Posted: February 26th, 2023

Discussion 5

This week we focus on globalization concepts.  Please explain the concept of globalization and the role information technology has in the global market.

Your response should be 250-300 words.  Respond to two postings provided by your classmates.

Information Systems for Business and Beyond (2019) Information Systems for Business and Beyond (2019) Information systems, their use in business, and the larger impact they are having on our world. DAVID BOURGEOIS JOSEPH MORTATI, SHOUHONG WANG, AND JAMES SMITH Information Systems for Business and Beyond (2019) by David Bourgeois is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License, except where otherwise noted. This book was initially developed in 2014 by Dr. David Bourgeois as part of the Open Textbook Challenge funded by the Saylor Foundation. This 2019 edition is an update to that textbook. This book was produced with Pressbooks ( and rendered with Prince. Information Systems for Business and Beyond Updated edition: August 1, 2019 DAVID T. BOURGEOIS, PH.D. JAMES L. SMITH, PH.D. SHOUHONG WANG, PH.D. JOSEPH MORTATI, MBA Title Page | v Copyright Information Systems for Business and Beyond (2019) by David Bourgeois is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License, except where otherwise noted. vi | Copyright Book Contributors Information Systems for Business and Beyond was originally developed in 2014 by David T. Bourgeois Ph.D. Updates for the 2019 edition were graciously contributed by: • James L. Smith Ph.D. (all chapters) • Shouhong Wong, Ph.D. (chapters 4 and 8) • Joseph Mortati, MBA (chapter 10) Book Contributors | vii Changes from Previous Edition Information Systems for Business and Beyond was written by Dr. David Bourgeois and originally published in 2014 as part of the Open Textbook Challenge at the Saylor Foundation. Since then, it has been accessed thousands of time and used in many courses worldwide. This 2019 update to the textbook brings it up to date and adds many new topics. True to its open textbook roots, many of the updates have come from the community of instructors and practitioners who are passionate about information systems. See the page Book Contributors to see the primary contributors to this edition. A majority of the changes listed below were made by Dr. James Smith, who did a revision to this text in 2018. Here is a summary of the changes made: Overall • New and updated images, especially those related to statistics, in order to bring them up to date. • References brought up to date. • Added labs for every chapter. • Added an index. • Editing for consistency. Chapter 1: What is an information system? • Added video: Blum’s fibre optic TED Talk viii | Changes from Previous Edition Chapter 2: Hardware • Removed text which discussed increasing dependency on tablets and decreasing use of desktops • Clarification of bit vs. byte, binary vs. digital. Added tables to Understanding Binary sidebar • Added Huang’s Law on graphics processor units • Modified text regarding Moore’s Law to state that his law is no longer able to be maintained Chapter 3: Software • Added information about Ubuntu Linux • Added Eclipse IDE • Added information about Tableau • Supply Chain Management: added an emphasis on use of Information Systems up and down supply chain by Walmart to gain competitive advantage Chapter 4: Data and Databases • Database schemas redesigned • Data types added • SQL examples include output • NoSQL described • Data Dictionary re-ordered to column name • New section on “Why database technology?” • Differentiation of data, information, and knowledge • Section on Data models • Changed illustrative example of database tables and relationships. Changes from Previous Edition | ix • Updated section on Business Intelligence to focus on the rise of analytics and data science. Includes a new “What is Data Science?” sidebar. Chapter 5: Networking and Communication • History of ARPANET initial four nodes, etc. • Metcalfe’s Law Chapter 6: Information Systems Security • Added information on blockchain and Bitcoin. Chapter 8: Business Processes • Introduce tools (DFD, BPMN, UML) of business process modeling • Introduce examples of DFD. Chapter 10: Information Systems Development • Java sample code • Mismanaging Change side bar • Added section on mobile development. • Added sidebar on risks of end-user computing x | Information Systems for Business and Beyond (2019) Chapter 11: Globalization and the Digital Divide • World 3.0 written by economist Pankaj Ghemawat; also his TED talk video Chapter 12: The Ethical and Legal Implications of Information Systems • Facebook and Cambridge Analytics data privacy • General Data Protection Regulation section Chapter 13: Trends in Information Systems • Waze mapping app • Drone video • Drone blood delivery in Kenya video • Added sidebar on Mary Meeker and her Internet Trends report Changes from Previous Edition | xi How you can help This is an open textbook and relies on the support of its users to stay relevant and available. Here’s how you can help: 1. Let us know you are using this textbook. ◦ If you are an instructor, please let us know you’ve adopted this textbook by filling out the instructor survey. ◦ If you are not an instructor, please fill out the student survey. 2. Let us know how to improve the textbook. If you have suggestions, please let us know by filling out our feedback form. 3. Finally, the domain, web hosting, security, backup and export tools used by this textbook are not free. Please consider supporting us financially through PayPal. Please note: this donation goes directly to Imperial Digital LLC, the company hosting and supporting this open textbook project. All contribution are marked as donations towards this open textbook project. xii | How you can help Introduction Welcome to Information Systems for Business and Beyond. In this book, you will be introduced to the concept of information systems, their use in business, and how information systems can be used to gain competitive advantage. Audience This book is written as an introductory text, meant for those with little or no experience with computers or information systems. While sometimes the descriptions can get a bit technical, every effort has been made to convey the information essential to understanding a topic while not getting overly focused in detailed terminology. Chapter Outline The text is organized around thirteen chapters divided into three major parts, as follows: • Part 1: What Is an Information System? ◦ Chapter 1: What Is an Information System? – This chapter provides an overview of information systems, including the history of how information systems got to where it is today. ◦ Chapter 2: Hardware – This is a discussion of information Introduction | 1 systems hardware and how it works. You will look at different computer parts and learn how they interact. ◦ Chapter 3: Software – Without software, hardware is useless. This chapter covers software and the role it plays in an organization. ◦ Chapter 4: Data and Databases – This chapter explores how organizations use information systems to turn data into information that can then be used for competitive advantage. Special attention is paid to the role of databases. ◦ Chapter 5: Networking and Communication – Today’s computers are expected to also be communication devices. This chapter reviews the history of networking, how the Internet works, and the use of networks in organizations today. ◦ Chapter 6: Information Systems Security – This chapter discusses the information security triad of confidentiality, integrity, and availability. Different security technologies are reviewed, and the chapter concludes with a primer on personal information security. • Part 2: Information Systems for Strategic Advantage ◦ Chapter 7: Does IT Matter? – This chapter examines the impact that information systems have on an organization. Can IT give a company a competitive advantage? This chapter discusses the seminal works by Brynjolfsson, Carr, and Porter as they relate to IT and competitive advantage. ◦ Chapter 8: Business Processes – Business processes are the essence of what a business does, and information systems play an important role in making them work. This chapter will discuss business process management, business process reengineering, and ERP systems. ◦ Chapter 9: The People in Information Systems – This chapter will provide an overview of the different types of people involved in information systems. This includes 2 | Information Systems for Business and Beyond (2019) people who create information systems, those who operate and administer information systems, those who manage information systems, and those who use information systems. ◦ Chapter 10: Information Systems Development – How are information systems created? This chapter will review the concept of programming, look at different methods of software development, review website and mobile application development, discuss end-user computing, and look at the “build vs. buy” decision that many companies face. • Part 3: Information Systems beyond the Organization ◦ Chapter 11: Globalization and the Digital Divide – The rapid rise of the Internet has made it easier than ever to do business worldwide. This chapter will look at the impact that the Internet is having on the globalization of business and the issues that firms must face because of it. It will also cover the concept of the digital divide and some of the steps being taken to alleviate it. ◦ Chapter 12: The Ethical and Legal Implications of Information Systems – The rapid changes in information and communication technology in the past few decades have brought a broad array of new capabilities and powers to governments, organizations, and individuals alike. This chapter will discuss the effects that these new capabilities have had and the legal and regulatory changes that have been put in place in response. ◦ Chapter 13: Future Trends in Information Systems – This final chapter will present an overview of some of the new technologies that are on the horizon. From wearable technology to 3-D printing, this chapter will provide a look forward to what the next few years will bring. Introduction | 3 For the Student Each chapter in this text begins with a list of the relevant learning objectives and ends with a chapter summary. Following the summary is a list of study questions that highlight key topics in the chapter. In order to get the best learning experience, you would be wise to begin by reading both the learning objectives and the summary and then reviewing the questions at the end of the chapter. For the Instructor Instructors: if you have adopted this book for your course, would you be so kind as to let us know in the instructor survey? Learning objectives can be found at the beginning of each chapter. Of course, all chapters are recommended for use in an introductory information systems course. However, for courses on a shorter calendar or courses using additional textbooks, a review of the learning objectives will help determine which chapters can be omitted. At the end of each chapter, there is a set of study questions and exercises (except for chapter 1, which only offers study questions). The study questions can be assigned to help focus students’ reading on the learning objectives. The exercises are meant to be a more in-depth, experiential way for students to learn chapter topics. It is recommended that you review any exercise before assigning it, adding any detail needed (such as length, due date) to complete the assignment. Some chapters also includes lab assignments. As an open textbook, support for supplemental materials relies on the generosity of those who have created them and wish to share them. Supplemental materials, including slides and quizzes, are located on the home page for this book. If you wish to contribute 4 | Information Systems for Business and Beyond (2019) materials that you have created, please fill out the instructor survey and communicate that fact. Introduction | 5 PART I: WHAT IS AN INFORMATION SYSTEM? Part I: What is an information system? | 7 Chapter 1: What Is an Information System? Learning Objectives Upon successful completion of this chapter, you will be able to: • define what an information system is by identifying its major components; • describe the basic history of information systems; and • describe the basic argument behind the article “Does IT Matter?” by Nicholas Carr. Introduction Welcome to the world of information systems, a world that seems to change almost daily. Over the past few decades information systems have progressed to being virtually everywhere, even to the point where you may not realize its existence in many of your daily activities. Stop and consider how you interface with various components in information systems every day through different Chapter 1: What Is an Information System? | 9 electronic devices. Smartphones, laptop, and personal computers connect us constantly to a variety of systems including messaging, banking, online retailing, and academic resources, just to name a few examples. Information systems are at the center of virtually every organization, providing users with almost unlimited resources. Have you ever considered why businesses invest in technology? Some purchase computer hardware and software because everyone else has computers. Some even invest in the same hardware and software as their business friends even though different technology might be more appropriate for them. Finally, some businesses do sufficient research before deciding what best fits their needs. As you read through this book be sure to evaluate the contents of each chapter based on how you might someday apply what you have learned to strengthen the position of the business you work for, or maybe even your own business. Wise decisions can result in stability and growth for your future enterprise. Information systems surround you almost every day. Wi-fi networks on your university campus, database search services in the learning resource center, and printers in computer labs are good examples. Every time you go shopping you are interacting with an information system that manages inventory and sales. Even driving to school or work results in an interaction with the transportation information system, impacting traffic lights, cameras, etc. Vending machines connect and communicate using the Internet of Things (IoT). Your car’s computer system does more than just control the engine – acceleration, shifting, and braking data is always recorded. And, of course, everyone’s smartphone is constantly connecting to available networks via Wi-fi, recording your location and other data. Can you think of some words to describe an information system? Words such as “computers,” “networks,” or “databases” might pop into your mind. The study of information systems encompasses a broad array of devices, software, and data systems. Defining an 10 | Information Systems for Business and Beyond (2019) information system provides you with a solid start to this course and the content you are about to encounter. Defining Information Systems Many programs in business require students to take a course in information systems. Various authors have attempted to define the term in different ways. Read the following definitions, then see if you can detect some variances. • “An information system (IS) can be defined technically as a set of interrelated components that collect, process, store, and distribute information to support decision making and control in an organization.” 1 • “Information systems are combinations of hardware, software, and telecommunications networks that people build and use to collect, create, and distribute useful data, typically in organizational settings.”2 • “Information systems are interrelated components working together to collect, process, store, and disseminate information to support decision making, coordination, control, analysis, and visualization in an organization.”3 As you can see these definitions focus on two different ways of describing information systems: the components that make up an information system and the role those components play in an organization. Each of these need to be examined. 1. [1] 2. [2] 3. [3] Chapter 1: What Is an Information System? | 11 The Components of Information Systems Information systems can be viewed as having five major components: hardware, software, data, people, and processes. The first three are technology. These are probably what you thought of when defining information systems. The last two components, people and processes, separate the idea of information systems from more technical fields, such as computer science. In order to fully understand information systems, you will need to understand how all of these components work together to bring value to an organization. Technology Technology can be thought of as the application of scientific knowledge for practical purposes. From the invention of the wheel to the harnessing of electricity for artificial lighting, technology has become ubiquitous in daily life, to the degree that it is assumed to always be available for use regardless of location. As discussed before, the first three components of information systems – hardware, software, and data – all fall under the category of technology. Each of these will be addressed in an individual chapter. At this point a simple introduction should help you in your understanding. Hardware Hardware is the tangible, physical portion of an information system – the part you can touch. Computers, keyboards, disk drives, and flash drives are all examples of information systems hardware. How 12 | Information Systems for Business and Beyond (2019) these hardware components function and work together will be covered in Chapter 2. Software Software comprises the set of instructions that tell the hardware what to do. Software is not tangible – it cannot be touched. Programmers create software by typing a series of instructions telling the hardware what to do. Two main categories of software are: Operating Systems and Application software. Operating Systems software provides the interface between the hardware and the Application software. Examples of operating systems for a personal computer include Microsoft Windows and Ubuntu Linux. The mobile phone operating system market is dominated by Google Android and Apple iOS. Application software allows the user to perform tasks such as creating documents, recording data in a spreadsheet, or messaging a friend. Software will be explored more thoroughly in Chapter 3. Data The third technology component is data. You can think of data as a collection of facts. For example, your address (street, city state, postal code), your phone number, and your social networking Chapter 1: What Is an Information System? | 13 account are all pieces of data. Like software, data is also intangible, unable to be seen in its native state. Pieces of unrelated data are not very useful. But aggregated, indexed, and organized together into a database, data can become a powerful tool for businesses. Organizations collect all kinds of data and use it to make decisions which can then be analyzed as to their effectiveness. The analysis of data is then used to improve the organization’s performance. Chapter 4 will focus on data and databases, and how it is used in organizations. Networking Communication Besides the technology components (hardware, software, and data) which have long been considered the core technology of information systems, it has been suggested that one other component should be added: communication. An information system can exist without the ability to communicate – the first personal computers were stand-alone machines that did not access the Internet. However, in today’s hyper-connected world, it is an extremely rare computer that does not connect to another device or to a enetwork. Technically, the networking communication component is made up of hardware and software, but it is such a core feature of today’s information systems that it has become its own category. Networking will be covered in Chapter 5. People 14 | Information Systems for Business and Beyond (2019) Jeff Bezos, Amazon CEO When thinking about information systems, it is easy to focus on the technology components and forget to look beyond these tools to fully understand their integration into an organization. A focus on the people involved in information systems is the next step. From the front-line user support staff, to systems analysts, to developers, all the way up to the chief information officer (CIO), the people involved with information systems are an essential element. The people component will be covered in Chapter 9. Process The last component of information systems is process. A process is a series of steps undertaken to achieve a desired outcome or goal. Information systems are becoming more integrated with organizational processes, bringing greater productivity and better control to those processes. But simply automating activities using technology is not enough – businesses looking to utilize information systems must do more. The ultimate goal is to improve processes both internally and externally, enhancing interfaces with suppliers and customers. Technology buzzwords such as “business process re-engineering,” “business process management,” and “enterprise resource planning” all have to do with the continued improvement of these business procedures and the integration of technology with them. Businesses hoping to gain a competitive advantage over their competitors are highly focused on this Chapter 1: What Is an Information System? | 15 IBM 704 Mainframe (Copyright: Lawrence Livermore National Laboratory) component of information systems. The process element in information systems will be discussed in Chapter 8. The Role of Information Systems You should now understand that information systems have a number of vital components, some tangible, others intangible, and still others of a personnel nature. These components collect, store, organize, and distribute data throughout the organization. You may have even realized that one of the roles of information systems is to take data and turn it into information, and then transform that information into organizational knowledge. As technology has developed, this role has evolved into the backbone of the organization, making information systems integral to virtually every business. The integration of information systems into organizations has progressed over the decades. The Mainframe Era From the late 1950s through the 1960s, computers were seen as a way to more efficiently do calculations. These first business computers were room-sized monsters, with several machines linked 16 | Information Systems for Business and Beyond (2019) Registered trademark of International Business Machines together. The primary work was to organize and store large volumes of information that were tedious to manage by hand. Only large businesses, universities, and government agencies could afford them, and they took a crew of specialized personnel and dedicated facilities to provide information to organizations. Time-sharing allowed dozens or even hundreds of users to simultaneously access mainframe computers from locations in the same building or miles away. Typical functions included scientific calculations and accounting, all under the broader umbrella of “data processing.” In the late 1960s, Manufacturing Resources Planning (MRP) systems were introduced. This software, running on a mainframe computer, gave companies the ability to manage the manufacturing process, making it more efficient. From tracking inventory to creating bills of materials to scheduling production, the MRP systems gave more businesses a reason to integrate computing into their processes. IBM became the dominant mainframe company. Continued improvement in software and the availability of cheaper hardware eventually brought mainframe computers (and their little sibling, the minicomputer) into most large businesses. Today you probably think of Silicon Valley in northern California as the center of computing and technology. But in the days of the mainframe’s dominance corporations in the cities of Minneapolis and St. Paul produced most computers. The advent of the personal computer resulted in the “center of technology” eventually moving to Silicon Valley. Chapter 1: What Is an Information System? | 17 IBM PC The PC Revolution In 1975, the first microcomputer was announced on the cover of Popular Mechanics: the Altair 8800. Its immediate popularity sparked the imagination of entrepreneurs everywhere, and there were soon dozens of companies manufacturing these “personal computers.” Though at first just a niche product for computer hobbyists, improvements in usability and the availability of practical software led to growing sales. The most prominent of these early personal computer makers was a little company known as Apple Computer, headed by Steve Jobs and Steve Wozniak, with the hugely successful “Apple II.” Not wanting to be left out of the revolution, in 1981 IBM teamed with Microsoft, then just a startup company, for their operating system software and hurriedly released their own version of the personal computer simply called the “PC.” Small businesses finally had affordable computing that could provide them with needed information systems. Popularity of the IBM PC gave legitimacy to the microcomputer and it was named Time magazine’s “Man of the Year” for 1982. Because of the IBM PC’s open architecture, it was easy for other companies to copy, or “clone” it. During the 1980s, many new computer companies sprang up, offering less expensive versions of the PC. This drove prices down and spurred innovation. Microsoft developed the Windows operating system, with version 3.1 in 1992 becoming the first commercially successful release. Typical uses for the PC during this period included word processing, spreadsheets, and databases. 18 | Information Systems for Business and Beyond (2019) Registered Trademark of SAP These early PCs were standalone machines, not connected to a network. Client-Server In the mid-1980s, businesses began to see the need to connect their computers as a way to collaborate and share resources. Known as “client-server,” this networking architecture allowed users to log in to the Local Area Network (LAN) from their PC (the “client”) by connecting to a central computer called a “server.” The server would lookup permissions for each user to determine who had access to various resources such as printers and files. Software companies began developing applications that allowed multiple users to access the same data at the same time. This evolved into software applications for communicating, with the first popular use of electronic mail appearing at this time. This networking and data sharing all stayed mainly within the confines of each business. Sharing of electronic data between companies was a very specialized function. Computers were now seen as tools to collaborate internally within an organization. These networks of computers were becoming so powerful that they were replacing many of the functions previously performed by the larger mainframe computers at a fraction of the cost. It was during this era that the first Enterprise Resource Planning (ERP) systems were developed and run on the client-server architecture. An ERP system is an application with a centralized database that can be used to run a company’s entire business. With separate modules for accounting, finance, inventory, human resources, and many more, ERP systems, with Germany’s SAP Chapter 1: What Is an Information System? | 19 ARPANet, 1969 leading the way, represented the state of the art in information systems integration. ERP systems will be discussed in Chapter 9. The Internet, World Wide Web and E-Commerce The first long distance transmission between two computers occurred on October 29, 1969 when developers under the direction of Dr. Leonard Kleinrock sent the word “login” from the campus of UCLA to Stanford Research Institute in Menlo Park, California, a distance of over 350 miles. The United States Department of Defense created and funded ARPA Net (Advanced Research Projects Administration), an experimental network which eventually became known as the Internet. ARPA Net began with just four nodes or sites, a very humble start for today’s Internet. Initially, the Internet was confined to use by universities, government agencies, and researchers. Users were required to type commands (today we refer to this as “command line”) in order to communicate and transfer files. The first e-mail messages on the Internet were sent in the early 1970s as a few very large companies expanded from local networks to the Internet. The computer was now evolving from a purely computational device into the world of digital communications. In 1989, Tim Berners-Lee developed a simpler way for researchers to share information over the Internet, a concept he called the 20 | Information Systems for Business and Beyond (2019) Registered trademark of, Inc. World Wide Web.4 This invention became the catalyst for the growth of the Internet as a way for businesses to share information about themselves. As web browsers and Internet connections became the norm, companies rushed to grab domain names and create websites. In 1991 the National Science Foundation, which governed how the Internet was used, lifted restrictions on its commercial use. Corporations soon realized the huge potential of a digital marketplace on the Internet and in 1994 both eBay and Amazon were founded. A mad rush of investment in Internet-based businesses led to the dot-com boom through the late 1990s, and then the dot-com bust in 2000. The bust occurred as investors, tired of seeing hundreds of companies reporting losses, abandoned their investments. An important outcome for businesses was that thousands of miles of Internet connections, in the form of fiber optic cable, were laid around the world during that time. The world became truly “wired” heading into the new millenium, ushering in the era of globalization, which will be discussed in Chapter 11. This TED Talk video focuses on connecting Africa to the Internet through undersea fibre optic cable. The digital world also became a more dangerous place as virtually all companies connected to the Internet. Computer viruses and worms, once slowly propagated through the sharing of computer disks, could now grow with tremendous speed via the Internet. Software and operating systems written for a standalone world found it very difficult to defend against these sorts of threats. A whole new industry of computer and Internet security arose. Information security will be discussed in Chapter 6. 4. [4] Chapter 1: What Is an Information System? | 21 Web 2.0 As the world recovered from the dot-com bust, the use of technology in business continued to evolve at a frantic pace. Websites became interactive. Instead of just visiting a site to find out about a business and then purchase its products, customers wanted to be able to customize their experience and interact online with the business. This new type of interactive website, where you did not have to know how to create a web page or do any programming in order to put information online, became known as Web 2.0. This new stage of the Web was exemplified by blogging, social networking, and interactive comments being available on many websites. The new Web 2.0 world, in which online interaction became expected, had a major impact on many businesses and even whole industries. Many bookstores found themselves relegated to a niche status. Video rental chains and travel agencies simply began going out of business as they were replaced by online technologies. The newspaper industry saw a huge drop in circulation with some cities such as New Orleans no longer able to support a daily newspaper. Disintermediation is the process of technology replacing a middleman in a transaction. Web 2.0 allowed users to get information and news online, reducing dependence of physical books and newspapers. As the world became more connected, new questions arose. Should access to the Internet be considered a right? Is it legal to copy a song that had been downloaded from the Internet? Can information entered into a website be kept private? What information is acceptable to collect from children? Technology moved so fast that policymakers did not have enough time to enact appropriate laws. Ethical issues surrounding information systems will be covered in Chapter 12. 22 | Information Systems for Business and Beyond (2019) The Post-PC World, Sort of Ray Ozzie, a technology visionary at Microsoft, stated in 2012 that computing was moving into a phase he called the post-PC world.5 Now six years later that prediction has not stood up very well to reality. As you will read in Chapter 13, PC sales have dropped slightly in recent years while there has been a precipitous decline in tablet sales. Smartphone sales have accelerated, due largely to their mobility and ease of operation. Just as the mainframe before it, the PC will continue to play a key role in business, but its role will be somewhat diminished as people emphasize mobility as a central feature of technology. Cloud computing provides users with mobile access to data and applications, making the PC more of a part of the communications channel rather than a repository of programs and information. Innovation in the development of technology and communications will continue to move businesses forward. 5. [5] Chapter 1: What Is an Information System? | 23 Eras of Business Computing Era Hardware Operating System Applications Mainframe (1970s) Terminals connected to mainframe computer Time-sharing (TSO) on Multiple Virtual Storage (MVS) Custom-written MRP software PC (mid-1980s) IBM PC or compatible. Sometimes connected to mainframe computer via network interface card. MS-DOS WordPerfect, Lotus 1-2-3 Client-Server (late 80s to early 90s) IBM PC “clone” on a Novell Network. Windows for Workgroups Microsoft Word, Microsoft Excel World Wide Web (mid-90s to early 2000s) IBM PC “clone” connected to company intranet. Windows XP Microsoft Office, Internet Explorer Web 2.0 (mid-2000s – present) Laptop connected to company Wi-Fi. Windows 10 Microsoft Office Post-PC (today and beyond) Smartphones Android, iOS Mobile-friendly websites, mobile apps Can Information Systems Bring Competitive Advantage? It has always been the assumption that the implementation of information systems will bring a business competitive advantage. If installing one computer to manage inventory can make a company more efficient, then it can be expected that installing several computers can improve business processes and efficiency. In 2003, Nicholas Carr wrote an article in the Harvard Business 24 | Information Systems for Business and Beyond (2019) Registered Trademark of Walmart, Inc. Review that questioned this assumption. Entitled “I.T. Doesn’t Matter.” Carr was concerned that information technology had become just a commodity. Instead of viewing technology as an investment that will make a company stand out, Carr said technology would become as common as electricity – something to be managed to reduce costs, ensure that it is always running, and be as risk-free as possible. The article was both hailed and scorned. Can I.T. bring a competitive advantage to an organization? It sure did for Walmart (see sidebar). Technology and competitive advantage will be discussed in Chapter 7. Sidebar: Walmart Uses Information Systems to Become the World’s Leading Retailer Walmart is the world’s largest retailer, earn 8.1 billion for the fiscal year that ended on January 31, 2018. Walmart currently serves over 260 million customers every week worldwide through its 11,700 stores in 28 countries.6In 2018 Fortune magazine for the sixth straight year ranked Walmart the number one company for annual revenue as they again exceeded $500 billion in annual sales. The next closest company, Exxon, had less than half of Walmart’s total revenue.7 Walmart’s rise to prominence is due in large part to making 6. [6] 7. [7] Chapter 1: What Is an Information System? | 25 information systems a high priority, especially in their Supply Chain Management (SCM) system known as Retail $14.3 billion on sales of $30 This system, unique when initially implemented in the mid-1980s, allowed Walmart’s suppliers to directly access the inventory levels and sales information of their products at any of Walmart’s more than eleven thousand stores. Using Retail Link, suppliers can analyze how well their products are selling at one or more Walmart stores with a range of reporting options. Further, Walmart requires the suppliers to use Retail Link to manage their own inventory levels. If a supplier feels that their products are selling out too quickly, they can use Retail Link to petition Walmart to raise the inventory levels for their products. This has essentially allowed Walmart to “hire” thousands of product managers, all of whom have a vested interest in the products they are managing. This revolutionary approach to managing inventory has allowed Walmart to continue to drive prices down and respond to market forces quickly. Today Walmart continues to innovate with information technology. Using its tremendous market presence, any technology that Walmart requires its suppliers to implement immediately becomes a business standard. For example, in 1983 Walmart became the first large retailer to require suppliers to the use Uniform Product Code (UPC) labels on all products. Clearly, Walmart has learned how to use I.T. to gain a competitive advantage. Summary In this chapter you have been introduced to the concept of information systems. Several definitions focused on the main components: technology, people, and process. You saw how the 26 | Information Systems for Business and Beyond (2019) business use of information systems has evolved over the years, from the use of large mainframe computers for number crunching, through the introduction of the PC and networks, all the way to the era of mobile computing. During each of these phases, new innovations in software and technology allowed businesses to integrate technology more deeply into their organizations. Virtually every company uses information systems which leads to the question: Does information systems bring a competitive advantage? In the final analysis the goal of this book is to help you understand the importance of information systems in making an organization more competitive. Your challenge is to understand the key components of an information system and how it can be used to bring a competitive advantage to every organization you will serve in your career. Study Questions 1. What are the five major components that make up an information system? 2. List the three examples of information system hardware? 3. Microsoft Windows is an example of which component of information systems? 4. What is application software? 5. What roles do people play in information systems? 6. What is the definition of a process? 7. What was invented first, the personal computer or the Internet? 8. In what year were restrictions on commercial use of the Internet first lifted? 9. What is Carr’s main argument about information technology? Chapter 1: What Is an Information System? | 27 Exercises 1. Suppose that you had to explain to a friend the concept of an information system. How would you define it? Write a one- paragraph description in your own words that you feel would best describe an information system to your friends or family. 2. Of the five primary components of an information system (hardware, software, data, people, process), which do you think is the most important to the success of a business organization? Write a one-paragraph answer to this question that includes an example from your personal experience to support your answer. 3. Everyone interacts with various information systems every day: at the grocery store, at work, at school, even in our cars. Make a list of the different information systems you interact with daily. Can you identify the technologies, people, and processes involved in making these systems work. 4. Do you agree that we are in a post-PC stage in the evolution of information systems? Do some original research and cite it as you make your prediction about what business computing will look like in the next generation. 5. The Walmart sidebar introduced you to how information systems was used to make them the world’s leading retailer. Walmart has continued to innovate and is still looked to as a leader in the use of technology. Do some original research and write a one-page report detailing a new technology that Walmart has recently implemented or is pioneering. Labs 1. Examine your PC. Using a four column table format identify and record the following information: 1st column: Program 28 | Information Systems for Business and Beyond (2019) name, 2nd column: software manufacturer, 3rd column: software version, 4th column: software type (editor/word processor, spreadsheet, database, etc.). 2. Examine your mobile phone. Create another four column table similar to the one in Lab #1. This time identify the apps, then record the requested information. 3. In this chapter you read about the evolution of computing from mainframe computers to PCs and on to smartphones. Create a four column table and record the following information about your own electronic devices: 1st column – Type: PC or smartphone, 2nd column – Operating system including version, 3rd column – Storage capacity, 4th column – Storage available. 1. Laudon, K.C. and Laudon, J. P. (2014) Management Information Systems, thirteenth edition. Upper Saddle River, New Jersey: Pearson. 2. Valacich, J. and Schneider, C. (2010). Information Systems Today – Managing in the Digital World, fourth edition. Upper Saddle River, New Jersey: Prentice-Hall. 3. Laudon, K.C. and Laudon, J. P. (2012). Management Information Systems, twelfth edition. Upper Saddle River, New Jersey: Prentice-Hall. 4. CERN. (n.d.) The Birth of the Web. Retrieved from en.html 5. Marquis, J. (2012, July 16) What is the Post-PC World? Online Retrieved from post-pc-world/ 6. Walmart. (n.d.) 2017 Annual Report. Retrieved from Annual/WMT_2017_AR-(1) Chapter 1: What Is an Information System? | 29 7. McCoy, K. (2018, May 21). Big Winners in Fortune 500 List. USA Today. Retrieved from http:// story/money/2018/05/21/big-winners-fortune-500-list- walmart-exxon-mobil-amazon/628003002/ 30 | Information Systems for Business and Beyond (2019) Chapter 2: Hardware Learning Objectives Upon successful completion of this chapter, you will be able to: • describe information systems hardware; • identify the primary components of a computer and the functions they perform; and • explain the effect of the commoditization of the personal computer. Introduction As you learned in the first chapter, an information system is made up of five components: hardware, software, data, people, and process. The physical parts of computing devices – those that you can actually touch – are referred to as hardware. In this chapter, you will take a look at this component of information systems, learn a little bit about how it works, and discuss some of the current trends surrounding it. As stated above, computer hardware encompasses digital devices that you can physically touch. This includes devices such as the following: Chapter 2: Hardware | 31 • desktop computers • laptop computers • mobile phones • tablet computers • e-readers • storage devices, such as flash drives • input devices, such as keyboards, mice, and scanners • output devices such as printers and speakers. Besides these more traditional computer hardware devices, many items that were once not considered digital devices are now becoming computerized themselves. Digital technologies are being integrated into many everyday objects so the days of a device being labeled categorically as computer hardware may be ending. Examples of these types of digital devices include automobiles, refrigerators, and even beverage dispensers. In this chapter, you will also explore digital devices, beginning with defining what is meant by the term itself. Digital Devices A digital device processes electronic signals into discrete values, of which there can be two or more. In comparison analog signals are continuous and can be represented by a smooth wave pattern. You might think of digital (discrete) as being the opposite of analog. Many electronic devices process signals into two discrete values, typically known as binary. These values are represented as either a one (“on”) or a zero (“off”). It is commonly accepted to refer to the on state as representing the presence of an electronic signal. It then follows that the off state is represented by the absence of an electronic signal. Note: Technically, the voltages in a system are evaluated with high voltages converted into a one or on state and low voltages converted into a zero or off state. 32 | Information Systems for Business and Beyond (2019) Each one or zero is referred to as a bit (a blending of the two words “binary” and “digit”). A group of eight bits is known as a byte. The first personal computers could process 8 bits of data at once. The number of bits that can be processed by a computer’s processor at one time is known as word size. Today’s PCs can process 64 bits of data at a time which is where the term 64-bit processor comes from. You are most likely using a computer with a 64-bit processor. Sidebar: Understanding Binary The numbering system you first learned was Base 10 also known as Decimal. In Base 10 each column in the number represents a power of 10 with the exponent increasing in each column as you move to the left, as shown in the table: Thousands Hundreds Tens Units 103 102 101 100 The rightmost column represents units or the values zero through nine. The next column from the left represents tens or the values teens, twenties, thirties, etc, followed by the hundreds column (one hundred, two hundred, etc.), then the thousands column (one thousand, two thousand) etc. Expanding the table above, you can write the number 3456 as follows: Thousands Hundreds Tens Units 103 102 101 100 3 4 5 6 3000 400 50 6 Chapter 2: Hardware | 33 Computers use the Base 2 numbering system. Similar to Base 10, each column has a Base of 2 and has an increasing exponent value moving to the left as shown in the table below: Two cubed Two squared Two Units 23 22 21 20 The rightmost column represents 20 or units ( 1 ). The next column from the left represents 21 twos or ( 2 ). The third column represents 22 or ( 4 ) and the fourth column represents 23 or ( 8 ). Expanding the table above, you can see how the decimal number 15 is converted to 1111 in binary as follows: Two cubed Two squared Two Units 23 22 21 20 1 1 1 1 8 4 2 1 8 + 4 + 2 + 1 = 15 Understanding binary is important because it helps us understand how computers store and transmit data. A “bit” is the lowest level of data storage, stored as either a one or a zero. If a computer wants to communicate the number 15, it would need to send 1111 in binary (as shown above). This is four bits of data since four digits are needed. A “byte” is 8 bits. If a computer wanted to transmit the number 15 in a byte, it would send 00001111. The highest number that can be sent in a byte is 255, which is 11111111, which is equal to 27+26+25+24+23+22+21+20. 