Andreas Gadatsch

Andreas Gadatsch
IT
Controlling
From IT cost and activity allocation
to smart controlling
IT Controlling
Andreas Gadatsch
IT Controlling
From IT cost and activity allocation
to smart controlling
Andreas Gadatsch
Hochschule Bonn-Rhein-Sieg
Sankt Augustin, Germany
ISBN 978-3-658-39269-7 ISBN 978-3-658-39270-3 (eBook)

https://doi.org/10.1007/978-3-658-39270-3
© The Editor(s) (if applicable) and The Author(s), under exclusive licence to Springer Fachmedien Wiesbaden
GmbH, part of Springer Nature 2023
This book is a translation of the original German edition „IT-Controlling“ by Gadatsch, Andreas, published by
Springer Fachmedien Wiesbaden GmbH in 2021. The translation was done with the help of artificial intelligence
(machine translation by the service DeepL.com). A subsequent human revision was done primarily in terms of
content, so that the book will read stylistically differently from a conventional translation. Springer Nature works
continuously to further the development of tools for the production of books and on the related technologies to
support the authors.
This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether the
whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations,
recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or informa-
tion storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now
known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does
not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective
laws and regulations and therefore free for general use.
The publisher, the authors, and the editors are safe to assume that the advice and information in this book are
believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give
a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that
may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and
institutional affiliations.
This Springer Vieweg imprint is published by the registered company Springer Fachmedien Wiesbaden GmbH,
part of Springer Nature.
The registered company address is: Abraham-Lincoln-Str. 46, 65189 Wiesbaden, Germany
Foreword
IT controlling is established as an instrument for the business management of information

and communication technology. The job description has only changed moderately in terms
of goals, tasks, and methods for a long time. In practice, it was mainly associated with IT
budgeting, IT portfolio management, IT cost planning, accounting, and controlling.
However, due to the dynamics of digitalization, there has been some movement in goals,
content, and methods in recent times.
New topics such as digital strategy management, cloud controlling, data science, and
others are under discussion. The task profile is changing away from pure IT cost analysis
to the management of the digitization strategy with a focus on strategic IT portfolio man-
agement. Some voices are already talking about “smart controlling” or “digital
controlling.”
The book presents an IT controsslling concept for the digital age and explains the com-
mon methods in a practical way.
English translations and diagrams under the guidance of Jan Fionn Willmann.
Hochschule Bonn-Rhein-Sieg Andreas Gadatsch

Sankt Augustin, Germany
v
Preface to the Second Edition
IT controlling is an interdisciplinary subfield of business informatics. It has had a firm

place in standard curricula for a long time. Since the publication of the first edition, the
environment has changed drastically. Today, digitization has become not a question of “if”
but of “how” and “with what.” Current topics such as agile software development, data
science, and cloud computing are established in practice and must be taken up by IT
controlling.
Whereas the original focus was on the recording, allocation, and analysis of IT costs,
portfolio management is now becoming increasingly important as part of a digital strategy.
Digital business models and IT are growing together. Even if many employees in IT con-
trolling still spend a lot of time planning and monitoring IT budgets, the changes in the job
description are becoming certain.
The book has therefore been fundamentally revised. It is intended to provide students
at universities and employees in practice with a guideline for a modern IT controlling
concept. The graphics for the book can be requested free of charge in electronic form from
the author at andreas.gadatsch@h-brs.de and can be used for teaching purposes or in
practice, provided the source is acknowledged.
My sincere thanks go to my graduate student Benedikt Haag, BSc, who provided valu-
able assistance in revising the manuscript and the figures. All errors in the manuscript are
my responsibility.
St. Augustin, Germany Andreas Gadatsch

July 2021
vii
Contents
1
Digitization: Changing Framework Conditions in Work and Society 1
1.1 Clarification of Terms�� 1
1.2 Effects of Digitalisation �� 2
1.2.1 Paradigm Shift and Change in Work�� 2
1.2.2 Digital Business Model Changes�� 4
1.3 Impact on Occupational Profiles�� 5
1.3.1 General Changes�� 5
1.3.2 Design of the Work �� 5
1.3.3 From IT Management to Chief Information and Digital
Officer (CIDO)�� 6
1.3.4 Classical Versus Agile Information Management�� 8
1.4 Summary�� 9
References�� 9
2 Controlling Concept: General Conditions, Basics and Central Terms 11
IT
2.1 Mission Statement IT Controlling �� 11
2.2 Quick Test IT Controlling: Self-Assessment �� 12
2.3 IT Controlling�� 14
2.3.1 Clarification of Terms �� 14
2.3.2 Tasks �� 16
2.3.3 Methods and Tools�� 19
2.3.4 Organisational Concepts �� 21
2.3.5 Reasons for IT Controlling �� 24
2.3.6 Smart IT Controlling�� 25
2.4 Summary�� 28
References�� 28
3
From IT Strategy to Digital Strategy: From Classic IT Strategy to
Digital Strategy 31
3.1 Classical Notion of IT Strategy�� 31
3.2 Contents of IT Strategies �� 32
ix
x Contents
3.2.1 IT Strategy Characteristics�� 34

3.2.2 Empirical Content of IT Strategies �� 34
3.3 From IT Strategy to Digital Strategy �� 35
3.3.1 Digital Business Strategy�� 35
3.3.2 IT Strategy Patterns�� 36
3.4 IT Architecture Planning�� 37
3.5 Case Study on the Development of a Digital Strategy�� 40
3.5.1 IT Strategy/Digital Strategy�� 40
3.5.2 IT Architecture Planning�� 41
3.5.3 IT Organization�� 41
3.5.4 Data Center �� 41
3.5.5 Cooperation with External Service Providers�� 42
3.5.6 Task�� 42
References�� 43
4
Control of the IT Strategy with the Balanced Scorecard: Implementing
and Managing IT Strategies and Digital Strategies 45
4.1 Basics of the Balanced Scorecard�� 45
4.1.1 Historical Development�� 45
4.1.2 Methodology�� 46
4.1.3 Traditional Performance Measurement Systems Versus
Balanced Scorecard�� 46
4.2 Adaptation for IT Controlling�� 47
4.2.1 Implementation Concept�� 48
4.2.2 Practical Example of a Research Institution�� 49
4.2.3 Cascaded Overall System �� 49
4.2.4 Key Questions of an IT Balanced Scorecard�� 51
4.2.5 Financial Perspective�� 52
4.2.6 Process Perspective�� 52
4.2.7 Staff Perspective �� 52
4.2.8 Customer Perspective�� 53
4.2.9 Use in Practice�� 53
4.2.10 Practical Example Daimler-Benz�� 53
4.3 Evaluation of the Methodology�� 54
4.4 Exercise on the IT Balanced Scorecard �� 55
4.4.1 Task�� 55
References�� 56
5 Portfolio Management: Manage IT Project Selection 57
IT
5.1 IT Portfolio Management as Part of IT Governance�� 57
5.1.1 IT Architecture and IT Portfolio Management �� 58
Contents xi
5.1.2 IT Governance and IT Portfolio Management�� 59

5.2 Concept of IT Portfolio Analysis �� 59
5.2.1 Target Projects�� 60
5.2.2 Must-Do Projects�� 60
5.2.3 Standard IT Projects �� 60
5.2.4 Life Cycle Model�� 61
5.2.5 Selected Research Approaches �� 63
5.3 Critical Success Factors and Introduction�� 64
5.4 Case Study on the Prioritisation of Digitisation Projects�� 65
5.5 Evaluation of IT Security Projects �� 66
5.5.1 Problem�� 66
5.5.2 Project Types for IT Security Projects�� 67
5.5.3 Insurer Project (Insurer)�� 67
5.5.4 Enabler Project (Enabler) �� 68
5.5.5 Optimizer Project (Optimizer)�� 68
5.5.6 Solution Concept RoSI �� 69
5.6 Case Study on Project Selection�� 70
5.6.1 Scenario�� 70
5.6.2 Project List�� 71
5.6.3 Task�� 72
5.6.4 Proposed Solution�� 72
References�� 73
6 Investment Calculation and Total Cost of Ownership Analysis: IT
IT
Standards as a Tool for IT Controlling 75
6.1 Business Methods of Investment Appraisal �� 75
6.1.1 Overview of Methods �� 75
6.1.2 Static Procedures�� 77
6.1.3 Net Present Value Method�� 79
6.1.4 Utility Analysis �� 79
6.1.5 Real Options Valuation �� 81
6.2 Special Methods of IT Investment Accounting�� 84
6.2.1 Total Cost of Ownership (TCO) �� 84
6.2.2 Total Economic Impact (TEI) �� 84
6.2.3 Rapid Economic Justification (REJ)�� 84
6.2.4 Total Value of Opportunity (TVO)�� 85
6.2.5 Business Value Index (BVI)�� 85
6.2.6 Economic Efficiency Analysis (WiBe) �� 85
6.2.7 Cranfield’s Benefits Management (CBM)�� 85
6.2.8 Val-IT Framework�� 85
6.3 Total Cost of Ownership (TCO)�� 86
xii Contents
6.3.1 Concept of the TCO Approach �� 86

6.3.2 Evaluation of the TCO Approach �� 88
6.3.3 Case Studies on TCO Analysis �� 89
References�� 92
7 Standards: IT Standards as a Tool for IT Controlling 95
IT
7.1 IT Governance�� 95
7.2 IT Standards as an Approach to TCO Reduction�� 96
7.2.1 QUERTY: The Oldest IT Standard in the World�� 96
7.2.2 Net Effect Goods�� 97
7.2.3 Standardization Fields�� 97
7.2.4 Introduction and Enforcement�� 99
References�� 101
8
Project Controlling with Earned Value Analysis: Plan, Monitor and
Control Projects 103
8.1 Project Controlling�� 103
8.1.1 Pre-study �� 104
8.1.2 Project Application �� 104
8.1.3 Project Start�� 104
8.1.4 Actual Recording�� 106
8.1.5 Target Concept�� 106
8.1.6 Implementation �� 106
8.1.7 Project Completion �� 106
8.1.8 Project Calculations�� 107
8.2 Structure of the Earned Value Analysis�� 107
8.2.1 Project Management �� 107
8.2.2 Basic Data�� 108
8.2.3 Key Figures�� 108
8.2.4 Prerequisites for Use�� 109
8.2.5 Use in Practice�� 109
8.2.6 Measurement of the Percentage of Completion�� 110
8.3 Application Examples�� 111
8.3.1 Developing a Website �� 111
8.3.2 App for Software Developers �� 112
8.4 Reporting�� 114
8.5.1 Baseline Data�� 114
8.5.2 Key Figures�� 114
Contents xiii
9 Cost and Activity Accounting (IT-KLR): Numbers for Rational

IT
Decisions117
9.1 Necessity and Objectives of IT Cost and Activity Allocation�� 117
9.1.1 Rising IT Costs �� 117
9.1.2 IT Cost Allocation Required�� 117
9.1.3 Goals of IT Cost and Activity Allocation �� 118
9.1.4 Three-Level Settlement�� 118
9.2 Methods of Charging IT Costs and Services �� 119
9.3 IT Cost Element Accounting�� 122
9.4 IT Cost Centre Accounting�� 124
9.4.1 Example of an IT Operations Accounting Sheet�� 125
9.5 IT Cost Unit Accounting�� 125
9.5.1 Product Costing�� 126
9.5.2 Contribution Margin Accounting/Direct Costing �� 127
9.6 Case Studies �� 128
9.6.1 Case Study Break Even Analysis “Cloud Versus
On-Premise” �� 128
9.6.2 Case Study Benchmarking “IT Consolidation”�� 129
9.6.3 IT Cost and Performance Accounting Case Study �� 131
9.6.4 IT Cost Management Case Study �� 132
10 Sourcing Controlling: Outsourcing of IT Services
IT 139
10.1 Clarification of Terms�� 139
10.1.1 External Service Provision�� 140
10.1.2 Internal Service Provision�� 140
10.1.3 Scope of Outsourcing �� 141
10.1.4 Number of External Partners�� 141
10.1.5 Distance to the Client�� 141
10.1.6 Depth of Cooperation �� 141
10.1.7 Modernization�� 141
10.1.8 Degree of Outsourcing�� 142
10.1.9 Cloud Computing as the Focus of the Outsourcing Concept�� 142
10.2 IT Contract Management �� 144
10.3 IT Asset and Software License Management�� 144
10.4 Benchmarking and SLA Analyses �� 145
10.4.1 Expediency�� 146
10.4.2 Contents�� 147
10.4.3 Introduction of SLA�� 148
10.5 Summary�� 148
xiv Contents
11 Key Figure Based Reporting: IT Key Figures: Basis for Reporting

IT 151
11.1 Key Figures in IT Controlling�� 151
11.2 Informative Value of IT Key Figures �� 154
11.2.1 Significance of the IT Key Figure “IT Costs/Revenue” �� 154
11.2.2 Check Criteria for Key Figures�� 155
11.2.3 Key Figure Profile�� 156
11.2.4 Benefits of IT Key Figures�� 156
11.3 IT Key Performance Indicator Systems �� 157
11.3.1 Concept Key Figure System �� 157
11.3.2 Requirements for Performance Measurement Systems�� 157
11.3.3 Swiss System of Key Data (SVD)�� 158
11.3.4 VIPS Indicator System �� 158
11.4 Important Key Figures for Practice�� 159
11.5 Summary�� 159
12
Exercises: Examination Exercises for Training 163
12.1 Task 1 Job Description IT Controlling�� 163
12.1.1 Task�� 163
12.1.2 Possible Solution�� 163
12.2 Task 2 IT Standards�� 164
12.2.1 Task�� 164
12.3 Task 3 Project Selection�� 164
12.3.1 Task�� 164
12.4 Task 4 Earned Value Analysis�� 165
12.4.1 The Project Takes the Following Course�� 165
12.4.2 Differences�� 167
12.5 Task 5 Organization of IT Controlling�� 167
12.5.1 Task�� 167
12.6 Task 6 Methods of IT Cost and Activity Allocation�� 168
12.6.1 Task�� 168
12.6.3 Discussion of the Methods�� 168
12.6.4 Decision�� 169
12.7 Task 7 Determination of Net Present Value �� 169
12.7.1 Task�� 169
12.7.2 Possible Solution (Table 12.1)�� 170
12.8 Task 8 Determining the Value in Use�� 170
12.8.1 Task�� 170
Contents xv
12.8.2 Possible Solution (Table 12.2)�� 170

12.9 Task 9 Service Level Agreements�� 171
12.9.1 Task�� 171
12.10 Task 10 TCO Analysis �� 171
12.10.1 Task�� 171
12.11 Task 11 Analyze Data Center�� 172
12.11.1 Task�� 172
12.12 Task 12 IT Key Figures�� 174
12.12.1 Task�� 174
12.12.3 Assessment of the Key Figure “Training Costs/IT Staff”�� 174
12.12.4 Assessment of the Key Figure “Processed Fault
Reports/Total Fault Reports�� 175
Digitization: Changing Framework
Conditions in Work and Society 1
Abstract
In this article, the environment of digitalisation is considered in the context of IT con-

trolling, as it has a major impact on the job description for future IT controllers. The
changes in society that are already noticeable have an impact on companies, processes
and the activities of IT managers and IT controllers. The job descriptions in IT manage-
ment (IT management, CIO, CPO, CDO) that work closely together with IT controlling
are presented here and delineated in terms of their profiles. Finally, differences between
classical and agile information management are discussed.
1.1 Clarification of Terms
To explain the central feature of digitalization one can either resort to an old proverb by
Confucius “If you intend to renew yourself, do it every day” (quoted from Moestl 2008,
p. 10) or show a few photos of supposedly real people taken from the website “thisperson-
doesnotexist.com/”. The website creates photos of people who do not exist but still look
real. The basis for this are two algorithms, which are responsible for the image generation
and optimization. The first algorithm (generator) mixes photos of real people and creates
a new photo from them. The second algorithm (validator) checks whether the image is real
or fake. If it detects a fake, the image goes back to the first algorithm. This then delivers an
improved version, and so on.
Digitization is omnipresent and encompasses all areas of society. The boundaries
between the real world and the digital world can no longer be separated, just as the front
and back of a coin only give a different perspective on the same object (coin) (cf. Costello
2010, p. 42). The technology consulting firm Gartner pointed out relatively early on the
© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden 1

A. Gadatsch, IT Controlling, https://doi.org/10.1007/978-3-658-39270-3_1
2 1 Digitization: Changing Framework Conditions in Work and Society
IT IT IT becomes a IT IT
supports optimizes part of the directs amalgamates
with the
functions processes business the business business
• Automation of individual • Improvement of internal • Industry-wide process • Mobilisation and

functions through rule business processes through automation(E-Business) decentralization of processes • Development and establishment
integrated systems with • Mixing of work / spare time of disruptive digital platform
based batch processing • More flexible provision
online processing • Establishment of new based business models
business models concepts for large volumesof
data.
• Social Web, BYOD

• Business Reengineering / GPO • Smartphone, Tablet, • KI + ML ("Hyperautomation")
• Accounting • Sales and logistics • Electronic Marketplaces
Smartwatch • Data Science, Data Literacy
• Inventory control management • Electronic Procurement
• Ubiquitous Computing • RPA, Process Mining
• Bill explosion • Telecommunications
through ERP systems • Big Data & BI • Blockchain, Autonomous
• Net salary determination • Supply-Chain-Management
• SaaS / Cloud Computing Things
• Distributed Cloud
1970 1980 1990 2000 2010 2020 2030

IT reduces costs IT grows advantages IT is foundaon for business benefits IT is pivotal factor for business benefits
(Streamlining) IT reduces costs (Enabling) (Determinating)
(Optimizing)
Electronic data processing Information-Management (IM) Digitization
IT cost allocation / IT cost offsetting IT-Controlling Smart-IT-Controlling
Fig. 1.1 From IT cost allocation to smart IT controlling
changes in the information economy and the transformation from “IT craft” to the “indus-
trialization of IT” to “digitization” (cf. Gartner 2014, p. 2).
Figure 1.1 shows an overview of the development of information technology over sev-
eral decades with its effects on IT management and IT controlling. In the 1970s and 1980s,
IT only supported individual functions or processes. It was referred to as “electronic data
processing (EDP)”, which was seen only as a cost-cutting and optimization tool. If at all,
the aim was to record and allocate the “EDP costs”.
It was not until the 1990s, when information technology became more a part of the
business, that new ideas entered the companies with information management. Since then,
people have also been talking about IT controlling. At the latest since 2020 and the emerg-
ing disruptive business models, IT is merging with the business and is thus essential for
business benefit. The first publications are already talking about “smart IT controlling” as
a successor term for IT controlling (see Gadatsch et al. 2017).
1.2 Effects of Digitalisation
1.2.1 Paradigm Shift and Change in Work
1.2.1.1 From Automation to Digitalization

The world is in the midst of a dynamic adaptation process that is affecting all areas of
society and all industries. Dieter Spath, as President of the Academy of Science and
Engineering (acatech), assumes that a paradigm shift will take place from pure IT-based
automation (profit orientation, hierarchy, control, planning and discretion) to comprehen-
sive digitization (sense-making, networks, collaboration, experimentation and
1.2 Effects of Digitalisation 3
Qualification
deficit
Necessary
quaIification
Frequency
issues
Socket of the shortage of

adjustment losers skilled
Qualification Qualification
gap
Qualification offer
Skills demand
Fig. 1.2 Effect of digitalisation on human work. (Kornwachs 2018)
transparency) (cf. Spath 2018). The Corona pandemic has further accelerated these pro-
cesses drastically and irreversibly at the beginning of 2020.
1.2.1.2 Digitalization and Human Work

The qualification requirements of employees are rising sharply with increasing digitalisa-
tion, which is exacerbating the shortage of skilled workers and causing a large gap in the
qualifications of existing employees (cf. Fig. 1.2).
Initial analyses show that the “digital” changes are already in full swing and, depending
on the industry, are coming at us faster and faster. “Professional services” such as control-
ling or IT service management are particularly affected. Provocative theses such as “Will
the digital transformation make controllers superfluous?” are appearing more and more
frequently in renowned trade journals (cf. Schäfer and Weber 2016).
1.2.1.3 Digitalization and Entrepreneurial Success

A high degree of digitization is also significant from a return of investment perspective. A
study by RWFH Cologne and Mindset GmbH show that a high degree of digitization
increases the business success (measured in terms of revenue) of the small and medium-
sized enterprises surveyed. The average revenue and profit growth of digital leaders is
significantly higher than that of all other survey participants, at 12.8% and 19.8%, respec-
tively (cf. Buehler and Steimel 2018).
1.2.1.4 Digitalization and Vertical Integration

This goes hand in hand with another trend: large technology providers use significantly
less self-developed software today than they did 20 years ago. In 1999, SAP’s own share
of the program code for its software was still over 95%; in 2019, the tide has turned
completely, with the share at less than 5% (cf. Eckert 2020). Digitalization has thus drasti-
cally changed the value chain and vertical integration in the IT industry.
1.2.2 Digital Business Model Changes
New digital business models are becoming increasingly visible in the economy, which will
sooner or later have an impact on the public sector. The effort required for the new busi-
ness models is manageable, but the impact is very large. The characteristics of disruptive
business models are:
• Digital: Products and services are based on software,

• Networking as a central element connects different actors and processes,
• Products and services can be personalized (the user receives individual products),
• Models are radically transformative, displacing top dogs.
Digital business model changes lead to completely new industries and company offerings
through “rethinking”. Well-known examples are Airbnb or Car2Go. In some cases, prod-
ucts and services are being replaced by digitalised solutions with higher customer value,
such as the replacement of traditional TV or cinema offerings by Netflix, Amazon and
others (cf. Westerman et al. 2014). Less known, for example, are concepts such as “Nano
Degree”, in which independent certifiers bundle the emerging Massive Open Online
Courses (Mooc) from various providers (e.g. Hasso Plattner Institute, Udacity, Udemy)
into a highly individual academic degree in the future.
The company Google has already implemented this trend in its own model. It offers
university degrees that are supposed to be university-equivalent: Short certificate courses
in purely digital form and very inexpensive (cf. Seele 2020).
Digitization has given rise to a trend towards the subscription economy, which can be
seen across many industries. Behind this is a payment model that is not new, but different
for traditional industries: renting instead of buying. Rolls Royce “has been charging for
the hours flown on their engines for some years now, but not for the systems themselves”.
Heidelberger Druckmaschinen writes: “instead of earning money from the delivery of the
machines as before, the aim is to achieve agreed productivity and growth targets. In con-
crete terms, this means that payment is not made for the printing press itself, but for the
number of products manufactured” (cf. Segerer 2019).
The characteristics of new business models can be summarized as follows:
• Products or services are based on software (digital models)

• Networking as a central element (providers link different actors and processes),
• Products/services are often personalizable (user receives individual products),
• Business models are radically changing, displacing top dogs (disruptive models),
• Use of new payment behaviors (subscription economy).
1.3 Impact on Occupational Profiles 5
At the same time, the speed at which innovations are made available on the market is
increasing. The car industry needed 62 years to reach the number of 50 million motorists,
the computer industry needed 14 years to do so, the internet industry needed only 7 years,
the Chinese chat service WeChat managed to penetrate the market in 1 year, and the video
game “Pokémon Go” did it in 19 days (cf. Rütti 2018).
1.3 Impact on Occupational Profiles
1.3.1 General Changes
Digitization has high growth potential if management is willing to invest in new business
models and processes (Gadatsch 2016, p. 63). The digitization of processes continues to
increase and reaches application examples that were previously unthinkable. Werth et al.
(2016) describe a digitized consulting process that encompasses the entire consulting pro-
cess from problem identification, analysis, problem solving and its implementation. Below
are some examples from various controlling disciplines that show changes in the processes
(taken and modified from Gadatsch 2016, p. 65).
• Production controlling: The analysis of machine parts during operation enables the
creation of dynamic preventive maintenance plans.
• Production controlling: In this sector, numerous solutions have already been imple-
mented in practice, which are assigned to predictive maintenance.
• IT controlling: Predicting operational failures and disruptions or accumulations of user
requests can help improve the stability of information systems and, as a result, simplify
IT staff planning.
• Financial controlling: A classic application is fraud detection in payment transactions,
preferably in real time. The algorithms developed by finance and credit card companies
can also be applied to internal payment flows.
• Personnel controlling: The shortage of well-trained specialists can be alleviated by the
early detection of employees who are willing to leave the company, if timely counter-
measures can be taken.
1.3.2 Design of the Work
There are companies that do not know their age structure (Ihne 2013, p. 18). Such behav-
iour is likely to be detrimental to competition in the future, because companies will have
to organise target group-oriented further training measures in order to be able to counter
the rising average age of the workforce caused by fewer young recruits.
The reactions to digitally triggered changes in the world of work are not always like
those of Hal Varian, Google’s Chief Economist on Statistics and data: “I keep saying the
sexy job in the next ten years will be statisticians. People think I’m joking, but who
would’ve guessed that computer engineers would’ve been the sexy job of the 1990s?”
(Deutsche Bank Research 2014).
On the other hand, the “digital burnout” threatens an entire society who, as smartphone
zombies, are becoming increasingly dependent on their end devices and, for example, in
the particularly active age group 17–25 years, spend about 3 h a day with the smartphone
(Markowetz 2015, p. 13) and mechanisms like those of gambling addicts become visible
(Markowetz 2015, p. 35).
1.3.2.1 Digital Leadership Competence

From an economic point of view, digitalisation has an impact on the dispositive factor
(leadership) and the labour factor (employees). Managers must learn to develop digital
leadership skills in order to take advantage of the benefits of digitalization (speed, new
business potential, etc.). The key competencies of communication and cooperation skills,
teamwork skills and decision-making skills of managers are subject to particular pressure
to change (cf. Ciesielski and Schutz 2016, p. 121). This includes increased demands on
media skills (dealing with modern media in the context of leadership work) and more
intensive intercultural skills. Through the use of digital media, the foreign country moves
into the office, as an interlocutor of a video conference from, for example, Sydney appears
on the screen in Berlin (cf. Ciesielski and Schutz 2016, p. 122).
1.3.3 From IT Management to Chief Information and Digital

Officer (CIDO)
In IT management and its environment, many job titles are common for the upper manage-
ment level and can still be found in companies today, although some of them date back to
early eras. The following job titles are frequently used: EDP manager, IT manager, CIO
(Chief Information Officer) or head of information management, CPO (Chief Process
Officer), CIPO (Chief Information & Process Officer) and, in recent years, CDO (Chief
Digital Officer).
1.3.3.1 EDP Manager/IT Manager/IT Head of Department

The term “EDP manager” or “EDP manager” (EDP stands for “electronic data process-
ing”) is a term from the early days of information processing (approx. 1960–1970), in
which information technology (IT) only supported individual functions (e.g. warehousing,
accounting). The term is still occasionally used today in smaller medium-sized companies.
The terms “IT manager” or “IT director” became popular as a term with the advent of large
self-operated data centers in the early 1980s, emphasizing technology expertise more
strongly. The terms are still popularly used by companies today, and a look at current job
advertisements will confirm the impression.
1.3 Impact on Occupational Profiles 7
1.3.3.2 CIO
The CIO (Chief Information Officer) came to Germany from the USA in the 1990s, prefer-
ably in large companies (cf. Heinzl 2001). The CIO is the “business- and result-oriented,
chiefly responsible personality in (top) management for the strategic IT matters of an
organization.” (cf. Baumeister 2010, p. 159). Compared to the “classic” IT manager, the
CIO is more business-oriented, thinks and acts in processes that he optimizes with the help
of information technology.
1.3.3.3 CPO
The role of the CPO (Chief Process Officer) came into companies in the 1990s, which
wanted to give greater emphasis to process orientation. His tasks are mainly process docu-
mentation, process analysis, process optimization, process monitoring and process organi-
zation (cf. Gadatsch 2020, p. 55). Since many processes are IT-supported, there is a lot of
overlap with the tasks of the CIO, so that the positions are often combined.
1.3.3.4 CIPO
The naming of the merged task profiles for the CIO and CPO is inconsistent. Lufthansa
uses a dual designation “CIO/CPO,” as the following excerpt from an article shows: “Josef
Bogdanski (61) has been the Lufthansa Group’s new CIO and Chief Process Officer (CPO)
since May 2015. He is thus responsible for the aviation group’s global IT and process
management. His most important task is to drive forward the further integration of the
airline and service companies” (see Klostermeier 2015). The abbreviation “CIPO” (Chief
Information and Process Officer) would be suitable, but it has not become established in
practice.
1.3.3.5 CDO
A few years ago, the market research company Gartner initiated a discussion of the two
speeds in the IT organization of companies. According to this, customer requirements
have an increasingly higher “clock speed” than internal IT can realize. A separation of IT
into Slow IT (classic IT) and Fast IT (customer-oriented and communicative processes)
should take this into account. The CIO (Chief Information Officer) is responsible for the
“bread and butter business”, i.e. the highly standardized IT processes for human resources,
finance, etc. The newly created position of CDO (Chief Information Officer) is responsible
for the “fast IT”. The newly created position of CDO (Chief Digital Officer) is responsible
for processes with rapidly changing requirements, especially in areas such as customer
management, communication, social media (cf. Gartner 2015).
If we compare the role of the CDO with that of the CIO, the CDO also has the task of
designing digital business models. Inge Hanschke, the CIO of an IT consulting firm, sees
the CDO’s job profile as follows: “A Chief Digital Officer (CDO) is responsible for devel-
oping the digital strategy and new digital business models. He also drives the digital trans-
formation at all levels” (cf. Hanschke 2018, p. 141). The CDO is more of a TOP-level
change manager, the CDO develops disruptive business models. The CIO is the guarantor
of stable IT systems (cf. Walchshofer and Riedel 2017).
In the literature, the previously discussed job descriptions are interpreted differently.
However, the consensus is that today managers are needed who understand the business
purpose of the company and are able to use the added value of IT in a targeted manner (cf.
Johanning 2019, p. 18).
1.3.4 Classical Versus Agile Information Management
Another trend in the context of digitalization is the increasing use of agile methods. In
practice, many projects fail even though the classic project management methods that have
been propagated for decades are used. The core problem of classic methods is that at the
beginning of the projects there is a lot of ambiguity about the goal, approach and future
requirements. The plans created are therefore inevitably wrong and are quickly overtaken
by reality in the course of the project. The solution approach of agile methods is based on
the following basic logic: If the classic methods do not work, then they should not be used.
Instead, it relies on giving a mixed team with experienced members the necessary freedom
to solve the problem. Transparency, freedom, daily or timely team coordination and decen-
tralized responsibility replace detailed central planning. The differences between agile and
classic methods are shown in Table 1.1 (cf. Sieber 2016).
Over the last few years, numerous agile methods have been developed, of which
SCRUM is probably the best known. SCRUM can be traced back to Ken Schwaber and
Jeff Sutherland, who first presented it in 1995 (cf. Schwaber and Sutherland 2016). Scrum
is a framework for developing and sustaining complex products. It supports people to be
able to tackle complex adaptive tasks and through which they are enabled to productively
and creatively deliver products with the highest possible value (cf. Schwaber and
Sutherland 2016). In addition, “DevOps” (combining software development and software
operation), “Kanban” (adaptation of an approach from the manufacturing industry for
Table 1.1 Classical versus agile information management

Classic methods Agile methods
Focused on long-term stable requirements Focused on short-term, changing
requirements
Strives for perfection Strives for speed
Detailed planning and implementation (waterfall Prototyping and interactive development
model)
Approval-based governance, little room for Process-based governance, more
manoeuvre freedom
Service level agreements and key figures for control in Customer feedback, quick response for
the control loop improvement
Sieber (2016)
References 9
software project management) and “Extreme Programming” (rigorous approach to soft-

ware development with high demands on operation) are also of importance (cf. Schelle
and Linssen 2018).
1.4 Summary
• The pressure of digitalization is changing many processes and structures across all
industries.
• Digital business models are based on central platforms that offer customers an indi-
vidual service and largely digital processes.
• The job description “IT controller” is changing. Rule-based routine tasks can increas-
ingly be performed by software robots. The persons responsible for IT controlling can
increasingly devote themselves to advisory and strategic tasks.
• Traditional IT managers with technical tasks are being replaced by new roles such as
the Chief Information Officer or the Chief Digital Officer. These emphasize a more
entrepreneurial view and use IT as a lever for digital processes and new digital busi-
ness models.
• Agile concepts of information management are displacing classic process models of
software implementation and process restructuring in subject areas with high customer
interaction and rapidly changing requirements. IT controlling still has to find answers
to this and adapt its instruments.
References
Baumeister M (2010) Karriereentwicklung des Chief Information Officer (CIO) aus systemisch-
konstruktivistischer Perspektive. Diss., Duisburg-Essen, Universität Duisburg-Essen
Buehler K, Steimel B (2018) Digitale Dividende im Mittelstand. Management Summary, Köln
Ciesielski MA, Schutz T (2016) Digitale Führung. Berlin/Heidelberg
Costello GJ (2010) Innovation and information systems: a case for ecological systems theory, PhD
thesis, Galway, 2010, J.E. Cairnes School of Business & Economics, National University of
Ireland, Galway
Deutsche Bank Research (Hrsg) (2014) Big-Data, die ungezähmte Macht, Frankfurt 04.03.2014.
http://www.dbresearch.de/MAIL/DBR_INTERNET_DE-PROD/PROD0000000000328652.pdf.
Accessed on 09.03.2014
Eckert C (2020) Wer schützt unsere Daten? – Möglichkeiten und Herausforderungen der Cyber
Security, acatech, 30.06.2020, Online per ZOOM
Gadatsch A (2016) Die Möglichkeiten von Big Data voll ausschöpfen. Control Manag Rev
2016(Sonderheft 1):62–66
Gadatsch A (2020) Grundkurs Geschäftsprozessmanagement, 9. Aufl. Springer Vieweg, Wiesbaden
Gadatsch A, Krupp A, Wiesehahn A (2017) Smart Controlling – Führungsunterstützung im digitalen
Wandel. Controll Mag 4:72–75
Gartner Hrsg (2014) Taming the digital dragon: the 2014 CIO Agenda. https://www.gartner.com/
imagesrv/cio/pdf/cio_agenda_execsum2014.pdf. Accessed on 10.07.2020
Gartner Hrsg (2015) Gartner says bimodal IT projects require new project management styles,
an outcome-centered approach will bridge the gap between ‚slow‘ and ‚fast‘ IT, analysts will
explore bimodal projects at the Gartner PPM & IT Governance Summits 2015 in Grapevine,
Texas on June 1–3 and in London, UK on June 8–9, STAMFORD, Conn., April 23, 2015. http://
www.gartner.com/newsroom/id/3036017. Accessed on 29.02.2016
Hanschke I (2018) Digitalisierung und Industrie 4.0. München
Heinzl A (2001) Die Rolle des CIO in der Unternehmung. Wirtschaftsinformatik 43(4):408–420
Ihne M (2013) Die Zukunft der Weiterbildung, Trends in der betrieblichen Bildung. In: Siepmann F,
Müller P (Hrsg) Jahrbuch eLearning & Wissensmanagement, S 18–28
Johanning V (2019) IT-Strategie, Die IT für die digitale Transformation in der Industrie fit machen.
Wiesbaden
Klostermeier J (2015) Bogdanski neuer CIO bei Lufthansa, CIO-Magazin, 29.05.2015. http://www.
cio.de/a/bogdanski-neuer-cio-bei-lufthansa,3109572?tap=e76debe9672f8a078de6f2e363a79f1c
&r=564632576256099&lid=425629&pm_ln=33. Accessed on 10.06.2015
Kornwachs K (2018) Digitalisierung – Revolution oder Gestaltungsauftrag?, Dialogreihe “Innovation
und Verantwortung”, 12. bis 13. November 2018, Digitalisierung und Arbeitswelt (modifiziert)
Markowetz A (2015) Digitaler Burnout, Warum unsere permanente Smartphone-Nutzung gefährlich
ist. München
Moestl B (2008) Shaolin – Du musst nicht kämpfen, um zu siegen. Knaur, München
Rütti N (2018) Der Agile Mitarbeiter im Digitalen Strudel, NZZ, 06.12.18. https://www.nzz.ch/
wirtschaft/der-agile-mitarbeiter-im-digitalen-strudel-ld.1442307. Accessed on 29.07.2019
Schäfer U, Weber J (2016) Die Digitalisierung wird das Controlling radikal verändern. Control
Manag Rev 6:8–17
Schelle H, Linssen O (2018) Projekte zum Erfolg führen, 8. Aufl. München
Schwaber K, Sutherland J (2016) The scrum guide, July 2016. https://www.scrum.org/resources/
scrum-guide. Accessed on 08.06.2017
Seele P (2020) Zukunft der Hochschulen, Gefährten Googles Abschlüsse die Hochschulen.
www.forschung-und-lehre.de, 22.10.2020. https://www.forschung-und-lehre.de/zeitfragen/
gefaehrden-googles-abschluesse-die-hochschulen-3173. Accessed on 05.11.2020
Segerer N (2019) Lizenzmanagement im IoT, Neue Geschäftsmodelle sind gefragt. In:
Computerwoche, 06.05.2019. https://www.computerwoche.de/a/neue-geschaeftsmodelle-sind-
gefragt,3546983. Accessed on 11.06.2019
Sieber R (2016) Die IT der Zukunft hat zwei Geschwindigkeiten: agil und stabil. https://
different-thinking.de/die-der-zukunft-hat-zwei-geschwindigkeiten-agil-und-stabil/. Accessed
on 10.04.2018 (modifiziert)
Spath D (2018) Arbeit in der digitalen Transformation: Dialogreihe “Innovation und Verantwortung”,
Tutzing, 12. bis 13. November 2018, Digitalisierung und Arbeitswelt
Walchshofer M, Riedel R (2017) Der Chief Digital Officer (CDO): Eine empirische Untersuchung.
HMD 54:324–337. https://doi.org/10.1365/s40720017-0320-7
Werth D, Greff T, Scheer A-W (2016) Consulting 4.0 – Die Digitalisierung der Unternehmensberatung.
HMD 53:55–70. https://doi.org/10.1365/s40702-015-0198-1
Westerman G, Bonnet D, McAffee A (2014) Leading digital. Turning technology into business
transformation. Perseus Book, Boston
IT Controlling Concept: General Conditions,
Basics and Central Terms 2
Abstract
This article presents an IT controlling concept. At the beginning of the article, the
reader can check the maturity level of his organization with the help of a compact quick
test that has been tested in practice. The IT controlling concept includes a mission state-
ment, the goals, contents, selected organizational concepts and tools for IT controlling.
After reading, the reader has an overview of central aspects and framework conditions
of IT controlling. Finally, an outlook on the trend towards “smart IT controlling”
is given.
2.1 Mission Statement IT Controlling
IT controlling covers a variety of topics, which we will discuss in detail later. The special-
ist group “IT Controlling” of the Gesellschaft für Informatik e. V. (GI) has published an IT
controller mission statement. (GI) has published an IT controller mission statement, taking
into account current developments, which is based on a modern and broad approach to IT
controlling (cf. Barth et al. 2009) and represents a broad framework into which specific
concepts can be placed.
Accordingly, “(IT controllers) design and support the management process of opera-
tional information processing and thus share responsibility for the achievement of infor-
mation management objectives.” The definition is specified in 11 core sentences:
1. IT controllers bridge communication and cultural barriers between technical and busi-
ness perspectives and thus contribute to an adequate culture in dealing with the
resource information.

