Presentation is loading. Please wait.

Presentation is loading. Please wait.

CRICOS Provider Number 00103D 1 LN-4 Information Management Strategy ITECH 1005/5005: Business Information Systems Dr Zhaohao Sun GSITMS, University of.

Similar presentations

Presentation on theme: "CRICOS Provider Number 00103D 1 LN-4 Information Management Strategy ITECH 1005/5005: Business Information Systems Dr Zhaohao Sun GSITMS, University of."— Presentation transcript:

1 CRICOS Provider Number 00103D 1 LN-4 Information Management Strategy ITECH 1005/5005: Business Information Systems Dr Zhaohao Sun GSITMS, University of Ballarat

2 CRICOS Provider Number 00103D 2 After reading this chapter or LN-4, you will be able to Justify the need for a defined information management (IM) strategy; Relate IM strategy to other organizational strategies; Describe the management issues that need to be addressed in an IM strategy. Objectives and Outcomes

3 CRICOS Provider Number 00103D 3 Typical questions facing managers related to this topic: Do we need an IM strategy? How does the IM strategy relate to IT/IS and knowledge management (KM) strategies? How should we structure and resource information management? Which management controls should be built into an information strategy? Management Issues

4 CRICOS Provider Number 00103D 4 Organisational strategy defines the future direction and actions of an organization or part of an organization. For example, Johnson and Scholes (2003) define organizational or corporate strategy as:the direction and scope of an organisation over the long- term: which achieves advantage for the organisation through its configuration of resources within a changing environment to meet the needs of markets and to fulfil stakeholder expectations. Chaffey 2011:163 Organisational Strategy

5 CRICOS Provider Number 00103D 5 This definition highlights the following elements of strategy: 1. Strategies define the future direction of an organization. 2. Strategies are devised to achieve advantage for the organization (strategic objectives). 3. Strategies define the allocation of resources to achieve this advantage. 4. Strategies are primarily driven by the needs of the organization, but also by the needs of stakeholders such as shareholders, customers, suppliers or employees. 5. Strategies should be responsive to the dynamic environment in which an organization operates. Chaffey 2011:163 Strategy Elements

6 CRICOS Provider Number 00103D IM Strategy IM Strategy define management approaches to the organisation, control and application of organisational information resources through coordination of people and technology resources in order to support organisational strategy and processes. Information assets of an organisation is a resource People resources Technology resources They must been structured and controlled. Chaffey 2011:163 6

7 CRICOS Provider Number 00103D Why is an IM strategy needed? Information is an asset Knowledge is power Data and information Data are the raw numbers or facts. Information is produced when those data are analysed. Knowledge is having an understanding of the significance of that information Data and information needs-concerns about data quality Data and information needs-concerns over time, quality and cost. Chaffey 2011:164 7

8 CRICOS Provider Number 00103D The Information lifecycle The sequence of activities involved in IM from creation through to permanent deletion of information. Information lifecycle consists of the following activities (steps): capture, organise, process, maintain, and destroy. See Fig The Information lifecycle Chaffey 2011:166 8

9 CRICOS Provider Number 00103D 9 Poor customer service (cant answer queries) Poor decision making (relevant info unavailable) Difficult to win new business (B2B) Poor understanding of market dynamics and customer needs (B2C and B2B) Difficult to control through management metrics Information cannot be used to deliver value Organisational problems of poor data quality

10 CRICOS Provider Number 00103D 10 Mini case 1 – the utility company Utility companies are fighting tooth and claw to gain and retain customers. One utility company estimated that it lost an average of 30 customers per day or more than 10,000 customers per year, because staff did not have access to the right information to handle customer queries. This was equivalent to $5.5 million in lost revenue. Mini case 2 – the bank Inconsistent information and structures between different systems often means that the same data have to be entered into more than one system. A study at a UK bank estimated that duplication of effort totalled more than $3.2 million per year. Mini case 3 – the insurance company An insurance company spent $67 million developing a replacement information system. After acquisition of another company, they found it would cost nearly the same amount to adapt the system to their new requirements. If the previous system had an adaptive information architecture this effort and cost would have been avoided. Source: Evernden and Evernden (2003) Example problems with information management

11 CRICOS Provider Number 00103D 11 Figure 4.2 Problems with organizational data quality (Chaffey 2011:168) Problems with organisational data quality

