AMAZON

Amazon
• Amazon.com is an American multinational technology
company based in Seattle, Washington that focuses on e-
commerce, cloud computing, digital streaming, and
artificial intelligence
• It is considered one of the Big Four technology companies
along with Google, Apple, and Facebook
• It is the world's largest e-commerce marketplace, Amazon
was founded by Jeff Bezos on July 5, 1994, in Bellevue,
Washington
• The company initially started as an online marketplace for
books but later expanded to sell electronics, software,
video games, apparel, furniture, food, toys, and jewellery
• In 2015, Amazon surpassed Walmart as the most valuable
retailer in the United States by market capitalization
 KPIs of Amazon
• The 4 critical KPIs for Amazon are:
• Sessions - Sessions shows the number of visits to your Amazon listing by
potential buyers. All activity by a single buyer within a 24-hour period is
considered one session. Sessions is the pulse of your business. It tells you
how much attention you’re attracting.
• Conversion % - The conversion percentage shows what Amazon refers to
as the Unit Session Percentage. It’s essentially how many units were sold,
divided by the number of shopper sessions on your product listing.
• Profit - Amazon doesn’t show your profit, but programs like ours let you
enter costs and other factors in order to calculate profit on sales. Profit
gives a much better gauge of business health, and is a better KPI.
• Average Rating - The average rating, as calculated by Amazon, is a crucial
KPI for sellers who “own” their listings, including private label sellers and
brands. Seeing what kind of customer response one can get a good
barometer of future sales. Reviews influence new customer purchases.
Trends in reviews can give an indication of product quality, and highlight
things that might need fixing.
 KGIs of Amazon

Business level
• Maintain enterprise reputation and Leadership.
• Acquire new customers
• Retain existing customers
• Reacquire former customers

IT level
• Ensure that IT Services can resist and recover from attacks - Both the consumer and critical data are
saved within massive data centres globally, safeguarding the facilities from global-scale cyber-
attacks has become the top priority for Amazon

Process level
• Detect and resolve unauthorised access - Amazon Web Services (AWS) provides a range of services
for cloud security, including AWS Identity and Access Management (IAM), which allows admins to
define and manage user access to resources

Activity level
• Understand security requirements, vulnerabilities and threats - At Amazon information security
maintains consumer trust by guarding the confidentiality and integrity of Amazon and customer
data.
• They assess risk, classify data and systems and detect potential intrusion
 IT governance

It provides a structure for aligning IT strategy with business strategy. By following a

formal framework, organizations can produce measurable results toward achieving
their strategies and goals.

Enterprise Architecture
• Core Business Process – Online retail, Cloud computing and Digital distribution
(Book: Via website & Kindle, Video: Video streaming similar to Netflix and Audio:
Cloud streaming service)
• Data – Highly standardized
• Technology – Proprietary online retail system & recommendation engine
Cloud computing infrastructure
Data warehouse system & business analytics

• Customer – Mass market

Everyone who has access to internet & PC/Mobile device
Companies-with cloud computing
IT Governance Matrix of Amazon
 Operating Model of Amazon

• Amazon’s operating model is Unification that is high on integration as well

as high on standardization.
• Unification is a centralized organizational design. The company pursues
the need for reliability, predictability and low cost by standardizing
business processes and sharing data across business units to create an
end-to-end view of operations and a single face to the customer.

• Business Process Standard: Same buying process across product

categories
Amazon in different countries follows the same process
• Business Process Integration: Cross-selling capability
Unified online retail system
Amazon platform lies on cloud computing
Key processes of Amazon
• Control of production and manufacturing;
• Manage website
• Online orders and the distribution of the product;
• Create a branding strategy;
• Marketing and promotion of the product;
• Product and packaging design
Activities that come under the process ‘manage
website’
• Manage confidential and integrity
• Online transaction on the website
• Safegaurding the privacy of all (PII)
• Maintaining website downtime
• Managing all third-party service providers
 RACI Chart
RACI charts gave insights into the organizational
roles that should be in place to achieve process
goals
WALMART
 Walmart

• Walmart Inc. (formerly Wal-Mart Stores, Inc.) is an American multinational

retail corporation that operates a chain of hypermarkets, discount
department stores, and grocery stores, headquartered in Bentonville,
Arkansas
• The company was founded by Sam Walton in 1962 and incorporated on
October 31, 1969
• As of April 30, 2019, Walmart has 11,368 stores and clubs in 27 countries,
operating under 55 different names
• Every Day Low Price (EDLP) is the cornerstone of their strategy
• From grocery and entertainment to sporting goods and crafts, Walmart
provide the deep assortment that the customers appreciate whether
they're shopping online at Walmart.com, through one of our mobile apps
or shopping in a store
• Walmart’s retail division includes - Wal-Mart Discount Stores, Wal-Mart
Supercenters, Wal-Mart Neighborhood Markets and Sam’s Club.
•
 KPIs