12 2 IT Controlling Concept: General Conditions, Basics and Central Terms
2. IT controllers act as service providers at the interfaces of information management,

corporate controlling and corporate management.
3. IT controllers moderate and support the process of planning, steering and controlling
for information management in such a way that every decision maker involved can act
in a goal-oriented manner.
4. IT controllers provide a business service of information supply to the decision makers.
5. IT controllers ensure – in addition to strategy, result, financial and process transpar-
ency of information management – transparency of operational information process-
ing and its effects in the company. In doing so, they build a bridge to the strategy,
result, finance and process transparency of the company.
6. IT controllers evaluate methods of information management, corporate controlling
and corporate governance with regard to an appropriate consideration of the specific
effects of information processing in the enterprise (including diverse, interdependent
effects that are only effective in the long term).
7. IT controllers recommend and design methods for information management and –
related to the use of IT – for corporate controlling and management.
8. IT controllers ensure that procedural guidelines are in place and that they are
monitored.
9. IT controllers recognise and evaluate the risks and opportunities arising from the
use of IT.
10. IT controllers design and operate an IT reporting system that is integrated into the
company-wide reporting system.
11. IT controllers design and maintain information systems for IT controlling (Barth
et al. 2009).
The full version of the mission statement can be downloaded from the URL of the source
reference (Barth et al. 2009).
2.2 Quick Test IT Controlling: Self-Assessment
The “quick test” described below is intended for readers from the field. It can be used for
a self-assessment of a company or an authority. This provides readers with a simple aid to
roughly assess which areas of the organisation still have potential for development and
where active intervention may be required.
A total of five questions are to be answered on a scale of 1–5, intermediate values are
permissible. The result can be displayed as a network diagram and compared with other
organisations.
2.2 Quick Test IT Controlling: Self-Assessment 13
Questionnaire IT Controlling Quick Test
Question 1: IT controller
1 = Position/person not available

2 = Position/Role planned
3 = Job/role defined, not filled
4 = Role occupied, but performed in addition to other tasks
5 = Role occupied, deals mainly/exclusively with IT controlling
Question 2: IT strategy/digital strategy
1 = not available
2 = planned
3 = existing, within IT
4 = existing and communicated
5 = exists and is communicated, is created and monitored regularly, e.g. annually with
the specialist side
Question 3: IT standards
1 = not available or only partially available in exceptional cases

2 = planned for technical level and/or process level
3 = existing, only at technical IT level
4 = existing, also on process level and coordinated and communicated with busi-
ness side
5 = existing, regularly updated by IT Management in cooperation with Controlling
Question 4: IT portfolio management
1 = not available
2 = project bundles are defined for individual areas, otherwise the principle of “first
come first served” or similar applies.
3 = Project bundles are evaluated across companies available
4 = Project portfolios are set up by IT controlling and approved in consultation with an
“IT board”.
5 = Project portfolios are regularly (e.g. once a quarter) compared with the corporate
strategy by IT controlling and adjusted.
Question 5: IT cost and performance accounting
1 = IT costs are not known/classified

2 = IT cost elements are defined, but no allocation of IT costs and services to originators
3 = Flat-rate allocation of IT costs and services
4 = Causal allocation on the basis of planned allocation rates (planned costs/planned

quantities)
5 = Accrual based on market prices (planned quantity × market price)
Question 6: IT key figures (system)
1 = No systematic recording of key figures

2 = Individual key figures are recorded and reported on
3 = For individual key figures there is a defined control loop/process
(What to do if threshold values are under/exceeded)
4 = Key figure system with central key figures in use
5 = Central key figure system with defined processes/control loops for all key fig-
ures in use
Question 7: IT project controlling
1 = IT projects are not known/classified

2 = IT projects are defined, but there is no systematic monitoring
3 = Selected projects are monitored by the IT controlling/IT board
4 = Central project management system with selected project key figures in use
5 = Central project management system is used for regular control of projects (project
application, implementation, introduction/cancellation, benefit collection)
Question 8: IT license and asset management
1 = IT assets/licenses are not known/classified

2 = Selected IT assets/licenses are known, but there is no regular process throughout the
life cycle
3 = Process/life cycle is defined, responsible persons are defined
4 = Process/life cycle is communicated, employees are trained, management system is
under development
5 = Process/life cycle is communicated and in regular operation (i.e. all IT assets/
licenses are monitored and controlled company-wide over the entire life cycle)
In Fig. 2.1 you will find an anonymised practical example of participating institutions.
If you are interested in a self-assessment according to this procedure model, you can
request a blank table (Microsoft Excel) under the mail address andreas.gadatsch@h-brs.de.
2.3 IT Controlling
2.3.1 Clarification of Terms
IT controlling has numerous facets and supports different goals. The term is still not uni-
formly defined. On the one hand, IT controlling is very strongly associated with
2.3 IT Controlling 15
Level of Maturity for IT-Controlling (Praccal Example)

Aributes / Instruments P1 P2 P3 P4 P5 P6 P7 P8 P9 P10 P11 P12 Total
IT-Accountant 4 4 5 5 5 4 3 1 4 3 3 1 4.7
IT-Strategy 4 4 5 5 5 2 4 5 4 5 5 3 5.7
IT-Standards 4 5 4 4.5 4 4 4 3 3 4 5 3 5.3
IT-Porolio management 4 5 5 4 4 4 3 2 4 5 3 4 5.2
IT cost and acvity accounng 2 4 3 4 4 1 3 4 4 4 4 4 4.6
IT-Operang Figures 3 3 3 4 4 2 2 2 2 2 2 5 3.8
IT-Project controlling 3 5 5 4.5 4.5 2 3 3 3 3 3 4 4.8
IT-License and Assetmanagement 5 3 4 4 4 4 4 4 3.5 4 4 3 5.2
Total 3.6 4.1 4.3 4.4 4.3 2.9 3.3 3.0 3.4 3.8 3.6 3.4
Levels
Level 1 (no effective solution, at best fragments of a solution, no
planning visible) 1
5
Level 2 (rudimentary solution, with gaps, planning only visible in 4.5
parts of the segment) 4 TN1
8 2
3.5 TN2
Level 3 (useful pragmatic solution, extenstive coverage)
3 TN3
Level 4 (all-right solution, using best possible 2.5 TN4
coverage, but does NOT employ CIP) 2 TN5
1.5
Level 5 (best possible solution Lösung, availing of best possible coverage as TN6
well as employing CIP) 7 1 3
TN7
TN8
TN9
TN10
TN11
6 4
TN12
Fig. 2.1 IT controlling self-test – practical example
operational “IT cost management” and “IT budget control”. On the other hand, the focus
is on strategic IT portfolio management and IT strategy control.
There is also no shortage of alternative terms. Numerous terms are common in the lit-
erature and in practice, but some of them are also considered outdated. The following
variants are particularly well known:
• Data-processing controlling (data processing controlling),

• EDP-controlling (electrical data processing controlling),
• IT-Controlling (Information Processing Controlling),
• IS-Controlling (Information System Controlling) and
• IT-Controlling (information technology controlling).
Occasionally, since IT services are increasingly procured externally, the term “IT sourcing
controlling” is also used (cf. Schelp et al. 2006, p. 96), but this basically only covers par-
tial tasks.
In the English-speaking world, the term “IT performance management” is common; the
term “IT-Controlling” used in the German-speaking world is not used there (cf.
Strecker 2008).
2.3.1.1 IT Controlling Must Be Adapted

The author has become acquainted with numerous real IT controlling concepts in practice.
In most cases, very specific solutions were found, which sometimes bore more or less
resemblance to pure „textbook concepts“. One can also put it this way: IT controlling
concepts have to be developed and adapted for each organization. Otherwise, IT control-
ling can easily become an instrument of system and self-deception if it is not adapted to
the framework conditions of the respective situation. Therefore, this book also presents
approaches that you as a reader would not have attributed to IT controlling.
2.3.1.2 IT Controlling Must Balance and Moderate

IT controllers are faced with the conflicting demands of different departments and areas.
They have to balance between functional, financial and technical aspects and take into
account corporate policy guidelines and restrictions.
2.3.1.3 Controller = Helmsman or Helmswoman

Controlling is an artificial word based on the English word “to control”. Incorrect transla-
tions such as “controlling = control” have therefore often discredited controllers working
in practice as unloved “controllers”. However, the English word “to control” means “to
steer” or “to regulate”. Thus, controlling is the “controlling theory”. The IT controller is
the helmsman or helmswoman for the economic use of information technology.
The Chief Information Officer (head of information management) is the captain. In the
English-speaking world, “IT controlling” is not used; there, “IT performance manage-
ment” is common (see Strecker 2008).
2.3.1.4 IT Controlling as a Business Task

IT controlling is considered an instrument for preparing decisions in the context of the use
of IT resources. It is the “procurement, preparation and analysis of data for the preparation
of target-oriented decisions in the acquisition, realization and operation of hardware and
software” (cf. Becker and Winkelmann 2004, p. 214) and thus a business task to ensure the
effectiveness and efficiency of information technology in the company.
2.3.2 Tasks
The scope of tasks for IT controlling is not uniformly described in the literature (cf.
Gadatsch and Mayer 2013). In typical job advertisements, for example, the following
activities are mentioned:
• Preparation and reconciliation of the IT budget,

• Evaluation of costs and risks arising from IT projects and IT systems,
• Evaluation and prioritization of project proposals,
• Determining the value contribution of IT to the company’s success,
• Profitability analysis and evaluation of IT projects and IT systems,
• Assessment of the opportunities and risks of IT outsourcing measures,
• Design and evaluation of service level agreements (SLA) with IT service providers,
• Preparation of make-or-buy decisions.
IT controllers must therefore answer strategic questions (e.g. “Can we improve our perfor-
mance by outsourcing IT?”) and provide operational answers (e.g. “How high were the IT
costs in May for the IT product mail server?”). A practical catalogue of typical questions
has been compiled by Müller et al. (2005, pp. 101–102):
• What opportunities do innovative IT systems open up for increasing the competitive

position?
• How can the risks of increasing dependence on IT be managed?
• How can the diverse IT applications be prioritized?
• How can IT projects be optimally coordinated in a holistic program management?
• How can the contribution of IT to the optimization of business processes be assessed?
• How can the cost-effectiveness of IT applications be assessed ex ante?
• How can the efficiency of IT infrastructure and service delivery be assessed?
• How can the quality of cooperation with internal and external partners be measured?
• How can the exchange of services between IT and business departments be efficiently
evaluated and controlled?
• How can the overall performance of IT be measured in a holistic system?
2.3.2.1 Task Profiles

The job advertisements for IT controllers vary greatly in terms of the requirements. Cost,
budget and performance accounting aspects often dominate. As an example, the following
job advertisement of an industrial company is excerpted, which has a clear „accounting
character“. Accordingly, the central tasks in IT controlling are:
• Implementation and support of the monthly and annual financial statements of the cen-
tral IT company,
• Preparation and execution of the IT cost allocation according to the source,
• Implementation and conception of standard and ad-hoc reporting,
• Implementation and monitoring of the budget and forecast process,
• Contract management (intercompany cost allocation),
• Contact person for business management questions,
• Participation in the creation of increased transparency of IT costs within the
organization.
This job advertisement from another company has a similar focus, but is more interna-
tional and optimised:
• Expansion of IT controlling nationally and internationally,

• Carrying out month-end closing operations,
• Implementation of operational corporate planning,
• Preparation of cost and investment planning,
• Calculations for standard IT services,
• Implementation of an international accounting and reporting concept,

• Participation in the sustainable optimization of IT controlling processes worldwide,
• Processing of special business tasks and projects.
The “Zürcher Kantonalbank” published a very good IT controlling concept several years
ago (see Betschart 2010). It shows that the role of the IT controller is very much service-
and moderation-oriented, but nevertheless contains a large share of responsibility for
achieving the organization’s goals.
Example of an IT Controlling Concept (Zürcher Kantonalbank)
• We IT controllers design, moderate and accompany the management process of IT

planning, accounting (monitoring) and controlling (reporting) in such a way that every
decision-maker can act in a goal- and benefit-oriented manner.
• We share responsibility for the achievement of objectives. We are guided by process-
oriented IT controlling. Our (value) contribution consists of promoting the effective-
ness, efficiency and transparency of IT.
• We support both IT clients and the IT service providers. ◄
The area of tension for IT controlling is large, as there is no uniform definition of the
scope of tasks. The views of the various stakeholders on the task area “IT controlling” are
large; the company management, the CIO, the various specialist departments and IT con-
trolling itself have different views (cf. Fig. 2.2).
IT-Controlling
CIO
Department
Corporate Management
Fig. 2.2 Perspectives of different stakeholders on IT controlling

Even within economics, computer science and business informatics, it is disputed how
IT controlling is classified in the disciplines. One school of thought considers IT control-
ling to be part of information management (planning, management and control of IT),
while another school of thought sees IT controlling as part of the field of controlling (“IT”
is the controlling object). A pragmatic approach is the view that IT controlling should be
regarded as a networking discipline (control and design of IT deployment) (Gadatsch and
Mayer 2013, p. 33).
2.3.3 Methods and Tools
The methods used in IT controlling can be divided into strategic, operational and over-
arching methods. They cover the possible overall spectrum, which, however, is not always
fully exploited in practice. Figure 2.3 provides an overview of the correlation.
Overlapping
Methods Key-figure-based
IT reporting
IT project IT cost and IT sourcing

controlling activity accounting controlling
(Earned Value, (cost types, (Make or Buy
Operave time, expenses, cost centre, Business partners,
IT-Controlling risks) projects, SLA, cloud,
settlement methods) assets, licences)
Strategic • IT Portfolio- • IT investment • IT-Governance-

IT-Controlling
Management appraisal & Controlling
TCO analysis (IT standards &
guidelines)
IT strategy control using the IT balanced Scorecard
Fig. 2.3 Strategic and operational IT controlling

2.3.3.1 Comprehensive Methods

Key figure-based IT reporting, i.e. reporting with IT key figures or key performance indi-
cators (KPI), is one of the overarching controlling methods. IT key figures can be found at
both the strategic and the operational level.
IT reporting is largely based on data from IT cost and performance accounting, which
is assigned to operational IT controlling. IT-oriented key figures provide, for example, a
comprehensive picture of planned, ongoing and completed IT projects and IT operations.
Setting up an IT KPI system and providing IT and business management with KPIs and
analyses is an important task in IT controlling, without which other subareas cannot work.
IT key figures are considered the “tools of the trade” for IT controllers.
2.3.3.2 Operational Methods

IT project controlling supports project planning and effort estimation, evaluation of proj-
ect proposals and analyzes project progress. Various methods are used, including earned
value analysis and general profitability and risk analyses from business administration. In
addition, project controlling provides data for comprehensive reporting and project docu-
mentation as well as case-related reviews and audits of IT projects.
IT cost and activity accounting is used to determine basic data for decision-making and
reporting. It is classically divided into IT cost type, cost centre and cost unit accounting.
Common methods are IT contribution margin accounting, e.g. for IT companies, general
profitability analyses and project calculations as well as variance analyses or target/actual
comparisons. In practice, the main focus is on the preparation and monitoring of the IT
budget in cooperation with the decision-making bodies, e.g. an IT board.
IT sourcing controlling supports the design of the procurement of IT services. From the
point of view of IT controlling, the following analyses and decision-making issues are
supported: Make-or-buy analyses in the use of software, evaluation of decision options in
IT sourcing, especially questions of IT outsourcing or cloud computing and the entire IT
asset and license management. In addition, there are tasks in the area of IT contract and IT
consultant management, benchmarking of IT suppliers, design and monitoring of IT ser-
vice level agreements.
In some cases, these tasks are also performed in the specialized “IT Purchasing” depart-
ment, if possible in cooperation with IT Controlling.
2.3.3.3 Strategic Methods

An important task of information management is the strategic control of the IT strategy. It
is methodically supported with the help of the IT balanced scorecard. The role of IT con-
trolling is to control the strategy process, monitor the key figures of the IT balanced score-
card and initiate measures together with the relevant decision makers. In addition, there
are tasks in the provision and analysis of strategic key figures and the monitoring of the IT
strategy.
IT portfolio management serves to implement the IT strategy by selecting, evaluating
and controlling new or maintenance projects.
Performance indicator based IT-Reporting

(Development and Usage of IT indicator systems, Design of the IT reporting system)
Operative IT project controlling IT cost accounting IT sourcing accounting

(Project planning and cost estimation, (IT cost types, cost-centre (Make or Buy analyses, IT outsourcing
assesmemt of project applications, accoutning and cost unit /IT offshoring, cloud computing, IT
analysis of project progress, „Earned- accounting, IT breakeven analysis, asset and license management, IT
Value“ analysis, cost-efficiency and risk cost efficieny analysis and project contract and consultant management,
analysis, reporting and documentation, costing, deviation analysis / benchmarking of IT suppliers, design
reviews and audits) variance analysis, set-up and and monitoring of IT service level
monitoring of the IT budgets in agreements).
cooperation with the decision-
making bodies)
Strategic IT portfolio management IT capital budgeting IT governance controlling

(Drafting anf development of IT portfolio (Assisting the IT management in
management processes, assesment, (Investigation and assessment of defining and enforcement of IT
selection and management of new net present value incl. size of IT- standards and IT guidelines in order to
projects as well as maintenance Investments, implementation of reduce direct and indirect costs.)
projects) Total-Cost of Ownership analysis.
Investigation & assesment of
direct and indirect IT costs and
performances.)
IT strategy managment with the „IT balanced scorecard“

(Supporting IT management by developing and implementing the IT strategy. Provision and analysis of strategic
performance indicators as well as monitoring the IT strategy.)
Fig. 2.4 Toolbox IT controlling
IT investment accounting is used to determine and evaluate NPVs and other quantita-
tive parameters of IT investments. Total cost of ownership analyses support IT investment
accounting by determining and evaluating direct and indirect IT costs and services. IT
standardization plays an important role in reducing costs and ensuring consistent perfor-
mance. It also serves to support IT management in defining and enforcing program plans,
consolidation projects and IT standards.
From the methods mentioned, a “toolbox” for IT controlling can be bundled, which is
shown in cf. Fig. 2.4, and which will be explained in detail in the following chapters.
2.3.4 Organisational Concepts
2.3.4.1 Role Assignments

The tasks of the IT controller overlap with those of information management. The Chief
Information Officer (CIO) as the head of information management has the overall respon-
sibility for information processing in an organization. The CIO develops visions and con-
cepts for future technical possibilities and advises the departments on the design of their
business processes. In addition, the CIO is responsible for the operational implementation
of the concepts and the operation of IT. “The CIO is the business- and result-oriented,
main responsible personality in (top) management for the strategic IT concerns of an orga-
nization.” (cf. Baurschmidt 2010).
2.3.4.2 CIO as Decision Maker

The IT manager (CIO = Chief Information Officer) has the decision-making and imple-
mentation responsibility for IT measures. The CIO informs and involves IT controlling in
essential issues.
2.3.4.3 IT Controller as Independent Advisor to the CIO

IT controlling is an independent consulting service for the top IT management, i.e. usually
the CIO or IT management. IT controlling provides business management methods and
tools, is responsible for managing the IT controlling processes and monitors the IT proj-
ects of the users. IT controlling must create the transparency that a CIO needs in order to
make the “right” decisions with regard to IT strategy, IT planning and control of the neces-
sary measures (cf. Fig. 2.5).
2.3.4.4 IT Controlling as a Service and Monitoring Instance

IT controllers are both service providers (creation of transparency) for information man-
agement and supervisors (compliance with rules, e.g. budgets) of the CIO, which in prac-
tice leads to role conflicts and different organizational concepts. The classification of IT
controlling in the corporate hierarchy is regulated very differently.
The following basic variants of organizational design can be found in practice:
Partnership model (IT controlling on equal footing with CIO), employee model (IT con-
trolling as CIO employee), controlling model (employees in controlling) (cf. Fig. 2.6).
2.3.4.5 Partnership Model

In the partnership model, IT controlling reports directly to the company management and
is therefore on the same hierarchical level as the CIO. The distribution of roles between the
CIO and IT controlling outlined in Fig. 2.5 can thus be mapped in full. IT controlling is
independent and can act on its own. This model is typical for organizations where
Chief Information Officer IT-Controller

(CIO)
Descision-making responsibility Responsibility towards transparency
Economic and Efficient

use of IT in the company
Fig. 2.5 Distribution of roles between CIO and IT controlling. (Based on Kütz 2006, p. 9)
Management
Human
(CIO) IT-Controlling Controlling Sales Manufacturing …
Resources
Partnership Model
Management
Human
(CIO) Controlling Sales Manufacturing …
Resources
… IT-Controlling
… …
Employee model
Management
Human
(CIO) Controlling Sales Manufacturing …
Resources
… IT-Controlling
… …
Controlling Model
Fig. 2.6 Organizational concepts for IT controlling
performance is closely interwoven with IT, such as banks or insurance companies.

Transferred to the public sector, these would be organizations with a high service character
that is strongly supported by IT.
2.3.4.6 Employee Model

The employee model subordinates the management of IT controlling to the CIO. The dis-
tribution of roles between the CIO and the IT controlling service presented in Fig. 2.5 is
only partially feasible due to the disciplinary classification and possible role conflicts. The
CIO could reject objections from IT controlling in case of conflict. This concept is often
found in industries with a strong separation of production IT (high IT share in production
and assembly systems, such as the automotive industry) and general IT (IT workplace,
document management, enterprise resource planning, customer relationship
management).
2.3.4.7 Controlling Model

The “controlling model” considers IT controlling as a sub-task of the general controlling
of the organization. IT controlling is not bound by instructions to the CIO due to its clas-
sification in general controlling. In this variant, too, the role distribution between the CIO
and the IT controller can be depicted. In practice, IT controlling focuses more on financial
aspects such as cost planning, budget compliance and profitability control.
2.3.4.8 Organizational Concepts in Practice

All of the organizational concepts presented can be found in practice. The long-term study
“IT Controlling in Practice” conducted by Bonn-Rhein-Sieg University of Applied
Sciences and Anhalt University of Applied Sciences since 2004 shows that 63% of IT
controllers report to the CIO, 26% to the head of controlling, and in rare cases (11%) to
management or the board of directors (see Gadatsch et al. 2017b).
2.3.5 Reasons for IT Controlling
In practice, unfortunately, there are repeated examples of failed IT projects. For example,
the energy supply company of the city of Cologne had enormous problems with the start-
up of a standard SAP solution many years ago (cf. Computerwoche 2001). The difficulties
experienced by the public administration in providing a uniform “federal client”, i.e. a
standardised IT workstation for the public sector, are also examples of this (cf. Rosenbach
2021). Figure 2.7 shows a number of major implementation projects for ERP systems that
have either been abandoned in recent years or at least had to overcome major challenges
(cf. Kroker 2018).
Company Year Project Problem area
Haribo 2018 Introduction of a new enterprise resource planning system based Complexity,
(confeconary on SAP HANA S/4. New software will replace old management fehlende Erfahrung
company) systems from the 80s. System introduction led to issues in the (Project ongoing)
introductionary phase which lead to a 25% loss of sales due to
outstanding or wrong delivery to customers
O o 2009 - „Passion for Performance“: Largest IT-Project for Otto, which Complexity
(Mail-order 2012 would have connected a multitude of IT-Systems with SAP. Project (cancelled)
company) was cancelled.
Deutsche Bank 2015 „Magellan“: Integration of „Postbank“ systems into the own native Complexity
SAP systems. Project was cancelled. (cancelled)
„Postbank“ had previously been acquired by Deutsche Bank.
Deutsche Post 2015 „New Forwarding Environment“: Introduction of a brand new IT- Complexity
(Naonal mail- System for €345 million. Project cost an additional €37 million to (cancelled)
delivery company) reverse the new changes. Project cancelled.
EDEKA 2007 - „Lunar“: Standardisation of pruchasing and merchandise Worldwide most

(supermarket 2012 management processes. Starting budget: €200 million. Cost after complicated SAP-
corporaon) completion: €350 million. installation
LIDL 2018 „Elwis“: SAP-introductionary project based on SAP/HANA S/4 Project targets
(supermarket started in 2011. Project was finally cancelled after costing upwards economically not
corporaon) of €500 million. achievable
Fig. 2.7 Complex IT projects. (cf. Kroker 2018)

2.3.5.1 Complexity
An important reason for the failure of these projects is the complexity of the respective
tasks. Whether an IT controlling concept was applied in the application examples cannot
be said from an external perspective. But it can be seen that IT controlling is helpful in
such cases because it can identify undesirable developments early on and suggest
countermeasures.
2.3.5.2 Project Organization

The introduction projects for new IT processes appear particularly critical in view of the
examples described. In the software introduction process, it is therefore advisable to
involve the IT controlling service in the project at an early stage, especially in the phases
of preliminary investigation, organization and conception, but also later again before com-
missioning and rollout.
2.3.5.3 Transparency
Another common problem is the lack of cost transparency, as there is insufficient informa-
tion on IT costs and services. Without IT performance accounting, no effective IT control
is possible. Many IT costs are not visible (e.g. colleague help due to lack of training, sys-
tem failures due to lack of maintenance). One speaks of “indirect costs”, which can only
be made visible by special analyses and which are counteracted by suitable measures.
2.3.5.4 Cloud Computing

An increasingly pressing problem is the multitude of new applications that are provided by
means of cloud computing. Here it is necessary to perform a neutral IT strategy compari-
son as well as a profitability analysis. The orchestration of cloud applications from differ-
ent providers is a highly topical challenge in many companies.
2.3.6 Smart IT Controlling
The use of large amounts of data in structured and unstructured form is referred to as “Big
Data” (cf. Gadatsch and Landrock 2017). Up to now, classic structured data from ERP
systems and data warehouse systems have still been predominantly used in controlling.
But digitalization has led to strong changes. Many companies have successfully imple-
mented their first Big Data applications, e.g. in the real-time analysis of customer data and
business processes.
The term “Smart Data” is associated with the innovative character of Big Data, which
is primarily linked to the development of new business forms and models. A transfer to
controlling means that controlling has evolved in several steps (cf. Gadatsch et al. 2017a).
Figure 2.8 shows the steps from pure actual cost control to smart controlling based on
Gadatsch, Krupp and Wiesehahn (2017a).
Smart Controlling
Digitally facilitated (Big Data)
Pioneer phase of data Controlling
processing supported (Data Warehouse)
accounting
■ Real-time processing and
(ERP-Systems/ PC) -structuring of structured
and non-structured
■ Processing and formatting elemnetary and
of structured elementary compressed data.
■ Processing and
numerical depiction of and compressed Data
■ Prediction of future
structured Data. behaviours
■ Relational data models
■ Batch-oriented Data ■ Application of „Business ■ Results of Controlling

processing Intelligence Systems“ directly impact the
business processes
■ Online processing
based on relational
databases
1970 1990 2015 Time
IT cost-control IT-Controlling Smart IT-Controlling

Fig. 2.8 Smart IT controlling. (Based on Gadatsch et al. 2017a)
In the first pioneering phase, the focus was on pure reporting of structured data. The
data was processed batch-oriented on mainframes and was consequently not up-to-date. A
typical application example for IT controlling is IT cost and activity allocation. In the
second phase, the digitalization of controlling was intensified and increasingly data struc-
tured in real time and summarized in data warehouse systems was processed. The analysis
of the data was supported graphically. Data mining methods made it possible to identify
unknown correlations in data, e.g. error situations in IT systems in connection with certain
activity patterns. In the current phase of smart IT controlling, new types of database sys-
tems are available that give controllers significantly more analysis options in terms of data
variety, data quantity and data timeliness. Thus, user interactions in information systems
can be monitored in real time, interpreted and transformed into countermeasures.
In recent years, the job description of the “data scientist” has been developed in the
course of digitalisation. This refers to people who methodically support an organization
with a mix of different key skills (especially mathematics, statistics, information technol-
ogy and domain knowledge) (cf. Gadatsch and Landrock 2017). Typical task areas are
strategy development, use case identification and expression, data analysis and modeling
as well as tool-related customizing and programming of applications (cf. Gadatsch and
Landrock 2017). With regard to the tasks of IT controllers, overlaps arise in relation to data
analysis. As part of an unpublished study, the Bonn-Rhein-Sieg University of Applied
Sciences asked IT controllers in various industries how they see their professional future
and what role the topic of data science will have. In the following, two questions and
slightly modified answers are given as examples to give an insight into the “mood”.
Question
Will there be Data Scientists in the future instead of controllers, or are they more of a
complement?
Answer: Data Scientists will not replace controllers. However, their work is an
important prerequisite for targeted controlling. The interpretation of data will remain in
the hands of finance experts in the future.
Question
In your view, is controlling moving in the direction of data science?

Answer: I hope not, because then I would not like to work in Controlling anymore.
Data science is a part of controlling (data analysis). But the controller goes further and
also develops recommendations for action based on the data. I could imagine that later
on, digital assistants could be used for routine tasks such as reporting and analysis,
which would help the controller to have more time to push the “controlling” activity.
The changes to the job description of IT controllers are not yet clear, but some aspects
are already beginning to emerge. For example, activities with a high degree of digitaliza-
tion will be increasingly automated in the future. Examples of this are activities such as the
“preparation and coordination of IT budgets”, “evaluation and prioritisation of project
applications” or “profitability analyses”. On the other hand, new tasks such as “participa-
tion in digital business models” or “participation in the creation of the digital strategy” will
be added.
Data Lake
Analysis and
Data Sources Preparation Storage
Visualization
Local SAP Central Use Case
System Pool Pool
Knime
SAP BW ETL-Tools
Power BI
System
Premium
Other sources IT User R Studio

managed managed
Fig. 2.9 Use of data science tools in IT controlling practice. (cf. Sasse 2020)
2.3.6.1 Use of Data Science Tools in IT Controlling

A typical application example for the use of “smart tools” was presented at a specialist
conference for IT controlling and IT cost and performance accounting (cf. Sasse 2020 and
Fig. 2.9). Starting from different internal and external data sources (local SAP systems,
SAP BW systems, etc.), the data is first transferred to a “data lake” and then processed
(e.g., elimination of duplicates, filling of missing data) using so-called ETL tools
(ETL = Extract, Transform, Load) and transferred to the central data pool. The central data
pool is maintained by IT, the decentralized data derived from it for special use cases is
maintained by the users. The final analysis of the data is done using typical Big Data tools
(Knime, R Studio) and the user-oriented presentation with a dashboard (Power BI
Premium) for the analysis.
2.4 Summary
• IT controlling is an independent service task to support information management

• The Chief Information Officer (CIO) is responsible for implementing information man-
agement objectives
• IT controlling has the responsibility for transparency
• The organization is based on the requirements of the company: partnership model (IT
controller on equal footing with CIO), CIO-employee model (IT controller as CIO
employee), controlling model (employee in controlling)
• Without IT controlling, many IT projects are at risk because the neutral consulting and
controlling authority is missing.
References
Barth M, Gadatsch A, Kütz M, Rüding O, Schauer H, Strecker S (2009) Leitbild IT Controller/in:

Beitrag der Fachgruppe IT-Controlling der Gesellschaft für Informatik. ICB-Research Report,
Nr. 32, Institut für Informatik und Wirtschaftsinformatik, Universität Duisburg-Essen. http://
www.icb.uni-due.de/researchreports/reportliste/. Accessed on 30.04.2019
Baurschmidt M (2010) Karriereentwicklung des Chief Information Officer (CIO) aus systemisch-
konstruktivistischer Perspektive. Diss., Duisburg-Essen, Universität Duisburg-Essen
Becker J, Winkelmann A (2004) IV-controlling. Wirtschaftsinformatik 46:213–221
Betschart A (2010) IT-Controlling-Konzept der Zürcher Kantonalbank. Zürich 10(01):2010
Computerwoche (2001) Nr. 46, 16.11.2001 “SAP-Projekt bringt Stromversorger in Not”
Gadatsch A, Landrock H (2017) Big Data für Entscheider. Springer, Wiesbaden
Gadatsch A, Mayer E (2013) Masterkurs IT-controlling, 5. Aufl. Springer, Wiesbaden
Gadatsch A, Krupp A, Wiesehahn A (2017a) Smart Controlling – Führungsunterstützung im digi-
talen Wandel. Control Mag 04:72–75
References 29
Gadatsch A, Kütz M, Freitag S (2017b) IT-CON 2017, Ergebnisse der 5. Umfrage zum Stand des
IT-Controllings im deutschsprachigen Raum (2017), Band 34, Sankt Augustin 2017. https://doi.
org/10.18418/978-3-96043-043-8
Kroker K (2018) Haribo, Lidl, Deutsche Post & Co. Die lange Liste schwieriger und gefloppter
SAP-Projekte. https://www.wiwo.de/unternehmen/it/haribo-lidl-deutsche-post-und-co-die-
lange-liste-schwieriger-und-gefloppter-sap-projekte/23771296.html. Accessed on 17.12.2018
Kütz M (2006) IT-Steuerung mit Kennzahlensystemen. dpunkt, Heidelberg
Müller A, von Thienen L, Schröder H (2005) IT-Controlling: So messen Sie den Beitrag der
Informationstechnologie zum Unternehmenserfolg. Control Berat 1:99–122
Rosenbach M (2021) Digitalisierung der Verwaltung, Modernisierung der Bundes-IT dauert wohl bis
2032, Spiegel Online, 19.04.2021. https://www.spiegel.de/netzwelt/netzpolitik/digitalisierung-
der-verwaltung-modernisierung-der-bundes-it-dauert-wohl-bis-2032-a-4b3c61b7-8b9d-4bd0-
ac2f-f409192505e9. Accessed on 26.04.2021
Sasse C (2020) Integrated IT-controlling, IT costs & service charge back 2020, 20.11.2020
Schelp J, Schmitz O, Schulz J, Stutz M (2006) Governance des IT-Sourcing bei einem
Finanzdienstleister. Prax Wirtschaftsinform HMD 250:88–98
Strecker S (2008) IT-Performance-Management: Zum gegenwärtigen Stand der Diskussion.
Controlling 20(10):518–523
From IT Strategy to Digital Strategy:
From Classic IT Strategy to Digital Strategy 3
Abstract
IT strategies were previously derived from the strategy of a company. Currently, there
is a discernible trend towards merging the organizational strategy and the IT strategy
into a digital strategy. This section discusses the relevance of an IT strategy or digital
strategy in the context of IT controlling. In addition, the differences between a digital
strategy and a classic IT strategy are discussed and the effects are shown.
3.1 Classical Notion of IT Strategy
The term strategy is derived from the ancient Greek word “strategeia”, which can be trans-
lated as warfare or the art of war. Today, the term strategy is often used in different mean-
ings to “enhance” concepts. A strategy provides a forward planning of future action.
“Ergo: to do today what others think of only tomorrow- for only constant is change”
(Heraclitus, died 480 BC). Without the targeted and economic use of information technol-
ogy (IT), operational and strategic corporate goals can no longer be planned in the twenty-
first century.
The corporate strategy influences both the IT strategy and the organizational and opera-
tional structure (processes) of a company. The IT strategy determines the IT architecture,
which in turn has an impact on the processes. Taken together, these elements influence the
performance of the company (cf. Fig. 3.1).