34 | Information Systems for Business and Beyond (2019) As the capacities of digital devices grew, new terms were developed to identify the capacities of processors, memory, and disk storage space. Prefixes were applied to the word byte to represent different orders of magnitude. Since these are digital specifications, the prefixes were originally meant to represent multiples of 1024 (which is 210), but have more recently been rounded for the sake of simplicity to mean multiples of 1000, as shown in the table below: Prefix Represents Example kilo one thousand kilobyte=one thousand bytes mega one million megabyte = one million bytes giga one billion gigabyte = one billion bytes tera one trillion terabyte = one trillion bytes peta one quadrillion petabyte = one quadrillion bytes exa one quintillion exabyte = one quintillion bytes zetta one sextillion zettabyte = one sextillion bytes yotta one septillion yottabyte = one septillion bytes Tour of a PC All personal computers consist of the same basic components: a Central Processing Unit (CPU), memory, circuit board, storage, and input/output devices. Almost every digital device uses the same set of components, so examining the personal computer will give you Chapter 2: Hardware | 35 Intel Core i7 CPU insight into the structure of a variety of digital devices. Here’s a “tour” of a personal computer. Processing Data: The CPU The core of a computer is the Central Processing Unit, or CPU. It can be thought of as the “brains” of the device. The CPU carries out the commands sent to it by the software and returns results to be acted upon. The earliest CPUs were large circuit boards with limited functionality. Today, a CPU can perform a large variety of functions. There are two primary manufacturers of CPUs for personal computers: Intel and Advanced Micro Devices (AMD). The speed (“clock time”) of a CPU is measured in hertz. A hertz is defined as one cycle per second. A kilohertz (abbreviated kHz) is one thousand cycles per second, a megahertz (mHz) is one million cycles per second, and a gigahertz (gHz) is one billion cycles per second. The CPU’s processing power is increasing at an amazing rate (see the sidebar about Moore’s Law). Besides a faster clock time, today’s CPU chips contain multiple processors. These chips, known as dual-core (two processors) or quad-core (four processors), increase the processing power of a computer by providing the capability of multiple CPUs all sharing the processing load. Intel’s Core i7 processors contain 6 cores and their Core i9 processors contain 16 cores. This video shows how a CPU works. 36 | Information Systems for Business and Beyond (2019) Sidebar: Moore’s Law and Huang’s Law As you know computers get faster every year. Many times we are not sure if we want to buy today’s model because next week it won’t be the most advanced any more. Gordon Moore, one of the founders of Intel, recognized this phenomenon in 1965, noting that microprocessor transistor counts had been doubling every year.1 His insight eventually evolved into Moore’s Law: The number of integrated circuits on a chip doubles every two years. Moore’s Law has been generalized into the concept that computing power will double every two years for the same price point. Another way of looking at this is to think that the price for the same computing power will be cut in half every two years. Moore’s Law has held true for over forty years (see figure below). The limits of Moore’s Law are now being reached and circuits cannot be reduced further. However, Huang’s Law regarding Graphics Processors Units (GPUs) may extend well into the future. Nvidia’s CEO Jensen Huang spoke at the GPU Technology Conference in March 2018 announcing that the speed of GPUs are increasing faster than Moore’s Law. Nvidia’s GPUs are 25 times faster than five years ago. He admitted that the advancement is because of advances in architecture, memory technology, algorithms, and interconnects.2 1. [1] 2. [2] Chapter 2: Hardware | 37 Motherboard Motherboard bus traces Motherboard The motherboard is the main circuit board on the computer. The CPU, memory, and storage components, among other things, all connect into the motherboard. Motherboards come in different shapes and sizes, depending upon how compact or expandable the computer is designed to be. Most modern motherboards have many integrated components, such as network interface card, video, and sound processing, which previously required separate components. The motherboard provides much of the bus of the computer (the term bus refers to the electrical connections between different computer components). The bus is an important factor in determining the computer’s speed – the combination of how fast the bus can transfer data and the number of data bits that can be moved at one time determine the speed. The traces shown in the image are on the underside of the motherboard and provide connections between motherboard components. Random-Access Memory When a computer boots, it begins to load information from storage 38 | Information Systems for Business and Beyond (2019) DDR4 Memory Hard disk interior into its working memory. This working memory, called Random- Access Memory (RAM), can transfer data much faster than the hard disk. Any program that you are running on the computer is loaded into RAM for processing. In order for a computer to work effectively, some minimal amount of RAM must be installed. In most cases, adding more RAM will allow the computer to run faster. Another characteristic of RAM is that it is “volatile.” This means that it can store data as long as it is receiving power. When the computer is turned off, any data stored in RAM is lost. RAM is generally installed in a personal computer through the use of a Double Data Rate (DDR) memory module. The type of DDR accepted into a computer is dependent upon the motherboard. There have been basically four generations of DDR: DDR1, DDR2, DDR3, and DDR4. Each generation runs faster than the previous with DDR4 capable of speeds twice as fast as DDR3 while consuming less voltage. Hard Disk While the RAM is used as working memory, the computer also needs a place to store data for the longer term. Most of today’s personal computers use a hard disk for long-term data storage. A hard disk is considered non-volatile storage because when the computer is turned off the data remains in storage on the disk, ready for when the computer is turned on. Drives with a capacity less than 1 Terabyte usually have Chapter 2: Hardware | 39 Solid State Drive interior just one platter. Notice the single platter in the image. The read/ write arm must be positioned over the appropriate track before accessing or writing data.” Solid State Drives Solid State Drives (SSD) are becoming more popular in personal computers. The SSD performs the same function as a hard disk, namely long-term storage. Instead of spinning disks, the SSD uses flash memory that incorporates EEPROM (Electrically Erasable Programmable Read Only Memory) chips, which is much faster. Solid-state drives are currently a bit more expensive than hard disks. However, the use of flash memory instead of disks makes them much lighter and faster than hard disks. SSDs are primarily utilized in portable computers, making them lighter, more durable, and more efficient. Some computers combine the two storage technologies, using the SSD for the most accessed data (such as the operating system) while using the hard disk for data that is accessed less frequently. SSDs are considered more reliable since there are no moving parts. 40 | Information Systems for Business and Beyond (2019) USB Drive Removable Media Removable storage has changed greatly over the four decades of PCs. Floppy disks have been replaced by CD-ROM drives, then they were replaced by USB (Universal Serial Bus) drives. USB drives are now standard on all PCs with capacities approaching 512 gigabytes. Speeds have also increased from 480 Megabits in USB 2.0 to 10 Gigabits in USB 3.1. USB devices also use EEPROM technology. 3 Network Connection When personal computers were first stand-alone units when first developed, which meant that data was brought into the computer or removed from the computer via removable media. Beginning in the mid-1980s, however, organizations began to see the value in connecting computers together via a digital network. Because of this personal computers needed the ability to connect to these networks. Initially, this was done by adding an expansion card to the computer that enabled the network connection. These cards were known as Network Interface Cards (NIC). By the mid-1990s an Ethernet network port was built into the motherboard on most personal computers. As wireless technologies began to dominate 3. [3] Chapter 2: Hardware | 41 USB port on a computer in the early 2000s, many personal computers also began including wireless networking capabilities. Digital communication technologies will be discussed further in Chapter 5. Input and Output In order for a personal computer to be useful, it must have channels for receiving input from the user and channels for delivering output to the user. These input and output devices connect to the computer via various connection ports, which generally are part of the motherboard and are accessible outside the computer case. In early personal computers, specific ports were designed for each type of output device. The configuration of these ports has evolved over the years, becoming more and more standardized over time. Today, almost all devices plug into a computer through the use of a USB port. This port type, first introduced in 1996, has increased in its capabilities, both in its data transfer rate and power supplied. Bluetooth Besides USB, some input and output devices connect to the computer via a wireless-technology standard called Bluetooth which was invented in 1994. Bluetooth exchanges data over short distances of 10 meters up to 100 meters using radio waves. Two devices communicating with Bluetooth must both have a Bluetooth 42 | Information Systems for Business and Beyond (2019) communication chip installed. Bluetooth devices include pairing your phone to your car, computer keyboards, speakers, headsets, and home security, to name just a few. Input Devices All personal computers need components that allow the user to input data. Early computers simply used a keyboard for entering data or select an item from a menu to run a program. With the advent operating systems offering the graphical user interface, the mouse became a standard component of a computer. These two components are still the primary input devices to a personal computer, though variations of each have been introduced with varying levels of success over the years. For example, many new devices now use a touch screen as the primary way of data entry. Other input devices include scanners which allow users to input documents into a computer either as images or as text. Microphones can be used to record audio or give voice commands. Webcams and other types of video cameras can be used to record video or participate in a video chat session. Output Devices Output devices are essential as well. The most obvious output device is a display or monitor, visually representing the state of the computer. In some cases, a personal computer can support multiple displays or be connected to larger-format displays such as a projector or large-screen television. Other output devices include speakers for audio output and printers for hardcopy output. Chapter 2: Hardware | 43 Sidebar: Which Hardware Components Contribute to the Speed of Your Computer The speed of a computer is determined by many elements, some related to hardware and some related to software. In hardware, speed is improved by giving the electrons shorter distances to travel in completing a circuit. Since the first CPU was created in the early 1970s, engineers have constantly worked to figure out how to shrink these circuits and put more and more circuits onto the same chip – these are known as integrated circuits. And this work has paid off – the speed of computing devices has been continuously improving. Multi-core processors, or CPUs, have contributed to faster speeds. Intel engineers have also improved CPU speeds by using QuickPath Interconnect, a technique which minimizes the processor’s need to communicate directly with RAM or the hard drive. Instead, the CPU contains a cache of frequently used data for a particular program. An algorithm evaluates a program’s data usage and determines which data should be temporarily stored in the cache. The hardware components that contribute to the speed of a personal computer are the CPU, the motherboard, RAM, and the hard disk. In most cases, these items can be replaced with newer, faster components. The table below shows how each of these contributes to the speed of a computer. Besides upgrading hardware, there are many changes that can be made to the software of a computer to make it faster. 44 | Information Systems for Business and Beyond (2019) Component Speed measured by Units Description CPU Clock speed GHz (billions of cycles) Hertz indicates the time it takes to complete a cycle. Motherboard Bus speed MHz The speed at which data can move across the bus. RAM Data transfer rate Mb/s (millions of bytes per second) The time it takes for data to be transferred from memory to system measured in Megabytes. Hard Disk Access time ms (millisecond) The time it takes for the drive to locate the data to be accessed. Data transfer rate MBit/s The time it takes for data to be transferred from disk to system. Other Computing Devices A personal computer is designed to be a general-purpose device, able to solve many different types of problems. As the technologies of the personal computer have become more commonplace, many of the components have been integrated into other devices that previously were purely mechanical. The definition or description of what defines a computer has changed. Portability has been an important feature for most users. Here is an overview of some trends in personal computing. Chapter 2: Hardware | 45 MacBook Air Portable Computers Portable computing today includes laptops, notebooks and netbooks, many weighing less than 4 pounds and providing longer battery life. The MacBook Air is a good example of this: it weighs less than three pounds and is only 0.68 inches thick! Netbooks (short for Network Books) are extremely light because they do not have a hard drive, depending instead on the Internet “cloud” for data and application storage. Netbooks depend on a Wi-Fi connection and can run Web browsers as well as a word processor. Smartphones While cell phones were introduced in the 1970s, smartphones have only been around for the past 20 years. As cell phones evolved they gained a broader array of features and programs. Today’s smartphones provide the user with telephone, email, location, and calendar services, to name a few. They function as a highly mobile computer, able to connect to the Internet through either cell technology or Wi-Fi. Smartphones have revolutionized computing, bringing the one feature PCs and laptops could not deliver, namely mobility. Consider the following data regarding mobile computing 4: 4. [4] 46 | Information Systems for Business and Beyond (2019) 1. There are 3.7 billion global mobile Internet users as at January 2018. 2. Mobile devices influenced sales to the tune of over $1.4 trillion in 2016. 3. Mobile commerce revenue in the U.S. is projected to be $459.38 billion in 2018, and it is estimated to be $693.36 billion by 2019. 4. By the end of 2018, over $1 trillion — or 75 percent — of ecommerce sales in China will be done via mobile devices. 5. The average order value for online orders placed on Smartphones in the first quarter of 2018 is $84.55 while the average order value for orders placed on Tablets is $94.91. 6. Of the 2.79 billion active social media users in the world, 2.55 billion actively use their mobile devices for social media- related activities. 7. 90 percent of the time spent on mobile devices is spent in apps. 8. Mobile traffic is responsible for 52.2 percent of Internet traffic in 2018 — compared to 50.3 percent from 2017. 9. While the total percentage of mobile traffic is more than desktop, engagement is higher on desktop. 55.9 percent of time spent on sites is by desktop users and 40.1 percent of time spent on sites is by mobile users. 10. By 2020, mobile commerce will account for 45 percent of all e- commerce activities — compared to 20.6 percent in 2016. The Apple iPhone was introduced in January 2007 and went on the market in June of that same year. Its ease of use and intuitive interface made it an immediate success and solidified the future of smartphones. The first Android phone was released in 2008 with functionality similar to the iPhone. Chapter 2: Hardware | 47 iPad Air Tablet Computers A tablet computer uses a touch screen as its primary input and is small enough and light enough to be easily transported. They generally have no keyboard and are self- contained inside a rectangular case. Apple set the standard for tablet computing with the introduction of the iPad in 2010 using iOS, the operating system of the iPhone. After the success of the iPad, computer manufacturers began to develop new tablets that utilized operating systems that were designed for mobile devices, such as Android. Global market share for tablets has changed since the early days of Apple’s dominance. Today the iPad has about 25% of the global market while Amazon Fire has 15% and Samsung Galaxy has 14%. 5 However, the popularity of tablets has declined sharply in recent years. Integrated Computing and Internet of Things (IoT) Along with advances in computers themselves, computing 5. [5] 48 | Information Systems for Business and Beyond (2019) technology is being integrated into many everyday products. From automobiles to refrigerators to airplanes, computing technology is enhancing what these devices can do and is adding capabilities into our every day lives thanks in part to IoT. Internet of Things and the Cloud The Internet of Things (IoT) is a network of billions of devices, each with their own unique network address, around the world with embedded electronics allowing them to connect to the Internet for the purpose of collecting and sharing data, all without the involvement of human beings.6 Objects ranging from a simple light bulb to a fitness band such as FitBit to a driverless truck are all part of IoT thanks to the processors inside them. A smartphone app can control and/or communicate with each of these devices as well as others such as electric garage door openers (for those who can’t recall if the door has been closed), kitchen appliances (“Buy milk after work today.”), thermostats such as Nest, home security, audio speakers, and the feeding of pets. Here are three of the latest ways that computing technologies are being integrated into everyday products through IoT: 6. [6] Chapter 2: Hardware | 49 • How IoT Works • The Smart House • The Self-Driving Car The Commoditization of the Personal Computer Over the past forty years, as the personal computer has gone from technical marvel to part of everyday life, it has also become a commodity. There is very little differentiation between computer models and manufacturers, and the primary factor that controls their sale is their price. Hundreds of manufacturers all over the world now create parts for personal computers which are purchased and assembled. As commodities, there are essentially little or no differences between computers made by these different companies. Profit margins for personal computers are minimal, leading hardware developers to find the lowest-cost manufacturing methods. There is one brand of computer for which this is not the case – Apple. Because Apple does not make computers that run on the same open standards as other manufacturers, they can design and manufacture a unique product that no one can easily copy. By creating what many consider to be a superior product, Apple can charge more for their computers than other manufacturers. Just as with the iPad and iPhone, Apple has chosen a strategy of differentiation, an attempt to avoid commoditization. Summary Information systems hardware consists of the components of digital 50 | Information Systems for Business and Beyond (2019) technology that you can touch. This chapter covered the components that make up a personal computer, with the understanding that the configuration of a personal computer is very similar to that of any type of digital computing device. A personal computer is made up of many components, most importantly the CPU, motherboard, RAM, hard disk, removable media, and input/ output devices. Variations on the personal computer, such as the smartphone, were also examined. Finally, commoditization of the personal computer was addressed. Study Questions 1. Write your own description of what the term information systems hardware means. 2. What has lead to the shift toward mobility in computing? 3. What is the impact of Moore’s Law on the various hardware components described in this chapter? 4. Write a one page summary of one of the items linked to in the “Integrated Computing” section. 5. Explain why the personal computer is now considered a commodity. 6. The CPU can also be thought of as the _____________ of the computer. 7. List the units of measure for data storage in increasing order from smallest to largest, kilobyte to yottabyte. 8. What is the bus of a computer? 9. Name two differences between RAM and a hard disk. 10. What are the advantages of solid-state drives over hard disks? Chapter 2: Hardware | 51 Exercises 1. If you could build your own personal computer, what components would you purchase? Put together a list of the components you would use to create it, including a computer case, motherboard, CPU, hard disk, RAM, and DVD drive. How can you be sure they are all compatible with each other? How much would it cost? How does this compare to a similar computer purchased from a vendor such as Dell or HP? 2. Re-read the section on IoT, then find at least two scholarly articles about IoT. Prepare a minimum of three slides that address issues related to IoT. Be sure to give attribution to your sources. 3. What is the current status of solid-state drives vs. hard disks? Research online and compare prices, capacities, speed, and durability. Again, be sure to give attribution to your sources. Labs 1. Review the sidebar on the binary number system. Represent the following decimal numbers in binary: 16, 100. Represent the following binary numbers in decimal: 1011, 100100. Write the decimal number 254 in an 8-bit byte. 2. Re-read the section on IoT, then look around your building (dorm, apartment, or house) and make a list of possible instances of IoTs. Be sure to list their location and likely function. 1. Moore, G. E. (1965). Cramming more components onto integrated circuits. Electronics Magazine, 4. 2. Huang, J. (2018, April 2). Move Over Moore’s Law: Make Room 52 | Information Systems for Business and Beyond (2019) for Huang’s Law. IEEE Spectrum. Retrieved from hardware/move-over-moores-law-make-way-for-huangs- law↵ 3. Wikipedia. (n.d.) Universal Serial Bus. Retrieved from 4. Stevens, J. (2017). Mobile Internet Statistics and Facts 2017. Hosting Facts, August 17, 2017. Retrieved from 5. Statista. (2018). Global market share held by tablet vendors 4th quarter 2017. Retrieved from statistics/276635/market-share-held-by-tablet-vendors/ 6. Ranger, S. (2018, January 19). What is the IoT? ZDNet. Retrieved from things-everything-you-need-to-know-about-the-iot-right- now/. Chapter 2: Hardware | 53 Chapter 3: Software Learning Objectives Upon successful completion of this chapter, you will be able to: • define the term software; • identify and describe the two primary categories of software; • describe the role ERP software plays in an organization; • describe cloud computing and its advantages and disadvantages for use in an organization; and • define the term open-source and identify its primary characteristics. Introduction The second component of an information system is software, the set of instructions that tells the hardware what to do. Software is created by developers through the process of programming (covered in more detail in Chapter 10). Without software, the hardware would not be functional. 54 | Chapter 3: Software Types of Software Software can be broadly divided into two categories: operating systems and application software. Operating systems manage the hardware and create the interface between the hardware and the user. Application software performs specific tasks such as word processing, accounting, database management, video games, or browsing the web. Operating Systems An operating system is first loaded into the computer by the boot program, then it manages all of the programs in the computer, including both programs native to the operating system such as file and memory management and application software. Operating systems provide you with these key functions: 1. managing the hardware resources of the computer; 2. providing the user-interface components; Chapter 3: Software | 55 Linux Ubuntu desktop 3. providing a platform for software developers to write applications. All computing devices require an operating system. The most popular operating systems for personal computers are: Microsoft Windows, Apple’s Mac OS, and various versions of Linux. Smartphones and tablets run operating systems as well, such as iOS (Apple), Android (Google), Windows Mobile (Microsoft), and Blackberry. Microsoft provided the first operating system for the IBM-PC, released in 1981. Their initial venture into a Graphical User Interface (GUI) operating system, known as Windows, occurred in 1985. Today’s Windows 10 supports the 64-bit Intel CPU. Recall that “64-bit” indicates the size of data that can be moved within the computer. Apple introduced the Macintosh computer 1984 with the first commercially successful GUI. Apple’s operating system for the Macintosh is known as “Mac OS ” and also uses an Intel CPU supporting 64-bit processing. Mac OS versions have been named after mountains such as El Capitan, Sierra, and High Sierra. Multitasking, virtual memory, and voice input have become standard features of both operating systems. The Linux operating system is open source, meaning individual developers are allowed to make modifications to the programming code. Linux is a version of the Unix operating. Unix runs on large and expensive minicomputers. Linux developer Linus Torvalds, a professor in Finland and the creator of Linux, wanted to find a way to make Unix run on less expensive personal computers. Linux has many variations and now powers a large percentage of web servers in the world. 56 | Information Systems for Business and Beyond (2019) Sidebar: Why Is Microsoft Software So Dominant in the Business World? If you’ve worked in business, you may have noticed that almost all computers in business run a version of Microsoft Windows. However, in classrooms from elementary to college, there is almost a balance between Macs and PCs. Why has this not extended into the business world? As discussed in Chapter 1, many businesses used IBM mainframe computers back in the 1960s and 1970s. When businesses migrated to the microcomputer (personal computer) market, they elected to stay with IBM and chose the PC. Companies took the safe route, invested in the Microsoft operating system and in Microsoft software/applications. Microsoft soon found itself with the dominant personal computer operating system for businesses. As the networked PC began to replace the mainframe computer, Microsoft developed a network operating system along with a complete suite of programs focused on business users. Today Microsoft Office in its various forms controls 85% of the market. 1 Application Software The second major category of software is application software. 1. [1] Chapter 3: Software | 57 Image of Microsoft Excel Application software is utilized directly today to accomplish a specific goal such as word processing, calculations on a spreadsheet, or surfing the Internet using your favorite browser. The “Killer” App When a new type of digital device is invented, there are generally a small group of technology enthusiasts who will purchase it just for the joy of figuring out how it works. A “killer” application is one that becomes so essential that large numbers of people will buy a device just to run that application. For the personal computer, the killer application was the spreadsheet. The first spreadsheet was created by an MBA student at Harvard University who tired of making repeated calculations to determine the optimal result on a problem and decided to create a tool that allowed the user to easily change values and recalculate formulas. The result was the spreadsheet. Today’s dominant spreadsheet is Microsoft Excel which still retains the basic functionality of the first spreadsheet. Productivity Software Along with the spreadsheet, several other software applications have become standard tools for the workplace. Known as productivity software, these programs allow office employees to complete their daily work efficiently. Many times these applications 58 | Information Systems for Business and Beyond (2019) come packaged together, such as in Microsoft’s Office suite. Here is a list of some of these applications and their basic functions: • Word processing Users can create and edit documents using this class of software. Functions include the ability to type and edit text, format fonts and paragraphs, as well as add, move, and delete text throughout the document. Tables and images can be inserted. Documents can be saved in a variety of electronic file formats with Microsoft Word’s DOCX being the most popular. Documents can also be converted to other formats such as Adobe’s PDF (Portable Document Format) or a .TXT file. • Spreadsheet This class of software provides a way to do numeric calculations and analysis, displaying the result in charts and graphs. The working area is divided into rows and columns, where users can enter numbers, text, or formulas. It is the formulas that make a spreadsheet powerful, allowing the user to develop complex calculations that can change based on the numbers entered. The most popular spreadsheet package is Microsoft Excel, which saves its files in the XLSX format. • Presentation Users can create slideshow presentations using this class of software. The slides can be projected, printed, or distributed to interested parties. Text, images, audio, and visual can all be added to the slides. Microsoft’s PowerPoint is the most popular software right now, saving its files in PPTX format. • Some office suites include other types of software. For example, Microsoft Office includes Outlook, its e-mail package, and OneNote, an information-gathering collaboration tool. The professional version of Office also includes Microsoft Access, a database package. (Databases are covered more in Chapter 4.) Microsoft popularized the idea of the office-software productivity Chapter 3: Software | 59 bundle with their release of the Microsoft Office Suite. This package continues to dominate the market and most businesses expect employees to know how to use this software. However, many competitors to Microsoft Office do exist and are compatible with the file formats used by Microsoft (see table below). Microsoft also offers a cloud-based version of their office suite named Microsoft Office 365. Similar to Google Drive, this suite allows users to edit and share documents online utilizing cloud-computing technology. Utility Software and Programming Software Utility software includes programs that allow you to fix or modify your computer in some way. Examples include anti-malware software and programs that totally remove software you no longer want installed. These types of software packages were created to fill shortcomings in operating systems. Many times a subsequent release of an operating system will include these utility functions as part of the operating system itself. Programming software’s purpose is to produce software. Most of 60 | Information Systems for Business and Beyond (2019) Screen shot of Tableau (click to enlarge) these programs provide developers with an environment in which they can write the code, test it, and convert/compile it into the format that can then be run on a computer. This software is typically identified as the Integrated Development Environment (IDE) and is provided free from the corporation that developed the programming language that will be used to write the code. Sidebar: “PowerPointed” to Death As presentation software has gained acceptance as the primary method to formally present information to a group or class, the art of giving an engaging presentation is becoming rare. Many presenters now just read the bullet points in the presentation and immediately bore those in attendance, who can already read it for themselves. The real problem is not with PowerPoint as much as it is with the person creating and presenting. Author and chief evangelist Guy Kawasaki has developed the 10/20/ 30 rule for Powerpoint users. Just remember: 10 slides, 20 minutes, 30 point font.”2 If you are determined to improve your PowerPoint skills, read Presentation Zen by Garr Reynolds. New digital presentation technologies are being developed that go beyond Powerpoint. For example, Prezi uses a single canvas for the presentation, allowing presenters to place text, images, and 2. [2] Chapter 3: Software | 61 other media on the canvas, and then navigate between these objects as they present. Tools such as Tableau allow users to analyze data in depth and create engaging interactive visualizations. Sidebar: I Own This Software, Right? Well… When you purchase software and install it on your computer, are you the owner of that software? Technically, you are not! When you install software, you are actually just being given a license to use it. When you first install a package, you are asked to agree to the terms of service or the license agreement. In that agreement, you will find that your rights to use the software are limited. For example, in the terms of the Microsoft Office software license, you will find the following statement: “This software is licensed, not sold. This agreement only gives you some rights to use the features included in the software edition you licensed.” For the most part, these restrictions are what you would expect. You cannot make illegal copies of the software and you may not use it to do anything illegal. However, there are other, more unexpected terms in these software agreements. For example, many software agreements ask you to agree to a limit on liability. Again, from Microsoft: “Limitation on and exclusion of damages. You can recover from Microsoft and its suppliers only direct damages up to the amount you paid for the software. You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages.” This means if a problem with the software causes harm to your business, you cannot hold Microsoft or the supplier responsible for damages. 62 | Information Systems for Business and Beyond (2019) Applications for the Enterprise As the personal computer proliferated inside organizations, control over the information generated by the organization began splintering. For instance, the customer service department creates a customer database to keep track of calls and problem reports, and the sales department also creates a database to keep track of customer information. Which one should be used as the master list of customers? Or perhaps someone in sales might create a spreadsheet to calculate sales revenue, while someone in finance creates a different revenue document that meets the needs of their department, but calculates revenue differently. The two spreadsheets will report different revenue totals. Which one is correct? And who is managing all of this information? Enterprise Resource Planning In the 1990s the need to bring an organization’s information back under centralized control became more apparent. The Enterprise Resource Planning (ERP) system (sometimes just called enterprise software) was developed to bring together an entire organization within one program. ERP software utilizes a central database that is implemented throughout the entire organization. Here are some key points about ERP. • A software application. ERP is an application that is used by Chapter 3: Software | 63 many of an organization’s employees. • Utilizes a central database. All users of the ERP edit and save their information from the same data source. For example, this means there is only one customer table in the database, there is only one sales (revenue) table in the database, etc. • Implemented organization-wide. ERP systems include functionality that covers all of the essential components of a business. An organization can purchase modules for its ERP system that match specific needs such as order entry, manufacturing, or planning. ERP systems were originally marketed to large corporations. However, as more and more large companies began installing them, ERP vendors began targeting mid-sized and even smaller businesses. Some of the more well-known ERP systems include those from SAP, Oracle, and Microsoft. In order to effectively implement an ERP system in an organization, the organization must be ready to make a full commitment. All aspects of the organization are affected as old systems are replaced by the ERP system. In general, implementing an ERP system can take two to three years and cost several million dollars. So why implement an ERP system? If done properly, an ERP system can bring an organization a good return on their investment. By consolidating information systems across the enterprise and using the software to enforce best practices, most organizations see an overall improvement after implementing an ERP. Business processes as a form of competitive advantage will be covered in Chapter 9. 64 | Information Systems for Business and Beyond (2019) Customer Relationship Management A Customer Relationship Management (CRM) system manages an organization’s customers. In today’s environment, it is important to develop relationships with your customers, and the use of a well- designed CRM can allow a business to personalize its relationship with each of its customers. Some ERP software systems include CRM modules. An example of a well-known CRM package is Salesforce. Supply Chain Management Supply Chain Many organizations must deal with the complex task of managing their supply chains. At its simplest, a supply chain is the linkage between an organization’s suppliers, its manufacturing facilities, and the distributors of its products. Each link in the chain has a multiplying effect on the complexity of the process. For example, if there are two suppliers, one manufacturing facility, and two distributors, then the number of links to manage = 4 ( 2 x 1 x 2 ). However, if two more suppliers are added, plus another manufacturing facility, and two more distributors, then the number of links to manage = 32 ( 4 x 2 x 4 ). Also, notice in the above illustration that all arrows have two heads, indicating that information flows in both directions. Suppliers are part of a business’s supply chain. They provide information such as price, size, quantity, etc. to the business. In turn, the business provides information such as quantity on hand at every store to the supplier. The key to successful supply chain management is the information system. Chapter 3: Software | 65 A Supply Chain Management (SCM) system handles the interconnection between these links as well as the inventory of the products in their various stages of development. As discussed previously much of Walmart’s success has come from its ability to identify and control the supply chain for its products. Walmart invested heavily in their information system so they could communicate with their suppliers and manage the thousands of products they sell. Walmart realized in the 1980s that the key to their success was information systems. Specifically, they needed to manage their complex supply chain with its thousands of suppliers, thousands of retail outlets, and millions of customers. Their success came from being able to integrate information systems to every entity (suppliers, warehouses, retail stores) through the sharing of sales and inventory data. Take a moment to study the diagram above…look for the double-headed arrow. Notice that data flows down the supply chain from suppliers to retail stores. But it also flows up the supply chain, back to the suppliers so they can be up to date regarding production and shipping. Mobile Applications Just as with the personal computer, mobile devices such as 66 | Information Systems for Business and Beyond (2019) smartphones and electronic tablets also have operating systems and application software. These mobile devices are in many ways just smaller versions of personal computers. A mobile app is a software application designed to run specifically on a mobile device. As shown in Chapter 2, smartphones are becoming a dominant form of computing, with more smartphones being sold than personal computers. A greater discussion of PC and smartphone sales appears in Chapter 13, along with statistics regarding the decline in tablet sales. Businesses have adjusted to this trend by increasing their investment in the development of apps for mobile devices. The number of mobile apps in the Apple App Store has increased from zero in 2008 to over 2 million in 2017.3 Building a mobile app will will be covered in Chapter 10. Cloud Computing Historically, for software to run on a computer an individual copy of the software had to be installed on the computer. The concept of “cloud” computing changes this. Cloud Computing The “cloud” refers to applications, services, and data storage located on the Internet. Cloud service providers rely on giant server farms and massive storage devices that are connected via the Internet. Cloud computing allows users to access software and data storage services on the Internet. You probably already use cloud computing in some form. For example, if you access your e-mail via your web browser, you are 3. [3] Chapter 3: Software | 67 using a form of cloud computing if you are using Google Drive’s applications. While these are free versions of cloud computing, there is big business in providing applications and data storage over the web. Cloud computing is not limited to web applications. It can also be used for services such as audio or video streaming. Advantages of Cloud Computing • No software to install or upgrades to maintain. • Available from any computer that has access to the Internet. • Can scale to a large number of users easily. • New applications can be up and running very quickly. • Services can be leased for a limited time on an as-needed basis. • Your information is not lost if your hard disk crashes or your laptop is lost or stolen. • You are not limited by the available memory or disk space on your computer. Disadvantages of Cloud Computing • Your information is stored on someone else’s computer. • You must have Internet access to use it. • You are relying on a third-party to provide these services. Cloud computing has the ability to really impact how organizations manage technology. For example, why is an IT department needed to purchase, configure, and manage personal computers and software when all that is really needed is an Internet connection? 68 | Information Systems for Business and Beyond (2019) Using a Private Cloud Many organizations are understandably nervous about giving up control of their data and some of their applications by using cloud computing. But they also see the value in reducing the need for installing software and adding disk storage to local computers. A solution to this problem lies in the concept of a private cloud. While there are various models of a private cloud, the basic idea is for the cloud service provider to section off web server space for a specific organization. The organization has full control over that server space while still gaining some of the benefits of cloud computing. Virtualization Virtualization is the process of using software to simulate a computer or some other device. For example, using virtualization a single physical computer can perform the functions of several virtual computers, usually referred to as Virtual Machines (VMs). Organizations implement virtual machines in an effort to reduce the number of physical servers needed to provide the necessary services to users. This reduction in the number of physical servers also reduces the demand for electricity to run and cool the physical servers. For more detail on how virtualization works, see this informational page from VMWare. Chapter 3: Software | 69 Example program “Hello World” written in Java Software Creation Modern software applications are written using a programming language such as Java, Visual C, C++, Python, etc. A programming language consists of a set of commands and syntax that can be organized logically to execute specific functions. Using this language a programmer writes a program (known as source code) that can then be compiled into machine-readable form, the ones and zeroes necessary to be executed by the CPU. Languages such as HTML and Javascript are used to develop web pages. Open-Source Software When the personal computer was first released, computer enthusiasts banded together to build applications and solve problems. These computer enthusiasts were motivated to share any programs they built and solutions to problems they found. This collaboration enabled them to more quickly innovate and fix problems. As software began to become a business, however, this idea of sharing everything fell out of favor with many developers. When a program takes hundreds of hours to develop, it is understandable that the programmers do not want to just give it away. This led to a new business model of restrictive software licensing which required payment for software, a model that is still dominant today. This model is sometimes referred to as closed source, as the source code is not made available to others. 70 | Information Systems for Business and Beyond (2019) There are many, however, who feel that software should not be restricted. Just as with those early hobbyists in the 1970s, they feel that innovation and progress can be made much more rapidly if they share what has been learned. In the 1990s, with Internet access connecting more people together, the open-source movement gained steam. Open Office Suite Open-source software makes the source code available for anyone to copy and use. For most people having access to the source code of a program does little good since it is challenging to modify existing programming code. However, open-source software is also available in a compiled format that can be downloaded and installed. The open-source movement has led to the development of some of the most used software in the world such as the Firefox browser, the Linux operating system, and the Apache web server. Many businesses are wary of open-source software precisely because the code is available for anyone to see. They feel that this increases the risk of an attack. Others counter that this openness actually decreases the risk because the code is exposed to thousands of programmers who can incorporate code changes to quickly patch vulnerabilities. There are thousands of open-source applications available for download. For example, you can get the productivity suite from Chapter 3: Software | 71 Open Office. One good place to search for open-source software is, where thousands of programs are available for free download. Summary Software gives the instructions that tell the hardware what to do. There are two basic categories of software: operating systems and applications. Operating systems interface with the computer hardware and make system resources available. Application software allows users to accomplish specific tasks such as word processing, presentations, or databases. This group is also referred to as productivity software. An ERP system stores all data in a centralized database that is made accessible to all programs and departments across the organization. Cloud computing provides access to software and databases from the Internet via a web browser. Developers use various programming languages to develop software. Study Questions 1. Develop your own definition of software being certain to explain the key terms. 2. What are the primary functions of an operating system? 3. Which of the following are operating systems and which are applications: Microsoft Excel, Google Chrome, iTunes, Windows, Android, Angry Birds. 4. What is your favorite software application? What tasks does it help you accomplish? 72 | Information Systems for Business and Beyond (2019) 5. How would you categorize the software that runs on mobile devices? Break down these apps into at least three basic categories and give an example of each. 6. What does an ERP system do? 7. What is open-source software? How does it differ from closed- source software? Give an example of each. 8. What does a software license grant to the purchaser of the software? Exercises 1. Find a case study online about the implementation of an ERP system. Was it successful? How long did it take? Does the case study tell you how much money the organization spent? 