BPR involves redesigning business processes to achieve dramatic improvements in performance metrics like cost, quality, service and speed. It changes organizational structures, job roles, performance measures and uses of technology. The phases of BPR include beginning organizational change, building a reengineering team, identifying opportunities by analyzing key processes and customer needs, understanding the current processes, redesigning processes, and implementing changes. BPR aims to combine or eliminate steps, perform work in natural order, reduce checks and controls, and have single points of contact. It impacts work units, jobs, roles, values and managerial approaches.
Original Description:
Original Title
module 6_ERP relatedtechnologies n security (1).pptx
BPR involves redesigning business processes to achieve dramatic improvements in performance metrics like cost, quality, service and speed. It changes organizational structures, job roles, performance measures and uses of technology. The phases of BPR include beginning organizational change, building a reengineering team, identifying opportunities by analyzing key processes and customer needs, understanding the current processes, redesigning processes, and implementing changes. BPR aims to combine or eliminate steps, perform work in natural order, reduce checks and controls, and have single points of contact. It impacts work units, jobs, roles, values and managerial approaches.
BPR involves redesigning business processes to achieve dramatic improvements in performance metrics like cost, quality, service and speed. It changes organizational structures, job roles, performance measures and uses of technology. The phases of BPR include beginning organizational change, building a reengineering team, identifying opportunities by analyzing key processes and customer needs, understanding the current processes, redesigning processes, and implementing changes. BPR aims to combine or eliminate steps, perform work in natural order, reduce checks and controls, and have single points of contact. It impacts work units, jobs, roles, values and managerial approaches.
• Business Intelligence and Analytics, • Product LifeCycle Mgmt(PLM), • Geographic Information systems(GIS), • ERP and SCM, CRM, OLAP, • Security Systems for ERP, ERP and related technologies • To overcome limitations in ERP various technologies are used with ERP package Technologies used : • BPR • BI : board, Sisense, Dundas BI,Tableau Big Analytics • BA : Descriptive Analytics(Jreport), • Data Warehousing : Amazon Red shift, Panoply, Bigquery, blendo ,teradata • Data Mining: rapid miner, orange, Dundas, H3O • OLAP : micro strategy, Ibm cognos • SCM :Watson supply chain, E2 open, Epicor SCM • PLM : Arena, Upchain, Windchill • CRM : Hubspot CRM, Zoho CRM, Onpipeline • GIS : Quantum GIS, Grass GIS, SAGA GIS • Intranet and Extranet BPR : Introduction
• BPR involves dramatic changes
• There’s change in organizational structures, management systems, job descriptions, performance measurements, skill development, training and use of IT. • BPR has impact on every aspect • Changes cause total success or complete breakdown and failure. BPR at Nike • Nike is a sportswear leading company which was using 27 applications world wide for its supply chain management. Nike was going to implement ERP with the objectives: • Implement new enterprise system build by them • Increase design manufacturing • Increase company margin • Cut the shipping time • Reduce stock in inventory PROBLEMS : Inaccurate order shipping • Unbalanced production and demanding • Too much stock inventory • Decreased revenue • Demand cannot be completed • Business Process will be restructured if the organization decided to do BPR BPR case • Air Bn B : The three main functions which contributed to the Airbnb product development process — designers, engineers, and researchers — worked in silos, only jumping into the process at defined times. • Those defined times weren’t serving the end goal of delivering a great product on time. • Designers had to wait on engineers to write code before a mock-up could be visualized on screen. • In turn, engineers had to wait on researchers to validate product ideas, only to find at the very end that project assumptions were off-base. • as a process failure. Solution : Treat Geographically Dispersed Resources as Though They Were Centralized, Organize around outcomes, not tasks,Link parallel activities BPR : Introduction(contd)
Successful BPR results in :
• Dramatic performance improvements • Increase in profits, • Better business practices • Enormous cost reductions, • Dramatic improvement in productivity • Create substantial improvements in quality • Improvement in customer service • Employee satisfaction BPR : Introduction(contd) • Evaluation:Dr.Michael Hammer, James Champy, Thomas Davenport created the concept of BPR • Hammer gathered information about organizations surviving in their industries and observed the companies that had succeeded changing their processes had used similar set of tools and tactics. They called this set as Business Reengineering • Thomas Davenport also carried research and examined redesigning processes. He collected information on methods and practices leading to successful implementation which he called Process Innovation BPR : Introduction(contd)
• Both the approaches address the concept of
redesigning the way businesses perform strategic processes. • Both share a number of core activities. • To describe these efforts the term BPR was adopted • Many organizations have acquired experience in performing BPR • Experts still are not in agreement on every activity necessary for performing BPR. • The core activities still are stable BPR Principles • Several jobs are combined into one • Workers make decisions • Steps are performed in natural order • Processes have multiple versions • Work is performed where it makes most sense • Checks and controls are reduced • Case manager is single point of contact • Hybrid centralized/decentralized operations BPR Impact