32 3 From IT Strategy to Digital Strategy: From Classic IT Strategy to Digital Strategy
influences
(General) Organizational
Business-Strategy structure
influences
facilitates
The effiency
Business of
influences processes organization
facilitates
IT- managed by
IT-
Strategy Architecture
Fig. 3.1 Importance of IT strategies. (Based on Krcmar 2005)
3.2 Contents of IT Strategies
According to the classical understanding of business administration, the IT strategy is a

derived element of the corporate strategy. The IT strategy serves the implementation and
monitoring of suitable IT-oriented bundles of measures for the realization of strategic cor-
porate goals. Essential contents of a classic IT strategy are the following aspects (cf.
Gadatsch and Mayer 2013):
• Formulation of a target state (Where do we want to go?),

• List the need for action (What do we need to do?),
• Pointing out options for action (What alternatives do we have?),
• Setting goals and defining measures (What is to be done concretely and when?),
• Designation of the persons responsible (Who will carry out the measures?),
• Determine metrics for goal monitoring (When did we achieve the goals?).
An example of the central contents of the IT strategy of a pharmaceutical manufacturer is

shown in Fig. 3.2.
A study by the Bonn-Rhein-Sieg University of Applied Sciences examined, among
other things, the frequency with which IT strategies are created in different sectors over
several years (cf. Gadatsch et al. 2017): In the service sector and industry, an IT strategy
is predominantly created, whereas in the public sector, less than 50% of the participants
surveyed create an IT strategy with an average range of 3–4 years. In most cases, the IT
strategies are adjusted annually.
Not all companies create IT strategies. Overall, the number of companies creating an IT
strategy has declined slightly (see Fig. 3.3).
3.2 Contents of IT Strategies 33
Subject Example
Target State Production of pharmaceuticals using intelligent production

scheduling, supplier of AI-based development methods, business
partner for the development of pharmaceuticals.
Need-for-action Setup of a „Digital-Unit“ is absolutely necessary. Development
& Weaknesses team needs to receive further training in the areas of (general) IT-
knowledge, data retrieval and data analysis as well as data
preparation.
Course of Interim employ of freelancers, consultants, etc.
action Total outsourcing of software development
Goals and Gradual Staff expansion, creation of CDO position as well as a

Measures „Digital Unit“. Set-up of an IT-infrastructure is a high priority.
Integration of all machines and laboratories to a central „Data-
Lake“
Monitoring Digital Unit ready for use within a year. Can begin to implement
indicators selected pilot projects within the first year. Optimizes the two sub-
processes „granulation and pelleting machine“
Fig. 3.2 Central contents of the IT strategy of a pharmaceutical manufacturer (simplified)
Fig. 3.3 IT strategy in Do you regularly develop an IT strategy?

year-on-year comparison. (cf.
Gadatsch et al. 2017)
2017 65.1%
2013 77.1%
2009 72.8%
2007 80.2%
2004 74.4%
0.0% 20.0% 40.0% 60.0% 80.0% 100.0%

3.2.1 IT Strategy Characteristics
IT strategies can be aggressive, moderate or defensive (Heinrich and Stelzer 2009, p. 130).
An aggressive IT strategy pursues the goal of leadership in the use of technology. One
wants to be faster than one’s competitors. Current topics are digitalization, Industry 4.0,
Internet of Things (IoT) or Big Data. A moderate IT strategy involves imitating the behav-
ior of competitors, and depending on their experience, the measures are followed or not.
An example is the use of software typical for the industry, such as SAP ERP. A defensive
IT strategy primarily uses proven standard solutions, such as the use of proven standard
products like Microsoft Office for workplace support. There are no approaches that devi-
ate from competitors.
Typically, first follower strategies (i.e. moderate or defensive strategies) are considered
to be less risky, as the risks are placed on the technical leader (cf. Mertens and Bissantz
2021, p. 7).
3.2.2 Empirical Content of IT Strategies
In practice, IT strategies define the IT portfolio, including outsourcing, as well as various

technical aspects. These include in particular the topics listed in Table 3.1.
The range of topics covered by IT strategies is usually very broad and often also very
much driven by current trends. For example, the fifth survey on IT controlling in the
German-speaking world conducted by Bonn-Rhein-Sieg University of Applied Sciences
(cf. Gadatsch et al. 2017) revealed the following topics, among others:
• Infrastructure/Technologies/Cloud Computing,
• Applications and Services,
• IT governance/role of IT in the organization,
Table 3.1 Contents of an IT strategy

IT service and product portfolio In-house development and application support
Introduction Support of standard software
Provision, fault clearance of hardware and software,
training
Information system landscape (IS Software systems for processes
landscape) Which standard software/releases?
Operating infrastructure Hardware and operating systems, networks
Data center equipment, cooling, building, terminal
equipment
IT standards Databases, internet, operating systems,
If applicable, standard software for specific tasks
Suppliers and employees Which employees with which tasks?
Consultants for what tasks?
Examples for contents of an IT strategy (cf. Hanschke 2009, pp. 44–45)
3.3 From IT Strategy to Digital Strategy 35
• Sourcing and Supplier Management,

• Digitization,
• Business and Customer Relationship,
• Information Management,
• Innovation Management/Business Enabling,
• Industry 4.0 (Fourth industrial revolution),
• Big Data,
• Mobile Computing,
• Personnel/Staff Development,
• E-commerce/E-business,
• Social Media.
3.3 From IT Strategy to Digital Strategy
The classic IT strategy is derived from the strategic goals of the company. In a multi-stage
process, various alternatives for IT strategy content are examined and ultimately combined
into an IT strategy (cf. Heinrich and Stelzer 2009, p. 129).
Occasionally, however, only planned IT projects are listed in the “IT strategy” in prac-
tice, without any reference to business goals being apparent. However, the goal is to create
an IT strategy derived from the corporate strategy, which is the basis for the following
measures, among others:
• Operational IT planning (resource allocation for ongoing IT projects, investments,

training),
• Further development of the IT organization,
• Design of computer-aided business processes,
• Determining the key points of the IT procurement and operating concepts (in-house
development, outsourcing, cloud computing, etc.),
• Determination and prioritization of future IT projects.
3.3.1 Digital Business Strategy
Bharadwaj et al. (2013) describe a phenomenon that can be observed worldwide: Many
companies are merging their corporate and IT strategies into a “digital strategy” or “digital
business strategy” based mostly on new or expanded business models. The difference does
not appear to be great at first glance, but it has far-reaching consequences.
The classic IT strategy derives the requirements from the corporate or public authority
strategy, i.e. it is reactive. The digital strategy achieves competitive advantages or strategic
advantages for an authority on the basis of an environment analysis (according to Porter
1998), it is interactive and adapts to the environment (cf. Fig. 3.4).
Stakeholder analysis for a digital strategy
Original IT strategy
(potential) Derives requirements
from business
Competitors strategy
(reactive)
Alternative competitors
Bargaining power pose a threat
of suppliers
Suppliers Company Customers

/ Goverment
Bargaining power of
agency customers
Digital strategy
Alternative products and
services pose a threat Achieves competitive
advantages based on
(Alternative) a stakeholder
Products analysis
(interactive)
Fig. 3.4 Environmental analysis for a digital strategy. (After Porter 1998)
3.3.2 IT Strategy Patterns
Currently, the change can already be seen in the focus of the IT strategies of well-known
companies. However, many companies are still pursuing a classic IT strategy in which IT
plays the role of service provider and pursues IT goals that are derived from the corporate
strategy. Another group is pursuing goals that involve a digital transformation, i.e. a
realignment of the corporate organization. Here, IT is seen as an enabler and service pro-
vider for the transformation. The third group pursues a Business Digital Strategy, i.e. an
integration of both aspects in one go. A look at the IT strategy patterns of selected compa-
nies (cf. CIO Magazin 2017) broken down by strategy type is shown in Fig. 3.5.
Example DOGEWO21
The housing company DOGEWO21 has an example of a moderate digital strategy.

It wants to maintain a high level of customer satisfaction, remain accessible through
proven contact channels (telephone, email, field offices in the city, etc.), not outsource
core competencies, but map them digitally. Customers and employees should be
involved in the digitalisation process with a well thought-out and careful implementa-
tion (cf. Freitag 2019). ◄
Example Metro
Metro used the Corona pandemic as a trigger to strengthen its customer loyalty and
help its restaurant customers in the process. When it was mandated to track restaurant
guest contacts, Metro had a digital check-in tool programmed to relieve restaurateurs of
paperwork and made it available to them. When the restaurants ultimately had to close,
3.4 IT Architecture Planning 37
Company IT goals Strategy type

Deutsche • Hierarchy-free collabora on and culture of trust Digital business
Telekom • High quality and punctuality of delivery objects strategy
• High level of sa sfac on among internal IT customers
Metro AG • Digital transforma on for Metro AG Digital corporate
• Transforma on of Metro Cash & Carry from tradi onal to strategy
modern mul -channel wholesaler
BASF • IT as a solu on provider IT as a service provider
• Reduc on of IT opera ng costs in favor of projects for digital for digital
transforma on transforma on
Innogy SE • Increasing produc vity with DevOps as well as agile IT as a service provider
• Support of digital transforma on through new services and for digital
digi zed business processes transforma on
Heidelberger • Alignment with business strategy, integrated systems for IT as a service
Cement AG front and back office, digital products provider:
classic IT goals
Lekkerland AG • Harmonized and standardized EU-wide processes IT as a service
& Co. KG • IT as a business enabler, innova on driver and service provider:
provider for the business units Classic IT objec ves
Fig. 3.5 IT strategies according to strategy patterns. (cf. CIO Magazin 2017)
Metro launched a collaboration with Google to integrate a delivery service into Google
Maps. The affiliated restaurateurs no longer have to pay commissions to services such
as Lieferando, but instead receive customers for their delivery service free of charge via
Google search (cf. Kolf 2020). ◄
3.4 IT Architecture Planning
The connection between the corporate and IT strategy and the IT architecture derived from
it was presented in Fig. 3.1. A central element of IT architecture planning is the develop-
ment of an IT development plan. It is also known as: Enterprise Development Plan, Zoning
Plan, IS Plan or Information System Plan, IT Master Plan or Framework Architecture
Plan. The Boehringer Ingelheim company uses the term “Business Support Matrix” (cf.
Grünewald 2013).
The IT development plan describes the target state of an IT architecture (Dern 2009,
p. 157). In the basic form of the IT development plan, the applications are visualized as
elements of a matrix representation of processes and organizational units of the company
(e.g., divisions, departments, areas) (cf. Durst 2007, pp. 38–39). With the help of colors,
special shapes, size and arrangement of graphic elements, individual aspects (time refer-
ence, complexity of an application, cost volume, etc.) can be particularly emphasized (cf.
Primary
Product Damage/
-process Sales Application
developement drawn benefits
Sub-
process- … … … … … … … …
Division
Areas of Operation
Life insurance
Health insurance
Motor insurance
Hybrid-Systems
Fig. 3.6 IT development plan – scheme. (cf. Durst 2006, p. 39)
Durst 2007, p. 43). A simplified principle representation using the example of an insurance
company is shown in Fig. 3.6 and a more detailed example is shown in Fig. 3.7.
The IT development plan provides answers to the following questions:
• What information systems do we currently have in place?

• What is the release status of the information systems used in the company?
• When was an information system introduced?
• When will the next release go live?
• When will the information system be replaced?
• Which interfaces are used to link the different information systems?
• What information is exchanged?
• Which information system is the “leading” system, e.g. for customer data?
• For example, where is customer data recorded and changed?
• Where are changes to customer data forwarded to? (e.g. a change of customer address
due to relocation of the customer must be known in the sales system and in the financial
accounting software).
• Where (which organizational units) and for what (which business processes) do we use
standard software of the manufacturer XYZ in the group or company?
• Where and for what can the standard software still be used?
From a controller’s point of view, the IT development plan offers a possibility to check the
current and planned status of the IT architecture with regard to the fulfillment of strategic
goals and therefore represents an important instrument for strategic IT controlling. With
its help, it can be checked whether the current and future business processes can be sup-
ported appropriately.
3.4
Core Processes of an insurance company

Application/ Management
Consultation Closing of of brokers Contract Claims Pay-in/Pay-out Accounting
contract and business management management brokerage fees
partners
Third-party
IT Architecture Planning
Accident ICIS
Motor (Komposit)
Non-life
Life COR-Life
SVIS
SV informaon system
SAP / RI (counterinsurance)
SAP / ICM (brokerage fees)
SAP / FS CD (pay-in/pay-out)
insurances (Life)
SAP / FI CO AA (Financial accounng)
Addional SAP modules (CMI, HR, RE-EX),
incl. SCD & Phin AMV
Print Print – Papyrus (Writing / Print)

in AD
Service-
Inbox (customer information, document management, Activity management)
systems
Areas of operation
Filenet (Archive)
Planning DWH – Data warehouse

systems (Screening & campaign management )
Fig. 3.7 IT development plan of an insurance company. (cf. Föhrer and Wirtz 2013)
39
3.5 Case Study on the Development of a Digital Strategy
The case study describes a fictitious company. Any similarities with real companies are
purely coincidental. The subject is a medium-sized service company with an annual turn-
over of approximately EUR 400 million/year and around 500 employees. The company is
based in a major German city and has no branches. It offers its services only in Germany
and has no plans to expand its business internationally.
3.5.1 IT Strategy/Digital Strategy
A cross-divisional IT strategy or digital strategy does not exist. A structured coordination

of IT activities with the corporate strategy is therefore not possible. In some departments,
however, there are partial future-oriented considerations and requirements with IT rele-
vance. Sourcing behavior is historically very atypical (see Table 3.2):
Hardware-oriented IT services are provided by the company’s own staff in its own
computer center. Only modern Internet applications are outsourced to various external IT
companies, mostly smaller start-ups. Administrative IT support (setting up PCs, laptops,
network, mobile devices, etc.) is provided by the company’s own staff. Individual software
is predominantly used for core processes. Standard software is used for support processes
(especially finance, personnel, office software). Support is usually provided by the manu-
facturers or external software houses specialising in this area.
Table 3.2 Case study digitalisation – current situation IT sourcing

Aspect Tasks Regulation
IT sourcing Hosting of hardware for central Internally in our own data center
applications
Hosting internet services External service provider A
IT support, helpdesk Internal, own permanent staff
Software development, Software development and External service provider B
operation and use maintenance
Software usage for core processes Individual application software
developed by external service
provider B
Software for supporting processes Standard software from Microsoft
(finance, personnel and office
processes)
IT sourcing Allocation of tasks
3.5 Case Study on the Development of a Digital Strategy 41
3.5.2 IT Architecture Planning
A central overview of applications is missing. There are only outdated rudimentary com-
pilations. There are no management tools (e.g., an IT development plan) for planning and
controlling the IT architecture. There are only some rough process representations that
allow a content-related entry and are roughly updated by the IT department. However, they
do not cover all applications, but could be expanded.
3.5.3 IT Organization
The company is managed by a Management Board consisting of several persons. It is

divided into several business divisions and the “Information Technology” division. The IT
division has around 15 employees of its own. The staff are all between 40 and 50 years old
and have been working for the company for a long time, often since their apprenticeship.
All positions are filled. The fluctuation rate is practically 0%.
The IT area is subdivided into several groups, which mainly perform technical tasks:
• Application support (core applications, human resources software, financial software),

• Server support (data center operation),
• Database support (especially tuning, because of the high data volume),
• IT security (sensitive product data!),
• Telecommunications services (telephone, mobile telephony, Internet) and print services.
Note: Application support is limited to technical support for external IT service providers
(importing updates, backups, maintaining printer tables and similar administrative activi-
ties). Otherwise, the focus is on communication with external IT service providers, who
are responsible for the entire technical analysis, programming, testing and training of users.
There are no standardized performance profiles for employees. Tasks are often assigned
ad hoc by IT management. The principle of “everyone must be able to do everything”
applies. However, this has led to the fact that specialized tasks can no longer be performed,
but have been outsourced to external service providers.
Professional deficits can be seen above all in the areas of IT project management and
business know-how. Technical administration qualifications clearly dominate.
The role of project management in implementation and maintenance projects is only
performed by external persons from among the IT service providers. There is a lack of in-
house application developers, so that the focus of the IT department’s work is on the tech-
nical administration of the installed software.
3.5.4 Data Center
The data center, operated by the company’s own staff, is located in the company’s admin-
istrative building. An external service provider provides the company with a backup center
in the same city (approx. 10 km away). Regularly created backups (1x daily) are also
deposited there by courier. Security exercises are carried out sporadically. These consist of
data being restored and checked. However, no disaster scenario has yet been run through
in which a main building fire or similar was simulated.
3.5.5 Cooperation with External Service Providers
The company works with numerous external IT service providers. No one in the company
has a central and up-to-date overview of all external assignments and projects.
The assignments are completed without formal project management procedures (proj-
ect application, approval process, budget allocation, etc.). The external IT service provid-
ers take over the entire system analysis, development and maintenance of the software.
The technical process knowledge is therefore in the hands of the service providers. IT
management is only insufficiently informed about the IT service providers involved and is
not involved in many projects.
The documentation of the activities of the service providers is carried out differently.
There are no specifications from the company to the contractors, you “take what the ser-
vice provider offers you”. Invoices can only be roughly allocated to commissioned activi-
ties. Detailed controlling of commissioned and performed services is not possible.
There is no IT strategy or digital strategy. The divisions manage “their” external IT
service providers themselves. There is no cross-divisional coordination. The entire spe-
cialist process knowledge and software development are in external hands (100% out-
sourcing), while the technical provision of hardware and network is provided by the
company’s own employees. The costs for the provision of IT systems are high compared
to companies in similar industries.
3.5.6 Task
Design a strategy to solve the problems of the company described. For this purpose, create
a slide set with two to three slides in which you explain the basic strategy.
3.6 Summary
• The classic IT strategy is derived from the corporate strategy in an iterative process,
based on the corporate requirements and limited by technical possibilities.
• Many companies combine the corporate strategy and the IT strategy, i.e. they create a
“digital strategy” in one step.
• Architecture planning enables the IT controller to monitor the IT strategy with regard
to the support of current and future processes.
References 43
References
Bharadwaj A, Sawy E, Omar A, Pavlou P, Venkatraman N (2013) AL business strategy: toward a

next generation of insights. MIS Q 37(2):471–482
CIO Magazin (Hrsg) (2017) Jahrbuch 2018 Prognosen zur Zukunft der IT. IDG, München
Dern G (2009) Management von IT-Architekturen, 3. Aufl. Springer, Wiesbaden
Durst M (2006) Kennzahlengestütztes Management von IT-Architekturen. Springer, HMD 250:2006
Durst M (2007) Wertorientiertes Management von IT-Architekturen. Wiesbaden
Föhrer C, Wirtz F-P (2013) Überblick zum aktuellen DWH-Projekt in der SV Sparkassen
Versicherung aus Sicht des IT-Dienstleisters, Vortrag Usergroup Anwendungsentwicklung im
Versicherungsunternehmen, Leipzig, 11.04.2013 (vereinfachte Darstellung)
Freitag A (2019) Dialog Zukunft, Auf Knopfdruck im Bilde, Systemübergreifender, Zugriff auf alle
Informationen zum Mietobjekt, Essen, 02.07.2019, Vortragsunterlagen
Gadatsch A, Mayer E (2013) Masterkurs IT-controlling, 5. Aufl. Springer, Wiesbaden
Gadatsch A, Kütz M, Freitag S (2017) Ergebnisse der 5. Umfrage zum Stand des IT-Controlling
im deutschsprachigen Raum. In: Schriftenreihe des Fachbereiches Wirtschaft Sankt Augustin.
Hochschule Bonn-Rhein-Sieg, Band 34, Sankt Augustin 2017
Grünewald, Torsten (2013): Business Capability Mapping, Vom Prozessdenken zur Enterprise
Architektur, PeX Conference, Bonn, 29.01.2013 (Presentation Slides)
Hanschke I (2009) Strategisches Management der IT-Landschaft. Vahlen, München
Heinrich L, Stelzer D (2009) Informationsmanagement, 9. Aufl. München, Oldenbourg
Kolf F (2020) Metro nutzt die Coronakrise für sich – und hilft dabei auch der Gastronomie,
Handelsblatt, 15.12.2020, Metro-News: Die Digitalisierung der Gastronomie zahlt sich aus
(handelsblatt.com). Accessed on 15.12.2020
Krcmar H (2005) Informationsmanagement, 4. Aufl. Springer, Berlin
Mertens P, Bissantz, N (2021) Hänschenklein oder Mondscheinsonate: Geraten wir in
eine Komplexitätskrise?, Arbeitsbericht Nr. 1/2021, Universität Erlangen-Nürnberg,
Wirtschaftsinformatik I
Porter M (1998) Competitive advantage. Free Press, New York
Control of the IT Strategy with the Balanced
Scorecard: Implementing and Managing IT 4
Strategies and Digital Strategies
Abstract
This article presents the Balanced Scorecard or, in an adapted form, the IT Balanced
Scorecard. It is an easy-to-use indicator-based multidimensional control system for
strategic IT controlling. With its help, IT controlling can manage the implementation of
the IT strategy or digital strategy down to the level of measures and projects. The
method was originally developed as a concept for general strategic corporate control-
ling. Due to its universal approach, it was later employed in other tasks, including IT
controlling.
4.1 Basics of the Balanced Scorecard
4.1.1 Historical Development
The concept of the Balanced Scorecard (BSC) was developed in the early 1990s by
R. S. Kaplan and D. P. Norton as an instrument for corporate management to replace tra-
ditional performance measurement systems. The groundwork for the development of the
Balanced Scorecard was laid through many years of research conducted by the authors in
corporate practice.
The performance measurement systems available at that time were inadequate because
they only looked at financial figures based on top ratios such as return on investment (RoI)
and thus provided management with one-sided information. Value-adding aspects such as
personnel quality, process efficiency or customer satisfaction were not directly considered
in the management systems used until then. The Balanced Scorecard was conceived as a
strategic-operational performance indicator system linked to concrete measures that sup-
ports balanced corporate management with multiple perspectives.

46 4 Control of the IT Strategy with the Balanced Scorecard: Implementing…
4.1.2 Methodology
A balanced scorecard works with several interlinked areas of analysis (perspectives), for
which coordinated goals, key figures, target values and concrete measures are defined by
means of cause-effect chains. Cause-effect chains represent the interaction of various
objectives from different perspectives and allow several subject areas to be brought into an
overall context. The choice of perspectives is basically an individual decision for the com-
panies, but often, as in the standard version of the Balanced Scorecard, the areas of finance,
processes, customers and employees are chosen because they cover the essential areas.
The Balanced Scorecard can be created for groups, companies, public authorities or
other forms of organisation or can be limited to sub-areas, departments or projects down
to the individual employee. In principle, its use is independent of the size of the
organization.
The example of a simple cause-and-effect chain shown in Fig. 4.1 links staff quality,
customer orientation and financial targets: Qualified employees improve process quality
and reduce throughput times. As a result, customers are supplied more punctually, they
remain loyal to the company, and overall costs are reduced. Satisfied regular customers
ensure a sufficient return on investment in the long term.
4.1.3 Traditional Performance Measurement Systems Versus

Balanced Scorecard
The traditional KPI systems used in the past were predominantly past-oriented and typi-
cally built unilaterally on a financially oriented top KPI, which was successively broken
Staff Processes Customers Finances
Process
quality
On-time Customer
ROI
Qualified delivery loyalty
Staff
Process
throughput
time
Fig. 4.1 Example of a simple cause-effect chain. (cf. Appel et al. 2002, p. 89)
4.2 Adaptation for IT Controlling 47
Sales
Cover
contribution
Variable costs
Profit
Specific fixed
Turnover
costs
profitability
Fixed
General fixed
Sales costs
Roi
Property, plant
Sales and equipment
Investment
assets
Financial
Capital
assets
turnover
Total
capital
Inventories
Current
Receivables
assets
liquid
assets
Fig. 4.2 Dupont key figure scheme. (cf. Dillerup and Stoi 2006)
down into individual KPIs. This system always worked towards a specific goal, which was
represented by the key performance indicator.
A well-known example of a peak ratio-based system is the DuPont ratio scheme, which
was developed and used by the DuPont company (cf. Fig. 4.2). The Balanced Scorecard,
on the other hand, provides a future-oriented networked system of key figures and coordi-
nates the management systems used in the company.
4.2 Adaptation for IT Controlling
The Balanced Scorecard was adapted for use in IT controlling only after several years of
use in general controlling. It is considered a tool to support the goals of IT governance (cf.
van Grembergen and De Haes 2005). The team of authors Buchta et al. (2003, p. 279)
proposes six IT perspectives for adaptation to the requirements of the IT controlling

concept:
• IT Staff,
• Projects (in information technology),
• Customers (of information technology),
• IT infrastructure (hardware, software, network),
• Operation (of IT systems) and
• Finance.
In addition to the use of the IT balanced scorecard for the IT area, other authors also pro-
pose the management of individual IT projects as a “project scorecard” (cf. e.g. Engstler
and Dold 2002). Other proposals also see it as an instrument for assessing IT investments
(Balanced IT Decision Card, cf. Jonen et al. 2004).
4.2.1 Implementation Concept
Baschin and Steffen (2003) recommend a four-stage implementation concept for the intro-
duction of an IT balanced scorecard: clarification of the strategic goals of IT, translation of
the IT strategy into measurable variables, communication of IT strategy and goals, and
obtaining strategic feedback as part of a top-down – bottom-up process (cf. Baschin and
Steffen 2003, p. 368ff.). Another approach based on a vision is shown in Fig. 4.3.
Long-term
orientaon Vision
of IT
Basic principles
of implementaon Mission
IT goals to
aain the
set vision
Strategic IT goals /
List of objecves
Implementaon
Measures / Projects
Fig. 4.3 From vision to action

Targets Indicator Target Value Measures
e.g. Creating a dedicated

e.g. Improving e.g. 95% of queries
e.g. overall duration of solving User Helpdesk,
IT customer submitted within one
customer queries uniform processes to
satisfaction day
answering customer
queries
performance indicator Measurement of Implementation of target

as set in IT-strategy target achievement achievement
Fig. 4.4 Implementation of the IT balanced scorecard using the example of the IT customer satis-
faction target
First, a vision is developed as the long-term orientation of IT, and a mission is formu-
lated, i.e. principles for the implementation of the vision. This is followed by the definition
of goals, key figures, target values and measures for the implementation of the IT strategy
or digital strategy.
Figure 4.4 uses the objective “IT customer satisfaction” as an example to show how the
transformation process is carried out from the objective to possible key figures, here “pro-
cessing time of inquiries” and target values, here “95% within one day”, to measures (here
setting up a user helpdesk, etc.).
4.2.2 Practical Example of a Research Institution
Figure 4.5 shows an example of a vision, mission and target catalog for the IT balanced
scorecard that was developed at a research institution. The perspectives “Customer” and
“Processes” are taken from the standard, the perspectives “Technology” and “Efficiency &
Effectiveness” have been specifically selected. The catalog of objectives includes goals
that have not yet been underpinned by measures presented here.
4.2.3 Cascaded Overall System
In large organizations, it is recommended to set up a cascaded system of balanced score-

cards with the following components (cf. Fig. 4.6): corporate scorecard, divisional score-
cards (e.g. for the IT area) and, if necessary, further scorecards, e.g. according to
departments, processes and IT projects.
We will increasingly contribute to reach the enterprises

Vision targets. This will affect our research acvies as well as our
IT infrastructure.
Mission IT management is responsible for the implementaon of

cost-reducing measures whilst also connuously improving
the quailty of service for internal customers
Strategic target IT infrasturcture is designed in such a way, that the newest technology
can be used with the maximum of efficiency and effecveness
Perspecves on Customer Technology Processes

Efficiency &
IT-Balanced Scorecard Effectiveness
Improved
Introducon of fully
communicaon Increase the level of Cost-reducon in the
developed
regarding standardizaon IT-Department
technology
innovaons
Target objecves
according to perspecves Improved Increase of IT-
Increase work
communicaon with support as well as
producvity
users overall IT benefit
Transparent design Reducon in media

of system context disrupons
Improvement of user
support
Fig. 4.5 Example of a vision, mission and list of objectives for a research institution
IT-Scorecard
Corporation
IT-Scorecard IT-Scorecard IT-Scorecard IT-Scorecard

Area I Area II Area III Area IV
IT-Scorecard IT-Scorecard IT-Scorecard IT-Scorecard

IT-Scorecard
Bereich I .. IT-Scorecard
Bereich I ..
Area I .. Area II .. Area III .. Area IV ..
Fig. 4.6 Cascaded system of the IT balanced scorecard

Business Coordinate IT-Strategy

Strategy
Strategic Strategic
Map Learning Map Learning
Scorecard Scorecard
•Targets • Targets
•Performance
Coordinate • Performance
indicators indicators
•Target values • Target values
•Measures≈ • Measures≈
Supervise
Supply Supply Supervise
Coordinate
Budgets IT-Budgets
Finance Report Finance Report
Coordinate
Measures IT-Measures
Fig. 4.7 Integration of the IT balanced scorecard into the management system
Important for the successful implementation of an IT balanced scorecard is an intensive

coordination of all scorecards within the organization. Then goal conflicts can be avoided
and holistic effects for a balanced system of key performance indicators can be achieved
(cf. Fig. 4.7). Organizational units that create a balanced scorecard should have a high
degree of autonomy of responsibility so that they can decide on strategies and measures to
be derived from them (Form and Hüllman 2002, p. 692).
4.2.4 Key Questions of an IT Balanced Scorecard
In order to obtain realistic goals, guiding questions should first be formulated that support
the vision and mission. Concrete goals and measures can then be derived from these.
Possible guiding questions and associated key figures of a standard IT scorecard with the
perspectives of finance, processes, personnel and customers are listed below as examples.
These goals have to be worked out individually depending on the concrete case of
application.
4.2.5 Financial Perspective
For example, the Financial Perspective clarifies the questions:
• What contribution can IT make to the financial success of the company?

• How can the total cost of ownership for workplace systems be reduced?
• How can IT process costs be reduced?
As key figures of the financial perspective are recommended:
• IT costs per employee,
• IT project costs and benefits,
• Profitability growth after IT project implementation (e.g. after introduction of an ERP
system),
• Number of workstation systems per employee,
• Total cost of ownership per IT workstation/per employee,
• IT costs as a percentage of revenue/sales volume/total costs.
4.2.6 Process Perspective
For example, a process perspective answers the questions:
• How does the use of information technology improve process quality?

• How can IT processes (e.g. introduction of standard software, elimination of faults on
end devices) be accelerated by outsourcing?
The key figures of the process perspective are:
• Number of complaint cases, complaints, escalations to top management,

• Number of interventions by managers in operational IT processes,
• Number of process innovations by own employees,
• Throughput speed of an IT process from process input to output.
4.2.7 Staff Perspective
The issues related to personnel perspective can be captured and clarified by asking the fol-
lowing questions:
• What potential do our IT specialists have?

• How can we increase the professional and social skills of our IT staff?
• How can knowledge management be improved?
• What is the level of employee satisfaction?
• Can motivation and identification in the company be measured and increased?
Key figures for the personnel perspective provide the following data:
• Staff turnover, overtime and sickness rates in the IT sector,

• Number of suggestions for improvement (absolute/per IT employee),
• Number of publications by IT staff (absolute/per employee),
• Number of IT employees with job-related secondary activities (teaching assignments at
universities, as lecturers at external or internal training courses, membership of research
working groups),
• Number of participants in training events, company parties or company meetings,
• Degree to which timelines are met.
4.2.8 Customer Perspective
A customer perspective seeks answers to the following questions:
• What products does IT create for its customers?

• How can SLAs (Service Level Agreements) increase customer satisfaction?
• How do customers rate our services in comparison to other service providers
(benchmarking)?
Customer perspective metrics provide the following data:
• Number of visitors at trade fairs, in-house exhibitions and similar events,
• Number of customer calls,
• Number of customer publications (product information, newsletters, etc.)
• Frequency of access to sales-oriented websites,
• Processing time for inquiries, customer orders, complaints, fault clearance, etc.
• the share of new customers in the total customer base,
• the ratio of standard orders to individual orders,
• Percentage of on-time deliveries,
• Number of service level agreement violations.
4.2.9 Use in Practice
The IT balanced scorecard (IT scorecard for short) is used in about 30% of German com-
panies for IT management (cf. Gadatsch et al. 2013, p. 11). The example in Fig. 4.8 repre-
sents the IT scorecard of a group service provider for information technology that competes
with external providers and has to compete for orders from the group and its units.
4.2.10 Practical Example Daimler-Benz
At Daimler-Benz, the IT scorecard is considered the “business card of IT” (cf. Sarsam
2010). The idea is to transfer concepts from production to administration and has been
Customer IT-Processes
Target Performance Target Measures Target Performance Target Measures
indicators values indicators values
Become Percentage of Market Interview Improve Quota of Rate Analyse internal
preferred Sales per IT share Customers performance timely > 95% processes and
corporations volume > 75% Analyse of IT- adressed benchmark these
supplier requirements Processes malfunctions / with direct
Total share of Market to market total number competition
Prices on market standard
IT- share Standardise
level Number of Rate
applications > 80% IT-Processes
Services on complaints < 10%
market level based on ITIL
Staff/Learning Finances
Target Performance Target Measures Target Performance Target Measures
indicators values indicators values
IT- Number of 10 Updating of job Contribution TCO per IT TCO Perform TCO
Personnel advanced IT days descriptions of every workplace Analysis
is training days per < xxxx
IT-Process EUR Integrate ROI into
adequetly per Employee year towards
trained to Compare approval process
Adherence to Rate requirements to success is Total effiency ROI
meet transparent
required set > 95% current level of (ROI) > 10%
appointments training Survery monthly
standards ROI per IT-
Establish training Measure
schedule
Fig. 4.8 Example of a simple IT balanced scorecard
implemented for 700 projects worldwide. A look at the production shows on a number
board what is currently being assembled where, the IT board shows who has made a mis-
take where. In this way, IT can provide answers to important business questions, such as
„How many cars/trucks could not be built because of IT malfunctions? As a side effect, the
management board is not only informed when something in IT does not work, but when
there are successes.
4.3 Evaluation of the Methodology
The IT balanced scorecard offers a holistic corporate view in the IT controlling concept.
Through a holistic linking of corporate strategy, IT strategy and information management
measures, there is a close interlocking of the company with the IT controlling concept. The
use of IT serves the corporate strategy. A networking of existing management instruments
and key figure systems integrates proven solutions into the IT controlling concept, thus
protecting investments that have already been made.
The IT balanced scorecard usually focuses on internal problem solutions in the plan-
ning process. Interactions are not always verifiable via cause-effect relationships. Many
objectives, key figures, etc. are difficult to differentiate in practical use to individual areas,
departments and persons. Introduction and use of the IT-Balanced Scorecard cause a high
expenditure of time and require resources for personnel and information technology.
Table 4.1 compares the differences between the Balanced Scorecard method and the clas-
sic KPI-based systems.
4.5 Summary 55
Table 4.1 Differences between traditional KPI systems and the BSC
Traditional KPI systems Balanced scorecard
Support of analysis and information Support of planning, management and control
(reporting) (controlling)
Purely fiscal/monetary orientation of the KPI Alignment with all relevant stakeholders as far as
structure (past-oriented view) possible (future-oriented view)
KPI are based on mathematical decomposition KPIs are based on cause-effect relationships
of top key figures (empirical/analytical determination)
Cost orientation is in the foreground Performance orientation is in the foreground
Barthélemey et al. (2011, p. 62)
4.4 Exercise on the IT Balanced Scorecard
An IT startup wants to become the “leading Big Data system house in Europe” by offering
the following:
• Data Center (e.g. cloud services, Big Data as a Service),
• Consulting/projects (e.g. strategy consulting, use case development for Big Data
projects),
• Development and distribution of a cloud-based standard software for real-time analysis
of customer opinions (Twitter, Facebook, etc.).
The management strives for the following goals
• Europe-wide activities,
• Sustained high sales and profit growth,
• satisfied customers and staff,
• High professional reputation.
4.4.1 Task
• Develop a BSC for strategy management,

• First, formulate a vision and mission,
• Define appropriate perspectives and guiding questions,
• Set appropriate goals per perspective to achieve the guiding questions,
• Define key figures, target values and target corridors (green-yellow-red),
• Define appropriate measures/projects to achieve the objectives.
4.5 Summary
• IT strategies or digital strategies form the basis for strategic IT controlling.

• The IT balanced scorecard is a key performance indicator system for controlling the
implementation of the IT strategy or digital strategy, which enables IT controlling to
manage the strategy implementation process.
• The IT balanced scorecard contains goals, key figures, target values, measures for indi-
vidual perspectives: customer view (view of IT customers on information processing),
IT process view (quality of information processing), IT staff view (suitability and sat-
isfaction of staff), financial view (profitability of information processing).
References
Appel D, Brauner S, Preuss P (2002) Einsatz von SAP strategic enterprise management als
IT-gestütztes balanced scorecard-system. Inf Manag Consult 17(2):89
Barthélemey F, Knöll D, Salfeld A, Schultz-Sacharow C, Vögele D (2011) Balanced scorecard
Wiesbaden, S 2011
Baschin A, Steffen A (2003) IT-Controlling mit der Balanced Scorecard. Kostenrechnungspraxis
45(6):367–371
Buchta D, Klatt M, Kannegieser M (2003) Performance Management zur strategischen Steuerung
der Informationstechnologie. Control Mag 3:277–282
Dillerup R, Stoi R (2006) Unternehmensführung. Vahlen, München
Engstler M, Dold C (2002) Einsatz der Balanced Scorecard im Projektmanagement. In: Kerber et al
(Hrsg) Zukunft im Projektmanagement. dpunkt, Heidelberg, S 127–141
Form S, Hüllman U (2002) Chance- und Risk-Scorecarding. Umsetzungsaspekte eines IT-gestützten
strategischen Reporting. Controlling 12:691–700
Gadatsch A, Kütz J, Juszczak J (2013) Ergebnisse der 4. Umfrage zum Stand des IT-Controlling im
deutschsprachigen Raum, Bd 33. Schriftenreihe des Fachbereiches Wirtschaft Sankt Augustin,
Hochschule Bonn-Rhein-Sieg, Sankt Augustin
Jonen A, Lingnau V, Müller J, Müller P (2004) Balanced IT-Decision-Card, Ein instrument für das
Investitionscontrolling von IT-Projekten. Wirtschaftsinformatik 46(3):196–203
Sarsam R (2010) (CIO-Magazin): Daimler-CIO Gorriz: Die Balanced Scorecard bei der Daimler
IT. www.cio.de2223908. Accessed on 04.06.2019
van Grembergen W, De Haes S (2005) Measuring and improving IT-governance through the bal-
anced scorecard. Inf Syst J 2. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.469.754
1&rep=rep1&type=pdf. Accessed on 12.02.2021
IT Portfolio Management: Manage IT Project
Selection 5
Abstract
IT portfolio management implements the strategic measures from the IT strategy or

digital strategy within the available budget in concrete projects, monitors their progress
and initiates countermeasures if necessary. This article describes the concept of IT port-
folio management, identifies critical success factors, and addresses the special features
of IT security projects within the portfolio management process.
5.1 IT Portfolio Management as Part of IT Governance
The foundations of portfolio theory dates back to an article by Markowitz (1952), who
dealt with the question of designing optimal bundles of bonds. Much later, international
studies found that in industries that depend heavily on IT, there is a strong correlation
between the quality of IT investments and company performance (cf. Zimmermann 2008,
p. 460). Higher IT investments generally have a positive effect on corporate success. The
key question here, however, is choosing the “right” IT investments.
IT portfolio management is therefore an important element of a company’s IT gover-
nance. It ensures that the projects with the highest value contribution for a planning period
are selected from the bundled demand for IT services (IT demand), budgeted and realized
by internal or external IT (IT supply). According to Helmke and Uebel, it consists of the
two sub-processes “Definition of the (future) project portfolio” for the next planning
period, and “Management of the current project portfolio” (cf. Fig. 5.1).

