useful content are seen as key threats to KM\u27s survival. Maintaining alignment with business objectives is thus the most important means of ensuring KM\u27s relevance. The next few years will be crucial for KM. If it can make its mark and demonstrate its value, we can expect to see knowledge management grow and prosper. If it cannot, its growth could be stunted for many years to come

Developments in Practice XII: Knowledge-Enabling Business Processes

While in theory what an organization knows is fundamental to its success, in practice only a few companies have seen significant business results from their knowledge management (KM) initiatives. Therefore, many knowledge managers are rethinking how and where knowledge really adds value. Connecting knowledge activities to core business processes is slowly coming to be recognized as a second, and more effective, stage of KM in organizations. This paper examines how practicing knowledge managers from several different organizations are knowledge-enabling business processes to deliver business value. It then integrates their experiences with previous research to present a preliminary framework of how to link KM better into business process design activities

Developments in Practice XXXI: Social Computing: How Should It Be Managed?

Social computing, enabled by the Internet and peer-to-peer computing (P2P), is a force to be reckoned with. Today, most observers believe that the changes we’ve seen in some industries, like entertainment, is just the tip of a huge iceberg that is going to hit many different sectors. The power of social computing to disrupt the traditional business-to-customer relationship is merely one of several changes we are beginning to see in organizations. Social computing also facilitates new ways of working, learning and collaboration, which are foreign to more conventional practices but which have considerable strategic potential if they are effectively managed. Yet currently, organizations in general do not appreciate its value and strategic potential. Social computing’s promise is that technology will fit more naturally into our lives because it will adapt more readily to our locations, preferences and schedules. The challenge for organizations is to understand how to use it effectively to deliver new forms of business value. It’s easy to dismiss social computing as “just another technology fad” and most companies are approaching it very cautiously. The reality is that social computing is already a factor in organizations today even though we are still early in its evolution

Developments in Practice XXXIII: A Holistic Approach to Managing IT-based Risk

Not long ago, IT-based risk was a fairly low-key activity focused on whether IT could deliver projects successfully and keep applications up and running. But with the opening up of the organization’s boundaries to external partners, service providers, external electronic communications, and online services, managing IT-based risk has morphed into a “bet the company” proposition. Not only is the scope of the job bigger, the stakes are much higher. As companies have become more dependent on IT for everything they do, the costs of service disruption and inadequate security practices have escalated exponentially. Therefore, the job of managing IT-based risk has become broader and more complex. Whereas in the past companies have sought security through physical or technological means (e.g., locked rooms, virus scanners), there is now growing understanding that managing IT-based risk must be a strategic and holistic activity that is not just the responsibility of a small group of IT specialists, but part of a mindset that extends from partners and suppliers to employees and customers. This paper explores how organizations are addressing and coping with increasing IT-based risk. It presents the results of an in-depth discussion of this issue with 20 senior IT practitioners and the challenges facing them. It proposes a holistic view of risk and examines the characteristics and components needed to develop an effective risk management framework, presenting a generic framework for integrating the growing number of elements involved in it. Finally, it describes successful practices organizations could use for improving their risk management capabilities

Developments in Practice XXIII: Creating and Evolving a Technology Roadmap

The authors convened a focus group of senior IT managers from a variety of different companies/industries to explore current practice in terms of creating and evolving a technology roadmap. Starting with a definition of a technology roadmap, the paper outlines the benefits attributable to a well-crafted roadmap and presents a 7-step model for its creation. According to the focus group, companies without the guidance of a roadmap run the risk of making sub-optimal decisions - technology choices that make sense today but position the company poorly for the future. The focus group also argued that the exercise of developing a technology roadmap is valuable even if the actual roadmap that is developed is subject to frequent change. This paper represents a summary of the focus group discussion

The Identity Management Challenge

As organizations extend the online delivery of services and data across departmental, organizational, and even jurisdictional boundaries, they must trust that they can identify and authenticate the customers, businesses, employees, and third parties using them. Traditional approaches to identity management (IDM), such as documents, clearly don’t work in the online world, yet to date there is no online equivalent of the passport or photo-id. Instead, organizations have established their own identity management practices. As a result, IT managers are looking for more holistic and standardized IDM practices that could simplify access to multiple services and enable organizations to collaborate and cooperate across global organizational boundaries, as well as keep identity information secure and private. This article explores these IDM challenges and how managers are approaching this issue. It discusses the key management components of IDM looking first at the basic concepts of IDM, its essential elements, and organizational stakeholders. Next, it examines why IDM is increasingly a business concern, in addition to an IT concern and describes the key IDM challenges facing IT managers. It then distils key principles of effective IDM and makes recommendations for how IT managers can improve on their current IDM efforts

Developments in Practice XVII: A Framework for KM Evaluation

Demonstrating the value of knowledge management (KM) to the organization represents an elusive challenge. In part, this challenge is due to the nature of knowledge management itself and the difficulty in creating direct linkages between knowledge sharing and sales growth or productivity. But it is also undoubtedly due to misaligned KM activities. This paper first reviews the current state of metrics in KM and presents six principles of measurement immediately applicable to the practice of KM. It then outlines a framework for KM evaluation using four key approaches: balanced scorecard; strategic imperatives; capabilities assessment; and measurement matrix. The paper concludes by presenting a number of strategies for improving KM metrics