08 April 2016

♜Strategic Management: Disaster Recovery Plan [DSP] (Definitions)

"A plan that establishes technical and organizational measures in order to face events or incidents with potentially huge impact that could even lead to the unavailability of data centers. The DRP development defines and ensures IT emergency procedures that intervene and protect the data relevant for the company activities and services. DRP is usually considered as the only part of the BCP in banking business continuity initiatives." (Vincenzo Morabito & Gianluigi Viscusi, "Information Technology Business Continuity", 2009)

"Generally a plan for enabling an organization to move to alternate system, network, and operational facilities in the event of an incident making the primary facilities unusable." (C Warren Axelrod, "Responsibilities and Liabilities with Respect to Catastrophes", 2009)

"A contingency plan that goes into effect after a full disaster occurs, used to reestablish basic capabilities and resources." (Annetta Cortez & Bob Yehling, "The Complete Idiot's Guide® To Risk Management", 2010)

"A written plan that explains how a company will recover its IT operations after a natural or man-made disaster that causes data or hardware loss." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"A plan developed to help a company recover from a disaster. It provides procedures for emergency response, extended backup operations, and post-disaster recovery when an organization suffers a loss of computer processing capability or resources and physical facilities." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"Plans that document the steps you can take to replace damaged or destroyed components due to a disaster to restore the integrity of your IT infrastructure. " (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"A written plan for processing critical applications in the event of a major hardware or software failure or destruction of facilities." (NIST SP 800-82 Rev. 2)

"A written plan for recovering one or more information systems at an alternate facility in response to a major hardware or software failure or destruction of facilities." (NIST SP 800-34 Rev. 1)

"Management policy and procedures used to guide an enterprise response to a major loss of enterprise capability or damage to its facilities. The DRP is the second plan needed by the enterprise risk managers and is used when the enterprise must recover (at its original facilities) from a loss of capability over a period of hours or days." (CNSSI 4009-2015)

07 April 2016

♜Strategic Management: Cost-Benefit Analysis [CBA] (Definitions)

"The process of comparing the cost of achieving a goal against the benefit to be gained by its achievement." (Dale Furtwengler, "Ten Minute Guide to Performance Appraisals", 2000)

"An analysis to determine whether the favorable results of an alternative are sufficient to justify the cost of taking that alternative. This analysis is widely used in connection with capital expenditure projects." (Jae K Shim & Joel G Siegel, "Budgeting Basics and Beyond", 2008)

"An evaluation that determines the value of an approach relative to its costs and benefits; used in risk management to evaluate mitigation strategies." (Annetta Cortez & Bob Yehling, "The Complete Idiot's Guide® To Risk Management", 2010)

"Comparison of the estimated value of business benefits over time to the estimated cost of expenditures required to realize these benefits." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"Investigation to determine whether the benefits exceed the costs for a proposed course of action. Often used to evaluate whether to add features or complexity to a cost accounting system or to choose a course of action in a business decision." (Leslie G Eldenburg & Susan K Wolcott, "Cost Management" 2nd Ed., 2011)

"Study that helps in decisions on IT investments by determining if the benefits (possibly including intangible ones) exceed the costs." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011)

"A technique that weighs expected costs against expected financial and nonfinancial benefits (value) to determine the best (according to relevant criteria) course of action." (Project Management Institute, "The Standard for Portfolio Management 3rd Ed.", 2012)

"A financial analysis tool used to determine the benefits provided by a project against its costs." (For Dummies, "PMP Certification All-in-One For Dummies" 2nd Ed., 2013)

"An analysis of costs and benefits related to an expenditure. A CBA identifies and analyzes the costs and benefits to simplify the decision-making process." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"An estimate of the equivalent monetary value of proposed benefits and the estimated costs associated with a control in order to establish whether the control is feasible." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"A method of determining the expenses and impacts for a given investment. Example: a cost-benefit analysis will be used to determine whether we engage in a specific investment." (Gregory Lampshire, "The Data and Analytics Playbook", 2016)

"A financial analysis tool used to determine the benefits provided by a project against its costs." (Project Management Institute, "A Guide to the Project Management Body of Knowledge (PMBOK Guide ", 2017)

"A tool used in decision support special studies that can assist in the allocation of capital. Cost–Benefit Analysis is a systematic, quantitative method for assessing the life cycle costs and benefits of competing alternatives. It identifies both tangible and intangible costs and benefits." (Ciara Heavin & Daniel J Power, "Decision Support, Analytics, and Business Intelligence" 3rd Ed., 2017)

