Documente Academic
Documente Profesional
Documente Cultură
TERRA FIRMA
Team Members
Abdulhameed Almutairi
Fraser Keetley
Luzian Serafin
Marjet Lammers
Philipp Joebges
Executive Summary
Terra Firma recently encountered severe problems with a network failure.
Although the failure could be remedied, it appeared that IT management and all
of its components, especially the governance with existing policies and
regulations has to be improved within Terra Firma. Terra Firma is forced to react
as fast as possible because wrong investments in the past, no structured IT
management as well as increasing competition endanger its capability to
compete with other big companies in the market.
In this report, a thorough study of the current situation was conducted. Terra
Firmas current problems and upcoming challenges have been identified and
concisely summarised. Two new IT services are proposed in order to help Terra
Firma to compete in the future: Bring Your Own Device will enable Terra Firma
staff to use their own devices, mobile as well as stationary, for everyday tasks.
The improved File Sharing Service will help Terra Firma to satisfy needs of their
staff for increased collaboration capabilities as well as exploit new possibilities to
gain revenue. Both services are comprehensively designed and plans for the
implementation, transition and operation of the services are provided.
Through the proposed services, Terra Firma will be able to compete in the future,
resolve its current issues with IT and increase its revenue. The IRR for both
services over a three year horizon is just over 70% and therefore very promising.
Table of Conten
1.0
Introduction............................................................................................................. 1
2.0
2.1
3.0
Strategic Map....................................................................................................... 3
The IT Function in Terra Firma..................................................................................4
3.1
3.2
4.0
4.1
ROI calculations.................................................................................................... 9
Designing new IT services.....................................................................................12
5.1
6.1
7.1
7.2
8.1
8.2
9.0
9.1
Summary............................................................................................................ 48
9.2
Conclusion.......................................................................................................... 48
1.0 Introduction
In early 2014, Terra Firma suffered from a failure of its IT infrastructure that
affected the entire company. It was then followed by several weeks of manual
recovery procedures. Terra Firma staff and outside experts took more than 18
hours to determine the source of the problem. It was revealed that a router had
been flooded with connection request packages due to a new engineering
application that had not been tested correctly. The failure highlighted a number
of ongoing issues within Terra Firma.
Although high investments in disaster recovery and prevention methods had
been made, the problem could neither be detected nor fixed faster. This failure
has led to a negative impression of the IT department within the Terra Firma. IT
investments, which account for over 40% of capital expenditures within the
company, have also been called into question. With such significant investment,
the projects being completed have unfortunately, provided insufficient return on
investment and have failed to add value to existing IT services.
IT within Terra Firma is currently fulfilling the businesses basic requirements, but
the services offered, fail to further or enable business goals. There is an urgent
need to carefully analyse the state of IT Business alignment within Terra Firma.
Innovative solutions and services are required to enable Terra Firmas continued
growth, competitiveness and its provision of cutting edge technology to its
customers.
This report aims to provide a foundation for Terra Firma to improve its IT services.
A detailed analysis of the current state of IT in Terra Firma will be provided, as
well as two new IT driven services. These services have been developed in order
to provide significant value to Terra Firma and increase ITs alignment with
Business goals. Each of the services has been developed following the ITIL v3
standards for service design. A detailed transformation plan for each service will
be introduced to provide a guideline how to smoothly implement each service.
Firstly, a brief overview of Terra Firma and a SWOT analysis of the current state of
the company is provided. Following that, the current IT functions are introduced
and analysed. The focus of the analysis will be the issues and problems of
existing IT functions. The report will introduce two newly developed IT services
that aim to provide increase business value and help Terra Firma overcome
current and future challenges. These services will include a return on investment
calculation, service desk model and a new service management process to
ensure the safe operation of each service. Finally, two seven-step-plans will be
introduced; these plans aim to provide well-engineered steps to improve the
newly developed services as well as the IT service management as a whole. The
report concludes with a summary and some remarks about the value of IT for
Terra Firma.
Opportunities
Threats
Emerging markets in Asia, Africa and South AmericaChanging regulatory standards around the world
Significant growth in the medical industry with several
Large
years
competitors
of significant
are investing
growth ahead.
significant amounts into their R&D departments.
Dependence on large vendors for majority of Terra Firmas profits.
Exhibit 1 and the situation brief indicate that Terra Firma has continually invested
the companies resources into new and developing technologies. This has
allowed for new innovations in the industry and has become a significant
strength for the company. The development of 3D and 4D software products in
2004 and the subsequent success of the Imaging Software Products division
2
shows Terra Firmas ability to drive change and produce world class technologies.
This is evident with the introduction of the DigiRayZ product line in 2007, which
was a huge addition to Terra Firmas offerings and has become one of the most
profitable and greatest strengths of Terra Firma. The companies significant
number of high profile clients also continues to be a core strength of the
organisation.
IT infrastructure within Terra Firma however, is one of the organisations greatest
weaknesses, having recently suffered a significant IT infrastructure failure. The
network failure which occurred earlier this year highlights the chaotic nature of IT
within Terra Firma. With over 200 applications in use within the company,
maintaining and updating IT within the company has become extremely complex
and is a significant weakness for Terra Firma.
With 40% of Terra Firmas capital expenditure being used on IT, the company has
seen little return for its investment. Much of this investment into IT has been
spent on simply maintaining existing systems and equipment. From Exhibit 4 in
the Terra Firma case briefing the total expenditure in 2009 for capital
expenditures on IT was 36.28 million NZD, a huge expense for what is widely
acknowledged as a low return investment. There are also significant weaknesses
with Terra Firmas knowledge management, which is largely managed on an Ad
Hoc basis, departing staff often take their skills elsewhere without the
appropriate knowledge transfer activities taking place.
