Chapter 13: IT Strategy and Planning

BUSINESS STRATEGY AND IS STRATEGY

Business strategy consists of business decisions, change, objectives and direction. The business is
supported by the IS strategies. They can be business based, demand oriented or application focused. IS
systems are strictly technical. Overall alignment of IT and IS with business strategy instead of treating IS
as a separate technological space is crucial.

IT Business Alignment
Business-IT alignment is a dynamic state in which a business organization is able to use information
technology (IT) effectively to achieve business objectives:

• improved financial performance,

• Marketplace competitiveness.

One of the main tasks of a CIO is to ensure that IT aligns with the business. It involves optimizing
communication between executives who make the business decisions and IT managers who oversee the
technical operations. The implementation of flexible business plans and IT architectures, as well as
effective cost allocation, are critical components of any business-IT alignment effort.

Some definitions focus more on outcomes (the ability of IT to produce business value) than means (the
harmony between IT and business decision-makers within the organizations).

Example:

“Alignment is the capacity to demonstrate a positive relationship between information technologies and
the accepted financial measures of performance.”

IT Alignment Achievement
To achieve IT Alignment, organizations must make better decisions that take into account both business
and IT disciplines. Establishing processes for decision-making and control is essentially what is meant by
the term "governance".

Business-IT Alignment is achieved through the completion of four main steps:

1. Set Conditions to Achieve Alignment

2. Scan for Potentially Enabling Technologies
3. Determine IT Value Imperatives
 4. Develop IT Vision and Mission

Ultimately, value must come not just from the IT tools that are selected, but also in the way that they
are used in the organization. For this reason, the scope of IT Alignment also includes business
transformation, in which organizations redesign how work is accomplished in order to realize
efficiencies made possible by new IT.

Competitive advantage through IT

Competitive advantage is an advantage that a firm has over its competitors, allowing it to generate
greater sales or margins and/or retains more customers than its competition. It is gained by a company
by providing real or perceived value to customers. To determine how IT can provide a competitive
advantage, the firm must know its products and services, its customers, its competitors, its industry,
related industries, and environmental forces-and have insight about how IT can enhance value for each
of these areas. Even if a resource is rare and valuable, if the firm expends more effort to obtain the
resource than it generates through the resource, then the resource will not create a competitive
advantage.

Characteristics necessary to achieve competitive advantage

• Value
• Rarity
• Appropriability

Factors needed to sustain competitive advantage

• Limitability
• Mobility
• Substitutability

Information systems can contribute three types of resources to a firm:

• technology resources
• technical capabilities
• IT managerial resources

Technology resources
...are infrastructure, proprietary technology, hardware, and software.
Not necessarily rare or valuable, but difficult to appropriate and imitate. Low mobility but a fair degree
of substitutability.

It skills
...are technological knowledge, development knowledge, and operational skills.
Highly mobile, but less imitable or substitutable. Not necessarily rare but highly valuable.
Managerial IT resources
...is vendor and outsourcer relationship skills, market responsiveness, IS-business partnerships, IS
planning, and management skills.
More rare than the technology and IT skill resources. Also of higher value. High mobility given the short
tenure of CIOs. Nonsubstitutable.

Scenario planning
Scenario planning is not about predicting a future. Rather, it attempts to describe what is possible. The
result of scenario analysis is a group of distinct futures, all of which are plausible. The challenge then is
how to deal with each of possible scenarios.

Scenario Planning Steps:

1. What problem are you trying to solve?
2. Gather information
3. Identify driving forces
4. Identify critical uncertainties
5. Create scenarios
6. Compose the stories
7. Scenario application
8. Identify key indicators
9. Monitor key indicators
10. Update scenarios and strategies

BUSINESS SYSTEM PLANNING MODEL

Business System Planning is a method for analyzing, defining and designing information architecture of
an organization.
BSP is a new approach to IA its goals are to:
• Understand issues and opportunities with current applications

• Develop future technology supporting the enterprise

• Provide executives with direction and a decision-making framework for IT expenditures

• Provide information systems (IS) with a developmental blueprint

The result of a BSP project is a technology roadmap aligning investments and business strategy. BSP
comprises 15 steps, which are classified into three sections by function.

Good IT Planning Processes:

• Yearly, quarterly, monthly.

• Planning is continual, not one-time.

 • May result in formal IT strategy, or annual reevaluation.

• Organizational planning of IT resources done throughout the organization.

• End-users must understand

IT strategic planning process

Business Service Management:

• Approach for linking KPIs of IT to business goals to determine impact on business.

• KPIs measure actual performance of critical aspects of IT such as projects, servers, networks
against predefined goals such as growing revenue, lowering costs, reducing risk.

• KPIs measure real-time performance or predict future results. Proactive vs. reactive.

• KPIs measures results of past activity.