• Change in Work Units(functional department to process teams)
• Change in jobs(Simple to multi-dimensional) • Change in people’s roles(controlled to enpowered) • Change in job preparation(training to education) • Change in focus of performance measures(Bonus) • Change in advancement criteria(performance to ability) • Change in values • Change in manager’s role(supervisor to coach) • Change in role of executives(scorekeepers to leaders) • Change in organisation structure BPR : Different Phases
• Begin Organizational Change
• Building the Reengineering Organization • Identifying BPR Opportunities • Understanding the Existing Process • Reengineering the Process • Blueprint the New Business System • Perform the transformation BPR : Different Phases Phase 1 : Begin Organizational Change • Assess the current state of organisation • Explain the need for change • Illustrate the desired state • Takes a look at how organizations operate. Focus is analysis of operating procedures and results generated by them Aspects of the business that need to be evaluated are : • How things are done currently • What changes may be occuring • What new circumstances exist in the business environment BPR : Different Phases Phase 1 : Begin Organizational Change Main Activities are : • Assess the current state of the organisation • Explain the need for change • Illustrate the desired change • Create a communications campaign for change Work on how the organisation operates focussing on the operating procedures and results generated by them. This helps to determine if dramatic changes are possible with BPR BPR : Different Phases(contd) Phase 1 : Begin Organizational Change Aspects of business that is evaluated are : • Currently how things are done • What changes may be occuring • New circumstances in the business environment Next step is look at harmful operating procedures which have or may cause irreparable damage to the company’s business goal and functioning. Check if organisation is able to meet needs of market. BPR : Different Phases(contd)
Phase 1 : Begin Organizational Change
• Consequences should be understood and well identified. It can be loss of jobs, closing few operations. • Proper future direction should be decided • If changes are desired, organisation needs to turn to people • Business plans and strategies guide the people • Everyone needs to communicated about the need to change • BPR : Different Phases(contd) Phase 2 : Build the reegineered Organization Major activities are : • Establish a BPR organisation structure(Infrastucture establishment) • Establish the roles for performing BPR • Choose the personnel who will reengineer Decide who are the people enlisted to reengineer the business, what are their responsibilities, who will they report to, What happens to the normal business when BPR is going on BPR : Different Phases(contd) Phase 2 : Build the reegineered Organization Members of reengineering team : • Executive leader: High level executive who has authority to make people listen and the motivational power to make people follow. • Process owner: Responsible for a specific process and reengineering efforts focussed on it. There is a process owner for each process being reengineered. Executive leader appoints a process owner BPR : Different Phases(contd)
Phase 2 : Build the reegineered Organization
Members of reengineering team : • Team dedicated to the reengineering of a specific process should be made up of insiders • These people are aware of strengths and weaknesses, along with outsiders who give ideas for redesign. Team should be small, they investigate the existing process and oversee redesign and implementation. BPR : Different Phases(contd) Phase 2 : Build the reegineered Organization Members of reengineering team : • Steering Committee: Control chaos and monitor progress • Reengineering specialist/ consultant: Assist the team by providing tools, techniques and methods to help them with their reengineering tasks BPR : Different Phases(contd) Phase 3: Identify BPR opportunities • Identify high level processes(divide organisation into high level process rather than vertical business areas) • Recognise potential change-enablers • Gather performance metrics within the industry • Select processes that should be reengineered • Prioritize selected processes • Evaluate pre-existing business strategies • Consult with customers to know their desires BPR : Different Phases(contd) Phase 3: Identify BPR opportunities • Determine customer’s actual needs • Formulate new process performance objectives • Establish key process characteristics • Identify potential barriers to implementation Seeing the company from customers point of view can help identify the high level processes. BPR : Different Phases(contd) • Phase 3: Identify BPR opportunities Helpful to think about change levers that may bring dramatic changes in organisation processes. • Change levers may be use of information, use of IT and human factors Common questions asked are : • What new information is available and easily accessible to organisation? • What new technologies have recently been introduced or are on the horizon, that can change how businesses and customers interact? • New ways of structuring? BPR : Different Phases(contd)
Phase 3: Identify BPR opportunities
• Modification in one of these areas information, IT and people needs changes in other areas once major processes are reengineered. • Compare performance of high level processes with competitors Criteria used : • Dysfunction(processes most ineffective) • Importance(processes have greatest impact on customers) • Feasibility(processes at the moment susceptible to accomplish redesign BPR : Different Phases(contd)
Phase 3: Identify BPR opportunities