2. If you were running a small business with limited funds for information technology, would you consider using cloud computing? Find some web-based resources that support your decision. 3. Go to and review their most downloaded software applications. Report on the variety of applications you find. Then pick one that interests you and report back on what it does, the kind of technical support offered, and the user reviews. 4. Review this article on the security risks of open-source software. Write a short analysis giving your opinion on the different risks discussed. 5. List three examples of programming languages? What features in each language makes it useful to developers? Chapter 3: Software | 73 Lab 1. Download Apache Open Office and create a document. Note: If your computer does not have Java Runtime Environment (JRE) 32-bit (x86) installed, you will need to download it first from this site.Open Office runs only in 32-bit (x86) mode. Here is a link to the Getting Started documentation for Open Office. How does it compare to Microsoft Office? Does the fact that you got it for free make it feel less valuable? 1. Statista. (2017). Microsoft – Statistics & Facts. Retrieved from 2. Kawasaki, G. (n.d.). The 10/20/30 Rules for PowerPoint. Retrieved from↵ 3. Statista. (2018). Number of apps in Apple App Store July 2008 to January 2017. Retrieved from https: statistics/263795/number-of-available-apps-in-the-apple- app-store/.↵ 74 | Information Systems for Business and Beyond (2019) Chapter 4: Data and Databases Learning Objectives Upon successful completion of this chapter, you will be able to: • Describe the differences between data, information, and knowledge; • Describe why database technology must be used for data resource management; • Define the term database and identify the steps to creating one; • Describe the role of a database management system; • Describe the characteristics of a data warehouse; and • Define data mining and describe its role in an organization. Chapter 4: Data and Databases | 75 Introduction You have already been introduced to the first two components of information systems: hardware and software. However, those two components by themselves do not make a computer useful. Imagine if you turned on a computer, started the word processor, but could not save a document. Imagine if you opened a music player but there was no music to play. Imagine opening a web browser but there were no web pages. Without data, hardware and software are not very useful! Data is the third component of an information system. Data, Information, and Knowledge There have been many definitions and theories about data, information, and knowledge. The three terms are often used interchangeably, although they are distinct in nature. We define and illustrate the three terms from the perspective of information systems. 76 | Information Systems for Business and Beyond (2019) Data are the raw facts, and may be devoid of context or intent. For example, a sales order of computers is a piece of data. Data can be quantitative or qualitative. Quantitative data is numeric, the result of a measurement, count, or some other mathematical calculation. Qualitative data is descriptive. “Ruby Red,” the color of a 2013 Ford Focus, is an example of qualitative data. A number can be qualitative too: if I tell you my favorite number is 5, that is qualitative data because it is descriptive, not the result of a measurement or mathematical calculation. Information is processed data that possess context, relevance, and purpose. For example, monthly sales calculated from the collected daily sales data for the past year are information. Information typically involves the manipulation of raw data to obtain an indication of magnitude, trends, in patterns in the data for a purpose. Knowledge in a certain area is human beliefs or perceptions about relationships among facts or concepts relevant to that area. For example, the conceived relationship between the quality of goods Chapter 4: Data and Databases | 77 and the sales is knowledge. Knowledge can be viewed as information that facilitates action. Once we have put our data into context, aggregated and analyzed it, we can use it to make decisions for our organization. We can say that this consumption of information produces knowledge. This knowledge can be used to make decisions, set policies, and even spark innovation. Explicit knowledge typically refers to knowledge that can be expressed into words or numbers. In contrast, tacit knowledge includes insights and intuitions, and is difficult to transfer to another person by means of simple communications. Evidently, when information or explicit knowledge is captured and stored in computer, it would become data if the context or intent is devoid. The final step up the information ladder is the step from knowledge (knowing a lot about a topic) to wisdom. We can say that someone has wisdom when they can combine their knowledge and experience to produce a deeper understanding of a topic. It often takes many years to develop wisdom on a particular topic, and requires patience. Big Data Almost all software programs require data to do anything useful. For example, if you are editing a document in a word processor such as Microsoft Word, the document you are working on is the data. The word-processing software can manipulate the data: create a new document, duplicate a document, or modify a document. Some other examples of data are: an MP3 music file, a video file, a spreadsheet, a web page, a social media post, and an e-book. Recently, big data has been capturing the attention of all types of organizations. The term refers to such massively large data sets that conventional data processing technologies do not have sufficient 78 | Information Systems for Business and Beyond (2019) power to analyze them. For example, Walmart must process millions customer transactions every hour across the world. Storing and analyzing that much data is beyond the power of traditional data management tools. Understanding and developing the best tools and techniques to manage and analyze these large data sets are a problem that governments and businesses alike are trying to solve. Databases The goal of many information systems is to transform data into information in order to generate knowledge that can be used for decision making. In order to do this, the system must be able to take data, allow the user to put the data into context, and provide tools for aggregation and analysis. A database is designed for just such a purpose. Why Databases? Data is a valuable resource in the organization. However, many people do not know much about database technology, but use non- database tools, such as Excel spreadsheet or Word document, to store and manipulate business data, or use poorly designed databases for business processes. As a result, the data are redundant, inconsistent, inaccurate, and corrupted. For a small data set, the use of non-database tools such as spreadsheet may not cause serious problem. However, for a large organization, corrupted data could lead to serious errors and destructive consequences. The common defects in data resources management are explained as follows. (1) No control of redundant data People often keep redundant data for convenience. Redundant Chapter 4: Data and Databases | 79 data could make the data set inconsistent. We use an illustrative example to explain why redundant data are harmful. Suppose the registrar’s office has two separate files that store student data: one is the registered student roster which records all students who have registered and paid the tuition, and the other is student grade roster which records all students who have received grades. As you can see from the two spreadsheets, this data management system has problems. The fact that “Student 4567 is Mary Brown, and her major is Finance” is stored more than once. Such occurrences are called data redundancy. Redundant data often make data access convenient, but can be harmful. For example, if Mary Brown changes her name or her major, then all her names and major stored in the system must be changed altogether. For small data systems, such a problem looks trivial. However, when the data system is huge, making changes to all redundant data is difficult if not impossible. As a result of data redundancy, the entire data set can be corrupted. (2) Violation of data integrity Data integrity means consistency among the stored data. We use the above illustrative example to explain the concept of data integrity and how data integrity can be violated if the data system is flawed. You can find that Alex Wilson received a grade in MKT211; however, you can’t find Alex Wilson in the student roster. That is, the two rosters are not consistent. Suppose we have a data integrity control to enforce the rules, say, “no student can receive a grade unless she/he has registered and paid tuition”, then such a violation of data integrity can never happen. (3) Relying on human memory to store and to search needed data The third common mistake in data resource management is the 80 | Information Systems for Business and Beyond (2019) over use of human memory for data search. A human can remember what data are stored and where the data are stored, but can also make mistakes. If a piece of data is stored in an un-remembered place, it has actually been lost. As a result of relying on human memory to store and to search needed data, the entire data set eventually becomes disorganized. To avoid the above common flaws in data resource management, database technology must be applied. A database is an organized collection of related data. It is an organized collection, because in a database, all data is described and associated with other data. For the purposes of this text, we will only consider computerized databases. Though not good for replacing databases, spreadsheets can be ideal tools for analyzing the data stored in a database. A spreadsheet package can be connected to a specific table or query in a database and used to create charts or perform analysis on that data. Data Models and Relational Databases Databases can be organized in many different ways by using different models. The data model of a database is the logical structure of data items and their relationships. There have been several data models. Since the 1980s, the relational data model has been popularized. Currently, relational database systems are commonly used in business organizations with few exceptions. A relational data model is easy to understand and use. In a relational database, data is organized into tables (or relations). Each table has a set of fields which define the structure of the data stored in the table. A record is one instance of a set of fields in a table. To visualize this, think of the records as the rows (or tuple) of the table and the fields as the columns of the table. In the example below, we have a table of student data, with each row representing a student record , and each column representing Chapter 4: Data and Databases | 81 one filed of the student record. A special filed or a combination of fields that determines the unique record is called primary key (or key). A key is usually the unique identification number of the records. Rows and columns in a table Designing a Database Suppose a university wants to create a School Database to track data. After interviewing several people, the design team learns that the goal of implementing the system is to give better insight into students’ performance and academic resources. From this, the team decides that the system must keep track of the students, their grades, courses, and classrooms. Using this information, the design team determines that the following tables need to be created: • STUDENT: student name, major, and e-mail. • COURSE: course title, enrollment capacity. • GRADE: this table will correlate STUDENT with COURSE, allowing us to have any given student to enroll multiple courses and to receive a grade for each course. • CLASSROOM: classroom location, classroom type, and classroom capacity 82 | Information Systems for Business and Beyond (2019) Now that the design team has determined which tables to create, they need to define the specific data items that each table will hold. This requires identifying the fields that will be in each table. For example, course title would be one of the fields in the COURSE table. Finally, since this will be a relational database, every table should have a field in common with at least one other table (in other words, they should have relationships with each other). A primary key must be selected for each table in a relational database. This key is a unique identifier for each record in the table. For example, in the STUDENT table, it might be possible to use the student name as a way to identify a student. However, it is more than likely that some students share the same name. A student’s e-mail address might be a good choice for a primary key, since e- mail addresses are unique. However, a primary key cannot change, so this would mean that if students changed their e-mail address we would have to remove them from the database and then re-insert them – not an attractive proposition. Our solution is to use student ID as the primary key of the STUDENT table. We will also do this for the COURSE table and the CLASSROOM table. This solution is quite common and is the reason you have so many IDs! The primary key of table can be just one field, but can also be a combination of two or more fields. For example, the combination of StudentID and CourseID the GRADE table can be the primary key of the GRADE table, which means that a grade is received by a particular student for a specific course. The next step of design of database is to identify and make the relationships between the tables so that you can pull the data together in meaningful ways. A relationship between two tables is implemented by using a foreign key. A foreign key is a field in one table that connects to the primary key data in the original table. For example, ClassroomID in the COURSE table is the foreign key that connects to the primary key ClassroomID in the CLASSROOM table. With this design, not only do we have a way to organize all of the data we need and have successfully related all the table together to Chapter 4: Data and Databases | 83 Tables of the student database meet the requirements, but have also prevented invalid data from being entered into the database. You can see the final database design in the figure below: Normalization When designing a database, one important concept to understand is normalization. In simple terms, to normalize a database means to design it in a way that: 1) reduces data redundancy; and 2) ensure data integrity. In the School Database design, the design team worked to achieve these objectives. For example, to track grades, a simple (and wrong) solution might have been to create a Student field in the COURSE table and then just list the names of all of the students there. However, this design would mean that if a student takes two or more courses, then his or her data would have to be entered twice or more times. This means the data are redundant. Instead, the designers solved this problem by introducing the GRADE table. In this design, when a student registers into the school system before taking a course, we first must add the student to the STUDENT table, where their ID, name, major, and e-mail address are entered. Now we will add a new entry to denote that the student takes a specific course. This is accomplished by adding a record with the StudentD and the CourseID in the GRADE table. If this student takes a second course, we do not have to duplicate the entry of the student’s name, major, and e-mail; instead, we 84 | Information Systems for Business and Beyond (2019) only need to make another entry in the GRADE table of the second course’s ID and the student’s ID. The design of the School database also makes it simple to change the design without major modifications to the existing structure. For example, if the design team were asked to add functionality to the system to track instructors who teach the courses, we could easily accomplish this by adding a PROFESSOR table (similar to the STUDENT table) and then adding a new field to the COURSE table to hold the professors’ ID. Data Types When defining the fields in a database table, we must give each field a data type. For example, the field StudentName is text string, while EnrollmentCapacity is number. Most modern databases allow for several different data types to be stored. Some of the more common data types are listed here: • Text: for storing non-numeric data that is brief, generally under 256 characters. The database designer can identify the maximum length of the text. • Number: for storing numbers. There are usually a few different number types that can be selected, depending on how large the largest number will be. • Boolean: a data type with only two possible values, such as 0 or 1, “true” or “false”, “yes” or “no”. • Date/Time: a special form of the number data type that can be interpreted as a number or a time. • Currency: a special form of the number data type that formats all values with a currency indicator and two decimal places. • Paragraph Text: this data type allows for text longer than 256 characters. • Object: this data type allows for the storage of data that cannot Chapter 4: Data and Databases | 85 Open Office Database Management System be entered via keyboard, such as an image or a music file. There are two important reasons that we must properly define the data type of a field. First, a data type tells the database what functions can be performed with the data. For example, if we wish to perform mathematical functions with one of the fields, we must be sure to tell the database that the field is a number data type. For example, we can subtract the course capacity from the classroom capacity to find out the number of extra seats available. The second important reason to define data type is so that the proper amount of storage space is allocated for our data. For example, if the StudentName field is defined as a Text(50) data type, this means 50 characters are allocated for each name we want to store. If a student’s name is longer than 50 characters, the database will truncate it. Database Management Systems To the computer, a database looks like one or more files. In order for the data in the database to be stored, read, changed, added, or removed, a software program must access it. Many software applications have this ability: iTunes can read its database to give you a listing of its songs (and play the songs); your mobile-phone software can interact with your list of contacts. But what about applications to create or manage a database? What software can you use to create a database, change a database’s structure, or simply do analysis? That is the purpose of a category of software applications called database management systems (DBMS). 86 | Information Systems for Business and Beyond (2019) DBMS packages generally provide an interface to view and change the design of the database, create queries, and develop reports. Most of these packages are designed to work with a specific type of database, but generally are compatible with a wide range of databases. A database that can only be used by a single user at a time is not going to meet the needs of most organizations. As computers have become networked and are now joined worldwide via the Internet, a class of database has emerged that can be accessed by two, ten, or even a million people. These databases are sometimes installed on a single computer to be accessed by a group of people at a single location. Other times, they are installed over several servers worldwide, meant to be accessed by millions. In enterprises the relational DBMS are built and supported by companies such as Oracle, Microsoft SQL Server, and IBM Db2. The open-source MySQL is also an enterprise database. Microsoft Access and Open Office Base are examples of personal database-management systems. These systems are primarily used to develop and analyze single-user databases. These databases are not meant to be shared across a network or the Internet, but are instead installed on a particular device and work with a single user at a time. Apache Base (see screen shot) can be used to create, modify, and analyze databases in open-database (ODB) format. Microsoft’s Access DBMS is used to work with databases in its own Microsoft Access Database format. Both Access and Base have the ability to read and write to other database formats as well. Structured Query Language Once you have a database designed and loaded with data, how will you do something useful with it? The primary way to work Chapter 4: Data and Databases | 87 with a relational database is to use Structured Query Language, SQL (pronounced “sequel,” or simply stated as S-Q-L). Almost all applications that work with databases (such as database management systems, discussed below) make use of SQL as a way to analyze and manipulate relational data. As its name implies, SQL is a language that can be used to work with a relational database. From a simple request for data to a complex update operation, SQL is a mainstay of programmers and database administrators. To give you a taste of what SQL might look like, here are a couple of examples using our School database: The following query will retrieve the major of student John Smith from the STUDENT table: SELECT StudentMajor FROM STUDENT WHERE StudentName = ‘John Smith’; The following query will list the total number of students in the STUDENT table: SELECT COUNT(*) FROM STUDENT; SQL can be embedded in many computer languages that are used to develop platform-independent web-based applications. An in- depth description of how SQL works is beyond the scope of this introductory text, but these examples should give you an idea of the power of using SQL to manipulate relational databases. Many DBMS, such as Microsoft Access, allow you to use QBE (Query-by- Example), a graphical query tool, to retrieve data though visualized commands. QBE generates SQL for you, and is easy to use. In comparison with SQL, QBE has limited functionalities and is unable to work without the DBMS environment. 88 | Information Systems for Business and Beyond (2019) Other Types of Databases The relational database model is the most used database model today. However, many other database models exist that provide different strengths than the relational model. The hierarchical database model, popular in the 1960s and 1970s, connected data together in a hierarchy, allowing for a parent/child relationship between data. The document-centric model allowed for a more unstructured data storage by placing data into “documents” that could then be manipulated. Perhaps the most interesting new development is the concept of NoSQL (from the phrase “not only SQL”). NoSQL arose from the need to solve the problem of large-scale databases spread over several servers or even across the world. For a relational database to work properly, it is important that only one person be able to manipulate a piece of data at a time, a concept known as record- locking. But with today’s large-scale databases (think Google and Amazon), this is just not possible. A NoSQL database can work with data in a looser way, allowing for a more unstructured environment, communicating changes to the data over time to all the servers that are part of the database. As stated earlier, the relational database model does not scale well. The term scale here refers to a database getting larger and larger, being distributed on a larger number of computers connected via a network. Some companies are looking to provide large-scale database solutions by moving away from the relational model to other, more flexible models. For example, Google now offers the App Engine Datastore, which is based on NoSQL. Developers can use the App Engine Datastore to develop applications that access data from anywhere in the world. offers several database services for enterprise use, including Amazon RDS, which is a relational database service, and Amazon DynamoDB, a NoSQL enterprise solution. Chapter 4: Data and Databases | 89 Sidebar: What Is Metadata? The term metadata can be understood as “data about data.” Examples of metadata of database are: • number of records • data type of field • size of field • description of field • default value of field • rules of use. When a database is being designed, a “data dictionary” is created to hold the metadata, defining the fields and structure of the database. Finding Value in Data: Business Intelligence With the rise of Big Data and a myriad of new tools and techniques at their disposal, businesses are learning how to use information to their advantage. The term business intelligence is used to describe the process that organizations use to take data they are collecting and analyze it in the hopes of obtaining a competitive advantage. Besides using their own data, stored in data warehouses (see below), firms often purchase information from data brokers to get a big- picture understanding of their industries and the economy. The results of these analyses can drive organizational strategies and provide competitive advantage. 90 | Information Systems for Business and Beyond (2019) Data Visualization Data visualization is the graphical representation of information and data. These graphical representations (such as charts, graphs, and maps) can quickly summarize data in a way that is more intuitive and can lead to new insights and understandings. Just as a picture of a landscape can convey much more than a paragraph of text attempting to describe it, graphical representation of data can quickly make meaning of large amounts of data. Many times, visualizing data is the first step towards a deeper analysis and understanding of the data collected by an organization. Examples of data visualization software include Tableau and Google Data Studio. Data Warehouses As organizations have begun to utilize databases as the centerpiece of their operations, the need to fully understand and leverage the data they are collecting has become more and more apparent. However, directly analyzing the data that is needed for day-to-day operations is not a good idea; we do not want to tax the operations of the company more than we need to. Further, organizations also want to analyze data in a historical sense: How does the data we have today compare with the same set of data this time last month, or last year? From these needs arose the concept of the data warehouse. The concept of the data warehouse is simple: extract data from one or more of the organization’s databases and load it into the data warehouse (which is itself another database) for storage and analysis. However, the execution of this concept is not that simple. A data warehouse should be designed so that it meets the following criteria: • It uses non-operational data. This means that the data Chapter 4: Data and Databases | 91 Data Warehouse Process (top-down) warehouse is using a copy of data from the active databases that the company uses in its day-to-day operations, so the data warehouse must pull data from the existing databases on a regular, scheduled basis. • The data is time-variant. This means that whenever data is loaded into the data warehouse, it receives a time stamp, which allows for comparisons between different time periods. • The data is standardized. Because the data in a data warehouse usually comes from several different sources, it is possible that the data does not use the same definitions or units. For example, each database uses its own format for dates (e.g., mm/dd/yy, or dd/mm/yy, or yy/mm/dd, etc.). In order for the data warehouse to match up dates, a standard date format would have to be agreed upon and all data loaded into the data warehouse would have to be converted to use this standard format. This process is called extraction-transformation-load (ETL). There are two primary schools of thought when designing a data warehouse: bottom-up and top-down. The bottom-up approach starts by creating small data warehouses, called data marts, to solve specific business problems. As these data marts are created, they can be combined into a larger data warehouse. The top- down approach suggests that we should start by creating an enterprise- wide data warehouse and then, as specific business needs are identified, create smaller data marts from the data warehouse. Benefits of Data Warehouses Organizations find data warehouses quite beneficial for a number of reasons: 92 | Information Systems for Business and Beyond (2019) • The process of developing a data warehouse forces an organization to better understand the data that it is currently collecting and, equally important, what data is not being collected. • A data warehouse provides a centralized view of all data being collected across the enterprise and provides a means for determining data that is inconsistent. • Once all data is identified as consistent, an organization can generate “one version of the truth”. This is important when the company wants to report consistent statistics about itself, such as revenue or number of employees. • By having a data warehouse, snapshots of data can be taken over time. This creates a historical record of data, which allows for an analysis of trends. • A data warehouse provides tools to combine data, which can provide new information and analysis. Data Mining and Machine Learning Data mining is the process of analyzing data to find previously unknown and interesting trends, patterns, and associations in order to make decisions. Generally, data mining is accomplished through automated means against extremely large data sets, such as a data warehouse. Some examples of data mining include: • An analysis of sales from a large grocery chain might determine that milk is purchased more frequently the day after it rains in cities with a population of less than 50,000. • A bank may find that loan applicants whose bank accounts show particular deposit and withdrawal patterns are not good credit risks. • A baseball team may find that collegiate baseball players with specific statistics in hitting, pitching, and fielding make for Chapter 4: Data and Databases | 93 more successful major league players. One data mining method that an organization can use to do these analyses is called machine learning. Machine learning is used to analyze data and build models without being explicitly programmed to do so. Two primary branches of machine learning exist: supervised learning and unsupervised learning. Supervised learning occurs when an organization has data about past activity that has occurred and wants to replicate it. For example, if they want to create a new marketing campaign for a particular product line, they may look at data from past marketing campaigns to see which of their consumers responded most favorably. Once the analysis is done, a machine learning model is created that can be used to identify these new customers. It is called “supervised” learning because we are directing (supervising) the analysis towards a result (in our example: consumers who respond favorably). Supervised learning techniques include analyses such as decision trees, neural networks, classifiers, and logistic regression. Unsupervised learning occurs when an organization has data and wants to understand the relationship(s) between different data points. For example, if a retailer wants to understand purchasing patterns of its customers, an unsupervised learning model can be developed to find out which products are most often purchased together or how to group their customers by purchase history. Is it called “unsupervised” learning because no specific outcome is expected. Unsupervised learning techniques include clustering and association rules. Privacy Concerns The increasing power of data mining has caused concerns for many, especially in the area of privacy. In today’s digital world, it is becoming easier than ever to take data from disparate sources and 94 | Information Systems for Business and Beyond (2019) combine them to do new forms of analysis. In fact, a whole industry has sprung up around this technology: data brokers. These firms combine publicly accessible data with information obtained from the government and other sources to create vast warehouses of data about people and companies that they can then sell. This subject will be covered in much more detail in chapter 12 – the chapter on the ethical concerns of information systems. Sidebar: What is data science? What is data analytics? The term “data science” is a popular term meant to describe the analysis of large data sets to find new knowledge. For the past several years, it has been considered one of the best career fields to get into due to its explosive growth and high salaries. While a data scientist does many different things, their focus is generally on analyzing large data sets using various programming methods and software tools to create new knowledge for their organization. Data scientists are skilled in machine learning and data visualization techniques. The field of data science is constantly changing, and data scientists are on the cutting edge of work in areas such as artificial intelligence and neural networks. Knowledge Management We end the chapter with a discussion on the concept of knowledge management (KM). All companies accumulate knowledge over the Chapter 4: Data and Databases | 95 course of their existence. Some of this knowledge is written down or saved, but not in an organized fashion. Much of this knowledge is not written down; instead, it is stored inside the heads of its employees. Knowledge management is the process of creating, formalizing the capture, indexing, storing, and sharing of the company’s knowledge in order to benefit from the experiences and insights that the company has captured during its existence. Summary In this chapter, we learned about the role that data and databases play in the context of information systems. Data is made up of facts of the world. If you process data in a particular context, then you have information. Knowledge is gained when information is consumed and used for decision making. A database is an organized collection of related data. Relational databases are the most widely used type of database, where data is structured into tables and all tables must be related to each other through unique identifiers. A database management system (DBMS) is a software application that is used to create and manage databases, and can take the form of a personal DBMS, used by one person, or an enterprise DBMS that can be used by multiple users. A data warehouse is a special form of database that takes data from other databases in an enterprise and organizes it for analysis. Data mining is the process of looking for patterns and relationships in large data sets. Many businesses use databases, data warehouses, and data-mining techniques in order to produce business intelligence and gain a competitive advantage. 96 | Information Systems for Business and Beyond (2019) Study Questions 1. What is the difference between data, information, and knowledge? 2. Explain in your own words how the data component relates to the hardware and software components of information systems. 3. What is the difference between quantitative data and qualitative data? In what situations could the number 42 be considered qualitative data? 4. What are the characteristics of a relational database? 5. When would using a personal DBMS make sense? 6. What is the difference between a spreadsheet and a database? List three differences between them. 7. Describe what the term normalization means. 8. Why is it important to define the data type of a field when designing a relational database? 9. Name a database you interact with frequently. What would some of the field names be? 10. What is metadata? 11. Name three advantages of using a data warehouse. 12. What is data mining? 13. In your own words, explain the difference between supervised learning and unsupervised learning. Give an example of each (not from the book). Exercises 1. Review the design of the School database earlier in this chapter. Reviewing the lists of data types given, what data types would you assign to each of the fields in each of the tables. What lengths would you assign to the text fields? Chapter 4: Data and Databases | 97 2. Download Apache and use the database tool to open the “Student Clubs.odb” file available here. Take some time to learn how to modify the database structure and then see if you can add the required items to support the tracking of faculty advisors, as described at the end of the Normalization section in the chapter. Here is a link to the Getting Started documentation. 3. Using Microsoft Access, download the database file of comprehensive baseball statistics from the website (If you don’t have Microsoft Access, you can download an abridged version of the file here that is compatible with Apache Open Office). Review the structure of the tables included in the database. Come up with three different data-mining experiments you would like to try, and explain which fields in which tables would have to be analyzed. 4. Do some original research and find two examples of data mining. Summarize each example and then write about what the two examples have in common. 5. Conduct some independent research on the process of business intelligence. Using at least two scholarly or practitioner sources, write a two-page paper giving examples of how business intelligence is being used. 6. Conduct some independent research on the latest technologies being used for knowledge management. Using at least two scholarly or practitioner sources, write a two-page paper giving examples of software applications or new technologies being used in this field. 98 | Information Systems for Business and Beyond (2019) Chapter 5: Networking and Communication Learning Objectives Upon successful completion of this chapter, you will be able to: • understand the history and development of networking technologies; • define the key terms associated with networking technologies; • understand the importance of broadband technologies; and • describe organizational networking. Introduction In the early days of computing, computers were seen as devices for making calculations, storing data, and automating business processes. However, as the devices evolved, it became apparent that many of the functions of telecommunications could be integrated into the computer. During the 1980s, many organizations began Chapter 5: Networking and Communication | 99 combining their once-separate telecommunications and information systems departments into an Information Technology (IT) department. This ability for computers to communicate with one another and to facilitate communication between individuals and groups has had a major impact on the growth of computing over the past several decades. Computer networking began in the 1960s with the birth of the Internet. However, while the Internet and web were evolving, corporate networking was also taking shape in the form of local area networks and client-server computing. The Internet went commercial in 1994 as technologies began to pervade all areas of the organization. Today it would be unthinkable to have a computer that did not include communications capabilities. This chapter reviews the different technologies that have been put in place to enable this communications revolution. A Brief History of the Internet In the Beginning: ARPANET The story of the Internet, and networking in general, can be traced back to the late 1950s. The United States was in the depths of the Cold War with the USSR as each nation closely watched the other to determine which would gain a military or intelligence advantage. In 1957, the Soviets surprised the U.S. with the launch of Sputnik, propelling us into the space age. In response to Sputnik, the U.S. Government created the Advanced Research Projects Agency (ARPA), whose initial role was to ensure that the U.S. was not surprised again. It was from ARPA, now called DARPA ((Defense Advanced Research Projects Agency), that the Internet first sprang. 100 | Information Systems for Business and Beyond (2019) ARPA was the center of computing research in the 1960s, but there was just one problem. Many of the computers could not communicate with each other. In 1968 ARPA sent out a request for proposals for a communication technology that would allow different computers located around the country to be integrated together into one network. Twelve companies responded to the request, and a company named Bolt, Beranek, and Newman (BBN) won the contract. They immediately began work and were able to complete the job just one year later. ARPA Net 1969 Professor Len Kleinrock of UCLA along with a group of graduate students were the first to successfully send a transmission over the ARPANET. The event occurred on October 29, 1969 when they attempted to send the word “login” from their computer at UCLA to the Stanford Research Institute. You can read their actual notes. The first four nodes were at UCLA, University of California, Stanford, and the University of Utah. Chapter 5: Networking and Communication | 101 The Internet and the World Wide Web Over the next decade, the ARPANET grew and gained popularity. During this time, other networks also came into existence. Different organizations were connected to different networks. This led to a problem. The networks could not communicate with each other. Each network used its own proprietary language, or protocol (see sidebar for the definition of protocol) to send information back and forth. This problem was solved by the invention of Transmission Control Protocol/Internet Protocol (TCP/IP). TCP/IP was designed to allow networks running on different protocols to have an intermediary protocol that would allow them to communicate. So as long as your network supported TCP/IP, you could communicate with all of the other networks running TCP/IP. TCP/IP quickly became the standard protocol and allowed networks to communicate with each other. It is from this breakthrough that we first got the term Internet, which simply means “an interconnected network of networks.” Sidebar: An Internet Vocabulary Lesson Network communication is full of some very technical concepts based on simple principles. Learn the following terms and you’ll be able to hold your own in a conversation about the Internet. • Packet The fundamental unit of data transmitted over the Internet. When a host (PC, workstation, server, printer, etc.) intends to send a message to another host (for example, your PC sends a request to YouTube to open a video), it breaks the message down into smaller pieces, called packets. Each packet has the sender’s address, the destination address, a sequence 102 | Information Systems for Business and Beyond (2019) number, and a piece of the overall message to be sent. Different packets in a single message can take a variety of routes to the destination and they can arrive at different times. For this reason the sequence number is used to reassemble the packets in the proper order at the destination. • Switch A network device that connects multiple hosts together and forwards packets based on their destination within the local network which is commonly known as a Local Area Network (LAN). • Router A device that receives and analyzes packets and then routes them towards their destination. In some cases a router will send a packet to another router. In other cases it will send it directly to its destination. Routers are used to connect one network to another network. • IP Address Every device on the Internet (personal computer, a tablet, a smartphone, etc.) is assigned a unique identifying number called an IP (Internet Protocol) address. Originally, the IPv4 (version 4) standard was used. It had a format of four numbers with values ranging from 0 and 255 separated by a period. For example, the domain has the IPv4 address The IPv4 standard has a limit of 4,294,967,296 possible addresses. As the use of the Internet has grown, the number of IP addresses needed has increased to the point where the use of IPv4 addresses will be exhausted. This has led to the new IPv6 standard.The IPv6 standard is formatted as eight groups of four hexadecimal digits, such as 2001:0db8:85a3:0042:1000:8a2e:0370:7334. The IPv6 standard has a limit of 3.4×1038 possible addresses. For example, the domain has an IPv6 address of: [2620:109:c002::6cae:a0a]. You probably noticed that the address has only five groups of numbers. That’s because IPv6 allows the use of two semi-colons ( :: ) to indicate groups that are all zeroes and do not need to be displayed. For more detail about the IPv6 standard, see this Wikipedia article. • Domain name If you had to try to remember the IP address of Chapter 5: Networking and Communication | 103 every web site you wanted to access, the Internet would not be nearly as easy to use. A domain name is a human-friendly name, convenient for remembering a website. These names generally consist of a descriptive word followed by a dot (period) and the Top-Level Domain (TLD). For example, Wikipedia’s domain name is Wikipedia describes the organization and .org is the TLD. Other well-known TLDs include .com, .net, and .gov. For a list and description of top level domain names, see this Wikipedia article. • DNS DNS stands for “domain name server or system.” DNS acts as the directory of websites on the Internet. When a request to access a host with a domain name is given, a DNS server is queried. It returns the IP address of the host requested, allowing for proper routing. • Packet-switching When a message’s packets are sent on the Internet, routers try to find the optimal route for each packet. This can result in packets being sent on different routes to their destination. After the packets arrive they are re- assembled into the original message for the recipient. For more details on packet-switching, see this interactive web page. • Protocol A protocol is the set of rules that govern how communications take place on a network. For example, File Transfer Protocol (FTP) are the communication rules for transferring files from one host to another. TCP/IP, discussed earlier, is known as a protocol suite since it contains numerous protocols. 