Business information systems
Chapter 1: information systems, strategy & governance
1.1) What is an IS?
Why do we need IT?
- Technologies/processes are becoming more sophisticated
- IT must join business to phase in new digital technologies
- Examples:
o Analytics (Amazon, Netflix)
o Internet of things (Telematics, Moocall)
o Drones (insurance, forest maintenance, package delivery)
Data/information/knowledge
Data: raw observed facts of events (symbols, letters, numbers, …)
Information: processed data, useful for decision making process
o Answers to what, where, … context
Knowledge: combining data and information perform tasks
Metadata
= data about data
XML = extensible markup language
o Tag based language to describe metadata
o User can define own tag
o Easy to share information between companies/people
System
= a set of elements. These elements are related to each other and, possibly, to elements from
the universe of discourse and are joined for a specific purpose.
Elements: physical objects, energetic/biological units, …
Relations: distance and time, physical/logical/cause-effect relations
Purposes: ex. Delivery of services, production of finished goods, obtaining profits, …
Example: traffic system:
o Elements: road infrastructure, vehicles, signs, …
o Relations: distance between cities, speed allowed, …
o Purposes optimizing traffic flow, maximizing safety, …
Business information system
= set of related components to collect, search, process, store and distribute information
support coordination of decision-making process within organization
1
, Business IT alignment
o Using BIS to realize business objectives, ex. Profit, shareholder value, …
o Integrating IT into strategy, mission and company’s goals
Types of business information systems
1) Strategic information systems:
o Processes: unstructured, less ambiguous, occasionally
o Decisions: concerning long term, rather incidental, much uncertainty
o Users: C-level executives (CEO, CFO, CIO, …)
o Required information: hard to determine, strongly dependent on individuals,
highly less structured
o Examples: ESS & data warehousing
ESS = executive support system
o Communication/calculations at strategic level
o Input: external/internal aggregated data
o Processing: graphical, simulation, interactive
o Output, projections, answers to queries
o Users: top-level managers, board of directors
2) Tactical information systems:
o Processes: less routinely
o Decisions: mid-term, less often, more uncertainties/risks
2
, o Users: middle management
o Required information: operational level + data warehouse, less easy to
determine, dependent on individual and moment, need for external
information increases
o Examples: MIS & DSS
MIS = management information systems
o Input: transaction records, data warehouse
o Processing: routine reporting, low-level analysis
o Output: summary, exception reports
o Users: middle managers
DSS = decision support system
Management level: data analysis for decision making
o Input: data, low-volume and data warehouses, analytic models
o Process: interactive, simulation
o Output: special reports, decision analysis, answers to specific queries
o Users: middle and executive managers
o Example: credit scoring
decides to accept a credit for a customer based on
Customer characteristics
Loan characteristics
Macro-economy
3) Operational information systems:
o Processes: well structured, routinely
o Decisions: short term, occur frequently, little uncertainties
o Users: clerks, cashiers, sales assistants, …
o Required information: easy to determine, independent of individual
o Examples: OLTP & ERP
OLTP = online transaction processing systems
o Point of sale (POS) system, ex. Supermarket
o Order entry system, ex. Amazon
o Financial transaction system, ex. PayPal
ERP = enterprise resource planning systems
o Single information system for organization wide coordination/integration
business processes
o Vendors: Oracle, SAP, Odoo, …
Additional types of IS
OAS = office automation systems
o Text processing, voicemail, e-mail, scheduling systems, …
KWS = knowledge work systems
o Specialized for scientists, engineers, … to obtain new knowledge
3
, o Computer-aided design (CAD), VR systems, stability calculations, …
1.2) Strategy
Porter’s five forces theory
Profitability different across industries
Variability cannot be attributed only to internal competition
Additional factors relate to positioning firms in their external competitive
environment
1) Threat of new entrants
Entry barrier, ex. Capital costs, knowledge, customer expectations, …
Porter: lower entry barrier: profitability decreases
2) Bargaining power of suppliers
Few suppliers higher prices, maybe lower quality, strict delivery schedules
Example: milk farmer (few) <-> supermarket (many)
Porter: higher bargaining power of suppliers: profitability decreases
3) Bargaining power of buyers
Few buyers higher price sensitivity
Example: Apple: 40% return on iPhones (very high), many customers, status symbol
Porter: higher bargaining power of buyers: profitability decreases
4) Threat of substitute products or services
More alternative products higher threat
Porter: higher threat of substitute products/services: profitability decreases
5) Rivalry among existing competitors
More competitors (oligopoly) higher price competition
Porter: higher rivalry among existing competitors: profitability decreases
Common business strategies
4
, Advantages
o Applicable to any company in any industry
o Detailed explanations for firm/industry profitability
o Reasoning behind firm’s strategic position based off its external environment
o
Disadvantages
o Limited use for determining future strategy
o Few concrete guidelines on how to implement
Value chain model
- Allows to better understand impact of IT on strategy
- Focus first: internal functioning, then: value chain of suppliers/customers
- Understand how IT can contribute to competitive advantage
Primary activities
1) Inbound logistics:
o Bring in raw resources (raw material control, receiving process)
o How IT creates competitive advantages
Automated warehousing system
Automated quality control
Automated packing and loading of trucks
2) Operations:
o Making the product of service (manufacturing, maintenance)
o How IT creates competitive advantages
Computer-controlled machining systems
Operational efficiency
3) Outbound logistics:
o Deliver the product or service (finished goods, order handling)
o How IT creates competitive advantages
Automated shipment scheduling system
Online point-of-sale
4) Marketing and sales
o Market product/service (customer management, order taking, promotion, …)
o How IT creates competitive advantages
Computerized ordering systems
Targeted marketing
5) Customer service
o Provide customer support (warranty, maintenance, education, upgrades)
o How IT creates competitive advantages
CRM = customer relationship management systems
Support activities: competitive advantages
1) Administrative coordination and support systems
o Decision support system, collaborative workflow systems
2) Human resource management
5
, o Workflow planning systems, employee benefit intranet, HR analytics
3) Product and technology development (R&D)
o Computer aided design systems
4) Procurement
o E-commerce web portal for suppliers, reverse auctions
Conclusion: alignment between business and IT is an absolute necessity
Strategic alignment model
Henderson & Venkatraman (1993)
- External (strategy level)
o Business strategy <-> ICT strategy
- Internal (operational level)
o Operational infrastructure & processes <-> ICT infrastructure & processes
Strategic fit (internal – external)
o Business strategy addresses both internal and external domains
Internal: administrative structure + design business processes
External: business environment, how to differentiate from competitors
o Fix internal-external domain is critical maximizing economic performance
o ICT strategy should also address both internal and external domains
Internal: how should IT infrastructure be managed & configured
External: how is the firm positioned in the I marketplace
IT should not be seen as a support function not essential for business
Functional integration (business – ICT)
o Strategic integration: integrate IT strategy and business strategy
Impact of IT strategy on business?