58 5 IT Portfolio Management: Manage IT Project Selection
Processes of IT-Portfolio-Management
IT- Definition of Management of IT-

Demand (future) Project- (current) Supply
Portfolios Project-Portfolios
Fig. 5.1 IT portfolio management processes. (Based on Helmke and Uebel 2013, p. 61)
Company Project portfolio

architecture management
Identify dependencies,
review
requirements,
IT Project 3 analyse risks Project C
Estimate costs,
IT Project 2 analyse benefit, Project B
reasses priorities
IT Project 1 Project A
Select project and

Validate technical schedule it. Budget and allocate
capabilities ressources
Project Planning
Time
Fig. 5.2 Relationship between IT architecture and IT portfolio management. (Gellweiler 2020,
p. 108, translated into German)
5.1.1 IT Architecture and IT Portfolio Management
IT-relevant projects can be roughly divided into technically driven architecture projects of
the CIO and business-driven projects of the business side. Very often, there are many
dependencies and overlaps (e.g., in terms of time or subject matter) between these proj-
ects. It is therefore necessary to identify the dependencies, the mutual requirements and
the resulting risks. From this, costs and benefit aspects can be estimated and ultimately
priorities can be derived. The basis for this is provided by the analysis and model of
Gellweiler (2020), which is roughly outlined in Fig. 5.2. Only the interaction of both proj-
ect types in a jointly prepared sequence plan (roadmap) leads to the desired results.
5.2 Concept of IT Portfolio Analysis 59
Fig. 5.3 Important portfolio

management terms
IT-
Governance
Project-
Portfolio-
management
Multi-
Project-
management
Project-
management
5.1.2 IT Governance and IT Portfolio Management
Within the framework of IT governance important “rules of the game” are defined, e.g.
project selection, prioritization and budget allocation. Project management takes over the
task of planning and controlling individual projects and ensures that the project goals are
achieved. The project portfolio management is responsible for project selection and its
ongoing adjustment. In larger companies, the establishment of multi-project management
(program management) makes sense. It takes over the planning and control of a project
bundle (program) consisting of several thematically related projects. Project controlling
provides key figures and analyses, monitors implementation (e.g. budgets, milestones) and
ensures transparency. The described context is shown in Fig. 5.3.
5.2 Concept of IT Portfolio Analysis
Usually, IT projects are processed in parallel at different stages of progress (e.g. in plan-
ning, in the approval process, in the technical conception, in development, in introduction,
in trial operation, in maintenance, in replacement). Since financial and other resources
(e.g., special personnel) are limited, decisions must be made regularly about the composi-
tion of the project portfolio. In order to draw up a list of priorities as a starting point for
concrete decisions, quantitative procedures have been common practice to date, which
take into account the parameters of return and risk in particular (cf. Wehrmann et al. 2006).
cc Definition of Portfolio Management Portfolio management is the systematic and

comprehensible determination of the projects or plans to be implemented in the planning
period in support of the company’s goals, taking into account several objective criteria:
• Profitability of the projects,

• Contribution of the projects to the authority or IT strategy,
• Realization probability/project risk,
• Urgency of projects,
• Safety relevance of the projects,
• Payback period of the projects,
• Decision-makers’ willingness to take risks.
In the scope of portfolio management, three project types can be distinguished from the
point of view of the need for evaluation: Target projects, mandatory projects and standard
projects.
5.2.1 Target Projects
Target projects are projects desired by the authority’s management from a strategic point
of view, which should not or do not have to be subjected to an evaluation. They are con-
sidered “set” for the project portfolio.
5.2.2 Must-Do Projects
Mandatory projects are unavoidable for operational or legal reasons. General examples are
the Y2K changeover (factually necessary) or the euro changeover (law) of IT systems.
5.2.3 Standard IT Projects
Standard IT projects undergo a standardized evaluation process, e.g. with regard to their
capital value and risk or their contribution to the corporate strategy (value-in-use analysis).
Examples include the introduction of a new logistics system or the redesign of the account-
ing system including a software conversion.
5.2.4 Life Cycle Model
IT portfolio management comprises the evaluation and selection of new IT projects or

maintenance projects and their control in a standardized evaluation process. The evalua-
tion is carried out from the perspective of the IT controller in the form of a life cycle model
through an IT project selection oriented to the IT strategy of the company (IT project
portfolio management) and the control of the projects through participation in the steering
committees of the IT projects (cf. Fig. 5.4).
Figure 5.5 shows a practical example of a real portfolio management process. It shows
the Basler Kantonalbank, which first collects and categorizes project ideas from the busi-
ness side and the IT side as part of an idea generation process. This is followed by a sys-
tematic evaluation from selection or updating of the portfolio. This is followed by project
monitoring (project controlling) and benefit collection, i.e. the downstream review of eco-
nomic viability.
The presentation of project portfolios is often supported by graphical methods (cf.
Fig. 5.6), in which the two main decision criteria (here economic efficiency and strategic
• Preliminary study
• Process improvement
• Maintenance
• New projects / investment
• …
IT-Portfolio- IT-Project-
navigation application
IT-Portfolio- IT-strategy-
management development
Life-Cycle
IT-Portfolio-
communication IT-Portfolio-
analysis
& prioritisation
IT-Portfolio-
adjustment
Fig. 5.4 IT portfolio management life cycle

62
Analysis of
Project idea
Based on a submied business case,

Collecon of project ideas as well as
an assesment of the strategic orientaon
Department
technical concept Project Porolio

joint Management
Project
proposed Evaluaon
IT Idea &
5
IT soluons
Selecon
System/Applicaon
Management
approval
IT projects can be categorised into different groups,

for example:
I Investment dependant (e.g.: new Factory) Project execuon Reaudit of financial viability
T IT infrastructure
Project
V Prelimenary Studies monitoring Addional benefit
P Process improvement
Fig. 5.5 IT portfolio management at Basler Kantonalbank

IT Portfolio Management: Manage IT Project Selection
High
P7 P1
P3
P2
Cost efficiency
P5
P4
P6
Low
Low High
Likelihood of Realisation
Fig. 5.6 Representation of a project portfolio
contribution) are shown on the axes. The diameter of the circles with which the projects
are drawn in represents the relative budget size.
5.2.5 Selected Research Approaches
Some research approaches have drawn on proven classical methods for the valuation of
financial investments to mathematically determine an integrated utility value and have
presented special valuation functions for IT projects (cf. Wehrmann and Zimmermann
2005, p. 247ff.). The utility function developed by Wehrmann and Zimmermann (2005)
takes into account the expected net present value of the project, the estimated project risk
and the individual risk attitude of the decision maker according to Bernoulli’s principle, a
method for supporting uncertain decisions. The utility function for an IT project is (cf.
Wehrmann and Zimmermann 2005, p. 249):
α 2
Vi = v ( zi ,σ i ) = zi − σi
2
Vi is the integrated benefit value of the project. The parameter zi gives the expected NPV
of the project and σ2 gives the estimated variance as a measure of the risk of the NPV
occurring. The value of a safe project σ2 = 0 is equal to its NPV. The parameter α is the risk
aversion level of the decision maker. If α takes the value “0”, the value of the project also
corresponds to the NPV.
More recently, Karrenbauer and Breitner (2020) published a quantitative approach
based on an extensive literature review. It is a complex scoring model for evaluating IT
investments that takes into account the project selection criteria complexity, risk,
efficiency, strategy and urgency. The criteria used by the authors are likely to cover a wide
range of common selection criteria in practice. Since there is still a lack of comprehensive
practical experience with the model, no explanation of the approach is provided and refer-
ence is made to the original source (cf. in detail Karrenbauer and Breitner 2020).
5.3 Critical Success Factors and Introduction
The success of project portfolio management depends on a number of factors. In particu-

lar, it is important to have the full backing of the authority management, as rules must be
observed. As a rule, no project approval may bypass the established procedure. For larger
data volumes, suitable software support is also necessary. At the start, standard IT tools are
quite sufficient (e.g. a spreadsheet program). As the portfolio grows, it makes sense to use
specialized tools. It is also important to set up an “IT project office” as a central contact
point for applicants, a project management and a project controlling.
The initial introduction of IT portfolio management is to be organized as a project. A
generic procedure model is shown in Fig. 5.7. It shows that first of all an initial survey of
the projects must take place. Many project-like measures run in specialist departments or
in IT without being classified as a “project”. The second step is to survey the processes that
have been used to date. Here, the reasons for the respective procedures, especially the
release rules, should also be questioned. This is followed by a categorization of the proj-
ects, the selection and implementation of a tool, and the design of the target processes with
the future release rules.
Methodology for introducing IT portfolio management
As-if-survey As-if-survey Typification Structure Design Training

of projects of processes of projects Project DB processes & Rollout
Project status Approval Definition & Tool selection Determination of

(Idea, Applied, mechanism categorization of and Portfolio-Life-
Planned, Ongoing) projects data Cycle
acquisition (process orientated model)
Project contents Prioritization- and
(Topic, Target, procedure and Prioritization-
Leadership, Duration, requirements procedure
Budget) (funnel approach)
Identification
of cross-relationships
Fig. 5.7 Process model for the introduction of IT portfolio management

5.4 Case Study on the Prioritisation of Digitisation Projects 65
5.4 Case Study on the Prioritisation of Digitisation Projects
In 2019, the mechanical engineering company Trumpf GmbH & Co KG published a com-
prehensive concept for prioritizing digitization projects (see Pschybilla et al. 2019), which
forms the basis for this section.
The business environment “mechanical engineering” is subject to strong changes. In
particular, there is an increase in external and thus also internal complexity, a stronger
focus on “end-to-end” customer requirements and an increasing number of digitalization
projects with many dependencies. In addition, the projects are often cross-divisional in
nature. This has led to a desire for effective prioritization. Classic portfolio management
approaches seemed unsuitable to the company. The method therefore developed by the
company is based on the classic business case for IT investments (value in use, net present
value), the real options theory and mathematical models for several decision criteria. On
this basis, a four-stage decision-making process was designed:
1. Project pre-selection,
2. Project Analysis,
3. Portfolio formation and
4. Portfolio Management.
The first phase (project pre-selection) serves to identify projects and carry out a feasibility
study. For this purpose, all projects that run along the process chain are identified. All
projects are qualitatively examined with regard to their impact on the process chain. In
addition, legal aspects and feasibility are reflected.
The analysis of the second phase (project analysis) is carried out by means of a business
case for IT investments using utility values and capital values. The effects are mirrored
along the process chain and broken down to individual processes.
In the third phase (portfolio formation), project values are determined in the context of
the entire portfolio. Dependencies are also determined here. So-called „basic projects“
form the basis for further projects that do not create a positive value contribution on their
own. The project value-cost matrix shows the project value (utility values) and costs (net
present value) in one representation.
In the fourth phase (portfolio management), the portfolio is regularly adjusted and con-
trolled. Projects are evaluated with regard to progress and, if necessary, removed from the
portfolio.
5.5 Evaluation of IT Security Projects
5.5.1 Problem
The evaluation of IT security projects (e.g. establishment and operation of encryption

systems, use of digital signatures for authentication of persons) is problematic from a
purely economic point of view, as often no direct benefit can be measured. Nevertheless,
it must be ensured that sufficient budget funds are made available for IT security measures
so that they are not crowded out by other projects from the IT project portfolio that can
demonstrate greater economic efficiency. Selected practical examples are used to illustrate
the possibilities for evaluating IT security projects (cf. in detail Gadatsch and
Uebelacker 2006).
Example 1: Data Backup and Virus Protection
In practice, the economic efficiency of a data protection concept or virus protection

project is seldom inquired about as long as the protective measures have not yet been
established, since the necessity appears to be unavoidable. If, on the other hand, the
solution has already been implemented, a “technology refresh” (updating an IT solu-
tion to the current state of the art) with correspondingly reduced operating costs may
enable the project to make a positive contribution to profitability.
Therefore, the question arises: Why should public authorities invest in IT security
projects? Ideally, they carry out a risk assessment. Either they bear the risk and do noth-
ing further, or they consider the risk unacceptable and take action, e.g. by installing
virus protection software or a backup system. IT security projects have a hedging effect
on investments. Encryption, virus protection and firewall projects are typical examples.
However, the relevant business process as such is not “optimized”, but merely “secured”
by the IT security measure. These projects increase the costs of the infrastructure due
to the necessary investment and ongoing maintenance costs. This means, however, that
a positive economic efficiency cannot be presented here. ◄
Example 2: Single Sign On
Passwords should be difficult to guess and should be changed periodically. Numerous

employees manage passwords for different IT systems they use (e.g. e-mail, travel
expense accounting or cash register systems) and need help when faults occur (e.g.
password reset). Single sign-on systems (SSO) are one solution to simplify this prob-
lem. They ensure that a user only needs to authenticate once. This is done either by a
password or a chip card (smart card). The SSO system has stored the passwords for all
required target applications. ◄
5.5 Evaluation of IT Security Projects 67
Example 3: Electronic Tax Return (Elster)
Elster is a project started in 1996 by the German government and federal states to digi-
tize the handling of the German tax system. One aim of ELSTER is to support citizens
in preparing their tax returns in digital form. In the process, the data for the tax return
forms are recorded electronically in a decentralised manner. The idea is now to make
the recorded data available to the tax administration via the Internet for further process-
ing. This saves the tax administration the costs of data entry and can speed up the pro-
cess. A positive economic efficiency can be assumed for this scenario.
However, the efficiency effect relates to the entire business process. The factors that
positively determine the economic efficiency are primarily provided by the saved elec-
tronic data entry. The implemented security mechanisms “merely” act as “enablers” for
the implementation of the optimization potential. ◄
Example D: Digital Signatures in Workflow-Supported Business Processes
The use of digital signatures in workflows (Workflows are automated business pro-
cesses, cf. in detail Gadatsch 2020.) is about electronically supporting repetitive busi-
ness processes and using authentication mechanisms to trigger the execution of
sub-steps and provide evidence of their completion. For example, the release of an
order, the approval of a vacation request or a business trip can be such a substep.
Workflow management systems often release a high optimization potential. A positive
economic efficiency can usually be demonstrated.
The legal framework basically offers the possibility of replacing manual signatures
with certified digital signatures (electronic signatures). However, this requires technical
and organisational investments to which a benefit must be assigned in order to prove
positive economic efficiency. The benefit can only be generated from process improve-
ments. The process optimization with the release of the savings potential does not result
directly from a security project, but from the replacement of paper-based processes
with electronic systems. ◄
5.5.2 Project Types for IT Security Projects
If the projects presented are classified, three project types can be derived according to
Uebelacker (cf. Gadatsch and Uebelacker 2006): the insurer project, the enabler project
and the saver project (cf. Fig. 5.8).
5.5.3 Insurer Project (Insurer)
The aim of these projects is to minimize the probability of occurrence and the risk of unde-
sirable events. The primary goal is not to realize potential savings. As a rule, a positive RoI
IT Security Projects
Insurer Project Enabling Project Optimizing Project

(insurer) (enabler) (optimizier)
Target: Target: Supporting the security Target: Generating saving

requirements of new processes potential through the IT safety
Reducing probability and risk of
Project.
unwanted chain of events.
Savings potential is delivered by The IT safety project „pays“ for

Realisation of potential for
the new process. itself.
savings is not a primary target
Without the project the new

application is not possible.
ROI is not presentable ROI is indirectly presentable RoI is presentable
Numerous Examples: Firewall, Typical Example: PIN-TAN Citizen ID

Antivirus, Login control, … Procedure when banking online Single-Sign-On authentication
scheme
Fig. 5.8 Project types for portfolio analysis (IT security projects)
is not presentable. Numerous IT security projects are insurer projects (e.g. firewall, virus
protection program, access control systems).
5.5.4 Enabler Project (Enabler)
If new business processes have security requirements, these are often enabler projects. The
IT security measures have a supporting character. The savings are primarily achieved by
the application, not by the security modules. A typical example is PIN-TAN procedures in
Internet banking, without which no banking transactions are possible via the Internet.
Firewall systems are also included here, which only enable selected transactions by seal-
ing off the company network (e.g. secure access by customers to their order data on the
company computer). RoI considerations are of secondary importance in enabler projects.
5.5.5 Optimizer Project (Optimizer)
This type of project is rarely encountered. Savings potentials can be realized through a
security application. One example is the digital citizen card (digital ID system), which
offers a variety of potential economic benefits as an identification medium.
When assessing an IT security project, it is necessary to determine what the savings
potential is based on. Typically, the application is responsible because it maps the business
process to IT systems. In the case of ELSTER, the electronic form filled out by the citizen
5.5 Evaluation of IT Security Projects 69
represents this application. If we examine projects with savings potential, we notice that
the applications are rarely “pure” security applications. Single sign-on projects are excep-
tions. It becomes clear that numerous applications require IT security functions in order to
generate their added value. A classic example is Internet banking, which is not possible
without secure data exchange with the PIN-TAN procedure between the customer and the
bank. Nevertheless, an important result remains to be noted: For many IT security proj-
ects, no positive economic contribution can be presented.
5.5.6 Solution Concept RoSI
Against the background of the problems described above, the University of Idaho has
developed a calculation model based on return on investment (RoSI) (cf. Keller 2002).
RoSI is the difference between the benefits achieved by IT security measures and the costs
of implementing and operating the necessary IT security tools (e.g. firewall, encryption
software). In addition to the implementation costs, RoSI also takes into account the costs
caused by damage. The formulas for calculating the RoSI key figure are documented in
Fig. 5.9.
A simple calculation example gives the following picture: The purchase and operation
of a firewall (T = 30,000 €) ensure a security level of 95%. The total risk of possible dam-
age if a firewall is not used is estimated at 100,000 €. The gross saving by using the firewall
is E = 95,000 €. After deducting the tool costs of T = 30,000 €, a net saving of RoSI = 65,000
$ remains. Or a bit simpler: RoSI = E – T [65,000 € = 95,000 € – 30,000 €].
The use of the method is not easy in practice. An example from banking practice was
published in (Sowa 2007). A bank would like to replace the classic PIN/TAN procedure
used so far, which has some weaknesses, with more modern procedures. The bank’s tech-
nical experts favour the HBCI procedure, as it is currently considered the most secure but
also the most expensive. A compilation of all possible alternatives (cf. Figs. 5.9 and 5.10)
RoSI = R – ALE R Annual cost of IT damage removal due to attacks on

IT systems.
ALE Annual Loss Expectancy
(Annual loss expectation through remaining
damages).
ALE = (R-E) + T E Saving (Use) through reducing

the damages removal costs (R)
by implementing IT security measures.
T (Tool-)Costs for security measures.
RoSI = E – T
Fig. 5.9 Return on Security Invest (RoSI)

Method Explanation Effectiveness Investment ROSI Ranking Ranking in

for Banks / € accord. customer
Customers ROSI friendliness
€
HBCI Phishing and Pharming no longer possible. 90% 60,000 / 3,000 5 4
Risks: Reading device, cards and smartphone 70
can be physically removed from owner through
theft.
mTAN Phishing and Pharming no longer possible, 90% 50,000 / 13,000 2 3
because Mobile TAN in text message only valid 17
for a specific transaction with a specific amount.
eTAN TAN is generated directly with the transfer order, 75% 35,000 / 17.500 1 2
therefore effective against phising. 10
iTAN Phishing only possible thorough increased effort 60% 30,000 / 12,000 3 1
(Retrieval of multiple iTANs required) 0
PIN Procedure is already in use with the bank 10% 0/ 7,000 4 1
TAN presented in the case study 0
Fig. 5.10 Use of the RoSI method in practice. (cf. Sowa 2007)
offers a compromise between customer friendliness and cost-effectiveness (measured with

the ROSI ratio). A recommendation is made for the iTAN or eTAN procedure.
The calculation of RoSI with available data is comparatively simple. It can be used as
an additional but not sufficient argument to underpin security investments. Pohlmann
(2006, p. 30f.) has published a practical example of calculating the RoSI indicator for the
loss of laptops. His example shows that security investments can certainly be determined
with the help of RoSI. However, the calculation of the RoSI ratio can fail if it is not pos-
sible to obtain sufficient data, because the amount of damage incurred is not always
known. Potential damages often cannot be quantified. The ROSI approach is computation-
ally simple and can be used if the data situation is good, but unfortunately it is not suitable
in many cases in practice because of the problematic data collection (cf. e.g. also Matousek
et al. 2004, p. 37).
5.6 Case Study on Project Selection
5.6.1 Scenario
• “Maschinenbau AG” is an internationally operating medium-sized company. It manu-

factures innovative packaging systems and also offers innovative services. The success
of the company is based on an effective cooperation of all employees.
• Management aims to “digitize” the company’s processes in order to reduce costs and
increase competitiveness.
• At the same time, the management board is very risk-conscious and pushes for a high
level of “IT security” in order to prevent damage to the company.
• The budget approved by the Board for the next period is EUR 5 million.
• The IT-Steering-Group of the “Maschinenbau AG” gets several projects for decision
and has to define the portfolio for the next period.
5.6 Case Study on Project Selection 71
5.6.2 Project List
1. Introduction of a new merchandise management system based on a cloud solution at

the US company “Xmazon.com”, which stores the data in data centers on all conti-
nents. The introduction of the system can save approximately 0.5 million euros per
year. The project costs amount to 2.5 million euros.
2. Migration of the content management system to the next release. This will enable the
company’s employees to access all documents in real time and support a wide range of
processes. The expenditure amounts to approx. 0.5 million euros. The benefit of the
project is controversial.
3. Introduction of an identity management system. This enables applications to identify
people and the rights assigned to them. Users need less time to log into the systems they
use and only have to remember one password. The cost of the project is estimated at 0.5
million euros, the benefits cannot be quantified.
4. The vehicle fleet is to be modernized. A telematics solution is to support the localiza-
tion and navigation of the vehicles and optimize route planning for customer and sup-
plier contacts. Expenditure approx. 1.5 million euros, the benefit cannot be quantified.
5. Order processing is to be brought up to date with modern CRM software. This can save
a large number of employees. In addition, there is the possibility of realizing additional
sales potential through customer analyses. The expenditure for the project amounts to
2 million euro. The annual benefit amounts to at least 1 million euros. However, the
digital customer data is sensitive and must be protected by an additional firewall, which
costs EUR 0.5 million once and reduces the annual benefit by EUR 0.2 million.
6. The Management Board is of the opinion that communication between the Management
Board and the Supervisory Board must be particularly strongly protected. Therefore, a
second internal network is to be installed. In addition, the latest end devices worldwide
are to be procured. IT Service would have to assign its own employees for this purpose
in order to ensure “Management Board VIP support”. Costs: 0.2 million euros, bene-
fits: unknown. However, it is known that the “Board of Management will” requires high
priority.
7. The sales force is to be provided with mobile workstations based on tablets with which
current information can be called up and updated. The sales staff, most of whom have
a manageable affinity for technology, will presumably need intensive training as part of
the project. The costs of the project are estimated at around 1.5 million euros, the ben-
efits cannot be quantified. However, the sales management expects higher sales and
commissions for itself and its employees. Some controllers are of the opinion that the
technophobic sales staff will not use the devices and an “investment ruin” could result.
5.6.3 Task
Before evaluating the projects, develop a concept and algorithm for prioritizing the above
projects and evaluate each project based on their algorithm. Make a concrete decision
regarding the portfolio for the next period.
5.6.4 Proposed Solution
This case study can lead to very different solutions. First, a concept should be described
how the prioritization is done. Then, an operational sequence should be formed. For exam-
ple, the concept could look like this:
• Projects are divided into three categories: Required projects, target projects and optional
projects. The categorization is the task of IT controlling; the project managers make a
proposal.
• Must-do projects are placed in the portfolio first, as long as budget is available.
• If the budget is already insufficient here, the authority management must determine the
further procedure. The remaining budget goes to the target projects. If there is still
budget left, an order is formed among the optional projects according to which the
budget is to be distributed.
• The order for the optional projects is determined by means of a value-in-use analysis
based on the following criteria: Quantitative benefit/project costs (weighting 1) and
Strategic value contribution (weighting 2).
• Formula for the value in use: benefit/cost * 2 * strategic value contribution
• The Strategic Value Contribution can take the following values: 0 = No Value
Contribution, 1 = Normal Strategic Contribution, 2 = High Strategic Contribution. The
classification is made by the IT controller in conjunction with the CIO.
• The budget should be used up as far as possible, i.e. the order may be changed slightly
if residual budgets can be exhausted as a result.
5.7 Summary
• IT portfolio management is a tool to support IT governance.

• It regulates the allocation of IT budgets in line with strategy on the basis of a compre-
hensible, transparent procedure.
References 73
References
Gadatsch A (2020) Grundkurs Geschäftsprozessmanagement, 9. Aufl. Springer, Wiesbaden

Gadatsch A, Uebelacker H (2006) Wirtschaftlichkeitsbetrachtungen für IT-Security-Projekte. Prax
Wirtschaftsinform HMD 248:44–50. 26.04.2006
Gellweiler C (2020) Connecting enterprise architecture and project portfolio management:
a review and a model for IT-project alignment. Int J Inf Technol Proj Manag 11(1):99–114.
https://www.igi-global.com/article/connecting-enterprise-architecture-and-project-portfolio-
management/236575. Accessed on 15.02.2021
Helmke, Stefan, Uebel, Matthias (Hrsg.) (2013): Managementorientiertes IT-Controlling und
IT-Governance. Springer, Wiesbaden
Karrenbauer C, Breitner MH (2020) Value-driven IT project portfolio management: tool-based scor-
ing, selection, and scheduling. In: International research workshop on IT project management
2020, management (IRWITPM), 12.12.2020. https://aisel.aisnet.org/cgi/viewcontent.cgi?articl
e=1012&context=irwitpm2020. Accessed on 15.02.2021
Keller R (2002) Ist RoSI berechenbar? Return on security invest. CIO-Magazin 5:58–61
Markowitz H (1952) Portfolio selection. J Finance VII(1):77–91. https://doi.org/10.2307/2975974
Matousek M, Schlienger T, Teufel S (2004) Metriken und Konzepte zur Messung der
Informationssicherheit. In: Möricke M (Hrsg) IT-Sicherheit, HMD, Heft 236. Springer,
Heidelberg, S 33–41
Pohlmann N (2006) Wie wirtschaftlich sind IT-Sicherheitsmaßnahmen? HMD 248(04):26–34
Pschybilla T, Hofmann M, Enders T, Vössing M (2019) Priorisierung von Digitalisierungsprojekten
entlang der gesamten kundenorientierten Prozesskette im Maschinenbau. HMD 56:1144–1156.
https://doi.org/10.1365/s40702-019-00571-0
Sowa A (2007) IT-Revision in der Bankenpraxis. Prax Wirtschaftsinform, HMD 254(April):82–93
Wehrmann A, Zimmermann S (2005) Integrierte Ex-ante-Rendite-/Risiko-Bewertung von
IT-Investitionen. Wirtschaftsinformatik 47(4):247–258
Wehrmann A, Heinrich B, Seifert F (2006) Quantitatives IT-Portfoliomanagement: Risiken von
IT-Investitionen wertorientiert steuern. Wirtschaftsinformatik 48(4):234–245
Zimmermann S (2008) IT-Portfoliomanagement, Ein Konzept zur Bewertung und Gestaltung von
IT. Inf Spektrum 5:460–468
IT Investment Calculation and Total Cost
of Ownership Analysis: IT Standards 6
as a Tool for IT Controlling
Abstract
The chapter IT Investment Accounting and Total Cost of Ownership (TCO) addresses
the cost and revenue effects obtained through IT investments. After introductory expla-
nations of terms and examples, case studies are used to determine concrete TCO and
discuss the implications for management.
6.1 Business Methods of Investment Appraisal
6.1.1 Overview of Methods
This section first provides a brief overview of classic business methods of investment
appraisal (see also the overview in Kesten et al. 2006), which are also suitable for use in
IT controlling. Subsequently, selected methods are presented with application examples.
Figure 6.1 shows the most important business methods for IT investment accounting
and methods of cost estimation. The classic methods of capital budgeting are subdivided
into static methods, in which only one period is considered as a representative variable,
and dynamic methods, which cover multi-year payment flows taking into account interest
effects (cf. e.g. Kruschwitz 2005, p. 31ff.).
6.1.1.1 Static Methods of Capital Budgeting

In addition to the static methods of capital budgeting, which only take a 1-year view, the
dynamic methods can be used for multi-year decisions.

76 6 IT Investment Calculation and Total Cost of Ownership Analysis: IT Standards…
Investment calculaon Muldimensional Method Cost-esmaon procedure
Stac investment calculaon Cost-ulity analysis Field-ploer method

•Cost comparison method
•Profit comparison method
•Profitability comparison method
•Period of amorzaon
Mulfactor analysis Mulplicaon method
Argument balance sheet Parametric equaons
Dynamic investment calculaon

•Present value method / capital value method
•Annuity method
•Internal rate of return
Project Porolio Percentage based Method
•Period of amorzaon
Funcon Point
Fig. 6.1 IT investment accounting – general methods of business administration
6.1.1.2 Comparative Costing

In the cost comparison calculation, the average annual total costs are determined and the
alternative with the lowest costs is selected.
6.1.1.3 Profit Comparison Statement

In the profit comparison calculation, the average profits per alternative are determined and
the alternative with the highest average profit is selected.
6.1.1.4 Profitability
In the case of profitability, the average return on capital employed is determined and the
alternative with the highest profitability is selected.
6.1.1.5 Static Amortization Period

The static payback period is the time in which the capital invested flows back to the inves-
tor without taking interest effects into account. The alternative with the shortest payback
period is to be chosen.
6.1.1.6 Dynamic Methods of Investment Calculation

You calculate interest on the incoming and outgoing payments at the respective point
in time.
6.1.1.7 Net Present Value (NPV)

In the net present value method, the so-called net present value of an investment is deter-
mined and the investment with the highest net present value is selected. The net present
value is the sum of all incoming and outgoing payments of the investment discounted to
6.1 Business Methods of Investment Appraisal 77
the time t = 0. An investment is advantageous if the net present value is positive. If there
are several alternatives, the one with the highest net present value is selected.
6.1.1.8 Annuity
In the annuity method, the so-called annuity is determined. It represents a sequence of “n”
constant instalments, which corresponds to the capital value. Accordingly, the investment
is advantageous if the annuity is positive. The investment with the largest annuity sum is
selected from several alternatives.
6.1.1.9 Internal Interest Rate

The internal interest rate is the interest rate at which the net present value is exactly “zero”.
An investment is advantageous if the internal interest rate is greater than the alternative
possible calculation interest rate (e.g. market interest rate for alternative capital invest-
ment). In the case of several investments, the one with the highest (positive) internal inter-
est rate is to be chosen (cf. on the suitability of the internal interest rate for investment
controlling Gadatsch 1993).
6.1.1.10 Dynamic Payback Period

The dynamic payback period is the duration at which the annually discounted capital
returns exceed the payout for the first time. The investment with the shortest payback
period is to be chosen from among several alternatives.
6.1.2 Static Procedures
The static methods are mostly rejected from a theoretical point of view. In practice, how-
ever, they are still frequently used for rough calculations or are generally used in simple
situations. The following is a simplified example of the application of the static methods
of investment appraisal. The problem definition is:
• A company is planning an information system with a duration of 4 years.

• Alternative A: On Premise operation of the system:
One-time payment of −10,000 at the beginning combined with current annual operat-
ing costs of −2000
• Alternative B: Hiring an external cloud provider:
Disbursement of −1000 at the beginning and operating costs of −4000
• The annual savings of +5000 are equal to each
For simplification, it is assumed that no imputed costs such as depreciation and interest are
to be taken into account. The payment series are shown in Fig. 6.2.
The calculations of the static procedures cost, profit and profitability comparison and
payback period are shown below:
Alternave Time
0 1 2 3 4
A Cash oulow -10,000 -2,000 -2,000 -2,000 -2,000
Cash inflow +5,000 +5,000 +5,000 +5,000
total -10,000 +3,000 +3,000 +3,000 +3,000
B Cash oulow -1,000 -4,000 -4,000 -4,000 -4,000
Cash inflow +5,000 +5,000 +5,000 +5,000
total -1,000 +1,000 +1,000 +1,000 +1,000
Fig. 6.2 Data for the calculation example for static methods
6.1.2.1 Cost Comparison
Costs = initial payment + ongoing operating costs

Cost A: −10,000 + 4 * (−2000) = −18,000
Cost B: −1000 + 4 * (−4000) = −17,000
6.1.2.2 Profit Comparison
Profit = Total income – Total expenses

Profit A: 4 * 5000–18,000 = +2000
Profit B: 4 * 5000–17,000 + 3000
6.1.2.3 Profitability Comparison
Profitability = Profit/Capital employed

Profitability A: R = 2000/10,000 = 20%.
Profitability B: R = 3000/1000 = 300%.
6.1.2.4 Payback Period
Formula: Initial funds employed/average funds return per year
Alternative A
Investment t = 0–10,000
Average cash return = +3000 (revenue 5000 – operating costs 2000)
Payback period = 10,000/3000 = 3.33 years
C0 = Net present value at start

= − 1+ − Et = Earnings in time period t
0
At = Spending in time period t
=0
i = calculation interest rate
t = time period t
n = service life
Fig. 6.3 Net present value formula
Alternative B
Investment t = 0–1000
Average cash return = +1000 (revenue 5000 – operating costs 4000)
Payback period = 1000/1000 = 1 year
6.1.3 Net Present Value Method
For the application of the net present value method, the introduction of an information
system is to serve, which causes an initial payout in t = 0 and is used over 4 years. Figure 6.3
shows the net present value formula including the legend.
Table 6.1 shows the cash flows and the results of applying the net present value formula
with a calculation interest rate of i = 8%. The net present value of the investment is posi-
tive, i.e. the investment is beneficial.
6.1.4 Utility Analysis
Of the multidimensional methods presented in Fig. 6.1, only the widely used utility analy-
sis will be briefly presented here in the context of IT controlling. This method is also
known as the “scoring method”. Here, qualitative and quantitative characteristics are eval-
uated, weighted and condensed to a point value. The alternative with the highest point
value is the “optimal” alternative (cf. on the methodology of utility value analysis
Riedl 2006).
The advantages of the utility analysis lie in the consideration of qualitative effects and
the simplicity of the application of the procedure, provided that sufficient data are avail-
able. The result is comprehensible for third parties. However, the individual evaluation of
the criteria is always subjective. Thus, the procedure pretends a non-existent quantitative
measurability. Of decisive importance is the choice of weighting factors, which signifi-
cantly influence the result. The calculated score should only be used as a basis for decision-
making and should not necessarily lead to an automated decision.
Table 6.1 Net present value calculation for a new ERP system
Period 0 1 2 3 4
Investment −120,000
Operating costs −15,000 −15,000 −15,000 −15,000
Direct effects personnel reduction +5000 +10,000 +15,000 +15,000
Indirect savings
Construction +30,000 +65,000 +65,000 +65,000
Work preparation +10,000 +15,000 +20,000 +20,000
Increase in sales +5000 +15,000 +20,000 +15,000
Balance −120,000 +35,000 +90,000 +105,000 +15,000
Calculation interest rate 8%
Net present value 146,423
Table 6.2 Calculation example for the utility analysis

System 1 System 2 System 3
Criterion Weight Evaluation Point value Evaluation Point value Evaluation Point value
1 Hardware 15% 5 0.75 5 0.75 3 0.45
2 Software 30% 3 0.90 4 1.20 4 1.20
3 Advice 15% 2 0.30 3 0.45 3 0.45
4 Service 15% 3 0.45 3 0.45 5 0.75
5 Reputation 25% 5 1.25 3 0.75 4 1.00
Total 100% 3.65 3.6 3.85
A short application example should explain the methodology. A new ERP system is to
be introduced in an industrial company. There are three systems to choose from. A deci-
sion proposal is to be prepared with the help of the utility analysis. The following must be
taken into account:
• The quality of the software should be of particular importance.

