Sunday, March 23, 2014

Business Impacts of Virtualization on ABC Law Firm

ABC Law Firm currently uses Windows 7 and all Windows based software and applications including Microsoft Office 2007.  The accounting system, Tabs3, and the document management system, Worldox, run on a Windows based platform.  An alternative to a Windows operating system is a Linux based operating system called Ubuntu which has very similar capabilities to Windows.  Ubuntu offers Libre Office that including word processing, spreadsheet and presentation applications. Ubuntu is an open source operating system where numerous contributors can change, modify and re-compile the code to fit their needs.  In addition, Ubuntu is free of charge and offers an application called Wine that can make Windows based software and applications compatible with and run on Ubuntu. 

The question is posed: Should ABC Law Firm virtualize the workstations with Ubuntu as an alternative operating system?  Virtualization refers to creating a virtual version of something rather than an actual version, which can be used on computer hardware, operating systems or desktops. 

After researching this alternative, there is a major security threat posed with running Ubuntu on the workstations of ABC Law Firm.  Since the operating system is open source, anyone can program back door access which could lead to security risks. This could lead to confidential data being comprised including employee and client financials and personal information.

In addition, Wine acts as a API layer between Ubuntu and the Windows based software.  Wine does not guarantee that the accounting system and document management system will operate with Ubuntu which again can cause major concerns.  Since the firm is in its fourth year of operation, investing in another accounting system and document management system would not be prudent.

Another dimension to review is the third party support agreements the firm has in place.  ABC Law Firm has third party support agreements in place with Tabs3 in the amount of $3,000 per year and Worldox $2,800 per year. These two software programs are specifically made to run on a Windows based platform. If the firm was to run these applications through Wine and Ubuntu, the service agreements can be null and void leading to further issues for the firm.  Lastly, our third party IT representative would not be able to support Ubuntu since he does not have specialized training in it.  Lastly, centralized Linux/Ubuntu support may be difficult to locate and is costlier than Windows which can about increase IT costs.

This analysis is purely addressing the drawbacks to virtualizing the workstations with Ubuntu as an alternative operating system.   It would be in ABC Law Firm's best interest not to use Ubuntu as a dual operating system. In addition, this analysis does not consider the training costs involved including lost billable hours, installation of Ubuntu and maintenance.


However, desktop virtualization has proved to be a highly effective means of conducting business for ABC Law Firm. ABC Law Firm established desktop virtualization or virtual desktop infrastructure (VDI) for all employees through its remote access. When employees are not physically in the office, they can access their workstations through a specific remote access website. Employees are designated to a specific workstation with a username and password. Employees can interact or "log in" to the host computer (workstation) using another desktop computer, laptop or mobile device through an internet connection. 

The firm's data and confidential information is never actually saved to employees' personal desktops or laptops since it could create potential security risks. In addition, if personal devices are infected with a virus the firm's workstations and server will be protected since no information actually exists on the personal devices.  

The question is posed: Has desktop virtualization had any impacts both positively or negatively on ABC Law Firm?

One major impact that desktop virtualization had for the firm was during Hurricane Sandy. The firm's physical office was without power and employees were not able to travel to and from the office. Remote access granted employees the ability to work from home and continue generating revenue through billable hours.    

The table below describes the potential lost revenue if the firm did not implement desktop virtualization. As one can see, the firm could have lost about $180,000.00 during those 8 days without physical access to the office.  That would have had a significant impact on a firm only in its second year of operation.  Desktop virtualization is a wonderful tool to provide employees not only during inclement weather days but also while traveling or attending meetings.

Potentially Lost Revenue
TitleHourly RateAverage Hours Billed Per DayTotal Revenue Per DayWork Days without PowerTotal Lost Revenue
Partner 1 $425.00        7 $2,975.00             8 $23,800.00
Partner 2 $375.00        7 $2,625.00             8 $21,000.00
Partner 3 $375.00        7 $2,625.00             8 $21,000.00
Of Counsel 1 $350.00        7 $2,450.00             8 $19,600.00
Of Counsel 2 $350.00        7 $2,450.00             8 $19,600.00
Of Counsel 3 $350.00        7 $2,450.00             8 $19,600.00
Of Counsel 4 (part time) $350.00        4 $1,400.00             8 $11,200.00
Of Counsel 5 (part time) $350.00        4 $1,400.00             8 $11,200.00
Associate $250.00        7 $1,750.00             8 $14,000.00
Paralegal 1 $125.00        5 $625.00             8 $5,000.00
Paralegal 2 $125.00        5 $625.00             8 $5,000.00
Paralegal 3 $125.00        5 $625.00             8 $5,000.00
Paralegal 4 (part time) $125.00        4 $500.00             8 $4,000.00










TOTAL REVENUE LOST $180,000.00


Posted by at No comments:

Wednesday, March 5, 2014

Strategic IT Transformation at Accenture Reflection

Memo
To:
Senior Management
From:
Allison DeLorenzo
Date:
March 5, 2014
Re:
Strategic IT Transformation at Accenture Reflection


This memo is prepared in response to the presentation held on Tuesday, March 4, 2014 with ConsultCube LLC, a United States consultant team, regarding whether Accenture should invest in and implement a completely new IT governance framework, COBIT 5 or maintain its current IT governance system. As stated in the presentation, the main criteria driving this decision are cost efficiency, regulatory compliance, risk and business process management, training, and flexible control. Accenture is currently using its own IT governance system that was created as a result of the re-branding from Arthur Anderson in 2001.  The current system consists of steering committees, project sponsors and an ROI auditing process. In addition, the current system is cost effective and has aided in the overall reduction in IT costs (i.e. approximately $8,000 savings per employee due to new infrastructure and IT governance system).

