Information Systems and Data
Analytics
How do we effectively develop, deploy
and manage information systems?
As a data driven manager, what are the
challenges in the coming years?
Strategy Triangle
Business Strategy
Organizational
Strategy
Information
Strategy
This lesson is an overview of just some of the
CIO challenges in the areas of IS development,
deployment and management
• Development
– ROI justification for IS
projects
– Traditional vs. Agile
– Design thinking
• Deployment
– Cloud computing / SaaS
• Management
– Data security and privacy
– Business continuity
planning
• Alignment
– SOA
DEVELOPMENT
Methodology Selection
• System Development Life Cycle (SDLC) vs.
Agile approach
– SDLC, sometimes called a waterfall approach, is
a linear and comprehensive process for
information system development
– Whether your consultant uses a 5, 7, or 9 step
SDLC, the process is still basically preliminary
investigation, analysis, design, implementation
and maintenance
System Development Life Cycle (SDLC)
• Preliminary
Investigation
– Identify the objectives of the
new IS and “make a case” for
it
• Analysis
– Fully understand the logical
system
• WHAT the information
system will do, not HOW it
will do it
• Design
– Determine how to convert
the logical design into a
physical design
• Implementation
– Install, test and implement
the new system
• Maintenance
– Insure that the system
continues to meet the needs
of the users
IN CLASS DISCUSSION:
Advantages of SDLC approach
• Forces a systematic,
structured process
• Enforces quality and
maintains standards
• Lower probability of missing
important issues in
collecting user
requirements
Disadvantages of SDLC approach
Agile Development Methodologies
CIO Reading Agile Programming
• Responding to the need for more timely
development, agile methodologies have
been developed
• “Evolutionary delivery”
Iterative (or phased) Life Cycle
http://www.izenbridge.com/blog/project-management-life-cycle-iterative-adaptive/
• Iterative and incremental life cycles are ones in which project
phases (also called iterations) intentionally repeat one or
more project activities as the project team’s understanding of
the product increases. Iterations develop the product
through a series of repeated cycles, while increments
successively add to the functionality of the product.
– Used for projects where change in the scope need to be managed
– Plan is detailed for coming iterations and high level vision is created
for rest
– Change during the project is naturally handled in upcoming iterations
– The end result is delivered at the end of each iteration
– E.g. a yearlong project will have 3 months iterations and each
iteration will execute Planning, Analysis, Design, Code, Testing phases
and deliver the result at the end of the iteration
Iterative Project Management
• A working solution is delivered from every
iteration
• Objective is to show an intermediate/
incomplete solution and ask for feedback
• These changes are integrated and another
incomplete solution is produced
Agile (Adaptive) Life Cycle
http://www.izenbridge.com/blog/project-management-life-cycle-iterative-adaptive/
• “Adaptive life cycles (also known as change-driven or agile
methods) are intended to respond to high levels of change
and ongoing stakeholder involvement. Adaptive methods are
also iterative and incremental, but differ in that iterations are
very rapid (usually with duration of 2 to 4 weeks)”
– Used for projects where rapid changes are expected and scope is not
possible to define up front
– Scope is decomposed into a set of requirements known as product
backlog and getting picked as per priority from the set in every
iteration
– Project phases proceed through sequential or overlapping mode in
every iteration
– Change during the project is naturally handled in rapid iterations
– The end result is delivered at the end of each 2-4 week iteration
Agile Life Cycle
http://www.izenbridge.com/blog/project-management-life-cycle-iterative-adaptive/
• “Adaptive life cycles (also known as change-driven or agile
methods) are intended to respond to high levels of change and
ongoing stakeholder involvement. Adaptive methods are also
iterative and incremental, but differ in that iterations are very
rapid (usually with duration of 2 to 4 weeks)”
– E.g. a yearlong project will have multiple 2-4 week iteration and each
iteration will execute Planning, Analysis, Design, Code, Testing phases
and deliver the result at the end of the iteration
• Intermediate versions are released to a focus group every 2-4
weeks
• Fully supported production versions of partial solutions are
released to the end user quarterly or semi-annually
IN CLASS DISCUSSION:
Advantages of agile approach
• Systems can be deployed
quickly
• Helps clarify user
requirements
• Works well for ill-defined or
evolving problems
• Promotes user participation
and close work relationships
between developers and
users
Disadvantages of agile approach
DEVELOPMENT: Design Thinking
• https://www.youtube.com/watch?v=a7sEoEvT8l8
• https://www.youtube.com/watch?v=_r0VX-aU_T8 (4 minutes)
IN CLASS DISCUSSION:
What are the similarities and
differences in Agile Development
and Design Thinking?