Outsourcing, Offshore Outsourcing, and lT as- a Subsidy

IT is difficult to manage, even for organizations with above-average IT management skills. Therefore, for
many organizations, the most effective strategy for managing IT effectively, to obtain benefits while
controlling costs, may be outsourcing. The vendor providing outsourcing services may be offshore, or
located in a country outside of the organization's country.
Outsourcing is contracting work to be completed by an outside vendor. The major reasons for
outsourcing are the following: desire to focus on core competency, cost reduction, improve quality,
Increase speed to market, faster innovation.

Outsourcing Advantages and Disadvantages

Transactional outsourcing agreements, in which a company outsources discrete processes that have
well-defined business rules, have a success rate of 90 percent. Co-sourcing alliances, in which the client
company and outsourcer vendor jointly manage projects, such as application development or
maintenance work, have a success rate of 63 percent. Finally, strategic partnerships, in which a single
outsourcer takes responsibility for the majority of a client company's IT services, has a success rate of
about 50 percent.

In contrast, as companies find their business strategy is increasingly tied to IT solutions, the concerns
about outsourcing increase. In general, risks increase as the boundaries between the client company
and outsourcing vendor responsibilities blur and the scope of responsibilities expands. The failure rate
of outsourcing relationships remains high, with estimates ranging from 40 to 70 percent. Risks
associated with outsourcing: Shirking occurs when a vendor deliberately underperforms while claiming
full payment (e.g., billing for more hours than were worked, providing excellent staff at first and later
replacing them with less qualified ones). Poaching occurs when a vendor develops a strategic
application for a client and then uses it for other clients (e.g., vendor redevelops similar systems for
other clients at much lower cost, or vendor enters into client's business, competing against it).
Opportunistic reprising ("holdup') occurs when a client enters into a long-term contract with a vendor
and the vendor changes financial terms at some point or overcharges for unanticipated enhancements
and contract extensions.
Other risks are: irreversibility of the outsourcing decision, possible breach of contract by the vendor or
its inability to deliver, loss of control over IT decisions, loss of critical IT skills, vendor lock-in, loss of
control over data, loss of employee morale and productivity, and uncontrollable contract growth.
Another possible risk of outsourcing is failure to consider all of the costs. Some costs are hidden. Among
the most significant additional expenses associated with outsourcing are: (1) benchmarking and analysis
to determine if outsourcing is the right choice, (2) investigating and contracting with a vendor, (3)
transitioning work and knowledge to the outsourcer, (4) ongoing staffing and management of the
outsourcing relationship, and (5) transitioning back to in-house IT after outsourcing

Strategies for Outsourcing

A secure strategic relationship with outsourcers increases collaborative opportunities for innovation and
business transformation. This focus on value creation for both the company and its outsourcer
represents a significant shift in the outsourcing relationship. In making a decision to outsource,
executives should consider five major risk areas: (1) higher developmental or operational costs than
anticipated, (2) inability to provide the expected service levels at implementation, (3) exceeding the
time anticipated for development or transition, (4) allowing the current technical failure(s) to continue,
and (5) neglecting to navigate the internal politics of the outsourcing company. Therefore, organizations
should consider the following strategies in managing the risks associated with outsourcing contracts
1. Understand the project.
2. Divide and conquer (Dividing a large project into smaller and more manageable pieces)
3. Align incentives.
4. Write short-period contracts.
5. Control subcontracting.
6. Do selective outsourcing (outsource certain areas, not the majority)

Offshore outsourcing is outsourcing with a vendor located in a country other than the one in which the
client company is based. This trend is primarily due to global markets, lower costs, and increased access
to skilled labor.
It is not only the cost and the technical capabilities that matter. Several factors should be considered,
including the business and political environments in the selected country the quality of the
infrastructure, and risks such as IT competency, human capital, the economy, the legal environment,
and cultural differences. Risks and uncertainties involved in offshore outsourcing: cost-reduction
expectations, data/security and protection, process discipline which is the use of the same process
repeatedly without innovation, loss of business knowledge, vendor failure to deliver, scope creep, which
is the request for additional services not included in the outsourcing agreement, government regulation,
differences in culture, turnover of key personnel, knowledge transfer.
Types of work that are not readily offshore outsourced include the following: Work that has not been
reutilized, Work that if off shored would result in the client company losing too much control over
critical operations, Situations in which off shoring would place the client company at too great a risk
to its data security, data privacy, or intellectual property and proprietary information , Business
activities that rely on an uncommon combination of specific application domain knowledge and IT
knowledge in order to do the work properly. A tool useful in measuring the business value of
outsourcing relationships is the balanced scorecard

BALANCED SCORECARD
The balanced scorecard is a strategic planning and management system that is used extensively in
business and industry, government, and nonprofit organizations worldwide to align business activities to
the vision and strategy of the organization, improve internal and external communications, and monitor
organization performance against strategic goals.
The critical characteristics that define a balanced scorecard are:[
• its focus on the strategic agenda of the organization concerned

• the selection of a small number of data items to monitor

• a mix of financial and non-financial data items.

