Chapter 3

Information Systems Strategy

Overview of Information Systems Strategy
-a policy or a set of guidelines for the construction of information systems
-how to use information systems to effectively carry out business strategy and
enterprise strategy.
The Process of an Information Systems Strategy

An information systems strategy is created with total computerization plan at its

core, and is approved by a CIO (Chief Information Officer).
After an information systems strategy is approved, its implementation is managed
and monitored in information systems strategy implementation management, and
the results are evaluated.
The results of evaluation are used not only for the modification and improvement of
the information systems strategy, but are also used to provide feedback to maintain
consistency with the business strategy.
The general procedure for creation of an information
systems strategy is as follows:
1)Confirmation of business strategy
2) Survey and analysis of business operations environment
3) Survey and analysis of business operations, information systems, information technology
4) Creation of basic strategy
5) Creation of new image of business operations
6) Selection of scope and creation of investment objectives
7) Creation of proposals for information systems strategy
8) Approval of information systems strategy
Total Computerization Planning

-A total computerization plan is a plan that specifies how information systems are
implemented across organizations, such as companies.
-A total computerization plan is formed from a total optimization policy and a
total optimization plan that is based on this policy.
(1) Total optimization policy

A total optimization policy is a policy that indicates the direction that business
and systems should proceed in for the overall organization.
System Management Standards
(1)Policies of IT governance should be clarified.
When IT governance is established, the policy for this must be clearly
specified.
(2) Principles concerning decisions on the investments and initiatives of
computerization should be defined.
In order to ensure that overall optimization plan is consistent from start to
finish, it is necessary to define general rules for decisions on the investments and
initiatives of computerization.
(3) The optimization purpose of the overall information system should be set on the
basis of business strategies.
In order to plan an information system that fulfills the business objectives, it is
necessary to create a purpose for optimization that is consistent with business
strategies.
(4) The clear vision of the information system for the overall organization should be
determined.
Since the information system of an overall organization effectively and
efficiently fulfills its objectives by organically linking individual information
systems and ensuring mutual consistency, the overall optimization plan needs to
define a clear vision (i.e., to-be model) of the information system
(5) Policies on changes, which are made in organizational structure and business
operations as a result of computerization, should be clarified.
In an overall optimization plan, it is necessary to clearly specify the policies on
the establishment, restructuring, and abolishment of organization and business
operations, in sync with the (re)construction of an information system.
(6) Policies on information security should be clarified.
Security measures, such as the fraud prevention, protection of confidentiality,
and protection of privacy, are the foundation of sound promotion of business
activities, and so it is necessary to clearly specify the policy for information security
measures in the overall optimization plan.
The clear vision of the information system for the
overall organization should be determined.

In point (4), concerning the ideal model (i.e., business operations model or
business model) of overall business operations, the kind of information
system (i.e., information systems model) that is required is clearly specified
by using methods, such as EA.
EA (Enterprise Architecture)

This is a technique in which the overall business operations and systems of an

organization are divided into four categories (or architectures), analyzed and
modeled, and then reviewed from the perspective of total optimization.
In EA, modeling is performed in the order of an as-is model (i.e., current model),
which lays out and analyzes the current situation, a to-be model (i.e., ideal model),
which forms the objective, and a realistic next generation model that compares the
current situation and the objectives.
BA (Business Architecture)
DA (Data Architecture)
AA (Application Architecture)
TA (Technology Architecture)
BA (Business Architecture)

This is a business architecture that shows standardization and streamlining

concerning the details of business operations, the implementing bodies, and the
workflow.
[Deliverables]
Business description,
DMM (Diamond Mandala Matrix),
DFD (Data Flow Diagram),
WFA (Work Flow Architecture),
UML (Unified Modeling Language), etc.
DA (Data Architecture)
This is a data architecture that shows the details of information (i.e., system data)
that is used in individual business operations and systems, and the associations
between information.
[Deliverables]
Data definition table,
information systemization summary chart (UML class diagram),
ERD (Entity Relationship Diagram), etc.
AA (Application Architecture)
This is an applied processing architecture that shows the form of the most
appropriate information system for a business process (e.g., centralized-type,
distributed-type, SOA).
[Deliverables]
Information system relationship diagram,
information system function configuration diagram, etc.
TA (Technology Architecture)
This is a technology architecture that is used in the construction of a system. It
shows the technological elements of the configuration, security infrastructure,
and so on.
[Deliverables]
Hardware configuration diagram,
software configuration diagram,
network configuration diagram, etc.
EA frameworks

-Zachman framework
-TOGAF (The Open Group Architecture Framework)
Zachman framework

-This is an EA framework that is proposed by John Zachman.