With new regulatory pressures in Europe, US and Australasia threatening existing
markets and large R&D competitors developing new innovations Terra Firma
requires radical change. The companys dependence on large vendors is also, as
much a strength as it is a weakness, however with large competitors beginning
to outpace Terra Firma, there are significant challenges ahead. Terra Firma, has in
the past shown its ability to drive innovation and from Exhibit 1s SWOT analysis,
there are significant opportunities for Terra Firma to expand and deliver new
offerings to customers.
Emerging markets, within Asia, Africa and South America present new
opportunities for growth and success. The modernising of medical equipment in
these countries present low hanging fruit which can help establish Terra Firma
as a dominant supplier. With the medical supplies industry set to grow by 6% for
several more years, Terra Firma is poised to deliver significant growth and value
to its customers.
Stephanie Clarks arrival in 2003 and her vision as CIO have helped push the
companies IT infrastructure into the 21st century. But despite this, there are
several challenges that existed upon her arrival which still continue to plague the
company today. Without Stephanie Clarks commitment to Terra Firma and her
development of new compliance standards, the catastrophic network failure that
occurred, could have been far worse. The involvement of Marvin Keats to develop
a solution to the myriad of problems within Terra Firmas IT division is the first
step in a long process to innovate and drive change within the organisation.
Section 4 onwards will provide two new services which can assist in resolving
3
Terra Firmas weaknesses, increase its strength, counter its threats and
importantly capitalise on opportunities within the industry.
Customer
It was observed from the case study provided to Marvin Keats for this report that
Terra Firma strives to deliver valuable and innovative solutions to its customers,
whilst maximising revenue to invest in future R&D projects. Terra Firma aims to
foster long term relationships with its customers and recruit strong leaders and
employees. In order to maintain this strategic vision however, an understanding
of IT within Terra Firma must be gained.
been responsible for all business activities and operations within the company's
field offices and manufacturing divisions within Asia. Keats main goal is to
strengthen the presence of Terra Firma in the Asian Pacific region. Additionally,
Keats has developed strong sets of business processes that assist applications
and infrastructure that are used across several regions, EMEA and NALA being
two such examples. Under pressure from Marvin Keats Terra Firma adopted a
CRM (Customer Relationship Management) system in 2008. The reasons for its
adoption included:
The growth in numbers of offices, staff and sales forced the company to
implement the new CRM software even after its rolling out in the early
2008.
CRM helped develop end-to end business process and embedded real time
business intelligence.
Most importantly, Oracle CRM could be integrated with the company J.D
Edwardss accounting software. (Exhibit 6: Terra Firma's Key IT
Applications and Services).
With a focus on the People, Processes, Products and Partners, IT within Terra
Firma should be changed to support the day to day business. The strategy
generation phase inside the ITIL frameworks provides us with a useful guideline
how the IT Department should view itself in relation to Terra Firma. Based on the
ITIL service strategy process there are four activities that define a successful
strategy:
In order to define the market that Terra Firma operates in the IT Department has
to develop a detailed understanding of the needs and requirements of Terra
Firmas current and future customers. The customers of Terra Firmas IT function
can be categorised into the following groups.
Based on the identified Terra Firmas customers and their individual needs a list of
Business Units have been identified, Table 1 below is a breakdown of the
Business Units and their needs.
Business Units inside Terra Firma
Regional HQs
Software Development
Field Offices
Corporate HQ
Engineering Design,
..
Needs
VOIP, Help Desk
Support for Development Environment
Tech Support
Help Desk, VOIP
Specific Software packages
Aside from its internal customers, the IT Department also has indirect customers.
These are the Clients of Terra Firmas IT based products (Imaging Software
Products for example). Customers such as GE, Siemens, Phillips, Hitachi, Toshiba,
various Hospitals, Labs, Dental, Vets constitute Terra Firma's main market
segment within the medical industry.
With the medical imaging products market possessing an estimated value of
around 50 billion US dollars as of 2009 there is an incredible demand for Terra
Firmas services. With projected increases of 6% consistently year on year are
forecasted, it is exceedingly important that Terra Firma capitalize on this market.
This dramatic growth is driven and expanded need for MRI (Magnetic Resonance
Imaging) and CT scanners can only be fulfilled through the achievement of
IT/Business Alignment. Therefore, it is critical that meaningful changes in IT are
made, to ensure that new opportunities within the market place can be achieved
by the business.
Warranty
No limit to file size
8
For the file sharing service one service level package covers all patterns of
business activities. The utility shows that it is possible to share, edit and read
data important for all activities by our users.
User profile
Senior executives (CEOs)
Management
location
Access to email and agenda and
editing them from every location
Possible to work on company files from
every location
Access to company network from every
location
Access to email and agenda and
editing them from every location
Possible to work on company files from
every location
Access to email and agenda and
editing them from every location
Possible to work on company files from
own devices at the plants
Access to email and agenda and
editing them from every location
Possible to work on company files from
own devices at the office
Access to email and agenda and
editing them from every location
Possible to work on company files from
own devices at the plants
Access to email and agenda and
editing them from every location
Possible to work on company files from
own devices at the plants
Warranty
No software installation needed
Enable access with up to 100mb/s
download and 10mb.s upload.