Balanced scorecard is an example of a closed-loop controller or cybernetic control applied to the

management of the implementation of a strategy.
Two of the ideas that underpin modern balanced scorecard designs concern facilitating the creation of
such a control - through making it easier to select which data to observe, and ensuring that the choice of
data is consistent with the ability of the observer to intervene.
Design of a balanced scorecard is about the identification of a small number of financial and non-
financial measures and attaching targets to them, so that when they are reviewed it is possible to
determine whether current performance 'meets expectations'.
Key components are strategic objectives, strategic linkage model and perspectives, measures and
initiatives

Chapter 14: Managing IT projects

TECHNOLOGY ADOPTION LIFECYCLE

The purpose of the technology adoption lifecycle is to track adoption of emerging technologies.
By definition the technology adoption lifecycle describes the adoption or acceptance of a new product
or innovation.
There are four elements of adoption of any technology:
1. The technology itself
2. The communication channels through which information is exchanged between potential
adopters
3. The speed at which the emerging technology is being adopted
4. The social system into which the innovation is introduced that can be influences by internal
opinion leaders and external change agents

The adoption process itself passes through 5 stages: (1) acquire knowledge (2) persuade (3) decide (4)
implement, and (5) confirm.
The adoption process is cyclical in nature, not linear. While the process is relatively predictable, we
can’t assume that the process will be the same for the introduction of all types of technology introduces
into different types of organizations, or even the same technology introduces into a different
organization.

TASK TECHNOLOGY DEPENDENCY

Task-technology dependency is the ability of a technology to efficiently and effectively execute a task. It
is an important feature to consider when assessing the adoption of different types of technology. This
basically means that when looking at a task, you need to be able to figure out which technology would
be the best to use in order to carry out the task at hand in the most effective and efficient way possible.

Implementing IT Projects

Information technology (IT) project implementation is still a grey area. Implementation of IT projects,
especially large IT projects, is synonymous to management of changes in an organization. When
formulating effective change management strategies to support the introduction of IT, it may be useful
to integrate and use concepts and practices drawn from disciplines such as traditional project
management, organizational/product innovation, and change management theory and practices.

The 4 P’s of implementation.

1) Plunge
2) Parallel
3) Pilot
4) Phased

Factors That Impact Implementation Success

• Top management support – resource allocation, upper level model of acceptance.
• Level of risk – depends upon project size, project structure & complexity of effort.
 • Training of users – critical to success.
• User acceptance – users must be involved in design & throughout process.
• Management of process – must be with incentives.

Managing Implementation
• Must be within budget.
• Must be on time.
• Must meet user expectations.
• Must be fully functional, to the level promised.

Business Process Management

Concept of BPM
• Includes methods & tools to support design, analysis, implementation, management &
optimization of operational business processes.
• Extension of workflow management: documents, information & activities flow between
participants according to existing process models & rules.
• Consists of activities performed by businesses to optimize & adapt their processes.
• Consist of designing, analyzing, implementing, managing & optimizing a process for
effectiveness & efficiency.

BPM focuses on usage of technology, processes and people

(employees) to achieve corporate goals.

Steps to Creating a BPM Strategy

1. Align financial, and operational goals with expectations of
shareholders or owners
2. Conduct assessment of core strategic and operational
process
3. Link strategic and operational process with organizational
objectives
4. Develop a process performance plan
5. Prioritize processes based on potential impact on strategic objectives

Business Process Modeling is referred to as business process mapping. It includes techniques &
activities used as part of larger business process management discipline.

TOTAL QUALITY MANAGEMNT (TQM)

Six Sigma, total quality management (TQM), and ISO 9000 are quality techniques to measure and
improve an organization's processes and are often used in conjunction with BPM initiatives. Total quality
management (TQM) is a management strategy aimed at embedding awareness of quality in all
organizational processes. One major aim of TQM is to reduce variation from every process so that
greater consistency of effort is obtained. TQM utilizes multifunctional teams comprised of professional
staff and workers from all departments involved to solve problems. In the mid-1980s, W. Edwards
Deming, developed the Plan, Do, Check, Act (PDCA) cycle to achieve continuous improvement. The PDCA
cycle is widely used in organizations that are seeking to improve processes for achieving efficiency and
effectiveness. PDCA stands for:

• PLAN Establish the objectives and processes necessary to deliver results to

achieve with organizational objectives.
• DO Implement the processes.
• CHECK Monitor and evaluate the processes and results against objectives and
report the outcome.
• ACT Take action needed for improvement. Review all steps (Plan, Do, Check,
Act) and modify the process to continue to improve it before its next implementation.

