Foundations of Information

Systems

PART 4: INFO RMATION SY STEMS MANA GEMENT

C HAPTER 10:AC QUIR IN G INFOR MATIO N SYSTEMS TH RO UGH
PR OJ E CTS
Part4: Information Systems
Management

•Addresses the management of information systems security,

development, and resources
◦ Chapter 10 Acquiring Information Systems Through Projects
◦ Chapter 11 Structure, Governance, and Ethics
◦ Chapter 12 Managing Information Security and Privacy

2 2 2
Chapter 10: Acquiring Information
Systems Through Projects

Q1. How can information systems be acquired?

Q2. What are IT projects and what does PMBOK mean?
Q3. What should you know about IT operations and IT projects?
Q4. Why are IT projects so risky?
Q5. What is an SDLC?
Q6. How are information systems designed, implemented, and
maintained?
Q7. What is outsourcing, and what are application service
providers?

3 3 3
Q1. How Can Information Systems
be Acquired?

•Five basic ways for acquiring software applications:

1. Buy it and use it as is
2. Buy it and customize it
3. Rent or lease it
4. Build it yourself
5. Outsource it
•Acquiring new software is NOT the same as acquiring
new information systems, because there is a lot more to
think about in systems than just software

4 4 4
New Software Must Be Integrated into
Existing Systems

5 5 5
Q2. What Are IT Projects, and What
Does PMBOK Mean?

•Project Management Body of Knowledge (PMBOK)

◦ Developed by Project Management Institute (PMI); [www.pmi.org]
◦ A project “consists of a temporary endeavor undertaken to create a
unique product, service or result”

6 6 6
PMBOK

•Projects often begin with a set of goals or objectives

•A scope is developed for the project
•Projects usually have a start and an end date
•Projects often represent change in an organization

7 7 7
IT Projects

•IT projects have a large information technology component (in

terms of budget or personnel)
◦ Scope (objective)
◦ Start and end date
◦ Temporary use of resources
◦ Unique
◦ Accomplish something new
•They affect data, people, and processes

8 8 8
Information Technology Project
Management (ITPM)

•ITPM is the collection of techniques and methods that project

managers use to plan, coordinate, and complete IT projects,
including:
◦ Planning tools
◦ Budgeting methods
◦ Graphical scheduling methods
◦ Risk management techniques
◦ Communication planning
◦ High-tech team development

9 9 9
Q3: What Should You Know About IT
Operations and IT Projects?

•IT departments responsible for providing IT services

•Two activities required:
◦ Maintaining the current IT infrastructure
◦ Renewing and adapting the infrastructure

10 10 10
IT Operations and IT Projects

•IT Operations or IT Services: delivery of service, maintenance,

protection, and management of IT infrastructure
◦ Demands a large portion of the IT department’s operational budget;
“keeping the lights on” (KTLO)
•IT Projects: renewal and adaptation of IT infrastructure
◦ Large IT projects are often high profile, high-cost changes to the status
quo of the organization and may be funded outside of the IT operations
budget

11 11 11
IT Operations and IT Projects (cont’d)

•The distinction between operations and projects is important

•Two different types of IT professionals
•Operations: specialize in particular technologies; e.g.
networking specialists, operating systems specialists, database
administrators, and hardware technicians
•Improve the efficiency and security of the entire set of systems
that support operations. These active systems are often referred to
as production systems.

12 12 12
IT Operations and IT Projects (cont’d)

•IT Projects: responsible for changing the production systems,

rather than maintaining them
•Projects are temporary and often change existing infrastructure,
they generally require broad skills, and they challenge project
team members to learn new technologies

13 13 13
Information Technology Infrastructure
Library (ITIL)

•Well-recognized collection of books that provide a framework of

best-practice approaches to IT operations
•Large set of management procedures designed to help businesses
achieve value from IT operations
•Has gone through several revisions; core books from the latest
refresh (ITIL V4) were published in June 2011

14 14 14
What the IT Department Does

•Operations and IT projects rely on each other for success

•There is always a natural balance between them

15 15 15
What About the Web?

•An important avenue for delivering IT services to internal

employees and external customers
•Internal website may include frequently asked questions
(FAQ), web-based forms for requesting services, and some
web-based applications that help support tasks
•Public website provides support for external customers, such
as FAQ, customer support information, and company contact
information

16 16 16
Q4. Why Are IT Projects so Risky?

•All projects, no matter how small or how well defined, face risks
•The Standish Group (www.standishgroup.com), suggests that
only 16 percent of IT projects were delivered on time, on budget,
and on scope, whereas more than 30 percent of IT projects were
cancelled before delivering any benefits

17 17 17
What Makes IT Projects So Risky

•Most IT project definitions not easy to graphically represent

◦ This makes it difficult for people to understand what the system will
“look like,” and how it will behave when it is finished
◦ Lack of a good model is an important risk to recognize in IT projects
•Good cost estimates difficult to develop because the technology
is continually changing
•Being able to monitor progress is another challenge for IT
projects

18 18 18
Some Risks Inherent in IT Projects

•A comprehensive list of risks (52 in total) suggested by Wallace

and Keil; including:
◦ Lack of experience in the team
◦ Lack of support from top management
◦ Lack of participation from system users
◦ Unclear and uncertain project requirements
◦ A high level of technical complexity, and changes in the project
environments

19 19 19
Q5: What Is a SDLC?