"An assessment that is performed to ensure that the cost of a safeguard does not outweigh the benefit of the safeguard. Spending more to protect an asset than the asset is actually worth does not make good business sense. All possible safeguards must be evaluated to ensure that the most security-effective and cost-effective choice is made." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide, 8th Ed", 2018)

♜Strategic Management: Disaster Recovery (Definitions)

"The ability of an organization to respond to a disaster or an interruption in services by implementing a disaster recovery plan to stabilize and restore the organization’s critical functions." (Disaster Recovery Journal & DRI, 2007)

"A process that is required after a major business disruption caused by the occurrence of a disaster." (Allen Dreibelbis et al, "Enterprise Master Data Management", 2008)

"The process of regaining access to data, hardware, or software after a computer based human or natural disaster." (Dwayne Stevens & David T Green, "A Strategy for Enterprise VoIP Security", 2009)

"This is a process that describes how to recover the IT environment after a disaster such as a fire destroying the IT building." (Martin Oberhofer et al, "The Art of Enterprise Information Architecture", 2010)

"the ability of an infrastructure to resume operations after a disaster. Disaster Recovery differentiates from Business Continuity Planning in that Disaster Recovery is primarily associated with resources and facilities, while BCP is primarily associated with processes." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"The coordinated activity to enable the recovery of IT (and other) systems due to a disruption." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"The planning, preparation, and testing set of activities used to help a business plan for and recover from any major business interruption and to resume normal business operations." (Robert F Smallwood, "Information Governance: Concepts, Strategies, and Best Practices", 2014)

"the process adopted by the IT organization in order to bring systems back up and running." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"An area of security planning that aims to protect an organization from the effects of significant negative events. DR allows an organization to maintain or quickly resume mission-critical functions following a disaster." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"The planning for and/or the implementation of a strategy to respond to such failures as a total infrastructure loss, or the failure of computers (CommServe server, MediaAgent, client, or application), networks, storage hardware, or media. A disaster recovery strategy typically involves the creation and maintenance of a secure disaster recovery site, and the day-to-day tasks of running regular disaster recovery backups." (CommVault, "Documentation 11.20", 2018)

"Is an organization's method of regaining access and functionality to its IT infrastructure, to continue the delivery of services that support business processes, after a disruptive incident." (Nelson Russo & Leonilde Reis, "Methodological Approach to Systematization of Business Continuity in Organizations", 2021)

04 April 2016

♜Strategic Management: Value Chain (Definitions)

"Sequence of processes that describe the movement of products or services through a pipeline from original creation to final sales." (Ralph Kimball & Margy Ross, "The Data Warehouse Toolkit 2nd Ed ", 2002)

"Framework for examining the strengths and weaknesses of an organization and for using the results of this analysis to improve performance." (Alan W Steiss, "Strategic Management for Public and Nonprofit Organizations", 2003)

"An end-to-end set of activities in support of customer needs, usually beginning with a customer request and ending with customer receipt of benefits." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"Sequence of business processes in which value is added to a product or service. Encompasses customers and suppliers as well as, in some cases, the customers' customers and the suppliers' suppliers." (Leslie G Eldenburg & Susan K Wolcott, "Cost Management" 2nd Ed., 2011)

"A linked set of value-creating activities that begins with basic raw materials coming from suppliers and ends with distributors getting the final goods into the hands of the ultimate consumer." (Thomas L Wheelen & J David Hunger., "Strategic management and business policy: toward global sustainability 13th Ed.", 2012)

"Composed of all the stakeholders (designers, suppliers, manufacturers, customers, and others) who add value to or receive value from specific products or services." (Joan C Dessinger, "Fundamentals of Performance Improvement" 3rd Ed., 2012)

"The set of both primary and support activities or processes that an organization sets up to perform in order to achieve its mission and goals." (Andrew Pham et al, "From Business Strategy to Information Technology Roadmap", 2016)

"A value chain is a set of activities that an enterprise operating in a specific industry performs to deliver a valuable product or service for the market." (by Brian Johnson & Leon-Paul de Rouw, "Collaborative Business Design", 2017)

"The linked set of activities/functions within a firm that interact to enable the final value-creating offering (product/service) of the firm. At the industry level, it can also mean the total set of value-adding links from the first supplier to the final user of a product/service." (Duncan Angwin & Stephen Cummings, "The Strategy Pathfinder 3rd Ed.", 2017)