CHANGE MANAGEMENT
Change management is a structured approach to transition individuals, teams, and organizations from a
current state to a desired future state. Change management issues arise when organizations and their
suppliers or new business partners-in the case of a merger or acquisition-follow very different work
practices. In the vast majority of cases the problem in introducing new systems is not in the technology,
most change management issues arise because people and the work they do are impacted by the
introduction of new or modified IT systems. Problems are often connected with the change in power
distribution. Faced with potential shifts in power, key stakeholders may consciously or unconsciously
resist by delaying, sabotaging, or insisting on the modification of system development. These tactics may
include

• Withholding resources (money, people, time) needed for the project

• Purposely identifying the wrong people to work on the project
• Raising continual objections to project requirements
• Changing project requirements
• Expanding the size and complexity of the project
The change process is a structured technique to effectively transition groups or organizations through
change. When combined with an understanding of individual change management, these techniques
provide a framework for managing the people side of change. Most process models are based on the
simple three-stage model that was originally theorized by Kurt Lewin .These stages are unfreezing,
change, and (re)freezing.

• Unfreezing-in this first stage, people have a tendency to seek out a situation in which they feel
relatively safe and have a sense of control. Alternative situations are not appealing, even if they
appear to be preferable to the current state.
 • Change-sometimes referred to as transition, often requires people to go through several stages
of apprehension before they are prepared to move forward. Good leadership is important in this
stage.
• Refreezing-The third and final stage in the change process involves the process of moving to a
new place of stability. Refreezing may be a slow process because not everyone will be at the
same point of transition from the old way of doing things to the new.

Organizational transformation
A major change in the way that an organization does business is typically referred to as organizational
transformation. John Kotter teamed up with Holger Rathgeber to present a simple story of radical
change and the issues associated with managing such a change.
Kotter's organizational transformation model consists of an eight-step change process that
organizations should follow in order to successfully transform an organization.
The eight steps are the following:

1. Establish a sense of urgency.

2. Form a powerful guiding coalition.
3. Create a vision.
4. Communicate the vision.
5. Empower others to act on the vision.
6. Plan for and create short-term wins.
7. Consolidate improvements and produce more change.
8. Institutionalize the new approaches.

10 principles of change management

Regardless of the nature or extent of the change, it is advisable to take a structured
approach to affecting any type of organizational change. Jones, Aguirre, and Calderone offer a set of
useful principles to assist in guiding successful change management. These 10 principles are:

1. Address the "human side" of change systematically: Develop a formal approach for managing
change and adapt it often as circumstances change within the organization.
2. Start at the top: Top managers, including the CEO and CIO, must show full support for the change in
order to challenge and motivate the rest of the organization.
3. Involve every layer: Change occurs at all levels of the organization. In addition to securing top-level
support, it is important to cultivate leaders at various levels to support the change so that the change
cascades down.
4. Make the formal case: The need for change is always challenged. A formal written statement of the
envisioned change helps create and solidify alignment between change leaders and the change team.
5. Create ownership: Top management leaders need to work with the design teams to fully understand
the changes that will result from the introduction or modification of technology. Leaders must be willing
to accept responsibility for achieving change and offer incentives for participation in problem
identification and solution generation.
6. Communicate the message: Issues related to change must be clearly communicated. Employees must
be repeatedly provided with the right information at the right time through multiple channels to ensure
they understand the consequences of the change initiative.
7. Assess the cultural landscape: As change cascades down through organizational levels, the culture
and behaviors of employees must be addressed up front. Core cultural values, behaviors, and
perceptions must be addressed in regard to readiness for change; conflict areas must be identified and
factors that can impact resistance must be defined.
9. Prepare for the Unexpected: No matter how well a plan is executed, there are always surprises along
the way. The impact of change must be continually re-examined to measure the source and level of
resistance, and necessary adjustments made to maintain momentum and achieve objectives.
10. Speak to the Individual: All organizational change involves change at the individual level; for the
company to change, the individual and the way he or she works must change also. Employees must be
involved in the change process, and individual reward must be offered.

Chapter 15: Impact of IT on Enterprises, Users, and the Environment

New and Accelerating Trends in IT

The “Law of Accelerating Returns” suggests that the time interval between significant events grow
shorter as time passes because technological change is exponential rather than linear.
Unique developments as well as fast-paced changes make it extremely difficult to forecast what will
happen to enterprises, careers, social lives, energy prices, and the condition of the environment.
In the mid-1900s, two transformational ITs emerged: the Web, which introduced the business world to
the Internet and e-commerce, and enterprise information systems, such as CRM, SCM, and ERP, which
sought to harness the power of networks and data to improve performance. The Web and enterprise
systems were not simply improvements on existing IT. They were quantum leaps forward in corporate IT
and they created a platform for the changes soon to follow. These changes consisted on end-user driven
technologies, most notably Web 2.0 and social networking, and social media.