• To come up with metrics to measure key indicators,

Walmart has closely partnered with ‘ The Sustainability
Consortium’, which it largely funded and which is made up
of a working group of executives from companies like
PepsiCo, Procter & Gamble, Kimberly Clark, BASF, SAP,
Unilever and others
• Retailers are using TSC metrics to assess their supplier
performance on key sustainability issues
• To drive market signals into their supply chains, retailers are
equipping their buyers with practical tools that enable
them to make quick business decisions regarding supplier
performance on the retailer’s sustainability priorities
Few KPIs of Walmart are:-
• E-commerce sales KPIs include metrics surround average
order size, churn rate, and shopping cart abandonment
rate, which tells how many users add products to a
shopping cart but don’t check out. A high abandonment
rate could indicate a complex or high-friction checkout
process.
• Marketing KPIs can include digital metrics like time spent
on site and website bounce rate, as well as email open and
click-through rates, which indicate the success of an email
campaign and whether it’s driving traffic to your website.
• Customer service KPIs track metrics like first response time
and customer satisfaction scores.
• Increased click through rates
• Customer feedback
• Sales
• Online interactions with Walmart sites
 KGIs of Walmart
Business level
• Their purpose is to save people money so they can live better
• Walmart aims to provide safe, affordable food and other products to people
around the world
• Doing so in a way that enhances economic opportunity, environmental and social
sustainability, and local communities creates value for our business and for society
IT level
• To help people around the world save money and live better - anytime and
anywhere - in online and through their mobile devices by reducing IT risks
Process level
• Securing our personal information is their priority
• Walmart engages in appropriate, reasonable and industry-standard security
practices to help ensure that personal information is not subject to loss or
unauthorized access, alteration, acquisition, use, modification, destruction or
disclosure
• Their goal is to limit the information they collect to the information needed to
support their business.
Activity level
• They may use and share our personal information in limited circumstances, such as
to conduct the business, when legally required, or with our consent
 IT governance

Five Major IT Decisions IT Governance Archetype

IT Monarchy –
• IT professionals give their input as well as make the IT decisions for
IT Infrastructure

Feudal –
• Business Unit provide their input for IT Architecture, Business
application needs and IT Investment and prioritization

IT Duopoly –
• The IT duopoly is a two-party arrangement where decisions
represent agreement between IT executives and one business
group
• So both the parties gives input and take decision regarding IT
principles
• They also take decisions on matter like IT Architecture, Business
application needs and IT Investment and prioritization
 Operating Model of Walmart