AGILE
DESIGN
THINKING
DEPLOYMENT
Cloud Computing
• Dynamic provisioning of IT capabilities (hardware,
software, or services) from third parties over a
network
– In this model of computing, all the servers, networks, applications are
made available to IT and end users via the Internet, in a way that
allows IT to buy only the type and amount of computing services that
they need
– The cloud model differs from traditional outsourcers in that
customers don't hand over their own IT resources to be managed.
Instead they plug into the "cloud" for infrastructure services, platform
(operating system) services, or software services
• Treating the "cloud" much as they would an internal data center
Cloud Computing: Pros
• Quick deployment
– Add capacity or applications almost at a moment's notice
• Metered cost
– Pay-as-you-go approach for storage, processing and applications
means more efficient use of IT spending
• Little or no capital investment
– Costs don't stay on the books for years
• Little or no maintenance cost
• Lower costs
– Many customers use the same infrastructure, so the vendor is able to
buy in bulk and amortize costs over more customers, potentially
lowering per-unit cost to each customer
DEPLOYMENT
Software as a Service (Saas)
SaaS is software that’s developed and hosted by
the SaaS vendor and which the end user
customer accesses over the Internet. Unlike
traditional packaged applications…the SaaS
vendor owns the software and runs it on
computers in its data center. The customer does
not own the software but effectively rents it,
usually for a monthly fee. SaaS is sometimes
also known as…“on-demand.”
10 FAQs about SaaS
https://www.softwareadvice.com/resources/saas-10-faqs-software-service/
CLASS DISCUSISON:
What are the pros and cons of
cloud computing from an
organizational perspective?
Are they the same for SaaS?
MANAGEMENT: Data Security
• IS security and data privacy could easily be
course unto itself
• Virtually every topic we have discussed (ERP,
mobile BI, big data) has its own particular
security concerns
• Broadly, the security lifecycle is protect,
detect and react
Security in Electronic Transactions
Figure 15.7 on p. 661 in Turban et. al.
It is plain stupid to use something that you can’t change and that
you leave everywhere every day as a security token”, said Frank
Rieger, spokesperson of the CCC
MANAGEMENT: Data Privacy
• European Union General Data Protection
Regulation (EU GDPR)
MANAGEMENT: Data Privacy
• European Union General Data Protection
Regulation (EU GDPR)
– https://eugdpr.org/the-regulation/
• Increased territorial scope
– all companies processing the personal data of data
subjects residing in the Union
• Substantially increased penalties
– rules apply to both controllers and processors – meaning
‘clouds’ are not exempt from GDPR enforcement
• Clear consent (and option to change consent)
– companies are no longer able to use long illegible terms
and conditions full of legalese
MANAGEMENT: Data Privacy
• Consumer Privacy Bill of Rights Act –
proposed in 2015
– Give consumers more control over their data
– Require companies to be clear about their
stewardship over data
• Develop their own policies but meet
requirements/inspection of Federal Trade
Commission (FTC)
– Established fines based upon the number of days in
violation
MANAGEMENT: Data Privacy
• Customer Online Notification for Stopping
Edge-Provider Network Transgressions
(Consent) – proposed in 2018
– Require FTC to develop policies
• Reasonable data security practices
• Notifying users in the event of a breach
• Notifying users about collection and use of personal
information
• Require opt-in consent to use, share or sell personal
information
MANAGEMENT: Data Privacy
• Without movement on a national data
security policy, some states are developing
their own
– California Consumer Privacy Act – passed
August 2018 and will become effective 2020
• Strongly opposed by large technology companies,
including Amazon, Microsoft, Facebook, Google, etc.