Mobile Technology Revolutionizing Medicine

Effective telemedicine or telehealth technologies will help in increasing the number of patients treated
by physicians remotely and in lowering the costs and travel times associated with treatment.
Telemedicine is the use of telecommunication networks to provide medical information and services,
such as consulting and remote curative medical procedures or examinations. Telehealth is a broader
application of telemedicine. Telehealth is the use of electronic information and telecommunications
technologies to support preventative and curative long-distance clinical healthcare, patient and
professional health-related education, public health, and health administration.
Despite the potential benefits of telemedicine/health, issues related to information security may
constrain its growth. Those issues include the cost of encryption, secure transmission, and secure
storage – as well as the liability risks if personally identifiable medical information gets released or
compromised.

Offshore Outsourcing
Offshore outsourcing is one of the manifestations of the trend toward globalization – blurring of
geographical barriers – that is being accelerated by IT. Well-educated English-speaking employees
residing in countries such as India and the Philippines can perform services demanded by firms based in
the U.S, Great Britain, or any other country.
Processing confidential data offshore creates valid concerns about identity theft and privacy issues.
Privacy standards in the country where the data originate may be very different from the privacy laws
and safeguards in the country where the data are processed.
The remarkable communications capabilities delivered by IT promote globalization not only through
offshore outsourcing of high-tech jobs, but also by enabling firms to distribute core corporate functions
around the globe. A newer type of outsourcing is business process outsourcing. BPO is the process of
hiring another company to handle business activities.

IT Delivery Models
The common trend is the delivery of IT services that limit the amount of responsibility and risk
businesses much shoulder in acquiring and maintaining technology that enables core business functions.
Building and maintaining enterprise systems using service-oriented architecture (SOA) promises speed
of innovation, flexibility, and reuse of existing assets. In simple terms, an SOA is an infrastructure in
which software applications are broken or other services.
Other IT delivery models that are being deployed are:

• Storage as a Service – storage capacity is offered on a per-usage basis similar to Software as a

Service
• Communications as a Service – these are multiyear communication services that are comprised
of vendor-owned, managed, and co-located communication applications with connectivity and
IT services.
• User-owned devices – these are devices that are owned and managed by employees responsible
for providing technology to complete job-related tasks.
• Business process utilities (BPUs) – these are outsources business process services for
standardized processes.

Current Perspectives on the Enterprise Web 2.0

Enterprise Web 2.0 is the application of Web 2.0 technologies in the enterprise. The enterprise Web 2.0
market, which is commonly referred to as Enterprise 2.0, is the deployment of blogs, wikis, RSS, and
social networking within the enterprise.
Enterprise 2.0 began in 2006 as a new way to collaborate using freeform social software platforms
within companies or between companies and their partners or customers.
Enterprise 2.0 is really about moving into a Web setting where workers can more easily conduct their
day-today personal interactions. A company can build up its business intelligence (BI) repository by using
software that integrates blogs or comment forums to supplement historical company data. Through this
freeform approach, knowledge management becomes decentralized and democratic.

Operating Greener Businesses and Eco-Friendly Data Centers

The growing power consumption of computing technology and high energy costs are having a direct
negative impact on business profitability. Enterprising is trying to shrink energy costs and carbon
consumption and increase the use of recyclable materials. Green computing, the study and practice of
eco-friendly computing resources, is now a key concern of businesses in all industries – not just
environmental organizations.
Green computing is a mindset that asks how we can satisfy the growing demand for network computing
without putting undo stress on the environment. There is an alternative way to design a processor and a
system such that they do not increase demands on the environment, but still provide an increased
amount of processing capability to customers to satisfy their business needs.
The field of green technology covers a broad range of issues. Green technology focuses on reducing the
harmful environmental impacts of computing and industrial processes and innovative technologies
caused by the needs of the growing worldwide population. The objective is to minimize damaging the
environment or depleting natural resources by creating fully recyclable products, reducing pollution, and
designing energy-efficient or alternative technologies.

Impacts of Too Much Information and Connectivity

Few people disagree that information is a valuable resource and that increased availability of
information can be beneficial for individuals and organizations alike. However, ITs capability to
introduce ever-growing amounts of data into our lives can exceed our capacity to keep up with the data,
leading to information overload.
To be effective at solving the problem at solving the problem of information overload, information
systems must differentiate between the data that can be safely summarized and the data that should be
viewed in its original form.
As organizations and societies continue to generate, process, and rely on the rapidly increasing amounts
of information, they begin to realize the importance of information quality. Information quality is a
somewhat subjective measure of the utility, objectivity, and integrity of gathered information. To be
valuable, both data and information must possess a number of essential characteristics, such as being
complete, accurate, up-to-date, and consistent with the purpose for which they are used.
Spamming, the practice of indiscriminately broadcasting unsolicited messages via e-mail and over the
Internet, is one of the most widespread forms of digital noise. Spam hurts businesses by lowering the
productivity of employees who have to deal with unwanted messages.
Internet service providers (ISPs) and software companies have tried many technological campaigns to
eradicate spam. Mail-filtering software and other technologies have made it more difficult for spammers
to distribute their messages. However, spammers have responded with creative new schemes to defeat
the anti-spam solutions.