"A sequence of vertically related activities undertaken by a single firm or by a number of vertically related firms in order to produce a product or service." (Robert M Grant, "Contemporary Strategy Analysis" 10th Ed., 2018)

"A value chain is a set of linked activities that transform inputs into outputs that in turn add to at least one of the ecological, societal or economic bottom lines and help create competitive advantages." (Rick Edgeman, "Lean and Six Sigma Innovation and Design", Encyclopedia of Information Science and Technology" 4th Ed., 2018)

"sequence of processes that creates a product/service that is of value to a customer" (ITIL)

29 March 2016

♜Strategic Management: Decision-Making (Definitions)

[decision-making:] "The process of making choices in a project team environment. Several types of decision-making are useful in projects: consensus, leader-imposed, delegated, voting, and scoring models." (Timothy J  Kloppenborg et al, "Project Leadership", 2003)

[semistructured decisions:] "Decisions in which only some of the phases are structured; require a combination of standard solution procedures and individual judgment." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

[strategic decision:] "refers to a decision that exhibits the following characteristics: it is made in a situation of uncertainty, of incomplete information, in a complex environment, variable/mutating environment (as opposed to 'all things being otherwise equal'); it is not recurrent, therefore the decision maker is relatively deprived; it may have far-reaching (favorable or adverse) consequences that could jeopardize the survivability of the enterprise; it is systemic (many elements with many relationships among them); the decision maker does not have experience-proven models (we cannot resort to 'turnkey' mechanisms). " (Humbert Lesca & Nicolas Lesca, "Weak Signals for Strategic Intelligence: Anticipation Tool for Managers", 2011)

[strategic decisions:] "Decisions for sustained enterprise success and business growth." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

[tactical decisions:] "Decisions ensuring that existing operations and processes are in alignment with business objectives and strategies." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

[decision-making processes:] "Management processes that define objectives, study alternatives, analyze available data, and reflect on intuitive beliefs. They interpret findings and compare alternates to form a conclusion or make a choice upon which the organization may act." (Carl F Lehmann, "Strategy and Business Process Management", 2012)

[microdecision:] "A small decision made many times by many workers at the front line of the organization. They usually have a significant impact on organizational performance due to their sheer volume." (Evan Stubbs, "Delivering Business Analytics: Practical Guidelines for Best Practice", 2013)

[decision-making:] "How decisions are made, based on what types of resources, information, and specific processes are available." (Jim Davis & Aiman Zeid, "Business Transformation: A Roadmap for Maximizing Organizational Insights", 2014)

[decision-making] "the process of making choices or reaching conclusions, especially on important political or business matters." (Ken Sylvester, "Negotiating in the Leadership Zone", 2015)

[tactical decisions:] "broader decision questions than operational ­decisions, semistructured in nature, some but not all information ­necessary to make the decision is available, primarily internally focused and made by middle-level managers." (Daniel J. Power & Ciara Heavin, "Data-Based Decision Making and Digital Transformation", 2018)

[operating or function-specific decisions:] "day-to-day, routine ­decisions with a concise decision question and a clear, well-defined, and structured algorithm to make a choice among alternatives." (Daniel J. Power & Ciara Heavin, "Data-Based Decision Making and Digital Transformation", 2018)

[strategic decisions:] "complex, nonroutine, unstructured decisions involving many different and connected parts. Some variables may not be well understood, often information required to make the decision may be unavailable, incomplete, and in some situations information may be known to be flawed or inaccurate. These decisions usually involve a high degree of uncertainty about outcomes. If implemented, strategic ­decisions often result in major changes in an organization." (Daniel J. Power & Ciara Heavin, "Data-Based Decision Making and Digital Transformation", 2018)

26 March 2016

♜Strategic Management: Business Value (Definitions)

"A concept that is unique to each organization and includes tangible and intangible elements. Through the effective use of project, program, and portfolio management disciplines, organizations will possess the ability to employ reliable, established processes to meet enterprise objectives and obtain greater business value from their investments. |" (Project Management Institute, "Software Extension to the PMBOK® Guide 5th Ed", 2013)

"The net quantifiable benefit derived from a business endeavor. The benefit may be tangible, intangible, or both." (Project Management Institute, "A Guide to the Project Management Body of Knowledge (PMBOK® Guide )", 2017)