Time to connect less than 10 seconds
265 BIT SSL Encrypted connection
Availability of network 24/7
Warranty
No software installation needed
10
In order to accurately create a set of ROI calculations for the service, the base
case was calculated first using Exhibit 2: Selected Financial Information for Terra
Firma Medical Systems from the case study. Year 0 is taken as 2014. To calculate
the revenues we have to look from 2005 to 2008, from that period the revenues
grew by approximately 16% per year, however the 2009 financial year registered
a 21% growth in revenues. This has been attributed to the introduction of the
DigiRayZ product line. To calculate the revenues of 2014 it is assumed that
growth from 2010 onwards will be an average of 18%. Therefore, revenue in
2014 is 4,936m NZ$ (2,546*1.184) The average growth of expenses have risen
from 16% per year from 2005 to 2008 to 19% in 2009, for the ROI it is assumed
that expenses will rise with 19% in the future as well. The expenses in 2014 will
be 4,187m NZ$ (2,088*1.194). For the costs of IT it is assumed that the grand
total (cash flow basis) is taken into account for the costs in the overall budget. In
2009 this was about 7 %( 152.8/2,088). Of the total expenses for the future it is
assumed that the IT budget will increase at the same rate as the expenses, 19%
per year. In 2014 the IT budget would be 306m NZ$ (152.8*1.19 4).
In the tables below, the base case, the BYOD and File Sharing case can be found
and the calculated ROI for both services. The ROI has been calculated for both
together as the services have the most value being implemented together.
For the new situation there will be an initial investment of 46.56m NZ$ and with
the ongoing cost the total investment will be 60.20m NZ$. These costs of the File
Sharing System will be a onetime investment of 700 dollars per employee. In
2014 there are 7632 employees, so the costs are 5.34m NZ$. For BYOD device
the costs are 5400 NZ$ per employee, this also counts for new employees. In
table 6 the costs for BYOD can be seen.
Year 0
# of
Employees
7632
Cost per
Device
600
Cost per
Employee
5400
Year 1
8396
600
5400
4.12
Year 2
9235
600
5400
4.53
Year 3
10159
600
5400
4.99
41.21
11
Year 1
Year 2
Year 3
4,936
5,824
6,873
8,110
4,187
364
4,618
4,983
433
5,496
5,929
516
6,540
7,056
842
944
1,054
-175
-120
-253
295
-206
-142
-283
312
-243
-169
-316
325
EBITDA
Depreciation and
amortization
Net interest expense
Taxes on earning
Net income
File Sharing Service &
BYOD
Year 0
Total revenues
IT Expenses
Other Expenses
Total expenses
Initial Investment
Ongoing Costs
4,936
4,187
46.56
EBITDA
Depreciation and
amortization
Net interest expense
Taxes on earning
Net income
Year 1
Year 2
Year 3
5,849
6,931
8,214
358
4,618
4,977
420
5,496
5,915
491
6,540
7,031
4.12
4.53
4.99
872
1,016
1,182
-175
-119
-262
316
-208
-142
-305
361
-246
-169
-355
412
Year 2
Year 3
49
87
-46.56
Year 1
21
78
12
thousands)
Discount Rate
Tax Rate
3 yr Internal Rate of Return
(IRR)
10%
30%
70.55%
Year 1
-47
Year 2
Year 3
21
49
87
-26
of Year 2
23
===>
110
0.47
29.86%
Base case
discovery/assumptions
Discount rate
10%
Tax rate
30%
18%
19%
3%
of revenues
2.4%
of expenses
17%
19%
18.5%
The generated ROI will serve as a reference point for future progress calculations
when the system is put into operation.
section, can help further business goals and institute a number of improvements
to IT within the company. By improving and introducing new services, Terra Firma
can begin to align its business goals and IT goals, so that value can be yielded
for both areas.
Business Requirement
Priority
Description
User Experience
Must Have
Must Have
Must Have
Must Have
Users must be able to access work emails via employee mobile devices
Mobile
Device
conferencing
Preferred
Must Have
Must Have
Must Have
Must Have
video
14
Warranty
Connect to the network in less than 10 seconds
Connect every device independently from the
operating system
Encrypted connection (265bit SSL)
Download Speed: 10mb/s
Upload Speed:
1mb/s
Device stays connected when person moves within
the buildings (Continuity of the connection)
Support weekdays between 6am 9pm
Support weekends between 8am 6pm
99.9% Availability
Warranty
Connect to the network in less than 10 seconds
Connect every device independently from the
operating system
Encrypted connection (265bit SSL)
Download Speed: 10mb/s
Upload Speed:
1mb/s
Device stays connected when person moves within the
buildings (Continuity of the connection)
Support weekdays between 8am 6pm
Support weekends between 10am 4pm
99.9% Availability
Warranty
Connect to the network in less than 10
seconds
Connect devices that run Windows,
Android or iOS
Encrypted connection (265bit SSL)
Download Speed: 10mb/s
15
Upload Speed:
99% Availability
1mb/s
Functional Requirements:
Non-Functional Requirements:
16
Existing Capabilities
New capabilities
Network Infrastructure
File Server
Help Desks
Most of the investments needed to be made refer to new software. Some existing
network infrastructure will be used in the services creation; however a significant
portion needs to be renewed to guarantee the networks performance defined
under the non-functional requirements. Finally, the administrators as well as the
support staff have to be trained to be able to support the end users and solve
incidents on their own.