Impact on Individuals
Many people feel a loss of identity, known as dehumanization, because of computerization. They feel
like just another number because computers reduce or eliminate the human element that was present
in the non-computerized systems.
On the other hand, while the major objective of technologies is to increase productivity, they can also
create personalized, flexible systems that allow individuals to include their opinions and knowledge in
the system. These technologies attempt to be people-oriented and user-friendly.

Chapter 16: Acquiring and Developing Business Applications and Infrastructure

Acquisition of IT applications
The acquisition issue is complex for various reasons:
1. There is a wide range of sizes and types of IT applications.
2. Applications keep changing over time.
3. Applications may involve several business partners.
4. There is no single way to acquire IT applications.

The diversity of IT applications requires a variety of acquisition methodologies and approaches.

„Small applications (e.g., EC storefronts) can be developed with HTML,scripting languages,Java,or
another programming language.They can also be quickly implemented by using commercial packages or
Web 2.0 methods (as described in the Flickr case),or leased from an application service provider (ASP).
Larger or specialized applications can be developed in-house or outsourced.
Building medium-to-large applications requires extensive integration with existing information systems
such as corporate databases,intranets,enterprise resource planning (ERP), and other application
programs.While the process of IT application acquisition varies, it follows a fairly standard form in many
cases.“

The acquisition process of an IT application has five major steps:

Step 1.Planning,Identifying,and Justifying IT-Based Systems

IT-based systems are usually built as enablers of some business process(es).
Therefore, their planning must be aligned with the organization’s overall business plan and the specific
tasks they intend to support. Often processes may need to be redesigned or restructured to fully reap
the benefits of the supporting IT applications. Also, the systems may need to be justified. Both of these
activities may be complex, especially for systems that require a significant investment to acquire,
operate, and maintain. The output of this step is the decision to invest (or not) in a specific application
and a timetable, budget, and assigned responsibility.
This step is usually done in-house, with consultants if needed. All other steps can be done in-house or
outsourced.
Step 2. Creating an IT Architecture.
IT architectureis a plan for organizing the infrastructure and applications of the IT project.
The architecture plan includes the following:
• Data required to fulfill the business goals and vision
• Application modules that will deliver and manage the information and data
• Specific hardware and software on which the application modules will run
• Security,scalability,and reliability required by the applications
• Human resources and procedures for implementing the IT project
The results obtained from step 2 are routed to the strategic planning level, based on the results of step
2,the application portfolio (a portfolio is a set of applications) or a specific project may be changed.
(example, project is too risky at that time)
Once the architecture is compiled and the project gets final approval,a decision about how to acquire
the specific IT application must be made

Step 3. Selecting an Acquisition Option

IT applications can be acquired through several alternative approaches.
The major options are
• Build the system in-house
• Have a vendor build a custom-made system
• Buy an existing application and install it,with or without modifications,in-house or through a vendor
• Lease standard software from an ASP,or lease through utility computing or a software-as-a-service
(SaaS) arrangement
• Enter into a partnership or alliance that will enable the company to use someone else’s application
• Use a combination of these approaches

Once an option is chosen, the system can be acquired.At the end of this step,an application is ready to
be installed and deployed.No matter what option is chosen, you most likely will have to select one or
more vendors, and then work with and manage these vendors.

Step 4. Testing, Installing, Integrating, and Deploying IT Applications.

Once an acquisition option has been selected, the next step involves getting the application up and
running on the selected hardware and network environment.One of the steps in installing an application
is connecting it to back-end databases,to other applications,and often to partners’ information
systems.This step can be done in-house or outsourced. During this step,the modules that have been
installed need to be tested.
A series of tests are required:
• Unit testing: testing the modules one at a time
• Integration testing:testing the combination of modules interacting with other applications
• Usability testing:testing the quality of the user’s experience when interacting with the portal or
Web site
• Acceptance testing: determining whether the application meets the original business objectives and
vision.

After the applications pass all of the tests, they can be rolled out to the end users. Here developers have
to deal with issues such as conversion from the old to the new system, training, changes in priorities
affecting acceptance of the application, and resistance to changing processes to maximize the benefit
from the application.