104 | Information Systems for Business and Beyond (2019) Internet Users Worldwide, December 2017. (Public Domain. Courtesy of the Miniwatts Marketing Group) The 1980s witnessed a significant growth in Internet usage. Internet access came primarily from government, academic, and research organizations. Much to the surprise of the engineers, the early popularity of the Internet was driven by the use of electronic mail (see the next sidebar ). Initially, Internet use meant having to type commands, even including IP addresses, in order to access a web server. That all changed in 1990 when Tim Berners-Lee introduced his World Wide Web project which provided an easy way to navigate the Internet through the use of hypertext. The World Wide Web gained even more steam in 1993 with the release of the Mosaic browser which allowed graphics and text to be combined as a way to present information and navigate the Internet. The Dot-Com Bubble In the 1980s and early 1990s, the Internet was being managed by the National Science Foundation (NSF). The NSF had restricted commercial ventures on the Internet, which meant that no one could buy or sell anything online. In 1991, the NSF transferred its role to three other organizations, thus getting the US government out of direct control over the Internet and essentially opening up commerce online. This new commercialization of the Internet led to what is now known as the dot-com bubble. A frenzy of investment in new dot- Chapter 5: Networking and Communication | 105 com companies took place in the late 1990s with new tech companies issuing Initial Public Offerings (IPO) and heating up the stock market. This investment bubble was driven by the fact that investors knew that online commerce would change everything. Unfortunately, many of these new companies had poor business models and anemic financial statements showing little or no profit. In 2000 and 2001, the bubble burst and many of these new companies went out of business. Some companies survived, including Amazon (started in 1994) and eBay (1995). After the dot- com bubble burst, a new reality became clear. In order to succeed online, e-business companies would need to develop business models appropriate for the online environment. Web 2.0 In the first few years of the World Wide Web, creating and hosting a website required a specific set of knowledge. A person had to know how to set up a web server, get a domain name, create web pages in HTML, and troubleshoot various technical issues. Starting in the early 2000s, major changes came about in how the Internet was being used. These changes have come to be known as Web 2.0. Here are some key characteristics in Web 2.0. • Universal access to Apps • Value is found in content, not display software • Data can be easily shared • Distribution is bottom up, not top down • Employees and customers can use access and use tools on their own • Informal networking is encouraged since more contributors results in better content • Social tools encourage people to share information 1 106 | Information Systems for Business and Beyond (2019) Social networking, the last item in the list, has led to major changes in society. Prior to Web 2.0 major news outlets investigated and reported important news stories of the day. But in today’s world individuals are able to easily share their own views on various events. Apps such as Facebook, Twitter, Youtube, and personal blogs allow people to express their own viewpoint. Sidebar: E-mail Is the “Killer” App for the Internet As discussed in chapter 3, a “killer app” is a use of a device that becomes so essential that large numbers of people will buy the device just to run that application. The killer app for the personal computer was the spreadsheet, enabling users to enter data, write formulas, and easily make “what if” decisions. With the introduction of the Internet came another killer app – E-mail. The Internet was originally designed as a way for the Department of Defense to manage projects. However, the invention of electronic mail drove demand for the Internet. While this wasn’t what developers had in mind, it turned out that people connecting with people was the killer app for the Internet. As we look back today, we can see this being repeated again and again with new technologies that enable people to connect with each other. Sidebar: The Internet and the World Wide Web 1. [1] Chapter 5: Networking and Communication | 107 Are Not the Same Thing Many times the terms “Internet” and “World Wide Web,” or even just “the web,” are used interchangeably. But really, they are not the same thing. The Internet is an interconnected network of networks. Services such as email, voice and video, file transfer, and the World Wide Web all run across the Internet.The World Wide Web is simply one part of the Internet. It is made up of web servers that have HTML pages that are being viewed on devices with web browsers. The Growth of High Speed Internet In the early days of the Internet, most access was accomplished via a modem over an analog telephone line. A modem was connected to the incoming phone line when then connected to a computer. Speeds were measured in bits-per-second (bps), with speeds growing from 1200 bps to 56,000 bps over the years. Connection to the Internet via modems is called dial-up access. As the web became more interactive, dial-up hindered usage when users wanted to transfer more and more data. As a point of reference, downloading a typical 3.5 MB song would take 24 minutes at 1200 bps and 2 minutes at 28,800 bps. High speed Internet speeds, by definition, are a minimum of 256,000 bps, though most connections today are much faster, measured in millions of bits per second (megabits or Mbps) or even billions (gigabits). For the home user, a high speed connection is usually accomplished via the cable television lines or phone lines using a Digital Subscriber Line (DSL). Both cable and DSL have similar prices and speeds, though price and speed can vary in local communities. According to the website Recode, the average home 108 | Information Systems for Business and Beyond (2019) broadband speed ranges from 12 Mbps and 125 Mbps.2 Telecommunications companies provide T1 and T3 lines for greater bandwidth and reliability. High speed access, also known as broadband, is important because it impacts how the Internet is used. Communities with high speed Internet have found residences and businesses increase usage of digital resources. Access to high speed Internet is now considered a basic human right by the United Nations, as declared in their 2011 statement: “Broadband technologies are fundamentally transforming the way we live,” the Broadband Commission for Digital Development, set up in 2017 by the UN Educational Scientific and Cultural Organization (UNESCO) and the UN International Telecommunications Union (ITU), said in issuing “The Broadband Challenge” at a leadership summit in Geneva. “It is vital that no one be excluded from the new global knowledge societies we are building. We believe that communication is not just a human need – it is a right.”3 Wireless Networking Thanks to wireless technology, access to the Internet is virtually everywhere, especially through a smartphone. Wi-Fi Wi-Fi takes an Internet signal and converts it into radio waves. 2. [2] 3. [3] Chapter 5: Networking and Communication | 109 These radio waves can be picked up within a radius of approximately 65 feet by devices with a wireless adapter. Several Wi-Fi specifications have been developed over the years, starting with 802.11b in 1999, followed by the 802.11g specification in 2003 and 802.11n in 2009. Each new specification improved the speed and range of Wi-Fi, allowing for more uses. One of the primary places where Wi-Fi is being used is in the home. Home users access Wi-Fi via in-home routers provided by the telecommunications firm that services the residence. Mobile Network As the cellphone has evolved into the smartphone, the desire for Internet access on these devices has led to data networks being included as part of the mobile phone network. While Internet connections were technically available earlier, it was really with the release of the 3G networks in 2001 (2002 in the US) that smartphones and other cellular devices could access data from the Internet. This new capability drove the market for new and more powerful smartphones, such as the iPhone, introduced in 2007. In 2011, wireless carriers began offering 4G data speeds, giving the cellular networks the same speeds that customers were accustomed to getting via their home connection. Beginning in 2019, some part of the world began seeing the implementation of 5G communication networks. Speeds associated with 5G will be greater than 1 GB/second, providing connection speeds to handle just about any type of application. Some have speculated that the 5G implementation will lead households to eliminate the purchase of wired Internet connections for their homes, just using 5G wireless connections instead. 110 | Information Systems for Business and Beyond (2019) 3G, 4G, and 5G Comparison 3G 4G 5G Deployed 2004-2005 2006-2010 By 2020 Bandwidth 2 mbps 200 mbps > 1 gbps, Service Integrated high-quality audio, video and data Dynamic information access, variable devices Dynamic information access, variable devices with all capabilities (James Dean, Raconteur, December 7, 2014) 4 Sidebar: Why Doesn’t My Cellphone Work When I Travel Abroad? As mobile phone technologies have evolved, providers in different countries have chosen different communication standards for their mobile phone networks. There are two competing standards in the US: GSM (used by AT&T and T-Mobile) and CDMA (used by the other major carriers). Each standard has its pros and cons, but the bottom line is that phones using one standard cannot easily switch to the other. This is not a big deal in the US because mobile networks exist to support both standards. But when traveling to other countries, you will find that most of them use GSM networks. The one exception is Japan which has standardized on CDMA. It is possible for a mobile phone using one type of network to switch to the other type of network by changing out the SIM card, which controls your access to the mobile network. However, this will not 4. [4] Chapter 5: Networking and Communication | 111 work in all cases. If you are traveling abroad, it is always best to consult with your mobile provider to determine the best way to access a mobile network. Bluetooth While Bluetooth is not generally used to connect a device to the Internet, it is an important wireless technology that has enabled many functionalities that are used every day. When created in 1994 by Ericsson, it was intended to replace wired connections between devices. Today, it is the standard method for wirelessly connecting nearby devices. Bluetooth has a range of approximately 300 feet and consumes very little power, making it an excellent choice for a variety of purposes. Some applications of Bluetooth include: connecting a printer to a personal computer, connecting a mobile phone and headset, connecting a wireless keyboard and mouse to a computer, or connecting your mobile phone to your car, resulting in hands free operation of your phone. 112 | Information Systems for Business and Beyond (2019) Typical VoIP communicati on VoIP Voice over IP (VoIP) allows analog signals to be converted to digital signals, then transmitted on a network. By using existing technologies and software, voice communication over the Internet is now available to anyone with a browser (think Skype, WebEx, Google Hangouts). Beyond this, many companies are now offering VoIP-based telephone service for business and home use. Chapter 5: Networking and Communication | 113 Organizational Networking LAN and WAN Scope of business networks While the Internet was evolving and creating a way for organizations to connect to each other and the world, another revolution was taking place inside organizations. The proliferation of personal computers led to the need to share resources such as printers, scanners, and data. Organizations solved this problem through the creation of local area networks (LANs), which allowed computers to connect to each other and to peripherals. A LAN is a local network, usually operating in the same building or on the same campus. A Wide Area Network (WAN) provides connectivity over a wider area such as an organization’s locations in different cities or states. 114 | Information Systems for Business and Beyond (2019) Client-Server Client-server computing provides stand-alone devices such as personal computers, printers, and file servers to work together. The personal computer originally was used as a stand-alone computing device. A program was installed on the computer and then used to do word processing or calculations. With the advent of networking and local area networks, computers could work together to solve problems. Higher-end computers were installed as servers, and users on the local network could run applications and share information among departments and organizations. Intranet An intranet, as the name implies, provides web-based resources for the users within an organization. These web pages are not accessible to those outside the company. The pages typically contain information useful to employees such as policies and procedures. In an academic setting the intranet provides an interface to learning resources for students. Extranet Sometimes an organization wants to be able to collaborate with its customers or suppliers while at the same time maintaining the security of being inside its own network. In cases like this a company may want to create an extranet, which is a part of a company’s network that can be made available securely to those outside of the company. Extranets can be used to allow customers to log in and place orders, or for suppliers to check their customers’ inventory levels. Chapter 5: Networking and Communication | 115 Sometimes an organization will need to allow someone who is not located physically within its internal network to gain secure access to the intranet. This access can be provided by a virtual private network (VPN). VPNs will be discussed further in Chapter 6 which focuses on Information Security). Sidebar: Microsoft’s SharePoint Powers the Intranet As organizations begin to see the power of collaboration between their employees, they often look for solutions that will allow them to leverage their intranet to enable more collaboration. Since most companies use Microsoft products for much of their computing, some are using Microsoft’s SharePoint to support employee collaboration. SharePoint provides a communication and collaboration platform that integrates seamlessly with Microsoft’s Office suite of applications. Using SharePoint, employees can share a document and edit it together, avoiding the need to email the document for others to review. Projects and documents can be managed collaboratively across the organization. Corporate documents are indexed and made available for search. Cloud Computing Cloud computing was covered in Chapter 3. The universal availability of the Internet combined with increases in processing 116 | Information Systems for Business and Beyond (2019) power and data-storage capacity have made cloud computing a viable option for many companies. Using cloud computing, companies or individuals can contract to store data on storage devices somewhere on the Internet. Applications can be “rented” as needed, giving a company the ability to quickly deploy new applications. The I.T. department benefits from not having to maintain software that is provided on the cloud. Sidebar: Metcalfe’s Law Just as Moore’s Law describes how computing power is increasing over time, Metcalfe’s Law describes the power of networking. Metcalfe’s Law states that the value of a telecommunications network is proportional to the square of the number of connected users of the system, or N2. If a network has 10 nodes, the inherent value is 100, or 102. Metcalfe’s Law is attributed to Robert Metcalfe, the co-inventor of Ethernet. It attempts to address the added value provided by each node on the network. Think about it this way: If none of your friends were on Instagram, would you spend much time there? If no one else at your school or place of work had e-mail, would it be very useful to you? Metcalfe’s Law tries to quantify this value. Summary The networking revolution has completely changed how personal computers are used. Today, no one would imagine using a computer that was not connected to one or more networks. The development Chapter 5: Networking and Communication | 117 of the Internet and World Wide Web, combined with wireless access, has made information available at our fingertips. The Web 2.0 revolution has made everyone potential authors of web content. As networking technology has matured, the use of Internet technologies has become a standard for every type of organization. The use of intranets and extranets has allowed organizations to deploy functionality to employees and business partners alike, increasing efficiencies and improving communications. Cloud computing has truly made information available everywhere. Study Questions 1. What were the first four locations hooked up to the Internet (ARPANET)? 2. What does the term packet mean? 3. Which came first, the Internet or the World Wide Web? 4. What was revolutionary about Web 2.0? 5. What was the so-called killer app for the Internet? 6. What does the term VoIP mean? 7. What is a LAN? 8. What is the difference between an intranet and an extranet? 9. What is Metcalfe’s Law? Exercises 1. What is the difference between the Internet and the World Wide Web? Create at least three statements that identify the differences between the two. 2. Who are the broadband providers in your area? What are the 118 | Information Systems for Business and Beyond (2019) prices and speeds offered? 3. Pretend you are planning a trip to three foreign countries in the next month. Consult your wireless carrier to determine if your mobile phone would work properly in those countries. What would the costs be? What alternatives do you have if it would not work? Labs 1. Check the speed of your Internet connection by going to the following web site: What is your download and upload speed? 2. What is the IP address of your computer? How did you find it? Hint for Windows: Go to the start icon and click Run. Then open the Command Line Interface by typing: cmd Then type: ipconfigWhat is your IPv4 address?What is your IPv6 address? 3. When you enter an address in your web browser, a Domain Name Server (DNS) is used to lookup the IP address of the site you are seeking. To locate the DNS server your computer is using, type: nslookupWrite down the name and address of your DNS server.Use the nslookup command to find the address for a favorite web site. For example, to find the IP address of espn type: nslookup espnWrite down your website’s name and address. Note: it is on the line following the name of the web site you entered. 4. You can use the tracert (trace route) command to display the path from your computer to the web site’s IP address you used in the previous lab. For example, tracert patient as tracert contacts each router in the path to your website’s server. A “Request timed out” message indicates the tracing is taking too long, probably due to a lack of bandwidth. You can stop the trace by pressing Ctrl + C Chapter 5: Networking and Communication | 119 5. The ping command allows you check connectivity between the local host (your computer) and another host. If you are unable to connect to another host, the ping command can be used to incrementally test your connectivity. The IP address is known as your home address (local host).Begin your test by going to your command line interface (command promkpt) and pinging your local host: ping should get a series of “Reply from” messagesNext, ping the IP address you used in lab #3.Sometimes a failed ping is not the result of a lack of connectivity. Network administrators of some IP addresses/hosts do not want their site pinged so they block all ICMP packets. That’s the protocol used for pinging. • The site provides you with information about a web site. For example, to find information about open your web browser and type: Then in the Lookup window, type: google.comFind information about a favorite site of yours. Record the following: administrator name, phone number, when the site was created, and the site’s name servers (the names begin with “ns”). • Network statistics can be displayed using the netstat command. In the command line window (see lab #2 for instructions on how to get to the command line), type: netstat -eHow many bytes were sent and how many were received?Execute the command again and record your results. You should see an increase in both received and sent bytes.To see a complete list of options/switches for the netstat command, type: netstat ? 1. Wolcott, M. (2017). What is Web 2.0? MoneyWatch. Retrieved from↵ 2. Molla, R. (2017). These are the fastest and slowest Internet 120 | Information Systems for Business and Beyond (2019) speeds”. Recode. Retrieved from 6/9/15768598/states-fastest-slowest-internet-speeds↵ 3. International Telecommunications Union. (2018, January 23). UN Broadband Commission sets goal broadband targets to bring online the world’s 3.8 billion not connected to the Internet. Retrieved from mediacentre/Pages/2018-PR01.aspx↵ 4. “Dean, J. (2014). 4G vs 5G Mobile Technology. Raconteur Retrieved from vs-5g-mobile-technology. Chapter 5: Networking and Communication | 121 Chapter 6: Information Systems Security Learning Objectives Upon successful completion of this chapter, you will be able to: • identify the information security triad; • identify and understand the high-level concepts surrounding information security tools; and • secure yourself digitally. Introduction As computers and other digital devices have become essential to business and commerce, they have also increasingly become a target for attacks. In order for a company or an individual to use a computing device with confidence, they must first be assured that the device is not compromised in any way and that all communications will be secure. This chapter reviews the fundamental concepts of information systems security and discusses some of the measures that can be taken to mitigate 122 | Chapter 6: Information Systems Security The security triad security threats. The chapter begins with an overview focusing on how organizations can stay secure. Several different measures that a company can take to improve security will be discussed. Finally, you will review a list of security precautions that individuals can take in order to secure their personal computing environment. The Information Security Triad: Confidentiality, Integrity, Availability (CIA) Confidentiality Protecting information means you want to want to be able to restrict access to those who are allowed to see it. This is sometimes referred to as NTK, Need to Know. Everyone else should be disallowed from learning anything about its contents. This is the essence of confidentiality. For example, federal law requires that universities restrict access to private student information. Access to grade records should be limited to those who have authorized access. Chapter 6: Information Systems Security | 123 Integrity Integrity is the assurance that the information being accessed has not been altered and truly represents what is intended. Just as a person with integrity means what he or she says and can be trusted to consistently represent the truth, information integrity means information truly represents its intended meaning. Information can lose its integrity through malicious intent, such as when someone who is not authorized makes a change to intentionally misrepresent something. An example of this would be when a hacker is hired to go into the university’s system and change a student’s grade. Integrity can also be lost unintentionally, such as when a computer power surge corrupts a file or someone authorized to make a change accidentally deletes a file or enters incorrect information. Availability Information availability is the third part of the CIA triad. Availability means information can be accessed and modified by anyone authorized to do so in an appropriate timeframe. Depending on the type of information, appropriate timeframe can mean different things. For example, a stock trader needs information to be available immediately, while a sales person may be happy to get sales numbers for the day in a report the next morning. Online retailers require their servers to be available twenty-four hours a day, seven days a week. Other companies may not suffer if their web servers are down for a few minutes once in a while. 124 | Information Systems for Business and Beyond (2019) Tools for Information Security In order to ensure the confidentiality, integrity, and availability of information, organizations can choose from a variety of tools. Each of these tools can be utilized as part of an overall information- security policy. Authentication The most common way to identify someone is through their physical appearance, but how do we identify someone sitting behind a computer screen or at the ATM? Tools for authentication are used to ensure that the person accessing the information is, indeed, who they present themselves to be. Authentication can be accomplished by identifying someone through one or more of three factors: 1. Something they know, 2. Something they have, or 3. Something they are. For example, the most common form of authentication today is the user ID and password. In this case, the authentication is done by confirming something that the user knows (their ID and password). But this form of authentication is easy to compromise (see sidebar) and stronger forms of authentication are sometimes needed. Identifying someone only by something they have, such as a key or a card, can also be problematic. When that identifying token is lost or stolen, the identity can be easily stolen. The final factor, something you are, is much harder to compromise. This factor identifies a user through the use of a physical characteristic, such as a retinal scan, Chapter 6: Information Systems Security | 125 RSA SecureID token fingerprint, or facial geometry. Identifying someone through their physical characteristics is called biometrics. A more secure way to authenticate a user is through multi-factor authentication. By combining two or more of the factors listed above, it becomes much more difficult for someone to misrepresent themselves. An example of this would be the use of an RSA SecurID token. The RSA device is something you have, and it generates a new access code every sixty seconds. To log in to an information resource using the RSA device, you combine something you know, such as a four-digit PIN, with the code generated by the device. The only way to properly authenticate is by both knowing the code and having the RSA device. Access Control Once a user has been authenticated, the next step is to ensure that they can only access the information resources that are appropriate. This is done through the use of access control. Access control determines which users are authorized to read, modify, add, and/ or delete information. Several different access control models exist. Two of the more common are: the Access Control List (ACL) and Role-Based Access Control (RBAC). An information security employee can produce an ACL which identifies a list of users who have the capability to take specific actions with an information resource such as data files. Specific 126 | Information Systems for Business and Beyond (2019) Comparison of ACL and RBAC permissions are assigned to each user such as read, write, delete, or add. Only users with those permissions are allowed to perform those functions. ACLs are simple to understand and maintain, but there are several drawbacks. The primary drawback is that each information resource is managed separately, so if a security administrator wanted to add or remove a user to a large set of information resources, it would be quite difficult. And as the number of users and resources increase, ACLs become harder to maintain. This has led to an improved method of access control, called role-based access control, or RBAC. With RBAC, instead of giving specific users access rights to an information resource, users are assigned to roles and then those roles are assigned the access. This allows the administrators to manage users and roles separately, simplifying administration and, by extension, improving security. The following image shows an ACL with permissions granted to individual users. RBAC allows permissions to be assigned to roles, as shown in the middle grid, and then in the third grid each user is assigned a role. Although not modeled in the image, each user can have multiple roles such as Reader and Editor. Sidebar: Password Security So why is using just a simple user ID and password not considered a secure method of authentication? It turns out that this single-factor Chapter 6: Information Systems Security | 127 authentication is extremely easy to compromise. Good password policies must be put in place in order to ensure that passwords cannot be compromised. Below are some of the more common policies that organizations should use. • Require complex passwords. One reason passwords are compromised is that they can be easily guessed. A recent study found that the top three passwords people used were password, 123456 and 12345678.[1] A password should not be simple, or a word that can be found in a dictionary. Hackers first attempt to crack a password by testing every term in the dictionary. Instead, a good password policy should require the use of a minimum of eight characters, at least one upper-case letter, one special character, and one digit. • Change passwords regularly. It is essential that users change their passwords on a regular basis. Also, passwords may not be reused. Users should change their passwords every sixty to ninety days, ensuring that any passwords that might have been stolen or guessed will not be able to be used against the company. • Train employees not to give away passwords. One of the primary methods used to steal passwords is to simply figure them out by asking the users for their password. Pretexting occurs when an attacker calls a helpdesk or security administrator and pretends to be a particular authorized user having trouble logging in. Then, by providing some personal information about the authorized user, the attacker convinces the security person to reset the password and tell him what it is. Another way that employees may be tricked into giving away passwords is through e-mail phishing. Phishing occurs when a user receives an e-mail that looks as if it is from a trusted source, such as their bank or employer. In the e-mail the user is asked to click a link and log in to a website that mimics the genuine website, then enter their ID and password. The userID and password are then captured by the attacker. 128 | Information Systems for Business and Beyond (2019) Encryption Many times an organization needs to transmit information over the Internet or transfer it on external media such as a flash drive. In these cases, even with proper authentication and access control, it is possible for an unauthorized person to gain access to the data. Encryption is a process of encoding data upon its transmission or storage so that only authorized individuals can read it. This encoding is accomplished by software which encodes the plain text that needs to be transmitted (encryption). Then the recipient receives the cipher text and decodes it (decryption). In order for this to work, the sender and receiver need to agree on the method of encoding so that both parties have the same message. Known as symmetric key encryption, both parties share the encryption key, enabling them to encode and decode each other’s messages. An alternative to symmetric key encryption is public key encryption. In public key encryption, two keys are used: a public key and a private key. To send an encrypted message, you obtain the public key, encode the message, and send it. The recipient then uses their private key to decode it. The public key can be given to anyone who wishes to send the recipient a message. Each user simply needs one private key and one public key in order to secure messages. The private key is necessary in order to decrypt a message sent with the public key. Notice in the image how the sender on the left creates a plaintext message which is then encrypted with a public key. The ciphered text is transmitted through the communication channel and the recipient uses their private key to decrypt the message and then read the plain text. Chapter 6: Information Systems Security | 129 Public Key Encryption Sidebar: Blockchain and Bitcoin Blockchain Introduced in 2008 as part of a proposal for Bitcoin, Blockchain is a peer-to-peer network which provides an open, distributed record of transactions between two parties. A “peer-to-peer” network is one where there is no server between the two nodes trying to communicate. Essentially, this means that each node acts as a server and a client. 130 | Information Systems for Business and Beyond (2019) Supporters see blockchain as a tool to simplify all types of transactions: payments, contracts, etc. Motivation comes from the desire to remove the middleman (lawyer, banker, broker) from transactions, making them more efficient and readily available across the Internet. Blockchain is already being used to track products through supply chains. Blockchain is considered a foundational technology, potentially creating new foundations in economics and social systems. There are numerous concerns about Blockchain and its adoption. Consider the following: • Speed of adoption. Initially there is a great deal of enthusiasm by a small group. However, adoption on a larger scale can take a great number of years even decades for a worldwide acceptance of a new method of doing business. • Governance. The banking sector, both in individual countries (U. S. Federal Reserve System) and the world at large (the International Monetary Fund), controls financial transactions. One purpose of these organizations is an attempt to avoid banking and financial systems collapse. Blockchain will result in the governance of financial transactions shifting away from these government-controlled institutions. • Smart contracts. The smart contract will re-shape how businesses interact. It is possible for blockchain to automatically send payment to a vendor the instant the product is delivered to the customer. Such “self-executing” contracts are already taking place in banking and venture capital funding. 1 Many are forecasting some universal form of payment or value transfer for business transactions. Blockchain and Bitcoin are being used to transform banking in various locations around the world. 1. [9] Chapter 6: Information Systems Security | 131 The following Bitcoin section includes a look at a new banking venture in Tanzania, East Africa. Bitcoin Bitcoin logo Bitcoin is a world wide payment system using cryptocurrency. It functions without a central bank, operating as a peer-to-peer network with transactions happening directly between vendors and buyers. Records for transactions are recorded in the blockchain. Bitcoin technology was released in 2009. The University of Cambridge estimated there were 2.9 and 5.8 million unique users of bitcoin in 2017.2 This web site provides more information about bitcoin. A major bitcoin project is underway in Tanzania. Business transactions in this East African country are fraught with many challenges such as counterfeit currency and a 28% transaction fee on individuals who do not have a bank account. Seventy percent of the country’s population fall into this category. Benjamin Fernandes, 2. [10] 132 | Information Systems for Business and Beyond (2019) a Tanzanian and 2017 graduate of Stanford Graduate School of Business, is co-founder of NALA, a Tanzanian firm working to bring cryptocurrency to a country where 96% of the population have access to mobile devices. NALA’s goal is to provide low cost transactions to all of the country’s citizens through cryptocurrency.3 You can read more of this cryptocurrency venture here. Backups Another essential tool for information security is a comprehensive backup plan for the entire organization. Not only should the data on the corporate servers be backed up, but individual computers used throughout the organization should also be backed up. A good backup plan should consist of several components. • Full understanding of the organization’s information resources. What information does the organization actually have? Where is it stored? Some data may be stored on the organization’s servers, other data on users’ hard drives, some in the cloud, and some on third-party sites. An organization should make a full inventory of all of the information that needs to be backed up and determine the best way to back it up. • Regular backups of all data. The frequency of backups should be based on how important the data is to the company, combined with the ability of the company to replace any data that is lost. Critical data should be backed up daily, while less 3. [11] Chapter 6: Information Systems Security | 133 critical data could be backed up weekly. Most large organizations today use data redundancy so their records are always backed up. • Offsite storage of backup data sets. If all backup data is being stored in the same facility as the original copies of the data, then a single event such as an earthquake, fire, or tornado would destroy both the original data and the backup. It is essential the backup plan includes storing the data in an offsite location. • Test of data restoration. Backups should be tested on a regular basis by having test data deleted then restored from backup. This will ensure that the process is working and will give the organization confidence in the backup plan. Besides these considerations, organizations should also examine their operations to determine what effect downtime would have on their business. If their information technology were to be unavailable for any sustained period of time, how would it impact the business? Additional concepts related to backup include the following: • Uninterruptible Power Supply (UPS). A UPS provides battery backup to critical components of the system, allowing them to stay online longer and/or allowing the IT staff to shut them down using proper procedures in order to prevent data loss that might occur from a power failure. • Alternate, or “hot” sites. Some organizations choose to have an alternate site where an exact replica of their critical data is always kept up to date. When the primary site goes down, the alternate site is immediately brought online so that little or no downtime is experienced. As information has become a strategic asset, a whole industry has sprung up around the technologies necessary for implementing a proper backup strategy. A company can contract with a service 134 | Information Systems for Business and Beyond (2019) Diagram of a network configuration with firewalls, a router, and a DMZ. provider to back up all of their data or they can purchase large amounts of online storage space and do it themselves. Technologies such as Storage Area Networks (SAN) and archival systems are now used by most large businesses for data backup. Firewalls Firewalls are another method that an organization can use for increasing security on its network. A firewall can exist as hardware or software, or both. A hardware firewall is a device that is connected to the network and filters the packets based on a set of rules. One example of these rules would be preventing packets entering the local network that come from unauthorized users. A software firewall runs on the operating system and intercepts packets as they arrive to a computer. A firewall protects all company servers and computers by stopping packets from outside the organization’s network that do not meet a strict set of criteria. A firewall may also be configured to restrict the flow of packets leaving the organization. This may be done to eliminate the possibility of employees watching YouTube videos or using Facebook from a company computer. A demilitarized zone (DMZ) implements multiple firewalls as part of network security configuration, creating one or more sections of their network that are partially secured. The DMZ typically contains resources that need broader access but still need to be secured. Chapter 6: Information Systems Security | 135 Intrusion Detection Systems Intrusion Detection Systems (IDS) can be placed on the network for security purposes. An IDS does not add any additional security. Instead, it provides the capability to identify if the network is being attacked. An IDS can be configured to watch for specific types of activities and then alert security personnel if that activity occurs. An IDS also can log various types of traffic on the network for analysis later. It is an essential part of any good security system. Sidebar: Virtual Private Networks Using firewalls and other security technologies, organizations can effectively protect many of their information resources by making them invisible to the outside world. But what if an employee working from home requires access to some of these resources? What if a consultant is hired who needs to do work on the internal corporate network from a remote location? In these cases, a Virtual Private Network (VPN) is needed. 136 | Information Systems for Business and Beyond (2019) Diagram of VPN (click to enlarge). Attribution to Ludovic.ferre. A VPN allows a user who is outside of a corporate network to take a detour around the firewall and access the internal network from the outside. Through a combination of software and security measures, a VPN provides off-site access to the organization’s network while ensuring overall security. The Internet cloud is essentially an insecure channel through which people communicate to various web sites/servers. Implementing a VPN results in a secure pathway, usually referred to as a tunnel, through the insecure cloud, virtually guaranteeing secure access to the organization’s resources. The diagram represents security by way of the functionality of a VPN as it “tunnels” through the insecure Internet Cloud. Notice that the remote user is given access to the organization’s intranet, as if the user was physically located within the intranet. Chapter 6: Information Systems Security | 137 Physical Security An organization can implement the best authentication scheme in the world, develop superior access control, and install firewalls and intrusion detection, but its security cannot be complete without implementation of physical security. Physical security is the protection of the actual hardware and networking components that store and transmit information resources. To implement physical security, an organization must identify all of the vulnerable resources and take measures to ensure that these resources cannot be physically tampered with or stolen. These measures include the following. • Locked doors. It may seem obvious, but all the security in the world is useless if an intruder can simply walk in and physically remove a computing device. High value information assets should be secured in a location with limited access. • Physical intrusion detection. High value information assets should be monitored through the use of security cameras and other means to detect unauthorized access to the physical locations where they exist. • Secured equipment. Devices should be locked down to prevent them from being stolen. One employee’s hard drive could contain all of your customer information, so it is essential that it be secured. • Environmental monitoring. An organization’s servers and other high value equipment should always be kept in a room that is monitored for temperature, humidity, and airflow. The risk of a server failure rises when these factors exceed acceptable ranges. • Employee training. One of the most common ways thieves steal corporate information is the theft of employee laptops while employees are traveling. Employees should be trained to secure their equipment whenever they are away from the 138 | Information Systems for Business and Beyond (2019) office. Security Policies Besides the technical controls listed above, organizations also need to implement security policies as a form of administrative control. In fact, these policies should really be a starting point in developing an overall security plan. A good information security policy lays out the guidelines for employee use of the information resources of the company and provides the company recourse in the event that an employee violates a policy. According to the SANS Institute, a good policy is “a formal, brief, and high-level statement or plan that embraces an organization’s general beliefs, goals, objectives, and acceptable procedures for a specified subject area.” Policies require compliance. Failure to comply with a policy will result in disciplinary action. A policy does not list the specific technical details, instead it focuses on the desired results. A security policy should be based on the guiding principles of confidentiality, integrity, and availability.4 Web use is a familiar example of a security policy. A web use policy lays out the responsibilities of company employees as they use company resources to access the Internet. A good example of a web use policy is included in Harvard University’s “Computer Rules and Responsibilities” policy, which can be found here. A security policy should also address any governmental or industry regulations that apply to the organization. For example, if the organization is a university, it must be aware of the Family Educational Rights and Privacy Act (FERPA), which restricts access to student information. Health care organizations are obligated to 4. [2] Chapter 6: Information Systems Security | 139 follow several regulations, such as the Health Insurance Portability and Accountability Act (HIPAA). A good resource for learning more about security policies is the SANS Institute’s Information Security Policy Page. Sidebar: Mobile Security As the use of mobile devices such as laptops and smartphones proliferates, organizations must be ready to address the unique security concerns that the use of these devices bring. One of the first questions an organization must consider is whether to allow mobile devices in the workplace at all. Many employees already have these devices, so the question becomes: Should we allow employees to bring their own devices and use them as part of their employment activities? Or should we provide the devices to our employees? Creating a BYOD (“Bring Your Own Device”) policy allows employees to integrate themselves more fully into their job and can bring higher employee satisfaction and productivity. In many cases, it may be virtually impossible to prevent employees from having their own smartphones or laptops in the workplace. If the organization provides the devices to its employees, it gains more control over use of the devices, but it also increases the burden of having to administrate distribution and use. Mobile devices can pose many unique security challenges to an organization. Probably one of the biggest concerns is theft of intellectual property. For an employee with malicious intent, it would be a very simple process to connect a mobile device either to a computer via the USB port, or wirelessly to the corporate network, and download confidential data. It would also be easy to secretly take a high-quality picture using a built-in camera. When an employee does have permission to access and save 140 | Information Systems for Business and Beyond (2019) company data on his or her device, a different security threat emerges. Namely, that device now becomes a target for thieves. Theft of mobile devices (in this case, including laptops) is one of the primary methods that data thieves use. So what can be done to secure mobile devices? Begin with a good policy regarding their use. According to a 2013 SANS study, organizations should consider developing a mobile device policy that addresses the following issues: use of the camera, use of voice recording, application purchases, encryption at rest, Wi-Fi autoconnect settings, Bluetooth settings, VPN use, password settings, lost or stolen device reporting, and backup. 