• The reputation of the provider should be weighted highly.
• In addition, hardware, consulting and service are to be included in the analysis in
equal parts.
• A percentage weighting of the criteria should be specified.
• The rating scale should go from 1 (criterion not met) in steps to 5 (criterion fully met).
Table 6.2 shows a possible solution for the evaluation.
6.1.4.1 Application Example for the Utility Analysis

in Outsourcing Decisions
IT outsourcing decisions in IT must be carefully prepared. For this purpose, a profitability
analysis and a supplementary utility analysis are useful to prepare the data relevant for
decision-making. Important main criteria of the benefit analysis are:
Fig. 6.4 Model calculation utility analysis for decision preparation of IT outsourcing
• Contribution to corporate strategy,

• Financial contribution to the success of the company,
• Personnel Impact,
• Flexibility of the information technology used,
• Legal and contractual implications,
• Impact on business operations.
Figure 6.4 shows a practical example for the decision alternatives “100% insourcing” (no
outsourcing), “100 % outsourcing” and selective outsourcing, in which only selected parts
of the corporate IT are outsourced. The utility analysis assumes a high weighting of the
first two criteria (strategy and finance) with 40% each, while the other criteria are only
included with a low impact.
6.1.5 Real Options Valuation
In practice, the determination of cost and benefit values often does not lead to the desired
results. For example, the net present value method determines a discounted present value
for the entire IT project. Unfortunately, the dynamics typical for IT projects cannot always
be included in the decision-making process, since many project durations are compara-
tively short. This is disadvantageous for the quality of decision-making, because the
framework conditions of an IT project often change several times already during the proj-
ect duration, which ultimately also led to the agile methods of project control. The concept
of the “real option” offers an alternative to make decisions in IT projects more dynamic.
However, real options are very rarely used as a tool for project management (cf. e.g.
Gadatsch et al. 2010, p. 19).
6.1.5.1 Option
An “Option” is the right, but not the obligation, to perform a certain action. For example,
a call option on a share makes sense from a certain share price onwards if price increases
are expected. However, there are still uncertainties regarding the future price development
that need to be weighed up.
6.1.5.2 Options
In principle, every IT project can be seen as a bundle of several real options. The project
management has to permanently adjust to changing environmental or general conditions
within the framework of project control. Real options of IT projects are considered to be:
• Option to expand: Extension of the planned functional scope of the information sys-
tem, e.g. if, after testing the standard software, additional functions previously unknown
to the customer are discovered that were not known in the original project volume.
• Delay option: Project delay, in the introduction of a new distribution processing sys-
tem, because the preliminary project “high-bay warehouse” was not completed in time.
The project will be continued when the high-bay warehouse is in operation.
• Termination option: Project termination due to a change in the general conditions,
e.g.: The client no longer needs the planned data center due to a company purchase, the
purchased capacities are to be used first.
• Restart option: Project that was previously delayed or stopped is started as planned,
e.g. rollout of finished software after it was suspended due to numerous quality defects.
If the individual options are combined with classic instruments of profitability analysis,
e.g. the frequently used net present value method, the result is not a static value for the
entire IT project, but adjusted net present values for each option (cf. the example in
Fig. 6.5).
6.1.5.3 Example: Use of Real Options in IT Projects

A mechanical engineering company is planning to introduce standard business software.
Initially, the logistics and sales departments are to use the new software. The company’s
business processes are to be adapted to the intended processes of the standard software.
The goal of the project is to use only standard functions of the software. After 3 months of
project work, it is clear that the logistics processes are very strongly interlinked with the
A 10,000 * 0.3
E Project-scenario
pessimistic
B 5,000 * 0.1 milestone
C 0 * 0.05 P probability
terminate
D -12,000 * 0.25
terminate
E -6,000 * 0.30
Project-scenario Income Expenses NPV Probability

(discounted sum) (discounted sum)
A (opt.) 20,000 10,000 10,000 30%

B (pess.) 15,000 10,000 5,000 10%
C (term.) 10,000 17,000 0 5%
D (term.) 5,000 17,000 -12,000 25%
E (term) 0 6,000 -6,000 30%
Fig. 6.5 Use of real options in connection with capital values. (Based on Fiedler 2001)
financial processes. In addition, the standard processes of the software are by far not suf-
ficient to satisfy the requirements of production and sales.
The following options are proposed to the Steering Committee for the further course of
the project:
• Project termination: Immediate stop of the project and re-tendering of the standard
software, since the selected software cannot provide the necessary solutions as a stan-
dard solution. This results in considerable additional costs that were not planned.
• Project extension (technical): The missing functions are developed via add-on pro-
grams and linked to the standard software via interface programs. This alternative also
leads to additional costs, but the purchased software can be used.
• Project extension (organizational): Inclusion of the areas “financial accounting and
controlling” in the project in order to implement an integrated overall solution.
After the option “project termination” has been stopped in favour of the option “technical
project extension”, the options “technical and organisational project extension” are
realised together. After five further months, delays in the “logistics” sub-project become
transparent. Therefore, the subprojects “Manufacturing”, “Sales” as well as “Finance”
have to be delayed, since they depend on the data of the subproject “Logistics”. This
results in another option: Project delay: Stop the subprojects that depend on the logistics
project until the prerequisites for resumption have been achieved again.
The example documents the advantage of real options. Instead of rigid project planning
at the beginning of the project and a profitability analysis based on this, the evaluation of
the project can be adapted to the current situation.
6.2 Special Methods of IT Investment Accounting
The general business methods of investment appraisal have been expanded and adapted
with regard to their use for IT investments. In the meantime, a number of variants have
emerged, which are briefly outlined below on the basis of Malcher (2011). Section 6.3
presents the total cost of ownership analysis in detail, as it is of particular importance in
practice and has been widely used.
6.2.1 Total Cost of Ownership (TCO)
The Total Cost of Ownership analysis is a well-known procedure, of which there are vari-
ous models, which were developed by the analyst house Gartner (cf. Redman et al. 1998)
and with deviations in the calculation methodology by the analyst house Forrester. The
TCO analysis expands the scope of analysis of the classic IT investment calculation to
include additional cost components that arise from maintenance, support, further develop-
ment and replacement of the systems, among other things. In particular, direct and indirect
IT costs that arise during the life cycle are taken into account. The originally developed
standard method does not consider the benefits. A disadvantage is the complex determina-
tion of indirect IT costs, which is hardly feasible in practice.
6.2.2 Total Economic Impact (TEI)
The Total Economic Impact is a model of the Giga Group, which was later further devel-
oped by the analyst firm Forrester. It is mathematically very complex in terms of the analy-
sis of costs, benefits, flexibility and risk.
6.2.3 Rapid Economic Justification (REJ)
The Rapid Economic Justification Model was developed by Microsoft (Business Value
Center of Excellence). It aims to compare the value of an investment in a pragmatic way
to the necessary resources and costs.
6.2 Special Methods of IT Investment Accounting 85
6.2.4 Total Value of Opportunity (TVO)
The Total Value of Opportunity model was also developed by Gartner. It is based on the
Gartner TCO method and supplements it with benefits, risks and future developments.
Like the REJ model mentioned above, it is mathematically very complex.
6.2.5 Business Value Index (BVI)
The Business Value Index is a method of the company Intel. It considers material and non-
material criteria such as customer requirement, sales potential, strategic coverage and
risks, which are condensed into a key figure via weighted valuations.
6.2.6 Economic Efficiency Analysis (WiBe)
The WiBe method is a procedure of the German Federal Ministry of the Interior. The
method is very widespread in the public sector and focuses on the evaluation of costs and
benefits of an IT measure using a very extensive catalogue of criteria. It is a version of the
net present value determination combined with a utility analysis that has been adapted for
public administration. The major advantage of the procedure is its very good documenta-
tion and software support, which is constantly being further developed by the ministry (cf.
Die Beauftragte der Bundesregierung für Informationstechnik 2014).
6.2.7 Cranfield’s Benefits Management (CBM)
Cranfield’s Benefits Management approach is also a complex method. The basic assump-
tion is that a benefit never results from IT alone, but only from simultaneous changes to
organizational structures and processes. The benefit is defined as an advantage in the sense
of a stakeholder or a group of stakeholders.
6.2.8 Val-IT Framework
Val-IT is a method of the IT Governance Institute (ITGI). It is based on the CoBIT frame-
work and consists of 3 core processes with 41 management practices. The advantage is
that concrete persons responsible are assigned to the individual practices (role model) (cf.
ISACA 2011).
6.3 Total Cost of Ownership (TCO)
6.3.1 Concept of the TCO Approach
The total cost of ownership (TCO) analysis is an IT controlling tool for determining the
total costs during the life cycle of an IT investment, e.g. the introduction and use of an ERP
system or an IT workstation (Grob and Lahme 2004, p. 157). The approach can be traced
back to the work of the analyst firm Gartner (cf. Treber et al. 2004, p. 18), which investi-
gated the question of what total costs the use of information systems entails. The model
was successfully placed on the market with tool support by an acquired software house
and allows companies to estimate the total cost of ownership (cf. Treber et al. 2004, p. 20).
6.3.1.1 Basic Idea

In addition to the direct costs (e.g. acquisition costs for hardware and software), which are
transparent and visible to those responsible, IT workstations and information systems
cause very high, invisible indirect costs (e.g. due to incorrect operation and/or inadequate
training), which are beyond the control of those responsible. The TCO model identifies in
particular the non-visible indirect costs and thus provides an overall picture of the total
costs caused by an IT investment. The goal of the TCO analysis is to determine the „true“
IT costs.
6.3.1.2 Selected TCO Definitions

To illustrate the range of views, some selected TCO definitions from different authors are
given below, which can be read in detail in Krischun (2010, p. 12 ff.).
• Gartner: Comprehensive assessment of a company’s costs over the life cycle of a sys-
tem: costs of procurement, installation, operation and maintenance of the com-
puter system.
• Bill Gates: The cost of owning, operating, and maintaining a computer system.
• Ellram: Approach to understanding all costs incurred and relevant along the supply
chain when doing business with a supplier for a particular good/service.
6.3.1.3 Cost Categories

TCO analysis distinguishes between unrecorded hidden costs, misrecorded costs and mis-
allocated costs (cf. Remenyi et al. 2007, p. 87).
• Unrecognised costs (“hidden costs”)

Examples: Colleague assistance with a computer problem results in unrecorded lost
work time; a lack of data backup results in additional data collection effort after a sys-
tem crash.
Conclusion: Unrecorded costs remain “hidden”, the costs are not visible as IT costs.
6.3 Total Cost of Ownership (TCO) 87
• Incorrectly recorded costs (“incorrectly allocated” costs)

Example: The posting of an IT service provider’s invoice for several projects is broken
down incorrectly.
Conclusion: Although the costs are identifiable as IT costs, the allocation to IT projects
is not correct.
• Misallocated costs
Example: The booking of a business trip of an IT administrator to a training seminar is
made with the account assignment: train ticket = travel expenses, accommoda-
tion = other, seminar fee = “training”.
Conclusion: The reference of the costs assigned to an account to the IT costs is missing.
6.3.1.4 Purchase Price < Total Cost

The purchase price of a typical workstation computer is only a small fraction of its total
lifetime cost. The remaining costs are often not transparent if they cannot be obtained from
the company’s accounting system.
6.3.1.5 Direct Costs

Direct costs are incurred in the procurement and operation of hardware and software.
These include the acquisition costs and process costs of the procurement processes, the
expense of installing hardware and software, employee training, maintenance and support,
operation of help desks, network operation and room costs.
6.3.1.6 Indirect Costs

In addition to the direct cost components, there are blocks of costs that are not directly
visible and are beyond the control of management. These indirect costs arise from produc-
tivity losses of employees (e.g. lack of training) and downtime due to insufficient mainte-
nance or malfunctions. Other examples of indirect costs are opportunity losses due to the
non-use of technological possibilities (e.g. data backup concept, drives in the network),
the non-use of which causes higher costs than their consistent use. A lack of a data backup
concept can lead to a loss of data if an employee stores company data on a laptop and loses
it. The failure of a central e-mail server, a virus attack on the company network or just an
incorrectly installed upgrade of a word processing program cause lost working hours and
follow-up costs due to unrecorded orders.
A TCO analysis breaks down IT costs into direct costs, visible in traditional account-
ing, and indirect costs, which cannot be determined in accounting (see Fig. 6.6).
The reasons for the TCO differences lie in the lower costs for hardware, software and sup-
port requirements. Here, not only direct costs (hardware, software, upgrades, service, support,
loss of value, servers, peripherals) are examined, but also the often higher indirect costs (help
desk, training, non-productive downtime). Following the identification of direct and indirect IT
costs, recommendations are developed to reduce the indirect costs that are usually overlooked
in companies. Improvements can be of a technical and organizational nature.
•Write-offs
Hardware •Updates
•Spare parts and supply goods
•other Hardware expenses
•Annaul charges (mataintenance fees)

Software •Updates / release change
Total Cost of Ownership
•Write-offs
Direct •miscellaneous software costs
costs Main •Technical Support

•Process planning and process management
Support •Other services
Management & •Overall cost of (IT) management

•Database management
Administration •User training
•Training for support personnel
•Support from coworkers

End user support •Formal and informal learning
Indirect •Application development (e.g. MS Excel macro)
•Data management (e.g. local development of MS-Access databases)
costs
•deliberate
Time of Nonuse •Non deliberate
Fig. 6.6 TCO analysis. (According to Müller et al. 2003)
6.3.1.7 Technical Improvements
• Use of thin clients,

• Use of remote installation and maintenance tools,
• Use of IT asset management tools.
6.3.1.8 Standardization of IT Components
• Hardware (e.g. a desktop PC, a laptop, a tablet PC),

• Software (e.g. Office, e-mail, security),
• Services (e.g. SLAs).
6.3.1.9 Organizational Improvements

Organisational improvements include business process optimisation in the IT environment
or the outsourcing of IT processes, in particular the provision and maintenance of IT
components.
6.3.2 Evaluation of the TCO Approach
6.3.2.1 Advantages of the TCO Model

The advantages of the TCO approach consist in a more complete recording of IT costs
than is possible in classic cost accounting. The TCO concept is more strongly oriented
towards the requirements of IT-oriented accounting. The higher cost transparency facili-
tates a significant cost reduction.
6.3.2.2 Disadvantages of the TCO Model

The disadvantages are to be seen in the fact that above all benefits or revenues are not
considered. Compared to dynamic methods of capital budgeting, the TCO concept is a
purely static calculation that does not take into account the timing of payments. The purely
technology-centered view is disadvantageous because it does not consider personnel costs
of IT-supported processes.
6.3.3 Case Studies on TCO Analysis
In this section, two case studies on TCO analysis are presented, which concern different prac-
tice-relevant situations. They show how TCO analyses can be carried out in a real environ-
ment (e.g. system failure of an ERP system or introduction of a new warehouse system).
6.3.3.1 Case Study TCO System Failure ERP System
Output Data
• Müller GmbH operates an ERP system on its own server (on premise). The server is
mirrored to a backup server during operation (RAID 1 level).
• The probabilities that the servers are up and running are stochastically independent.
• The probability that the ERP server is in operation is (X): P(X) = 0.98.
• The probability that the backup server is up and running is (Y): P(Y) = 0.99.
• The failure of the operation of the ERP system causes sales losses of 100,000 euros per
working day. The variable costs of the company amount to 70% of the turnover.
Task
Determine the imputed TCO for 1 day of system failure, taking into account the probabili-
ties of occurrence.
Possible Solution
• Costs for system failure (fixed cost share) 30% * 100,000 euros = 30,000 euros/day
The probabilities of occurrence for the operation or failure of the servers are shown in
Table 6.3.
• Probability at stochastic independence, both servers in operation:
P ( X ∩ Y ) = P ( X ) ⋅ P ( Y ) = 0.98 ⋅ 0.99 = 0.9702

Table 6.3 Chart on probabilities of occurrence
P(Y) = 0.99 P ( Y ) = 0.01

P(X) = 0.98 0.98 ∙ 0.99 0.98 ∙ 0,01
=0.9702 =0.0097
0.02 ∙ 0.99 0.02 ∙ 0.01
P ( X ) = 0.02 =0.0198 =0.0002
X Probability that ERP server is running
Y Probability that backup server is running
• Probability that exactly one server fails:
( ) ( )
P X ∪ Y = P (X) + P (Y) − n ⋅ P X ∩ Y , P (X) = 1 − P (X), P (Y) = 1 − P (Y)
( )
P X ∪ Y = (1 − 0.98 ) + (1 − 0.99 ) − 2 ⋅ ( (1 − 0.98 ) ⋅ (1 − 0.99 ) ) = 0.0296
• Probability of both servers failing:
( )
P X ∪ Y = P ( X ) ⋅ P ( Y ) = 0.02 ⋅ 0.01 = 0.0002
• TCO system failure: 30.000 euros * 0.0002 = 6 euros/day
6.3.3.2 Case Study TCO New Storage System
Output Data
The logistics department of a mechanical engineering company would like to introduce a
new IT-supported warehouse system to be used for 5 years. Based on an interest rate of
5%, determine the TCO for the following project proposal.
Costs of Acquisition and Commissioning
Hardware 10,000 euros,

Software licenses 20,000 euros,
Installation and customizing 12,000 euros,
User training 3000 euros
Fig. 6.7 Determining the TCO for a new information system
Costs of Use
Maintenance/ 1000/1000/2000/2500/2500 euros (accrued in the first/second/third/fourth/

updates: fifth year)
Support/hotline: 2000/1000/1000/1000 (accrued in the first/third/fourth/fifth year)
Staff savings: 70.000/40.000/0/0 (accrue in the first/second/third/fourth/fifth year)
Decommissioning/Disposal:
Uninstall/deactivate: 2000 euros

Waste disposal: 1000 euros
Additional Information
• You know from experience that the following “side effects” are to be expected: During
the start-up phase, overtime will be incurred due to duplication of work. They estimate
that the five employees concerned will each need 50 h of overtime at 80 euros each.
• During the first 2 years, frequent “colleague training” is to be expected. This will result
in a loss of working time of 80 h/year.
• Experience shows that systems fail several times during the introductory phase in the
first year (3 days p.a.). As a result, the authority loses tax revenue and fees worth
100,000 euros (80,000 euros direct costs).
Possible Solution
Conclusion: The project has a negative TCO, resulting mainly from the high indirect costs
(cf. Fig. 6.7) Determining the TCO for a new information system. It is not beneficial from
a financial point of view.
Note on system failure in the first year amounting to 20,000 euros. Only opportunity
costs are applied here: (100,000–80,000 = 20,000 euros), since the 80,000 costs are no
longer incurred.
6.4 Summary
• IT standards form the basis for a systematic reduction of IT costs in the direct and indi-
rect areas.
• IT controllers support IT management in the development and implementation of IT
standards.
• If necessary, they provide ad hoc analyses of indirect costs in order to determine a
holistic total cost of ownership for IT management.
References
Die Beauftragte der Bundesregierung für Informationstechnik (Hrsg) (2014) WiBe 5.0 Konzept zur
Durchführung von Wirtschaftlichkeitsbetrachtungen in der Bundesverwaltung, insbesondere
beim Einsatz der IT Version 5.0 – 2014. https://www.cio.bund.de/SharedDocs/Publikationen/DE/
Architekturen-und-Standards/WiBe_50.pdf?__blob=publicationFile. Accessed on 19.12.2017
Fiedler R (2001) Controlling von Projekten. Springer, Wiesbaden
Gadatsch A (1993) Der interne Zinsfuß für das Investitionscontrolling. Kos 6(1993):405–407
Gadatsch A, Juszczak J, Kütz M, Theisen A (2010) Ergebnisse der 3. Umfrage zum Stand
des IT-Controlling im deutschsprachigen Raum. In: Schriftenreihe des Fachbereiches
Wirtschaftswissenschaften Sankt Augustin, Band 29. Hochschule Bonn-Rhein-Sieg, Sankt
Augustin
Grob HL, Lahme N (2004) Total Cost of Ownership-Analyse mit vollständigen Finanzplänen.
Controlling 3:157–164
ISACA (Hrsg) (2011) Analyzing IT Management at KLM Through the Lens of VAL IT. https://
www.isaca.org/resources/isaca-journal/past-issues/2011/analyzing-it-value-management-at-
klm-through-the-lens-of-val-it. Accessed on 16.02.2021
Kesten R, Schröder H, Wozniak A (2006) Konzept zur Nutzenbewertung von IT-Investitionen,
Arbeitspapiere der Nordakademie, No. 2006-03, Nordakademie – Hochschule der Wirtschaft,
Elmshorn
Krischun S (2010) Total cost of ownership, Bedeutung für das internationale
Beschaffungsmanagement. Hamburg
Kruschwitz L (2005) Investitionsrechnung, 10. Aufl. München
Malcher M (2011) Mit TCO & Co den Wertbeitrag ermitteln, Welche IT-Investition zahlt sich aus?
Computerwoche, 02.08.2011. https://www.computerwoche.de/a/welche-it-investition-zahlt-
sich-aus,2491768,4. Accessed on 08.03.2020
Müller A, Lang J, Hes T (2003) Wirtschaftlichkeit von Controlling-Anwendungssystemen: Konzeption
und Erprobung eines Multiperspektiven-Ansatzes. Z Controll Manage 47(Sonderheft Nr. 2)
Redman B, Kirwin W, Berg T (1998) TCO – a critical tool for managing IT. Gartner Research,
12.10.1998
References 93
Remenyi D, Bannister F, Money A (2007) The effective measurement and management of ICT cost
& benefits, 3. Aufl. Amsterdam
Riedl R (2006) Analytischer Hierarchieprozess vs. Nutzwertanalyse: Eine vergleichende
Gegenüberstellung zweier multiattributiver Auswahlverfahren am Beispiel Application
Service Providing. In: Fink K, Ploder C (eds) Wirtschaftsinformatik als Schlüssel zum
Unternehmenserfolg. DUV. https://doi.org/10.1007/978-3-8350-9122-1_6
Treber U, Teipe, P, Schwickert AC (2004) Total cost of ownership, Stand und Entwicklungstendenzen,
2003 Giessen, Arbeitspapiere Wirtschaftsinformatik 1/2004
IT Standards: IT Standards as a Tool for IT
Controlling 7
Abstract
The chapter addresses the effects that IT standards have on the level of direct and indi-
rect costs in the context of the entire life cycle of information systems. IT standards also
support the regulations of an IT governance, which are established for the control and
monitoring of IT.
7.1 IT Governance
IT governance is a concept for the control and monitoring of the information economy,
which essentially goes back to the work of Weill and Ross (2004) and was later further
developed by other authors and organizations.
Hansen et al. (2018) defines IT governance as measures, processes and structures that
make the IT services of a company more transparent and easier to control. Among other
things, IT governance is intended to ensure that the IT strategy is in line with the corporate
strategy (IT alignment) and that regulatory requirements are adhered to (compliance). IT
governance encompasses all strategically relevant decisions regarding the IT infrastruc-
ture, IT services and IT risks (cf. Hansen et al. 2018).
The issues of IT governance overlap with those of IT controlling and IT management.
Helmke and Uebel (2013, p. 61), for example, define the following central processes of IT
governance:
• IT Strategy,
• IT Architecture Management,
• IT Demand Management,
• IT Portfolio Management,

96 7 IT Standards: IT Standards as a Tool for IT Controlling
• IT Controlling and Performance Management,

• IT Investment Management,
• IT Risk Management.
In view of the diverse literature already available, no further discussion of methods is to be

conducted at this point. Instead, selected issues such as the standardization of IT services
as a basis for IT architecture should be addressed more strongly.
7.2 IT Standards as an Approach to TCO Reduction
7.2.1 QUERTY: The Oldest IT Standard in the World
IT standards are familiar to many users. Anyone who has ever used a computer keyboard
will wonder why the key arrangement is not alphabetical, but on US keyboards the first six
keys are QUERTY, on the German variant QUERTZ. The background for this situation is
an invention from 1873 by the engineer Christopher Soles at the “Remington Sewing
Machine Company”. Originally, the keyboards of the typewriters were arranged according
to the alphabet, but the types of the typewriters became jammed when words were used
whose letters were directly behind each other in the alphabet (e.g. “... ab ...”). So the sec-
retaries had to be slowed down in their “typing speed” by a different letter arrangement.
The “standard” prevailed. Other manufacturers of typewriters, despite better solutions,
were forced to follow the “standard” until the present day of laptops, smartphones, etc. (cf.
e.g. Kühl 2015, pp. 133–134).
IT standards are already very widespread in the public sector and there is also still
unused potential (Heuermann et al. 2018, p. 44). For example, on a training computer in a
public institution there is an information sheet with the specialist procedures available on
the computer. These are all standards from the IT environment:
• Software: MS Windows,
• Processes: V-Modell XT,
• Methods: Wibe Calculator,
• Information: Juris,
• Encryption: Cryptotool.
The federal IT consolidation projects can also be classified as a standard in the broadest
sense. It includes a vision (federal IT consolidation) as well as a mission (“Federal IT will
be bundled and standardised by 2025 so that the federal administration can operate more
economically and securely.”) (cf. BMI 2018). The central IT service provider ITZ Bund is
currently working on numerous standardisation projects; within a period of 10 years, the
federal IT is to be bundled and standardised (cf. Schweizer 2019). The goals are ambi-
tious, as an example from the documentation shows: By 2025, only a maximum of two IT
7.2 IT Standards as an Approach to TCO Reduction 97
solutions per functionality are to be provided for the federal administration. This means,
for example, that there will only be one IT procedure for electronic file management
(e-file) or personnel management (cf. BMI 2018).
7.2.2 Net Effect Goods
Standardisation economics deals with the development and enforcement of standards. In

addition, the benefits and the process of selecting standards are addressed (Krcmar 2005,
p. 223 f.). Standards are referred to as network effect goods because their benefits depend
heavily on their diffusion. A well-known IT standard is the Internet protocol “http”, which
describes the rules for data exchange between different computers. This standard did not
bring any great benefit to the first users; it was only through the worldwide dissemination
of the technology that a benefit arose for the participants connected to the Internet.
A distinction can be made between direct and indirect network effects (Krcmar 2005,
p. 224). In the case of direct network effects, the benefit increases proportionally with the
number of participants (e.g. Skype telephony, social networks such as XING). In the case
of indirect network effects, the benefit depends on the availability of complementary
goods or services (e.g. the use of electric cars requires a sufficient number of “charging
stations”).
IT standards are of great importance for IT practice. Among other things, they act as an
incentive to buy, since IT products that comply with common standards are easier to use
(e.g. personal computers). On the other hand, there is the risk of a bad investment if a
standard is selected that cannot be successfully placed on the market later on.
When changing a selected standard, the benefit of the new standard must compensate
for the changeover costs in the long term. Typical examples in companies are changes of
office software packages (word processing, mail, spreadsheet) or ERP systems.
7.2.3 Standardization Fields
A historically grown IT infrastructure with numerous solutions for similar problems (e.g.
use of different ERP systems, e-mail programs or operating systems, use of different PC
types, purchasing from different PC manufacturers) leads to high costs for maintaining
operational readiness. Many companies are faced with the challenge of reducing the num-
ber of different solution variants. In the context of IT strategy development, information
management issues (IT processes, IT project management, quality management, IT secu-
rity) must be selected from numerous, sometimes competing external standards (manufac-
turer standards, standards of standardization bodies and legally regulated standards) as
in-house IT standards, adapted and applied if necessary.
The goal of standardization is to define appropriate and meaningful IT equipment for
the majority of IT users in the company and not to comprehensively cover the IT
Areas of Standardization
IT organization
Hardware Software
and IT processes
Workstations
Computer languages Supply and servicing of Encryption
(e.g. Standard office
(e.g. C++, Java) IT workstations methods(e.g. PGP)
computer)
Workstation
Standardized office Process models for IT- Cost-estimating
accessories
software Projects methods (e.g. Function
(e.g. card reader,
(e.g. MS Office) (e.g. V-Model, ASAP®) Point)
PIN-Generator)
Internet and intranet Cost efficiency

Business management
Network appearance (e.g. calculation (e.g. IT-
application software
(e.g. IP-Network) Layout, WiBe, www.bund-
(e.g. SAP ERP)
release process) cio.de)
Modeling methods IT process models

Operating Systems
(e.g. BPMN, PICTURE, (e.g. ITIL, CoBiT)
(e.g. Windows 10) FaMoS)
Fig. 7.1 Fields of standardization for information technology in the public sector
requirements of an individual user (Buchta et al. 2004, p. 152). Standardized information

systems and IT processes reduce the costs of implementation, operation and maintenance
to a considerable extent. Some examples of standardization fields for the public sector are
documented in Fig. 7.1.
In the area of IT hardware, workstation computers are widely used. Within the organ-
isation, care should be taken to ensure that, as far as possible, only standardised complete
systems with the usual basic software equipment are used. For this purpose, standard IT
workstations are to be defined that are oriented towards different application scenarios
(office workstation, mobile workstation).
In the field of software development, the use of standards through the use of standard-
ized programming languages such as COBOL, C++ or Java has a long tradition. In addi-
tion, there is the use of widespread industry standards, such as the ABAP® programming
language from SAP AG.
Companies frequently use standard business software packages, such as the SAP ERP
product, and define the use of these as mandatory for the reference area covered (e.g.
finance and personnel). The numerous products provided by the IT service provider ITZ
Bund are also considered standard software packages in this sense. Their sales market is
7.2 IT Standards as an Approach to TCO Reduction 99
focused on the public sector and its special requirements, but can be used in several
authorities (see the product list at https://www.itzbund.de/DE/Produkte/produkte_
node.html).
Standards for IT organization and processes in IT are becoming increasingly important.
In addition, market standards, as known from the areas of hardware and software, are less
prevalent here. Therefore, numerous examples of standardization can be found. For exam-
ple, the processes for the provision, maintenance and disposal of computer workstations
are tasks that often do not exist in standardized form and generate comparatively high costs.
Process models for software development (V-Modell XT) and their documentation can
be found in software houses and larger organizations. The same applies to methods of
profitability analysis that are to be used in the projects, such as the WIBE calculator that is
widespread in the public sector.
If an organization uses the possibility of exchanging e-mails and other electronic docu-
ments in encrypted form, uniform encryption methods are required. If business process
models are created in the organization, it makes sense that the modeling methods used for
this purpose (e.g., the PICTURE method frequently used in the public sector) are used
uniformly.
A good example of software and process standardization in the public sector are the
directory services of the Informationsverbund Berlin-Bonn (IVBB) and the
Informationsverbund der Bundesverwaltung (IVBV). They provide overlapping infor-
mation for connected authorities (telephone numbers, addresses, certificates).
7.2.4 Introduction and Enforcement
The introduction and implementation of IT standards is difficult in many cases because

resistance is to be expected from both IT employees and employees in the business depart-
ments. In general, there are several options available (see Fig. 7.2).
The renunciation of the definition of standards naturally causes little resistance, but
leads to the renunciation of cost advantages. In particular, the danger of decentralized
isolated solutions causes potentially high complexity costs. IT standards are often com-
municated as recommendations within the company. The success of their use depends
heavily on the persuasiveness of the people involved and the quality of the standardization
proposals. However, there is a risk that unpleasant standards will be avoided. For this rea-
son, standards are also established as mandatory after intensive discussion and coordina-
tion with affected organizational units by broadly staffed bodies such as an IT
standardization board (cf. Fig. 7.3).
Information management or the CIO organizes the work of the standardization board,
which is composed of relevant representatives of users at management level. The board
condenses the requirements of the users and formulates requirements for IT standards.
These are implemented by IT service providers (internal or external) on behalf of informa-
tion management. IT service providers commit themselves to the information
Implementaon strategies for IT

standards
No specified IT-Standards as Specified compulsory IT-

IT-Standards recommenaon Standards
• Low coordinaon effort/ • Voluntary implementaon/ • Rigid frame provides

Minimal opposion high acceptance ensured orientaon
• Relinquishment of cost- • Requires a high amount of • Ulizaon of cost-benefits
benefits persuasiveness
• Danger of over-regulaon, as
• Danger of isolated soluons • Danger of avoiding well as the employment of
and complexity costs „unpleasant“ Standards intelligent evasive measures
from decentralized
departments
Fig. 7.2 Introduction and implementation of IT standards
Collaboration &
Coordination
Information Standardization
Management Requirements
Board
upon IT-Standards
Blanket
Order
Information Collaboration
IT-Standards & Framework
Functional offer
requirements
IT- Order
Service Provider Consumer
(internal/external)
Delivery
Fig. 7.3 IT standardization board
management within the scope of a contract to develop IT standards and to provide them
later. The requirement management orders after realization and availability of the IT ser-
vices from the offer provided by the IT service provider.
This provides a binding framework for all parties involved. The company can exploit
cost advantages from standardization. But here, too, there is a latent danger of overregula-
tion and an incentive for the affected organizational units to think about intelligent alterna-
tive measures.
References 101
7.3 Summary
• IT standards form the basis for a systematic reduction of IT costs in the direct and indi-
rect areas.
• IT controllers support IT management in the development and implementation of IT
standards.
References
BMI (Hrsg) (2018) IT-Konsolidierung des Bundes. https://www.bmi.bund.de/DE/themen/it-und-

digitalpolitik/it-des-bundes/it-konsolidierung/it-konsolidierung-node.html. Accessed on
18.12.2018
Buchta D, Eul M, Schulte-Croonenberg H (2004) Strategisches IT-Management. Springer,
Wiesbaden
Hansen H-R, Mendling J, Neumann G (2018) Wirtschaftsinformatik, 12. Aufl. De Gruiter
Verlag, Berlin
Helmke S, Uebel M (Hrsg) (2013) Managementorientiertes IT-Controlling und IT-Governance.
Springer, Wiesbaden
Heuermann R, Engel A, von Lucke J (2018) Digitalisierung: begriff, Ziele und Steuerung. In:
Heuermann R, Tomenendal M, Bressem C (Hrsg) Digitalisierung in Bund. Ländern und
Gemeinden, Berlin, S 9–50
Krcmar H (2005) Informationsmanagement, 4. Aufl. Springer, Berlin
Kühl S (2015) Wenn die Affen den Zoo regieren, 6. Aufl. Campus Verlag, Frankfurt
Schweizer M (2019) Mehr Standards für die Behörden-IT, Bundescloud als Muster, CIO Magazin,
30.06.2019. https://www.computerwoche.de/a/mehr-standards-fuer-die-behoerden-it,3547277.
Accessed on 22.07.2019
Weill P, Ross JW (2004) IT governance, how top performers, manage IT decision rights for superior
results. Harvard Business School Press, Boston [IT] Governance Institut. Board briefing on IT
governance, 2. Aufl., 2003]. www.itgi.org
Project Controlling with Earned Value
Analysis: Plan, Monitor and Control Projects 8
Abstract
The ongoing evaluation of projects is an important tool for IT controlling. This section
presents the earned value analysis tool, which was designed for controlling projects It
is particularly suitable as an easy-to-use tool for multi-project management, but requires
consistent planning and actual data feedback. It can be used within the framework of
classic and agile project management methods.
8.1 Project Controlling
A central task of the IT controlling concept is IT project controlling. It ensures that the IT
project goals are achieved by aligning them with the corporate goals. For this purpose,
classic controlling tools are used, such as target/actual comparison, variance analysis and
initiation of corrective measures.
Typical tasks of project controlling are (cf. in detail Fiedler 2020, p. 9 f.):
• Project planning: Support in the preparation of the project planning and the project
description,
• Project maintenance to ensure consistency with planning and check for completeness
of activity account assignments,
• Assisting in the preparation of presentations and monitor assignments from the Steering
Committee,
• Preparation of evaluations for the control of the project,
• Reporting: Preparation and review of status reports,
• Risk management: Keeping the risk list,
• Monitoring of project costs,

104 8 Project Controlling with Earned Value Analysis: Plan, Monitor and Control Projects
• Support in the preparation of the project completion report.
In the classic model, IT projects are broken down into phases in order to separate techni-
cally different activities and simplify control. Figure 8.1 shows a phase model for IT proj-
ects that was designed with project controlling in mind and describes points in time at
which cost estimates are performed. The model contains the core phases of a project (pre-
liminary study, project application, project start, as-is recording, target conception, imple-
mentation and project completion) as well as the project-accompanying cross-sectional
phase of project controlling.
8.1.1 Pre-study
• The preliminary study enables the project management to submit a project application.
It clarifies the following questions, for example:
• Is the right problem being pursued?
• Can it be solved with standard software or is in-house development necessary?
• Do external consultants have to be used or is your own know-how sufficient?
• How long will the project take to implement?
• What are the estimated costs?
• What are the expected project benefits?
8.1.2 Project Application
The project proposal is a formal request to the management to release a project for imple-
mentation and to provide the necessary resources. An approved and released project pro-
posal is the “project order”, i.e. the basis for action for the project manager. The application
usually contains the following information: Project name and objective, start and end
dates, main tasks, budget, commissioning body, project manager (if known), project team
members, organisational units affected, connection to other projects in terms of content
or time.
8.1.3 Project Start
To start the project, a “kick-off meeting” is often held to gather all key stakeholders and
determine the next steps. The goals are:
• Initialization of the project and the project organization,

• Introduction of the designated persons and roles,
• Determination and clarification of responsibilities,
8.1
Project Controlling
(rough) (detailed) Actual project data (up to present day) Actual project data
estimated estimated + detailed estimated project data (Structure,
project data project data (Structure, Resources,
Input (Structure, (Structure, Resources, Appointments)
Resources, Resources, Appointments)
Appointments) Appointments)
Preliminary Future standard Project follow-up

Form Project Revolving project costing
Cost estimate calcution
calculation
1 2 3 4 5 6 7
Point in time Preliminary Project Actual Target Project
Approval Execution
Study application state conception completion
• Scheduling • Quality management and risk management

• Governance Project-Controlling • Reporting/Documentation
• Surveillance • Communication/Moderation
Fig. 8.1 Timing of cost estimates

105
• Identification of all essential partners,

• Identification of participants for the project steering committee,
• Creation of a “we-feeling”,
• Securing the support of top management (including through their participation),
• Determination of basic organisational issues (project office, contact addresses, budget,
travel expenses, time sheets for project staff, etc.),
• Informal discussions as appropriate.
The kick-off meeting is a motivational and marketing tool. In addition, it serves to clarify
open questions to a large group of people who rarely come together again in this constel-
lation. The creation of personal relationships is indispensable for later teamwork. Unknown
weak points in the previous project preparation become transparent.
8.1.4 Actual Recording
The objective of the As-Is phase is to determine the current status. This includes the opera-
tional organizational structure, the work processes, the IT and personnel deployment as
well as a detailed profitability analysis. Another important aspect is the analysis of weak-
nesses and potential for improvement in the aforementioned areas.
8.1.5 Target Concept
In the target concept, a technical solution design is developed on the basis of the as-is
analysis. The target concept includes the following contents:
• Objective: What objective is to be pursued, taking into account the real restrictions?
• Scope of tasks: Which tasks are to be realized in detail?
• Solution: Propose possible solutions to accomplish the tasks.
8.1.6 Implementation
During the implementation of an IT project, for example, the introduction of a standard

software or the development and introduction of an individual software takes place.
8.1.7 Project Completion
Project completion includes the proper handover of the project result to the client, e.g. the
handover of the finished software system to the specialist department. After the project has
8.2 Structure of the Earned Value Analysis 107
been completed, the creation and analysis of the post-calculation is an important task. It
serves to evaluate the completed project and to gather experience for future projects. If
necessary, measures can be initiated, such as improving the cost estimation methods used
in the company. The last task is the formal dissolution of the project team. From a human
resources perspective, this involves finding successor positions for the project team mem-
bers and the project manager. This also includes the dissolution of rooms and return of
resources (vehicles, etc.).
8.1.8 Project Calculations
The project pre-calculation serves as a rough estimate of the project costs. The result of the
preliminary study requires as input the rough project structure (tasks), necessary resources
and key dates.
A detailed project plan calculation is required for the project application. is required. It
requires detailed information. The project budget estimate is the basis for the subsequent
project approval.
The concurrent project costing provides the necessary control information on the status
and development of the project cost situation. It requires detailed feedback on actual costs
(license fees, consultant invoices, employee hour records, etc.).
After the project has been completed, it is advisable to create a project post-calculation.
Which serves as a basis for a final consideration of the economic efficiency of the project
and as a basis for later preliminary project costings.
8.2 Structure of the Earned Value Analysis
8.2.1 Project Management
For project management metrics are needed to show the progress and benefits of the mea-
sures (Hartmann et al. 2019, p. 19), because project managers are regularly confronted
with the following questions in practice:
1. Where does the project stand?