• Pick process of high success potential. • Assess business strategy • New process strategy defined • Process goals and objectives can be determined BPR : Different Phases(contd) Phase 4: Understand the Existing process • Understand why current steps are being performed • Model the current process • Understand how technology is currently used • Understand how information is currently used • Understand the current organisational structure • Compare current processes with new objectives BPR : Different Phases(contd) Phase 4: Understand the Existing process • Understand why a current process is done the way it is done • Understand is key word • Not scrutinize every detail • Process objectives clearly defined • Modelling current process Helps plan migration of old process to new one BPR : Different Phases(contd)
Phase 4: Understand the Existing process
• Understanding how and why the current processes use information is also important. Answering questions will be helpful : • Do staff members have access to essential information • Why is technology used to support some tasks and not others • How effective are the current interfaces BPR : Different Phases(contd) Phase 4: Understand the Existing process • Are some processes wasting time and effort by creating duplicate information when information can be shared across organisational boundaries • Are they easy to use • What way the existing process take advantage of technology BPR : Different Phases(contd)
Phase 5 : Reengineer the Process
• Ensure the diversity of the reengineering team • Question current operating assumptions • Brainstorm using change levers • Brainstorm using BPR principles • Evaluate the impact of new technologies • Consider perspectives of stakeholders • Use customer value as focal point BPR : Different Phases(contd) Phase 5 : Reengineer the Process • Actual reengineering begins • From strategy, analysis we move to redesign phase • Team now involved should be well versed in technology i.e. designers and implementers • Future owners are critical components • Outside perspective is equally important. They raise questions about operating assumptions that may not be obvious to insider. • Technologist will provide an insight how to apply in innovative ways BPR : Different Phases(contd)
Phase 5 : Reengineer the Process
• Operating assumptions can be questioned • At times operating assumptions can be thrown out and new one can be developed • Brainstorming session is conducted to create new ideas. • According to Hammer brainstorming is successful when BPR principles are considered. During this new technologies can be considered and their impact is evaluated. BPR : Different Phases(contd)
Phase 5 : Reengineer the Process
Technologies considered enablers of reengineering are:
• ERP systems • Internet technologies • Distributed computing platforms • Client/Server architectures • Workflow automation technologies • Groupware BPR : Different Phases(contd) Phase 5 : Reengineer the Process • Team searches new information as well as new ways to use existing information. • Organisation can collect data not collected before • Brings new knowledge into process to help decision making • Sharing data across organisation eliminate redundancies BPR : Different Phases(contd)
• Require evaluation of organisation model and management strategy
• Workgroup will not be traditional hierarchical management • Workgroup needs new measurement systems and reward values and belief systems BPR : Different Phases(contd)
• Consider all process stakeholders in the redesign of a
process. • Include people(stakeholders) whose actions are impacted by organisation’s action and whose action impacted the organization • Include both those who are internal to the process and those who are external to the process. • External stakeholders may not be concerned with how a process is performed but with the output. 5 Stage BPR model • Build an overview of the process flow. ... • Create the process flow detail. ... • Write the operating procedure. ... • Develop a detailed work instruction. ... • Have a Plan for Continuous Process Improvement. Data Warehousing
Inmon defines the data warehouse in the following terms:
• Subject-oriented: The data in the data warehouse is organised so that all the data elements relating to the same real-world event or object are linked together. • Time-variant: The changes to the data in the database are tracked and recorded so that reports can be produced showing changes over time. • Non-volatile: Data in the data warehouse is never overwritten or deleted. Once committed, the data is static, read-only and retained for future reporting. • Integrated: The database contains data from most or all of an organisation’s operational applications, and that this data is made consistent. Data Warehousing
• Kimball defines data warehouse as “a copy of transaction data specifically
structured for query and analysis”. • Kimball’s data warehousing architecture is also known as data warehouse bus (BUS). Dimensional modelling focuses on ease of end-user accessibility and provides a high level of performance to the data warehouse. Security Systems for ERP
• AI driven systems • ERP presence more in mid range manufacturing • More modular system (best of breed concept) • More third party applications (bolt on) Bolt on
• The term “bolt-on” is similar to the term “plug-and-play” that is used
to describe pieces of software that are easily integrated into other larger systems. • Some might also call these “add-ons.” • Bolt-on solutions for ERP are modules that work side-by-side with the core ERP system and provide supplementary functionality. • Typical bolt-on features include customer relationship management, product lifecycle management, resource planning, supply chain optimization and more. Middleware
• External applications accessed through APIs