5 Besides policies, there are several different tools that an organization can use to mitigate some of these risks. For example, if a device is stolen or lost, geolocation software can help the organization find it. In some cases, it may even make sense to install remote data removal software, which will remove data from a device if it becomes a security risk. Usability When looking to secure information resources, organizations must balance the need for security with users’ needs to effectively access and use these resources. If a system’s security measures make it difficult to use, then users will find ways around the security, which may make the system more vulnerable than it would have been without the security measures. Consider password policies. If the organization requires an extremely long password with several 5. [3] Chapter 6: Information Systems Security | 141 Stop.Think.Connect. poster (click to enlarge) special characters, an employee may resort to writing it down and putting it in a drawer since it will be impossible to memorize. Personal Information Security As a final topic for this chapter, consider what measures each of us, as individual users, can take to secure our computing technologies. There is no way to have 100% security, but there are several simple steps each individual can take to be more secure. • Keep your software up to date. Whenever a software vendor determines that a security flaw has been found in their software, an update will be released so you can download the patch to fix the problem. You should turn on automatic updating on your computer to automate this process. • Install antivirus software and keep it up to date. There are many good antivirus software packages on the market today, including some that are free. • Be smart about your connections. You should be aware of your surroundings. When connecting to a Wi-Fi network in a public place, be aware that you could be at risk of being spied on by others sharing that network. It is advisable not to access your financial or personal data while attached to a Wi-Fi hotspot. You should also be aware that connecting USB flash 142 | Information Systems for Business and Beyond (2019),2817,2388652,00.asp drives to your device could also put you at risk. Do not attach an unfamiliar flash drive to your device unless you can scan it first with your security software. • Backup your data. Just as organizations need to backup their data, individuals need to so as well. The same rules apply. Namely, do it regularly and keep a copy of it in another location. One simple solution for this is to set up an account with an online backup service to automate your backups. • Secure your accounts with two-factor authentication. Most e-mail and social media providers now have a two-factor authentication option. When you log in to your account from an unfamiliar computer for the first time, it sends you a text message with a code that you must enter to confirm that you are really you. This means that no one else can log in to your accounts without knowing your password and having your mobile phone with them. • Make your passwords long, strong, and unique. Your personal passwords should follow the same rules that are recommended for organizations. Your passwords should be long (at least 12 random characters) and contain at least two of the following: uppercase and lowercase letters, digits, and special characters. Passwords should not include words that could be tied to your personal information, such as the name of your pet. You also should use different passwords for different accounts, so that if someone steals your password for one account, they still are locked out of your other accounts. • Be suspicious of strange links and attachments. When you receive an e-mail, tweet, or Facebook post, be suspicious of any links or attachments included there. Do not click on the link directly if you are at all suspicious. Instead, if you want to access the website, find it yourself with your browser and navigate to it directly. The I Love You virus was distributed via email in May 2000 and contained an attachment which when opened copied itself into numerous folders on the user’s computer and modified the operating system settings. An Chapter 6: Information Systems Security | 143 estimated 50,000 computers were affected, all of which could have been avoided if users had followed the warning to not open the attachment. You can find more about these steps and many other ways to be secure with your computing by going to Stop. Think. Connect. This website is part of a campaign by the STOP. THINK. CONNECT. Messaging Convention in partnership with the U.S. government, including the White House. Summary As computing and networking resources have become more an integral part of business, they have also become a target of criminals. Organizations must be vigilant with the way they protect their resources. The same holds true for individuals. As digital devices become more intertwined in everyone’s life, it becomes crucial for each person to understand how to protect themselves. Study Questions 1. Briefly define each of the three members of the information security triad. 2. What does the term authentication mean? 3. What is multi-factor authentication? 4. What is role-based access control? 5. What is the purpose of encryption? 144 | Information Systems for Business and Beyond (2019) 6. What are two good examples of a complex password? 7. What is pretexting? 8. What are the components of a good backup plan? 9. What is a firewall? 10. What does the term physical security mean? Exercises 1. Describe one method of multi-factor authentication that you have experienced and discuss the pros and cons of using multi-factor authentication. 2. What are some of the latest advances in encryption technologies? Conduct some independent research on encryption using scholarly or practitioner resources, then write a two- to three-page paper that describes at least two new advances in encryption technology. 3. Find favorable and unfavorable articles about both blockchain and bitcoin. Report your findings, then state your own opinion about these technologies 4. What is the password policy at your place of employment or study? Do you have to change passwords every so often? What are the minimum requirements for a password? 5. When was the last time you backed up your data? What method did you use? In one to two pages, describe a method for backing up your data. Ask your instructor if you can get extra credit for backing up your data. 6. Find the information security policy at your place of employment or study. Is it a good policy? Does it meet the standards outlined in the chapter? 7. How diligent are you in keeping your own information secure? Review the steps listed in the chapter and comment on your security status. Chapter 6: Information Systems Security | 145 Labs 1. The Caesar Cipher. One of the oldest methods of encryption was used by Julius Caesar and involved simply shifting text a specified number of positions in the alphabet. The number of shifted positions is known as the key. So a key = 3 would encrypt ZOO to CRR. Decrypt the following message which has a key = 3: FRPSXWHU 2. The Vigenere Cipher. This cipher was used as recently as the Civil War by the Confederate forces. The key is slightly more complex than the Caesar Cipher. Vigenere used the number of letters after ‘A’ for his key. For example, if the key = COD, the first letter in the cypher is shifted 2 characters (because “C” is 2 letters after the letter ‘A’), the second letter is shifted 14 letters (O being 14 letters after ‘A’), and the third letter is shifted 3 letters (D being 3 letters after ‘A’). Then the pattern is repeated for subsequent letters. Decrypt the following message which has a key = COD: YSPGSWCHGCKQ 3. Frequency and Pattern Analysis. If you’ve ever watched Wheel of Fortune you know that contestants look for patterns and frequencies in trying to solve a puzzle. Your job in this lab is to analyze letter frequency and letter patterns to determine the plaintext message which in this case is a single word. The key is a simple substitution where the same letter in plaintext always results in the same letter in the cyphertext. The most frequently used letters in the English language are: E, A, O , I, T, S, N. Pattern analysis includes knowing words that have double letters such as “school.” Other patterns include “ing” at the end of a word, “qu” and “th” as a pairs of letters.Cyphertext = CAGGJWhat is the key and the plaintext? 1. Gallagher, S. (2012, November 3). Born to be 146 | Information Systems for Business and Beyond (2019) breached. Arstechnica. Retrieved from born-to-be-breached-the-worst-passwords-are-still-the- most-common/ 2. SANS Institute. (n.d.). Information Security Policy Templates. Retrieved from policies/Policy_Primer on May 31, 2013. 3. SANS. (n.d.). SCORE: Checklists and Step by Step Guides. Retrieved from mobile-device-checklist.xls 4. Iansiti, M. and Lakhani, K. R. (2017, January). The truth about blockchain. Harvard Business Review. Retrieved from↵ 5. Wikipedia. (n.d.). Bitcoin. Harvard Business Review. Retrieved from↵ 6. Fernandes, B. (2017, October 20). Personal telephone interview↵ Chapter 6: Information Systems Security | 147 PART II: INFORMATION SYSTEMS FOR STRATEGIC ADVANTAGE Part II: Information Systems for Strategic Advantage | 149 Chapter 7: Does IT Matter? Learning Objectives Upon successful completion of this chapter, you will be able to: • define the productivity paradox and explain the current thinking on this topic; • evaluate Carr’s argument in “Does IT Matter?”; • describe the components of competitive advantage; and • describe information systems that can provide businesses with competitive advantage. Introduction For over fifty years, computing technology has been a part of business. Organizations have spent trillions of dollars on information technologies. But has all this investment in IT made a difference? Have there been increases in productivity? Are companies that invest in IT more competitive? This chapter looks at the value IT can bring to an organization and attempts to answer Chapter 7: Does IT Matter? | 151 these questions. Two important works in the past two decades have attempted to address this issue. The Productivity Paradox In 1991, Erik Brynjolfsson wrote an article, published in the Communications of the ACM, entitled “The Productivity Paradox of Information Technology: Review and Assessment.” After reviewing studies about the impact of IT investment on productivity, Brynjolfsson concluded that the addition of information technology to business had not improved productivity at all. He called this the “productivity paradox.” While he did not draw any specific conclusions from his work, 1 he did provide the following analysis. Although it is too early to conclude that IT’s productivity contribution has been subpar, a paradox remains in our inability to unequivocally document any contribution after so much effort. The various explanations that have been proposed can be grouped into four categories: 1) Mismeasurement of outputs and inputs 2) Lags due to learning and adjustment 3) Redistribution and dissipation of profits 4) Mismanagement of information and technology In 1998, Brynjolfsson and Lorin Hitt published a follow-up paper entitled “Beyond the Productivity Paradox [2] In this paper, the authors utilized new data that had been collected and found that IT did, indeed, provide a positive result for businesses. Further, they found that sometimes the true advantages in using technology 1. [1] 152 | Information Systems for Business and Beyond (2019) were not directly relatable to higher productivity, but to “softer” measures, such as the impact on organizational structure. They also found that the impact of information technology can vary widely between companies. IT Doesn’t Matter Just as a consensus was forming about the value of IT, the Internet stock market bubble burst. Two years later in 2003, Harvard professor Nicholas Carr wrote his article “IT Doesn’t Matter” in the Harvard Business Review. In this article Carr asserted that as information technology had become ubiquitous, it has also become less of a differentiator, much like a commodity. Products that have the same features and are virtually indistinguishable are considered to be commodities. Price and availability typically become the only discriminators when selecting a source for a commodity. In Carr’s view all information technology was the same, delivering the same value regardless of price or supplier. Carr suggested that since IT is essentially a commodity, it should be managed like one. Just select the one with the lowest cost this is most easily accessible. He went on to say IT management should see themselves as a utility within the company and work to keep costs down. For Carr IT’s goal is to provide the best service with minimal downtime. Carr saw no competitive advantage to be gained through information technology. As you can imagine, this article caused quite an uproar, especially from IT companies. Many articles were written in defense of IT while others supported Carr. In 2004 Carr released a book based on the article entitled Does IT Matter? A year later he was interviewed by CNET on the topic “IT still doesn’t matter.” Click here to watch the video of Carr being interviewed about his book on CNET. Probably the best thing to come out of the article and subsequent book were discussions on the place of IT in a business strategy, and Chapter 7: Does IT Matter? | 153 exactly what role IT could play in competitive advantage. That is the question to be addressed in this chapter. Competitive Advantage What does it mean when a company has a competitive advantage? What are the factors that play into it? Michael Porter in his book Competitive Advantage: Creating and Sustaining Superior Performance. writes that a company is said to have a competitive advantage over its rivals when it is able to sustain profits that exceed the average for the industry. According to Porter, there are two primary methods for obtaining competitive advantage: cost advantage and differentiation advantage. 2 So the question for I.T. becomes: How can information technology be a factor in one or both of these methods? The following sections address this question by using two of Porter’s analysis tools: the value chain and the five forces model. Porter’s analysis in his 2001 article “Strategy and the Internet,” which examines the impact of the Internet on business strategy and competitive advantage, will be used to shed further light on the role of information technology in gaining competitive advantage.3 2. [3] 3. [4] 154 | Information Systems for Business and Beyond (2019) Diagram of Porter’s Value Chain (click to enlarge) The Value Chain In his book Competitive Advantage: Creating and Sustaining Performance Porter describes exactly how a company can create value and therefore profit. Value is built through the value chain: a series of activities undertaken by the company to produce a product or service. Each step in the value chain contributes to the overall value of a product or service. While the value chain may not be a perfect model for every type of company, it does provide a way to analyze just how a company is producing value. The value chain is made up of two sets of activities: primary activities and support activities. An explanation of these activities and a discussion of how information technology can play a role in creating value by contributing to cost advantage or differentiation advantage appears next. Primary activities are the functions that directly impact the creation of a product or service. The goal of a primary activity is to add value that is greater than the cost of that activity. The primary activities are: • Inbound logistics. These are the processes that bring in raw materials and other needed inputs. Information technology can be used to make these processes more efficient, such as with supply-chain management systems which allow the suppliers to manage their own inventory. • Operations. Any part of a business that converts the raw materials into a final product or service is a part of operations. Chapter 7: Does IT Matter? | 155 From manufacturing to business process management (covered in Chapter 8), information technology can be used to provide more efficient processes and increase innovation through flows of information. • Outbound logistics. These are the functions required to get the product out to the customer. As with inbound logistics, IT can be used here to improve processes, such as allowing for real-time inventory checks. IT can also be a delivery mechanism itself. • Sales/Marketing. The functions that will entice buyers to purchase the products are part of sales and marketing. Information technology is used in almost all aspects of this activity. From online advertising to online surveys, IT can be used to innovate product design and reach customers as never before. The company website can be a sales channel itself. • Service. Service activity involves the functions a business performs after the product has been purchased to maintain and enhance the product’s value. Service can be enhanced via technology as well, including support services through websites and knowledge bases. The support activities are the functions in an organization that support all of the primary activities. Support activities can be considered indirect costs to the organization. The support activities are: • Firm infrastructure. An organization’s infrastructure includes finance, accounting, ERP systems (covered in Chapter 9) and quality control. All of these depend on information technology and represent functions where I.T. can have a positive impact. • Human Resource Management Human Resource Management (HRM) consists of recruiting, hiring, and other services needed to attract and retain employees. Using the Internet, HR departments can increase their reach when looking for candidates. I.T. also allows employees to use technology for a 156 | Information Systems for Business and Beyond (2019) Porter’s Five Forces (click to enlarge) more flexible work environment. • Technology development. Technology development provides innovation that supports primary activities. These advances are integrated across the firm to add value in a variety of departments. Information technology is the primary generator of value in this support activity. • Procurement. Procurement focuses on the acquisition of raw materials used in the creation of products. Business-to- business e-commerce can be used to improve the acquisition of materials. This analysis of the value chain provides some insight into how information technology can lead to competitive advantage. Another important concept from Porter is the “Five Forces Model.” Porter’s Five Forces Porter developed the Five Forces model as a framework for industry analysis. This model can be used to help understand the degree of competition in an industry and analyze its strengths and weaknesses. The model consists of five elements, each of which plays a role in determining the average profitability of an industry. In 2001 Porter wrote an article entitled ”Strategy and the Internet,” in which he takes this model and looks at how the Internet impacts the profitability of an industry. Below is a quick summary of each of the Five Forces and the impact of the Internet. • Threat of substitute products or services. The first force Chapter 7: Does IT Matter? | 157 challenges the user to consider the likelihood of another produce or service replacing the product or service you offer. The more types of products or services there are that can meet a particular need, the less profitability there will be in an industry. In the communications industry, the smartphone has largely replaced the pager. In some construction projects, metal studs have replaced wooden studs for framing. The Internet has made people more aware of substitute products, driving down industry profits in those industries in which substitution occurs. Please notice that substitution refers to a product being replaced by a similar product for the purpose of accomplishing the same task. It does not mean dissimilar products or services such as flying to a destination rather than traveling by rail. • Bargaining power of suppliers. A supplier’s bargaining power is strong when there are few suppliers from which your company can obtain a needed product or service. Conversely, when they are many suppliers their bargaining power is lower since your company would have many sources from which to source a product. When your company has several suppliers to choose from, you can negotiate a lower price. When a sole supplier exists, then your company is at the mercy of the supplier. For example, if only one company makes the controller chip for a car engine, that company can control the price, at least to some extent. The Internet has given companies access to more suppliers, driving down prices. • Bargaining power of customers. A customer’s bargaining power is strong when your company along with your competitors is attempting to provide the same product to this customer. In this instance the customer has many sources from which to source a product so they can approach your company and seek a price reduction. If there are few suppliers in your industry, then the customer’s bargaining power is considered low. • Barriers to entry. The easier it is to enter an industry, the 158 | Information Systems for Business and Beyond (2019) more challenging it will be to make a profit in that industry. Imagine you are considering starting a lawn mowing business. The entry barrier is very low since all you need is a law mower. No special skills or licenses are required. However, this means your neighbor next door may decide to start mowing lawns also, resulting in increased competition. In contrast a highly technical industry such as manufacturing of medical devices has numerous barriers to entry. You would need to find numerous suppliers for various components, hire a variety of highly skilled engineers, and work closely with the Food and Drug Administration to secure approval for the sale of your products. In this example the barriers to entry are very high so you should expect few competitors. • Rivalry among existing competitors: Rivalry among existing competitors helps you evaluate your entry into the market. When rivalry is fierce, each competitor is attempting to gain additional market share from the others. This can result in aggressive pricing, increasing customer support, or other factors which might lure a customer away from a competitor. Markets in which rivalry is low may be easier to enter and become profitable sooner because all of the competitors are accepting of each other’s presence. Porter’s five forces are used to analyze an industry to determine the average profitability of a company within that industry. Adding in Porter’s analysis of the Internet to his Five Forces results in the realization that technology has lowered overall profitability. 4 4. [5] Chapter 7: Does IT Matter? | 159 Using Information Systems for Competitive Advantage Having learned about Porter’s Five Forces and their impact on a firm’s ability to generate a competitive advantage, it is time to look at some examples of competitive advantage. A strategic information system is designed specifically to implement an organizational strategy meant to provide a competitive advantage. These types of information systems began popping up in the 1980s, as noted in a paper by Charles Wiseman entitled “Creating Competitive Weapons From Information Systems.”5 A strategic information system attempts to do one or more of the following: • Deliver a product or a service at a lower cost; • Deliver a product or service that is differentiated; • Help an organization focus on a specific market segment; • Enable innovation. Here are some examples of information systems that fall into this category. Business Process Management Systems In their book, IT Doesn’t Matter – Business Processes Do, Howard Smith and Peter Fingar argue that it is the integration of information systems with business processes that leads to competitive advantage. The authors state that Carr’s article is dangerous because it gave CEOs and IT managers approval to start cutting 5. [6] 160 | Information Systems for Business and Beyond (2019) Comparison of process with and without EDI (click to enlarge) their technology budgets, putting their companies in peril. True competitive advantage can be found with information systems that support business processes. Chapter 8 focuses on the use of business processes for competitive advantage. Electronic Data Interchange Electronic Data Interchange (EDI) provides a competitive advantage through integrating the supply chain electronically. EDI can be thought of as the computer-to-computer exchange of business documents in a standard electronic format between business partners. By integrating suppliers and distributors via EDI, a company can vastly reduce the resources required to manage the relevant information. Instead of manually ordering supplies, the company can simply place an order via the computer and the products are ordered. Chapter 7: Does IT Matter? | 161 Collaborative Systems As organizations began to implement networking technologies, information systems emerged that allowed employees to begin collaborating in different ways. These systems allowed users to brainstorm ideas together without the necessity of physical, face- to-face meetings. Tools such as video conferencing with Skype or WebEx, collaboration and document sharing with Microsoft SharePoint, and project management with SAP’s Project System make collaboration possible in a variety of endeavors. Broadly speaking, any software that allows multiple users to interact on a document or topic could be considered collaborative. Electronic mail, a shared Word document, and social networks fall into this broad definition. However, many software tools have been created that are designed specifically for collaborative purposes. These tools offer a broad spectrum of collaborative functions. Here is just a short list of some collaborative tools available for businesses today: • Google Drive. Google Drive offers a suite of office applications (such as a word processor, spreadsheet, drawing, presentation) that can be shared between individuals. Multiple users can edit the documents at the same time and the threaded comments option is available. • Microsoft SharePoint. SharePoint integrates with Microsoft Office and allows for collaboration using tools most office workers are familiar with. SharePoint was covered in greater detail in chapter 5. • Cisco WebEx. WebEx combines video and audio communications and allows participants to interact with each other’s computer desktops. WebEx also provides a shared whiteboard and the capability for text-based chat to be going on during the sessions, along with many other features. Mobile editions of WebEx allow for full participation using 162 | Information Systems for Business and Beyond (2019) smartphones and tablets. • GitHub. Programmers/developers use GitHub for web-based team development of computer software. Decision Support Systems A decision support system (DSS) helps an organization make a specific decision or set of decisions. DSSs can exist at different levels of decision-making within the organization, from the CEO to first level managers. These systems are designed to take inputs regarding a known (or partially-known) decision making process and provide the information necessary to make a decision. DSSs generally assist a management level person in the decision-making process, though some can be designed to automate decision- making. An organization has a wide variety of decisions to make, ranging from highly structured decisions to unstructured decisions. A structured decision is usually one that is made quite often, and one in which the decision is based directly on the inputs. With structured decisions, once you know the necessary information you also know the decision that needs to be made. For example, inventory reorder levels can be structured decisions. Once your inventory of widgets gets below a specific threshold, automatically reorder ten more. Structured decisions are good candidates for automation, but decision-support systems are generally not built for them. An unstructured decision involves a lot of unknowns. Many times unstructured decisions are made for the first time. An information system can support these types of decisions by providing the decision makers with information gathering tools and collaborative capabilities. An example of an unstructured decision might be Chapter 7: Does IT Matter? | 163 dealing with a labor issue or setting policy for the implementation of a new technology. Decision support systems work best when the decision makers are having to make semi-structured decisions. A semi-structured decision is one in which most of the factors needed for making the decision are known but human experience and other outside factors may still impact the decision. A good example of an semi-structured decision would be diagnosing a medical condition (see sidebar). As with collaborative systems, DSSs can come in many different formats. A nicely designed spreadsheet that allows for input of specific variables and then calculates required outputs could be considered a DSS. Another DSS might be one that assists in determining which products a company should develop. Input into the system could include market research on the product, competitor information, and product development costs. The system would then analyze these inputs based on the specific rules and concepts programmed into it. The system would report its results with recommendations and/or key indicators to be used in making a decision. A DSS can be looked at as a tool for competitive advantage because it can give an organization a mechanism to make wise decisions about products and innovations. 164 | Information Systems for Business and Beyond (2019) Isabel screen shot Sidebar: Isabel – A Health Care DSS A discussed in the text, DSSs are best applied to semi- structured decisions, in which most of the needed inputs are known but human experience and environmental factors also play a role. A good example for today is Isabel, a health care DSS. The creators of Isabel explain how it works: Isabel uses the information routinely captured during your workup, whether free text or structured data, and instantaneously provides a diagnosis checklist for review. The checklist contains a list of possible diagnoses with critical “Don’t Miss Diagnoses” flagged. When integrated into your Electronic Medical Records (EMR) system, Isabel can provide “one click” seamless diagnosis support with no additional data entry. 6 Investing in IT for Competitive Advantage In 2008, Brynjolfsson and McAfee published a study in the Harvard Business Review on the role of IT in competitive advantage, entitled 6. [7] Chapter 7: Does IT Matter? | 165 “Investing in the IT That Makes a Competitive Difference.” Their study confirmed that IT can play a role in competitive advantage if deployed wisely. In their study, they drew three conclusions7: • First, the data show that IT has sharpened differences among companies instead of reducing them. This reflects the fact that while companies have always varied widely in their ability to select, adopt, and exploit innovations, technology has accelerated and amplified these differences. • Second, good management matters. Highly qualified vendors, consultants, and IT departments might be necessary for the successful implementation of enterprise technologies themselves, but the real value comes from the process innovations that can now be delivered on those platforms. Fostering the right innovations and propagating them widely are both executive responsibilities – ones that can’t be delegated. • Finally, the competitive shakeup brought on by IT is not nearly complete, even in the IT-intensive US economy. You can expect to see these altered competitive dynamics in other countries, as well, as their IT investments grow. Information systems can be used for competitive advantage, but they must be used strategically. Organizations must understand how they want to differentiate themselves and then use all the elements of information systems (hardware, software, data, people, and process) to accomplish that differentiation. 7. [8] 166 | Information Systems for Business and Beyond (2019) Summary Information systems are integrated into all components of business today, but can they bring competitive advantage? Over the years, there have been many answers to this question. Early research could not draw any connections between IT and profitability, but later studies have shown that the impact can be positive. IT is not a panacea. Just purchasing and installing the latest technology will not by itself make a company more successful. Instead, the combination of the right technologies and good management will give a company the best chance for a positive result. Study Questions 1. What is the productivity paradox? 2. Summarize Carr’s argument in “Does IT Matter.” 3. How is the 2008 study by Brynjolfsson and McAfee different from previous studies? How is it the same? 4. What does it mean for a business to have a competitive advantage? 5. What are the primary activities and support activities of the value chain? 6. What has been the overall impact of the Internet on industry profitability? Who has been the true winner? 7. How does EDI work? 8. Give an example of a semi-structured decision and explain what inputs would be necessary to provide assistance in making the decision. 9. What does a collaborative information system do? 10. How can IT play a role in competitive advantage, according to Chapter 7: Does IT Matter? | 167 the 2008 article by Brynjolfsson and McAfee? Exercises 1. Analyze Carr’s position in regards to PC vs. Mac, Open Office vs. Microsoft Office, and Microsoft Powerpoint vs. Tableau. 2. Do some independent research on Nicholas Carr (the author of “IT Doesn’t Matter”) and explain his current position on the ability of IT to provide competitive advantage. 3. Review the WebEx website. What features of WebEx would contribute to good collaboration? Compare WebEx with other collaboration tools such as Skype or Google Hangouts? Lab 1. Think of a semi-structured decision that you make in your daily life and build your own DSS using a spreadsheet that would help you make that decision. 1. Brynjolfsson, E. (1994). The Productivity Paradox of Information Technology: Review and Assessment. Center for Coordination Science MIT Sloan School of Management: Cambridge, Massachusetts.↵ 2. Brynjolfsson, E. and Hitt, L. (1998). Beyond the Productivity Paradox. Communications of the ACM, 41, 49–55. ↵ 3. Porter, M. (1985). Competitive Advantage: Creating and Sustaining Superior Performance. New York: The Free Press. ↵ 4. Porter, M. (2001, March). Strategy and the Internet. Harvard 168 | Information Systems for Business and Beyond (2019) Business Review, 79 ,3. Retrieved from item/2165.html ↵ 5. Porter, M. (2001, March). Strategy and the Internet. Harvard Business Review, 79, 3. Retrieved from item/2165.html↵ 6. Wiseman, C. and MacMillan, I. C. (1984). Creating Competitive Weapons From Information Systems. Journal Of Business Strategy, 5(2)., 42.↵ 7. Isabel. (n.d.). Broaden Your Differential Diagnosis. Retrieved from ↵ 8. McAfee, A. and Brynjolfsson, E. (2008, July-August). Investing in the IT That Makes a Competitive Difference. Harvard Business Review.↵ Chapter 7: Does IT Matter? | 169 Chapter 8: Business Processes Learning Objectives Upon successful completion of this chapter, you will be able to: • define the term business process; • understand the tools of documentation of business processes; • identify the different systems needed to support business processes in an organization; • explain the value of an enterprise resource planning (ERP) system; • explain how business process management and business process reengineering work; and • understand how information technology combined with business processes can bring an organization competitive advantage. Introduction The fourth component of information systems is process. But what is a process and how does it tie into information systems? And in what 170 | Chapter 8: Business Processes ways do processes have a role in business? This chapter looks to answer those questions and also describe how business processes can be used for strategic advantage. What Is a Business Process? We have all heard the term process before, but what exactly does it mean? A process is a series of tasks that are completed in order to accomplish a goal. A business process, therefore, is a process that is focused on achieving a goal for a business. Processes are something that businesses go through every day in order to accomplish their mission. The better their processes, the more effective the business. Some businesses see their processes as a strategy for achieving competitive advantage. A process that achieves its goal in a unique way can set a company apart. A process that eliminates costs can allow a company to lower its prices (or retain more profit). If you have worked in a business setting, you have participated in a business process. Anything from a simple process for making a sandwich at Subway to building a space shuttle utilizes one or more business processes. In the context of information systems, a business process is a set of business activities performed by human actors and/or the information system to accomplish a specific outcome. Documenting a Process Every day each of us will perform many processes without even thinking about them such as getting ready for work, using an ATM, texting a friend, etc. As processes grow more complex, documenting becomes necessary. It is essential for businesses to do this because it allows them to ensure control over how activities are undertaken Chapter 8: Business Processes | 171 in their organization. It also allows for standardization. For example, McDonald’s has the same process for building a Big Mac in all of its restaurants. The simplest way to document a process is to just create a list. The list shows each step in the process. Each step can be checked off upon completion. A simple process such as how to create an account on gmail might look like this: 1. Go to 2. Click “Create account.” 3. Enter your contact information in the “Create your Google Account” form. 4. Choose your username and password. 5. Agree to User Agreement and Privacy Policy by clicking on “Submit.” For processes that are not so straightforward, documenting all of the steps as a checklist may not be sufficient. For example, here is the process for determining if an article for a term needs to be added to Wikipedia: 1. Search Wikipedia to determine if the term already exists. 2. If the term is found, then an article is already written, so you must think of another term. Go to step 1. 3. If the term is not found, then look to see if there is a related term. 4. If there is a related term, then create a redirect. 5. If there is not a related term, then create a new article. This procedure is relatively simple. In fact it has the same number of steps as the previous example, but because it has some decision points, it is more difficult to track as a simple list. In these cases it may make more sense to use a diagram to document the process. 172 | Information Systems for Business and Beyond (2019) Diagram of an example business process (click to enlarge) Business Process Modeling Notation A diagramming tool for documentation of business process is a formalized visual language that provides systems analysts with the ability to describe the business processes unambiguously, to visualize the business processes for systematic understanding, and to communicate the business process for business process management. Natural languages (e.g., English) are incapable to explain complex business processes. Diagrams have been used as tools for business process modeling in the information systems field. There have been many types of business process diagramming tools, and each of them has its own style and syntax to serve its particular purpose. The most commonly used business process diagramming tools are Business Process Modeling Notation (BPMN), Data Flow Diagram (DFD), and the Unified Modeling Language (UML). BPMN is an extension of the traditional flowchart method by adding more diagramming elements for descriptions of business process. The objective of BPMN is to support business process documentation by providing intuitive notations for business rules. The flowchart style diagrams in BPMN can provide detailed specifications business processes from start to end. However, BPMN is short of the ability of system decomposition for large information systems. DFD has served as a foundation of many other tools of documentation of business process. The central concept of DFD is a top-down approach to understanding a system. The top-down approach is consistent with the system concept that views a system Chapter 8: Business Processes | 173 in a holistic manner and concerns an understanding of a system by examining the components and their interactions within the system. More importantly, while describing a business process by using DFD, the data stores used in the process and generated data flows in the process are also defined. We will provide an example of DFD in the Sidebar section of this chapter to illustrate the integration of data and business tasks in documenting a business process. The Unified Modeling Language (UML) is a general-purpose modeling tool in the field of software engineering for constructing all types of computerized systems. UML includes a set of various types of diagrams with different subjects of modeling and diversified graphics styles. The diversified diagrams in UML can provide detailed specifications for software engineering in many perspectives for construction of information systems, but could be too complicated for documenting business processes from the perspective of business process management. Managing Business Process Documentation As organizations begin to document their processes, it becomes an administrative responsibility to keep track of them. As processes change and improve, it is important to know which processes are the most recent. It is also important to manage the process so that it can be easily updated. The requirement to manage process documentation has been one of the driving forces behind the creation of the document management system. A document management system stores and tracks documents and supports the following functions. • Versions and timestamps. The document management system will keep multiple versions of documents. The most recent version of a document is easy to identify and will be 174 | Information Systems for Business and Beyond (2019) An ERP System (click to enlarge) considered the default. • Approvals and workflows. When a process needs to be changed, the system will manage both access to the documents for editing and the routing of the document for approval. • Communication. When a process changes, those who implement the process need to be made aware of the changes. The document management system will notify the appropriate people when a change to a document has been approved. Of course, document management systems are not only used for managing business process documentation. Many other types of documents are managed in these systems, such as legal documents or design documents. ERP Systems An Enterprise Resource Planning (ERP) system is software with a centralized database that can be used to run an entire company. Here are some of the main components of an ERP system. Computer program. The system is a computer program, which means that it has been developed with specific logic and rules behind it. It is customized and installed to work specifically for an individual organization. • Centralized database. All data in an ERP system is stored in a single, central database. Centralization is key to the success of an ERP. Data entered in Chapter 8: Business Processes | 175 one part of the company can be immediately available to other parts of the company. • Used to run an entire company. An ERP can be used to manage an entire organization’s operations. Companies can purchase modules for an ERP that represent different functions within the organization such as finance, manufacturing, and sales. Some companies choose to purchase many modules, others choose a subset of the modules. An ERP system not only centralizes an organization’s data, but the processes it enforces are the processes the organization has adopted. When an ERP vendor designs a module, it has to implement the rules for the associated business processes. Best practices can be built into the ERP – a major selling point for ERP. In other words, when an organization implements an ERP, it also gets improved best practices as part of the deal. For many organizations the implementation of an ERP system is an excellent opportunity to improve their business practices and upgrade their software at the same time. But for others an ERP brings a challenge. Is the process embedded in the ERP really better than the process they are currently utilizing? And if they implement this ERP and it happens to be the same one that all of their competitors have, will they simply become more like them, making it much more difficult to differentiate themselves? A large organization may have one version of the ERP, then acquire a subsidiary which has a more recent version. Imagine the challenge of requiring the subsidiary to change back to the earlier version. One of the criticisms of ERP systems has been that they commoditize business processes, driving all businesses to use the same processes and thereby lose their uniqueness. The good news is that ERP systems also have the capability to be configured with custom processes. For organizations that want to continue using their own processes or even design new ones, ERP systems offer customization so the ERP is unique to the organization. 176 | Information Systems for Business and Beyond (2019) Registered Trademark of SAP There is a drawback to customizing an ERP system. Namely, organizations have to maintain the changes themselves. Whenever an update to the ERP system comes out, any organization that has created a custom process will be required to add that change to their new ERP version. This requires someone to maintain a listing of these changes as well as re-testing the system every time an upgrade is made. Organizations will have to wrestle with this decision. When should they go ahead and accept the best-practice processes built into the ERP system and when should they spend the resources to develop their own processes? Some of the best-known ERP vendors are SAP, Microsoft, and Oracle. Business Process Management Organizations that are serious about improving their business processes will also create structures to manage those processes. Business process management (BPM) can be thought of as an intentional effort to plan, document, implement, and distribute an organization’s business processes with the support of information technology. BPM is more than just automating some simple steps. While automation can make a business more efficient, it cannot be used to Chapter 8: Business Processes | 177 provide a competitive advantage. BPM, on the other hand, can be an integral part of creating that advantage. Not all of an organization’s processes should be managed this way. An organization should look for processes that are essential to the functioning of the business and those that may be used to bring a competitive advantage. The best processes to look at are those that include employees from multiple departments, those that require decision-making that cannot be easily automated, and processes that change based on circumstances. Here is an example. Suppose a large clothing retailer is looking to gain a competitive advantage through superior customer service. A task force is created to develop a state-of-the-art returns policy that allows customers to return any article of clothing, no questions asked. The organization also decides that, in order to protect the competitive advantage that this returns policy will bring, they will develop their own customization to their ERP system to implement this returns policy. In preparation for the rollout of the system, all customer service employees are trained, showing how to use the new system and specifically how to process returns. Once the updated returns process is implemented, the organization will be able to measure several key indicators about returns that will allow them to adjust the policy as needed. For example, if it is determined that many women are returning their high-end dresses after wearing them once, they could implement a change to the process that limits the return period to 14 days from the original purchase date. As changes to the returns policy are made, the changes are rolled out via internal communications and updates to the returns processing on the system are made. If done properly, business process management will provide several key benefits to an organization, which can be used to contribute to competitive advantage. These benefits include: • Empowering employees. When a business process is designed correctly and supported with information technology, employees will be able to implement it on their own authority. 