Step 5. Operations,Maintenance,and Updating

For the maximizing of its continual usage,an application needs to be continually updated.
Software maintenance can be a big problem due to rapid changes in the IT field.Operation and
maintenance can be done in-house and/or outsourced.
The IT acquisition process most likely will be a complex project that must be managed properly.Except
for small applications,an IT project team is usually created to manage the process,budget,costs,and
vendors.Projects can be managed with project managementsoftware,such as Microsoft Project
(office.microsoft.com/project).
Three criteria that are used to evaluate the effectiveness of IT project management are
performance,time,and cost.That is,was the IT project done right,on budget,and on time?

Identifying, Justifying, and Planning IT Systems Applications (Step 1)

IT PROJECT JUSTIFICATION
Once potential IT projects are identified, they usually need to be justified. Since enterprises have limited
resources, they cannot embark on all projects at once. Therefore, like other proposed enterprise
projects, they must be evaluated against competing demands for funds. The evaluation is usually divided
into two parts.
1.First, it is necessary to explore the need for each system—that is, find the information needs of the
users and how the application will meet those needs.
2.Second, it is necessary to justify it from a cost-benefit point of view. The need for information systems
is usually related to organizational planning and to the analysis of its performance vis-à-vis that of its
competitors. The cost-benefit justification looks at the wisdom of the specific IT investment compared
to investing in alternative IT or other projects. You must determine if it makes sense from a business
perspective to pursue the IT project at this time and if this is the best use of your company’s cash. Once
justification is done, a plan for the application acquisition can be made.

PLANNING FOR THE SPECIFIC IT APPLICATION

Before an IT project is implemented, or even before a company decides how to acquire the application,
it is necessary to understand the enterprises’s current business processes, or way of doing business, in
the area the application is going to be used. After the current business processes are understood, the
focus shifts to defining the objectives and business requirements of the proposed system, which
determine its scope. The initial scope of the project is defined in terms of cost, effort, schedule,and
deliverables, and functional specifications are generated. It is important that the IT project (or
development) team explicitly define the scope and prove its feasibility to help avoid runaway projects.
Runaway projects seem to have no end and usually fail even-tually—wasting a lot of time and resources.
Milestone signifies a key event in the completion of the project. Milestones are used to more accurately
determine whether or not the project is on schedule. If you need the system very quickly, you will favor
buying or leasing one. The planning process covers resources other than time—specifically, money
(budget), labor, and equipment, if needed.

Acquiring IT Applications: Available Options (Step 3)

There are several options for acquiring IT applications. The major options are buy, lease, and develop in-
house.

BUY THE APPLICATIONS (OFF-THE-SHELF APPROACH)

Standard features required by IT applications can be found in many commercial packages. This option is
also known as a turnkey approach. Buying an existing package can be a cost-effective and time-saving
strategy compared with in-house application development. The “buy” option should be carefully
considered and planned for to ensure that all critical features for current and future needs are available
in the selected package. However, organizational needs are rarely fully satisfied by one software
package. It is therefore sometimes necessary to acquire multiple packages to support even a single
business process.
The buy option is especially attractive if the software vendor allows for modifications. However, the
option may not be attractive in cases of high obsolescence rates or high package cost.

LEASE THE APPLICATIONS

Leasing an IT application can result in substantial cost and time savings. In those cases where extensive
maintenance is required or where the cost of buying is very high, leasing is very advantageous,
especially for small-to-medium enterprises (SMEs). Leasing is also advantageous when a company wants
to experiment with a package before making a heavy up-front buy investment, protect its own internal
net- works, quickly utilize the application, or rely on experts to establish a major project, usually with a
Web site. Leasing can be done in one of several ways:
• Lease the IT application from an outsourcer and then install it on the company’s premises. The vendor
can help with the installation and frequently will offer to contract the operation and maintenance of the
system as well. Many conventional IT applications are leased this way.
• Lease the IT application from an application service provider (ASP) that hosts the application at its
data center. Major ASPs for enterprise IT systems are Oracle, Microsoft, and IBM. A concept related to
the lease option is software-as-a service.
Software-as-a-Service.
Software-as-a-service (SaaS) refers to software that is rented. Rather than purchase a software product
and pay for occasional upgrades, a company may subscribe to an SaaS, and all updates are provided
during the term of the subscription. When the subscription period expires, the software is no longer
valid. SaaS usually costs less than store-bought software. Sharing data between a CRM program and
billing software, is a challenge, especially if some of your applications are hosted while others are kept
in-house. The major factors driving the switch to SaaS are:
• Reducing the risks involved in acquiring new software
• better relationship with vendor
• reducing cost

IN-HOUSE DEVELOPMENT: INSOURCING

A third development strategy is to develop or build applications in-house. Although in-house
development—insourcing—can be time consuming and costly, it may lead to IT applications that better
fit an enterprise’s strategy and vision and differentiate it from competitors. The in-house development
of IT applications is a challenging task.