5.1.5 Performance Measurement
The performance of the BYOD service will be measured using a SLAM chart. The
single measurements are:
Average
Connection Time
Connection Errors
Average
Download Speed
Average
Speed
Upload
Janua
ry
Realit
y
Goal
Realit
y
Goal
Realit
y
Goal
Realit
y
Goal
Realit
y
Goal
Februa
ry
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Marc
h
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
April
May
June
July
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Augu
st
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Septem
ber
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Octob
er
Realit
y
Goal
Realit
y
Goal
Realit
y
Goal
Realit
y
Goal
Realit
y
Goal
Novemb
er
Reality
Decemb
er
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Goal
The necessary data will be collected using the newly implemented network
monitoring software.
5.1.6 Capacity Plan
Personnel: Team of 2 Administrators & 5 Support Staff
Ensuring that the service can be used and answering support calls
18
Topic
Plan
Availability
Reliability
Maintainabil
ity
Serviceabilit
y
Secure
Connection
Secure
Handling
All connections within Terra Firmas network will be secure; no data will be
transmitted unencrypted. This will be guaranteed through the usage of new
encryption software and constant network monitoring. The administrators will
test the encryption of the connection every 6 months and report any possible
incidents. Additionally a white-hat hacker will be engaged once every year to
test the network infrastructure for possible security holes. The results of these
tests will be reviewed by the administrators and reported to the executives.
Appropriate arrangements to fix these holes will be made collaboratively.
To ensure the secure handling of information, all users have to be made aware
that he should never share sensitive information. In order to achieve this goal, a
detailed information security document will be created that has to be read by
everyone that wants to use the BYOD service. The awareness will be tested by
the direct supervisors of every staff.
5.1.9 Supplier Management
With the implementation of the new BYOD service, a number of new suppliers will
be needed. They will provide all software needed and described in the GAP
analysis. All contracts will be initially negotiated by the administrators and
reviewed by an executive before establishing a contract. All contracts will be
stored in the supplier contract database. Administrators will be assigned and
given responsibilities managing end of term reviews and renegotiations for each
assigned contract.
19
Priority
Description
Must Have
Access
files
from
mobile
Devices inside Terra Firmas
network
Access
Control
and
Authorization for folders and
files
Must Have
Must Have
Must Have
Single Sign On
Preferred
Preferred
Preferred
Optional
Must Have
Files
like:
Product
documentation,
software updates and security updates
should be able to be shared with
costumers.
To increase the usability of the system
the user should be automatically
authenticated.
If a file or folder was shared with a
specific person or group, notification
information should be send by Email.
To increase the productivity of Terra
Firmas mobile workforce, file access
should also be possible on mobile devices
outside Terra Firmas network.
Some employees requested a feature to
share very large files.
20
For service level packages have been defined, that have been separated based
on several different user profiles inside Terra Firma. Exhibit 4 shows a high level
overview of the four proposed service level packages.
SP2
All Terra Firma Employees
9am-17pm Support
Help Desk
SP1
Terra Firma Customers
24/7 Support
Tech Support
SP=Corpor
ate File
Sharing
SP4
IT Support Department
Access control
User adminstration rights
SP3
Engineering Department
Share large files (>1 GB)
Daily Backups
Data Recovery
Non-Functional Requirements
Daily Backups
Extensibility
High
Medium
New capabilities
Network infrastructure
Knowledge Management
Help Desks
Table 19 Detailed Requirements Overview
SLA
SP1
SP2
SP3
SP4
Download Speed
Upload Speed
Availability
Support Response
Time
>200kbs
>100kbs
99%
< 1 minute
>500kbs
>200kbs
98%
< 3 minutes
>1mbs
>500kbs
97%
< 3 minutes
>10mbs
>1mbs
99%
< 1 minute
22
To measure the performance of the new File Sharing solution a SLAM chart has
been developed. The chart includes the expected measures that will need to be
fulfilled to ensure the services success.
Average
Downlo
ad
Speed
Average
Upload
Speed
File
access
errors
Service
Availabi
lity
Janu
ary
Febru
ary
Mar
ch
Apri
l
May
June
July
Aug
ust
Septem
ber
Octo
ber
Novem
ber
Decem
ber
Realit
y
Goal
Reality
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reality
Realit
y
Goal
Reality
Reality
Goal
Goal
Realit
y
Goal
Realit
y
Goal
Realit
y
Goal
Reality
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reali
ty
Goal
Reality
Realit
y
Goal
Realit
y
Goal
Realit
y
Goal
Reality
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Reality
Goal
Goal
Goal
Goal
Reality
Goal
Reality
Goal
Goal
Goal
Reality
Goal
Reality
Goal
Non-personal:
Security: The new file sharing solution will ensure confidentiality, integrity,
and availability of Terra Firmas data. The ISO/IEC 27000 series of
information and security management will be put in place and will serve
as the basis for secure data management within this service.
24
There are several capability gaps that have been identified in Terra Firmas
existing systems. Only basic systems for accessing corporate applications
with mobile devices are available. Wider accessibility to all staff was
identified as a way to improve productivity and increase worker
involvement. This is seen as an opportunity to capitalize on increasing
computing power of employee personal devices and help engage
employees with flexible working arrangements and access to Terra Firma
systems.
business. An incident similar to the one that occurred earlier this year,
cannot be allowed to occur.
What are the Returns required from the change?
Several tangible and intangible benefits are anticipated from the RFC if it is put
into effect. These identified benefits have been detailed below:
A consolidated access point for all staff regardless of location. This will
result in ease of access to Terra Firma systems for all staff. Additionally,
staff working off site will be easily able to access work critical systems
resulting in productivity gains. Staff in contact with local and international
offices will be able to provide the necessary information for managers
allowing them to assess situations and make informed decisions.