IN CLASS DISCUSSION:
What are the problems with statelevel privacy legislation?
IN CLASS DISCUSSION:
With a time machine, which option
would be best for tech firms?
Citizens?
(A)Company driven policies with FTC oversight
(B) FTC driven federal policies
(C) State level policies
(D)Other?
Strategy Triangle
Business Strategy
HOW?
Organizational
Strategy
Information
Strategy
Relationship Between Business, IS and IT
Strategies
Figure 12.4 (Figure 13.2)
Strategic Alignment
• Aligning IS strategy so that IS priorities,
decisions and projects are consistent with
the needs of the entire business
– Linear
• Timely?
• Cost effective?
• Agile?
Beyond Alignment
King (2010)
• Vanguard, Zappos, Southwest, Progressive,
P&G…IT doesn’t just support the business;
it enables and continually transforms the
business, often creating new revenue and
profit streams
How did these companies align
strategy and IT?
• Shared vision
– “an enterprise vision or goal hovers above every department and
project plan and is crystal clear to every employee”
• Job rotation
– Everyone needs to know the business and speak
the same language
• Every employee at Progressive takes a insurance
course
• Comparison pricing from their web site so IT needs
to understand insurance pricing
Service Oriented Architecture (SOA)
• The goal of SOA is to allow fairly large chunks of
functionality to be strung together to form ad hoc
applications which are built almost entirely from
existing software services.
• Timely, cost-effective and agile?
– The great promise of SOA is that the marginal cost of creating the nth
application is zero, as all of the software required already exists to satisfy
the requirements of other applications.
– Only orchestration is required to produce a new application.
– Services are developed using traditional languages like Java, C#, C++ or
Cobol
• Underlying and enabling all of this is metadata
which describes not only the characteristics of
these services, but also the data that drives them
Is SOA a technology? A Product?
• SOA is an architecture and requires a
retooled IT infrastructure
• SOA effort can be incremental, gradually
replacing traditional applications
– Can take 5 or more years to fully deploy
• Requires a different skill set in IT
– Object orientation, business analysts, data
architects
Achieving the promise of SOA
requires firm commitment from
the CIO – with support from the
rest of the business – to think
differently.
Gruman, 2006
Alignment can’t happen with a CEO (or CIO)
who views IS/IT as technicians
Business Strategy
LEADERSHIP
Perhaps the driver
has been this corner
all along?
Organizational
Strategy
Information
Strategy
“The lines between IT and business are
blurring…and it’s clear that someone has
to manage both.”
Q1\ Review the PPT in attaches and answers the following questions in word form (short answer)
1234-
Disadvantages of SDLC approach
Disadvantages of agile approach
What are the similarities and differences in Agile Development and Design Thinking?
What are the pros and cons of cloud computing from an organizational perspective?
Are they the same for SaaS?
5- What are the problems with state-level privacy legislation?
6- With a time machine, which option would be best for tech firms? Citizens?
A. Company driven policies with FTC oversight
B. FTC driven federal policies
C. State level policies
D. Other?
Q2\ After reading Von Simson's (Links to an external site.)Links to an external site.
description of the evolution of the CIO position and the lecture, discussion, notes and
readings about the development, deployment and management of IS, what does the future
hold for the CIO position? What will the career path look like?
If we were writing a book for CIOs in training (CIO for Dummies? Worst Case-Scenario
Survival Handbook: CIO Edition?), we would definitely need a chapter on _____. Make a
pitch for your chapter. Why is that skill/topic so critical to the CIOs of today and
tomorrow? Outline the chapter material.
This is not intended to be a research project, but you may choose to incorporate additional
readings. If so, please make sure you include the citations. Suggested page length 2-3 pages.
Purchase answer to see full
attachment