"Entire value of the business; total sum of tangible (assets, fixtures, equity, utility) and intangible elements (goodwill, recognition, public benefit, trademarks): short, medium, or long term." (H James Harrington & William S Ruggles, "Project Management for Performance Improvement Teams", 2018)

25 March 2016

♜Strategic Management: Business Continuity Plan [BCP] (Definitions)

"A plan for ensuring that businesses will be able to recover from the effects of a destructive incident and continue to operate at an acceptable level." (C Warren Axelrod, "Responsibilities and Liabilities with Respect to Catastrophes", 2009)

"An emergency contingency plan that spells out how to recover and restore functions that have been partially or completely interrupted." (Annetta Cortez & Bob Yehling, "The Complete Idiot's Guide® To Risk Management", 2010)

"The advance planning and preparations which are necessary to identify the impact of potential losses, formulate and implement viable recovery strategies, develop recovery plan(s) which ensure continuity of organizational services in the event of an emergency or disaster, and administer a comprehensive training, testing, and maintenance program." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"Plan that outlines the process by which businesses should recover from a major disaster. Also known as a disaster recovery plan." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011)

"A methodology used to create a plan for how an organization will resume partially or completely interrupted critical function(s) within a predetermined time after a disaster or disruption. BCP differentiates from disaster recovery in that DR is primarily associated with resources and facilities, while BCP is associated primarily with processes." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"Overall planning lifecycle dedicated to analysis, design, implementation, testing, and maintenance of various elements designed to keep the organization operating even after a significant outage. Business continuity planning is a continuous process." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"This refers to the documented procedures and information that enable the organization and or business unit/third party agent to respond to a disruption, recover, and resume critical business functions." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"A business continuity action plan is a document or set of documents that contains the critical information a business needs to stay running in spite of adverse events. A business continuity plan is also called an emergency plan." (Adam Gordon, "Official (ISC)2 Guide to the CISSP" CBK 4th Ed., 2015)

"Plans that document the steps to restore business operation after an interruption. BCPs, along with DRPs, enable you to recover from disruptions ranging from small to large." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"Documented procedures that guide organizations to respond, recover, resume, and restore to a predefined level of operation following disruption." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Business continuity plans are made up of documented procedures. Organizations use these procedures to respond to disruptive incidents, to guide recovery efforts, to resume prioritized activities, and to restore operations to acceptable predefined levels. Business continuity plans usually identify the services, activities, and resources needed to ensure that prioritized business activities and functions could continue whenever disruptions occur." (ISO 22301:2012, 2012).

"Plan defining the steps required to restore business processes following a disruption" (ITIL)

"The documentation of a predetermined set of instructions or procedures that describe how an organization’s mission/business processes will be sustained during and after a significant disruption." (CNSSI 4009-2015) 

♜Strategic Management: Assurance (Definitions)

"All the systematic actions necessary to have the confidence that the target (process, program, project, outcome, benefit, capability, product output, deliverable) is appropriate. Assurance must be independent from what is being assured." (Paul C Dinsmore et al, "Enterprise Project Governance", 2012)

"An objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes for the organization. Examples may include performance, compliance, system security, and due diligence engagements." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"A level of confidence that appropriate and effective IT controls are in place." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"A measurement of confidence in the level of protection that a specific security control delivers and the degree to which it enforces the security policy." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"Confidence that a system exhibits a stated set of properties." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"Grounds for confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. 'Adequately met' includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass." (NIST SP 800-12 Rev. 1)

"Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy." (NIST SP 800-39)

"The grounds for confidence that the set of intended security controls in an information system are effective in their application." (NIST SP 800-27 Rev A)

♜Strategic Management: Assessment (Definitions)

"Evaluation of an an organization’s process performance capability against a model (e.g., Automotive SPICE PAM). The goal is the rating and improvement of processes (process capability)." (Lars Dittmann et al, "Automotive SPICE in Practice", 2008)

"(1) The comparison of the actual environment and data to requirements and expectations. (2) The first high-level step in the Information and Data Quality Improvement Cycle." (Danette McGilvray, "Executing Data Quality Projects", 2008)

"An appraisal that an organization does internally for the purposes of process improvement. The word assessment is also used in the People CMM in an everyday English sense (e.g., performance assessment)." (Sally A Miller et al, "People CMM: A Framework for Human Capital Management" 2nd Ed., 2009)

"A judgment about the implications of an influencer on either one or more means (such as particular courses of action) or one or more ends, such as particular desired results." (David C Hay, "Data Model Patterns: A Metadata Map", 2010)

