Madura IT Systems - Case Study Example

Madura: Problem Definition and Concept Map Narrative XXX V ZZZZZZZZ ZZZZZZZ 26 July Madura: Problem Definition and Concept Map Narrative IT systems at Madura are fragmented in such a way that the essential features associated with information assurance, like confidentiality, integrity, and availability, are primarily compromised. For instance, the fragmented IT system is unable to adapt to strategic fronts when targeting the retail market because of its diverse function areas that are distributed across many geographical areas (Venkatagiri & Prakash, 2013). Moreover, the fragmented IT system prevents business process changes that sustain SOP changes as well as the various functional areas carrying out business process changes. Madura’s fragmented IT systems necessitates integration in order to link the IT applications within the enterprise. Since the organization’s IT department could not match the rate at which process changes were taking place, the organization launched workarounds. First, the organization adopted an outsourcing approach while the internal team focused on strategic tasks. Since the company’s CIO acknowledged the necessity to support the retailer’s IT strategy together within its business strategy, he started advising functional heads regarding technologies capable of helping them align the system to the organization’s goals. The “blank check” in which the various IT teams were given to implement IT solutions gravely hampered integration and availability of information because the solutions did not align with the enterprise’s business strategy or overall needs. The IT systems were unable to link to the new strategic fronts because many solutions implemented solve only specific problems. Madura has to broaden its strategic fronts partly because of the increasing demand in the local market since the demand for apparel has tripled due to an increase in the amount of middle class families. By broadening its strategic fronts, the company would have a fighting chance against increasing retail competition. Information Assurance goals Information assurance identifies and incorporates various policies, standards and mechanism to preserve integrity regarding people, information, technology, and the supporting infrastructure (Willett, 2008). Information assurance usually involves three elements including confidentiality, integrity, and availability. Confidentiality guarantees that information is accessible as required and prevents any unauthorized access, while integrity ensures that private data is not deleted or corrupted (Willett, 2008). The availability aspect in information assurance guarantees the accessibility of information as required and supports the enterprise’s capability to operate and even realize its objectives (Willett, 2008). In Madura’s case, these information assurance aspects do not receive enough attention in their implementation because IT systems in the organization are not fully integrated to ease the availability of information necessary for the company’s growth. Various applications implemented in separate business units within the enterprise hinder the ideal performance of IA systems. Overview and discussion of Information Assurance concept At Madura, information assurance primarily focuses on the desire to protect systems from external and internal attack, accidental damage, and environment threats, while maintaining business objectives. Although this is an essential element in information assurance, it has led the organization to have a ‘fixed state’ approach. This is evident through changes in systems that can be considered as a temporary switch between static states that breed tolerance to decreased security during the transition period. By adopting problem-prevention perception, Madura has extremely limited the organization, since it only allows the organization to introduce new systems that are rigid and sometimes unable to respond to their changing needs. Even though IA is considered a strategic imperative, at Madura information assurance seems to occur below board and often occurs as a reactive measure to external stimuli. This is partly attributed to the barrier of considering IA as a technical issue because some leaders lack understanding regarding the technical challenges involved in IA strategies (Birchall, Ezingeard, McFadzean, Howlin and Yoxall, n.d). Hence, the inclination to believe that at Madura IT, corporate and IA goals and plans were often developed separately an indication of lack of communication between these areas. The various perspectives through which the development of IA strategy takes place seem to have different objectives in the organization. Although the internal control perspective focuses on ensuring that management information is accessible and trustworthy, the fragmented IT systems fail to live up to expectations weakening information assurance goals. The perspective of information assurance is to focus on protecting the organization’s IS to ensure continuity and trust with business customers and partners (Birchall, Ezingeard, McFadzean, Howlin and Yoxall, n.d). However, IT systems at Madura do not conform to this understanding because of its fragmented and disparate functional areas that do not support strategic fronts. Moreover, although asset management perspective involves protecting all the assets of the organization including proprietary