-It uses a 6×6 matrix with perspectives (i.e., stakeholder perspectives) on the
vertical axis and the subject (i.e., 5W1H) on the horizontal axis.
-It is used to gain an understanding of the overall structure of an organization.
TOGAF (The Open Group Architecture Framework)

This is a framework that includes EA’s best practices (i.e., efficient techniques,
methods, processes, and the best examples for the achievement of a goal).
(2) Total optimization planning
A total optimization plan is a medium- and long-term overall plan for
computerization that integrates the information systems and rules that are created
for each department of an organization such as a company on the basis of a total
optimization planning policy in order to improve efficiency and effectiveness.
“System Management Standards” contains the
following seven points:
(1)Create the overall optimization plan on the basis of policies and goals.
(2) Consider compliance in the overall optimization plan.
(3) Clarify policies and necessary resources in the entire optimization plan on IT
investments
(4) Clarify how to measure the return and risks of IT investments in the overall
optimization plan.
(5) Clarify rules for standardization and quality management policies for system
development and operations in the overall optimization plan.
(6) Clarify rules to specify the priority of each development plan in the overall
optimization plan.
(7) Consider the use of external resources in the overall optimization plan.
An example of a procedure for the creation of a
total optimization plan.
1)Understanding of business environment
Understand the external environment (e.g., economic circumstances/industry/new
technology trends, revisions to laws) and the internal environment (e.g., organizational
goals, business strategy, business objectives, management environment).
2) Creation of business model
Understand the business operations of the organization overall and the surveys of
information that is used, the relation between businesses operations, the relation between
business operations and information, and the relation between information, and then
make plans for the standardization and integration of business operations.
3) Creation of information systems framework
Make plans for integration of the individual systems that constitute the
information system of the overall organization through the creation of a database
model and data standardization.
4) Interview (information collection)
Obtain opinions from top management and the head of each department in
order to understand management policy, business objectives, problems and
computerization needs in each department.
5) Identification of development issues for information systems
Identify information systems development issues in terms of information
needs for management and business operations, and then clarify the necessity
for information system development.
6) Creation and documentation of medium- and long-term plan
Document the results of creation of the total optimization plan, as a
medium- and longterm plan.
Computerization Investment Planning

A computerization investment plan (or IT investment plan) is a plan that is

created according to the computerization investment policy that is defined in
the total optimization policy and specifies how investment (i.e., budget) is
made in order to construct an information system for the overall organization.
“System Management Standards” contains the following six points
that are related to computerization investments.
(1)Ensure that the IT investment plan is created in consideration of consistency with
corporate strategies.
(2) Compare multiple IT investment plan alternatives on the basis of impact,
effects, schedule and feasibility.
(3) Execute IT investment budgets properly.
(4) Establish the standard methodology for estimating the return on IT investments.
(5) Assess financial performance of the overall information system and individual
projects, and take necessary actions to solve any problems.
(6) Review whether IT investments have been properly executed or not.
(4) Establish the standard methodology for estimating the return on
IT investments.
ROI (Return On Investment)
PBP (PayBack Period)
NPV (Net Present Value)
IRR (Internal Rate of Return)
• ROI (Return On Investment)
This is an index that measures the profit that is created from invested capital.
Return on investment = profit ÷ invested amount
Eg;
Project cost = $1000
Project gains = $3000
ROI =?
Return on investment = profit ÷ invested amount
=2000 / 1000
=2
• PBP (PayBack Period)
This evaluates the investment effect by calculating the number of years in
which an invested amount can be recovered through the yearly increase in cash
inflow without taking into consideration the value of time.
PBP=initial investment / annual cash inflow
PBP = Year + (Opening balance/ cash inflow in next year )*12 months
Year Cash inflow Cumulative cash flow