"Activity of determination of quantitative or qualitative value of a product, service, activity, process in regard to given quality or acceptance criteria." (IQBBA, "Standard glossary of terms used in Software Engineering", 2011)

"Assessment is the process of evaluating or estimating the nature, ability, or quality of a thing. As a synonym for measurement, assessment implies the need to compare one thing to another in order to understand it. Assessment implies drawing a conclusion - evaluating - the object of the assessment (NOAD) whereas measurement does not always imply so." (Laura Sebastian-Coleman, "Measuring Data Quality for Ongoing Improvement ", 2012)

"Evaluation of an organization's successful execution of processes and standards. For OPM3, various tools to assess organizational project management maturity exist in the marketplace with variations of granularity." (Project Management Institute, "Organizational Project Management Maturity Model (OPM3)" 3rd Ed., 2013)

"The outcome of an evaluation of a process or event. Example: a scored exam constitutes an assessment of learning." (Gregory Lampshire, "The Data and Analytics Playbook", 2016)

"A systematic evaluation process of collecting and analyzing data to determine the current, historical or projected compliance of an organization to a standard." (ASQ).

"inspection and analysis to check whether a standard or set of guidelines are being followed, that records are accurate, or that efficiency and effectiveness targets are being met" (ITIL)

12 March 2016

♜Strategic Management: Business Analysis [BA] (Definitions)

 "(1) The study of business processes, practices and business systems requirements. (2) The application of information to better understand business opportunities and challenges." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"A set of tools and methods used for execrating business insight making from the available data or system structure. It provide meaningful information with dynamic and sophisticate methods of problem solving such as optimization." (Shokoufeh Mirzaei, Defining a Business-Driven Optimization Problem, 2014)

"Business analytics is the combination of skills, technologies, applications, and processes used by organizations to gain insight into their business-based data and statistics to drive business planning." (K Hariharanath, "BIG Data: An Enabler in Developing Business Models in Cloud Computing Environments", 2019)

"Business analysis is the practice of understanding business needs and enabling change, including the recommendation of solutions." (Esta Lessing, "CCBA® and CBAP® Certifications Study Guide", 2020)

"It is the process of working with factual information in organizations, using suitable tools and techniques to identify the nuggets of wisdom (insights) from them that can have direct impact on influencing good decision making." (Tanushri Banerjee & Arindam Banerjee, "Designing a Business Analytics Culture in Organizations in India", 2021)

"Business analysis is a practice that involves understanding the current capabilities and needs of the business users, identifying gaps in the current processes, and enabling desired future capabilities to derive efficiencies, competitive advantage, and business benefits." (Srini Munagavalasa, "The Salesforce Business Analyst Handbook", 2022)

"Business analysis is the means through which operational problems and issues are systematically identified and investigated, different approaches are evaluated, and optimal solutions are determined." (Qlik) [source]

"Business Analysis is the practice of enabling change in an enterprise by defining needs and recommending solutions that deliver value to stakeholders." (IIBA)

"The set of tasks, knowledge, tools and techniques required to identify business needs and determine solutions to business problems" (Business Analysis BOK) 

07 March 2016

♜Strategic Management: Risk Analysis (Definitions)

 "The evaluation, classification, and prioritization of risks." (Sandy Shrum et al, "CMMI®: Guidelines for Process Integration and Product Improvement", 2003)

"The process of identifying, characterizing, and prioritizing risks." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"The process of assessing identified risks to estimate their impact and probability of occurrence (likelihood)." (Tilo Linz et al, "Software Testing Practice: Test Management", 2007)

"The process of measuring and analyzing the risks associated with financial and investment decisions. Risk refers to the variability of expected returns (earnings or cash flows)." (Jae K Shim & Joel G Siegel, "Budgeting Basics and Beyond", 2008)

"A formal definition of risks based on asset identification, threat enumeration, and consequence evaluation." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"Systematic use of available information to determine how often specified events may occur and the magnitude of their likely consequences." (Chartered Institute of Building, "Code of Practice for Project Management for Construction and Development" 5th Ed., 2014)

"The process to comprehend the nature of risk and to determine the level of risk [3]" (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

"This is the part where we combine the impact and the likelihood (or probability) to calculate the level of risk and to plot it onto a risk matrix, which allows us to compare risks for their severity and to decide which are in greatest need of treatment." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