information and knowledge, at Madura this is almost impossible given the fragmented IT system spread across a wide geographical region. Clearly, at Madura the relationship between these three perspectives in the organization appears to be weak. The fragmentation at Madura influences the roles and responsibilities in the organization that seems to affect various aspects of information assurance. IT systems at Madura do not align with the KPI and corporate strategy. This seems to result from the unconnected strategic plans in the corporate, IA and IT areas (Birchall, Ezingeard, McFadzean, Howlin and Yoxall, n.d). In addition, the gap between these areas results in duplication of every effort in some parts of the enterprise resulting in instances of conflicting strategies. The fragmented IT system support owning information locally, this is inefficient since the retail stores in various locations keep information to themselves. The fragmented IT system has various consequences on information assurance. These consequences include lack of logical direction for Madura’s management in acquiring systems, and multiple ownership. The organization supports many initiatives with multiple constraints to the management with some of them conflicting with the organization’s goals. For instance, the IT systems across the various geographical regions have adopted measures that at times do not fully integrate with the general goals of the enterprise (Venkatagiri & Prakash, 2013). Moreover, using the most appropriate engineering to ensure information assurance in the various systems in the organization seems to have no attention in the organization although such a step would require a lot of money and time. Multiple ownership in the organization results from the failure to take advantage of the common methods and instructions for integrating the various systems. This is evident in the many applications within the IT system that do not fully integrate into the organization’s core system. To attain the necessary information assurance within any system, the requirements for assurance are given to the right systems together with their essential components. However, at Madura the right system and its essential components are fragmented across various geographical locations making information assurance a huge task for the enterprise. Relationships between disciplines Information Assurance (IA) entails guaranteeing availability, integrity, and confidentiality across various operations carried out within the organization. To accomplish this, fields like Database technologies, Software Engineering, Information Technology (IT) Management, and Systems Engineering play significant roles. IT Management communicates with clients, listening to their needs and advising them on where IT can improve their business. Database technologies help in storing, processing and securing data when software engineers design or modify existing systems to meet business needs. System engineers on the other hand interact with IT management in ensuring security of data and optimum use of available IT infrastructure. IT management The IT management agree to costs and timescales as well as standards that need to be met while monitoring the project team. Moreover, IT management is responsible for getting in touch with the management and its clients to update them on overall progress and evaluate every project stage. Information and IT play significant role in achieving the rights of enterprises to coexist, survive, and grow (Boyce & Jennings, 2002). The rights of an organization are threatened by conventional threats and by the surfacing new challenges. However, information assurance provides means of protecting and defending the rights of enterprises from these threats (Boyce & Jennings, 2002). Information is considered one of the critical and strategic business resources in any organization. The goal of IT management involves protecting the organization’s precious systems, information, facilities, and networks responsible for processing, storing, and transmitting that information. At Madura, IT management does not have this clear understanding regarding the roles of IT management because of the fragmented IT system in the enterprise. IT management in accomplishing these tasks, it has to work in collaboration with system engineers who evaluate and help in coming up with a reliable system. IT management plays a huge role in steering system engineers by providing the needed functionality that meets the needs of users and clients. Protecting information is as crucial as protecting the other resources like money and personnel in an organization. System engineers help secure transmission, processing, and storage of information. To be able to carry out this task, system engineers use database technologies that employ various levels useful in guaranteeing data integrity in order to support information assurance in an enterprise. Moreover, system engineers have the task of configuring, installing, and integrating the various IT systems within an enterprise in manner that fulfils the goals of the enterprise. IT management at Madura seems to have a different understanding considering the various systems across the enterprise’s reach that are dire need of integration. Information in organizations is a sensitive, expensive, and perishable resource that represents substantial investment. Nevertheless, IT management at Madura