• Walmart has Unification model because of its

centralized organizational design
• The company pursues the need for reliability,
predictability and low cost by standardizing business
processes and sharing data across business units to
create an end-to-end view of operations and a single
face to the customer
• Business Process Standard: Walmart follows the same
retailing process throughout USA
• Business Process Integration:
- Cross-selling capability
- Unified online as well asoffline retail system
Some the processes that takes place in Walmart
• Control of production and manufacturing
• Procurement
• Manage website
• Online orders
• Distribution and Logistics
• Create a branding strategy
• Marketing and promotion of the product
Activities which comes under the process ‘Procurement’
• Prospect potential suppliers
• Exchange of information to identify opportunities
• Structure the operations (define terms and conditions)
• Negotiation with seller
• Finalize agreement (terms and conditions)
• Sign off agreement
• Deal execution
RACI Chart
 AETNA Inc.
• Introduction:
• This part will address the Aetna case, a renowned health care insurance
company that knew a difficult financial situation at the end of the 20th
century. I chose Aetna on the one hand because they were one of the first
companies to focus on IT management as main strategy to restore their
financial position. On the other hand, the results of those IT changes are
already known and they totally are profit making.
• Therefore, a question remains; how was it actually done? In reality, no
one knows the detailed processes they used at least being Aetna’s
members. Evidently, they do not reveal such information because this
remains a professional secret.
• Nevertheless, I will try to answer this question by using the COBIT 5
framework. In other words, I will illustrate how this company pulled
through by using IT management methods. I am going to determine the
effective strategies they might use thanks to their obtained results.
Enterprise Goals
 Enterprise Goals to IT-related Goals
From there, the following P IT-related goals are suggested as most important:
• Alignment of IT and business strategy
• Commitment of executive management for making IT-related business risk
• Realized benefits from IT-enabled investments and services portfolio
• Transparency of IT cost, benefits and risk
• Delivery of IT services in line with business requirements
• IT agility
• Optimization of IT assets, resources and capabilities
• Enablement and support of business processes by integrating applications
and technology into business processes
• Delivery of programs delivering benefits on time, on budget, and meeting
requirements and quality standards
• Availability of reliable and useful information for decision making
• Knowledge, expertise, and initiatives for business innovation
 IT-related Goals to Enabler Goals
• Achieving IT-related goals requires the fixation of enabler goals that
means to determine:
• 1. Principles, policies, and frameworks
• 2. Processes
• 3. Organizational structures
• 4. Culture, ethics, and behaviors
• 5. Information
• 6. Services, infrastructure and applications
• 7. People, skills, and competencies
 IT processes
• 1. EDM 1 – Ensure governance framework setting and maintenance
• 2. EDM 2 – Ensure benefits delivery
• 3. EDM 4 – Ensure resource optimization
• 4. EDM 5 – Ensure stakeholder transparency
• 5. APO 1 – Manage the IT management framework
• 6. APO 2 – Manage strategy
• 7. APO 3 – Manage enterprise architecture
• 8. APO 4 – Manage innovation
• 9. APO 5 – Manage portfolio
• 10. APO 6 – Manage budget and costs
• 11. APO 7 – Manage human resources
• 12. APO 8 – Manage relationship
• 13. APO 9 – Manage service agreements
• 14. APO 10 – Manage suppliers
• 15. APO 11 – Manage quality
• 16. BAI 1 – Manage programs and projects
 IT processes
• 17. BAI 2 – Manage requirements definition
• 18. BAI 3 – Manage solutions identification and build
• 19. BAI 4 – Manage availability and capacity
• 20. BAI 5 – Manage organizational change enablement
• 21. BAI 6 – Manage changes
• 22. BAI 8 – Manage knowledge
• 23. BAI 9 – Mange assets
• 24. BAI 10 – Manage configuration
• 25. DSS 1 – Manage operation
• 26. DSS 2 – Manage service requests and incidents
• 27. DSS 3 – Manage problems
• 28. DSS 4 – Manage continuity
• 29. DSS 6 – Manage business process controls
• 30. MEA 1 – Monitor, evaluate and assess performance and conformance.
RACI chart
KPI
KPI
 Conclusion
• The IT BS shows us that the current situation of Aetna is quite
satisfactory, particularly thanks to the implementation of the
last project, the co-sourcing with IBM. However, as you can
notice, in terms of IT agility Aetna still has some weaknesses.
• Certainly, because the Aetna Navigator website is just
launched and we cannot see outcomes yet.
• That is why we prefer to invest in new projects in order to
address this competitiveness problem.
• Therefore, we plan to buy external solutions that will have
positive impacts on IT governance principles and mechanism.
 Implementation of COBIT 4.0 in
Scotiabank, Costa Rica
• Background
• SUGEF approved the IT management regulation applicable
to all banking and financial entities in the country starting
in 2009 and establishing as mandatory implementing the
34 COBIT 4.0 processes and reaching the third level of
maturity for each identified COBIT process within three
years.
• Compliance with these regulations is met through the
execution of independent external audits, led by a CISA-
certified professional, and framed in the external audit
guidelinesand professional and ethical criteriaprovided by
ISACA, applying on a mandatory basis the S7 IT Audit and
Assurance Standardand the G20 IT Audit and Assurance
Guideline.
 Implementation Strategy
• In its first phase, the plan analyzed 17 processes that
required reaching maturity levels 2 or 3, as appropriate
for the selected process.6The following processes were
included: PO1, PO3, PO5, PO9, PO10, AI3, AI5, AI6,
DS2, DS3, DS4, DS5, DS9, DS10, DS11, DS12 and ME2.
In the second phase of implementation, the remaining
17 processes that should reach maturity level 1 were
analyzed to gradually reach maturity level 3 in a
maximum of three years, starting in 2010.
• Within the process, training in COBIT and good
governance of IT, which focused on strengthening the
knowledge of personnel participating in
implementation, were included.
 Results Obtained
The benefits BNS received from using the conceptual
framework from COBIT 4.0 include:
• Stronger alignment among business and IT strategies
through the coherence of domains and COBIT processes
• Creation of defined processes with internationally
accepted, auditable and measurable structures that
integrate the best practices in the banking industry
• Identification of key controls that should be strengthened
and implemented to ensure adequate internal IT control
• Better and more reliable processes that strengthen the
application of practices related to management of the five
elements of control that constitute good IT governance
KPI
The Replication Operating Model Of
Scotiabank, Costa Rica
 IT in the Replication Operating model
• Replicated enterprise systems - Large IT systems may be used to reinforce the centralized nature of business
process in these companies. It is not uncommon to see a similarly configured ERP system in each operating
business unit, managing a wide array of core functions, including HR, manufacturing, customer relationship
management, and financial management.

• Customer Data is not shared - the systems are largely turnkey delivery. This means that the operating unit, when
it gets set up, gets its own copy of "shiny new software" and then owns it. The data belongs to the business
unit. It is usually not shared with the corporate headquarters. Roll-up data often is shared, and financial data is
nearly always shared, but customer and transactional data is not. It is interesting to note, however, that the
formats and schema of the transactional data is often similar or identical. This would allow the sharing of this
data, if it were deemed interesting to the company.

• Process owners - In order to get process consistency among the various operating units, a single person is
identified to own each key process and they, along with their team, is responsible for insuring that the process is
efficient, cost-effective, and productive. The difference between a unification model and a replication model is
that, in a replication model, this is usually done through consensus of the individual businesses. Innovation will
come from the edge and adoption is at the edge, so a consensus approach is required.

• Central IT decision making - Decisions in the IT organization are centralized as much as possible. Systems are
purchased, and deployed, with the goal of improving the cost effectiveness and efficiency of the company's core
business processes. These companies are concerned about the cost of IT, but are friendly to innovation as long as
it can work within the common process framework