178 | Information Systems for Business and Beyond (2019) In the returns policy example, an employee would be able to accept returns made before fourteen days or use the system to make determinations on what returns would be allowed after fourteen days. • Built-in reporting. By building measurement into the programming, the organization can stay current on key metrics regarding their processes. In this example, these can be used to improve the returns process and also, ideally, to reduce returns. • Enforcing best practices. As an organization implements processes supported by information systems, it can work to implement the best practices for that class of business process. In this example, the organization may want to require that all customers returning a product without a receipt show a legal ID. This requirement can be built into the system so that the return will not be processed unless a valid ID number is entered. • Enforcing consistency. By creating a process and enforcing it with information technology, it is possible to create consistency across the entire organization. In this example, all stores in the retail chain can enforce the same returns policy. If the returns policy changes, the change can be instantly enforced across the entire chain. Business Process Re-engineering As organizations look to manage their processes to gain a competitive advantage, it is also important to understand that existing ways of doing things may not be the most effective or efficient. A process developed in the 1950s is not going to be better just because it is now supported by technology. In 1990 Michael Hammer published an article in the Harvard Business Review entitled “Reengineering Work: Don’t Automate, Obliterate.” This article suggested that simply automating a bad Chapter 8: Business Processes | 179 process does not make it better. Instead, companies should “blow up” their existing processes and develop new processes that take advantage of the new technologies and concepts. He states in the introduction to the article: Many of our job designs, work flows, control mechanisms, and organizational structures came of age in a different competitive environment and before the advent of the computer. They are geared towards greater efficiency and control. Yet the watchwords of the new decade are innovation and speed, service, and quality. It is time to stop paving the cow paths. Instead of embedding outdated processes in silicon and software, we should obliterate them and start over. We should “re- engineer” our businesses: use the power of modern information technology to radically redesign our business processes in order to achieve dramatic improvements in their performance.1 Business Process Re-engineering (BPR) is not just taking an existing process and automating it. BPR is fully understanding the goals of a process and then dramatically redesigning it from the ground up to achieve dramatic improvements in productivity and quality. But this is easier said than done. Most people think in terms of how to do small, local improvements to a process. Complete redesign requires thinking on a larger scale. Hammer provides some guidelines for how to go about doing business process re-engineering: • Organize around outcomes, not tasks. This simply means design the process so that, if possible, one person performs all the steps. Instead of passing the task on to numerous people, one person does the entire process, resulting in greater speed 1. [1] 180 | Information Systems for Business and Beyond (2019) and customer responsiveness. • Have those who use the outcomes of the process perform the process. With the use of information technology many simple tasks are now automated so the person who needs the outcome should be empowered to perform it. Hammer provides the following example. Instead of having every department in the company use a purchasing department to order supplies, have the supplies ordered directly by those who need the supplies using an information system. • Merge information processing work into the real work that produces the information. When one part of the company creates information, such as sales information or payment information, it should be processed by that same department. There is no need for one part of the company to process information created in another part of the company. • Treat geographically dispersed resources as though they were centralized. With the communications technologies available today, it becomes easier than ever to focus on physical location. A multinational organization does not need separate support departments (such as IT, purchasing, etc.) for each location anymore. • Link parallel activities instead of integrating their results. Departments that work in parallel should be sharing data and communicating with each other during a process instead of waiting until each group is done and then comparing notes. The outdated concept of only linking outcomes results in re- work, increased costs, and delays. • Put the decision points where the work is performed, and build controls into the process. The people who do the work should have decision making authority and the process itself should have built-in controls using information technology. Today’s workforce is more educated and knowledgeable than in the past so providing workers with information technology can result in the employees controlling their processes. Chapter 8: Business Processes | 181 • Capture information at the source. Requiring information to be entered more than once causes delays and errors. With information technology, an organization can capture it once and then make it available whenever needed. These principles may seem like common sense today, but in 1990 they took the business world by storm. Hammer gives example after example of how organizations improved their business processes by many orders of magnitude without adding any new employees, simply by changing how they did things (see sidebar). Unfortunately, business process re-engineering got a bad name in many organizations. This was because it was used as an excuse for cost cutting that really had nothing to do with BPR. For example, many companies simply used it as a reason for laying off part of their workforce. However, today many of the principles of BPR have been integrated into businesses and are considered part of good business-process management. Sidebar: Reengineering the College Bookstore The process of purchasing the correct textbooks in a timely manner for college classes has always been problematic. Now with online bookstores competing directly with the college bookstore for students’ purchases, the college bookstore is under pressure to justify its existence. But college bookstores have one big advantage over their competitors, namely they have access to students’ data. Once a student has registered for classes, the bookstore knows exactly what books that student will need for the upcoming term. To leverage this advantage and take advantage of new technologies, 182 | Information Systems for Business and Beyond (2019) College Bookstore Redesign the bookstore wants to implement a new process that will make purchasing books through the bookstore advantageous to students. Though they may not be able to compete on price, they can provide other advantages such as reducing the time it takes to find the books and the ability to guarantee that the book is the correct one for the class. In order to do this, the bookstore will need to undertake a process redesign. The goal of the process redesign is simple. Capture a higher percentage of students as customers of the bookstore. After diagramming the existing process and meeting with student focus groups, the bookstore comes up with a new process. In the new process the bookstore utilizes information technology to reduce the amount of work the students need to do in order to get their books. In this new process the bookstore sends the students an e-mail with a list of all the books required for their upcoming classes. By clicking a link in this e-mail the students can log into the bookstore, confirm their books, and complete the purchase. The bookstore will then deliver the books to the students. And there is an additional benefit to the faculty: Professors are no longer asked to delay start of semester assignments while students wait for books to arrive in the mail. Instead, students can be expected to promptly complete their assignments and the course proceeds on schedule. Chapter 8: Business Processes | 183 College bookstore data flow diagram (original) (Click to enlarge) College bookstore data flow diagram (redesigned) (Click to enlarge) Here are the changes to this process shown as data flow diagrams: 184 | Information Systems for Business and Beyond (2019) Sidebar: ISO Certification Many organizations now claim that they are using best practices when it comes to business processes. In order to set themselves apart and prove to their customers, and potential customers, that they are indeed doing this, these organizations are seeking out an ISO 9000 certification. ISO is an acronym for International Standards Organization (website here). This body defines quality standards that organizations can implement to show that they are, indeed, managing business processes in an effective way. The ISO 9000 certification is focused on quality management. In order to receive ISO certification, an organization must be audited and found to meet specific criteria. In its most simple form, the auditors perform the following review. • Tell me what you do (describe the business process). • Show me where it says that (reference the process documentation). • Prove that this is what happened (exhibit evidence in documented records). Chapter 8: Business Processes | 185 Over the years, this certification has evolved and many branches of the certification now exist. ISO certification is one way to separate an organization from others. You can find out more about the ISO 9000 standard here. Summary The advent of information technologies has had a huge impact on how organizations design, implement, and support business processes. From document management systems to ERP systems, information systems are tied into organizational processes. Using business process management, organizations can empower employees and leverage their processes for competitive advantage. Using business process reengineering, organizations can vastly improve their effectiveness and the quality of their products and services. Integrating information technology with business processes is one way that information systems can bring an organization lasting competitive advantage. Study Questions 1. What does the term business process mean? 2. What are three examples of business process from a job you have had or an organization you have observed? 3. What is the value in documenting a business process? 4. What is an ERP system? How does an ERP system enforce best practices for an organization? 186 | Information Systems for Business and Beyond (2019) 5. What is one of the criticisms of ERP systems? 6. What is business process re-engineering? How is it different from incrementally improving a process? 7. Why did BPR get a bad name? 8. List the guidelines for redesigning a business process. 9. What is business process management? What role does it play in allowing a company to differentiate itself? 10. What does ISO certification signify? Exercises 1. Think of a business process that you have had to perform in the past. How would you document this process? Would a diagram make more sense than a checklist? Document the process both as a checklist and as a diagram. 2. Review the return policies at your favorite retailer, then answer this question. What information systems do you think would need to be in place to support their return policy? 3. If you were implementing an ERP system, in which cases would you be more inclined to modify the ERP to match your business processes? What are the drawbacks of doing this? 4. Which ERP is the best? Do some original research and compare three leading ERP systems to each other. Write a two- to three-page paper that compares their features. Labs 1. Visit a fast food restaurant of your choice. Observe the Chapter 8: Business Processes | 187 processes used in taking an order, filling the order, and receiving payment. Create a flowchart showing the steps used. Then create a second flowchart indicating where you would recommend improvements to the processes. 2. Virginia Mason Medical Center, located in Seattle, Washington, needed to radically change some of their business processes. Download the case study. Then read the case study and respond to the following items. 1. Number of campuses 2. Number of employees 3. Number of physicians 4. Nature of the issue at Virginia Mason 5. “You cannot improve a process until…” 6. Discuss staff walking distance and inventory levels 7. How were patient spaces redesigned? 8. What happened to walking distance after this redesign? 9. Inventory was reduced by what percent? 10. Total cost savings = 1. Hammer, M. (1990). Reengineering work: don’t automate, obliterate. Harvard Business Review 68.4, 104–112.↵ 188 | Information Systems for Business and Beyond (2019) Chapter 9: The People in Information Systems Learning Objectives Upon successful completion of this chapter, you will be able to: • describe each of the different roles that people play in the design, development, and use of information systems; • understand the different career paths available to those who work with information systems; • explain the importance of where the information- systems function is placed in an organization; and • describe the different types of users of information systems. Introduction The opening chapters of this text focused on the technology behind information systems, namely hardware, software, data, and networking. The last chapter covered business processes and the Chapter 9: The People in Information Systems | 189 U. S. Bureau of Labor Statistics – 2020 Projections key role they can play in the success of a business. This chapter discusses people, the last component of an information system. People are involved in information systems in just about every way. People imagine information systems, people develop information systems, people support information systems, and, perhaps most importantly, people use information systems. The Creators of Information Systems The first group of people to be considered play a role in designing, developing, and building information systems. These people are generally technical and have a background in programming, analysis, information security, or database design. Just about everyone who works in the creation of information systems has a minimum of a bachelor’s degree in computer science or information systems, though that is not necessarily a requirement. The process of creating information systems will be covered in more detail in Chapter 10. The following chart shows the U. S. Bureau of Labor Statistics projections for computing career employment in 2020. 190 | Information Systems for Business and Beyond (2019) Systems Analyst The systems analyst straddles the divide between identifying business needs and imagining a new or redesigned system to fulfill those needs. This individual works with a team or department seeking to identify business requirements and analyze the specific details of an existing system or a system that needs to be built. Generally, the analyst is required to have a good understanding of the business itself, the purpose of the business, the business processes involved, and the ability to document them well. The analyst identifies the different stakeholders in the system and works to involve the appropriate individuals in the analysis process. Prior to analyzing the problem or the system of concern, the analyst needs to a) clearly identify the problem, b) gain approval for the project, c) identify the stakeholders, and d) develop a plan to monitor the project. The analysis phase of the project can be broken down into five steps. 1. Seek out and identify the details 2. Specify requirements 3. Decide which requirements are most important 4. Create a dialog showing how the user interacts with the existing system 5. Ask users to critique the list of requirements that have been developed The analysis phase involves both the systems analyst and the users. It is important to realize the role the users take in the analysis of the system. Users can have significant insights into how well the current system functions as well as suggest improvements. Once the requirements are determined, the analyst begins the process of translating these requirements into an information systems design. It is important to understand which different technological solutions will work and provide several alternatives to the client, based on the company’s budgetary constraints, Chapter 9: The People in Information Systems | 191 technology constraints, and culture. Once the solution is selected, the analyst will create a detailed document describing the new system. This new document will require that the analyst understand how to speak in the technical language of systems developers. The design phase results in the components of the new system being identified, including how they relate to one another. The designer needs to communicate clearly with software developers as well database administrators by using terminology that is consistent with both of these specialties. The design phase of the project can be broken down into six steps. 1. Design the hardware environment 2. Design the software 3. Design how the new system will interface with the users 4. Design hardware interfaces 5. Design database tables 6. Design system security A systems analyst generally is not the one who does the actual development of the information system. The design document created by the systems analyst provides the detail needed to create the system and is handed off to a developer to actually write the software and to the database administrator to build the database and tables that will be in the database. Sometimes the system may be assembled from off-the-shelf components by a person called a systems integrator. This is a specific type of systems analyst that understands how to get different software packages to work with each other. To become a systems analyst, you should have a background both in the business analysis and in systems design. Many analysts first work as developers and have business experience before becoming system analysts. It is vital for analysts to clearly understand the purpose of the business of interest, realizing that all businesses are unique. 192 | Information Systems for Business and Beyond (2019) Programmer/Developer Programmers spend their time writing computer code in a programming language. In the case of systems development, programmers generally attempt to fulfill the design specifications given to them by a systems analyst/designer. Many different styles of software development exist A programmer may work alone for long stretches of time or work as part of a team with other developers. A programmer needs to be able to understand complex processes and also the intricacies of one or more programming languages. Computer Engineer Computer engineers design the computing devices that are used every day. There are many types of computer engineers who work on a variety of different types of devices and systems. Some of the more prominent computer engineering jobs are as follows: • Hardware engineer. A hardware engineer designs hardware and test components such as microprocessors, memory devices, routers, and networks. Many times, a hardware engineer is at the cutting edge of computing technology, creating something brand new. Other times, the hardware engineer’s job is to re-engineer an existing component to work faster or use less power. Many times a hardware engineer’s job is to write code to create a program that will be implemented directly on a computer chip. • Software engineer. Software engineers tend to focus on a specific area of software such as operating systems, networks, applications, or databases. Software engineers use three primary skill areas: computer science, engineering, and mathematics. Chapter 9: The People in Information Systems | 193 • Systems engineer. A systems engineer takes the components designed by other engineers and makes them all work together, focusing on the integration of hardware and software. For example, to build a computer the mother board, processor, memory, and hard disk all have to work together. A systems engineer has experience with many different types of hardware and software and knows how to integrate them to create new functionality. • Network engineer. A network engineer understands the networking requirements of an organization and then designs a communications system to meet those needs, using the networking hardware and software, sometimes referred to as a network operating system. Network engineers design both local area networks as well as wide area networks. There are many different types of computer engineers, and often the job descriptions overlap. While many may call themselves engineers based on a company job title, there is also a professional designation of “professional engineer” which has specific requirements. In the United States each state has its own set of requirements for the use of this title, as do different countries around the world. Most often, it involves a professional licensing exam. Information Systems Operations and Administration Another group of information systems professionals are involved in the day-to-day operations and administration of IT. These people must keep the systems running and up-to-date so that the rest of the organization can make the most effective use of these resources. 194 | Information Systems for Business and Beyond (2019) Computer Operator A computer operator is the person who oversees the mainframe computers and data centers in organizations. Some of their duties include keeping the operating systems up to date, ensuring available memory and disk storage, providing for redundancy (think electricity, connectivity to the Internet, and database backups), and overseeing the physical environment of the computer. Since mainframe computers increasingly have been replaced with servers, storage management systems, and other platforms, computer operators’ jobs have grown broader and include working with these specialized systems. Database Administrator A Database Administrator (DBA) is the person who designs and manages the databases for an organization. This person creates and maintains databases that are used as part of applications or the data warehouse. The DBA also consults with systems analysts and programmers on projects that require access to or the creation of databases. Help Desk/Support Analyst Most mid-size to large organizations have their own information technology help desk. The help desk is the first line of support for computer users in the company. Computer users who are having problems or need information can contact the help desk for assistance. Many times a help desk worker is a junior level employee who is able to answer basic issues that users need assistance with. Help desk analysts work with senior level support analysts or have a Chapter 9: The People in Information Systems | 195 computer knowledgebase at their disposal to help them investigate the problem at hand. The help desk is a great place to break into working in IT because it exposes you to all of the different technologies within the company. A successful help desk analyst should have good communications skills and a sincere interest in helping users. Trainer A computer trainer conducts classes to teach people specific computer skills. For example, if a new ERP system is being installed in an organization, one part of the implementation process is to teach all of the users how to use the new system. A trainer may work for a software company and be contracted to come in to conduct classes when needed; a trainer may work for a company that offers regular training sessions. Or a trainer may be employed full time for an organization to handle all of their computer instruction needs. To be successful as a trainer you need to be able to communicate technical concepts clearly and demonstrate patience with learners. Managing Information Systems The management of information-systems functions is critical to the success of information systems within the organization. Here are some of the jobs associated with the management of information systems. 196 | Information Systems for Business and Beyond (2019) CIO The Chief Information Officer (CIO) is the head of the information- systems function. This person aligns the plans and operations of the information systems with the strategic goals of the organization. Tasks include budgeting, strategic planning, and personnel decisions for the information systems function. The CIO must also be the face of the IT department within the organization. This involves working with senior leaders in all parts of the organization to ensure good communication, planning, and budgeting. Interestingly, the CIO position does not necessarily require a lot of technical expertise. While helpful, it is more important for this person to have good management skills and understand the business. Many organizations do not have someone with the title of CIO. Instead, the head of the information systems function is called the Vice President of Information Systems or Director of Information Systems. Functional Manager As an information systems organization becomes larger, many of the different functions are grouped together and led by a manager. These functional managers report to the CIO and manage the employees specific to their function. For example, in a large organization there are a group of systems analysts who report to a manager of the systems analysis function. For more insight into how this might look, see the discussion later in the chapter of how information systems are organized. Chapter 9: The People in Information Systems | 197 Gantt Chart for managing projects ERP Management Organizations using an ERP require one or more individuals to manage these systems. EPR managers make sure that the ERP system is completely up to date, work to implement any changes to the ERP that are needed, and consult with various user departments on needed reports or data extracts. Project Managers Information systems projects are notorious for going over budget and being delivered late. In many cases a failed IT project can spell doom for a company. A project manager is responsible for keeping projects on time and on budget. This person works with the stakeholders of the project to keep the team organized and communicates the status of the project to management. Gantt charts, shown above, are used to graphically illustrate a project’s schedule, tasks, and resources. A project manager does not have authority over the project team. 198 | Information Systems for Business and Beyond (2019) Instead, the project manager coordinates schedules and resources in order to maximize the project outcomes. This leader must be a good communicator and an extremely organized person. A project manager should also have good people skills. Many organizations require each of their project managers to become certified as a Project Management Professional (PMP). Information Security Officer An information security officer is in charge of setting information security policies for an organization and then overseeing the implementation of those policies. This person may have one or more people reporting to them as part of the information security team. As information has become a critical asset, this position has become highly valued. The information security officer must ensure that the organization’s information remains secure from both internal and external threats. Emerging Roles As technology evolves many new roles are becoming more common as other roles diminish. For example, as we enter the age of “big data,” we are seeing the need for more data analysts and business intelligence specialists. Many companies are now hiring social media experts and mobile technology specialists. The increased use of cloud computing and Virtual Machine (VM) technologies also is increasing demand for expertise in those areas. Chapter 9: The People in Information Systems | 199 Career Paths in Information Systems (click to enlarge) Career Paths in Information Systems These job descriptions do not represent all possible jobs within an information systems organization. Larger organizations will have more specialized roles, while smaller organizations may combine some of these roles. Many of these roles may exist outside of a traditional information- systems organization, as we will discuss below. Working with information systems can be a rewarding career choice. Whether you want to be involved in very technical jobs (programmer, database administrator), or you want to be involved in working with people (systems analyst, trainer, project manager), there are many different career paths available. Many times those in technical jobs who want career advancement find themselves in a dilemma. A person can continue doing technical work, where sometimes their advancement options are limited, or become a manager of other employees and put themselves on a management career track. In many cases those proficient in technical skills are not gifted with managerial skills. Some organizations, especially those that highly value their technically skilled employees, create a technical track that exists in parallel to the management track so that they can retain employees who are contributing to the organization with their technical skills. 200 | Information Systems for Business and Beyond (2019) CISCO certification badge Sidebar: Are Certifications Worth Pursuing? As technology becomes more important to businesses, hiring employees with technical skills is becoming critical. But how can an organization ensure that the person they are hiring has the necessary skills? Many organizations are including technical certifications as a prerequisite for getting hired. Cisco Certified Internetwork Expert. Certifications are designations given by a certifying body that someone has a specific level of knowledge in a specific technology. This certifying body is often the vendor of the product itself, though independent certifying organizations, such as CompTIA, also exist. Many of these organizations offer certification tracks, allowing a beginning certificate as a prerequisite to getting more advanced certificates. To get a certificate, you generally attend one or more training classes and then take one or more certification exams. Passing the exams with a certain score will qualify you for a certificate. In most cases, these classes and certificates are not free. In fact a highly technical certification can cost thousands dollars. Some examples of the certifications in highest demand include Microsoft (software certifications), Cisco (networking), and SANS (security). For many working in IT, determining whether to pursue one or more of these certifications is an important question. For many jobs, Chapter 9: The People in Information Systems | 201 such as those involving networking or security, a certificate will be required by the employer as a way to determine which potential employees have a basic level of skill. For those who are already in an IT career, a more advanced certificate may lead to a promotion. For those wondering about the importance of certification, the best solution is to talk to potential employers and those already working in the field to determine the best choice. Organizing the Information Systems Function In the early years of computing, the information-systems function (generally called “data processing”) was placed in the finance or accounting department of the organization. As computing became more important, a separate information-systems function was formed, but it still was generally placed under the Chief Financial Officer and considered to be an administrative function of the company. By the 1980s and 1990s, when companies began networking internally and then connecting to the Internet, the information systems function was combined with the telecommunications functions and designated as the Information Technology (IT) department. As the role of information technology continued to increase, its place in the organization became more important. In many organizations today, the head of IT (the CIO) reports directly to the CEO. Where in the Organization Should IS Be? Before the advent of the personal computer, the information 202 | Information Systems for Business and Beyond (2019) systems function was centralized within organizations in order to maximize control over computing resources. When the PC began proliferating, many departments within organizations saw it as a chance to gain some computing resources for themselves. Some departments created an internal information systems group, complete with systems analysts, programmers, and even database administrators. These departmental IS groups were dedicated to the information needs of their own departments, providing quicker turnaround and higher levels of service than a centralized IT department. However, having several IS groups within an organization led to a lot of inefficiencies. There were now several people performing the same jobs in different departments. This decentralization also led to company data being stored in several places all over the company. In some organizations a matrix reporting structure developed in which IT personnel were placed within a department and reported to both the department management and the functional management within IS. The advantages of dedicated IS personnel for each department must be weighed against the need for more control over the strategic information resources of the company. For many companies, these questions are resolved by the implementation of the ERP system (see discussion of ERP in Chapter 8). Because an ERP system consolidates most corporate data back into a single database, the implementation of an ERP system requires organizations to find “silos” of data so that they can integrate them back into the corporate system. The ERP allows organizations to regain control of their information and influences organizational decisions throughout the company. Outsourcing Frequently an organization needs a specific skill for a limited period of time. Instead of training existing employees or hiring new staff, Chapter 9: The People in Information Systems | 203 it may make more sense to outsource the job. Outsourcing can be used in many different situations within the information systems function, such as the design and creation of a new website or the upgrade of an ERP system. Some organizations see outsourcing as a cost-cutting move, contracting out a whole group or department. New Models of Organizations The integration of information technology has influenced the structure of organizations. The increased ability to communicate and share information has led to a “flattening” of the organizational structure due to the removal of one or more layers of management. The network-based organizational structure is another changed enabled by information systems. In a network-based organizational structure, groups of employees can work somewhat independently to accomplish a project. People with the right skills are brought together for a project and then released to work on other projects when that project is over. These groups are somewhat informal and allow for all members of the group to maximize their effectiveness. Information Systems Users – Types of Users Besides the people who work to create, administer, and manage information systems, there is one more extremely important group of people, namely, the users of information systems. This group represents a very large percentage of an organization’s employees. If the user is not able to successfully learn and use an information system, the system is doomed to failure. Technology adoption user types 204 | Information Systems for Business and Beyond (2019) Diffusion of Innovation (click to enlarge) One tool that can be used to understand how users will adopt a new technology comes from a 1962 study by Everett Rogers. In his book, Diffusion of Innovation,[1]Rogers studied how farmers adopted new technologies and noticed that the adoption rate started slowly and then dramatically increased once adoption hit a certain point. He identified five specific types of technology adopters: • Innovators. Innovators are the first individuals to adopt a new technology. Innovators are willing to take risks, are the youngest in age, have the highest social class, have great financial liquidity, are very social, and have the closest contact with scientific sources and interaction with other innovators. Risk tolerance is high so there is a willingness to adopt technologies thast may ultimately fail. Financial resources help absorb these failures (Rogers, 1962, p. 282). • Early adopters. The early adopters are those who adopt innovation soon after a technology has been introduced and proven. These individuals have the highest degree of opinion leadership among the other adopter categories, which means that these adopters can influence the opinions of the largest majority. Characteristics include being younger in age, having a higher social status, possessing more financial liquidity, having advanced education, and being more socially aware than later adopters. These adopters are more discrete in adoption choices than innovators, and realize judicious choice of adoption will help them maintain a central communication position (Rogers, 1962, p. 283). • Early majority. Individuals in this category adopt an innovation Chapter 9: The People in Information Systems | 205 after a varying degree of time. This time of adoption is significantly longer than the innovators and early adopters. This group tends to be slower in the adoption process, has above average social status, has contact with early adopters, and seldom holds positions of opinion leadership in a system (Rogers, 1962, p. 283). • Late majority. The late majority will adopt an innovation after the average member of the society. These individuals approach an innovation with a high degree of skepticism, have below average social status, very little financial liquidity, are in contact with others in the late majority and the early majority, and show very little opinion leadership. • Laggards. Individuals in this category are the last to adopt an innovation. Unlike those in the previous categories, individuals in this category show no opinion leadership. These individuals typically have an aversion to change agents and tend to be advanced in age. Laggards typically tend to be focused on “traditions,” are likely to have the lowest social status and the lowest financial liquidity, be oldest of all other adopters, and be in contact with only family and close friends.[2] These five types of users can be translated into information technology adopters as well, and provide additional insight into how to implement new information systems within the organization. For example, when rolling out a new system, IT may want to identify the innovators and early adopters within the organization and work with them first, then leverage their adoption to drive the rest of the implementation to the other users. Summary In this chapter we have reviewed the many different categories of individuals who make up the people component of information 206 | Information Systems for Business and Beyond (2019) systems. The world of information technology is changing so fast that new roles are being created all the time and roles that existed for decades are being phased out. This chapter this chapter should have given you a good idea and appreciation for the importance of the people component of information systems. Study Questions 1. Describe the role of a systems analyst. 2. What are some of the different roles for a computer engineer? 3. What are the duties of a computer operator? 4. What does the CIO do? 5. Describe the job of a project manager. 6. Explain the point of having two different career paths in information systems. 7. What are the advantages and disadvantages of centralizing the IT function? 8. What impact has information technology had on the way companies are organized? 9. What are the five types of information-systems users? 10. Why would an organization outsource? Exercises 1. Which IT job would you like to have? Do some original research and write a two-page paper describing the duties of the job you are interested in. 2. Spend a few minutes on Dice or Monster to find IT jobs in your area. What IT jobs are currently available? Write up a two-page Chapter 9: The People in Information Systems | 207 paper describing three jobs, their starting salary (if listed), and the skills and education needed for the job. 3. How is the IT function organized in your school or place of employment? Create an organization chart showing how the IT organization fits into your overall organization. Comment on how centralized or decentralized the IT function is. 4. What type of IT user are you? Take a look at the five types of technology adopters and then write a one-page summary of where you think you fit in this model. Lab 1. Define each job in the list, then ask 10 friends to identify which jobs they have heard about or know something about. Tabulate your results. 2. Chief marketing technologist 3. Developer evangelist 4. Ethical hacker 5. Business intelligence analyst 6. Digital marketing manager 7. Growth hacker 8. UX designer 9. Cloud architect 10. Data detective 11. Master of edge computing 12. Digital prophet 13. NOC specialist 14. SEO/SEM specialist 1. Rogers, E. M. (1962). Diffusion of innovations. New York: Free Press↵ 208 | Information Systems for Business and Beyond (2019) 2. Rogers, E. M. (1962). Diffusion of innovations. New York: Free Press↵ Chapter 9: The People in Information Systems | 209 Chapter 10: Information Systems Development Learning Objectives Upon successful completion of this chapter, you will be able to: • Explain the overall process of developing new software; • Explain the differences between software development methodologies; • Understand the different types of programming languages used to develop software; • Understand some of the issues surrounding the development of websites and mobile applications; and • Identify the four primary implementation policies. Introduction When someone has an idea for a new function to be performed by a computer, how does that idea become reality? If a company wants to implement a new business process and needs new hardware or 210 | Chapter 10: Information Systems Development Software development methodologie s software to support it, how do they go about making it happen? This chapter covers the different methods of taking those ideas and bringing them to reality, a process known as information systems development. Programming Software is created via programming, as discussed in Chapter 2. Programming is the process of creating a set of logical instructions for a digital device to follow using a programming language. The process of programming is sometimes called “coding” because the developer takes the design and encodes it into a programming language which then runs on the computer. The process of developing good software is usually not as simple as sitting down and writing some code. Sometimes a programmer can quickly write a short program to solve a need, but in most instances the creation of software is a resource-intensive process that involves several different groups of people in an organization. In order to do this effectively, the groups agree to follow a specific software development methodology. The following sections review several different methodologies for software development, as summarized in the table below and more fully described in the following sections. Chapter 10: Information Systems Development | 211 Systems Development Life Cycle The Systems Development Life Cycle (SDLC) was first developed in the 1960s to manage the large software projects associated with corporate systems running on mainframes. This approach to software development is very structured and risk averse, designed to manage large projects that include multiple programmers and systems that have a large impact on the organization. It requires a clear, upfront understanding of what the software is supposed to do and is not amenable to design changes. This approach is roughly similar to an assembly line process, where it is clear to all stakeholders what the end product should do and that major changes are difficult and costly to implement. Various definitions of the SDLC methodology exist, but most contain the following phases. 1. Preliminary Analysis. A request for a replacement or new system is first reviewed. The review includes questions such as: What is the problem-to-be-solved? Is creating a solution possible? What alternatives exist? What is currently being done about it? Is this project a good fit for our organization? After addressing these question, a feasibility study is launched. The feasibility study includes an analysis of the technical feasibility, the economic feasibility or affordability, and the legal feasibility. This step is important in determining if the project should be initiated and may be done by someone with a title of Requirements Analyst or Business Analyst 2. System Analysis. In this phase one or more system analysts work with different stakeholder groups to determine the specific requirements for the new system. No programming is done in this step. Instead, procedures are documented, key players/users are interviewed, and data requirements are developed in order to get an overall impression of exactly what the system is supposed to do. The result of this phase is a 212 | Information Systems for Business and Beyond (2019) system requirements document and may be done by someone with a title of Systems Analyst 3. System Design. In this phase, a designer takes the system requirements document created in the previous phase and develops the specific technical details required for the system. It is in this phase that the business requirements are translated into specific technical requirements. The design for the user interface, database, data inputs and outputs, and reporting are developed here. The result of this phase is a system design document. This document will have everything a programmer needs to actually create the system and may be done by someone with a title of Systems Analyst, Developer, or Systems Architect, based on the scale of the project. 4. Programming. The code finally gets written in the programming phase. Using the system design document as a guide, programmers develop the software. The result of this phase is an initial working program that meets the requirements specified in the system analysis phase and the design developed in the system design phase. These tasks are done by persons with titles such as Developer, Software Engineer, Programmer, or Coder. 5. Testing. In the testing phase the software program developed in the programming phase is put through a series of structured tests. The first is a unit test, which evaluates individual parts of the code for errors or bugs. This is followed by a system test in which the different components of the system are tested to ensure that they work together properly. Finally, the user acceptance test allows those that will be using the software to test the system to ensure that it meets their standards. Any bugs, errors, or problems found during testing are resolved and then the software is tested again. These tasks are done by persons with titles such as Tester, Testing Analyst, or Quality Assurance. 6. Implementation. Once the new system is developed and tested, it has to be implemented in the organization. This phase Chapter 10: Information Systems Development | 213 The SDLC method (click to enlarge) includes training the users, providing documentation, and data conversion from the previous system to the new system. Implementation can take many forms, depending on the type of system, the number and type of users, and how urgent it is that the system become operational. These different forms of implementation are covered later in the chapter. 