0 (500,000) (500,000)

1 250,000 (250,000)

2 300,000 50,000

3 100,000 150,000
PBP = Year + (Opening balance/ cash inflow in next year )*12 months
=1+( 250,000 / 300,000) *12
=1 year and 10 months
• NPV (Net Present Value)
This calculates, for the entire period from acquisition to disposal, the increase or
decrease in cash inflow on the basis of an investment for each year with a discounted present
value.
NPV =TPV – initial investment
TPV =1st PV +2nd PV+ 3rd PV+…
PV= cash inflow * PVF
PVF =1 / (1+r)^t
Where,
PV =present value
PVF=present value factor
r = interest rate
t =number of year
Year Cash Flow PVF PV

0 (250,000) 1 (250,000)

1 110,000 0.909 99990

2 89,000 0.826 73514

3 81,000 0.751 60831

4 72,000 0.683 49176

TPV 283511
TPV = 1st PV +2nd PV+ 3rd PV+…
= 283511
NPV = TPV – initial investment
= 283511 – 250,000
= 33511
• IRR (Internal Rate of Return)
This calculates the rate of discount (i.e., internal income ratio) for which the
total present value of the annual cash income that is generated by an investment
becomes equal to the total present value for the cash expense that is required for
this investment, and evaluates the investment effect by using the magnitude of the
internal income ratio.
After the IT investment plan is created, IT investment management in which
management and evaluation are performed is implemented to ensure that effective
investment activities are continuously implemented.
The IT management power index measures the level of IT utilization in four stages.
Implementation of Information Systems Strategy
(1)Structure for computerization promotion
(2) Creation of a computerization plan
(3) Program management
(4) Framework
(5) Quality control
(6) Information systems strategy implementation management
(7) System utilization promotion and evaluation
(1) Structure for computerization promotion

-A structure for computerization promotion is an organizational and operational

structure for the implementation of an information systems strategy.
-establish an information computerization committee to promote the
implementation of the information systems strategy.
-the senior members of the committee are executives, and the members that
actually run the committee are formed from the leaders of each department that
are led by the CIO (Chief Information Officer).
The information computerization committee is granted the appropriate authority
and given the appropriate responsibility, and its mission is made clear. The
information computerization committee monitors activities concerning information
systems and revises/improves them, and then establishes appropriate information
infrastructure.
the committee decides an appropriate organizational form for organizations
including functional organizations, divisional organizations, matrix organizations,
and project organizations.
It also decides the responsible persons including the system owner, who is
responsible for an information system, and the data owner, who is responsible for
the data that the information system handles.
(2) Creation of a computerization plan
A computerization plan is the individual computerization plan for each information
system that is created according to the total computerization plan.
Information systems include :
-mission critical systems that form the core of corporate activities,
-systems that perform integrated management of an overall company or business
activities, and
-systems that contributes to unified operation between companies.
[Typical business management system]
• ERP (Enterprise Resource Planning) system
This is a system that manages resources on business in an integrated way.
• SCM (Supply Chain Management) system
This is a system that optimizes the entire supply chain.
• CRM (Customer Relationship Management) system
This is a system that manages customer information in a centralized and continuous
way.
• KMS (Knowledge Management System)
This is a system that accumulates, shares, and utilizes knowledge and
knowhow.
• SFA (Sales Force Automation) system
This is a system that supports sales activities.
(3) Program management

Program management refers to activities that flexibly adapt the execution

capabilities of an organization in response to changes in the external environment
When computerization is promoted according to an information systems strategy,
multiple information system implementation (or development) projects are
carried out at the same time.
Program management is a series of activities that optimizes the relationships and
integration between these projects to raise the overall value, and aims to fulfill
the overall purpose.
• PMO (Program Management Office)

This is a department that is dedicated to performing program management, or a

business operator that provides program management as a service.
(4) Framework

A framework is created in order to achieve a goal.