12 CRICOS Provider Number 00103D 12 It becomes possible to integrate all information activities, and to use all information quickly and effectively to make efficient business decisions. Promotes openness of communications throughout the company, both between and within levels. Will foster a culture of innovation and knowledge sharing. Forms a sound strategy for investment in information systems and technology. Ensures that awareness of opportunities and threats is communicated throughout the company, and allows timely responses to these. Source: Orna (1999) Benefits of an IM strategy

13 CRICOS Provider Number 00103D 13 Figure 4.4 Principal options for ownership of IM strategy Chaffey 2011:174 Principal options for ownership of IM strategy

14 CRICOS Provider Number 00103D Schools of Studying Business IM Different academic fields of study related to business IM also have different emphases. These naturally mirror the information-led and technology-led approaches of business The main fields of study are (named as school of) IM, IT/IS, Knowledge management (KM) Behaviour control Management control. Chaffey 2011:175 14

15 CRICOS Provider Number 00103D 15 Focus: Selecting appropriate technology to support decision making Typical job titles: IT or IS Manager Strengths (+) and weaknesses (-): - IT applied to support operational and tactical decision making - IT less effective in supporting strategic decisions involving unstructured dynamic information - Focus on Return on Investment (RoI) of new systems - Limited focus on how information is used by people Chaffey 2011:176 Information Technology School

16 CRICOS Provider Number 00103D 16 Focus: Managing the information lifecycle for different types of information. Knowledge management. Typical job titles: Chief Information Officer (CIO),Information or library services manager Strengths (+) and weaknesses (-): + Information viewed as a strategic resource to be managed - IM not commonly viewed as of strategic importance, so often relegated to low-level departmental roles - Difficult to establish value of information and ROI for knowledge management (KM) initiatives Chaffey 2011:176 Information Management (IM) School

17 CRICOS Provider Number 00103D 17 Focus: Improving peoples information usage behaviours and values (Informal, but related to KM activities sometimes instigated through human resources) Typical job title: HR Managers Strengths (+) and weaknesses (-) + Recognises the importance of motivating, rewarding and managing staff to promote change to best practices - Improving Information usage and behaviours not seen as a significant part of the role for HR - Limited research and dissemination of best practice on this topic Chaffey 2011:176 Behaviour and Control School

18 CRICOS Provider Number 00103D 18 Focus: Using information to manage people and link their performance to business performance Typical job titles: Chief Executive Officer (CEO), senior managers and directors Strengths (+) and weaknesses (-): + Helps to link individual and business unit performance to company performance - Control viewed negatively by staff as a way of making them work harder rather than work smarter Chaffey 2011:176 Management Control School

19 CRICOS Provider Number 00103D 19 Figure 4.5 Different forms of strategy needed for effective business information management (Chaffey 2011:177) Strategy needed for effective BIM IM Strategy (Ch 4) IS Strategy (Ch 6) KM Strategy (Ch 5)

20 CRICOS Provider Number 00103D 20 Stages in the Strategy Process (SOSAC) 1. Where are we now? – the situation analysis (S). 2. Where do we want to be? –the vision and objectives (O). 3. How are we going to get there? – the strategy (S). 4. How do we introduce the changes? – the implementation of the strategy (Action: A). 5. How are we doing? – the monitoring and control of strategy (Control: C). Chaffey 2011:177 Developing an IM strategy

21 CRICOS Provider Number 00103D 21 Ten strategic issues (The Hawley Committee IM Guidelines) 1 Information relevance 2 organizational significance of information management 3 Legal and ethical compliance 4 Assessing information value 5 Information quality 6 Legal and ethical compliance with specific reference to information lifecycle management 7 Information management skills of employees 8 Information security including risk management 9 Maximising value from information 10 Information systems strategy Chaffey 2011:179 IM Strategy Issues

22 CRICOS Provider Number 00103D 22 How information is acquired, recorded and stored Where information resources are located in the organization and who has responsibility for them How information flows within the organization and between the organization and the outside world How the organization uses it [information quality] How people who handle it apply their skills and co- operate with one another How information technology supports the users of information What information costs and the value it contributes How effectively all these information-related activities contribute towards achievement of the organizations objectives Chaffey 2011:177; Ornas IM issues (1999) IM is concerned with