The service will allow staff to operate in a flexible and access corporate
systems outside the office. It is anticipated that staff morale and
involvement will increase due to employees being able to contribute
regardless of location. Additionally, should a staff members personal
situation prevent them from accessing a local office alternative
arrangements could be organised to allow a work-from-home either from
a personal computer or laptop.
There is a possibility for loss of revenue if staff members do not adopt the
new BYOD service with their devices. There is no guarantee that this tool
will be fully adopted by staff within Terra Firma. Whilst training and internal
advertising will make employees aware of the system, uptake is always a
prevalent risk.
Linux being the most common. If poor optimization issues were to occur,
systems may inadvertently fail due communication issues.
These identified risks will need to be monitored over the duration of the project.
It is imperative to the services success, that information regarding the service is
distributed among staff, security protocol and standards are maintained and
enforced and that the development cycle accurately captures the technical
requirements of each device baseline established in configuration management.
By doing this, the above identified risks can be mitigated and managed through
the services lifecycle.
What are the Resources required to deliver?
For the first 3 years, an investment of 60.2 million NZ$ would be required. As
stated in Table 7, the cost per device and cost per employee will be roughly 6000
dollars per person. However, due to the adoption of mostly personal devices, a
large number of these devices would already be purchased or owned by the
employee.
In addition to this financial investment a number of personnel will be required to
perform work on the service. The identified resource staffing requirements are
listed below:
Project Manager: Marvin Keats. As the trigger for this RFC, Marvin Keats
would be responsible for the overseeing the transition and development of
the service.
Project Sponsor: Stephanie Clark. As the senior staff member for the IT
department, Stephanie would sponsor the project and provide reports to
the board of directors on progress. It would be her responsibility to ensure
28
The business analyst team who completed the report would help devise
the execution of the project, assist with planning and monitoring activities
and support technical staff with detailed design specifications. It would
also be this teams responsibility to produce an adequate governance
framework for BYOD, ensuring that fair-use is established and
communicated to involved parties within Terra Firma. Both the analyst
team and technical staff would be responsible for creating user and
support staff manuals.
The two teams of technical staff would perform two different functions.
Both teams would also be responsible for liaising with the business
analysis team to produce user/support manuals
BYOD SME would be responsible for providing both analysts and technical
staff with information regarding BYOD systems and their construction.
This is due to the nature of the changes within the File Sharing service. File
sharing, will provide a number of functional benefits to BYOD. Exhibit 5 shows,
that access granted to employees for other departments files, will enable a read,
write and delete access, which will have a flow on effect to BYOD. The File
Sharing services will also have mobile phone elements, which will undoubtedly
be borrowed from functionality implemented in BYOD.
Router Failure
File Sharing
BYOD
Synchronization
Finally, the router failure has also been captured as a key relationship between
the two services. This has been captured to highlight the trigger for both the
services creation. It has also been captured as it illustrates Terra Firmas
response to the incident.
6.1.2 Transition Plan
In order to effect a successful transition, the anticipated timeline for the change
has been charted as well as the planning and monitoring activities that will need
to be implemented. Without these activities, the success of the transition could
be severely hampered. The below sections deal with the prevalent areas that
will need to be administered for a successful transition,
Anticipated Timeline
The anticipated that 1 year and 6 months will be required to complete the
project. Refer to Table 22 for the estimated timeline for the project.
Task
Duration Start date - end Notes
date
Initial Scoping
1 Month
20/6/2014
- Define the scope of the
20/7/2014
changes
and
the
effected components.
Creation of Project 2 Months
21/7/2014
- Define in detail the
Documentation
21/9/2014
execution of project
activities
over
the
SDLC.
30
Programming Mobile Up to
Friendly
Corporate Months
Applications
BYOD
activities
Back-End 5 Months
Testing
1 Month
User Manuals
1 Month
Training
and 2 weeks
implementation
Post Project Support 6 Months
Planning
Monitoring
and N/A
21/7/2014
21/9/2014
6 21/9/2014
31/3/2015
21/9/2014
21/2/2015
1/3/2015
1/4/2015
1/03/2015
1/04/2015
1/04/201515/04/2015
15/05/201515/11/2015
N/A
A large amount of time has been allotted to programming and BYOD back-end
activities. This has been done to ensure that any and all complications can be
dealt with during the allotted time frame. If time is saved, it will be used to
increase the amount of training and implementation activities that are performed
within the company. Initial scoping has been given a significant time frame as
well, to ensure there is consensus among the various business areas about which
corporate applications will be mobile accessible. In addition to this, a significant
portion of time has also been allocated to Post Project Support. This has been
done to ensure that any issues that can occur with any mobile/desktop OSs can
be handled and monitored.
phases would communicate any issues encountered. For each week, meeting
minutes would be taken which would comprise progress reports.
For these progress reports a fortnightly meeting would be conducted between
Marvin Keats, Stephanie Clark, BA team leads, the BYOD SME and the technical
team leads detailing the progress of the project. This would serve as input to
quarterly reports to the board. Based on these quarterly reports the board of
directors would allocate resources. This reporting structure would help ensure
milestones were met. This would mitigate over spending and ensure that an
appropriate work-around be in place should the solution run off track.