does not receive the much needed investment to enable it accomplish its tasks of guaranteeing smooth functioning of the enterprise and its retail stores. For instance, when the enterprise needed to have a new system, the CIO opted to have COTS instead of investing in the IT department that could have come up with a suitable system for the entire enterprise (Venkatagiri & Prakash, 2013). The way information is protected depends on the structure it takes as well as its attributes. Threats to information occur at any moment when the information is being processed, transmitted, or stored. These threats to information fall in three categories that include compromise through unauthorized disclosure, unavailability through denial of service and corruption through unofficial modifications (Boyce, & Jennings, 2002). These threats are ever present at Madura given the organization’s fragmented IT system. IT management in this company does not ensure that the enterprise generates value through technology, which is the main role of a strategic IT management. IT department seems to lack justification for its existence in the organization since it does not fully support the enterprise’s strategy. Although it is common knowledge that IT strategy derived from corporate strategy has the ability to increase IT potential by decreasing business costs while enhancing revenue and creating value (Buchta, Eul, & Schulte-Croonenberg, 2010), this is not true at Madura. IT management at Madura has been unsuccessful in integrating the various IT systems in the various business units for the enterprise gravely inhibiting efficiency in the systems. This failure by the IT management gave way to different business process changes in various functional areas across the enterprise. Moreover, IT management at Madura failed in optimization that entails offering the best achievable support to business processes at the lowest cost because the fragmented IT system hardly supports the enterprise’s goals. For instance, the fragmented IT system results in problems in supply because some retailers request more products than they need while others request products that are hardly enough for the retailer (Venkatagiri & Prakash, 2013). The IT department seems to be a glorified technical team and troubleshooter at Madura instead of being one of the architects of the enterprise together with senior management in contributing to the value of the company. IT management not only involves realizing planned increase in company value but also identifies and proactively fosters value enhancement potential in a company (Buchta, Eul, & Schulte-Croonenberg, 2010). Nevertheless, these roles of IT management seem to be neglected at Madura even with clear manifestation of the problems within the IT systems in the enterprise. The fragmented IT system is the main challenge to IT management in the enterprise because integrating the various functional areas spread across geographical regions of the organization is a huge task. Moreover, to guarantee IA, the IT management has to ensure security controls offer reliable and indisputable evidence that the system works properly through assistance of system engineers. To establish this, consultants carryout audits, examine system logs and other covert or overt notifications. IT management in this enterprise has failed in ensuring that only authorized processes or individuals have access to information, this consequently affects IA in the system. IT capacity in Madura has not been fully exploited given the challenges facing the IT system and the need to optimize business processes. IT management in the organization faces a huge challenge in changing the organizational structures and processes in order to exploit the full potential in IT. The role of top IT management involves defining priorities for the various IT projects. Moreover, the main role of IT executives entails supporting critical business units while at the same time balancing short-term objectives with long-term investments in IT (Brocke & Rosemann, 2010). IT management also steers committees in order to establish priorities in IT projects that in return is useful in guaranteeing information assurance in the organization. Therefore, IT management main role is to function as service manager and satisfy users of IT (Brocke & Rosemann, 2010; Monk & Wagner, 2009). At Madura IT management seem to have little understanding regarding these tasks of management since the organization IT system is a huge disadvantage to the organization’s growth. The IT infrastructure in the organization instead of being the driver of the enterprise goals it seems to be the organization’s weakest link to achieving its development goals. From the perspective of information technology infrastructure, top management takes the leadership role like that taken by the strategy execution perspective; even though, IT tends to be the architect through which visions and processes are accomplished (Buchta, Eul & Schulte-Croonenberg, 2010). This however is not the case with Madura because the fragmented IT systems are hindering the organization from achieving its growth goals. Software engineering Software engineering helps design systems through the leadership of a software engineer, who coordinates the functions of developing new software. Software engineers are useful in developing software that integrates various business units (Dubois, Pohl & International