"Determining the nature and likelihood of the risks to key data" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"A process undertaken to comprehend the nature of risk and to determine the level of risk." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"The process of assessing identified risks to estimate their impact and probability of occurrence (likelihood)." (IQBBA)

"The process to comprehend the nature of risk and to determine the level of risk" (ISO Guide 73:2009)

04 March 2016

♜Strategic Management: Risk Matrix (Definitions)

"A graph that compares the likelihood and severity of risks from highest to lowest." (Annetta Cortez & Bob Yehling, "The Complete Idiot's Guide® To Risk Management", 2010)

"A common way to determine whether a risk is considered low, moderate, or high by combining the two dimensions of a risk: its probability of occurrence and its impact on objectives if it occurs." (Cynthia Stackpole, "PMP Certification All-in-One For Dummies", 2011)

"A grid for mapping the probability of each risk occurrence and its impact on project objectives if that risk occurs. " (Project Management Institute, "The Standard for Portfolio Management" 3rd Ed., 2012)

"A graphical representation of impact versus likelihood used to assist in the prioritisation of risks" (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

[impact matrix:] "A method for assigning values to expected pressures from the macro-environment in order for an organisation to assess the future nature of its context for which it must design an effective strategy." (Duncan Angwin & Stephen Cummings, "The Strategy Pathfinder" 3rd Ed., 2017)

02 March 2016

🧭Business Intelligence: Perspectives (Part III: Self-Service BI)

Business Intelligence

Introduction


According to Gartner, the world's leading information technology research and advisory company, Self-Service BI (aka self-service analytics, ad-hoc analysis, personal analytics), for short SSBI, is a “form of business intelligence (BI) in which line-of-business professionals are enabled and encouraged to perform queries and generate reports on their own, with nominal IT support” [1].

Reading between the lines, SSBI presumes the existence of an infrastructure made of tools to support it (aka self-service BI tools), direct or indirect access to row data and/or data models for the users, and the skillset needed in order to work with data and answer to business problems/questions.

A Little History

The concept of self-service is not new, it just got “rebranded” and transformed into a business opportunity. The need for business users to perform ad-hoc analyses was always there in organizations, especially in the ones not having the right infrastructure for harnessing their data. Even since the 90s with the appearance of products like MS Excel or MS Access in many organizations users were forced by the state of art to learn how to use such products in order to get the answers they needed from the data. Users started building personal solutions, many of them temporary, intended to fill the reporting gaps organizations had. With a little effort and relatively small investment users had the possibility of playing with the data, understanding the data, identifying and solving problems in the business. They acquired thus a certain level of business expertise and data awareness becoming valuable resources in the organization.

With time such solutions grew in scope and data volume, gained broader visibility and reached deeper in organizations, some of them becoming team, departmental or cross-departmental solutions. What grows uncontrolled with time starts to have negative impact on the environment. First tools’ management became a problem because the solutions needed to be backed-up and maintained regularly, then other problems started to surface: security of data, inefficient data processing as increasing volumes of data were processed on local computers and transferred over the network, data and effort were duplicated, different versions of reality existed as different numbers were reported, numbers that were reflecting different definitions, knowledge about the business or data-analysis skillsets. The management needed a more consolidated and standardized effort in order to address these problems. Organizations were forced or embraced the idea of investing money in modern BI solutions, in more powerful servers capable of handling a larger amount of requests, in flexible data models that facilitate data consumption, in data quality initiatives. Thus through various projects a considerable number of such solutions were converted into more standardized and performant BI solutions, the IT department being in control of the changes and new requests.

Back to Present

With IT in control of the reporting requirements the business is forced to rely on the rapidity with which IT is able to address new requirements. Some organizations acquired internal resources in order to build reports and afferent infrastructure in-house, others created partnerships with vendors, or approached a combination of the two. As the volume of requirements isn’t uniform over time, the business has to wait several days between the time a requirement was addressed to IT and a solution was provided. In business terms a few of days of waiting for data can equate with the loss of an opportunity, a decision taken too late, decision that could have broader impact.

A few years ago things started to change when the ad-hoc analysis concept was rebranded as self-service and surfaced as trend. This time vendors like Qlik, Tableau, MicroStrategy or Microsoft, some of the main SSBI vendors, are offering easy to use and rich functionality tools for data integration, visualization and discovery, tools that reflect the advances made in graphics, data storage and processing technologies (e.g. in-memory databases, parallel processing). With just a few drag-and-drops users are able to display details, aggregate data, identify trends and correlations between data. In addition the tools can make use of the existing data models available in data warehouses, data marts and other types of data repositories, including the rich set of open data available on the web.