2. Is the project still on schedule?
3. How have the costs developed?
4. Where will we be at the end of the project?
5. How much does the project deviate from the schedule and cost plan?
Suitable basic data is often lacking to answer these questions. A comparison of the actual
costs of a project with the planned costs leads to incorrect results, since a proportionality
of time progression and cost progression that does not exist in practice is usually assumed.
To avoid this problem, the earned value analysis determines target costs that indicate the
theoretically achievable cost value and thus the project value and compares these with the
actual costs. It measures the project performance based on the originally planned costs
(Werkmeister 2008, p. 171). In addition, key figures are formed for analysis (cf. Kesten
et al. 2007, p. 101 ff. as well as Linssen 2008, p. 87 ff.).
The earned value analysis as an instrument for project controlling answers the follow-
ing questions, for example:
• What are the actual costs (actual costs)?

• How high are the costs likely to be if the project proceeds according to plan (tar-
get costs)?
• Is the project running economically (actual-target)?
• Is the planned service provided (target plan)?
8.2.2 Basic Data
The output value corresponds to the actual value of the service provided, the target costs
of the project. It therefore corresponds to the level of costs as they are likely to be accord-
ing to the planning status of the project (Linssen 2008, p. 89). The project performance
(=earned value) is determined by comparing the progress valued at planned costs with the
planned costs (Stelzer and Bratfisch 2007, p. 62).
A simplified example will illustrate this:
• A software house is to develop a “Corona warning app”

• A total of 10 programme functions are planned at 50,000 euro each
• Currently, seven program functions have been completed and 600,000 euro in costs
have been incurred.
• The “capitalised earnings value” is 7 × 50,000 euro = 350,000 euro
The following basic data can be taken from the project progress:
• Planned costs = planned quantity × planned price

• Actual cost = Actual quantity × Actual price
• Earned Value = Actual Quantity × Planned Price
8.2.3 Key Figures
Several variance variables can be calculated to analyze the project:
• Plan variance = activity value – plan costs

• Cost variance = activity value – actual costs
8.2 Structure of the Earned Value Analysis 109
The time efficiency is the quotient of the earned value and the original planned costs. If the
time efficiency is greater than 1, the project progress is faster than planned:
• Time efficiency = output value/plan costs
The cost efficiency is the quotient of the earned value and the actual costs incurred. If the
value of this ratio is above 1, the project is cost-effective:
• Cost efficiency = output value/actual costs
8.2.4 Prerequisites for Use
The earned value analysis can only be used if complete and detailed project planning is
available (project structure, deadlines, costs) and this has been prepared in detail at the
level of subtasks or work package level. In addition, realistic effort estimates are neces-
sary. In particular, it can no longer be used if the following characteristics apply to the
project (cf. Stelzer and Bratfisch 2007, p. 69):
• Project progress is not reported,

• Employees post to projects for which they have not worked or post to incorrect activities,
• Deadlines are not met or are often postponed,
• no IT support (project management software) available.
8.2.5 Use in Practice
The following arguments are cited as advantages of the method (Linssen 2008, p. 100):
possibility of setting up an early warning system, key figures enable supervisory bodies
(project steering committee) to be informed quickly, relief for managers by defining
threshold values that indicate a need for action by managers. The IT controlling toolbox
has numerous elements (cf. Gadatsch and Mayer 2013 for a detailed discussion), but they
are not always used consistently. In practice, classic milestone trend analyses and profit-
ability calculations dominate. Earned value analysis is used more frequently than before
after a 10-year long-term analysis, although there is still potential to be seen here (cf.
Gadatsch et al. 2013, p. 20).
Table 8.1 Measurement of the percentage of completion

Procedure Description
Milestone Relatively objective and easy to follow, milestones are assigned to degrees of
proportionality completion
50:50 procedure Simple, but imprecise. Useful for work packages with extensive preparatory
work and medium-long duration and many smaller work packages, with
commencement the percentage of completion is 50%, with completion 100%
0–100 procedure Simple, but inaccurate. Makes sense with short and many smaller AP: only
with fulfillment is the percentage of completion 100%
Quantity Objective. But requires a power dependency on determinable quantities
proportionality
Time Often unsuitable, only useful in exceptions: e.g. for accompanying work
proportionality packages with management tasks, % share according to elapsed time or time
still to be completed
Estimate Subjective. Risk of overestimating the progress of the project, (80%
syndrome)
cf. Marx and Klotz (2020)
8.2.6 Measurement of the Percentage of Completion
The measurement of the percentage of completion is a key issue in the application of

earned value analysis. A number of basic procedures can be found in the literature, which
are presented in Table 8.1.
When calculating the degree of progress in agile projects (e.g. SCRUM), the degrees of
completion can be determined by comparing storypoints or sprints (cf. Fiedler 2020,
p. 162).
Example 1: Past-Oriented (e.g. Story Points)
Planned Storypoints 1000

Developed Storypoints 500
FG% = 500/1000 * 100 = 50%
Example 2: Future-Oriented (e.g. Sprints)
Planned sprints 10
Sprints still to be performed (estimate) 6
FG% = (10–6)/10 * 100 = 40%
8.3 Application Examples 111
PV EV
AP1 (4th Week, AP2 (8th, €40.000) AP4 €20.000
AP3 (16th Week, €80.000)
€10.000)
0 1 2 3 4 5 6 7 8
AP1 AP2 AP3 (as of yet, 4th week

€9.000 (9th week, €50.000) €70.000)
Fig. 8.2 Project progression “Developing an Internet presence”
8.3 Application Examples
8.3.1 Developing a Website
A wholesale market chain is developing a new Internet presence based on a content man-
agement system. A total of four work packages (WP) are planned (duration, costs):
• WP1: Preliminary study (1 month, 10,000 euro)

• WP2: Conception (2 months, 40,000 euro)
• AP3: Programming and testing (4 months, 80,000 euro)
• AP4: Rollout (1 month, 20,000 euro)
8.3.1.1 Project History
• After 3 weeks the preliminary study is ready. The costs incurred amount to 9000 euro.
• Work package 2 is delayed by 1 week, so that after a total of 3 months the concept
is ready.
• The conception (work package 3) caused 50,000 euro due to disputes between the tech-
nical side and the project management. At the end of the fourth month, the development
management states that about 50% of the website has already been completed. However,
external developers had to be employed because the company’s own employees were ill
and a total of 70,000 euro has been spent on WP3 to date.
A schematic representation of the course of the project with an indication of the relevant
variables is shown in Fig. 8.2.
How is the project to be assessed at the end of the fourth month. For this purpose, the
key figures “cost variance”, “schedule variance” “cost efficiency” and “time efficiency” of
the earned value analysis are to be calculated.
8.3.1.2 Basic Data

BAC budget at completion/Total plan costs 150,000 euro
10,000 + 40,000 + 80,000 + 20,000 = 150,000
PV planned value/Planned cost (end of fourth month) 70,000 euro
(continued)
(continued)
10,000 + 40,000 + 25% of 80,000 = 70,000
EV earned value/Completion value (end of fourth month) 90,000 euro
10,000 + 40,000 + 50% of 80,000 = 90,000
AC actual cost 29,000 euro
9000 + 50,000 + 70,000 = 129,000
8.3.1.3 Determination of the Key Figures

CV Cost variance CV = EV – AC 90,000–
129,000 = −39,000 euro
Cost variance
SV Schedule variance SV = EV – PV 90,000–
70,000 = +20,000 euro
Schedule deviation
CPI Cost performance index CPI = EV/AC
90,000/129,000 = 0.7
Cost efficiency CPI < 1 (expensive project)
SPI Schedule performance index SPI = EV/PV
90,000/70,000 = 1.29
Time efficiency SPI > 1 (fast project)
8.3.1.4 Overall Rating

The project has higher costs than planned (negative cost variance or CPI < 1), but is sig-
nificantly faster than expected (positive schedule variance or SPI > 1). Thus, the advanta-
geousness depends on the preference of the decision maker (cost/time).
8.3.2 App for Software Developers
A software company develops a new “app” for its software developers. They should be
able to record their project hours via smartphone. A total of five work packages (WP) are
planned:
• Work package 1 (planning): duration 1 week, costs 40,000 euro

• Work package 2 (conception): duration 2 weeks, costs 80,000 euro
• Work package 3 (realisation): duration 3 weeks, costs 120,000 euro
• Work package 4 (training): duration 1 week, costs: 20,000 euro
• Work package 5 (roll-out): duration 3 weeks, costs: 180,000 euro
8.3.2.1 Project History
• Work package 1 is proceeding according to plan

• Work package 2 needs 1 week more time. The costs are 20,000 euro higher than planned
8.3 Application Examples 113
PV
EV
AP1 €40.000 AP2 1st Week, €80.000 AP3 3rd Week, €120.000 AP4 €20.000 AP5 3rd Week, €180.000
0 1 2 3 4 5 6 7 8 9 10
AP1 AP2 AP3 AP4 AP5

€40.000 3rd Week, €100.000 4rd Week, €150.000 €20.000 STOP
Fig. 8.3 Project progression “App for software developers”
• Work package 3 needs 4 weeks, instead of 3 weeks, the costs amount to 150,000 euro
• Work package 4 proceeds according to plan (same duration, costs as planned)
• Work package 5 has been stopped due to technical problems.
Figure 8.3 shows the course of the project with some key figures.
8.3.2.2 Basic Data

BAC budget at completion/Total plan costs 440,000 euro
40,000 + 80,000 + 120,000 + 20,000 + 180,000 = 440,000
PV planned value/Planned cost (end of week 8) 320,000 euro
40,000 + 80,000 + 120,000 + 20,000 + 1/3 of 180,000 = 320,000
EV earned value/Completion value (end of week 8) 240,000 euro
40,000 + 80,000 + 120,000 = 240,000
AC actual cost 290,000 euro
40,000 + 100,000 + 150,000 = 290,000
(Only AP1, AP2 and AP3 are completed to 100% each)
8.3.2.3 Key Figures

CV cost variance CV = EV – AC 240,000–290,000 = −50,000 euro
Cost variance
SV schedule variance SV = EV – PV 240,000–320,000 = −80,000 euro
Schedule deviation
CPI cost performance index CPI = EV/AC 240,000/290,000 = 0.83
Cost efficiency CPI < 1 (expensive project)
SPI schedule performance index SPI = EV/PV 240,000/320,000 0.75
=
Time efficiency SPI < 1 (slow project)
8.3.2.4 Overall Rating

The project has higher costs than planned (negative cost variance or CPI <1), it is also
significantly slower than expected (negative schedule variance or SPI <1).
8.4 Reporting
The earned value analysis is very well suited for the creation of overview reports with the
most important key figures for several projects (cf. Fig. 8.4) or of project portfolios (cf.
Fig. 8.5). For this, the use of suitable tools is required to automate the creation effort.
8.5 Summary
The earned value analysis was developed for project controlling and provides key figures
for controlling and analyzing the course of the project (especially costs and time).
8.5.1 Baseline Data
Planned costs = planned quantity × planned price

Actual cost = Actual quantity × Actual price
Earned Value = Actual Quantity × Planned Price
8.5.2 Key Figures
Plan variance = activity value – plan costs

Cost variance = activity value – actual costs
Time efficiency = output value/plan costs
Cost efficiency = output value/actual costs
The EVA methodology can also be used in agile projects by determining the degree of
progress by comparing storypoints or sprints (cf. Fiedler 2020, p. 162).
Project Total Residual Costs Planned Costs Actual Earned- Time Cost
planned Actual costs 0-t (t) costst Valuet efficiency efficiency
costs Active Planned costst-n
P1
P2
P…
Fig. 8.4 Reporting with EVA analysis – project overview

References 115
Costs
CPI >1
Cheap P3
P1 P2
CPI =1
P4
CPI <1
Expensive Length
SPI <1 SPI =1 SPI >1
Slow Fast
Fig. 8.5 Reporting with the EVA methodology – project portfolio. (cf. Ceplak 2017)
References
Ceplak C (2017) Earned value management, controlling von Projektportfolios mit Hilfe der Earned
value analyse, Masterarbeit, Alpen-Adria-Universität Klagenfurt, März 2017. https://netlibrary.
aau.at/obvuklhs/content/titleinfo/2413199/full.pdf. Accessed on 11.03.2021
Fiedler R (2020) Controlling von Projekten, 8. Aufl. Springer, Wiesbaden
Gadatsch A, Mayer E (2013) Masterkurs IT-Controlling, 5 Aufl. Springer, Wiesbaden
deutschsprachigen Raum, Bd 33. Schriftenreihe des Fachbereiches Wirtschaft Sankt Augustin,
Hartmann K, Lange P, Bauer T. (2019) IT-Management im öffentlichen Sektor. Erfolgsfaktoren
für Großprojekte in Behörden und Verwaltungen. eGOVERNMENT Computing, ohne Jahrgang,
007, 19.06.2019, 19, ISSN 1618-3142
Kesten R, Müller A, Schröder H (2007) IT-controlling, Messung und Steuerung des Wertbeitrags der
IT. Vahlen Verlag, München
Linssen O (2008) Die Earned-Value-Analyse als Kennzahlensystem zur Projektüberwachung. In:

Pütz M, Böth T, Arendt V (Hrsg) Controllingbeiträge im Spannungsfeld offener Problemstrukturen
und betriebspolitischer Herausforderungen. Lohmar/Köln, S 87–114
Marx S, Klotz M (2020) Working Paper Earned-Value-Analyse: Einführung und Beispiele, Strahlsund,
2020, SIMAT Arbeitspapiere, No. 12-20-036. https://www.econstor.eu/handle/10419/214916
Stelzer D, Bratfisch W (2007) Earned-Value-Analyse – Controlling-Instrument für IT-Projekte und
IT-Projektportfolios. HMD 254:61–70. https://doi.org/10.1007/BF03340268
Werkmeister C (2008) Fallstudie zum Controlling innovativer Projekte mit dem Earned-Value-
Ansatz. WiSt 3:171–174
IT Cost and Activity Accounting (IT-KLR):
Numbers for Rational Decisions 9
Abstract
This section shows the structure and application of decision-oriented IT cost and per-
formance accounting from the perspective of IT controlling, without going too deeply
into cost accounting details. First, various concepts of IT cost and activity accounting
are presented. Subsequently, selected questions concerning the recording, allocation
and analysis of costs are dealt with. Afterwards, case studies are used to illustrate con-
crete application possibilities.
9.1 Necessity and Objectives of IT Cost and Activity Allocation
9.1.1 Rising IT Costs
The share of direct and indirect IT costs in total costs is rising as business processes
become increasingly digitalized. IT costs often reach a significant proportion of process
costs, such as in online shops, insurance, telecommunications or banking services.
9.1.2 IT Cost Allocation Required
Many companies recognize that IT cost allocation is necessary in order to obtain basic
data for decisions (e.g. outsourcing, relocations, acquisitions or sales of parts of the com-
pany). The charging of IT services has increased significantly compared to previous years:
72% of companies in the German-speaking world carry out IT service charging (Gadatsch
and Mayer 2013, p. 14).

118 9 IT Cost and Activity Accounting (IT-KLR): Numbers for Rational Decisions
Where did the costs

originate? Creation of cost-
Transparency Who caused these
awareness at the
customer
costs?
Shaping of
Influencing the
Insourcing-/
Governance extent of costs
Outsourcing
(quanty x price)
decisions
Assessment of IT
Activiation of self-
Legal products for
affiliated companies
rendered IT products
Requirements both domestic and
(e.g. Introduction of
an ERP system)
abroad
Fig. 9.1 Goals of IT cost and performance accounting
9.1.3 Goals of IT Cost and Activity Allocation
The goals of IT cost and service allocation can be divided into three groups: Creating
transparency with regard to IT costs and the services provided for this purpose, the pos-
sibility of controlling measures and projects, and fulfilling legal requirements. The
objectives and some examples are shown in Fig. 9.1.
As an example of practice-relevant goals, a presentation by the energy supplier EnBW
at a specialist conference can be cited, which gives the following reasons for a cause-
related allocation of IT costs and services (cf. Baumgart 2019):
• Regulatory recognition of services provided to regulated network companies,

• accounting standards (e.g. capitalization of own work),
• External damages (assumption of damages by insurance, subsidies, etc.),
• Internal control (contribution margin accounting, benchmarks),
• External segment reporting.
9.1.4 Three-Level Settlement
In practice, IT costs and services are typically charged at three levels: Business Services,
Technical Services and IT Infrastructure (see Fig. 9.2 and Serviceware 2018). The tech-
nical infrastructure includes, among other things, basic technical services, data centre
operation and security services. Billing can take place, for example, via distribution keys
to the next higher level (Technical Services). Technical services include the provision of
9.2 Methods of Charging IT Costs and Services 119
Business- Employee SAP payroll … …

Services workplace accounting
Technical IT- SAP- Managed- Standard- Mobile

workplace credentials Clients Desktop- Apps …
Services / Apps Apps
Operation Data-
Technical Base Wi-Fi Network
of
computing Security base …
Infrastructure services centre update
Fig. 9.2 IT charging model. (Based on Serviceware 2018)
applications (such as an SAP workstation, managed desktop apps, managed client hard-
ware). These can be allocated to the upper level of business services after they have been
used (possible allocation objects are the IT work center, HR services, logistics services,
and so on) and represent the interface for allocation to the business side. The business side
only orders the “business services” mentioned.
The general and rather complex “TBM Framework” can be used as a reference for the
formation of an own allocation structure (TBM Council n.d.). In the public sector, the
topic of IT cost and activity allocation has been implemented operationally for some time,
for example in Rhineland-Palatinate, whose state government (Ministry of Finance) has
published a comprehensive manual specifically for this purpose (cf. Rheinland-Pfalz 2000).
9.2 Methods of Charging IT Costs and Services
The allocation of IT costs and services can be divided into two major groups: Lump-sum
and analytical approaches (cf. Dittus et al. 2017). Flat-rate approaches can in turn be sub-
divided into approaches for “non-allocation or partial allocation” (type A) and “apportion-
ment allocation procedures (type B)”. In the case of analytical methods, there is
“performance-based allocation based on an IT service catalogue” (type C) and “process
driver-based allocation” (type D). The four variants are shown in Fig. 9.3.
The procedures presented in Fig. 9.3 are characterised below in keywords with regard
to the effort involved, the allocation system and the possible control effect.
Type A: Non or Partial Offsetting
• Effort
–– Simplest form of (non-)allocation, therefore requires little or no effort.
• Offsetting
Methods to offseng IT costs
General Approach Analycal Approach
Type C:
Type A: Type D:
Type B: Performance based
No-neng approach or Process driven
Surcharge-allocaon allocaon
paral clearing method allocaon
(IT service catalogue)
Variante B1: Variante B2:

Direct Variante C1: Variante C2:
Variante A2: allocaon of Offseng of Cost-offseng Variante D1: Variante D2:
Variant A1: direct costs Allocaon of costs based on based on
Allocaon of direct and Acvity based Acvity based
No offseng and allocaon planned planned cosng Accounng
direct costs overhead costs
of overhead quanty and quanes and
costs per share per share in planned price market prices
in product product.
Fig. 9.3 Methods for charging IT costs and services
–– IT costs are posted to the central IT cost center and remain there.
–– The total IT costs are included in the profit and loss account as a lump sum via the
administrative overhead surcharge (percentage).
• Control function
–– No possibility to control IT costs
–– No IT product costing (costs of IT products are not known)
–– No influence on the cost awareness of IT and business departments
• Practice
–– According to one study, Type A accounts for a very high proportion: 40% of the
companies surveyed stated that they did not carry out any IT cost and activity alloca-
tions (cf. Gadatsch et al. 2017). ◄
Type B: Apportionment Settlement
• Effort
–– simple form of distribution, requires only little effort (distribution key)
• Offsetting
–– Direct costs are posted to the originating cost centers (for example, costs for a pur-
chased PC, mobile phone contract).
9.2 Methods of Charging IT Costs and Services 121
Overhead costs are distributed to non-IT cost centers via quantity or value keys (e.g.
based on the keys “number of employees”, “number of PCs”, “personnel costs”)
IT cost center is completely “discharged”
–– No possibility to control IT costs
–– No IT product costing (costs of IT products are not known)
–– Hardly any influence on cost awareness on the part of IT and business departments
• Practice
Type B is practiced, for example, by the Lanxess company in Leverkusen (cf.
Schuster 2012). ◄
Type C: Service-Based Charging on the Basis of an IT Service Catalogue
• Effort
Complex billing, requires data preparation, processes and IT tools
• Offsetting
–– IT department creates an IT service catalogue and plans quantities and prices for all
services (multi-level IT product costing for each IT service)
–– IT costs are booked to the central IT cost center, the customers can book the IT ser-
vices, and their cost centers are debited monthly.
–– Possibility to control IT costs (connection between consumption of IT resources and
their use becomes transparent)
–– Promotes economic thinking and raises awareness of costs among IT and business
departments, benchmarking with external IT providers is possible
• Practice
–– Type C is practiced by Rolls-Royce Power Systems, for example (cf. Siems 2014). ◄
Type D: Process Driver-Based Allocation
• Effort
–– Very complex accounting, requires extensive data determination, processes and IT
support (usually only feasible with complex tools)
• Offsetting
–– Determination of cost blocks and allocation of cost drivers (e.g. allocation of all
costs for “IT service” and determination of the cost driver “number of tickets for IT
service”)
–– Allocation of IT costs to originating cost centers based on the cost drivers (take over
the role of the “distribution key from type B”, but with meaningfulness)
–– Very good visibility of cost causation (cost drivers) and cost utilization
–– Possibility of displaying the IT cost shares in business processes
• Practice
–– Due to the high effort involved, type D is at best relevant for state-regulated compa-
nies that have to report their process costs differentiated by cost type (including IT
costs). ◄
The selection of the respective accounting methodology is always to be carried out by

the organization according to its requirements for transparency, degree of desired control
effect of the need to meet legal requirements. The portfolio diagram in Fig. 9.4 shows a
possible selection (top) with corresponding examples (bottom).
9.3 IT Cost Element Accounting
The illustration in Fig. 9.5 shows different data supplying systems (senders) as they are
frequently encountered in practice (cf. Gadatsch and Mayer 2013, p. 163). From financial
accounting, for example, incoming invoices, from materials management material with-
drawals (e.g., replacement of a keyboard) and from human resources personnel costs and,
if applicable, activity quantities (e.g., hours incurred by software developers for IT proj-
ects) enter IT cost type accounting.
Special software systems, such as IT asset management or IT activity allocation, pro-
vide inventory data and movements on IT assets (hardware, software, accessories) and
time consumption for IT projects or troubleshooting. IT cost centre accounting distributes
the IT costs incurred to cost centres according to their origin. IT job accounting is used to
collect and distribute longer-running or particularly important measures, especially IT
projects or license costs for ERP systems.
IT cost unit accounting determines the calculations for the IT department’s IT products,
e.g. the price for a consultant hour, etc. In the IT income statement, the contribution of IT
to the overall success of the company is determined. The IT management recognizes what
share its performance achieves in the results of the company. In addition to reporting, the
data recipients of IT cost and performance accounting are billing (if the IT department also
9.3 IT Cost Element Accounting 123
High
Type D:
Type B:
Process driver based
Cost allocaon offse ng
offse ng
Relevance and
amount of IT
costs Effort Effort
(in proportion
to
total costs) Type C:
Type A:
Performance based cost
No cost allocaon OR
allocaon
paral cost allocaon
(IT service catalog)
Effort Effort
Low
Low Necessitiy for IT-control High
(Cost Awareness, Demand Management, Benchmarking)
High
Type B: Type D: Process driver
based offse ng
Cost allocaon offse ng
"Small and medium-sized business "Regulated Corporation"

with high IT cost"
Telecommunications or power companies with high
Service creation requires stable IT IT costs and can detail these costs in the final
Relevance and Own small IT department with dedicated computing product.
centre
amount of IT IT relevance for products us manageable
costs
(in proportion "Startup in establishment phase" "Industrial Corporations“
to
total costs) IT should be used creatively. General IT takes up only a small fraction of
IT costs are smaller than labour costs. overall IT costs
Does not have a dedicated IT department Usually consists of many end users and
is very transparent in term of costs
necessary for benchmarking/outsourcing
Type A: Type C:
No cost allocaon OR Performance based cost allocaon
paral cost allocaon (IT service catalog)
Low
Low High
Necessitiy for IT-control
(Cost Awareness, Demand Management, Benchmarking)
Fig. 9.4 Portfolio for the selection of allocation methods for IT costs and services
generates external sales outside the company) and financial accounting. IT reporting takes
data, prepares it for the recipient, and distributes it to the managers in the company.
Cost element accounting structures the IT costs incurred and prepares them for further
processing. The structure of the IT cost elements depends on the organizational form of
information processing and the desired level of detail. Differences result, for example,
Sender IT-Cost-Accounting Recipient
IT-cost center
Adminstrative accounting IT- cost unit Billing
Accounting Based on full costs or
accounting
marginal costs
Based on full costs or
Standard Systems
marginal costs
Allocation
Human Resources IT-cost-type- of IT-costs Cost estimation of
Management (e.g. per user) IT-Reporting
accounting IT products
(product costing)
Gathering of all
and
Materials- amounted IT-costs
(e.g. according to Adminstrative
Management special IT-cost-types)
IT profit and loss
IT-order statement Accounting
accounting (period costing)
IT-Asset- Based on full costs or
marginal costs
Specialized Systems
manage-
ment Allocation ...
of IT-costs
(e.g. per IT-Projects)
IT-Activity-
Recording
Fig. 9.5 Structure of IT cost and activity accounting
from the use of an in-house IT department or a high proportion of IT outsourcing. Typical

IT cost elements are:
• Hardware (personal computers, smartphones, printers),

• Software (standard software, individual software),
• IT services (consulting, programming, maintenance),
• Consumables (printer cartridges, paper, blank CDs, USB sticks),
• Depreciation of hardware and software.
A distinction must be made between primary cost elements (e.g. invoice from a software
house for programming and consulting services) and secondary cost elements for internal
activity allocation (e.g. charging the project costs of the above-mentioned software house
to the departments involved).
9.4 IT Cost Centre Accounting
Based on IT cost type accounting, IT costs are split into direct costs and overheads. Direct
costs can be directly assigned to sales products without further allocations, such as IT
products of a software house or IT consulting company (e.g. invoice of an external consul-
tant for a software system developed on behalf of a customer are IT direct costs for the IT
product “software system”).
9.4 IT Cost Centre Accounting 125
IT overhead costs that cannot be directly allocated are distributed to the IT products via
IT cost center accounting using different methods. For example, software developers in
the IT department use the Internet for research. However, the fees incurred for this cannot
be allocated to individual projects of the developer’s work. They must be allocated accord-
ing to appropriate criteria. Cost center accounting is used for this purpose. First, the IT
costs of the IT preliminary cost centers (e.g. computer center, PC service, application
consulting) are collected and distributed to the main cost centers (also called final cost
centers). Main cost centers are the end users of IT services, e.g. sales, production, person-
nel, etc. Overhead costs can be allocated to products using costing rates. The allocation of
costs to the final cost centers takes place in the so-called operational settlement sheet.
9.4.1 Example of an IT Operations Accounting Sheet
“Interface GmbH” has set up three IT preliminary cost centres to account for its extensive
IT costs: Computer Center, Application Consulting and PC Service. The costs for person-
nel, hardware, Internet use and imputed depreciation are allocated to the company’s cost
centres as follows:
Personnel Salary total according to payroll

Hardware Number of PCs
Internet use Number of minutes of online usage
Lime. Depreciation and interest Assets according to asset accounting
Other cost types are not considered further for reasons of simplification, as the IT costs
are the main focus. The costs of the IT preliminary cost centers are to be allocated to the
final cost centers using the apportionment method. The IT cost centers are allocated
according to the following criteria:
Data center CPU time used (in minutes)

Application advice Working time used (in hours)
PC service Number of installed PCs
The calculation example is shown in Fig. 9.6.
9.5 IT Cost Unit Accounting
Cost Object Controlling consists of two components, product costing and profitability
analysis. It is normally only used in the context of IT cost accounting if the IT products are
also end products, as is the case with an IT service provider, for example.
Fig. 9.6 Example of a simplified IT BAB
9.5.1 Product Costing
Product costing determines the price for IT products, which is made up of different cost
components. Internal costs are, for example, personnel costs for software developers.
External costs are, for example, consulting fees, acquisition costs for hardware and soft-
ware licenses, maintenance fees, data backup costs. However, product costing can also be
used within the framework of internal activity allocation in cost center accounting to deter-
mine internal transfer prices for internal “IT products”.
Examples of typical IT products are:
• Operation of ERP systems,

• Operation of central IT applications (e.g. Citrix clients, e-mail, intranet/internet, file
and print services, data backups in the network),
• Operation and maintenance of standard IT workstation systems (desktop, laptop,
smartphones),
• Operation of department-specific applications (CAD applications),
• Hotline (first level support, second level support),
• Central asset management (inventory and management of IT assets),
• Operation of an IP-based telephone network.
9.5 IT Cost Unit Accounting 127
No. Position Remark Value Remark

01 Hardware costs 12.50 Euro 600 Euro / 4 years / 12 months
02 + material overhead costs % premium on top of 01 1.25 Euro 10% of 12.50 Euro
03 = material costs Sum of 01 - 02 13.75 Euro
04 + Licenses for standard applications 8.33 Euro operating system and Office
(operating system, Office u.a.) 100 Euro + 300 Euro = 400 Euro
/ 4 years / 12 months
05 + installation of Network Flat rate included 1.04 Euro 50 Euro / 4 years / 12 months
06 + Licenses for additional components 58.33 Euro SAP 700 Euro / 12 months
07 + Flat rate charge for IT services 30 Euro 30 Euro (already fixed monthly rate)
(Installation, Hotline, error correction, Software
updates)
08 = Licenses and Services Sum of 04 - 07 97.70 Euro
09 = IT product cost I Sum of 03 + 08 111.45 Euro
10 + CIO cost allocation % premium on top of 09 22.29 Euro 20% of 111.45 Euro
11 IT product cost II Sum of 09 + 10 133.74 Euro

(monthly charge rate)
Fig. 9.7 Calculation example of an IT workstation
9.5.1.1 Example of IT Product Costing

The example shows the determination of the monthly planned allocation rate for an IT
work center (IT-APS) (see Fig. 9.7) based on the following data:
• Cost price desktop: 600 euro/piece, service life: 4 years,

• Surcharge for material overhead (MGK): 10%.
• Licenses
–– Operating system: 100 euro one-time, useful life: 4 years,
–– Office: 300 euro one-time, useful life: 4 years,
–– SAP usage: 700 euro p.a.
• Setup of Network: 50 euro one-time,
• IT service flat rate: 30 euros/month,
• CIO levy: surcharge: 20%.
9.5.2 Contribution Margin Accounting/Direct Costing
The instrument of contribution margin accounting is used to summarize fixed and variable
costs step by step to an overall result. It can be used to carry out analyses of the profit
contribution of projects, departments or areas. The contribution margin is the difference
between the revenue and the directly attributable variable costs.
Area Services Projects Total

IT-Service Project A Project B
Revenue 30.000 € 7.000 € 18.000 € 55.000 €
-variable costs -5.600 € -8.000 € -16.000 € -29.600 €
Profit margin I 24.400 € -1.000 € 2.000 € 25.400 €
Area fixed costs -5.000 € -500 € -5.500 €
Profit margin II 19.400 € 500 € 19.900 €
-Fixed corporate costs -20.000 € -20.000 €
Operating Result -100 €
Fig. 9.8 Example of a contribution margin calculation for an IT service provider
9.5.2.1 Example of a Contribution Margin Calculation for an IT

Service Provider
Figure 9.8 Example of a contribution margin calculation for an IT service provider shows
a simple example of a contribution margin calculation for an IT service provider. The
company is divided into two areas (service and projects). The following data is available
• Proceeds
–– IT service: 30,000 euros,
–– Project A: 7000 euro,
–– Project B: 18,000 euros.
• Variable costs
–– IT service: 70 h,
–– Project A: 100 h,
–– Project B: 200 h (each at 80 euro/h).
• Fixed costs
–– Areas:
IT service: 5000 euros,
Projects 500 euros,
• Company: 20,000 euros.
9.6 Case Studies
9.6.1 Case Study Break Even Analysis “Cloud Versus On-Premise”
9.6.1.1 Initial Situation and Task

A company with 10,000 employees operates a self-developed software for travel expense
accounting. It will increase the number of employees to 40,000 in the next 3 years. The
company management is considering moving the operation of the “expense report” to the
9.6 Case Studies 129
“cloud”. It has heard from other companies that a move to the cloud is “cost effective” and
flexible. Cost information is available for “in-house” operation as well as a quote from a
cloud provider. The company management would like to know from you from or up to
which number of employees an “on-premise solution” or a “cloud solution” makes sense
from a cost perspective.
9.6.1.2 In-House/On-Premise
In addition to in-house operation of the application, the “cloud computing” variant must
also be considered.
9.6.1.3 Fixed Costs

• Monthly costs of 7000 euros are incurred for the pro rata use of the company’s own
computer centre.
• Of this, moving the application to the cloud would eliminate 6000 euros per month for
personnel costs.
• The remaining fixed costs of 1000 euro per month would still have to be borne by the
company.
9.6.1.4 Variable Costs

• In addition, costs of 0.50 euros are incurred for each settlement carried out (e.g. elec-
tricity, variable personnel costs, dispatch of the settlements, transfer fees). These costs
could be completely eliminated by moving to the cloud.
9.6.1.5 Cloud Solution

• The provider charges you 70 cents per statement.
One possible solution is shown in Fig. 9.9 Solution to Case Study: Cloud versus On
Premise.
9.6.2 Case Study Benchmarking “IT Consolidation”

Company A is being merged with Company B. One of the tasks involved is the integration
of the two “IT organizations”. The aim is to select a target structure that is as cost-effective
as possible. Initial analyses show that the IT costs of the previous companies are not com-
parable, as the cost components are determined differently. You have been commissioned
to compare the cost structures and to determine the “annual IT costs” and the “IT costs per
employee” in order to have a starting point for further steps.
9.6.2.2 Company A
• A employs ten people in IT (10% of the workforce). The personnel costs amount to 1
million euros.
Fig. 9.9 Solution to the case study: Cloud versus On Premise
• A operates an “operation support system”. The costs of 2 million euro are not included
in the IT budget.
• Depreciation on IT hardware and software is not included in the IT budget. They
amount to around 1 million euros p.a.
• Costs for telecommunications are integrated in the “Facility Management” budget.
These amount to approx. 100,000 euros p.a.
• Cloud applications are paid for by the specialist departments. IT estimates the amount
at approx. 500,000 euros p.a.
• An IT service desk is missing, the work is done in the department. The costs are esti-
mated at 500,000 euros.
• The company employs 20 external temporary workers, who are included in the number
of employees.
9.6.2.3 Company B
• B employs 30 people in IT (25% of the workforce). The personnel costs amount to 3.3
million euros.
Administraon A Administraon B
No. of IT employees 10 30
Total No. of employees 80 120
(10/10% = 100 – 20 leased labour)
Labour costs 1,000,000 3,300,000

Write-offs 1,000,000 2,000,000
Telecommunicaons 100,000
Cloud applicaons 500,000 4,000,000
IT-Service-Desk 500,000
Total IT costs 3,100,000 9,300,000
IT-costs / employees 38,750 77,500
(3,100,000 / 80) (9,300,000 / 120)
Fig. 9.10 Case study benchmarking in the context of IT consolidation
• The costs for all IT systems are budgeted centrally at IT. They amount to approx. 6 mil-
lion euros p.a.
• Depreciation on IT hardware and software is included in the IT budget at approx. 2
million euros p.a.
• Costs for telecommunications and cloud applications are already included in the budget
for IT systems.
• An IT service desk is operated by IT with existing staff, the costs are included in the
above figures.
• The company does not employ any temporary workers.
9.6.2.4 Possible Solution

One possible solution is shown in Fig. 9.10.
9.6.3 IT Cost and Performance Accounting Case Study

A company creates the IT services in a data center operated by an external provider for its
business units X, Y and Z. The company’s own personnel operate the “IT service” and
provide the IT workstations (IT-APS). IT costs incurred (own personnel costs, provider
costs for the data center, external consulting services and license costs) should first be
allocated to the “IT products”. The IT products for the IT service catalogue have already
been defined: “IT service”, “IT-APS” and the two “digitisation projects A and B”. The
costs of the IT products are to be allocated to the business units at a later date according to
their origin.
Create a simple allocation model based on an IT service catalog and allocation based
on planned costs and perform an allocation. Consider at least the allocation levels: IT
infrastructure (cost elements), IT services (cost centers), and business unit (cost objects).
The data for performing the allocation is shown in Tables 9.1, 9.2, and 9.3.