•Systems development life cycle (SDLC): process used to

acquire information systems
•To successfully acquire and maintain information systems, there
are basic tasks that need to be performed
•These basic tasks are combined into phases of systems
development

20 20 20
SDLC

•Classical process with five phases:

1. System definition
◦ Management’s statement defines new system
2. Requirements analysis
◦ Identify features and functions
3. Component design
◦ Based on approved user requirements
4. Implementation
◦ Implement, test, and install new system
5. System maintenance
◦ Repair, add new features, maintain

21 21 21
Phases in the SDLC

22 22 22
Phase 1: Defining Systems

•Define goals and purpose for new system

◦ Must facilitate organization’s competitive strategy
◦ Supports business processes
◦ Improves decision making

•Defining project’s scope

◦ Simplifies requirements determination and other subsequent
development work

23 23 23
Phase 1: Defining Systems

•Assess feasibility of project

◦ Cost
◦ Schedule
◦ Technical
◦ Organizational

24 24 24
Phase 2: Requirements Analysis

•Form the project team and develop the requirements

•Team normally consists of both IT personnel and user
representatives
•Determine and document specific features and functions of the
new system
•Approve requirements
•Less expensive to change system in this phase

25 25 25
Q6: How Are Information Systems
Designed, Implemented, and
Maintained?
•Five ways to acquire information systems:
1. Buy it
Match requirements with
2. Buy it and customize it the capabilities of the
3. Rent or lease it available software
4. Build it yourself application
5. Outsource it

26 26 26
 Matching Organizational Needs and
COTS Software Capabilities
Commercial-off-the-
shelf (COTS) Software

27 27 27
Phase 3: Component Design

•Develop and evaluate alternatives

◦ Accurate requirements critical
•Hardware design determined by project team
•Software design depends on source
◦ Off-the-shelf
◦ Off-the-shelf with alterations
◦ Custom-developed programs

28 28 28
Phase 3: Component Design

•Data model converted to database

design
•Procedures developed for normal
processing, backup, and failure
recovery operations
•Job descriptions created for users
and operations personnel

29 29 29
Procedures to Be Designed

30 30 30
Phase 4: Implementation

•System must be built

◦ Components constructed independently
◦ Document and review
•System testing
◦ Individual components tested
◦ System integrated and tested
•Users must be converted to new
system

31 31 31
Systems Testing

•Test plan
◦ Sequences of actions that users take when employing system
◦ Both normal and incorrect actions should be considered
◦ Labour intensive
•Testing also called Product quality assurance (PQA)
◦ PQA test engineers perform testing and supervise users’ test activity
•Beta testing
◦ Future system users try out system on their own

32 32 32
System Conversion

•Once the system has passed integrated testing

•Converting business activity from the old system to the new
•Four ways:
1. Pilot
◦ Organization implements entire system on single, limited unit
◦ If systems fails, it only affects limited boundary
◦ Reduces exposure

33 33 33
System Conversion

2. Phased
◦ New system installed in phases
◦ Tested after each phase
◦ Continues until installed at entire organization
◦ Can’t be used in tightly integrated systems

34 34 34
System Conversion

3. Parallel
◦ New system runs in parallel with old system during testing
◦ Expensive and time consuming
◦ Data must be entered twice
◦ Provides easy fallback position
4. Plunge
◦ Direct or cut over installation
◦ Install new system and discontinue old
◦ There is no backup position

35 35 35
Design and Implementation for the
Five Components

36 36 36
Phase 5: Maintenance

•Fixing the system so that it works correctly or adapting system

to changes in requirements
◦ Need method to track system failures and enhancements requests
◦ Corrections usually prioritized based on severity
◦ They fix high-priority items as soon as possible, and they fix low-priority items as
time and resources become available.

37 37 37
SDLC: System Maintenance Phase

38 38 38
Problems with SDLC

•SDLC waterfall method

◦ Phases are not supposed to be repeated
◦ In reality: often teams need to go back and repeat the work done in prior
phase
•Agile methods have been suggested as a potential solution; e.g.
scrum approach
•Agile methods use an iterative approach to design that includes
user feedback

39 39 39
Agile vs Waterfall

40 https://youtu.be/e1_eD-5zkGY
40 40
SCRUM Approach

41 https://youtu.be/2Vt7Ik8Ublw
41 41
Q7: What Is Outsourcing, and What
Are Application Service Providers?

•Outsourcing: process of hiring another organization to perform a

service
•The outsourced vendor can be domestic or international
◦ Offshoring is when vendor is overseas (e.g., China, India, and Russia)
•An easy way to gain expertise
•Concern cost reductions
•To reduce development risk

42 42 42
Outsourcing Risks

43 43 43
Application Service Providers

•Application service providers (ASPs) are a particular form of

outsourcing
•ASP agreement
◦ Organization contracts with a vendor to “rent” applications from the
vendor company on a fee-for-service basis
•Payments
◦ Monthly or yearly
◦ Based on number of employees or “users”

44 44 44