Looking at the Future

Like its predecessors, SSBI seems to address primarily data analysts and data-aware business users (aka data citizens), however in time is expected to be adopted by more organizations and become more mature where already adopted. Of course, some of the problems from the early days more likely will resurface though through governance, better architectures and tools, integration with other BI capabilities, trainings and awareness most of the problems will be overcome. More likely there will be also organizations in which SSBI will fail. In the end each organization will need to find by itself the value of SSBI.

Previous Post <<||>> Next Post

Resources:
[1] Gartner (2016) Self-Service Analytics [Online] Available from: http://www.gartner.com/it-glossary/self-service-analytics
[2
] Gartner (2016) Magic Quadrant for Business Intelligence and Analytics Platforms, by Josh Parenteau, Rita L. Sallam, Cindi Howson, Joao Tapadinhas, Kurt Schlegel, Thomas W. Oestreich [Online] Available from: https://www.gartner.com/doc/reprints?id=1-2XXET8P&ct=160204&st=sb

27 February 2016

🧭Business Intelligence: Perspectives (Part II: The Complexity Myth)

Business Intelligence

Introduction

While looking over “Business Intelligence Concepts and Platform Capabilities” Coursera MOOC resources for Module 2 I run into two similar articles from Solutions Review, respectively Information Age. What caught my attention was the easiness with which the complexity of BI “myth” is approached in both columns.

According to the two sources the capabilities of nowadays BI tools “enabled business users to easily identify and present trends in an impactful way” [1], and “do not require an expert at the helm” [2]. It became thus simpler for users to independently query data and create interactive reports and presentations [2]. In both columns one can read between the lines that the simplicity of using BI tools is equivalent with negating the complexity of BI, which from my point of view is false. In fact here are regarded especially the self-service BI tools, in trend nowadays, that allow users to easily perform ad-hoc analysis with a minimal involvement from IT. Self-service BI is only a subset of what BI for organizations means, and just a capability from the many BI capabilities an organization needs in theory, even if some organizations might use it extensively.

Beyond the Surface

A BI tool is not a BI solution per se, even if many generic BI solutions for different systems are available out of the box. This is one of the biggest confusion managers, users and unfortunately also BI professionals make. A BI tool offers the technological basis for creating a BI infrastructure, though it comes with no guarantees. It takes a well-defined IT and business strategy, one or more successful projects, skillful developers and users in order to harness the BI investment.

On the other side it’s also true that organizations can obtain results also from less, though BI doesn’t equates with any ad-hoc analysis performed by users, even if they use BI tools for this purpose. BI is not only about tools, reporting and revealing trends in the data. BI often implies a holistic knowledge about the business and certain data awareness, without which users will start aggregating and comparing apples with pears and wonder why they taste and look different.

If everything were so simple then why so many BI projects fail to deliver what’s expected? Why so many managers complain that they don’t have the data they need, when they need them? Sure maybe the problem lies in over-complexifying the whole BI landscape and treating everything from a high-level, though that’s more likely not it.

It’s a Teamwork Knowledge Game

BI is or needs to be monitoring and problem solving oriented. This requires a deep understanding about processes and business. There are business users and also BI professionals who don’t have the knowledge one needs in order to approach a business problem. One can see that from the premises they have, the questions they raise, the data they consider, the models they build, and the results.

From a BI professional’s perspective, even if one has a broad knowledge about various businesses, one often lacks the insight in a given business. BI professionals can seldom provide adequate BI solutions without input and feedback from the business. Some BI professionals rely too much on their knowledge, same as the business sometimes expects a maximum output from BI professionals by providing a minimum of input.

Considering the business users, quite often their focus and knowledge cover only the data boundaries of their department, while many problems extend over those boundaries. They know facts that are not necessarily reflected in the data. Even if they are closer to the data than other parties, they still lack some data-awareness (including statistical awareness) in order to approach problems.