Typical frameworks include those described below.
• COBIT (Control OBjectives for Information and related Technology)
This is a collection of practical IT governance where the best practices
concerning information technology management are systematically compiled.
It defines the KGI (Key Goal Indicators) and KPI (Key Performance
Indicators) for the purpose of increasing IT process maturity level.
The “System Management Standards” was created with reference to COBIT.
• ITIL (Information Technology Infrastructure Library)
This is a manual that contains systematically compiled best practices for the
purpose of efficiently providing and managing IT services. It is a de facto standard
for IT service management.
• SLCP (Software Life Cycle Process)
This is a common frame that defines base activity items in order to optimize
software development and the related transactions.
In order to implement an information systems strategy, it is necessary to construct a
process framework and control framework in business operations.
A process framework is a standard framework for business processes, and
a control framework is a framework for internal control.
(5) Quality control

Quality control refers to organizations, structures, and a series of activities

(management processes) to ensure quality in an information system by using
quality control frameworks and such other things to ensure compliance with
standards concerning information systems and continuously monitoring the status
of conformity.
(6) Information systems strategy implementation
management

Information systems strategy implementation management refers to a series of

activities that monitors the implementation status of an information systems
strategy and ensures the implementation of the information systems strategy.
It involves the evaluation and verification of information system utilization when
an information systems strategy is implemented according to a medium- and long-
term plan, and the evaluation of the information systems strategy from perspectives
of changes in the environment that a company faces, IT technology trends, profit,
and so on.
[Evaluation points of information systems strategy]
• Monitoring indicators such as the KGI (Key Goal Indicators) and KPI (Key
Performance Indicators) that are obtained from a total optimization policy, and so
on
• Variance analysis for the difference between the budget proposed in the
computerization investment plan and the actual resulting values
• Response to risks, which are expected or unexpected
(7) System utilization promotion and evaluation

Even if information systems are implemented according to an information systems

strategy, they will contribute little to management unless they are used effectively.
- to evaluate, investigate, and improve the usage situation of the information
systems.
• Data utilization
This provides an understanding of the usefulness and importance of analyzing
the data that is accumulated in an information system and using it to make
operational improvements and resolve problems in responsible business operations.
• Popularization and awareness raising
This refers to activities that improve information literacy, such as education for
the utilization of information systems. Included are ensuring understanding of
system user manuals and business operations manuals, and human resource
development plan such as e-Learning and seminars. In addition to use these
activities for system utilization promotion, they can also reduce the digital divide.
• Evaluation and verification of information system utilization
This evaluates the usage status of information systems through log analysis. The
purpose of this is to clarify the direction of improvements and such other things
through evaluation, but if the end of the system life cycle is judged to be reached, the
information system is disposed of after data is erased according to the information
security policy.
Business Process and Solution Business
-A business process is the flow of each business operation in a company.
-Prior to the creation of an information systems strategy, the business operations
environment and business processes are investigated and analyzed, and
-the existing organizational structure and business processes are reviewed.
-In addition, the optimization of business operations and system is considered along
with the effective use of a system.
- At the same time, consideration is given to the use of a solution business, which
provides a mechanism for problem resolution.
1) Business Process
2) Solution Businessss Improvement
Business process improvement
-Business process improvement refers to the improvement in efficiency of a
business process.
-Among business process improvements, the analysis of current business
operations and the identification and resolution of problems are referred to as
business improvement.
BPR (Business Process Reengineering) or
reengineering
-refers to performing a drastic review of the current business process, and
reconstructing by improving the flow of business operations and the details of
individual business operations.
-BPR also has the potential to lead to the discovery of new business models
BPM (Business Process Management)

-is performed by using the PDCA cycle

(1)Analysis of current business operations
The current business operations are analyzed (analysis of business operations) and modeled.
(2) Problem discovery and business operations improvement [Act]
The modeled current business operations are reviewed and improved (business
improvement).
(3) Design of new business operations model [Plan]
On the basis of the improved business operations, a new business operations model is
designed (business operations design).
(4) Implementation of new business operations model [Do]
The new business operations model is implemented.
(5) Monitoring and evaluation [Check]
The new business operations model is monitored and evaluated.
-The platform for implementing BPM is called a BPMS (Business Process
Management System).
-A BPMS optimizes business processes by performing the design, implementation,
and management of business processes.
The methods for improvement of business processes

BPO (Business Process Outsourcing)

This is a form of business in which the internal business processes
themselves are outsourced to an external vendor along with information system
operations management. Offshore outsourcing is also used to subcontract business
processes to overseas companies where the cost of living and labor costs are low.