7. Maintenance. This final phase takes place once the implementation phase is complete. In the maintenance phase the system has a structured support process in place. Reported bugs are fixed and requests for new features are evaluated and implemented. Also, system updates and backups of the software are made for each new version of the program. Since maintenance is normally an Operating Expense (OPEX) while much of development is a Capital Expense (CAPEX), funds normally come out of different budgets or cost centers. The SDLC methodology is sometimes referred to as the waterfall methodology to represent how each step is a separate part of the process. Only when one step is completed can another step begin. After each step an organization must decide when to move to the next step. This methodology has been criticized for being quite rigid, allowing movement in only one direction, namely, forward in the cycle. For example, changes to the requirements are not allowed once the process has begun. No software is available until after the programming phase. Again, SDLC was developed for large, structured projects. Projects using SDLC can sometimes take months or years to complete. Because of its inflexibility and the availability of new programming techniques and tools, many other software development 214 | Information Systems for Business and Beyond (2019) methodologies have been developed. Many of these retain some of the underlying concepts of SDLC, but are not as rigid. Rapid Application Development RAD Methodology (click to enlarge) Rapid Application Development (RAD) focuses on quickly building a working model of the software, getting feedback from users, and then using that feedback to update the working model. After several iterations of development, a final version is developed and implemented. The RAD methodology consists of four phases. 1. Requirements Planning. This phase is similar to the preliminary analysis, system analysis, and design phases of the SDLC. In this phase the overall requirements for the system are defined, a team is identified, and feasibility is determined. Chapter 10: Information Systems Development | 215 2. User Design. In the user design phase representatives of the users work with the system analysts, designers, and programmers to interactively create the design of the system. Sometimes a Joint Application Development (JAD) session is used to facilitate working with all of these various stakeholders. A JAD session brings all of the stakeholders for a structured discussion about the design of the system. Application developers also participate and observe, trying to understand the essence of the requirements. 3. Construction. In the construction phase the application developers, working with the users, build the next version of the system through an interactive process. Changes can be made as developers work on the program. This step is executed in parallel with the User Design step in an iterative fashion, making modifications until an acceptable version of the product is developed. 4. Cutover. Cutover involves switching from the old system to the new software. Timing of the cutover phase is crucial and is usually done when there is low activity. For example, IT systems in higher education undergo many changes and upgrades during the summer or between fall semester and spring semester. Approaches to the migration from the old to the new system vary between organizations. Some prefer to simply start the new software and terminate use of the old software. Others choose to use an incremental cutover, bringing one part online at a time. A cutover to a new accounting system may be done one module at a time such as general ledger first, then payroll, followed by accounts receivable, etc. until all modules have been implemented. A third approach is to run both the old and new systems in parallel, comparing results daily to confirm the new system is accurate and dependable. A more thorough discussion of implementation strategies appears near the end of this chapter. 216 | Information Systems for Business and Beyond (2019) As you can see, the RAD methodology is much more compressed than SDLC. Many of the SDLC steps are combined and the focus is on user participation and iteration. This methodology is much better suited for smaller projects than SDLC and has the added advantage of giving users the ability to provide feedback throughout the process. SDLC requires more documentation and attention to detail and is well suited to large, resource-intensive projects. RAD makes more sense for smaller projects that are less resource intensive and need to be developed quickly. Agile Methodologies Agile methodologies are a group of methodologies that utilize incremental changes with a focus on quality and attention to detail. Each increment is released in a specified period of time (called a time box), creating a regular release schedule with very specific objectives. While considered a separate methodology from RAD, the two methodologies share some of the same principles such as iterative development, user interaction, and flexibility to change. The agile methodologies are based on the “Agile Manifesto,” first released in 2001. Chapter 10: Information Systems Development | 217 Agile Methodology Agile and Iterative Development The diagram above emphasizes iterations in the center of agile development. You should notice how the building blocks of the developing system move from left to right, a block at a time, not the entire project. Blocks that are not acceptable are returned through feedback and the developers make the needed modifications. Finally, notice the Daily Review at the top of the diagram. Agile Development means constant evaluation by both developers and customers (notice the term “Collaboration”) of each day’s work. The characteristics of agile methodology include: • Small cross-functional teams that include development team members and users; • Daily status meetings to discuss the current state of the project; • Short time-frame increments (from days to one or two weeks) for each change to be completed; and 218 | Information Systems for Business and Beyond (2019) Lean Methodology (click to enlarge) • Working project at the end of each iteration which demonstrates progress to the stakeholders. The goal of agile methodologies is to provide the flexibility of an iterative approach while ensuring a quality product. Lean Methodology One last methodology to discuss is a relatively new concept taken from the business bestseller The Lean Startup by Eric Reis. Lean focuses on taking an initial idea and developing a Minimum Viable Product (MVP). The MVP is a working software application with just enough functionality to demonstrate the idea behind the project. Once the MVP is developed, the development team gives it to potential users for review. Feedback on the MVP is generated in two forms. First, direct observation and discussion with the users and second, usage statistics gathered from the software itself. Using these two forms of feedback, the team determines whether they should continue in the same direction or rethink the core idea behind the project, change the functions, and create a new MVP. This change in strategy is called a pivot. Several iterations of the MVP are developed, with new functions added each time based on the feedback, until a final product is completed. The biggest difference between the iterative and non-iterative methodologies is that the full set of requirements for the system are not known when the project is launched. As each iteration of the Chapter 10: Information Systems Development | 219 The quality triangle (click to enlarge) project is released, the statistics and feedback gathered are used to determine the requirements. The lean methodology works best in an entrepreneurial environment where a company is interested in determining if their idea for a program is worth developing. Sidebar: The Quality Triangle When developing software or any sort of product or service, there exists a tension between the developers and the different stakeholder groups such as management, users, and investors. This tension relates to how quickly the software can be developed (time), how much money will be spent (cost), and how well it will be built (quality). The quality triangle is a simple concept. It states that for any product or service being developed, you can only address two of the following: time, cost, and quality. So why can only two of the three factors in the triangle be considered? Because each of these three components are in competition with each other! If you are willing and able to spend a lot of money, then a project can be completed quickly with high quality results because you can provide more resources towards its development. If a project’s completion date is not a priority, then it can be completed at a lower cost with higher quality results using a smaller team with fewer resources. Of course, these are just generalizations, and different projects may not fit this model perfectly. But overall, this model is designed to help you understand 220 | Information Systems for Business and Beyond (2019) the trade-offs that must be made when you are developing new products and services. There are other, fundamental reasons why low-cost, high-quality projects done quickly are so difficult to achieve. 1. The human mind is analog and the machines the software run on are digital. These are completely different natures that depend upon context and nuance versus being a 1 or a 0. Things that seem obvious to the human mind are not so obvious when forced into a 1 or 0 binary choice. 2. Human beings leave their imprints on the applications or systems they design. This is best summed up by Conway’s Law (1968) – “Organizations that design information systems are constrained to do so in a way that mirrors their internal communication processes.” Organizations with poor communication processes will find it very difficult to communicate requirements and priorities, especially for projects at the enterprise level (i.e., that affect the whole organization. Programming Languages As noted earlier, developers create programs using one of several programming languages. A programming language is an artificial language that provides a way for a developer to create programming code to communicate logic in a format that can be executed by the computer hardware. Over the past few decades, many different types of programming languages have evolved to meet a variety of needs. One way to characterize programming languages is by their “generation.” Chapter 10: Information Systems Development | 221 Generations of Programming Languages Early languages were specific to the type of hardware that had to be programmed. Each type of computer hardware had a different low level programming language. In those early languages very specific instructions had to be entered line by line – a tedious process. First generation languages were called machine code because programming was done in the format the machine/computer could read. So programming was done by directly setting actual ones and zeroes (the bits) in the program using binary code. Here is an example program that adds 1234 and 4321 using machine language: 10111001 00000000 11010010 10100001 00000100 00000000 10001001 00000000 00001110 10001011 00000000 00011110 00000000 00011110 00000000 00000010 10111001 00000000 11100001 00000011 00010000 11000011 10001001 10100011 00001110 00000100 00000010 00000000 Assembly language is the second generation language and uses English-like phrases rather than machine-code instructions, making it easier to program. An assembly language program must be run through an assembler, which converts it into machine code. Here is a sample program that adds 1234 and 4321 using assembly language. MOV CX,1234 222 | Information Systems for Business and Beyond (2019) MOV DS:[0],CX MOV CX,4321 MOV AX,DS:[0] MOV BX,DS:[2] ADD AX,BX MOV DS:[4],AX Third-generation languages are not specific to the type of hardware on which they run and are similar to spoken languages. Most third generation languages must be compiled. The developer writes the program in a form known generically as source code, then the compiler converts the source code into machine code, producing an executable file. Well-known third generation languages include BASIC, C, Python, and Java. Here is an example using BASIC: A=1234 B=4321 C=A+B END Fourth generation languages are a class of programming tools that enable fast application development using intuitive interfaces and environments. Many times a fourth generation language has a very specific purpose, such as database interaction or report-writing. These tools can be used by those with very little formal training in programming and allow for the quick development of applications and/or functionality. Examples of fourth-generation languages include: Clipper, FOCUS, SQL, and SPSS. Why would anyone want to program in a lower level language when they require so much more work? The answer is similar to why some prefer to drive manual transmission vehicles instead of automatic transmission, namely, control and efficiency. Lower level languages, such as assembly language, are much more efficient and execute much more quickly. The developer has finer control over the hardware as well. Sometimes a combination of higher and lower Chapter 10: Information Systems Development | 223 level languages is mixed together to get the best of both worlds. The programmer can create the overall structure and interface using a higher level language but use lower level languages for the parts of the program that are used many times, require more precision, or need greater speed. The programming language spectrum (click to enlarge). Compiled vs. Interpreted Besides identifying a programming language based on its generation, we can also classify it through the distinction of whether it is compiled or interpreted. A computer language is written in a human-readable form. In a compiled language the program code is translated into a machine-readable form called an executable that can be run on the hardware. Some well-known compiled languages include C, C++, and COBOL. Interpreted languages require a runtime program to be installed in order to execute. Each time the user wants to run the software the runtime program must interpret the program code line by line, then run it. Interpreted languages are generally easier to work with but also are slower and require more system resources. Examples 224 | Information Systems for Business and Beyond (2019) of popular interpreted languages include BASIC, PHP, PERL, and Python. The web languages of HTML and JavaScript are also considered interpreted because they require a browser in order to run. The Java programming language is an interesting exception to this classification, as it is actually a hybrid of the two. A program written in Java is partially compiled to create a program that can be understood by the Java Virtual Machine (JVM). Each type of operating system has its own JVM which must be installed before any program can be executed. The JVM approach allows a single Java program to run on many different types of operating systems. Procedural vs. Object-Oriented A procedural programming language is designed to allow a programmer to define a specific starting point for the program and then execute sequentially. All early programming languages worked this way. As user interfaces became more interactive and graphical, it made sense for programming languages to evolve to allow the user to have greater control over the flow of the program. An object- oriented programming language is designed so that the programmer defines “objects” that can take certain actions based on input from the user. In other words, a procedural program focuses on the sequence of activities to be performed while an object oriented program focuses on the different items being manipulated. Chapter 10: Information Systems Development | 225 Employee object Consider a human resources system where an “EMPLOYEE” object would be needed. If the program needed to retrieve or set data regarding an employee, it would first create an employee object in the program and then set or retrieve the values needed. Every object has properties, which are descriptive fields associated with the object. Also known as a Schema, it is the logical view of the object (i.e., each row of properties represents a column in the actual table, which is known as the physical view). The employee object has the properties “EMPLOYEEID”, “FIRSTNAME”, “LASTNAME”, “BIRTHDATE” and “HIREDATE”. An object also has methods which can take actions related to the object. There are two methods in the example. The first is “ADDEMPLOYEE()”, which will create another employee record. The second is “EDITEMPLOYEE()” which will modify an employee’s data. Programming Tools To write a program, you need little more than a text editor and a good idea. However, to be productive you must be able to check the syntax of the code, and, in some cases, compile the code. To be more efficient at programming, additional tools, such as an Integrated Development Environment (IDE) or computer-aided software-engineering (CASE) tools can be used. 226 | Information Systems for Business and Beyond (2019) Screen shot of Oracle Eclipse Integrated Development Environment For most programming languages an Integrated Development Environment (IDE) can be used to develop the program. An IDE provides a variety of tools for the programmer, and usually includes: • Editor. An editor is used for writing the program. Commands are automatically color coded by the IDE to identify command types. For example, a programming comment might appear in green and a programming statement might appear in black. • Help system. A help system gives detailed documentation regarding the programming language. • Compiler/Interpreter. The compiler/interpreter converts the programmer’s source code into machine language so it can be executed/run on the computer. • Debugging tool. Debugging assists the developer in locating errors and finding solutions. • Check-in/check-out mechanism. This tool allows teams of programmers to work simultaneously on a program without overwriting another programmer’s code. Examples of IDEs include Microsoft’s Visual Studio and Oracle’s Eclipse. Visual Studio is the IDE for all of Microsoft’s programming Chapter 10: Information Systems Development | 227 languages, including Visual Basic, Visual C++, and Visual C#. Eclipse can be used for Java, C, C++, Perl, Python, R, and many other languages. CASE Tools While an IDE provides several tools to assist the programmer in writing the program, the code still must be written. Computer- Aided Software Engineering (CASE) tools allow a designer to develop software with little or no programming. Instead, the CASE tool writes the code for the designer. CASE tools come in many varieties. Their goal is to generate quality code based on input created by the designer. Sidebar: Building a Website In the early days of the World Wide Web, the creation of a website required knowing how to use HyperText Markup Language (HTML). Today most websites are built with a variety of tools, but the final product that is transmitted to a browser is still HTML. At its simplest HTML is a text language that allows you to define the different components of a web page. These definitions are handled through the use of HTML tags with text between the tags or brackets. For example, an HTML tag can tell the browser to show a word in italics, to link to another web page, or to insert an image. The HTML code below selects two different types of headings (h1 and h2) with text below each heading. Some of the text has been italicized. The output as it would appear in a browser is shown after the HTML code.

This is a first-level heading

228 | Information Systems for Business and Beyond (2019) HTML output Here is some text. Here is some emphasized text.

Here is a second-level heading</h2) Here is some more text. HTML code While HTML is used to define the components of a web page, Cascading Style Sheets (CSS) are used to define the styles of the components on a page. The use of CSS allows the style of a website to be set and stay consistent throughout. For example, a designer who wanted all first-level headings (h1) to be blue and centered could set the “h1″ style to match. The following example shows how this might look. h1 { color:blue; text-align:center; }

This is a first-level heading

Here is some text. Here is some emphasized text.

Here is a second-level heading</h2) Here is some more text. Chapter 10: Information Systems Development | 229 HTML with CSS output HTML code with CSS added The combination of HTML and CSS can be used to create a wide variety of formats and designs and has been widely adopted by the web design community. The standards for HTML are set by a governing body called the World Wide Web Consortium. The current version of HTML 5 includes new standards for video, audio, and drawing. When developers create a website, they do not write it out manually in a text editor. Instead, they use web design tools that generate the HTML and CSS for them. Tools such as Adobe Dreamweaver allow the designer to create a web page that includes images and interactive elements without writing a single line of code. However, professional web designers still need to learn HTML and CSS in order to have full control over the web pages they are developing. Sidebar: Building a Mobile App In many ways building an application for a mobile device is exactly the same as building an application for a traditional computer. Understanding the requirements for the application, designing the 230 | Information Systems for Business and Beyond (2019) interface, and working with users are all steps that still need to be carried out. Mobile Apps So what’s different about building an application for a mobile device? There are five primary differences: 1. Breakthroughs in component technologies. Mobile devices require multiple components that are not only smaller but more energy-efficient than those in full-size computers (laptops or desktops). For example, low-power CPUs combined with longer-life batteries, touchscreens, and Wi-Fi enable very efficient computing on a phone, which needs to do much less actual processing than their full-size counterparts. 2. Sensors have unlocked the notion of context. The combination of sensors like GPS, gyroscopes, and cameras enables devices to be aware of things like time, location, velocity, direction, altitude, attitude, and temperature. Location in particular provides a host of benefits. 3. Simple, purpose-built, task-oriented apps are easy to use. Mobile apps are much narrower in scope than enterprise software and therefore easier to use. Likewise, they need to be intuitive and not require any training. 4. Immediate access to data extends the value proposition. In addition to the app providing a simpler interface on the front end, cloud-based data services provide access to data in near real-time, from virtually anywhere (e.g., banking, travel, driving directions, and investing). Having access to the cloud is needed to keep mobile device size and power use down. 5. App stores have simplified acquisition. Developing, acquiring, and managing apps has been revolutionized by app stores such as Apple’s App Store and Google Play. Standardized Chapter 10: Information Systems Development | 231 development processes and app requirements allow developers outside Apple and Google to create new apps with a built-in distribution channel. Average low app prices (including many of which that are free) has fueled demand. In sum, the differences between building a mobile app and other types of software development look like this: Mobile app differences Building a mobile app for both iOS and Android operating systems is known as cross platform development. There are a number of third- party toolkits available for creating your app. Many will convert existing code such as HTML5, JavaScript, Ruby, C++, etc. However, if your app requires sophisticated programming, a cross platform developer kit may not meet your needs. Responsive Web Design (RWD) focuses on making web pages render well on every device: desktop, laptop, tablet, smartphone. Through the concept of fluid layout RWD automatically adjusts the content to the device on which it is being viewed. You can find out more about responsive design here. 232 | Information Systems for Business and Beyond (2019) Build vs. Buy When an organization decides that a new program needs to be developed, they must determine if it makes more sense to build it themselves or to purchase it from an outside company. This is the “build vs. buy” decision. There are many advantages to purchasing software from an outside company. First, it is generally less expensive to purchase software than to build it. Second, when software is purchased, it is available much more quickly than if the package is built in-house. Software can take months or years to build. A purchased package can be up and running within a few days. Third, a purchased package has already been tested and many of the bugs have already been worked out. It is the role of a systems integrator to make various purchased systems and the existing systems at the organization work together. There are also disadvantages to purchasing software. First, the same software you are using can be used by your competitors. If a company is trying to differentiate itself based on a business process incorporated into purchased software, it will have a hard time doing so if its competitors use the same software. Another disadvantage to purchasing software is the process of customization. If you purchase software from a vendor and then customize it, you will have to manage those customizations every time the vendor provides an upgrade. This can become an administrative headache, to say the least. Even if an organization determines to buy software, it still makes sense to go through the same analysis as if it was going to be developed. This is an important decision that could have a long- term strategic impact on the organization. Chapter 10: Information Systems Development | 233 Web Services Chapter 3 discussed how the move to cloud computing has allowed software to be viewed as a service. One option, known as web services, allows companies to license functions provided by other companies instead of writing the code themselves. Web services can greatly simplify the addition of functionality to a website. Suppose a company wishes to provide a map showing the location of someone who has called their support line. By utilizing Google Maps API web services, the company can build a Google Map directly into their application. Or a shoe company could make it easier for its retailers to sell shoes online by providing a shoe sizing web service that the retailers could embed right into their website. Web services can blur the lines between “build vs. buy.” Companies can choose to build an application themselves but then purchase functionality from vendors to supplement their system. End-User Computing (EUC) In many organizations application development is not limited to the programmers and analysts in the information technology department. Especially in larger organizations, other departments develop their own department-specific applications. The people who build these applications are not necessarily trained in programming or application development, but they tend to be adept with computers. A person who is skilled in a particular program, such as a spreadsheet or database package, may be called upon to build smaller applications for use by their own department. This phenomenon is referred to as end-user development, or end-user computing. End-user computing can have many advantages for an organization. First, it brings the development of applications closer 234 | Information Systems for Business and Beyond (2019) to those who will use them. Because IT departments are sometimes backlogged, it also provides a means to have software created more quickly. Many organizations encourage end-user computing to reduce the strain on the IT department. End-user computing does have its disadvantages as well. If departments within an organization are developing their own applications, the organization may end up with several applications that perform similar functions, which is inefficient, since it is a duplication of effort. Sometimes these different versions of the same application end up providing different results, bringing confusion when departments interact. End-user applications are often developed by someone with little or no formal training in programming. In these cases, the software developed can have problems that then have to be resolved by the IT department. End-user computing can be beneficial to an organization provided it is managed. The IT department should set guidelines and provide tools for the departments who want to create their own solutions. Communication between departments can go a long way towards successful use of end-user computing. Sidebar: Risks of EUC’s as “Shadow IT” The Federal Home Loan Mortgage Company, better known as Freddie Mac, was fined over $100 million in 2003 in part for understating its earnings. This triggered a large-scale project to restate its financials, which involved automating financial reporting to comply with the Sarbanes-Oxley Act of 2002. Part of the restatement project found that EUCs (such as spreadsheets and databases on individual laptops) were feeding into the General Ledger. While EUCs were not the cause of Freddie Mac’s problems (they were a symptom of insufficient oversight) to have such poor Chapter 10: Information Systems Development | 235 IT governance in such a large company was a serious issue. It turns these EUCs were done in part to streamline the time it took to make changes to their business processes (a common complaint of IT departments in large corporations is that it takes too long to get things done). As such, these EUCs served as a form of “shadow IT” that had not been through a normal rigorous testing process. Implementation Methodologies Once a new system is developed or purchased, the organization must determine the best method for implementation. Convincing a group of people to learn and use a new system can be a very difficult process. Asking employees to use new software as well as follow a new business process can have far reaching effects within the organization. There are several different methodologies an organization can adopt to implement a new system. Four of the most popular are listed below. • Direct cutover. In the direct cutover implementation methodology, the organization selects a particular date to terminate the use of the old system. On that date users begin using the new system and the old system is unavailable. Direct cutover has the advantage of being very fast and the least expensive implementation method. However, this method has the most risk. If the new system has an operational problem or if the users are not properly prepared, it could prove disastrous for the organization. • Pilot implementation. In this methodology a subset of the organization known as a pilot group starts using the new system before the rest of the organization. This has a smaller 236 | Information Systems for Business and Beyond (2019) impact on the company and allows the support team to focus on a smaller group of individuals. Also, problems with the new software can be contained within the group and then resolved. • Parallel operation. Parallel operations allow both the old and new systems to be used simultaneously for a limited period of time. This method is the least risky because the old system is still being used while the new system is essentially being tested. However, this is by far the most expensive methodology since work is duplicated and support is needed for both systems in full. • Phased implementation. Phased implementation provides for different functions of the new application to be gradually implemented with the corresponding functions being turned off in the old system. This approach is more conservative as it allows an organization to slowly move from one system to another. Your choice of an implementation methodology depends on the complexity of both the old and new systems. It also depends on the degree of risk you are willing to take. Change Management As new systems are brought online and old systems are phased out, it becomes important to manage the way change is implemented in the organization. Change should never be introduced in a vacuum. The organization should be sure to communicate proposed changes before they happen and plan to minimize the impact of the change that will occur after implementation. Change management is a critical component of IT oversight. Chapter 10: Information Systems Development | 237 Sidebar: Mismanaging Change Target Corporation, which operates more than 1,500 discount stores throughout the United States, opened 133 similar stores in Canada between 2013 and 2015. The company decided to implement a new Enterprise Resources Planning (ERP) system that would integrate data from vendors, customers, and do currency calculations (US Dollars and Canadian Dollars). This implementation was coincident with Target Canada’s aggressive expansion plan and stiff competition from Wal-Mart. A two-year timeline – aggressive by any standard for an implementation of this size – did not account for data errors from multiple sources that resulted in erroneous inventory counts and financial calculations. Their supply chain became chaotic and stores were plagued by not having sufficient stock of common items, which prevented the key advantage of “one-stop shopping” for customers. In early 2015, Target Canada announced it was closing all 133 stores. In sum, “This implementation broke nearly all of the cardinal sins of ERP projects. Target set unrealistic goals, didn’t leave time for testing, and neglected to train employees properly.”1 1. Taken from ACC Software Solutions. "THE MANY FACES OF FAILED ERP IMPLEMENTATIONS (AND HOW TO AVOID THEM)" implementations/ 238 | Information Systems for Business and Beyond (2019) Maintenance After a new system has been introduced, it enters the maintenance phase. The system is in production and is being used by the organization. While the system is no longer actively being developed, changes need to be made when bugs are found or new features are requested. During the maintenance phase, IT management must ensure that the system continues to stay aligned with business priorities and continues to run well. Summary Software development is about so much more than programming. It is fundamentally about solving business problems. Developing new software applications requires several steps, from the formal SDLC process to more informal processes such as agile programming or lean methodologies. Programming languages have evolved from very low-level machine-specific languages to higher-level languages that allow a programmer to write software for a wide variety of machines. Most programmers work with software development tools that provide them with integrated components to make the software development process more efficient. For some organizations, building their own software does not make the most sense. Instead, they choose to purchase software built by a third party to save development costs and speed implementation. In end- user computing, software development happens outside the information technology department. When implementing new software applications, there are several different types of implementation methodologies that must be considered. Chapter 10: Information Systems Development | 239 Study Questions 1. What are the steps in the SDLC methodology? 2. What is RAD software development? 3. What makes the lean methodology unique? 4. What are three differences between second-generation and third-generation languages? 5. Why would an organization consider building its own software application if it is cheaper to buy one? 6. What is responsive design? 7. What is the relationship between HTML and CSS in website design? 8. What is the difference between the pilot implementation methodology and the parallel implementation methodology? 9. What is change management? 10. What are the four different implementation methodologies? Exercises 1. Which software-development methodology would be best if an organization needed to develop a software tool for a small group of users in the marketing department? Why? Which implementation methodology should they use? Why? 2. Doing your own research, find three programming languages and categorize them in these areas: generation, compiled vs. interpreted, procedural vs. object-oriented. 3. Some argue that HTML is not a programming language. Doing your own research, find three arguments for why it is not a programming language and three arguments for why it is. 4. Read more about responsive design using the link given in the text. Provide the links to three websites that use responsive design and explain how they demonstrate responsive-design 240 | Information Systems for Business and Beyond (2019) behavior. Labs 1. Here’s a Python program for you to analyze. The code below deals with a person’s weight and height. See if you can guess what will be printed and then try running the code in a Python interpreter such as measurements = (8, 20) print("Original measurements:") for measurement in measurements: print(measurement) measurements = (170, 72) print("\nModified measurements:") for measurement in measurements: print(measurement) 2. Here’s a broken Java program for you to analyze. The code below deals with calculating tuition, multiplying the tuition rate and the number of credits taken. The number of credits is entered by the user of the program. The code below is broken and gives the incorrect answer. Review the problem below and determine what it would output if the user entered “6” for the number of credits. How would you fix the program so that it would give the correct output? package calcTuition; //import Scanner import java.util.Scanner; Chapter 10: Information Systems Development | 241 public class CalcTuition { public static void main(String[] args) { //Declare variables int credits; final double TUITION_RATE = 100; double tuitionTotal; //Get user input Scanner inputDevice = new Scanner(; System.out.println("Enter the number of credits: "); credits = inputDevice.nextInt(); //Calculate tuition tuitionTotal = credits + TUITION_RATE; //Display tuition total System.out.println("You total tuition is: " + tuitionTotal); } } 242 | Information Systems for Business and Beyond (2019) PART III: INFORMATION SYSTEMS BEYOND THE ORGANIZATION Part III: Information Systems Beyond the Organization | 243 Chapter 11: Globalization and the Digital Divide Learning Objectives Upon successful completion of this chapter, you will be able to: • explain the concept of globalization; • describe the role of information technology in globalization; • identify the issues experienced by firms as they face a global economy; and • define the digital divide and explain Nielsen’s three stages of the digital divide. Introduction The Internet has wired the world. Today it is just as simple to communicate with someone on the other side of the world as it is to talk to someone next door. But keep in mind that many businesses attempted to outsource different needs in technology, only to discover that near-sourcing (outsourcing to countries to Chapter 11: Globalization and the Digital Divide | 245 Internet Statistics by Continent. Source: https://www .internetworl stats.htm. (Click to enlarge) which your country is physically connected) had greater advantage. This chapter looks at the implications of globalization and the impact it is having on the world. What Is Globalization? Globalization refers to the integration of goods, services, and culture among the nations of the world. Globalization is not necessarily a new phenomenon. In many ways globalization has existed since the days of European colonization. Further advances in telecommunication and transportation technologies accelerated globalization. The advent of the the worldwide Internet has made all nations virtual next door neighbors. The Internet is truly a worldwide phenomenon. As of December 2017 the Internet was being used by over 4.1 billion people world wide.1 From its initial beginnings in the United States in the 1970s to the development of the World Wide Web in the 1990s to the social networks and e-commerce of today, the Internet has continued to increase the integration between countries, making globalization a fact of life for citizens all over the world. 1. [1] 246 | Information Systems for Business and Beyond (2019) The Network Society In 1996 social-sciences researcher Manuel Castells published The Rise of the Network Society, in which he identified new ways economic activity was being organized around the networks that the new telecommunication technologies had provided. This new, global economic activity was different from the past, because “it is an economy with the capacity to work as a unit in real time on a planetary scale.”2 Having a world connected via the Internet has some massive implications. The World Is Flat Thomas Friedman’s 2005 book The World Is Flat uses anecdotal evidence to present the impact the personal computer, the Internet, and communication software have had on business, specifically the impact on globalization. Three eras of globalization are defined at the beginning of the book.3: • “Globalization 1.0″ occurred from 1492 until about 1800. In this era globalization was centered around countries. It was about how much horsepower, wind power, and steam power a country had and how creatively it was deployed. The world shrank from size “large” to size “medium.” • “Globalization 2.0″ occurred from about 1800 until 2000, interrupted only by the two World Wars. In this era, the dynamic force driving change was multinational companies. The world shrank from size “medium” to size “small.” 2. [2] 3. [3] Chapter 11: Globalization and the Digital Divide | 247 • “Globalization 3.0″ is our current era, beginning in the year 2000. The convergence of the personal computer, fiber-optic Internet connections, and software has created a “flat-world platform” that allows small groups and even individuals to go global. The world has shrunk from size “small” to size “tiny.” According to Friedman, this third era of globalization was brought about, in many respects, by information technology. Some of the specific technologies include: • Graphical user interface for the personal computer popularized in the late 1980s. Before the graphical user interface, using a computer was relatively difficult, requiring users to type commands rather than click a mouse. By making the personal computer something that anyone could use, the computer became a tool of virtually every person, not just those intrigued by technology. Friedman says the personal computer made people more productive and, as the Internet evolved, made it simpler to communicate information worldwide. • Build-out of the Internet infrastructure during the dot-com boom during the late-1990s. During the late 1990s, telecommunications companies laid thousands of miles of fiber optic cable all over the world, turning network communications into a commodity. At the same time, the Internet protocols, such as SMTP (e-mail), HTML (web pages), and TCP/IP (network communications) became standards that were available for free and used by everyone through their email programs and web browsers. • Introduction of software to automate and integrate business processes. As the Internet continued to grow and become the dominant form of communication, it became essential to build on the standards developed earlier so that the websites and applications running on the Internet would work well together. Friedman calls this “workflow software,” by which he means 248 | Information Systems for Business and Beyond (2019) software that allows people to work together more easily, and allows different software and databases to integrate with each other more easily. Examples include payment processing systems and shipping calculators. These three technologies came together in the late 1990s to create a “platform for global collaboration.” Once these technologies were in place, they continued to evolve. Friedman also points out a couple more technologies that have contributed to the flat-world platform, namely the open source movement discussed in Chapter 10 and the advent of mobile technologies. Economist Pankaj Ghemawat authored the book World 3.0 in 2011 in an attempt to provide a more moderate and research-based analysis of globalization. While Friedman talked with individuals and produced an anecdotally-based book, Ghemawat’s approach was to research economic data, then draw conclusions about globalization. His research found the following: • Mailed letters that cross international borders = 1% • Telephone calling minutes that are international = 2% • Internet traffic that is routed across international borders = 18% • National, as opposed to international, TV news sources = 95% • First generation immigrants as portion of world’s population = 3% • People who at sometime in their lives will cross an international border = 10% • Global exports as portion of the value of all goods produced in the world = 20% 4 According to Ghemawat, while the Internet has had an impact on 4. [4] Chapter 11: Globalization and the Digital Divide | 249 the world’s economy, it may well be that domestic economies can be expected to continue to be the main focus in most countries. You can watch Ghemawat’s Ted Talk here. Current and future trends will be discussed in Chapter 13. The Global Firm The new era of globalization allows virtually any business to become international. By accessing this new platform of technologies, Castells’s vision of working as a unit in real time on a planetary scale can be a reality. Some of the advantages include: • Ability to locate expertise and labor around the world. Instead of drawing employees from their local area, organizations can now hire people from the global labor pool. This also allows organizations to pay a lower labor cost for the same work based on the prevailing wage in different countries. • Ability to operate 24 hours a day. With employees in different time zones all around the world, an organization can literally operate around the clock, handing off work on projects from one part of the world to another as the normal business day ends in one region and begins in another. A few years ago three people decided to open a web hosting company. They strategically relocated to three places in the world which were eight hours apart, giving their business 24 hour coverage while allowing each to work during the normal business day. Operating expenses were minimized and the business provided 24/7 support to customers world wide. • Larger market for their products. Once a product is being sold online, it is available for purchase from a worldwide customer base. Even if a company’s products do not appeal beyond its own country’s borders, being online has made the product more visible to consumers within that country. 