Three major options exist for in-house development:

• Build from scratch.
This option should be considered only for specialized IT applications for which components are not
available. This option is expensive and slow, but it will provide the best fit to the organization’s needs.
• Build from components.
The required applications are often constructed from standard components (e.g., random number
generators or Web servers such as Microsoft’s IIS). Commercially packaged and home grown
components must integrate tightly for component-based development to meet its requirements.
• Integrating applications.
The application integration option is similar to the build-from-components option, but instead of
components being used, entire applications are employed. This is an especially attractive option when IT
applications from several business partners need to be integrated. Integration methods such as Web
Services or Enterprise Application Integration (EAI) can be used. Insourcing is a challenging task that
requires specialized IT procedures and resources. For this reason, most organizations usually rely on
packaged applications or outsource the development and maintenance of their IT applications.
Several methods can be used when you develop IT applications in-house. Two major development
methods are:
• Systems development life cycle (SDLC).
Large IT projects, especially ones that involve infrastructure, are developed according to the SDLC
methodology using several tools.
• Prototyping methodology.
With a prototyping methodology, an initial list of basic system requirements is defined and used to build
a prototype. The prototype is then improved in several iterations, based on users’ feedback. This
approach can be very rapid. The prototype is then tested and improved, tested again, and developed
further, based on the users’ feedback. The prototyping approach, however, is not without drawbacks.
There is a risk of getting into an endless loop of prototype revisions, as users may never be fully
satisfied.
• Web 2.0 or Application 2.0 methodology.
Development approach involves quick, incremental updates with close user involvement. For new
application developments, a beta (prototype) version is developed and then refined—also in very close
collaboration with users.

END-USER DEVELOPMENT
End-user development (also known as end-user computing) is the development and
use of ISs by people outside the IS department. This includes users in all functional
areas at all skill levels and organizational levels: managers, executives, staff, secretaries, and others.

Reasons for End-User Development.

PCs have diffused throughout organizations, communication with data servers (mainframes and others)
has improved, and software tools have improved in capability, quality, price, and user-friendliness.
Consequently, users now have the necessary tools to develop their own IT applications, including Web-
based systems. Web-based tools such as wikis and content management make end-user development
more efficient.

Risks of End-User Development.

End-user development is beneficial to both workers and the organization as a whole. It also has some
limitations. End users may not be skilled enough in computers, so quality and cost may be jeopardized
unless proper controls are installed. There are three categories of potential quality risks:
1.Substandard or inappropriate tools used in IT application development
2.Risks associated with the development process; e.g., the inability to develop work-
able systems or the development of systems that generate erroneous results
3.Data management risks; e.g., loss of data or use of stale, inappropriate, or incorrect data

Selecting an Acquisition Approach and Other Implementation Issues

This section is about selecting an acquisition approach, vendor and software selection, and
implementation issues.

CRITERIA FOR SELECTING AN IT ACQUISITION APPROACH

A major issue faced by any company is which method(s) of acquisition to select.

VENDOR AND SOFTWARE SELECTION
Externally acquired IT applications should be evaluated to ensure that they provide
the following advantages:
•On time.Completion and implementation of the system by the scheduled target date.
•On budget.System cost is within budget.
•Full functionality.System has all features in the original specifications.

For smaller packages, users can use trialware from the Internet before purchase. Most vendors offer
demo software for a limited testing time. Also, vendors may demonstrate the software. Six steps in
selecting a vendor and software package are the following:

Connecting to Databases, Enterprise Systems, and Business Partners: Integration (Step 4)

IT applications, especially large ones, need to be connected to other systems (e.g.

ERP) and infrastructure (including databases). They also must be connected to such
Items as partners’ systems or public exchanges. Such connections are referred to as
Integration and are the subject of this section

CONNECTING TO DATABASES
Most IT applications need to be connected to a database.

CONNECTING TO BACK-END SYSTEMS

In addition to connecting to back-end databases, many IT applications also require integration with a
variety of other systems—ERP, CRM, KM, SCM, EDI, data warehouses, and other applications both inside
and outside the company. The integration can also be handled with enterprise application integration
(EAI). These products integrate large systems.

CONNECTING TO BUSINESS PARTNERS

Connecting to business partners is critical, especially for B2B e-commerce. Such connection is done via
EDI, EDI/Internet, XML, and extranets. Connection to business partners along the supply chain involves
connecting a company’s front- and back-office e-commerce applications. In addition to the networking
problem, one must deal with issues of connectivity, compatibility, security, scalability, and more.
Companies connect to business partners for many reasons.

WEB SERVICES AND SERVICE-ORIENTED ARCHITECTURE (SOA) FOR INTEGRATION

Web Services are self-contained, self-describing business and consumer applications delivered over the
Internet that users can select and combine through almost any device, ranging from personal computers
to mobile phones. In a service-oriented style of architecture (SOA), software components such as Web
Services can be invoked by other programs that act as clients or consumers of those services.