Somebody was saying ironically when talking about users’ data and problem solving skills - “not everybody is a Bill Gates or Steve Jobs”. Continuing the idea, one can’t expect users to act as such. For sure there are many business users who are better problem solvers than BI consultants, though on the other side one can’t expect that the average business user will have the same skillset as an experienced BI consultant. This is in fact one of the problems of self-service BI. Probably with time and effort organization will develop such resources, though some help from BI professionals will be still needed. Without a good cooperation between the business and BI professionals an organization might not have the hoped results when investing in BI

More on Complexity

The complexity arises when one tries to make more with the data, especially the data found in raw form. Usually the complexity of raw data can be addressed by building a logical or physical model that allows easier consumption of data. Here is the point where the users find themselves overwhelmed, because for this is required a good knowledge of the physical data model and its semantics, the technical knowledge to build models and the skills to reengineer the logic available in the source systems. These are the themes BI professionals are supposed to excel in. Talking about models, they are the most difficult to build because they reflect various segments of the business, they reflect a breakdown of the complexity. It’s also the point where many BI projects fail as the built models don’t reflect the reality or aren’t capable to answer to business questions.

Coming back to the two columns, I have to point out that the complexity of a subject or domain can’t be judged based on how easy is to approach basic tasks. The complexity lies typically when one goes beyond the basics, when one dives into details. In case of BI its complexity starts when one attempts mixing various technologies and knowledge domains to model and solve daily business problems in an integrated, holistic, aligned, consistent and cost-effective manner. The more the technologies, the knowledge domains and constraints one has to consider, the more complex the BI landscape and solutions become.

On the other side this doesn’t mean that the BI infrastructure can’t be simplified, that BI can’t rely heavily or exclusively on self-service BI solutions. However for each strategy there are advantages and disadvantages and one more likely has to consider both sides of the coin in the process. And self-service BI has its own trade-offs, weaknesses that can be transformed in strengths with time.

Conclusion

When one considers nowadays BI tools capabilities, ad-hoc analyses are relatively easy to perform and can lead to results, though such analyses don’t equate with BI and the simplicity with which they are performed don’t necessarily imply that BI is simple as a whole. When one considers the complexity of nowadays businesses, the more one dives in various problems a business has, the more complex the BI landscape seems. In the end it’s in each organization powers to simplify and harmonize its BI infrastructure to a degree that its business goals aren’t affected negatively.


Previous Post <<||>> Next Post

Resources
[1] Information Age (2015) 5 Myths about Intelligence, by Ben Rossi, [Online] Available from: http://www.information-age.com/technology/information-management/123460271/5-myths-about-business-intelligence 
[2] SolutionsReview (2015) Top 5 Business Intelligence Myths Revealed, by Timothy King, [Online] Available from: http://solutionsreview.com/business-intelligence/top-5-business-intelligence-myths-revealed
[3] Gartner (2016) Magic Quadrant for Business Intelligence and Analytics Platforms, by Josh Parenteau, Rita L. Sallam, Cindi Howson, Joao Tapadinhas, Kurt Schlegel, Thomas W. Oestreich [Online] Available from: https://www.gartner.com/doc/reprints?id=1-2XXET8P&ct=160204&st=sb 
[4] Coursera (2016) Business Intelligence Concepts, Tools, and Applications MOOC, led by Jahangir Karimi, University of Colorado, [Online] Available from: https://www.coursera.org/learn/business-intelligence-tools

25 February 2016

♜Strategic Management: Benefit (Definitions)

"Something of value as perceived by a customer." (Steven Haines, "The Product Manager's Desk Reference", 2008)

"As it pertains to products and services, what problem a product or service solves or what need it fulfills for customers." (Gina Abudi & Brandon Toropov, "The Complete Idiot's Guide to Best Practices for Small Business", 2011)

"The improvement resulting from outcomes perceived and expressed in terms of advantages for the organization, such as decreases in operating costs or product failures and increases in profit or productivity." (Paul C Dinsmore et al, "Enterprise Project Governance", 2012)

"An outcome of actions, behaviors, products, or services that provide utility to the sponsoring organization as well as to the program's intended beneficiaries." (Project Management Institute, "The Standard for Program Management" 3rd Ed., 2013)

"A description of a product advantage written from the perspective of the customer. Often includes emotional aspects." (Pamela Schure & Brian Lawley, "Product Management For Dummies", 2017)

Related Posts Plugin for WordPress, Blogger...

About Me

My photo
Koeln, NRW, Germany
IT Professional with more than 24 years experience in IT in the area of full life-cycle of Web/Desktop/Database Applications Development, Software Engineering, Consultancy, Data Management, Data Quality, Data Migrations, Reporting, ERP implementations & support, Team/Project/IT Management, etc.