Serious issues would result in emergency meetings between Stephanie Clark,
Marvin Keats and the employees working on the project. An appropriate plan of
action would be generated to manage such an event. Monitoring meetings would
occur daily until the incident is resolved. A notification at the start of the
emergency and at the conclusion of it would be sent to the board.
6.1.3 Remediation Plan
Should a single piece of functionality or the entire service run into unexpected
difficulties upon introduction, a number of remediation plans would come into
effect. Currently, two possible scenarios have been identified which could cause
the change to fail:
For both scenarios, the approach will be to ensure that none of the previous
systems are overwritten without appropriate storage of backups. Additionally,
legacy systems will be operated in a cold-storage scenario, only coming online
should the service fail. Therefore, if when introduced a portion of the service or
the complete service fails, the affected systems will be switched onto their
original functions without BYOD.
This remediation plan could also serve as the basis for some scenarios in disaster
recovery. If this scenario were to eventuate, the entire service would be brought
out of production and the issue traced. Correspondence would be issued to the
affected parties informing them of the event. With such a system,
communication will be key to ensuring any problems are dealt with in a calm and
orderly manner.
6.1.4 Configuration Baseline
As detailed within Table 24 the produced service would have several
configuration baselines. In order to make a change to the entire BYOD system,
the baseline for all applications supporting the BYOD service would need to be
achieved.
32
The baseline for the BYOD mobile systems service would include the first
released working version of each mobile compliant application. For example,
Field Office help desk service would have the first corporate wide release for a
mobile friendly version which would be the acceptable baseline for the
application.
Likewise, the physical systems, standards (most importantly standards governing
use of BYOD) and other supporting infrastructure for each application within the
service would also need to be achieved before a new baseline could be
established.
It is expected, that this would be difficult to achieve. So therefore a formal
project would need to be drafted if major functionality changes affecting the
majority of the applications were desired. Additionally, some systems would be
exempt due to working requirements. This would be assessed on a case by case
basis.
CI #
Configuration Baseline
Type
Software
Th
offi
4.4.3 KitKat
The OS for the Windows mobile
phone
Software
Th
offi
Version 8.10
A
The OS for the Apple mobile phone
3
Software
Th
offi
A
Build 7.1.1
The OS for the Blackberry mobile
phone
Th
offi
7.
A
Software
Version 7.1.0
Software
Th
ite
et
A
Software
Th
ite
et
A
Samsung S4
Hardware
33
Th
is
A
8
HTC One
Hardware
Th
is
A
9
10
Hardware
Th
is
Iphone 5
Hardware
Th
is
A
Th
ne
11
Hardware/Software
Al
co
ap
A
12
Hardware/Software
Al
ha
(re
pa
So
(d
sp
A
Documentation
34
Th
to
Change Request
RFC Standard
Number
Requestor
Stephanie Clark
For
Stephanie Clark
35
Returns
Risks
Production
Development
-Continual improvement
deployments.
and
Testing
General
-Competitive advantage
other competitions.
over
36
Category
Software
Storage
-Database
system.
management
Hardware
Configuration
needed
Server hardware
-Additional disk
space due to more
space required.
Security
Applicatio
ns
Network
operating
systems such as windows
7, windows server 2008
and windows mobile.
Various
network
components
including routers,
switches,
Additional
ISP ,
Access points and
Network
Encryptions
hardware
-Hardware firewall
(Router
Cisco
Adaptive security
device 5505)
- N/A
N/A
-Configurations
be made by the
staff.
-Configurations
be made by the
staff.
to
IT
to
IT
Improve
bandwidth
to
handle the load on
traffic.
Configured
staff
by
IT
Configured
staff
by
IT
Table 26 Resources
Steering Committee
Planning
This involves the determination of various aspects of the project which include
estimating costs needed, the personnel needed to carry out various tasks and
assessing the feasibility of the entire project economically, financially and
technically
This involves buying all the required resources which include both software and
hardware resources. The resources would then be tested if they are working as
required.
Implementation
The design would be implemented in order to attain the required file sharing
functionality.
Testing
After the system is implemented, it is tested to ensure that it attains the required
functionality.
Training
Users should be trained to ensure that they are familiar with the operations of
the file sharing system.
Deployment
This step involves availing the completed file sharing system to users.
System documentation
This involves writing down all the steps used on the file sharing system from
planning to deployment.
38
Timelines:
The below timeline will be used in the implementation of the above tasks.
Task
Duration
Planning
1 month
Designing of
new system
Start datedate
20/6/201420/7/2014
the
2 weeks
21/7/20143/8/2014
Purchasing
and
testing
of
the
required resources
3 weeks
4/8/201425/8/2014
Implementation
1 week
26/8/20142/9/2014
Testing
2 weeks
3/9/201416/9/2014
Training
3 weeks
Deployment
1 week
17/9/20146/10/2014
7/10/201413/10/2014
Documentation
Througho
ut
the
entire
process
end
Notes
Determining
the
techniques to ensure
smooth transition
Involves
determining
the
connections
for
various components
Involves ensuring that
all required resources
are
available
and
working as expected
Involves interpretation
of the design to attain
actual system
Entails confirming the
functionality
of
the
system
Familiarizing users with
the system.
Availing the system to
users for use
Keeping a record of the
various aspects of the
deployed
system.
Usually
takes
place
throughout the entire
transition process.
Table 27 Timeline
deployment.
Trainer: The work of the trainer is to ensure that all employees at the company
are well conversant with the functioning of the proposed file sharing system
through training.
6.2.3 Remediation Plan
There are two probabilities for the file sharing system. The system might be
successful or unsuccessful. In case the project is not successful the following
actions will be taken.