Conference on Advanced Information Systems Engineering, CAiSE, 2006). The knowledge of software engineers is necessary when there are problems in computer applications and programs. To ensure integrity of systems and availability of service, software engineers evaluate the existing applications while liaising with users in coming up with specifications and modifying existing systems. Systems software usually deals with connecting hardware and providing services to applications software (Jacobs, 2011). In Madura, examples of system software include device drivers, operating systems and networking software and tools. Application software allows users to carry out their tasks. Some of application software in Madura include business decision and intelligence software, security software for network, data management software and supply chain management software. The main challenge to Madura’s information assurance within its IT systems result from the introduction of commercial off-the-shelf (COTS) package instead of building a new system. The problems in the company’s IT systems are compounded by allowing only the internal IT teams to implement solutions that take into consideration the specific needs and social notions of the organization. Without the skills of a software engineer who tests if the system operates satisfactorily, the system was bound to have issues in supporting business operations as evident in the system. The organization’s management sacrificed development of a new system that would have easily satisfied all the requirements through the help of software engineers to go for COTS that was easy to install. If the organization had developed a new system through the help of software engineers, it would have been easy to train users and deal with support and feedback tasks, which would support IA in the company. The current use of COTS does not fully address IA in the company because when system developers decide to leave, the prevailing support and development of the application becomes problematic. Regardless of whether the system was built or purchased, the implemented system needed to interact flawlessly with the many IT applications in the enterprise. Therefore, through the help of a software engineer, the current disintegrated system that hampers the organization’s growth would have been dealt with before it began working. The lack of key software engineering skills during the development and implementation of the system seriously hindered the IA of the system. For instance, business user needs had the least impact on the system because of the limited budget accompanied by the strict timelines meant that the IT personnel rolled out minimum set of requirements. In these circumstances, the solution dampens the innovative thinking associated with the desired features, which in return compromises on IA (Tsai, 2002). Moreover, customizing commercial IT applications is costly and becomes problematic when the vendor does not wish to show the inner workings of the software to a customer. In addition, some proposed changes within commercial IT application can be technically complex and in some cases any unauthorized alteration renders the product warranty void (Rainer, 2008). To avoid paying such a price, Madura executives seem to have resorted in keeping the many applications across its enterprise that in return renders IA in the system helpless. The prevailing IA problems at the company seem to occur from lack of strong advice from a software engineer who could have helped in software analysis. Through software analysis, the organization could have salvaged its IT systems IA because software engineer can analyze the requirements of the systems, review the software, and even analyze the software reliability. Moreover, software engineering helps integrate software with the existing system, carryout automation and document software functionality, all which are essential in maintaining IA in a system (Rainer, 2008; Harmon, 2003). These capabilities of software engineering are essential in guaranteeing availability and integrity of the system while, at the same time, offering the necessary functionality to the various business units only if the organization utilized them properly. Database technologies Database technologies offer a crucial feature for providing an internal representation of the external world. In return, DB systems rely on infrastructure such as networks, client-server computing architecture, skilled analysis of data, and skilled DB development methods to be effective. Database technologies in guaranteeing information assurance ensure that they store and organize data while, at the same time, coordinating changes within the database (Rainer, 2008). This notion is ideal in harmonizing the discrepancies that exist at Madura by eliminating the many IT applications in the enterprise. Information systems usually utilize database technology in storing and retrieving data in order to attain high performance and effectiveness. These database technologies are especially significant in online-based applications since a lot of data need server-side processing and distributed to physically remote clients (McKinsey & Company, 2012). Database technologies play a huge role in ensuring IA in systems because of their design that reflects the value of information contained in the databases as well as the applications that access the data (Rainer, 