A possible solution for the allocation is shown in Fig. 9.11. First, the actual costs incurred
are allocated to the IT products (IT service hour, IT workstation, project A and project B).
In the second step, the costs are allocated to the business areas X, Y and Z according to the
utilization.
9.6.4 IT Cost Management Case Study

The IT costs of an electronics retail company are significantly above the industry average.
The company has a central computer center, a central IT development department and
decentralized IT specialists in some departments. The IT costs are recorded by accounting
on three cost types (hardware, software, other IT costs) if the invoice text allows a clear
Table 9.1 Costs of IT infrastructure

Position Costs p. a. Clearing unit
Personnel costs 800,000 euro Hour
Provider costs 2,000,000 euro Share in % according to survey
Consulting 500,000 euro Hour
Licence costs 100,000 euro Piece
Table 9.2 Data on the allocation of IT costs to technical IT services (IT products)
IT cost elements for the creation of IT products
IT product Power Staff data centre Consulting Licenses
IT service 5000 h/p.a. 800 h 10% – –
IT-APS 500 piece 400 h 60% – 500 pc
Project A 800 h 800 h 20% 100 h
Project B 600 h 600 h 10% 200 h
Total 2600 h 100% 300 h 500 pc
Table 9.3 Data on the allocation of IT products to business services (business units)
IT product Offsetting GB X GB Y GB Z
IT service hours Hours 1000 h 1000 h 3000 h
IT workstation Piece 100 piece 200 pieces 200 pieces
Project A Hours 0 900 h 0
Project B Hours 0 0 800 h
Offseng IT-costs to technological services (IT-Products) Key:

Hourly rate IT-Service IT-APS Project A Project B AU = accounting unit
amount p.a. cost p.a. amount p.a. cost p.a. amount p.a. cost p.a. amount p.a. cost p.a. h = hour
€ 800 € 246,154 400 € 123,077 800 246,154 € 600 € 184,615 € 800,000 pcs = piece
€
10% € 200,000 60% 1,200,000 20% € 400,000 10% € 200,000 € 2,000,000
0 €0 0 0 100 € 166,667 200 € 333,333 € 500,000
0 €0 500 € 100,000 0 0 0 0 € 100,000
Sum €446,154 € € 1,423,077 € 812,821 € 717,949 € 3,400,000
No. of Units 5000 500 900 800
Cost p. unit € 89 € 2,846 € 903 €897
AU h pcs h h
Offseng IT products based on area of business

Area of Business
Area X Area Y Area Z
IT-Product Cost p. unit amount p.a. cost p.a. amount p.a. cost p.a. amount p.a. cost p.a.
Hourly rate IT-
Service € 89 1000 € 89,231 1000 € 89.231 3000 € 267,692 € 446,154
IT-APS € 2846 100 € 284,615 200 € 569.231 200 € 569,231 € 1,423,077
Project A € 903 0 €0 900 € 812.821 0 €0 € 812,821
Project B € 897 0 €0 0 €0 800 € 717,949 € 717,949
Total: 373,846 € Total: 1.471.282 Total: €1,554,872 € 3,400,000
Fig. 9.11 Case study IT cost and performance accounting
allocation. All IT costs remain on the cost center “computer center”. The IT services are
implemented without a written agreement, but after consultation with the specialist depart-
ment, but are not charged on within the framework of internal activity allocation. A large
number of the applications have been developed in-house over the years. The new man-
ager for the “IT Controlling” department is given the task of optimizing IT costs in the
company and sustainably improving cost transparency. The management expects short-
term success in terms of cost reduction (quick wins), as the company’s earnings situation
is very tight, as well as a sustainable optimization of the IT cost structure.

A three-step action plan is proposed after a brief analysis of the situation:
• M1: Short-term reduction of IT costs through more cost-effective provision of IT ser-

vices and improvement of the IT cost structure by dispensing with non-business-critical
IT services.
• M2: Improve cost transparency by setting up an IT cost and performance account-
ing system.
• M3: Permanent optimisation of IT service provision through changes to the service
structure.
M1: Reduction of IT Costs

The catalogue of immediate measures required to secure acceptance contains proposals
that improve the cost structure but do not reduce the level of service, as well as proposals
that reduce IT services if this does not affect the business.
Proposal 1: Reduce Licenses and Hardware

Lack of software license management costs many companies large portions of the IT budget. An
essential element of effective IT cost management is the adjustment of the license volume to the
actual demand. The same statements apply to the inventory management of IT hardware. To improve
the situation, it is necessary to take stock (inventory) of the hardware and software in the company.
The data should be recorded largely automatically with the help of a new IT asset management sys-
tem (cf. p. 79 ff.). This will be followed by the systematic reduction of hardware and software
licenses that are no longer necessary.
Proposal 2: Check Useful Life

In many cases, hardware components (personal computers, laptops, tablets) are replaced by employ-
ees of the departments according to the “budget situation”. This leads to procurements being brought
forward when the IT budget is sufficient, which do not appear to make sense on closer examination.
As part of the immediate programme, useful lives are being reviewed and binding replacement
cycles are being developed, to which budget approval is to be linked. When determining the useful
life, it should be noted that as the useful life increases, indirect IT costs (e.g., component failure:
Downtime; Component incompatibility: Program crashes) increase.
Proposal 3: Check Software Release Change

In many cases, software release changes are carried out in accordance with the manufacturer’s pol-
icy: as soon as the software manufacturer brings a new release onto the market, an update project is
started. The projects are justified with rather technical arguments, without a recognizable benefit
becoming visible for employees of the specialist department. In the future, software release changes
must be commissioned as a project and, prior to the start of the project, proof must be provided of a
profitability analysis that shows that the release change will benefit the company. The proof of ben-
efit can also be provided by the underlying business if no direct benefit can be determined (e.g.
update of an ERP software leads to faster response times in order entry due to new processing func-
tions, thus an increase in sales is possible).
Proposal 4: Optimise Project Work

A high proportion of the IT budget is used for business trips, meetings, project meetings, training,
overnight stays, etc. The costs for this should be reduced by using modern communication solutions
(e.g. video conferencing, telephone conferencing, chat rooms) and training concepts (e.g. blended
e-learning). The costs for this should be reduced by using modern communication solutions (e.g.
video conferencing, telephone conferencing, chat rooms) and training concepts (e.g. blended
e-learning).
Proposal 5: Renegotiate IT Contracts

An efficient IT contract management regularly renegotiates IT contracts with suppliers, especially in
crisis situations, and bundles individual contracts to achieve volume discounts. The fees of external
IT consulting companies are to be standardized according to activity groups (e.g. management con-
sulting, technical consulting, application programming, standard trainings ...) and, if necessary,
reduced to market level.
Proposal 6: Reschedule IT Projects

The aim of the proposal is to cancel or postpone IT projects that are not necessary. This requires IT
portfolio management in the long term. For short-term savings, projects should be identified that can
be dispensed with for a time or in general. Projects for which no contractual obligations have yet
been entered into or for which termination options exist are particularly suitable here.
Proposal 7: Encourage Standards

Focusing on IT standards helps to reduce IT costs in the short term and in the long term. In this case,
it is advisable to promote projects with standard software and to give preference to the use of stan-
dard functions that can be realized via customizing options. Furthermore, the inventory of hardware
types and software licenses should be checked for redundancy and standardized.
Proposal 8: Reduce IT Performance Levels in a Targeted Manner

In many cases, high performance levels are maintained in regular operation due to project situations.
For example, hotline staffing times that were very intensively extended in the introductory phase of
a project can be reduced to core times in regular operation (e.g., Monday to Friday 8:00 a.m. to
5:00 p.m., Saturday on request). Response times for malfunctions should be linked to service levels
and activity characteristics that must be paid for by the internal customer in a way that affects the
budget (standard level for troubleshooting: 1 day at the normal price for standard office worksta-
tions, premium level: 1 h at the increased price for business-critical workstations).
M2: Improving Cost and Performance Transparency

The basic prerequisite for transparent IT costs and IT services is a transfer price system in
conjunction with IT cost and performance accounting that is based on the cause. Controlling
therefore proposes the introduction of IT cost and performance accounting in the follow-
ing sub-steps:
• Development of an IT product or IT service catalogue and definition of the IT product

portfolio.
• Adoption of service level agreements for each IT product between IT department and
IT customers.
• Analysis of the reporting requirements of management (e.g. key figures, cost analyses)
and IT end customers (e.g. for cost centre reports).
• Development of a cost type structure with the main IT cost types IT material, IT devel-
opment, IT operation, IT depreciation and IT rent/leasing.
• Development of a differentiated IT cost center structure taking into account special IT
cost centers for application, billing, project, service and equipment cost centers.
• Integration of the IT cost elements and IT cost centers as well as the allocation system-
atics via customizing functions in the controlling module of the ERP system.
• Planning of IT costs according to cause (determination of IT activity types and activity
quantities per activity type/cost center, planning of primary and secondary cost types).
• Conception of the actual recording of performance data and costs, taking into account
existing information systems (financial accounting, logistics) as well as special perfor-
mance recording systems (e.g. for computer services, telecommunication charges).
M3: Optimisation of the Cost and Performance Structure

After the bundles of measures M1 and M2 have brought about short-term improvements
in the cost structure and ensured the quality of the analyses, effective long-term optimisa-
tions of the IT structure can be tackled. The IT controller proposes the following individ-
ual measures for this purpose:
Proposal 1: Standardisation of Applications

Analysis of the company’s entire process support with the aim of increasingly replacing individual
applications with standard software. Furthermore, overlaps of standard software packages or differ-
ent manufacturers are to be identified and eliminated. This can lower licensing and operating costs
and reduce interfaces.
Proposal 2: Pooling of Resources

Often, decentralized IT resources are kept in order to achieve more flexibility. However, redundan-
cies and distorted IT costs are the result of such measures. Examples of this are decentralized data
centers/IT departments per location or “hidden” IT employees in specialist departments (e.g., for
report programming, decentralized data management) that do not appear in the IT budget. Such situ-
ations must be identified as part of an analysis and transferred to the normal IT organization.
Proposal 3: Standardisation and Optimisation of IT Processes

Analysis of IT processes and restructuring based on a best-practice model in order to use the experi-
ence of other companies. The ITIL concept, for example, which is increasingly being used by many
companies, is currently suitable for this purpose.
Proposal 4: Outsourcing Analysis

The services of the IT departments should be compared with market services within the framework
of a benchmark. For this purpose, the formal invitation to tender for an outsourcing project can
serve, in which the own IT department can also apply as a service provider.
Proposal 5: IT Development Plan with Migration Concept

Creation of a migration concept to replace the old applications or redundant standard software sys-
tems as quickly as possible. In this context, an IT development plan should help to improve the
overview of the multitude of IT applications, release statuses and responsibilities.
9.7 Summary
• IT cost and performance accounting is necessary to provide basic data for decision sup-
port in the face of rising IT costs.
• Instruments are cost element accounting, cost center accounting and cost unit account-
ing consisting of product costing and profitability analysis.
• In cost element accounting, the costs are split into direct costs and overhead costs.
• Cost center accounting distributes the costs to the final cost centers, i.e. those areas that
have used the IT services, according to their origin.
• Product costing calculates end products, but can also be used for internal activity
accounting as a basis for transfer pricing.
• The contribution margin accounting assigns the costs to the revenues step by step as a
profit and loss account
References 137
References
Baumgart H (2019) IT-Produktionskostenberechnung und IT-Service-Pricing im Rahmen einer

verursachungsgerechten Leistungserfassung, Cost IT, Executive Insights, Bonn, 15.05.2019
(Vortragsunterlagen)
Dittus M, Epple J, Schlegel D (2017) Verrechnung von IT-Kosten. Controll Z erfolgsorient
Unternehmenssteuer 29(5):20–27
Gadatsch A, Mayer E (2013) Masterkurs IT-Controlling, 5. Aufl. Springer, Wiesbaden
Gadatsch A, Kütz M, Freitag S (2017) IT-CON 2017, Ergebnisse der 5. Umfrage zum Stand
des IT-Controllings im deutschsprachigen Raum, Bd 34. Sankt Augustin. https://doi.
org/10.18418/978-3-96043-043-8
Rheinland-Pfalz, Ministerium der Finanzen (Hrsg) (2000) Handbuch für die Kosten- und
Leistungsrechnung, Mainz. https://www.lff-rlp.de/fileadmin/user_upload/ZBV/PDF/service/
Kosten-_und_Leistungsrechnung/007_KLRHandbuch.pdf. Accessed on 01.06.2018
Schuster H (2012) IT-Controlling im Dienste interner Kundenorientierung. Steigerung der internen
Kundenakzeptanz, Köln, 19.06.2012, marcusevans Konferenz “Interne Leistungsverrechnung
und Service Katalog Management”, Vortragsunterlagen
Serviceware Wien (2018) 2 IT-Controlling Forum Österreich, https://anafee.de/it-controlling-
forum-oesterreich/. Ergebnis eines Workshops zur IT-Kosten- und Leistungsverrechnung, Wien
09.10.2018
Siems JU (2014) (Rolls Royce Power Systems AG): IT-service management and IT-accounting.
www.catenic.com. Accessed on 28.02.2014
TBM-Council, TBM Framework (n.d.). www.tbmcouncil.org. Accessed on 10.10.2018
IT Sourcing Controlling: Outsourcing of IT
Services 10
Abstract
This section deals with IT sourcing controlling. Central aspects are different options of
sourcing, especially cloud computing and the resulting implications. Another topic area
is the service level agreements (SLA) necessary for IT benchmarking.
10.1 Clarification of Terms
The processes in information and communication technology are traditionally strongly

supported by external service companies (e.g. software development companies) or IT
services (e.g. cloud-based solutions). IT sourcing can be understood as the purchase of IT
services, IT sourcing for short.
IT sourcing controlling supports the design and management of the procurement of IT
services. Here, IT controlling plays a supporting role in analyses and decisions. In addi-
tion, there are advisory tasks in IT contract and IT consultant management, the bench-
marking of IT suppliers and the design and monitoring of IT service level agreements. The
preparation of a make-or-buy analysis used to be seen more in relation to the in-house
development of software compared to the use of standard software. Later, questions of
outsourcing, i.e. the relocation of IT operations and development, were added, which were
characterized by a variety of manifestations (cf. Fig. 10.1, Jouanne-Diedrich).
In the following, selected terms of the IT sourcing map by Jouanne-Diedrich are briefly
explained. For a detailed description, please refer to the original source mentioned.

140 10 IT Sourcing Controlling: Outsourcing of IT Services
Location
Financial
Global Sourcing dependency
Degree of external Performance
Offshore Sourcing
Internal / Captive
Outsourcing Total Outsourcing
Nearshore Sourcing
Joint Venture
Selective / Smart Outsourcing
Onshore/Domestic Sourcing
Onsite Sourcing External Outsourcing
Total
Outsourcing
IT -Sourcing
Infrastructure Outsourcing Insourcing Co-Sourcing

Single Sourcing
Application Outsourcing Transitional
Outsourcing Outsourcing
Double Sourcing
Backsourcing Transformational
Business Process Outsourcing (BPO)
Outsourcing
Multi Sourcing Aspect of time
Knowledge Process Outsourcing (KPO) Value-added
Outsourcing
Degree of business orientation

No. of Supply sources Strategic aspects
Fig. 10.1 IT sourcing map. (cf. Jouanne-Diedrich 2007)
10.1.1 External Service Provision
The term outsourcing refers to the external procurement of IT services that were previ-
ously provided by the company itself. External outsourcing is carried out by external IT
service providers. From an economic point of view, internal outsourcing is fictitious out-
sourcing in which internal service providers are used. From a legal point of view, however,
genuine customer-supplier relationships exist. Internal outsourcing is also referred to as
captive outsourcing.
10.1.2 Internal Service Provision
Insourcing describes the internal production of services. Often the term insourcing is also
used as a consequence of a reversal of the outsourcing decision. Backsourcing is the pro-
cess that controls the reversal.
10.1 Clarification of Terms 141
10.1.3 Scope of Outsourcing
Selective sourcing versus total outsourcing are terms that describe the scope of the out-
sourced tasks. Total outsourcing in the sense of 100% scope is rarely encountered in prac-
tice. Selective outsourcing can therefore often be equated with outsourcing. Alternative
terms with the same content are smart sourcing, right sourcing and outtasking.
10.1.4 Number of External Partners
Single sourcing describes outsourcing with a single service provider. This provider can
either provide the service itself or outsource it further. In multi-sourcing, the outsourcing
company is directly confronted with several service providers and suppliers. Multi-
sourcing is referred to as best-of-breed sourcing because the company selects the best
supplier for the respective IT service (data center, PC service, application consulting).
10.1.5 Distance to the Client
Offshore sourcing is the provision of IT services in more distant foreign countries.

Nearshoring takes place in geographically closer countries. Onshore sourcing is performed
by external companies at the service recipient’s location.
10.1.6 Depth of Cooperation
Value-added outsourcing is a cooperative form of outsourcing in which several companies

enter into a partnership (e.g. as a joint venture) and share the profits/losses among them-
selves. The partnership is characterized by the individual competencies of the companies
involved (e.g. one company takes over the data center operation, another the implementa-
tion and support of the applications).
10.1.7 Modernization
Transitional outsourcing is used to get rid of obsolete technology. Companies outsource

“old technology” to outsourcing providers and introduce “new technology” with their
own staff.
10.1.8 Degree of Outsourcing
Infrastructure outsourcing is the original classic case of outsourcing. Companies outsource

technical components (data center, network, PC devices). In application outsourcing, stan-
dard systems (e.g. SAP, Oracle, Exchange, Lotus Notes) are operated by an external pro-
vider. The customer uses the systems provided. Alternative terms are net sourcing or
e-sourcing. Business process outsourcing (BPO) involves the transfer of business pro-
cesses to external companies, including the necessary technology.
10.1.9 Cloud Computing as the Focus of the Outsourcing Concept
In recent years, the focus has shifted towards “in-house operation” versus cloud comput-
ing, with self-developed software or standard software coming into play in both cases. The
topic of outsourcing has gained more momentum through cloud computing, as classic
outsourcing contracts tended to be of a longer-term nature. Cloud computing models, on
the other hand, tend to be more short-term in nature, although they can also be used for the
long term. The large number of practically relevant variants, which also change frequently,
often makes it difficult for controlling to assess the situation. In the operation of informa-
tion systems, five basic “sourcing options” can be distinguished (cf. Brassel and Gadatsch
2019), which are shown in Fig. 10.2 (based on Münzl et al. 2009 and Brassel and Gadatsch
2019). These basic forms can be used to classify the different variants commonly used in
practice and to evaluate them with regard to their central characteristics.
• On Premise: The IT infrastructure is operated with own personnel on own resources

(e.g. in a data center). It is used on dedicated physical hardware (e.g. servers). The user
of the software is also the operator of the hardware.
• Private cloud: The IT infrastructure is (also) operated with own personnel on own
resources (e.g. in a data center). However, “virtualized” hardware (e.g. servers) is used.
The user of the software is also the operator of the (virtualized) hardware.
Security & Service Integration
Managed Outsourced
Private Public
On Premise Private Private
Cloud Cloud
Cloud Cloud
Sourcing Options
Owner operated Solution External operated solution
Fig. 10.2 Cloud sourcing options. (Adapted from Münzl et al. 2009 and Brassel and Gadatsch 2019)
10.1 Clarification of Terms 143
• Managed private cloud: The IT infrastructure is operated with external personnel on

the company’s own resources (e.g. in a data center). Only “virtualized” hardware (e.g.
servers) is used (as with the private cloud). The user of the software is (only) the owner
of the (virtualized) hardware, but no longer the operator. The managed private cloud is
therefore an externally operated private cloud.
• Outsourced Private Cloud: The IT infrastructure is operated with external personnel
on external resources (e.g. in a data center). In turn, only “virtualized” hardware (e.g.
servers) is used. The user of the software is now neither the owner nor the operator of
the (virtualized) hardware. He is “only” a dedicated user of a virtualized environment.
• Public cloud: The IT infrastructure is operated with external personnel on external
resources (e.g. in a data center). Again, only “virtualized” hardware (e.g. servers) is
used. The user of the software is still a “client” in the (virtualized) highly standardized
environment.
The portfolio model shown in Fig. 10.3 can be used to identify a possible sourcing option.
The portfolio ranks the relevant processes according to the criteria “service integration
requirements” and “data autonomy requirements”. Service integration requirements con-
cern aspects such as flexibility, access on demand, pay as you use, and elasticity or scal-
ability. Data autonomy requirements relate to issues such as the ability to access one’s own
IT staff and, above all, control options as to who does what with the data and when. An
important aspect of outsourcing or cloud computing is that activities shift from the inside
to the outside and increased attention must be paid to the management of interfaces to the
high
Outsourced
Private
Requirement Private
Cloud
towards Cloud
Service-
Integration Managed
(flexibility, Private
on-demand access, Cloud
pay-as-use,
elasticity)
Public
Cloud On Premise
low
low Requirement towards high
Data-Autonomy
(Access to own employees,
possibilities of excercising control)
Fig. 10.3 Cloud portfolio for decision makers

provider. Otherwise, there is a risk that the process chain will be more susceptible to dis-
ruptions (Kühl 2015, p. 116).
10.2 IT Contract Management
The management of IT contracts covers numerous topics:
• Contract content from a business perspective (service content, form of service provi-
sion, prices and conditions, billing issues),
• Technical aspects (specifications, standards, etc.),
• Legal aspects (legal basis, contractual penalties, etc.) and
• Organisational arrangements (form of cooperation, information channels, etc.).
There is extensive literature on issues of IT contract law (sometimes still called “EDP
law”), such as Nitsch (2017) and the sources cited there. The subject of IT contract law is
legal issues dealing with the conclusion of contracts relating to hardware, software and
services in the IT environment. Since the legal issues far exceed the tasks of the IT control-
ler, further explanations are not given here and reference is made to the literature. However,
an intensive exchange between IT controlling and the organizational units of a company
entrusted with legal issues is important.
10.3 IT Asset and Software License Management
Software is a component of a company’s IT assets, and IT asset management is the sum of

all measures for planning, managing, and monitoring a company’s hardware and software
assets throughout their lifecycle (see Brassel and Gadatsch 2019 and Fig. 10.4).
Software license management is comparable to “accounting”, which manages the addi-
tions and disposals of software licenses (cf. Brassel and Gadatsch 2019). The classic life
cycle of software license management can be divided into commercial and technical pro-
cess steps (see Fig. 10.5). Commercial process steps are “request”, “procurement” and
“delivery”, technical process steps are “installation”, “use” and “disposal” (Groll 2016,
p. 120 ff.).
A major goal of IT license management is to avoid underlicensing (too few licenses)
and overlicensing (too many licenses), as this can either result in civil and criminal penal-
ties or lead to inefficiencies (see Fig. 10.6).
Software license management can reduce license costs by avoiding overlicensing.
Furthermore, legal disputes with the manufacturers of software subject to licensing can be
avoided as a result of underlicensing, since the used or unused licenses are documented.
10.4 Benchmarking and SLA Analyses 145
Planning
(Type,
Quality,
Quanty)
Disposal /
Re- Procurement
ulisaon
IT-
Asset-
Mana-
gement
Temporary
Maintenance
Storage
Installaon
and
configu-
raon
Fig. 10.4 IT asset management life cycle. (cf. Brassel and Gadatsch 2019)
10.4 Benchmarking and SLA Analyses
The comparison (benchmarking) of cost and service structures has traditionally been an
important issue in the IT environment because the share of external services has continued
to increase. Service Level Agreements (SLA) are one of the tools used to manage internal
and external service providers (especially IT outsourcing service providers) and their ser-
vices (cf. Schäfermeier 2010). Service level agreements are content-based agreements on
service levels or standards (cf. Berger 2005, p. 12).
An important prerequisite for cost and performance management is a structured IT
catalog. It describes the IT products of an internal or external IT provider in the same way
as a shopping cart with product descriptions, conditions and prices. It is only fully effec-
tive if the service relationship between the IT department (IT provider) and its customers
is regulated by measurable agreements on service content, service quality and the level of
costs or remuneration. Internal agreements regulate the relationship between the IT area
(contractor) and the specialist department (client). External agreements regulate the
Business
Request process-steps
Disposal Procurement
IT-
Technical Licence-
process-steps Manage
ment
Use Delivery
Installaon
Fig. 10.5 Software management life cycle. (Adapted from Groll 2016 and Brassel and
Gadatsch 2019)
relationship between the IT department or the specialist department, both of which can act
as clients, and external IT suppliers or service providers, who act as contractors.
Numerous examples can be found in the IT environment, especially when multiple par-
ties are needed for service delivery. Typical examples are outsourcing and cloud computing.
10.4.1 Expediency
When defining an SLA, care must be taken beforehand to ensure that the agreements are
fit for purpose. A common mistake is made in practice with “desktop outsourcing” when
the service hotline that handles user requests is placed in the hands of an external service
provider. If the hotline is paid according to the number of user requests or the working
10.4 Benchmarking and SLA Analyses 147
Key
No. of licences per Installed software

software product
Calculated licences in
stock (liable for payment)
Under-
Licensing
Over-
Licensing
Measuring points in time

(Software inventory)
Fig. 10.6 Effects of under- or overlicensing
time required, there is a danger that users will avoid the hotline and resort to self-help.
However, the increase in self-help among colleagues can lead to a significant increase in
indirect IT costs (loss of working time, consequential errors). For this reason, IT hotlines
should, if possible, be remunerated by means of a monthly flat rate. In order to neverthe-
less achieve that the IT service provider shows interest in a high level of service, the asso-
ciated SLA should stipulate, for example, that 80% of the first calls lead to a problem
solution. After all, only users who receive immediate help will use a hotline in the
long term.
10.4.2 Contents
As a complex contract, an SLA controls the interaction between the contracting parties via
many regulations. It contains a lot of information about the service content, conditions,
organizational aspects and consequences of non-compliance.
• Service specification: This is the exact description of the type and scope of the service
to be provided (e.g. introduction, operation and maintenance of standard software).
• Dates and deadlines: Services are to be provided at specific times (e.g. report on ser-
vices provided on the tenth of the following month) or within specified deadlines (fault
rectification within eight working hours). Ideally, these are set in relation to priorities,
e.g. the elimination of critical faults (server downtime) within 2 h, elimination of less
critical faults (failure of a printer) within one working day.
• Conditions: Remuneration and contractual penalties must be specified in terms of
amount and calculation (e.g. discount scales) and invoicing (e.g. monthly invoice).
• Organisational framework conditions: Regulations on the handling of the service rela-
tionship must be made here. In particular, it must be clarified which working and
stand-by times are to be provided. It must be determined how an order comes about
(e.g. notification of the fault by telephone, by e-mail?).
• Proof of performance: The principle here is that the contractor must provide evidence
of the performance of the service. He must keep verifiable records of the type and scope
of the services rendered. In the event of disputes, a committee composed of partners
decides. Only measurable criteria are valid for the billing of services.
• Permissible outlier rate: Maximum proportion of performance units that may lie out-
side the agreed quality/schedule grid.
• Consequences of violations of the agreements: As long as the agreed outlier quota is
not exceeded, there is no violation. For the client, this means that he does not receive
any sanctions against the IT supplier in the event of annoying individual cases. Only
when the permissible outlier quota is exceeded can measures be initiated.
• Measures: A malus provision allows the contractor to reduce the service price for dam-
ages incurred due to the SLA violation. Since the malus eats into the contractor’s con-
tribution margin, it is interested in keeping the service level agreement. However, the
following basic rule should be observed: The “penalty” should hurt, but should not
force the service provider into bankruptcy.
10.4.3 Introduction of SLA
The introduction of service level agreements is a time-consuming process that entails

organizational changes. First of all, the customer’s requirements must be determined, e.g.
the type of service (e.g. IT fault clearance), the desired service level (e.g. return to work
within 2 h after fault notification). Another aspect is the expected volume. After this, the
IT service provider (internal or external) can draw up an IT catalogue containing the prod-
ucts required by the customer. The parties to the contract can then enter into price negotia-
tions. After the contract has been concluded, a settling-in period is advisable. Short
contract terms are recommended in order to avoid permanent dependencies.
10.5 Summary
• IT services are traditionally and in the future increasingly provided externally.

Therefore, analyses of the economic efficiency of make-or-buy decisions are particu-
larly important.
• The management of different business partners and the monitoring of service delivery
will become more important.
• In particular, the increasing use of cloud computing means that existing software
license management processes will have to be expanded, as the necessary services will
come from different providers.
• Service Level Agreements have proven their worth as a formal description of the ser-
vice relationships.
References 149
References
Berger TG (2005) Prozessoptimierung der Artikeladministration in den Onlineshops der TransPak

AG, Diss., Technische Universität Darmstadt, 2005
Brassel S, Gadatsch A (2019) Software-Lizenzmanagement kompakt. Springer, Wiesbaden
Groll T (2016) 1x1 des Lizenzmanagements, 3. Aufl. Hanser Verlag, München
von Jouanne-Diedrich H (2007) Die ephorie.de IT-Sourcing-Map. Eine Orientierungshilfe im stetig
wachsenden Dschungel der Outsourcing-Konzepte. In: ephorie.de – Das Management-Portal.
http://www.ephorie.de/it-sourcing-map.htm. Accessed on 07.04.2007
Kühl S (2015) Wenn die Affen den Zoo regieren, 6. Aufl. Campus Verlag, Frankfurt
Münzl G, Reti M, Schäfer J. Sondermann K, Weber M (2009) Cloud Computing – Evolution in der
Technik, Revolution im Business. https://pdfs.semanticscholar.org/e8cc/ea9f497fc4d7f715db-
d55c618e82b220d1c5.pdf. Accessed on 19.06.2019
Nitsch KW (2017) IT-Vertragsrecht. In: Informatikrecht. Springer Gabler, Wiesbaden. https://doi.
org/10.1007/978-3-658-16426-3_4
Schäfermeier U (2010) LA-Management zur strategischen Steuerung von Outsourcing-Partnern. In:
Keuper F, Schomann M, Zimmermann K (Hrsg) Innovatives IT-management. Gabler. https://doi.
org/10.1007/978-3-8349-8803-4_11
IT Key Figure Based Reporting: IT Key
Figures: Basis for Reporting 11
Abstract
This section deals with the application, suitability and use of IT key figures. Based on
selected test criteria, IT key figures are checked for suitability. Furthermore, key figure
systems for IT controlling are presented and discussed.
11.1 Key Figures in IT Controlling
First, a well-known definition for key figures will be presented: “Key figures are those
numbers that capture quantitative facts in a concentrated form” (Reichmann 2017, p. 39).
Key performance indicators (KPIs) are important elements in controller practice. Not
only in the private sector, but also in the public sector, KPIs are increasingly used for con-
trolling (cf. Hirsch and Weber 2018). They are used to regularly inform management
(business side and IT side) and to control projects. They enable a root cause analysis of
deviations between target values and actual values and signal necessary countermeasures
to achieve the goals of the IT strategy. The functions of key figures are summarized in
Table 11.1.
The control cycle associated with the use of ratios is shown in Fig. 11.1.
IT key figures can be divided into absolute key figures and ratio key figures. The latter
are differentiated into structure, relationship and index key figures (cf. Fig. 11.2).
In terms of content, categorizations into various dimensions such as strategic relevance
(ratio of new development to maintenance), economic efficiency (e.g., compliance with IT
budgets), cost structure (IT costs/total costs), performance (availability of systems), and
customer satisfaction (complaint rate), among others, are conceivable. For this purpose,
the WIPS concept shown in Fig. 11.3 was developed; it divides the key figures into four
analysis areas (W = economy, I = innovation, P = performance and S = structure).