One of the actions is that all devices will be reverted to their configuration
baselines. These will be checked for possible causes of failure. While this is
getting accomplished, the workers will use secure online file sharing systems
such as Dropbox. Additionally, the inbuilt file server application present in
windows server 2003 can be used. In case the mobile devices fails to access the
file server, only computers will be used for file sharing purposes. (See table 28 a
remediation plan check list).
Table 28 Remediation
Configuration
Item
Routers
Configurati
on
Baseline
Type
Hardware
Configuration
description
item
Baseline Requirements
Cisco
Adaptive
security
device 5505.
Has
a
firewall,
IPsec(Encryption packets ),
VPN, antivirus, Antispam and
anti-phishing software
40
Switches
hardware
Server
operating
system
End-User
Computers
software
Client operating
system
software
4
5
Hardware
Documentation
6
Mobile devices
hardware
Mobile devices
operating
system
File
sharing
server software
software
software
server
software
application to enable file
sharing anywhere
The file sharing System images: these refer to the setup files used in the
installation of the file sharing system (Easy file sharing web server).
Security patches that may be needed by the system. This includes all
patches for both the file sharing system and both the client and server
operating systems.
Since Terra Firma is expanding and becoming an international company with field
42
As stated before there are two new services that are suggested to introduce to
Terra Firma and as with every new service that is introduced it could be that the
service is unsuccessfully rolled out. In the current ITSM process this is not taken
into account. To establish a sound IT service management process it is as always
a risk that a service is rolled out unsuccessfully and that the service might have
to be withdrawn. In the current processes there is two activities connected with
43
the roll out, after the decision is made that a global roll out is needed there is the
activity coordinate with regional offices and rollout solution globally and if no
global roll out is needed there it the activity Targeted rollout for specific end
users. This shows that an unsuccessful rollout is not taken into account at all.
Some extra activities are needed in the ITSM process to solve this problem. This
new process can be found in Figure 3, and show the current process. The new
process shows that the rollout is divided in phases and at every phase if its not
successful there is the opportunity to stop the rollout and roll the implementation
back. Rollout will now not happen as a big bang anymore as it was at first but is
phased.
44
Event management ensures that events are detected and determine appropriate
control actions. Event management monitors all the events that occur
throughout the infrastructure and it will monitor them to assess if they are
normal events and detect exceptions and escalate them (Office of Government
Commerce, 2007). Five activities are involved with event management,
detection, categorization (informational, warning and exceptional), correlation,
response and review. These activities should also be included in the ITSM process
of Terra Firma, the process of event management can be found in Figure 4. This
current process has its own start event and should be placed in front of the
current ITSM process as this is purely based on request fulfillment.
As an informational event only signifies regular operations it is not necessary to
correlate this event, it only needs to be logged. In case of an warning event it will
not disturb the current processes but it does give a sign that something might be
wrong, so in this case it is necessary to correlate this event and investigate if
there have been similar warnings. In the case of exceptional it means that
something exceptional has happened and that there is a problem, so it is
necessary to escalate this to problem management.
45
To give a better insight into event management we will give one example for
each of the new services explain what happens when a warning event is
detected. First the file sharing service, for example a warning comes in that the
server needs to multiple tries before successfully syncing a document. This event
will be detected and will be categorized as a warning event. The next step is
correlation, if this is the first time this warning has been detected the warning
will be logged but the IT staff will probably not respond, the review will be short
and the event will be closed. However if this warning has been happening more
often in the last hours or days the IT staff will respond by starting an
investigation about the cause and will escalate it to the specialists, the event will
be logged and the users will be kept up to date. When it is solved the response
will be reviewed if it happened in time or if it could have been signaled earlier.
After that the event will close.
In case of the BYOD a warning event could be that a user cant log in to the
network, when the event is detected as warning event and the IT staff will
correlate the event by looking if this has happened more often to the users and if
it has happened to multiple users. Depending on the correlation with others it
will give the appropriate response. It could be that the user has no access than it
will be escalated to access management, or maybe the users password is wrong
and then it just needs to be reset. After the response and the logging of the
event, the IT staff will review the response and close the event.
7.2.3 Incident Management
46
The last of the processes of Service Operations that is missing in Terra Firmas
ITSM is the problem management. Problem Management is concerned with
finding the root causes of the incidents happening, especially when this are
recurring incidents or incidents with a high impact. It also concerned with finding
workarounds for incidents that cant be prevented. As with incident management
the main goal is to minimize the impact of problems on the business processes.
It consists out of nine activities: detection, logging, categorization, investigation
and diagnosis, workaround, raising a known error record, resolution, closure and
major problem review. Figure 6 shows the process flow of problem management
as depicted by (Office of Government Commerce, 2007). This clearly shows that
there are multiple ways for problems to be detected. In Figure 7 the process flow
has been converted to a process model to fit in the ITSM process and which is
consistent with the other processes is described so far.
47
Looking back at the incident of the server breakdown, the solution of that
incident was to restart the server as it was powered of for some reason. It could
be that the server breaks down an hour after is has been restarted, this would
48
suggest a problem. The Service Desk escalates this problem to the Problem
Manager; he will start the process of Problem Management. Problem
Management will investigate the reason of the power down of the service and
will try to find a solution to prevent this from happening again.
The processes in the Service Operations are often all connected with each other.
An event can become an incident and incident can become a problem. Incident
and problems can negatively affect the business processes. No firm wants this to
happen, this is why it is so important for a firm to have their ITSM processes
written down in a structural and complete way as this will improve the Service
Operations of the firm.