2008; Buchta, Eul & Schulte-Croonenberg, 2010). Databases act at repositories for facts regarding the organizations they model (Buchta, Eul & Schulte-Croonenberg, 2010). As the organizations changes, the changes are continuously incorporated into the database in order to preserve the facts. Database technologies use transactions mechanism in incorporating these changes in the databases in order to preserve consistency, which is essential in maintaining information assurance (Buchta, Eul & Schulte-Croonenberg, 2010). Computer-based information technologies are used extensively in industries in managing their processes making information systems a core element in organizations. Madura has failed to successfully incorporate information systems to become a key element in the organization because of the prevailing fragments in its IT systems. Nevertheless, software engineers design databases to make sure that they support data processing, storage and retrieval activities associated with data management information systems. Database technologies provide efficient support to tasks giving way to tremendous gain in productivity, which in return contribute to information assurance. Software engineers are able to develop efficient systems that also support information assurance using database technologies (Buchta, Eul & Schulte-Croonenberg, 2010). Database technologies provide software engineers with inbuilt multilevel integrity that supports data integrity at field level, table level, relationship level and business level to guarantee accuracy of the data (Buchta, Eul & Schulte-Croonenberg, 2010). Moreover, database technologies offer physical and logical data independencies from database applications. This makes it easy for software engineers to be able to use various database software vendors to make changes to logical and physical design of the database without adversely affecting applications depending on it (Boyce & Jennings, 2002). Database technologies guarantee data consistency and accuracy because of the various levels of integrity software engineers impose on databases. Moreover, database technologies support information assurance because they allow easy retrieval of data. These capabilities of database technologies are crucial in businesses and supporting information assurance making databases the best choice in many circumstances. In ensuring information assurance, database technologies provide software engineers with the ability to protect and defend information systems through guaranteeing availability, authentication, integrity, non-repudiation, and confidentiality. Information permeates all levels of a corporation (Boyce & Jennings, 2002). Today, information dependent enterprises rely on information systems that in return employ database technologies that help store, process, display, and transmit information in successfully accomplishing the goals of the enterprise. Because automated information permeates every aspect of an organization, all individuals seem responsible in ensuring IA. For instance, everyone has to ensure that corporate sensitive information and its information systems are secure (Boyce & Jennings, 2002). However, Madura’s fragmented IT systems do not fully support IA since its IT systems do not fully integrate the power of database technologies in meeting IA goals. Clearly, Madura’s multi-level database system needs a lot of work because of the increased parallelism in its computing systems. This limits large-scale applications in support of parallel systems that ignore security through parallel applications. The organization does not fully engage in database activities that result in efficient extraction of data in various locations where the enterprise conducts business. Since the content in the enterprise is highly distributed, directory services seem essential to the IT system. The partitioned database system in the organization seems to support mostly the locality of the database. However, this partitioning scheme is not reliable to the enterprise and may fail because when the servers in various locations fail then the partitions become unavailable until the system recovers from the failure. Moreover, the enterprise’s zero redundancy toward data makes the IT system unable to offer adequate reliability in its operations, which seriously affects IA in the company. Establishing information assurance, system engineering helps investigate and utilize the latest technologies, as well as procedures, to increase security capability in order to enhance the integrity of the system. The link between information assurance and system engineering is the ability to design and develop security systems that guarantee confidentiality and the integrity of the system. Information assurance in system engineering involves translating user needs and the environment of information systems into objectives and functions (Curts & Campbell, 2002). This concept of the relationship between system engineering and information assurance is ideal for the integration of the various IT applications at Madura. System engineering System engineering methodologies help realize complex information systems that include many interacting components at a reasonable costs while at the same time eliminating vulnerability to failure (Jacobs, 2011). Using appropriate methodologies, system engineers through the support of IT management is able to develop highly integrated