After listening to the consultants recommendation and analyzing the risks involved with both courses of action, I agree that Accenture should maintain its current IT governance system. Even though COBIT 5 is used worldwide and incorporates industry-proven best practices and applications, Accenture's current model already has these practices and standards in place that prove to be working effectively.  The current IT governance system addresses 4 of the 5 main principles of COBIT 5 including risk/regulatory compliance analysis, monitoring and measuring IT projects. The fifth principle requires a decentralized management style which would change Accenture greatly. The system was specifically developed for Accenture whereas COBIT 5 is generic and can be applied to all industries.  By maintaining Accenture's current system, the company will avoid COBIT 5 material costs, exorbitant training costs, constultant fees and loss of productivity.   Lastly, the current system is flexible and can adapt as Accenture grows. 


One interesting fact that was discussed during the meeting was that at the present time there is no evidence of other IT companies comparable to Accenture that have implemented COBIT 5.  Due to this fact, there is no tangible measure of how a COBIT 5 accreditation will impact business and what the company can gain from it which further solidifies the recommendation to maintain the current governance system. 

I believe this recommendation to maintain the current governance system will aid in Accenture's future growth and IT cost reductions. Adopting COBIT 5 is not a prudent decision at this time. 

Posted by at No comments:

Saturday, March 1, 2014

Strategic IT Transformation at Accenture


Problem/Issue Statement

When Accenture was created/rebranded in 2001, it faced a critical decision on whether to continue using the legacy system from Arthur Anderson or take advantage of opportunity and created a completely new IT infrastructure. Accenture decided to accept the challenge and overhaul its information technology systems. Accenture adopted a one-platform approach, streamlined applications, sought out new vendors/supplies while greatly reducing the IT expenditures across the world. Accenture is very proud of this accomplishment since very few organizations of that size have successfully completed such a massive undertaking.


As a consulting company, Accenture wanted to implement its own advice by simplifying processes and technology whenever possible while also maintaining state-of-the-art industry leading IT infrastructure. 

However, Accenture is currently considering upgrading the IT governance system to Control Objectives for Information and Related Technologies (COBIT) to enhance its business standards and reporting.  COBIT 5 is being considered due to the countless regulations and compliance standards Accenture must comply with around the world. If adopted the system will help aid in measuring IT programs success, align with business goals and seek to ensure best practices is used. 

The symptoms of using the current IT governance system includes a lack sophistication to measure the successfulness of IT projects including tools, computer programs, may not align strategically with business goals and does not address the multitude of regulations and compliance standard that must be adhered to.  

If Accenture decides to implement COBIT 5, symptoms of this problem include training staff for accreditation on the system, creating a team to oversee that COBIT 5 is being used properly, costs involved with training or COBIT support and aversion to learning a new IT governance system. 

Implementing COBIT will affect Accenture globally, employees, IT infrastructure and most importantly how business is conducted. This would also involve assembling a high trained IT group to roll out/maintain the new COBIT 5 governance system and train all employees. 

Situation Assessment

     When Accenture implemented a new IT governance system during the IT overhaul an approval process, steering committee and yearly audits of IT projects were instituted.  During this shift in IT, Accenture also implemented a new IT Governance system to administer its IT decisions going forward. This new approach required high-level management and Accenture’s senior IT staff to work together to define the IT horizon for the fiscal year. The IT project selection philosophy changed drastically under this new system.  A formal process was established where IT projects were presented to the steering committee. All projects had to have a senior business sponsor, whose duty was to convince other members of the business value in the proposal. If a sponsor’s project was approved, he or she took responsibility for extracting the claimed value of the project.      IT initiative presented in the committee had to be accompanied by a clear ROI analysis    
     
          Approved projects were subject to an annual audit for three years. Audits sought to verify that the projected value effectively had been created; sought to calibrate Accenture’s ability to predict value creation in IT initiatives by comparing predicted value to realize value and learning from mistakes that created a disparity between two; audits sought to keep both business sponsor and IT team on their feet by proactively managing the project well after it was approved

 The decision criteria for implementing COBIT 5:

·        Must address the gaps not covered by the current IT governance system
·        Organization system for compliance and regulation of IT standards across the world
·        Evaluate, Direct and Monitor functions and processes within the company
·        IT valuation/effectiveness of projects
·        Address information security, provide business models
·        IT Assurance Framework
·        Align, plan and organize business goals of the company
·        Monitor and assess IT risk



List of Plausible Alternative Courses of Action

There are two courses of action identified and both options address the main problem in different ways:


Implement COBIT 5
PROS
CONS
One of the most commonly used frameworks to comply with Sarbanes-Oxley
Addresses the governance and management of IT from an enterprise-wide perspective
COBIT is based on all other IT best practices
Used as a complimentary to other best practices -ITIL, TOGAF, ISO27000 and PRINCE2
Provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise information and technology assets
Non-technical and understandable management thinking
Contains good practices, RACI charts, performance assessment and monitoring tools
Includes implementation guidance
Seeks to  evaluate, direct and monitor; align, plan and organize; build, acquire and implement; deliver, service and support and monitor, evaluate and assess
Training costs for experienced IT employees; workshops, in-house training with people who will be engaged in a roll out
Costs associated with consultant costs
Costs associated with materials including:
COBIT 5: Enabling Processes, $135 non-members ISACA/ $35 members
COBIT 5 Enabling Information, $135 non-members ISACA/ $35 members
COBIT 5 Implementation, $150 non-members ISACA/ $35 members
COBIT 5 for Information Security, $175 non-members ISACA/ $35 members
COBIT 5 for Assurance $175 non-members ISACA/ $35 members
COBIT 5 for Risk $175 non-members ISACA/ $35 members
Annual membership dues and chapter dues
Employee resistance to new IT governance system
COBIT may not be as detailed in terms of how to do certain functions and is too board

Maintain current IT Governance System
PROS
CONS
No additional training costs or materials
No employee resistance to new system
Current system is efficiently operating and has been since the IT overhaul in 2001
Steering committees have been effective in decision making since inception which reduced IT costs, implemented new philosophy for the IT department (IT as a business rather than a cost center)
Continue their existing value chain and reporting systems that virtually revolve around the clock while ‘following the sun.’
Measuring techniques and tools may not be all encompassing and may fall to subjectivity
Is not as sophisticated as COBIT, lacks models for oversight and monitoring
Does it properly measure and evaluate risk?
Is current system all encompassing?
Gaps in current IT governance system

 Evaluation of Alternatives
 
When evaluating the two courses of action, it is important to analyze which option will align with Accenture’s decision criteria, accommodate future growth and be cost effective. The pros and cons of both alternatives: implement COBIT 5 or maintain current IT governance should be analyzed and evaluated. Accenture should decide if COBIT 5 will effectively fill in the gaps of their current IT governance system or if it will be too broad. Accenture should also analyze if COBIT 5 provides better tools in monitoring, measuring and assessing IT projects. The costs involved implementing COBIT 5 including training costs, consultant fees, roll out costs and materials should also be evaluated.

The evaluation relates to the decision criteria developed because it analyzes whether COBIT 5 can effectively fill in the gaps of the current system or provide new insights in monitoring and assessing IT projects.  COBIT 5 will be all encompassing and not just limited to the IT functions.

Accenture can be imaginative in this decision since the real value of COBIT 5 cannot be assessed until it is implemented.  The Accenture needs to determine if COBIT 5 can add value to the current operating processes and determine if that value is worth the training costs, material costs and new system costs.

Recommendation

After considering both courses of action, I believe the quality and logical recommendation is to maintain the current IT governance system. With an investment that will incur high employee training costs, consultant fees, materials costs, loss of productivity, and possible backlash from employees, the risks associated with implementing COBIT 5 outweigh the benefits.  

Even though COBIT 5 is used worldwide and incorporates industry-proven best practices and applications, Accenture’s current model already has these practices and standards in place that prove to be working effectively.  COBIT 5 may be redundant to what Accenture already has in place. For example, COBIT 5 seeks to have a greater control over IT governance and regulations/standards. Accenture has already addressed these issues through their steering committees, project sponsors and ROI auditing process. In addition, a number of other COBIT 5 standards were covered during Accenture’s IT restructuring which include linking IT processes to the business objectives through processes such as IT support on a per need basis through an internal customer. Furthermore, I believe Accenture’s current IT governance system addresses most of the key functions offered by COBIT 5 and implementation is not needed at this time.

Presentation

·         If I were presenting as a consultant to the class, I would state that I have been commissioned to identify the benefits and drawbacks involved with implementing COBIT 5 to the IT governance system. I would discuss the costs and training involved with COBIT 5 and provide insight into what the framework can offer Accenture. I would discuss the current IT governance system’s functionality and overall successfulness. I would provide examples of controls already in places such as the ROI audits and project sponsors. 


Visual aids to be used in presentation:

  • PowerPoint presentation for benefits and drawbacks of each course of action;
  • Decision criteria for Accenture; and
  • Recommendations for maintain current IT governance system

I would “sell” the current IT governance system by stressing it is a successful system that Accenture implemented in 2001.  Accenture’s current IT governance system addresses most of the key functions offered by COBIT 5 and implementation is not needed at this time. The company would not be incurring additional costs for COBIT 5, redundancies would not be present and training costs would not be incurred. 

·         Other Delivery Consideration to Keep in Mind:
  • Pros and cons of both courses of action
  • Obstacles with implanting COBIT 5 including learning curve, training costs and consultant fees.



Posted by at No comments:
Subscribe to: Posts (Atom)