Friday, September 21, 2012

IT-Business Alignment Book


BOOK: ‘How to Align IT with your Business’

 

Publication date: 21 Sept. 2012

Author: John Kyriazoglou


Summary description of the Book

 

This book deals with the issues of linking and aligning your IT application systems and services with your business goals to achieve your business objectives in a more effective and efficient way by the use of the Enterprise Architecture (EA) approach. Its contents describe four processes, several controls, activities, documents, checklists and procedures necessary for an effective EA implementation. Also seven recommendations are offered to streamline your EA efforts.

 

Detail Contents of the Book

 

The contents of this book are:

 

Chapter 1: Current Business Operating Environment

Description of the economic, social and technological factors and conditions (e.g., failure of corporate IT systems to be aligned and linked to the business objectives of the company.) affecting 21st century business organizations. Outline of the need for better business controls in all areas: governance, risk, strategy, IT, production, enterprise architecture (EA), etc.

 

Chapter 2: Business Controls and Enterprise Architecture

Description of the role of business controls making up a Business Control Framework to improve strategy and operations. Outline of the way enterprise architecture fits into this to satisfy your business needs and expectations in terms of IT systems and services.  

 

Chapter 3: Why is Enterprise Architecture (EA) important?

Description of the importance of EA (e.g., failure of strategic plans for various reasons, IT systems not linked to business strategy, etc.). How the EA approach resolves the ‘flexibility’ issue in business planning. Outline of the terms ‘enterprise’ and ‘architecture’.

 

 

Chapter 4: Definition and Processes of the EA Approach

Description of the role and purposes of the EA approach. Formal definitions of ‘Enterprise Architecture’.  Description of the main types of EA Processes (EA Management Plan, EA Resources, EA Components and EA Improvement) making up the EA approach.

 

Chapter 5: Process 1 - EA Management Plan

Description of the 12 steps (needs analysis, employing resources, selecting an EA framework, etc.), controls and end results (products created) in creating and executing the EA management plan (EA Process 1) for achieving EA and its benefits for your business. Listing out the products of this process: ‘EA Feasibility Study’, ‘EA policy’, ‘EA Communication Plan’, ‘EA Requirements Study’, ‘Business Model Changes’, ‘Enterprise Architecture Repository’, ‘EA Implementation Plan’, etc.

 

Chapter 6: Process 2 - EA Resources

Description of the role and responsibilities of the required corporate human resources (board, management, EA technical, IT, etc.) and the application of segregation of duties (EA Process 2) to implement EA for your company.

 

Chapter 7: Process 3 - EA Components

Description of the technical and procedural components (EA Process 3) which required for the effective establishment, implementation and administration of your EA: EA framework, business model, goals, EA repository, installation procedure, security procedure, etc. Also outline of various examples related to these components: Business process narrative, business strategic plan, strategy, goals and objectives, etc.

 

Chapter 8: Process 4 - EA Improvement

Description of an EA Improvement Plan and examples of performance measures, compliance indicators and EA checklists (Business Processes, Overall Corporate Business Data Management, Overall Corporate Business Strategy, etc.) which may be used to review and improve your EA processes, controls and components (EA Process 4).

 

Chapter 9: Benefits of Enterprise Architecture

Description of the benefits of the EA approach to your business organization, in terms of: Better alignment of your business strategy and business processes with your IT systems, better control of business data and faster and more seamless flow of information, more efficient control of your IT operation (systems, projects, data, etc.) fully supporting your business, etc.

 

Chapter 10: Concluding Remarks

Description of the latest data on how the enterprise architecture approach changes and improves the management and operation of IT systems to serve your business better. Also presentation of seven recommendations related to planning and implementing EA for your business in a more efficient and effective way.

 

Appendix 1: EA Case Study

Description of how enterprise architecture has been implemented to solve real-life business problems related to corporate operational and performance information issues and demands in IT-enabled company operations.

 

Appendix 2: EA Frameworks

Short description of the main standard-industry EA frameworks.

 

Further Resources

Listing of various books related to EA for anyone wanting to delve more into this subject.

Monday, September 10, 2012

Business Data Security Checklist


Business Data Security Checklist

 

John Kyriazoglou*

 

A business data security policy and related procedures should include protection controls and measures that cover the following issues:

1. Comprehensive due diligence of all critical staff, including external parties (outsourcing, external suppliers, sub-contractors, etc.). 

2. Authentication of all customers.

3. Non repudiation and accountability for all on-line transactions.

4. Segregation of duties.

5. Authorization controls.

6. Business data, transactions, records and information integrity.

7. Transactions audit trails.

8. Information confidentiality.

9. Appropriate disclosures for organizational services.

10. Data privacy.

11. Business continuity and contingency planning.

12. Security and other crises incident response planning.

13. Access controls: encryption, passwords, password control devices, tokens, user authentication devices, anti-hacking tools/techniques, digital signals origin identification, anti-tapping tools/techniques.

14. Data confidentiality.                             

15. Data integrity.

16. Anti-virus and e-crime detection software.

17. Time stamping.

18. Biometrics.

19. Digital signatures.

20. Smart cards.                            

 

 

John Kyriazoglou (jkyriazoglou@hotmail.com)

John Kyriazoglou, CICA, B.A (Hon-University of Toronto)

International IT and Management Consultant, author of several books



SSRN Free Publications: http://ssrn.com/author=1315434