information systems that can interact securely across various locations. System engineering through the support of IT management is able to establish and satisfy customer needs throughout the lifecycle of the system (Jacobs, 2011). Although system engineering involves understanding of customer needs, establishing system requirements, stating the problem, conducting design reviews, validating requirements, reliability analysis and system integrations, system engineering incorporates much more. Organizations rely on electronic information capabilities offered by database technologies in storing, processing, and coordinating executive operations that support information assurance and business activities (Jacobs, 2011). Database technologies provide multilevel integrity to data systems that enable system engineers employ in order to decrease vulnerability to threats and prevent as well as recover from various threats (Jacobs, 2011). Information assurance perspective in software engineering establishes the capabilities that need to be defended in the context of four main elements that include local computing environment, boundaries, networks and the supporting infrastructure. In system engineering, information assurance covers the collection, transmission, storage and usage of information. The main aim of information assurance involves protecting users, enterprises and business units from negative impacts of corrupt information or denial of service. Naturally, when information systems communication, processing, or storing of information becomes corrupt or is unavailable, this has impact on the entire enterprise. However, protecting the systems alone without taking into considerations the protection of the information, communication, and processing is never adequate in system engineering (Jacobs, 2011). Madura’s fragmented IT system makes information unavailable, which in return affects the development of the enterprise and information assurance goals. By supporting only the systems in various functional business areas in the organization is the huge challenge in ensuring IA across the enterprise. The ability to generate and transmit information has increased over the last few decades and is more reliant on information technology. However, at Madura, the ability to generate information seems to overtake its ability to control and utilize it effectively. The fragmented IT systems at the enterprise do not support reliable transmission of information. In guaranteeing information assurance, system engineering fundamental principles in IA life cycle methodology require security measure to be implemented with the aim of offering long-term and continuous protection (Jacobs, 2011). System engineering through the support of IT management examine, analyze and document objectives and the functional and performance that needs to achieve the established goals. System engineering concepts steer IT management in providing framework for creating capabilities and solutions that guarantee compliance with established requirements. Moreover, system engineering in conjunction with IT management offers traceability from objectives, progressing through requirement development, solution development/design/procurement in and during operation and administration (Jacobs, 2011). Moreover, system engineering supports compliance evaluation of the deployed systems and the way the systems are utilized (Jacobs, 2011). Systems engineering considers all the various aspects instead of just the technical components through the help of IT management. System engineering incorporates all the information-processing infrastructures like networks and computing devices defined by their context. The context is defined by the operation of the organization, the services or products of the deploying organization or competitors of the deploying organization (Jacobs, 2011). Considering Madura, the contexts of the various infrastructures for processing information are disparate and located across several geographical locations that make up the fragmented IT system in the enterprise. Although system engineering involves the recognition, integration and appreciation of all aspects of an enterprise, Madura IT system grossly violates this understanding since most of its business units have systems that are not integrated into one functioning system. A system is often considered as a collection of interconnected elements that work together in producing composite output greater than the total output of individual components (Badiru, 2013). However, at Madura, the IT system is completely disconnected, which seriously impairs the output of the system in supporting the goals of the enterprise. System engineering discipline provides a comprehensive and systematic approach for guaranteeing automated systems as well as dynamic combinations interact and offer the required functionality (Jacobs, 2011). This understanding of IA indicate that various automated systems are connected and configured dynamically to function in tandem accomplishing their specific tasks. Dynamic combination of disparate and geographically dispersed IT systems is the rule rather than the exception in the prevailing technology landscape. However, Madura IT system has been unsuccessful in accomplishing this because of the disintegrated IT systems across enterprise, which is a huge failure in its system engineering. The organization needs more robust properties