• Bind Applications together • Removes need for API • Divided into (i) data oriented products , (ii) messaging oriented vendors (software or hardware infrastructure supporting sending and receiving messages between distributed systems). application server middleware, web middleware, and transaction-processing monitors. Examples • Red Hat JBoss Enterprise Application Platform (EAP) ... • IBM WebSphere. ... • Oracle WebLogic. MOM • Message-driven processing is required in a client/server environment that uses a special program called a message broker. • A client sends a message to the message broker which is designed to handle many messages from multiple clients and forward them to the appropriate server application. • The middleware creates a communications layer that insulates developers from the complexity of different operating systems and network protocols. FEATURES • Unified messaging • Provisioning and monitoring • Dynamic scaling • Management and control tools • Dynamic scaling • Flexible service quality • Secure communication • Integration with other tools Computer Crimes • Computer crime is an act performed by a knowledgeable computer user, sometimes referred to as a hacker that illegally browses or steals a company's or individual's private information. • In some cases, this person or group of individuals may be malicious and destroy or otherwise corrupt the computer or data files. • Cyber Stalking. • Identity Theft. • Software Piracy. ... • Money Laundering. ... • Malware. ... • Phishing. Cyber crime fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Types : Smishing, Vishing , Pharming • Examples (i) Generic greeting. Phishing emails are usually sent in large batches(ii) Forged link (iii) Requests personal • Spoofing describes a criminal who impersonates another individual or organization, with the intent to gather personal or business information ERP Security • Security Threat is defined as a risk that which can potentially harm computer systems and organization. • The cause could be physical such as someone stealing a computer that contains vital data. • Includes Physical, Non physical(Logical threats) A physical threat is a potential cause of an incident that may result in loss or physical damage to the computer systems. Categories : • Internal • External • Human Logical Threats • Loss or corruption of system data • Disrupt business operations that rely on computer systems • Loss of sensitive information • Illegal monitoring of activities on computer systems • Cyber Security Breaches Logical Threats • Virus • Trojans • Worms • Spyware • Key loggers • Adware • Denial of Service Attacks • Distributed Denial of Service Attacks • Unauthorized access to computer systems resources such as data • Phishing • Other Computer Security Risks • Viruses, worms, Trojans, and bots are all part of a class of software called "malware." • Examples : • Phishing fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. types : Smishing, Vishing , Pharming • Examples (i) Generic greeting. Phishing emails are usually sent in large batches(ii) Forged link (iii) Requests personal • Spoofing describes a criminal who impersonates another individual or organization, with the intent to gather personal or business information ERP security issues • Overlooking Software Updates • Lack of Employee Training and Upkeep • Inadequate Access and Authentication • Insider Threats • Vulnerable Interconnections • Poor Patch Management • Poor ERP Security Delegation Computer security • Passwords • Physical access restriction • Firewall • Encryption • Audit • Backup • Remote and proactive implementing process ERP security issues • Sixty-four percent of the 191 decision makers surveyed whose organizations rely on SAP or Oracle E- Business Suite confirmed that their deployments have had an ERP-related breach in the last 24 months. • “Enterprise Resource Planning (ERP) applications such as Oracle E-Business Suite and SAP (ECC) can be foundational for businesses. • A breach of such critical ERP applications can lead to unexpected downtime, increased compliance risk , diminished brand confidence and project delays,” • ERP platforms in the last 24 months, reported compromised information includes sales data (50 percent), HR data (45 percent), customer personally identifiable information (41 percent), intellectual property (36 percent) and financial data (34 percent). • 78 percent of respondents report that ERP application users are audited every 90 days or more. • 74 percent of SAP and Oracle EBS applications are connected to the internet. • 56 percent of C-level executives are concerned or very concerned about moving ERP applications to the cloud. Security Solutions • ERP Security is a wide range of measures aimed at protecting Enterprise resource planning (ERP) systems from illicit access ensuring accessibility and integrity of system data. • ERP Security scanner is a software intended to search for vulnerabilities in ERP systems. Scanner analyzes configurations of ERP system, searches for misconfigurations, access control and encryption conflicts, insecure components, and checks for updates. • RBAC (Role-Based Access Control) model is applied for users to perform transactions and gain access to business objects • SOD (segregation of duties) ERP security • Hackers have targeted the systems of 62 colleges and universities by exploiting a vulnerability in an enterprise resource planning (ERP) web app, (the US Department of Education) • vulnerability in the authentication mechanism used by the two modules that can allow remote attackers to hijack victims' web sessions and gain access to their accounts. • attackers created thousands of fake accounts over days, with around 600 accounts created during a 24-hour period. • Officials said the accounts were used "almost immediately for criminal activity," but did not provide any details about the nature of the activity. • Attackers are utilizing bots to submit fraudulent admissions applications and obtain institution email addresses through admission application portals,"