23 CRICOS Provider Number 00103D 23 Figure 4.5 The relationship between Ornas tools for IM (Chaffey 2011:182) Source: BIM Information policy, audit and strategy

24 CRICOS Provider Number 00103D IM Themes and approaches There are many themes and approaches in IM Strategies. themes and approaches:= topics. Themes (5) Information value, Information quality, Information security, legal and ethical compliance, KM, Technology support Approaches (6): Structuring the IM function, Responsibilities, Information resource analysis, Information policy, risk management Chaffey 2011:

25 CRICOS Provider Number 00103D 25 An IM strategy forces an organisation to question the value of its information. Information can be classified into 4 categories according to its value to current strategy and future strategy: 1.Strategic information. Information is critical to business and of greatest value. 2.High potential information. The potential value to the business may be high, but it is not confirmed. 3.Key operational information. Information is essential for core processes and its value is enhanced by horizontal integration 4.Support information. Needed for supporting the operation of the business Chaffey 2011:183-4 IM Theme 1: Information Value

26 CRICOS Provider Number 00103D 26 Content dimension AccuracyInformation correct RelevanceInformation can support decision making CompletenessNo data items missing ConcisenessInformation is not too detailed ScopeMay be broad or narrow, internal or external to the organization Time dimension TimelinessAvailable when needed. Immediate or real-time information is a common requirement. Alerts are also a requirement CurrencyInformation is up-to-date. FrequencyInformation supplied at appropriate regular intervals Time periodA time-series covers the right period of time Form dimension ClarityInformation readily interpreted DetailBoth summary dashboard views and detailed drill-down views may be required OrderData sorted in a logical order and can be modified PresentationTabulations and graphs MediaHard copy (print-outs) and soft copy (electronically stored and displayed) IM Theme 2: Information Quality (Chaffey 2011:185)

27 CRICOS Provider Number 00103D 27 BS7799 standard defines the following process for information security: Plan - business risk analysis Do - internal controls to manage the applicable risks Check - a management review to verify effectiveness Act - action as necessary Ten guiding principles (see LN-11): 1. Security Policy 2. Security Organization 3. Asset Classification & Control 4. Personnel Security 5. Physical & Environmental Security 6. Communication & Operations Management 7. Access Control 8. Systems Development & Maintenance 9. Business Continuity Planning 10. Compliance (Chaffey 2011:186-7) IM Theme 3: Information Security

28 CRICOS Provider Number 00103D 28 Examples of information privacy issues Sharing customer data with a third party without the customer s consent. Sending out unsolicited to a consumer. An from an employee which denigrates another organization or defames an individual. Monitoring employee access to data and online services. Not providing online access suitable for those with visual impairment. Records access – The modification, the person who modified it and time it was made should be recorded. Records Disposal – The information policy may need to specify how long records are kept before they are deleted for legal compliance. (Chaffey 2011:187-8) IM Theme 4: Legal and Ethical Issues

29 CRICOS Provider Number 00103D 29 Typical questions facing managers related to KM (Week 5, LN-5): How do we use knowledge to increase organizational efficiency and competitiveness? How can ICT support a knowledge management strategy? What are typical barriers to effective knowledge management? How should knowledge management strategy be aligned with corporate strategy? (Chaffey 2011:188) IM Theme 5: Knowledge Management

30 CRICOS Provider Number 00103D 30 Typical questions facing managers related to this topic (Chapter, 2, 3, 6): How should we align IS strategy with business strategy? How should Information and Knowledge management strategies be integrated with IS strategy? Who should be responsible for IS strategy within an organization? How can organizations evaluate and control the effectiveness of IS strategy? (Chaffey 2011:188) IM Theme 6: Technology/System Support

31 CRICOS Provider Number 00103D 31 An information management unit is responsible for IM strategy within an organisation. provides a focus for improving IM that everyone in the organization is aware of. The creation of this unit demonstrates a commitment by senior management to IM since they have empowered the group with the resource and responsibility to improve IM. Chaffey 2011:189 IM Management Approach 1: Structuring the IM function

32 CRICOS Provider Number 00103D 32 Evernden and Evernden (2003) suggest that when developing an information architecture for an organization, there should be four types of responsibility or ownership: 1. Governance responsibility. 2. Stewardship responsibilities. 3. Infrastructure responsibilities. 4. Usage responsibilities. Chaffey 2011:192 IM Management Approach 2: Responsibilities