than integrity, availability, non-repudiation and authentication if the IT system is to meet IA goals. Although these properties are essential by themselves, they are incomplete. A complete set of system properties results from combining reliability, security, and safety. The synergy of synchronized reliability, safety, and security engineering tasks at software, hardware and system levels result in effective IS throughout the life cycle of a system (Jacobs, 2011). At Madura, this synchronization does not exist because the fragmented IT system persists across its various business units. IA is essential in business-critical systems since there are very few automated systems that never require some degree of information assurance (Herrmann, 2002). The scenario depicted in Madura illustrates some challenges to information assurance. For instance, all the systems within its various domains involved in transactions such as purchasing, transportation, online businesses and financial activities ought to function properly. To understand the level of problem in Madura’s IT system, one only needs to evaluate the number of online transactions done simultaneously in a day in one of its many retailers and then add that up for a period of one week. System engineering in the enterprise has the responsibility of underpinning these transactions with reliable and secure communication, which seems unattainable in this system because it does not guarantee information assurance because of the fragmented IT system. Conclusion Madura IT systems take a less coherent and more fragmented approach, which not only compromises the organization’s goals of development but also information assurance in the enterprise. The approach the enterprise has taken in guaranteeing information assurance for the enterprise has completely flopped together with the fragmented IT systems within the enterprise. The fragmented IT system not only fails in accomplishing the tasks of supporting new strategic fronts but also it fails in sustaining information assurance in the enterprise. Various fields in information technology relate in information assurance and as established in Madura’s concept map, database technologies relate to software engineering while IT management relates to system engineering. For instance, the study established that IT management at Madura connects with system engineering in coming up with solutions although at Madura the solutions interfere with the goals of development in the enterprise. Besides, database technologies and software engineering form a relationship since software engineers use database technologies in developing suitable systems that support business needs and meet IA goals. Database technologies are acknowledged for their many levels of maintaining data integrity an aspect that software engineers exploit in developing systems that meet business needs and information assurance goals. Even though, these information technology fields have relationships that are quite useful in establishing useful IT systems for an enterprise, Madura IT system does not fully integrate the power of these fields; hence, its failure in supporting business and information assurance goals. References Badiru, A. B. (2013). Handbook of Industrial and Systems Engineering, Second Edition. Hoboken: Taylor and Francis. Birchall D., Ezingeard J., McFadzean E., Howlin N., and Yoxall D. (n.d) Information assurance: Strategic alignment and competitive advantage. Grist ltd. Boyce, J. G., & Jennings, D. W. (2002). Information assurance: Managing organizational IT security risks. Amsterdam: Butterworth-Heinemann. Brocke, J., & Rosemann, M. (2010). Handbook on business process management 2: Strategic alignment, governance, people and culture. Berlin: Springer. Buchta, D., Eul, M., & Schulte-Croonenberg, H. (2010). Strategic IT management: Increase value, control performance, reduce costs. Wiesbaden: Gabler. Curts, R. J. &Campbell, D. E., (2002). Building a global information assurance program. Boca Raton, FL: Auerbach Publications. Dubois, E., Pohl, K., & International Conference on Advanced Information Systems Engineering, CAiSE. (2006). Advanced information systems engineering: 18th international conference, CAiSE 2006, Luxembourg, Luxembourg, June 5-9, 2006 : proceedings. Berlin [etc.: SpringerLink [host. Harmon, P. (2003). Business process change: A managers guide to improving, redesigning, and automating processes. Amsterdam: M. Kaufmann. Herrmann, D. S. (2002). A practical guide to security engineering and information assurance. Boca Raton: CRC Press. Jacobs, S. (2011). Engineering information security: The application of systems engineering concepts to achieve information assurance. Hoboken, N.J: John Wiley & Sonsl. McKinsey & Company (2012). Perspectives on Digital Business. McKinsey Center for Business technology Monk, E. F., & Wagner, B. J. (2009). Concepts in enterprise resource planning. Australia: Course Technology Cengage Learning. Rainer, R. K. (2008). Introduction to information systems: Supporting and transforming business. Hoboken, N.J: Wiley. Tsai, H.-L. (2002). Information technology and business process reengineering: New perspectives and strategies. Westport, CT: Praeger. Venkatagiri, S., & Prakash, Y. (2013). Wooqer: Making Business social (A). Indian Institute of Management Bangalore. Willett, K. D. (2008). Information assurance architecture. Boca Raton: CRC Press. Read More