Impact of business strategy on IT?
o Operational integration: organizational/IS infrastructure and processes
Internal coherence between requirements and expectations what IS
can deliver
o Potential problems:
Top manager (CEO, CIO, CDO, …): ill-informed, reluctant to be involved
End user: reluctant/impatient to use IT
IT professional: lacks a strategic view
1) Strategic execution:
= Business strategy operational infrastr. & processes ICT infrastr. & processes
(airline companies)
2) Technology transformation:
= Business strategy ICT strategy ICT infrastructure & processes (Walmart)
3) Competitive potential:
= ICT strategy business strategy operational infrastr. & processes (Google)
6
, 4) Service level:
= ICT strategy ICT infrastr. & processes oper. infrastr. & processes (Microsoft)
1.3) Governance
“The collection of mechanisms, processes and relations used by various parties to control
and to operate a corporation”
regulate risk, reduce opportunity for corruption, maintain legal and ethical standards
assign responsibilities to different stakeholders
- Board of directors
- Managers
- Employees
- Shareholders, …
complication: principal agent problem:
Conflicting interests between shareholders (principal) and management (agent)
Sarbanes-Oxley Act (2002) (SOX)
- Protect shareholders and public from accounting errors/fraud
- Improve accuracy of corporate revelation
US federal law setting new standards of publicity traded companies
o Top management: must individually certify accuracy of financial information
o Fraudulent activities: severe penalties
o Increased independence for external auditors (controls organization)
Regulates audit firms that audit companies that must comply with SOX
Section 404: assessment of internal control
o All financial information can be tracked to its origin (lineage)
o Management responsible for
Maintaining sufficient internal control
Structure and procedures for financial reporting
Internal control
= process, by entity’s board of directors, management, and other personnel,
designed to provide assurance regarding achievements of objectives relating to:
o Effectiveness and efficiency of operations
o Reliability of financial reporting
o Compliance with applicable laws and regulations
COSO internal control – integrated framework
Committee of sponsoring organizations of the Treadway Commission
o IMA, AAA, AICPA, IIA, FEI
Most important internal control framework for obtaining SOX compliance
7
, COSO 2013
o Most commonly used framework for demonstrating SOX compliance
Not IT specific
IS/IT governance frameworks: COBIT
o Big business for consulting firms
IS governance
= organizational capacity exercised by board of directors (primary responsibility),
executive management and IT management, to control formulation/implementation
of IT strategy, and ensure alignment of business and IT
IS governance mechanisms
o Structures (CIO, IT steering committee)
o Processes (portfolio management, SLA)
o Relational mechanisms (job rotation, co-location, cross-training)
COBIT
= business framework for governance and management of enterprise IT
o Set of tools, ensures IT is working effectively, generates value
o Common language to communicate goals to all stakeholders
o Integrates industry standards and good practices in:
Strategic alignment of IT with business goals
Value delivery services and new projects
Risk, resource and performance management
o Most widely accepted standard for demonstrating SOX compliance for IT-
centered organizations
- Developed by ISACA (= information systems audit and control association) in 1996
o International, professional association for IT governance and audit
o Not scientifically grounded
- COBIT 5 (2012) and COBIT 2019 (latest version)
- Used by more than 60% of firms
8
, Top 4 benefits of COBIT according to ISACA
1) IT integrations
2) Improved risk management
3) Discovery of gaps in security
4) Creating a framework that provides more visibility to the board of directors
Governance principles
1) Provide stakeholder value
2) Holistic approach
3) Dynamic governance system
4) Governance distinct from management
5) Tailored to enterprise needs
6) End-to-end governance system
Governance objectives:
o EDM = evaluate, direct and monitor
Management objectives:
o APO = align, plan and organize
o BAI = build, acquire and implement
o DSS = deliver, service and support
o MEA = monitor, evaluate and assess
RACI chart (responsible, accountable, consulted, informed)
= represents roles and responsibilities of people involved in a project
9