33 CRICOS Provider Number 00103D 33 The joint IS committee (JISC) of the UK suggests that it is important to identify clear responsibilities for information. They envisage five main roles: 1.Information strategy committee. 2.Information (strategy) manager/director. 3.Information custodians. 4.Information users. 5.Information service. Chaffey 2011:193 JISC Responsibilities

34 CRICOS Provider Number 00103D 34 Chief information officer (CIO) Managers with responsibility for information assets and/or IS strategy. CIO is a senior post with a wide remit and that it has a 'dotted line' chain of command linking the CIO into decisions made on IT and information services within each of ICI's four business units. in several cases, companies were confused by the question of whether they had someone that fitted the description of a chief information officer (CIO). They tended to say: Yes, we have a CIO, but he (and it is usually a he) handles IT without ever getting involved with information services. Chaffey 2011:194 The CIO

35 CRICOS Provider Number 00103D 35 Information audit and information mapping are two techniques for Information resource analysis a systematic examination of information use, resources and flows, with a verification by reference to both people and existing documents, in order to establish the extent to which they are contributing to an organization's objectives. Information audit: an evaluation of the usage and flows of information within an organisation. Chaffey 2011:192 IM Management Approach 3: Information Resource Analysis

36 CRICOS Provider Number 00103D 36 An approach for identifying the value of and relationships between organisational information resources. Using this approach information resource entities (IREs) are identified. These include information sources, systems and services. IREs are then plotted on a organizational information matrix with these axes: Information holdings (goods that produce revenues and reports) Information handling function (responsibilities for managing information such as library or information resource) Information content (specific content) Information media (form in which information is captured, stored or accessed such as internal mail, application, intranet, ) Chaffey 2011:197 Information Mapping

37 CRICOS Provider Number 00103D 37 Information Policy is a statement of an organisations approach to IM. Information policy should be : At the level of principles Fairly short statements (providing principles by which future action may be conditioned) Each developed at one go (as a result of preparatory work) Meant to be robust enough to last (not detailed action plans) This differs from the information strategy which is used to support action through a plan for a specific period (yearly, three yearly). Chaffey 2011:197 IM Management Approach 4: Information Policy

38 CRICOS Provider Number 00103D 38 Risk management is used to identify potential risks in a range of situations and then take actions to minimize the risks. Risk management typically has these four steps: 1. Identify risks including their probabilities and impacts. 2. Identify possible solutions to these risks. 3. Implement the solutions targeting the highest impact, most likely risks. 4. Monitor the risks to learn for future risk assessment. Chaffey 2011:199 IM Management Approach 5: Risk management

39 CRICOS Provider Number 00103D 39 Area of riskSolution for reducing risk 1Accidental damage or loss (including disk corruption) Back up and restore procedures (See Chapter 11 for further details) User education 2Deliberate acts of theft, abuse, vandalism etc. Security procedures such as anti-virus software, firewalls (See Chapter 11) Employee contracts and disciplinary procedures 3Loss of peopleEmployee contracts Succession planning 4Inaccurate or untimely informationValidation and verification procedures (see Chapter 11) Staff development and training 5External relations Security procedures Contractual measures 6Intellectual Property Rights (IPR)Employee contracts Registration of IPR 7Destruction of facilitiesDisaster recovery planning (See Chapter 11) 8Legal accountability Protection and security Employee training Risk management assessment for IM (Chaffey 2011:199)

40 CRICOS Provider Number 00103D 40 Summary Justify the need for a defined information management (IM) strategy; Relate IM strategy to other organizational strategies; Describe the management issues that need to be addressed in an IM strategy. Read the summary in Chaffey ( )

41 CRICOS Provider Number 00103D 41 References Chaffey and White (2011) Business Information Management © Pearson Education Limited Chaffey and Wood (2005) Business Information Management © Pearson Education Limited Harvey W. LN , UB Sun, Z (2010), LN-4, 2010, UB.

Download ppt "CRICOS Provider Number 00103D 1 LN-4 Information Management Strategy ITECH 1005/5005: Business Information Systems Dr Zhaohao Sun GSITMS, University of."

Similar presentations

Ads by Google