2. Define what
will be
measured
6. Present and
use
Information
5. Analyze the
Data
3. Collect the
Data
4. Process the
Data
The CSI ITIL process has been selected for the benefits it can provide to service
generation, development, transition and operation. By employing this process,
issues that would typically lead IT services to become unaligned with business
goals, would be avoided.
49
Step
Define what
should be
measured
Define what
will be
measured.
What can we
measure
Collect the
data
Process the
data
Analyse the
data and
information.
Present and
use the
information.
Implement
improvement
Description
We want to evaluate our strategy as an IT service provider
to ensure that we meet our goals. We will also verify that
we as an IT Service provider understood the business
needs of Terra Firma.
We will measure the ROI, Customer satisfaction and how
well we understood the business.
We can measure how good our ROI calculation was and
also if the demand management was sufficient enough.
We will also revisit our strategy generation and evaluating
if we as an IT service provider archived our goals.
We will collect quantitative data through automated tools
and gather feedback in meetings with the senior
management team.
The processing of the data is mostly done manually.
User Feedback data will be analysed from qualified staff
and evaluated.
Quantitative data will be analysed with analytics software.
In a yearly meeting and report the results will be presented
to the senior management. Focus will be on what have
51
information.
Implement
improvemen
t
The second service that was introduced is the Bring Your Own Device (BYOD)
service. This service will make it possible for management and employees to get
access to the Terra Firma network with their own devices (smartphones, tablets
or laptops). This fulfils the need of management to work at any location as they
often travel and the needs of employees to work on their own devices in a
flexible working environment.
The requirements that are important for this service are a secure and fast
connection and fast upload and download speed. The transition to the new
service does have some risks and should be monitored carefully throughout the
projects lifecycle and also, while the service is in operation.
Introducing both services to Terra Firma would give an ROI of close to 30% and
would help Terra Firma upgrade their IT services to modern state. In the report it
is described how the service should be designed and how the transition should
take place using ITIL v3, giving a good overview of the requirements that need to
be met and the risks that occur when implementing the new services. The
implementation would be successful if the preparation is done correctly.
52
9.2 Conclusion
The aim of the report was to introduce new services for Terra Firma using the ITIL
lifecycle and to describe how ITIL could improve the IT management inside Terra
Firma. The current IT situation of Terra Firma has a number of flaws, with high
costs and low return on investment being principal issues. The IT operations
inside Terra Firma were not streamlined and the enforcement of standards and
improvement activities were conducted on an ad-hoc basis, ultimately leading to
the recent network crash. The crash was the catalyst for the re-assessment of
the IT department within Terra Firma. A number of weaknesses have been
identified as a result with the high number of different applications and low
standard compliance rate a contributing issue to the failure. In order for Terra
Firma to mitigate these issues, a redesign of several elements in the IT landscape
was required.
Following the ITIL lifecycle the first step was Service Strategy, where the
potential user and their business needs are determined and services to meet
these needs are specified. This step is important for every company because
when there is no strategy there is no direction leading to duplication and
communication issues. An improved service strategy and service portfolio
management system would have prevented this.
The second step, Service Design, is important for every company when
introducing a new IT service. A good Service Design where all requirements are
specified makes for applications that fulfil customer needs and comply to
company standards. In the case of Terra Firma this would be very important as
until now only a few applications comply with the IT standards. Planning the
transition is a critical phase and ITIL shows the activities and prescribes a
number of guidelines necessary to manage a successful rollout. A large number
of compatibility issues could be averted through the formal adoption of such a
process.
Terra Firma also does not have an adequate service desk solution. This has
prevented the effective management of events, incidents and problems.
Including a service desk within the companies ITSM process would help manage
the requests for change in the ITSM process and would help Terra Firma to
understand the issues that users have with the current and new IT services.
Continuous service improvement is also an incredibly important factor in
improving Terra Firmas ITSM process. This can also be achieved by introducing
the 7 step plan proposed within this report. This plan would provide a base set of
processes which could be used to measure and analyze the performance of Terra
Firmas services.
Overall ITIL provides a suite of excellent guidelines on how to manage IT services
and IT operations inside a company. This report clearly shows that ITIL helps with
strategically introducing new services and assessing current performance of IT
within the company. By streamlining change process and utilizing new cutting
edge services, IT within Terra Firma can achieve alignment, by furthering
business goals.
53
54
Bibliography
Chan, T. (2014). INN221 Technology Management Week 8 Lecture: Service
Transition. Retrieved from QUT Blackboard website:
http://blackboard.qut.edu.au/webapps/portal/frameset.jsp?
tab_tab_group_id=_4_1&url=%2Fwebapps%2Fblackboard%2Fexecute
%2Fannouncement%3Fmethod%3Dsearch%26context%3Dcourse_entry
%26course_id%3D_111203_1%26handle%3Dannouncements_entry%26mode
%3Dview
McPhee, D. (2008). ITIL and Security Management Overview. Opgeroepen op 5
30, 2014, van www.infosectoday.com:
http://www.infosectoday.com/Articles/ITIL_and_Security_Management.htm
Office of Government Commerce. (2007). ITIL V3 Service Operation. Norwich:
The Stationery Office.
Westervelt, R. (2013). Top 10 BYOD Risks Facing The Enterprise. Retrieved from:
http://www.crn.com/slide-shows/security/240157796/top-10-byod-risks-facingthe-enterprise.htm
55