Workflow system
This is a system that automates routine processes. It includes systems that
follow a determined procedure to transmit digital application forms and
notifications, and approve them.
Solution Business

Solution business refers to a service that provides a mechanism (i.e., solution) to

resolve business problems.
There are many different solution businesses, such as security solutions that provide
mechanisms for information security measures, and CRM solutions that provide
mechanisms for customer management.
A company that conducts this kind of solution business is called a SP (Solution
Provider).
A solution business that collectively undertakes everything from the planning and
design of an information system that meets business requirements to information
system operations and management is called system integration.
A vendor that considers support and improvement for problem resolution in
business processes along with the customer, and makes proposals for a business
system that fits the customer’s business strategy and information systems strategy is
called a system integrator.
(1) Cloud computing
(2) SOA (Service Oriented Architecture)
(3) ASP (Application Service Provider)
(4) Hosting service/housing service
(5) Outsourcing service
(1) Cloud computing
Cloud computing is a type of computer usage that is based on the Internet (like
“cloud”). If a user has the minimum necessary environment, it is possible to use a
service with high scalability (i.e., expandability) and availability over the Internet
just by paying a service fee.
• SaaS (Software as a Service)
This is a type of service that provides software components (i.e., information
system functions) via the Internet. It is possible to use only the necessary functions
of software when they are necessary.
• PaaS (Platform as a Service)
This is a type of service that provides a platform for application execution via the
Internet. The provider provides a virtualized application server on which users deploy and
operate their own application.
• IaaS (Infrastructure as a Service)
This is a type of service that provides infrastructure via the Internet. The provider does
not provide software. It provides only a virtualized server on which the user installs the
necessary OS, and so on.
• DaaS (Desktop as a Service)
This is a type of service that provides a desktop environment for a terminal via the
Internet. There is no OS or application on the client (i.e., thin client), and a virtualized
desktop environment on cloud infrastructure is used over the Internet.
(2) SOA (Service Oriented Architecture)

SOA (Service Oriented Architecture) is a method in which the functions (i.e.,

software components) that are constructed and organized according to the service
elements of a business process are made publicly available on a network and are
linked together to construct an information system with superior expandability and
adaptability.
SOA is an “information system construction method” that constitutes information
systems by combining software that has functions for a specific business process,
and it can also be called a “business system construction method” that constitutes a
business process by combining processing that is performed in the business process.
(3) ASP (Application Service Provider)

ASP is a service or a form of provision that provides application software over a

network. ASP is a single tenant method that provides servers and databases for each
user company. However, the difference between the single tenant method of ASP
and the multitenant method of SaaS is not strictly differentiated in many cases.
In ASP, the user company does not own the software that is used in business
operations, so there is no need for initial investment in business software. Therefore,
software is treated as a variable cost, and there are no costs for version upgrades or
maintenance. Furthermore, it is simple to terminate use of the software and to
change providers, so this means it can flexibly deal with changes in the
environment.
(4) Hosting service/housing service
This is a service that is provided by a communications vendor such as an ISP.
A hosting service is a service in which a user (e.g., corporate or individual) rents a
server that is owned by a communications vendor, and a housing service is a form
of service where the network devices and servers that a user owns are installed for
use in the communication facilities of a communications vendor. (An installation
space is “rented.”) In a housing service, operation of the communication facilities is
performed by the vendor, but operation of the system is performed by the user.
(5) Outsourcing service

An outsourcing service is a service in which an external vendor undertakes some

business processes. A housing service can be called an outsourcing service that is
provided by a service provider (i.e., communications vendor) to which the
operation of communication devices is outsourced.