152 11 IT Key Figure Based Reporting: IT Key Figures: Basis for Reporting
Table 11.1 Functions of key figures

Operationalisation function Formation of key figures to operationalize the achievement
of objectives
Excitation function Continuous recording of values for the detection of
abnormalities and changes
Control function Continuous recording of key figures for the detection of
deviations from target and actual values
Communication function Basis for fact-based discussion of issues to be controlled
Control and default function Use of key figures in control processes and as targets
cf. Helmke and Uebel (2016, p. 103)
Business-
Strategy
Deviation
IT-Strategy
analysis
Targets
Real value (Performance
indicators)
Measures
Fig. 11.1 IT key figures control loop
Key figures in IT can refer to different analysis dimensions:
• Organization (Group management, IT service provider, IT customer, external partners)

• Summarization (single values, project, application, functional level, management, top
management)
• Reference area (processes, finances, customer)
• Time (planned value, estimated value, actual value)
• Target group (IT department, business side, external partners)
• Purpose (IT planning, IT control, billing, IT personnel management, salary
determination)
11.1 Key Figures in IT Controlling 153
Key IT-Figures
Absolute Ratio
Indicator Indicator
Outline key-figures Relationship key -figures Index-

No. of IT (Parts of equal reference (Parts of different reference
values) values) Figures
employees
No. of Share of IT costs in relation IT training costs Development of IT -Budget

servers to total revenue per employee in the past 10 years
No. Of Ratio of IT-employees Share of IT costs in Projected IT costs in

PC workstations compared to normal employees relatio n to total revenue the next 2 years
Fig. 11.2 IT key figure structure. (Gadatsch 2012, p. 98)
Viability Innovation
•Project costs / project calculation •Redevelopment / Upkeep costs

•Project benefits (net present value, •Currentness of hardware
period of amortization) •Release version of Software
•Adherence to IT-Budget •Degree of Digitalisation
•TCO IT workplace systems •Amount in Apps / Applications
Performance Structure
•Availability of systems •Degree of employee utilization

•Response time from user‘s view •Use of consultants (incl. Usage
•Service times (SLA performance) quota )
•User satisfaction •IT costs / total costs
•Development time •Training expenditures per employee
•Share of IT employees
Fig. 11.3 WIPS concept for key figures
In a long-term analysis of IT controlling, the most frequently used IT indicators were:

“availability of IT systems”, “share of IT costs/revenue”, “number of incidents”, “IT rev-
enue” and “budget utilization” (cf. Gadatsch et al. 2013, p. 39 and Fig. 11.4).
Availability
Verfügbarkeit vonofIT-Systemen
IT Systems
IT Anteil
costs as share
der of total
IT-Kosten am turnover
Umsatz
TotalAnzahl
no. of incidents
Incidents
Total IT IT-Umsatz
turnover
Budgetausschöpfungsgrad
Degree of budget utilization
Antwortzeiten vonofIT-Systemen
Response time IT systems
SLA-Erfüllungsgrad
SLA fulfillment level
2013
NoAnzahl Change
of. ”Change Requests
Requests” 2009
Customer Satisfaction
Kundenzufriedenheit 2007
2004
Share of Fremdleistungsanteil
Third-party services
ProductivityProduktivitätskennzahlen
performance indicators.
0% 10% 20% 30% 40% 50% 60% 70% 80%
Fig. 11.4 TOP IT key figures. (Gadatsch et al. 2013, p. 39)
11.2 Informative Value of IT Key Figures
In practice, the question of “good” key figures often arises. However, these must be defined
against the background of the respective application. Misinterpretations are possible here,
which can be illustrated by the example of the key figure “IT costs/revenue”. Kütz refers
to the following example (cf. Kütz 2013, pp. 20–21):
11.2.1 Significance of the IT Key Figure “IT Costs/Revenue”
A comparison of two retail companies showed that IT costs as a percentage of sales were
0.8% for Company A and 1.2% for Company B. This led to a decision proposal for a take-
over plan: Company B should acquire A’s IT systems to reduce its IT costs. Further
detailed analysis revealed, among other things:
Company A has an outdated IT architecture that has not been maintained for years. The
IT costs consisted mainly of costs for the maintenance of the legacy systems. Company B
had a modern, far more efficient IT architecture. The takeover of the IT systems was then
rejected.
11.2 Informative Value of IT Key Figures 155
The parameter “turnover” as part of a key figure is certainly not a suitable control
parameter for the public sector. But it is easy to find other control variables that could be
set in relation to IT costs. Examples are: IT costs/number of vehicle registrations, IT costs/
number of ID cards issued, IT costs/tax revenues. The basic problem with these ratios is
easy to notice: Numerator and denominator of the fraction must result in a meaningful
relationship, otherwise one compares “apples with oranges” or “incoherent parameters”
and comes to wrong conclusions. For this reason, it is necessary to apply “test criteria”
when using ratios in order to validate their suitability.
11.2.2 Check Criteria for Key Figures
For each potential indicator, it should be possible to check the questionnaire listed below
(taken and modified from Kütz 2011, p. 52) with the main categories of quality, calcula-
bility/analyzability, economic efficiency and organization. If not enough positive
answers are possible, the indicator is not suitable for the respective application.
• Quality
–– What should be controlled with the key figure?
–– Does the metric measure the right effect?
–– What can be actively controlled with the key figure?
–– Are the key figures understandable for the recipient?
–– How is the quality of the basic data to be assessed (is processing necessary)?
–– Does the metric measure objectives relevant to the IT strategy?
• Predictability and analyzability
–– Can target values or expected values be defined?
–– Can corresponding actual values be determined?
–– How sensitive are the key figures to changes?
–– Can the necessary basic data be determined?
–– Are the key figures drill-down capable?
• Profitability
–– Is the effort required to establish baseline data economically justified?
–– Is the effort required to identify and prepare the data offset by an appropriate benefit
in the form of the possibility of taxation?
–– Can pragmatic surrogates be identified?
• Organization
–– Can persons responsible for data provision, calculation, reporting and for the con-
tent of the indicator itself be named?
–– Are the key figures tamper-proof?
–– How do the key figures react to organizational or technological changes?
11.2.3 Key Figure Profile
Key figures are to be documented by means of a key figure profile, e.g. in a database. The
fact sheet contains a meaningful description (name of the KPI, addressees, reporters,
essential contents, target values, tolerance values), information on data sources and their
preparation, form of presentation, responsibilities, and other organizational aspects (see
Kütz 2011, p. 45). Figure 11.5 shows an example of a key figure profile for the key figure
“Availability of SAP ERP systems”.
11.2.4 Benefits of IT Key Figures
The benefits of IT KPIs or IT KPI systems can be viewed in particular from the perspective
of IT project management, IT operations and the perspective of the business department
(cf. Gadatsch 2012, p. 104 f.). Project management benefits from return and risk-oriented
KPIs in project selection through profitability calculations. In the context of project con-
trol, an ongoing target-performance comparison can help to ensure that the project goals
Area Content Examples (simplified)

Description Abbreviation P-VF-SAPERP
Designation Availability „SAP ERP“ system
Description Process indicator to measure the availability of the SAP/ERP system from the 31.
Validity March 2016.
Person responsible for content, Central sector IT, head of „SAP application support“, Ms. X.
Addressee (Target Group), SAP user (Head of the organisational units which use the software)
Rapporteur (Data Supplier) Central sector IT, instructor for IT controlling, Mr. Y
Key figure categroy (z.B. Finanzen), Process management
Target values 99,5% corresponding to one working weeks (working hours from 07am – 6pm)
Benchmarks Subsidary company „Z“ reached a minimum value of 99.7% in 2013
Tolerance value Absolute minimum value once a year was 95.0 %
Escalation rules for outliers Frequently IT-Controller or CIO. If outliers appear senior finance director
Data Data sources, IT systems SAP log data, SAP ERP (System zzz / mandator xxx)
discovery Measuring methods (manual, Aumated measuring through log data
automatic, indirect), measuring point, SAP ERP system, additional measurement at client (due to network availabliltiy)
person responsible Central sector IT, head of „SAP- operations“, Mr. Z
Preparation Calculation formula Average time in use in min/total working time in min (per week) in %
Person responsible Central sector IT, instructor for IT controlling, Mr. Y
Presen- Presentation (Text, charts, numbers, Depiction in percentage rate, in graphics using traffic light colours
tation …), up to 95.0% RED, Over 95% up until below 99.5% YELLOW, fromm 99.5%
GREEN
Periodicity (when required, hourly, Weekly publication of field data

daily, weekly, …) Annual publication (on 31.12) of average peak showing maximum and minimum
values.
Aggregation levels, SAP ERP (Total), Data per SAP-Module group (FIN, CON, ….)
Archiving (Location, Media, Length), Values are stored in accountancy‘s “Data Warehouse“
Erasing of data not scheduled for the time being
Person responisble Central sector IT, BI-Team, Mr. A

Miscell- Claims, Feedback, Experiences, Experience: Reading point not precise enough, because if there is a network
aneous change in calculation method issue, there is no way to access the SAP/ERP system. Issue needs to be brought
up regulary as the problem can currently not be solved any other way.
Fig. 11.5 Key figure profile “Availability of SAP ERP systems”

11.3 IT Key Performance Indicator Systems 157
are achieved. A subsequent target/actual comparison offers the possibility of using experi-
ence from completed projects for the planning of subsequent projects. Numerous key fig-
ures can be used to control the operation of information systems: IT department
performance, costs, and resource utilization. A detailed performance and cost record
enables the business side to make comparisons with other IT providers (benchmarking)
and to control the costs of the commissioned IT services.
11.3 IT Key Performance Indicator Systems
Individual indicators can be contradictory and lead to different results. Individual key
figures only measure individual aspects, rather than the interrelationships between several
dimensions, and therefore have only limited informative value.
11.3.1 Concept Key Figure System
Therefore, KPI systems were developed to create an overall picture. They offer a compila-
tion of individual key figures that are logically related, cover several views and ensure the
consistency of the desired effects of the meaningfulness of individual key figures. Possible
applications include, for example, the target/actual comparison of metrics and variance
analysis as part of strategic and operational IT planning, as well as target agreements for
(IT) managers.
11.3.2 Requirements for Performance Measurement Systems
The requirements for performance measurement systems are complex. They comprise
numerous aspects (cf. Gladen 2008, pp. 92–93). An important criterion is “objectivity and
consistency”, which must be achieved by a suitable structure of the key figures and sup-
ports statements free of contradictions. For practice the criterion “simplicity and clarity”
is important, the simple structure supports the dissemination and use of the KPI system in
the company. Particularly in complex structures, “information aggregation” is important;
the key figures should be staggered according to management levels and allow top-down
or bottom-up different analyses. The individual values of the subordinate key figure values
result in the total value of the next level. Finally, the “multi-causal analysis” is important;
higher-level key figures should be split into different views at lower levels.
11.3.3 Swiss System of Key Data (SVD)
One of the oldest known key figure systems for IT was developed by the Swiss Association
for Data Processing (SVD) (cf. Swiss Association for Data Processing 1980). It was devel-
oped for the central operation of systems in data centers and comprises the levels “man-
agement”, “user” and “information processing” and is divided into “management key
figures”, “user-oriented key figures” and “person- or machine-oriented key figures”. The
basic structure can still be found today in performance measurement systems based on the
balanced scorecard. The Zürcher Kantonalbank, for example, published such a system
some time ago (cf. Betschart 2005).
11.3.4 VIPS Indicator System
If the concept is transferred to the current situation, the key figure system shown in
Fig. 11.6 can be developed from it. It comprises the structural elements “analysis level”,
“analysis area” and “participants”. The VIPS concept, extended with examples of key
figures, is shown in Fig. 11.7.
Levels Stuructural Elements

• Levels in the IT processes
Digital strategy (Plan, Built, Run)
(Plan) • Range of Analysis (VIPS)
IT Planning • Parcipants (Demand,
(Planning) Supply, Governance)
Implementation
(Built)
IT development Range of Analysis (VIPS)
(Projects) • Viability
Use
(Run)
• Innovation
IT operation • Performance
• Structure
Demand IT-Governance Supply
User CIO IT suppliers
Participants
Fig. 11.6 VIPS key performance indicator system – structure

11.5 Summary 159
Analysis Range
Level Participants Viability Innovation Performance Structure
Plan Demand Degree of Budget New projects / Project duration IT investment volume /
utilization overall projects (Average deviation total investments
time)
Governance Contribution to Degree of process Age structure IT cost category /

business strategy digitalization Service package total IT costs
Supply Share of total customer Degree of services Attractiveness of the Share of customer
budget digitalization portfolio budget dedicated to
supplier
Built Demand Earned Value (cost- Share of agile Earned Value (time Mobile postions / total
efficiency) project teams efficiency) no. of positions
Governance Volume of outsourcing Redevelopment / Successfully finished IT emplyoees / Total no.

/ total volume Maintenance products of employees
Supply Standard costs / Share of new Adherence to Range of orders

Market price Produkts / total no. scheduled Deployment of
of products appointments employees
Run Demand TCO per application Share of new Response time Share in disruptions
applications in the Adherence to service Application disruption,
business times Total disruptions
Governance Degree of IT Version Share of fault No. of SLA violations

standardization escalations
Supply Contribution margin New services / Total Overall satisfaction of Degree of overtime
per product / service services IT customers Degree of retraining
Fig. 11.7 VIPS indicator system with examples
11.4 Important Key Figures for Practice
In practice, it is helpful to select useful indicators for your own company on the basis of a
catalogue and to check their applicability. Table 11.2 lists some key figures that are fre-
quently used (taken from Kütz 2011, p. 215 ff.).
The list is only intended to provide suggestions for the development of own key figures.
In no case can it be assumed that all the indicators mentioned can always be used in a
meaningful way. Further indicators have been prepared, for example, in Thome et al.
(2011) or in Kütz and Wagner (2015) and can be used as additional suggestions.
11.5 Summary
• Good IT key figures are not available “ready-made”; their suitability depends on the
area of application, the goals and the organizational-technical conditions in the
company.
• Important test criteria are quality, predictability/analyzability, efficiency and
organization.
Table 11.2 Important IT key figures

Analysis
area Key figure
Finance Budget utilisation rate
IT costs per workstation
Share of IT cost types (x) in total IT costs
IT costs in relation to sales
IT customer Share of IT customers in total IT revenue
IT customer satisfaction
IT processes Proportion of disturbance escalations of category X
Immediate solution share for disturbances
Stock of category X requests
Number of IT workstations managed per IT employee
Number of changes per IT process
Services Proportion of visits or contacts of category X in the total number of visits or
contacts
Response time
Number of changes per service
User reported downtime
Utilisation rate
Number of service level agreement violations
Number of service requests
Number of faults per service
Timeliness
Availability level
IT suppliers Percentage of a supplier in the volume of external services
Complaint density
Satisfaction with the supplier
Innovation Proportion of IT-related improvement initiatives
Project share innovations and R&D
Projects Category X expenditure as a proportion of project expenditure
Category X degree of progress
Percentage of external staff
Resource utilization
Profitability of the project
Economic efficiency of the project
• Top five key-figures are: Availability of IT systems, share of IT costs/revenue, number

of incidents, IT revenue and budget utilisation.
• IT KPI systems are necessary to transfer individual views of KPIs into an overall pic-
ture. They are to be developed individually for each company and can cover the analy-
sis areas of profitability, innovation, performance and structure.
References 161
References
Betschart A (2005) Konzeption, Einführung und Nutzung eines IT-Kennzahlensystems – auf was
kommt es wirklich an, Tagungsunterlagen COST IT, Bad Homburg, 21–24.11.2005
Gadatsch A (2012) IT-controlling. Springer, Wiesbaden
deutschsprachigen Raum, Bd 33. Schriftenreihe des Fachbereiches Wirtschaft Sankt Augustin.
Gladen W (2008) Performance measurement, controlling mit Kennzahlen, 4. Aufl. Springer,
Wiesbaden
Helmke S, Uebel M (Hrsg) (2016) Managementorientiertes IT-Controlling und IT-Governance.
Springer Gabler, Wiesbaden
Hirsch B, Weber J (2018) Kennzahlen als Mess- und Steuerungsinstrument in Behörden. ESV
Verlag, Berlin
Kütz M (Hrsg) (2011) Kennzahlen in der IT, 4. Aufl. dpunkt, Heidelberg
Kütz M (2013) IT-Controlling für die Praxis, 2. Aufl. dpunkt, Heidelberg
Kütz M, Wagner R (Hrsg) (2015) Mit Kennzahlen zum Erfolg. dpunkt, Düsseldorf
Reichmann T (2017) Controlling mit Kennzahlen, 9. Aufl. Vahlen Verlag, München
Schweizerische Vereinigung für Datenverarbeitung (Hrsg) (1980) EDV-Kennzahlen. Bern/Stuttgart
Thome R, Herberhold C, Gabriel A, Habersetzer L, Jaugstetter C (2011) 100 IT-Kennzahlen.
Wiesbaden
Exercises: Examination Exercises
for Training 12
Abstract
In this chapter, selected exam questions and solutions are presented that relate to the job
description of the IT controller and the methods of IT controlling. They are primarily
aimed at readers who are studying.
12.1 Task 1 Job Description IT Controlling
12.1.1 Task
Describe the job description of the IT controller and compare the tasks with those of the
chief information officer (CIO). Explain where there are similarities and who has which
responsibilities. What central tools are available for this in the strategic context. How is the
responsibility for this regulated?
12.1.2 Possible Solution
The IT controller is responsible for the profitability and efficiency of IT management. The
CIO has overall responsibility for the IT strategy and its implementation in the company.
There is an overlap in that both people have the profitability of IT deployment as a com-
mon goal. IT controlling supports the CIO in an advisory and independent capacity. It
creates the transparency that is necessary for a CIO to make sensible decisions. The central
strategic instruments are the IT strategy and the standards derived from it, for which the
CIO is responsible. IT controlling controls the implementation of the IT strategy with the
help of the IT balanced scorecard. With the help of IT portfolio management, it controls

164 12 Exercises: Examination Exercises for Training
the life cycle of IT projects. Decisions about the project portfolio are made by the CIO
and, if necessary, a decision-making body initiated by him (e.g. IT board).
12.2 Task 2 IT Standards
12.2.1 Task
Please justify the necessity and effect of standards in IT with regard to performance-
oriented IT controlling. Then analyse the effect of the trend “Bring Your Own Device”
(BYOD) with regard to this situation.
Standards in IT concern hardware, software and services. A high degree of standardization

reduces procurement costs and the costs of operation and service, as cost degression can
take effect. Larger quantities of hardware or software can be procured. Service processes
are uniform and require less effort. In addition, the quality of service delivery can be
increased because the reduced complexity of IT leads to less training time, errors in opera-
tion, etc. BYOD is implemented in practice in many different ways. Therefore, a general-
izing statement is only possible under certain assumptions.
• Variant A: Employees are allowed to use any private hardware in the company. In this
case, the complexity of maintenance increases because a wide range of devices have to
be integrated into the company network. The IT security costs increase.
• Variant B: Company provides employees with a limited selection of „modern“ IT end
devices. Although this model also increases operating costs and acquisition costs (due
to the lower number of units), it has advantages in terms of maintenance. The presum-
ably increased motivation of the employees may have a positive effect on work produc-
tivity and at least partially compensate for the higher costs.
12.3 Task 3 Project Selection
12.3.1 Task
You are an assistant to the management of a medium-sized company with several European
locations. Until now, project applications for IT projects (e.g. introduction of new software
systems, implementation of release upgrades) have been approved on a “first come, first
served” basis, i.e. applications are approved until the annual budget is exhausted. You will
be instructed by management to design a more sensible procedure.
12.4 Task 4 Earned Value Analysis 165
Discuss the problem in terms of its impact on the company’s performance and design a
procedure that takes into account different influencing factors and interests. Outline a pos-
sible solution.
There is a great danger that projects are implemented without target control. Important
projects run the risk of not being realized because the budget is exhausted. In the long run,
the performance of the company decreases. It makes sense to determine a catalog of goals
and criteria for evaluating projects (profitability, payback period, strategic contribution,
risk, etc.). The target catalog can be integrated into a utility analysis-driven evaluation
procedure for the periodic determination of point values for projects that come into ques-
tion. The IT budget is consumed according to the ranking of the points. Projects are
approved through a formalized approval process moderated by IT Controlling. Decisions
are made by an IT board staffed with executives from various areas.
12.4 Task 4 Earned Value Analysis
A software company is developing a system for the automated processing of online exami-
nations at a university. The project consists of several sub-packages (SP), which are gener-
ally to be processed one after the other; in exceptional cases, sub-packages can already
start, although previous steps have not yet been completed. The sub-packages are listed
below (duration in weeks and planned costs in brackets):
• SP1: Preliminary study (2 weeks, 5000 euro)

• SP2: Conception (2 weeks, 20,000 euro)
• SP3: Programming (2 weeks, 40,000 euro)
• SP4: Test (2 weeks, 20,000 euro)
• SP5: Roadshow in the university: (1 week, 5000 euro)
• SP6: training (1 week, 10,000 euro)
• SP7: Introduction (2 weeks, 30,000 euro)
12.4.1 The Project Takes the Following Course
• The preliminary study is finished after 1 week and costs 5000 euro more because of an
external expert opinion.
• The conception takes 1 week longer at the same cost. The programming is still ongoing
and has already cost 30,000 euros. According to the programmer, 75% of the programs
have already been completed.
• The roadshow was brought forward 1 week and could be finished after 2 weeks, but the
costs were 5000 euro higher.
Evaluate time and cost efficiency using earned value analysis at time t = 6 and interpret the
metrics. Perform the same evaluation and interpretation at time t = 9. Explain the differ-
ence in the results of the evaluation between the two observation periods.
Time t = 6
Basic data
Actual Costs t = 6
10, 000 + 20, 000 + 30, 000 = 60, 000
Planned Value t = 6
5000 + 20, 000 + 40, 000 = 65, 000
Earned value t = 6
5000 + 20, 000 + 40, 000 ∗ 75% = 55, 000
Key figures
CPI = EV/AC = 55,000/60,000 = 0.9 (expensive project)
SPI = EV/PV = 55,000/65,000 = 0.85 (slow project) ◄
Time t = 9
Basic data
Actual Costs t = 9
10, 000 + 20, 000 + 30, 000 + 10, 000 = 70, 000
Planned Value t = 9
5000 + 20, 000 + 40, 000 + 20, 000 + 5000 = 90, 000
Earned value t = 9
5000 + 20, 000 + 40, 000 ∗ 75% + 5000 = 60, 000

12.5 Task 5 Organization of IT Controlling 167
Key figures
CPI = EV/AC = 60,000/70,000 = 0.85 (expensive project)
SPI = EV/PV = 60,000/90,000 = 0.75 (slow project) ◄
12.4.2 Differences
In both cases, the project was classified as “slow”. At time t = 6 the project was still rea-
sonably well on time, but at the later time t = 9 it was further behind schedule because the
programming was not making any progress. The difference comes from the fact that pro-
gramming is still ongoing and software testing could not be started. Overall, the test can-
not be started until the software is ready. The roadshow being brought forward only
increases the Earned Value slightly (+5000).
12.5 Task 5 Organization of IT Controlling
12.5.1 Task
Discuss basic possibilities for the integration of IT controlling into the operational
organization.
The organization of IT controlling can be designed differently due to the interdisciplinary

nature of the activities. The following basic variants are common:
• Partnership model (IT controlling on equal footing with CIO),

• CIO employee model (IT controlling as CIO employee),
• Controlling model (employee in Controlling).
In the partnership model, IT controlling reports directly to the company management and
is thus on the same hierarchical level as the CIO and corporate controlling. Only this
model ensures that IT controlling is largely independent of cross-influences, e.g. from the
specialist departments (finance, sales, human resources, etc.) or information management.
This approach is particularly recommended for companies where the use of IT is very
important for competitiveness. Examples can be found in banks and insurance companies.
The CIO employee model subordinates IT controlling to the CIO. IT controlling is part
of the CIO department. It is often a single employee who is responsible for IT controlling.
As an „IT insider“, the IT controller has good access to information within the IT depart-
ment. However, the problem of dependency on the CIO cannot be overlooked. This can be
detrimental to the effectiveness of IT controlling, for example, in the case of disagree-

ments about possible risks of planned projects. Nevertheless, the model is very common
in practice.
The controlling model considers IT controlling as a subtask of enterprise controlling.
IT controlling reports to general corporate controlling. One advantage is the independence
from the CIO. However, “IT controllers” within corporate controlling are often further
away from important information due to their greater distance from IT. The job is more
financially oriented with a focus on IT budgeting, IT cost and activity allocation, profit-
ability analysis and similar activities. The model is often found in corporate groups at the
level above operating companies.
12.6 Task 6 Methods of IT Cost and Activity Allocation
12.6.1 Task
A globally active automotive supplier company operates a central data center in Germany
and uses several cloud services. The company’s management strives for a high level of
transparency regarding IT costs, a cost-oriented control of IT projects and the assurance of
all legal requirements. The head of IT controlling is given the task of developing a suitable
IT cost and activity allocation that meets these requirements. Discuss possible forms of IT
cost and activity accounting and describe how they function in relation to the allocation
mechanisms.
In the task, possible forms of IT cost and activity accounting are to be outlined and con-
cretely evaluated with regard to the facts of the case. The solution must therefore contain
a justified proposal for a decision.
12.6.3 Discussion of the Methods
An IT-CLR can support the following objectives, depending on the level of expansion:
Transparency of costs and services, control of measures and projects, and ensuring com-
pliance with legal requirements.
Flat-rate and analytical approaches are described in the literature. The lump-sum vari-
ants (type A non-allocation or partial allocation and B allocation procedure) are not suit-
able for the requirements in this scenario because they do not provide any control-relevant
information. The other two criteria of transparency and compliance with legal require-
ments are fulfilled at least to some extent.
12.7 Task 7 Determination of Net Present Value 169
The analytical approach of type C is the service catalogue-based allocation of IT costs and
IT services. For this purpose, an IT service catalog must be developed that describes in detail
the services to be provided by IT. This requires a calculation for each IT service or each inter-
nal IT product as the basis for the transfer price. Furthermore, quantity planning (to be carried
out worldwide in this case) and a (globally) applicable pricing system are required. If neces-
sary, country-specific regulations must be observed. The process is comparatively simple. The
IT costs are initially booked to a central IT cost center, and the recipients (customers) can
book or “buy” the IT services. Their cost centers are debited monthly.
The second analytical approach, Type D (process driver-based allocation), requires
very elaborate activity-based costing, which is more likely to be used in regulatory market
environments (e.g. telecommunications, energy market). Both Type C and Type D would
support the three objectives mentioned above.
12.6.4 Decision
The type C approach promotes economic thinking (cost transparency) and raises aware-
ness of costs (cost control) on the part of IT and specialist departments; benchmarking
with external IT providers is possible. The legal requirements are fulfilled with this
approach. It is therefore recommended here, as the effort for providing the data is lower.
12.7 Task 7 Determination of Net Present Value
12.7.1 Task
A company operates an enterprise resource planning system. The software can only be
connected to Internet applications with difficulty. Integration with mobile devices (smart-
phones, tablets, etc.) is hardly possible. Maintenance is expensive. The system should be
replaced by a modern standard software with more functionality. Determine whether the
new system makes sense from a purely financial point of view (period under consider-
ation: 5 years, interest rate 10%).
Legacy system
• Operating costs: 500,000 euros p.a. in arrears, increase by 5% annually
New software
• Investment at the beginning of the first year: 1.000.000 euro
• Operating costs: 400,000 euros p.a., in arrears, increase by 6% annually
Calculate the net present value of the following decision alternatives: Keeping the legacy
system and migrating to the new system.
12.7.2 Possible Solution (Table 12.1)
12.8 Task 8 Determining the Value in Use
12.8.1 Task
Consider the facts from Sect. 12.7 and additionally include the following qualitative argu-
ments in the decision
• Management is planning to radically “digitize” the company because the “legacy” sys-
tem from the 1980s that supports key processes is unreliable, inventory data is not up-
to-date, and customers frequently complain about delayed delivery dates.
• The integration of smartphones or other mobile devices is not successful for the rele-
vant processes. In addition, the maintenance of the system is dependent on a few older
employees who will soon retire. Their knowledge (e.g. programming in outdated pro-
gramming languages) is no longer available on the job market.
• The “New System” has not yet been tested, as it is based on the latest technology.
However, its architecture is capable of supporting processes that are largely paperless
and without media breaks. The use of standard software makes it easier to recruit
employees on the job market. The architecture is modular, so that extensions are easily
possible (expandable).
Perform a utility analysis and re-evaluate the previous decision, taking into account the
qualitative criteria: Reliability, Dependency, Expandability.
12.8.2 Possible Solution (Table 12.2)
Table 12.1 Calculation of the net present value

0 1 2 3 4 5
Alt-system −500,000 −525,000 −551,250 −578,813 −607,753
Capital value (i = 10%) −2,075,296
New-system −1,000,000 −400,000 −424,000 −449,440 −476,406 −504,991
Capital value (i = 10%) −2446,065
12.10 Task 10 TCO Analysis 171
Table 12.2 Determination of the utility value

Criterion Weight Legacy system New system
Value Weighted Value Weighted
Reliability 50% 2 1 4 4
Dependence 25% 2 0.5 3 1.5
Expandability 25% 1 0.25 5 1.25
Total 1.75 6.75
12.9 Task 9 Service Level Agreements
12.9.1 Task
An IT service provider has agreed the following service level agreement (SLA) with a
company: “The data center is operated with a guaranteed availability of 95% based on a
performance period of one year from Monday to Sunday, 24 hours a day. If the availability
falls below this level, a contractual penalty is due.” The managing director of the company
is positively impressed by this arrangement. From an IT controlling perspective, how do
you view this arrangement from the perspective of the engineering company? Does this
proposal make sense, assuming that the company would like to work as uninterrupted as
possible?
The main problem with this SLA is the reference period. With 52 weeks of 7 days, 342
working days of availability are guaranteed. This means that the data center can be shut
down for up to 18 days without interruption without any breach of contract by the service
provider. This is certainly not wanted by the company.
12.10 Task 10 TCO Analysis
12.10.1 Task
A consulting firm is hired to develop measures to reduce the total cost of ownership (TCO)
of a company’s information systems. It makes the following proposals:
• Eliminate and/or cut IT training for all staff,

• Extension of the useful life for personal computers from 3 to 5 years and for monitors
from 4 to 6 years,
• In the future, only purchase used laptops that are at least 2 years old, as their acquisition
costs are significantly lower,
• Avoid daily backups, as they only take up storage space that can be better used for other
purposes,
• Reduction in the use of the fault hotline by introducing a “consultation fee” of 10 euros
per call plus 2 euros/min consultation time.
Critically comment on the suitability of the respective measures and show the effect on the
total cost of ownership.
The recommended measures are one-sided and only reduce direct IT costs. In particular,
the indirect, invisible costs increase. The effect of higher indirect IT costs may be higher
than the reduction of direct costs. The TCO may increase overall.
• IT training: Here, there is a risk of working time losses due to hey-joe effects, i.e. train-
ing by non-specialist employees and/or employees’ own trial-and-error experiences
with corresponding working time losses.
• Service life and old equipment: Here, higher maintenance costs may be incurred due to
total failures or operational faults, as older devices are often more susceptible to faults.
• Missing data backups lead to loss of working time in case of data loss, e.g. due to
manual re-entry of data.
• The consultation fee prevents calling the hotline in justified cases. This induces follow-
up costs, e.g. operating errors.
12.11 Task 11 Analyze Data Center
12.11.1 Task
A company operates a computer center with 20 employees. The in-house IT department

with 70 people develops individual software and supports the standard business applica-
tion software “PAS” which has been used for years, but which so far only covers the tasks
of the accounting and human resources departments. Although the standard software has
extensive logistics functions (purchasing, warehousing, production, sales, shipping, etc.),
they are not used. Instead, these tasks are supported by self-developed software.
• The maintenance of IT workstations is also part of the scope of duties of IT staff.

However, the procurement of end devices is the responsibility of the end users, who
12.11 Task 11 Analyze Data Center 173
purchase from various sources, i.e. wherever the devices can be procured at the low-
est price.
• During the year, the data center is not evenly utilized because the company’s products
are mainly sold in the winter months. In the months from October to January, the com-
puter capacities are rarely sufficient, and long response times annoy many users. In the
summer months, the staff of the data center and the development department is often
underutilized.
• Due to their high maintenance costs, in-house developments block more than 90% of
staff and take up almost 70% of the IT budget. This leaves little room for new innova-
tive IT solutions.
• Due to the lack of usable cost information, users are not very cost-conscious with
regard to IT services and order IT services as required. IT costs are only roughly
recorded in the company and are not made transparent to the user. Information, if avail-
able, is only available to the IT manager.
• User training in the IT area (PC software, business management software) is rarely car-
ried out, as the management has “ordered” a 10% reduction in IT costs.
• The “Computer Center” and “Software Development” management are assigned to the
“Organization” management. These report to the “Finance” division management,
which also heads the controlling department.
The management commissions you with a weak point analysis and expects concrete pro-
posals for improving the situation. Analyze the situation systematically and create a struc-
tured catalogue of measures. Justify in detail each position of the catalogue of measures,
how the measures proposed by you affect the situation. Also mention any risks that have
to be accepted.
The following aspects documented in the solution:
• Establishment of an IT controlling area or department. This department must report to

the controlling department or directly to the management.
• Examine whether outsourcing is a means of offsetting asynchronous employee work-
loads. Determining whether strategic areas are affected.
• Cost awareness must be increased. An IT cost and performance accounting system or a
service level agreement with the IT service provider can help here.
• A Total Cost of Ownership analysis (TCO) can show whether indirect costs (e.g.
through training) can be reduced.
• Minimization of maintenance costs through increased use of standard software, e.g. by
replacing the in-house developed logistics solutions with the already purchased stan-
dard software “PAS”.
• Standardization of PC workstations including hardware and software procurement.

• Examination of whether outsourcing parts or all of the IT areas would be advantageous
(IT outsourcing).
• Check the organisational classification of the IT department and the data centre.
Possibly too little attention is often paid to IT (IT managers are located on the third
management level).
12.12 Task 12 IT Key Figures
12.12.1 Task
Define at least four criteria that a useful IT key figure should fulfil and assess the suitabil-
ity of the key figures:
• Training costs/IT employee

• Availability of IT systems (h)/capacity (h)
The following features, for example, are useful:
• What should be controlled with the key figure?

• Does the metric measure the right effect?
• Are the key figures understandable for the recipient?
• Analyzability: Can target and setpoint values as well as actual values be defined or
determined?
• Economic efficiency: Is the determination of basic data for a target/actual comparison
economically justified?
12.12.3 Assessment of the Key Figure “Training Costs/IT Staff”
The interpretation of this key figure can vary. The higher the training costs, the better the
level of training. The IT training costs depend heavily on the informative value of the
accounting system. Here it is necessary to check whether these costs have been reliably
recorded and passed on. Indirect training costs (Hey-Joe effects) cannot be determined,
but only estimated. IT outsourcing distorts the key figure. The number of IT employees
(denominator) cannot always be determined. It depends on the degree of automation and
outsourced services. Another frequently encountered effect is IT staff „hidden“ in the spe-
cialist departments (e.g. macro programmers in the finance department).
12.12 Task 12 IT Key Figures 175
12.12.4 Assessment of the Key Figure “Processed Fault Reports/Total

Fault Reports
The key figure documents which faults were successfully processed by the IT department.
It can be recorded well if the company has a ticket system as part of a hotline that records
all error messages. However, IT faults can vary. Fault reports should be subdivided accord-
ing to impact (e.g. blemish, malfunction) or urgency (scheduling the change for the next
release upgrade, immediate response due to shutdown). The key figure can be easily ana-
lyzed with existing data material, according to the origin of the malfunction (department,
application system) and summarized for the executives.

Andreas Gadatsch - IT Controlling - From IT Cost and Activity Allocation To Smart Controlling-Springe

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Andreas Gadatsch - IT Controlling - From IT Cost and Activity Allocation To Smart Controlling-Springe

Uploaded by

Copyright:

Available Formats

ISBN 978-3-658-39269-7 ISBN 978-3-658-39270-3 (eBook)

IT controlling is established as an instrument for the business management of information

Hochschule Bonn-Rhein-Sieg Andreas Gadatsch

IT controlling is an interdisciplinary subfield of business informatics. It has had a firm

St. Augustin, Germany Andreas Gadatsch

3.2.1 IT Strategy Characteristics����������������������������������������������������� 34

5.1.2 IT Governance and IT Portfolio Management������������������������ 59

6.3.1 Concept of the TCO Approach ���������������������������������������������� 86

9  Cost and Activity Accounting (IT-KLR): Numbers for Rational

11  Key Figure Based Reporting: IT Key Figures: Basis for Reporting

12.8.2 Possible Solution (Table 12.2)������������������������������������������������ 170

In this article, the environment of digitalisation is considered in the context of IT con-

1.1 Clarification of Terms

© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden 1

• Automation of individual • Improvement of internal • Industry-wide process • Mobilisation and

• Social Web, BYOD

1970 1980 1990 2000 2010 2020 2030

Electronic data processing Information-Management (IM) Digitization

IT cost allocation / IT cost offsetting IT-Controlling Smart-IT-Controlling

Fig. 1.1 From IT cost allocation to smart IT controlling

1.2 Effects of Digitalisation

1.2.1 Paradigm Shift and Change in Work

1.2.1.1 From Automation to Digitalization

Socket of the shortage of

Fig. 1.2 Effect of digitalisation on human work. (Kornwachs 2018)

1.2.1.2 Digitalization and Human Work

1.2.1.3 Digitalization and Entrepreneurial Success

1.2.1.4 Digitalization and Vertical Integration

1.2.2 Digital Business Model Changes

• Digital: Products and services are based on software,

• Products or services are based on software (digital models)

1.3 Impact on Occupational Profiles

1.3.1 General Changes

1.3.2 Design of the Work

1.3.2.1 Digital Leadership Competence

1.3.3 From IT Management to Chief Information and Digital

1.3.3.1 EDP Manager/IT Manager/IT Head of Department

1.3.4 Classical Versus Agile Information Management

Table 1.1 Classical versus agile information management

software project management) and “Extreme Programming” (rigorous approach to soft-

2.1 Mission Statement IT Controlling

© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden 11

2. IT controllers act as service providers at the interfaces of information management,

2.2 Quick Test IT Controlling: Self-Assessment

Questionnaire IT Controlling Quick Test

1 = Position/person not available

Question 2: IT strategy/digital strategy

1 = not available or only partially available in exceptional cases

Question 4: IT portfolio management

Question 5: IT cost and performance accounting

1 = IT costs are not known/classified

4 = Causal allocation on the basis of planned allocation rates (planned costs/planned

Question 6: IT key figures (system)

1 = No systematic recording of key figures

Question 7: IT project controlling

1 = IT projects are not known/classified

Question 8: IT license and asset management

1 = IT assets/licenses are not known/classified

2.3 IT Controlling

2.3.1 Clarification of Terms

Level of Maturity for IT-Controlling (Praccal Example)

Fig. 2.1 IT controlling self-test – practical example

St. Augustin, Germany Andreas Gadatsch

3.2.1 IT Strategy Characteristics�� 34

5.1.2 IT Governance and IT Portfolio Management�� 59

6.3.1 Concept of the TCO Approach �� 86

9 Cost and Activity Accounting (IT-KLR): Numbers for Rational

11 Key Figure Based Reporting: IT Key Figures: Basis for Reporting

12.8.2 Possible Solution (Table 12.2)�� 170

1.1 Clarification of Terms

1.2 Effects of Digitalisation

1.2.1 Paradigm Shift and Change in Work

1.2.1.1 From Automation to Digitalization

1.2.1.2 Digitalization and Human Work

1.2.1.3 Digitalization and Entrepreneurial Success

1.2.1.4 Digitalization and Vertical Integration

1.2.2 Digital Business Model Changes

1.3 Impact on Occupational Profiles

1.3.1 General Changes

1.3.2 Design of the Work

1.3.2.1 Digital Leadership Competence

1.3.3 From IT Management to Chief Information and Digital

1.3.3.1 EDP Manager/IT Manager/IT Head of Department

1.3.4 Classical Versus Agile Information Management

2.1 Mission Statement IT Controlling

2.2 Quick Test IT Controlling: Self-Assessment

2.3 IT Controlling

2.3.1 Clarification of Terms

Level of Maturity for IT-Controlling (Praccal Example)

2.3.1.1 IT Controlling Must Be Adapted

2.3.1.2 IT Controlling Must Balance and Moderate

2.3.1.3 Controller = Helmsman or Helmswoman

2.3.1.4 IT Controlling as a Business Task

2.3.2.1 Task Profiles

2.3.3 Methods and Tools

2.3.3.1 Comprehensive Methods

2.3.3.2 Operational Methods

2.3.3.3 Strategic Methods

2.3.4 Organisational Concepts

2.3.4.1 Role Assignments

2.3.4.2 CIO as Decision Maker

2.3.4.3 IT Controller as Independent Advisor to the CIO

2.3.4.4 IT Controlling as a Service and Monitoring Instance

2.3.4.5 Partnership Model

2.3.4.6 Employee Model

2.3.4.7 Controlling Model

2.3.4.8 Organizational Concepts in Practice

2.3.5 Reasons for IT Controlling

2.3.5.2 Project Organization

2.3.5.4 Cloud Computing

2.3.6 Smart IT Controlling

2.3.6.1 Use of Data Science Tools in IT Controlling

3.1 Classical Notion of IT Strategy

3.2 Contents of IT Strategies

3.2.1 IT Strategy Characteristics

3.2.2 Empirical Content of IT Strategies