250 | Information Systems for Business and Beyond (2019) In order to fully take advantage of these new capabilities, companies need to understand that there are also challenges in dealing with employees and customers from different cultures. Some of these challenges include: • Infrastructure differences. Each country has its own infrastructure with varying levels of quality and bandwidth. A business cannot expect every country it deals with to have the same Internet speeds. See the sidebar titled “How Does My Internet Speed Compare?” • Labor laws and regulations. Different countries (even different states in the United States) have different laws and regulations. A company that wants to hire employees from other countries must understand the different regulations and concerns. • Legal restrictions. Many countries have restrictions on what can be sold or how a product can be advertised. It is important for a business to understand what is allowed. For example, in Germany, it is illegal to sell anything Nazi related. • Language, customs, and preferences. Every country has its own unique culture which a business must consider when trying to market a product there. Additionally, different countries have different preferences. For example, in many parts of Europe people prefer to eat their french fries with mayonnaise instead of ketchup. In South Africa a hamburger comes delivered to your table with gravy on top. • International shipping. Shipping products between countries in a timely manner can be challenging. Inconsistent address formats, dishonest customs agents, and prohibitive shipping costs are all factors that must be considered when trying to deliver products internationally. Because of these challenges, many businesses choose not to expand globally, either for labor or for customers. Whether a business has its own website or relies on a third-party, such as Chapter 11: Globalization and the Digital Divide | 251 Comparison of top world Internet speeds in 2019. Source: https://www /chart/ 7246/ the-countrie s-with-the-f astest-intern et/ (Click to enlarge) Amazon or eBay, the question of whether or not to globalize must be carefully considered. Sidebar: How Does My Internet Speed Compare? How does your Internet speed compare with others in the world? The following chart shows how Internet speeds compare in different countries. You can find the full list of countries by going to this article . You can also compare the evolution of Internet speeds among countries by using this tool . So how does your own Internet speed compare? There are many online tools you can use to determine the speed at which you are connected. One of the most trusted sites is, where you can test both your download and upload speeds. 252 | Information Systems for Business and Beyond (2019) The Digital Divide As the Internet continues to make inroads across the world, it is also creating a separation between those who have access to this global network and those who do not. This separation is called the “digital divide” and is of great concern. An article in Crossroads puts it this way: Adopted by the ACM Council in 1992, the ACM Code of Ethics and Professional Conduct focuses on issues involving the Digital Divide that could prevent certain categories of people — those from low-income households, senior citizens, single-parent children, the undereducated, minorities, and residents of rural areas — from receiving adequate access to the wide variety of resources offered by computer technology. This Code of Ethics positions the use of computers as a fundamental ethical consideration: “In a fair society, all individuals would have equal opportunity to participate in, or benefit from, the use of computer resources regardless of race, sex, religion, age, disability, national origin, or other similar factors.” This article summarizes the digital divide in its various forms, and analyzes reasons for the growing inequality in people’s access to Internet services. It also describes how society can bridge the digital divide: the serious social gap between information “haves” and “have-nots.”5 The digital divide can occur between countries, regions, or even neighborhoods. In many US cities, there are pockets with little or no 5. [5] Chapter 11: Globalization and the Digital Divide | 253 Internet access, while just a few miles away high-speed broadband is common. Solutions to the digital divide have had mixed success over the years. Many times just providing Internet access and/or computing devices is not enough to bring true Internet access to a country, region, or neighborhood. A New Understanding of the Digital Divide In 2006, web-usability consultant Jakob Nielsen wrote an article that got to the heart of our understanding of this problem. In his article he breaks the digital divide up into three stages: the economic divide, the usability divide, and the empowerment divide6. • Economic divide. This is what many call the digital divide. The economic divide is the idea that some people can afford to have a computer and Internet access while others cannot. Because of Moore’s Law (see Chapter 2), the price of hardware has continued to drop and, at this point, we can now access digital technologies, such as smartphones, for very little. Nielsen asserts that for all intents and purposes, the economic divide is a moot point and we should not focus our resources on solving it. • Usability divide. Usability is concerned with the fact that “technology remains so complicated that many people couldn’t use a computer even if they got one for free.” And even for those who can use a computer, accessing all the benefits of having one is beyond their understanding. Included in this group are those with low literacy and seniors. According to 6. [6] 254 | Information Systems for Business and Beyond (2019) Nielsen, we know how to help these users, but we are not doing it because there is little profit in doing so. • Empowerment divide. Empowerment is the most difficult to solve. It is concerned with how we use technology to empower ourselves. Very few users truly understand the power that digital technologies can give them. In his article, Nielsen explains that his and others’ research has shown that very few users contribute content to the Internet, use advanced search, or can even distinguish paid search ads from organic search results. Many people will limit what they can do online by accepting the basic, default settings of their computer and not work to understand how they can truly be empowered. Understanding the digital divide using these three stages provides a more nuanced view of how we can work to alleviate it. More work needs to be done to address the second and third stages of the digital divide for a more holistic solution. Refining the Digital Divide The Miniwatts Marketing Group, host of Internet World Stats, has sought in 2018 to further clarify the meaning of digital divide by acknowledging that the divide is more than just who does or does not have access to the Internet. In addition to Nielsen’s economic, usability, and empowerment divides, this group sees the following concerns. • Social mobility. Lack of computer education works to the disadvantage of children with lower socioeconomic status. • Democracy. Greater use of the Internet can lead to healthier democracies especially in participation in elections. • Economic growth. Greater use of the Internet in developing countries could provide a shortcut to economic advancement. Chapter 11: Globalization and the Digital Divide | 255 Using the latest technology could give companies in these countries a competitive advantage. The focus on the continuing digital divide has led the European Union to create an initiative known as The European 2020 Strategy. Five major areas are being targeted: a) research and development, b) climate/energy, c) education, d) social inclusion, and e) poverty reduction.7 Sidebar: Using Gaming to Bridge the Digital Divide Paul Kim, the Assistant Dean and Chief Technology Officer of the Stanford Graduate School of Education, designed a project to address the digital divide for children in developing countries. 8 In their project the researchers wanted to learn if children can adopt and teach themselves mobile learning technology, without help from teachers or other adults, and the processes and factors involved in this phenomenon. The researchers developed a mobile device called TeacherMate, which contained a game designed to help children learn math. The unique part of this research was that the researchers interacted directly with the children. They did not channel the mobile devices through the teachers or the schools. There was another important factor to consider. In order to understand the context of the children’s educational environment, the researchers began the project by working with 7. [7] 8. [8] 256 | Information Systems for Business and Beyond (2019) parents and local nonprofits six months before their visit. While the results of this research are too detailed to go into here, it can be said that the researchers found that children can, indeed, adopt and teach themselves mobile learning technologies. What makes this research so interesting when thinking about the digital divide is that the researchers found that, in order to be effective, they had to customize their technology and tailor their implementation to the specific group they were trying to reach. One of their conclusions stated the following: Considering the rapid advancement of technology today, mobile learning options for future projects will only increase. Consequently, researchers must continue to investigate their impact. We believe there is a specific need for more in-depth studies on ICT [Information and Communication Technology] design variations to meet different challenges of different localities. To read more about Dr. Kim’s project, locate the paper referenced here. Summary Information technology has driven change on a global scale. Technology has given us the ability to integrate with people all over the world using digital tools. These tools have allowed businesses to broaden their labor pools, their markets, and even their operating hours. But they have also brought many new complications for businesses, which now must understand regulations, preferences, and cultures from many different nations. This new globalization has also exacerbated the digital divide. Nielsen has suggested that the digital divide consists of three stages (economic, usability, and empowerment), of which the economic stage is virtually solved. Chapter 11: Globalization and the Digital Divide | 257 / / Study Questions 1. What does the term globalization mean? 2. How does Friedman define the three eras of globalization? 3. Which technologies have had the biggest effect on globalization? 4. What are some of the advantages brought about by globalization? 5. What are the challenges of globalization? 6. What perspective does Ghemawat provide regarding globalization in his book World 3.0? 7. What does the term digital divide mean? 8. What are Jakob Nielsen’s three stages of the digital divide? 9. What was one of the key points of The Rise of the Network Society? 10. Which country has the highest average Internet speed? How does your country compare? Exercises 1. Compare the concept of Friedman’s “Globalization 3.0″ with Nielsen empowerment stage of the digital divide. 2. Do some original research to determine some of the regulations that a US company may have to consider before doing business in one of the following countries: China, Germany, Saudi Arabia, Turkey. 3. Give one example of the digital divide and describe what you would do to address it. 4. How did the research conducted by Paul Kim address the three 258 | Information Systems for Business and Beyond (2019) levels of the digital divide? Lab 1. Go to to determine your Internet speed. Compare your speed at home to the Internet speed at two other locations, such as your school, place of employment, or local coffee shop. Write a one-page summary that compares these locations. 1. Internet World Stats. (n.d.). World Internet Users and 2018 Population Stats. Retrieved from↵ 2. Castells, M. (2000). The Rise of the Network Society (2nd ed.). Cambridge, MA: Blackwell Publishers, Inc.↵ 3. Friedman, T. L. (2005). The world is flat: A brief history of the twenty-first century. New York: Farrar, Straus and Giroux.↵ 4. Ghemawat, P. (2011). World 3.0: Global Prosperity and How to Achieve It. Boston: Harvard Business School Publishing.↵ 5. Kim, K. (2005, December). Challenges in HCI: digital divide. Crossroads 12, 2. DOI=10.1145/1144375.1144377. Retrieved from↵ 6. Nielsen, J. (2006).Digital Divide: The 3 Stages. Nielsen Norman Group. Retrieved from digital-divide-the-three-stages/↵ 7. Miniwatts Marketing Group. (2018, May 23). The Digital Divide, ICT, and Broadband Internet. Retrieved from↵ 8. Kim, P., Buckner, E., Makany, T., and Kim, H. (2011). A comparative analysis of a game-based mobile learning model in Chapter 11: Globalization and the Digital Divide | 259 low-socioeconomic communities of India. International Journal of Educational Development. Retrieved from https//doi:10.1016/ j.ijedudev.2011.05.008.↵ 260 | Information Systems for Business and Beyond (2019) Chapter 12: The Ethical and Legal Implications of Information Systems Learning Objectives Upon successful completion of this chapter, you will be able to: • describe what the term information systems ethics means; • explain what a code of ethics is and describe the advantages and disadvantages; • define the term intellectual property and explain the protections provided by copyright, patent, and trademark; and • describe the challenges that information technology brings to individual privacy. Introduction Information systems have had an impact far beyond the world of Chapter 12: The Ethical and Legal Implications of Information business. New technologies create new situations that have never had to be confronted before. One issue is how to handle the new capabilities that these devices provide to users. What new laws are going to be needed for protection from misuse of new technologies. This chapter begins with a discussion of the impact of information systems has on user behavior or ethics. This will be followed with the new legal structures being put in place with a focus on intellectual property and privacy. Information Systems Ethics The term ethics means “a set of moral principles” or “the principles of conduct governing an individual or a group.”1 Since the dawn of civilization, the study of ethics and their impact has fascinated mankind. But what do ethics have to do with information systems? The introduction of new technology can have a profound effect on human behavior. New technologies give us capabilities that we did not have before, which in turn create environments and situations that have not been specifically addressed in an ethical context. Those who master new technologies gain new power while those who cannot or do not master them may lose power. In 1913 Henry Ford implemented the first moving assembly line to create his Model T cars. While this was a great step forward technologically and economically, the assembly line reduced the value of human beings in the production process. The development of the atomic bomb concentrated unimaginable power in the hands of one government, who then had to wrestle with the decision to use it. Today’s digital technologies have created new categories of ethical dilemmas. 1. [1] 262 | Information Systems for Business and Beyond (2019) Facebook logo For example, the ability to anonymously make perfect copies of digital music has tempted many music fans to download copyrighted music for their own use without making payment to the music’s owner. Many of those who would never have walked into a music store and stolen a CD find themselves with dozens of illegally downloaded albums. Digital technologies have given us the ability to aggregate information from multiple sources to create profiles of people. What would have taken weeks of work in the past can now be done in seconds, allowing private organizations and governments to know more about individuals than at any time in history. This information has value, but also chips away at the privacy of consumers and citizens. Sidebar: Data Privacy, Facebook, and Cambridge Analytica In early 2018 Facebook acknowledged a data breach affecting 87 million users. The app “thisisyourdigitallife”, created by Global Science Research, informed users that they could participate in a psychological research study. About 270,000 people decided to participate in the research, but the app failed to tell users that the data of all of their friends on Facebook would be automatically captured as well. All of this data theft took place prior to 2014, but it did not become public until four years later. In 2015 Facebook learned about Global Science Research’s collection of data on millions of friends of the users in the research. Global Science Research agreed to delete the data, but it had already Chapter 12: The Ethical and Legal Implications of Information Systems | 263 been sold to Cambridge Analytica who used it in the 2016 presidential primary campaign. The ensuing firestorm resulted in Mark Zuckerberg, CEO of Facebook, testifying before the U.S. Congress in 2018 on what happened and what Facebook would do in the future to protect users’ data. Congress is working on legislation to protect user data in the future, a prime example of technology advancing faster than the laws needed to protect users. More information about this case of data privacy can be found at Facebook and Cambridge Analytica. 2 Code of Ethics A code of ethics is one method for navigating new ethical waters. A code of ethics outlines a set of acceptable behaviors for a professional or social group. Generally, it is agreed to by all members of the group. The document details different actions that are considered appropriate and inappropriate. A good example of a code of ethics is the Code of Ethics and Professional Conduct of the Association for Computing Machinery,3 an organization of computing professionals that includes academics, researchers, and practitioners. Here is a quote from the preamble: Commitment to ethical professional conduct is expected of every member (voting members, associate members, and student members) of the Association for Computing Machinery (ACM). 2. [2] 3. [3] 264 | Information Systems for Business and Beyond (2019) http://www.https// This Code, consisting of 24 imperatives formulated as statements of personal responsibility, identifies the elements of such a commitment. It contains many, but not all, issues professionals are likely to face. Section 1 outlines fundamental ethical considerations, while Section 2 addresses additional, more specific considerations of professional conduct. Statements in Section 3 pertain more specifically to individuals who have a leadership role, whether in the workplace or in a volunteer capacity such as with organizations like ACM. Principles involving compliance with this Code are given in Section 4. In the ACM’s code you will find many straightforward ethical instructions such as the admonition to be honest and trustworthy. But because this is also an organization of professionals that focuses on computing, there are more specific admonitions that relate directly to information technology: • No one should enter or use another’s computer system, software, or data files without permission. One must always have appropriate approval before using system resources, including communication ports, file space, other system peripherals, and computer time. • Designing or implementing systems that deliberately or inadvertently demean individuals or groups is ethically unacceptable. • Organizational leaders are responsible for ensuring that computer systems enhance, not degrade, the quality of working life. When implementing a computer system, organizations must consider the personal and professional development, physical safety, and human dignity of all workers. Appropriate human-computer ergonomic standards should be considered in system design and in the workplace. One of the major advantages of creating a code of ethics is that it clarifies the acceptable standards of behavior for a professional Chapter 12: The Ethical and Legal Implications of Information Systems | 265 group. The varied backgrounds and experiences of the members of a group lead to a variety of ideas regarding what is acceptable behavior. While the guidelines may seem obvious, having these items detailed provides clarity and consistency. Explicitly stating standards communicates the common guidelines to everyone in a clear manner. A code of ethics can also have some drawbacks. First, a code of ethics does not have legal authority. Breaking a code of ethics is not a crime in itself. What happens if someone violates one of the guidelines? Many codes of ethics include a section that describes how such situations will be handled. In many cases repeated violations of the code result in expulsion from the group. In the case of ACM: “Adherence of professionals to a code of ethics is largely a voluntary matter. However, if a member does not follow this code by engaging in gross misconduct, membership in ACM may be terminated.” Expulsion from ACM may not have much of an impact on many individuals since membership in ACM is usually not a requirement for employment. However, expulsion from other organizations, such as a state bar organization or medical board, could carry a huge impact. Another possible disadvantage of a code of ethics is that there is always a chance that important issues will arise that are not specifically addressed in the code. Technology is quickly changing and a code of ethics might not be updated often enough to keep up with all of the changes. A good code of ethics, however, is written in a broad enough fashion that it can address the ethical issues of potential changes to technology while the organization behind the code makes revisions. Finally, a code of ethics could also be a disadvantage in that it may not entirely reflect the ethics or morals of every member of the group. Organizations with a diverse membership may have internal conflicts as to what is acceptable behavior. For example, there may be a difference of opinion on the consumption of alcoholic beverages at company events. In such cases the organization must 266 | Information Systems for Business and Beyond (2019) make a choice about the importance of addressing a specific behavior in the code. Sidebar: Acceptable Use Policies Many organizations that provide technology services to a group of constituents or the public require agreement to an Acceptable Use Policy (AUP) before those services can be accessed. Similar to a code of ethics, this policy outlines what is allowed and what is not allowed while someone is using the organization’s services. An everyday example of this is the terms of service that must be agreed to before using the public Wi-Fi at Starbucks, McDonald’s, or even a university. Here is an example of an acceptable use policy from Virginia Tech. Just as with a code of ethics, these acceptable use policies specify what is allowed and what is not allowed. Again, while some of the items listed are obvious to most, others are not so obvious: • “Borrowing” someone else’s login ID and password is prohibited. • Using the provided access for commercial purposes, such as hosting your own business website, is not allowed. • Sending out unsolicited email to a large group of people is prohibited. As with codes of ethics, violations of these policies have various consequences. In most cases, such as with Wi-Fi, violating the acceptable use policy will mean that you will lose your access to the resource. While losing access to Wi-Fi at Starbucks may not have a lasting impact, a university student getting banned from the Chapter 12: The Ethical and Legal Implications of Information Systems | 267 university’s Wi-Fi (or possibly all network resources) could have a large impact. Intellectual Property One of the domains that has been deeply impacted by digital technologies is intellectual property. Digital technologies have driven a rise in new intellectual property claims and made it much more difficult to defend intellectual property. Intellectual property is defined as “property (as an idea, invention, or process) that derives from the work of the mind or intellect.”4 This could include creations such as song lyrics, a computer program, a new type of toaster, or even a sculpture. Practically speaking, it is very difficult to protect an idea. Instead, intellectual property laws are written to protect the tangible results of an idea. In other words, just coming up with a song in your head is not protected, but if you write it down it can be protected. Protection of intellectual property is important because it gives people an incentive to be creative. Innovators with great ideas will be more likely to pursue those ideas if they have a clear understanding of how they will benefit. In the US Constitution, Article 8, Section 8, the authors saw fit to recognize the importance of protecting creative works: Congress shall have the power . . . To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries. 4. [4] 268 | Information Systems for Business and Beyond (2019) An important point to note here is the “limited time” qualification. While protecting intellectual property is important because of the incentives it provides, it is also necessary to limit the amount of benefit that can be received and allow the results of ideas to become part of the public domain. Outside of the US, intellectual property protections vary. You can find out more about a specific country’s intellectual property laws by visiting the World Intellectual Property Organization. The following sections address three of the best known intellectual property protections: copyright, patent, and trademark. Copyright Copyright is the protection given to songs, computer programs, books, and other creative works. Any work that has an “author” can be copyrighted. Under the terms of copyright, the author of a work controls what can be done with the work, including: • Who can make copies of the work. • Who can make derivative works from the original work. • Who can perform the work publicly. • Who can display the work publicly. • Who can distribute the work. Many times a work is not owned by an individual but is instead owned by a publisher with whom the original author has an agreement. In return for the rights to the work, the publisher will market and distribute the work and then pay the original author a portion of the proceeds. Copyright protection lasts for the life of the original author plus seventy years. In the case of a copyrighted work owned by a publisher or another third party, the protection lasts for ninety- five years from the original creation date. For works created before Chapter 12: The Ethical and Legal Implications of Information Systems | 269 1978, the protections vary slightly. You can see the full details on copyright protections by reviewing the Copyright Basics document available at the US Copyright Office’s website. Obtaining Copyright Protection In the United States a copyright is obtained by the simple act of creating the original work. In other words, when an author writes down a song, makes a film, or develops a computer program, the author has the copyright. However, for a work that will be used commercially, it is advisable to register for a copyright with the US Copyright Office. A registered copyright is needed in order to bring legal action against someone who has used a work without permission. First Sale Doctrine If an artist creates a painting and sells it to a collector who then, for whatever reason, proceeds to destroy it, does the original artist have any recourse? What if the collector, instead of destroying it, begins making copies of it and sells them? Is this allowed? The first sale doctrine is a part of copyright law that addresses this, as shown below5: The first sale doctrine, codified at 17 U.S.C. § 109, provides that an individual who knowingly purchases a copy of a copyrighted work from the copyright holder receives the 5. [5] 270 | Information Systems for Business and Beyond (2019) right to sell, display or otherwise dispose of that particular copy, notwithstanding the interests of the copyright owner. Therefor, in our examples the copyright owner has no recourse if the collector destroys the artwork. But the collector does not have the right to make copies of the artwork. Fair Use Another important provision within copyright law is that of fair use. Fair use is a limitation on copyright law that allows for the use of protected works without prior authorization in specific cases. For example, if a teacher wanted to discuss a current event in class, copies of the copyrighted new story could be handed out in class without first getting permission. Fair use is also what allows a student to quote a small portion of a copyrighted work in a research paper. Unfortunately, the specific guidelines for what is considered fair use and what constitutes copyright violation are not well defined. Fair use is a well-known and respected concept and will only be challenged when copyright holders feel that the integrity or market value of their work is being threatened. The following four factors are considered when determining if something constitutes fair use: 6 1. The purpose and character of the use, including whether such use is of commercial nature or is for nonprofit educational purposes; 2. The nature of the copyrighted work; 3. The amount and substantiality of the portion used in relation 6. [6] Chapter 12: The Ethical and Legal Implications of Information Systems | 271 to the copyrighted work as a whole; 4. The effect of the use upon the potential market for, or value of, the copyrighted work. If you are ever considering using a copyrighted work as part of something you are creating, you may be able to do so under fair use. However, it is always best to check with the copyright owner to be sure you are staying within your rights and not infringing upon theirs. Sidebar: The History of Copyright Law As noted above, current copyright law grants copyright protection for seventy years after the author’s death, or ninety-five years from the date of creation for a work created for hire. But it was not always this way. The first US copyright law, which only protected books, maps, and charts, provided protection for only 14 years with a renewable term of 14 years. Over time copyright law was revised to grant protections to other forms of creative expression, such as photography and motion pictures. Congress also saw fit to extend the length of the protections, as shown in the following chart. Today, copyright has become big business with many businesses relying on the income from copyright protected works for their income. Many now think that the protections last too long. The Sonny Bono Copyright Term Extension Act has been nicknamed the “Mickey Mouse Protection Act,” as it was enacted just in time to protect the copyright on the Walt Disney Company’s Mickey Mouse character. Because of this term extension, many works from the 1920s and 1930s that would have been available now in the public domain are still restricted. 272 | Information Systems for Business and Beyond (2019) Evolution of copyright The Digital Millennium Copyright Act As digital technologies have changed what it means to create, copy, and distribute media, a policy vacuum has been created. In 1998, the US Congress passed the Digital Millennium Copyright Act (DMCA), which extended copyright law to take into consideration digital technologies. Two of the best-known provisions from the DMCA are the anti-circumvention provision and the “safe harbor” provision. • The anti-circumvention provision makes it illegal to create technology to circumvent technology that has been put in place to protect a copyrighted work. This provision includes not just the creation of the technology but also the publishing of information that describes how to do it. While this provision does allow for some exceptions, it has become quite controversial and has led to a movement to have it modified. • The “safe harbor” provision limits the liability of online service providers when someone using their services commits copyright infringement. This is the provision that allows YouTube, for example, not to be held liable when someone posts a clip from a copyrighted movie. The provision does Chapter 12: The Ethical and Legal Implications of Information Systems | 273 require the online service provider to take action when they are notified of the violation (a “takedown” notice). For an example of how takedown works, here’s how YouTube handles these requests: YouTube Copyright Infringement Notification. Many think that the DMCA goes too far and ends up limiting our freedom of speech. The Electronic Frontier Foundation (EFF) is at the forefront of this battle. In discussing the anti-circumvention provision, the EFF states: Yet the DMCA has become a serious threat that jeopardizes fair use, impedes competition and innovation, chills free expression and scientific research, and interferes with computer intrusion laws. If you circumvent DRM [digital rights management] locks for non-infringing fair uses or create the tools to do so you might be on the receiving end of a lawsuit. Sidebar: Creative Commons Chapter 2 introduced the topic of open-source software. Open- source software has few or no copyright restrictions. The creators of the software publish their code and make their software available for others to use and distribute for free. This is great for software, but what about other forms of copyrighted works? If an artist or writer wants to make their works available, how can they go about doing so while still protecting the integrity of their work? Creative Commons is the solution to this problem. Creative Commons is a nonprofit organization that provides legal tools for artists and authors. The tools offered make it simple to license artistic or literary work for others to use or distribute in a 274 | Information Systems for Business and Beyond (2019) manner consistent with the author’s intentions. Creative Commons licenses are indicated with the symbol . It is important to note that Creative Commons and public domain are not the same. When something is in the public domain, it has absolutely no restrictions on its use or distribution. Works whose copyrights have expired are in the public domain. By using a Creative Commons license, authors can control the use of their work while still making it widely accessible. By attaching a Creative Commons license to their work, a legally binding license is created. Here are some examples of these licenses: • CC-BY. This is the least restrictive license. It lets others distribute and build upon the work, even commercially, as long as they give the author credit for the original work. • CC-BY-SA. This license restricts the distribution of the work via the “share-alike” clause. This means that others can freely distribute and build upon the work, but they must give credit to the original author and they must share using the same Creative Commons license. • CC-BY-NC. This license is the same as CC-BY but adds the restriction that no one can make money with this work. NC stands for “non-commercial.” • CC-BY-NC-ND. This license is the same as CC-BY-NC but also adds the ND restriction, which means that no derivative works may be made from the original. These are a few of the more common licenses that can be created using the tools that Creative Commons makes available. For a full listing of the licenses and to learn much more about Creative Commons, visit their web site. Chapter 12: The Ethical and Legal Implications of Information Systems | 275 Patent Patents are another important form of intellectual property protection. A patent creates protection for someone who invents a new product or process. The definition of invention is quite broad and covers many different fields. Here are some examples of items receiving patents: • circuit designs in semiconductors; • prescription drug formulas; • firearms; • locks; • plumbing; • engines; • coating processes; and • business processes. Once a patent is granted it provides the inventor with protection from others infringing on his or her patent. A patent holder has the right to “exclude others from making, using, offering for sale, or selling the invention throughout the United States or importing the invention into the United States for a limited time in exchange for public disclosure of the invention when the patent is granted.”7 As with copyright, patent protection lasts for a limited period of time before the invention or process enters the public domain. In the US, a patent lasts twenty years. This is why generic drugs are available to replace brand-name drugs after twenty years. 7. [7] 276 | Information Systems for Business and Beyond (2019) Obtaining Patent Protection Unlike copyright, a patent is not automatically granted when someone has an interesting idea and writes it down. In most countries a patent application must be submitted to a government patent office. A patent will only be granted if the invention or process being submitted meets certain conditions. • Must be original. The invention being submitted must not have been submitted before. • Must be non-obvious. You cannot patent something that anyone could think of. For example, you could not put a pencil on a chair and try to get a patent for a pencil-holding chair. • Must be useful. The invention being submitted must serve some purpose or have some use that would be desired. The job of the patent office is to review patent applications to ensure that the item being submitted meets these requirements. This is not an easy job. In 2017 the US Patent Office granted 318,849 patents, an increase of 5.2% over 2016.8 The current backlog for a patent approval is 15.6 months. Information Technology firms have apply for a significant number of patents each year. Here are the top five I.T. firms in terms of patent applications filed since 2009. The percents indicate the percent of total I.T. patents filed since 2009. Notice that over half of patent filings come from just these five corporations. • International Business Machines (IBM) 21.6% • Microsoft Corporation 14.2% • AT & T, Inc. 7.1% • Alphabet (Google), Inc. 5.0% 8. [8] Chapter 12: The Ethical and Legal Implications of Information Systems | 277 • Sony Corporation 4.7% You might have noticed that Apple is not in the top five listing. Microsoft holds the lead in Artificial Intelligence (AI) patents. 9 Sidebar: What Is a Patent Troll? The advent of digital technologies has led to a large increase in patent filings and therefore a large number of patents being granted. Once a patent is granted, it is up to the owner of the patent to enforce it. If someone is found to be using the invention without permission, the patent holder has the right to sue to force that person to stop and to collect damages. The rise in patents has led to a new form of profiteering called patent trolling. A patent troll is a person or organization who gains the rights to a patent but does not actually make the invention that the patent protects. Instead, the patent troll searches for those who are illegally using the invention in some way and sues them. In many cases the infringement being alleged is questionable at best. For example, companies have been sued for using Wi-Fi or for scanning documents, technologies that have been on the market for many years. Recently, the U.S. government has begun taking action against patent trolls. Several pieces of legislation are working their way through the U.S. Congress that will, if enacted, limit the ability of patent trolls to threaten innovation. You can learn a lot more about 9. [9] 278 | Information Systems for Business and Beyond (2019) Apple logo patent trolls by listening to a detailed investigation conducted by the radio program This American Life, by clicking this link. Trademark A trademark is a word, phrase, logo, shape or sound that identifies a source of goods or services. For example, the Nike “Swoosh,” the Facebook “f”, and Apple’s apple (with a bite taken out of it) are all trademarked. The concept behind trademarks is to protect the consumer. Imagine going to the local shopping center to purchase a specific item from a specific store and finding that there are several stores all with the same name! Two types of trademarks exist – a common law trademark and a registered trademark. As with copyright, an organization will automatically receive a trademark if a word, phrase, or logo is being used in the normal course of business (subject to some restrictions, discussed below). A common law trademark is designated by placing “TM” next to the trademark. A registered trademark is one that has been examined, approved, and registered with the trademark office, such as the Patent and Trademark Office in the US. A registered trademark has the circle-R (®) placed next to the trademark. While most any word, phrase, logo, shape, or sound can be trademarked, there are a few limitations. A trademark will not hold up legally if it meets one or more of the following conditions: • The trademark is likely to cause confusion with a mark in a registration or prior application. Chapter 12: The Ethical and Legal Implications of Information Systems | 279 • The trademark is merely descriptive for the goods/services. For example, trying to register the trademark “blue” for a blue product you are selling will not pass muster. • The trademark is a geographic term. • The trademark is a surname. You will not be allowed to trademark “Smith’s Bookstore.” • The trademark is ornamental as applied to the goods. For example, a repeating flower pattern that is a design on a plate cannot be trademarked. As long as an organization uses its trademark and defends it against infringement, the protection afforded by it does not expire. Because of this, many organizations defend their trademark against other companies whose branding even only slightly copies their trademark. For example, Chick-fil-A has trademarked the phrase “Eat Mor Chikin” and has vigorously defended it against a small business using the slogan “Eat More Kale.” Coca-Cola has trademarked the contour shape of its bottle and will bring legal action against any company using a bottle design similar to theirs. Examples of trademarks that have been diluted and have now lost their protection in the US include: “aspirin” (originally trademarked by Bayer), “escalator” (originally trademarked by Otis), and “yo-yo” (originally trademarked by Duncan). Information Systems and Intellectual Property The rise of information systems has resulted in rethinking how to deal with intellectual property. From the increase in patent applications swamping the government’s patent office to the new laws that must be put in place to enforce copyright protection, digital technologies have impacted our behavior. 280 | Information Systems for Business and Beyond (2019) Privacy The term privacy has many definitions, but for purposes here, privacy will mean the ability to control information about oneself. The ability to maintain our privacy has eroded substantially in the past decades, due to information systems. Personally Identifiable Information Information about a person that can be used to uniquely establish that person’s identify is called personally identifiable information, or PII. This is a broad category that includes information such as: • Name; • Social Security Number; • Date of birth; • Place of birth; • Mother‘s maiden name; • Biometric records (fingerprint, face, etc.); • Medical records; • Educational records; • Financial information; and • Employment information. Organizations that collect PII are responsible to protect it. The Department of Commerce recommends that “organizations minimize the use, collection, and retention of PII to what is strictly necessary to accomplish their business purpose and mission.” They go on to state that “the likelihood of harm caused by a breach involving PII is greatly reduced if an organization minimizes the Chapter 12: The Ethical and Legal Implications of Information Systems | 281 amount of PII it uses, collects, and stores.”10 Organizations that do not protect PII can face penalties, lawsuits, and loss of business. In the US, most states now have laws in place requiring organizations that have had security breaches related to PII to notify potential victims, as does the European Union. Just because companies are required to protect your information does not mean they are restricted from sharing it. In the US, companies can share your information without your explicit consent (see the following sidebar), though not all do so. Companies that collect PII are urged by the FTC to create a privacy policy and post it on their website. The State of California requires a privacy policy for any website that does business with a resident of the state (see While the privacy laws in the US seek to balance consumer protection with promoting commerce, privacy in the European Union is considered a fundamental right that outweighs the interests of commerce. This has led to much stricter privacy protection in the EU, but also makes commerce more difficult between the US and the EU. Non-Obvious Relationship Awareness Digital technologies have given people many new capabilities that simplify and expedite the collection of personal information. Every time a person comes into contact with digital technologies, information about that person is being made available. From location to web-surfing habits, your criminal record to your credit report, you are constantly being monitored. This information can then be aggregated to create profiles of each person. While much of the information collected was available in the past, collecting it 10. [10] 282 | Information Systems for Business and Beyond (2019) Non-obvious relationship awareness (NORA) and combining it took time and effort. Today, detailed information about a person is available for purchase from different companies. Even information not categorized as PII can be aggregated in such a way that an individual can be identified. This process of collecting large quantities of a variety of information and then combining it to create profiles of individuals is known as Non-Obvious Relationship Awareness, or NORA. First commercialized by big casinos looking to find cheaters, NORA is used by both government agencies and private organizations, and it is big business. In some settings NORA can bring many benefits such as in law enforcement. By being able to identify potential criminals more quickly, crimes can be solved sooner or even prevented before they happen. But these advantages come at a price, namely, our privacy. Chapter 12: The Ethical and Legal Implications of Information Systems | 283 Restrictions on Data Collecting In the United State the government has strict guidelines on how much information can be collected about its citizens. Certain classes of information have been restricted by laws over time and the advent of digital tools has made these restrictions more important than ever. Children’s Online Privacy Protection Act Websites that collect information from children under the age of thirteen are required to comply with the Children’s Online Privacy Protection Act (COPPA), which is enforced by the Federal Trade Commission (FTC). To comply with COPPA, organizations must make a good-faith effort to determine the age of those accessing their websites and, if users are under thirteen years old, must obtain parental consent before collecting any information. Family Educational Rights and Privacy Act The Family Educational Rights and Privacy Act (FERPA) is a US law that protects the privacy of student education records. In brief, this law specifies that parents have a right to their child’s educational information until the child reaches either the age of eighteen or begins attending school beyond the high school level. At that point control of the information is given to the child. While this law is not specifically about the digital collection of information on the Internet, the educational institutions that are collecting student information are at a higher risk for disclosing it improperly because of digital technologies. 284 | Information Systems for Business and Beyond (2019) GDPR Logo Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act of 1996 (HIPAA) singles out records related to health care as a special class of personally identifiable information. This law gives patients specific rights to control their medical records, requires health care providers and others who maintain this information to get specific permission in order to share it, and imposes penalties on the institutions that breach this trust. Since much of this information is now shared via electronic medical records, the protection of those systems becomes paramount. General Data Protection Regulation The European Union, in an effort to help people take control over their personal data, passed the General Data Protection Regulation (GDPR) in May 2016. While this protection applies to the countries in the EU, it is having an impact of U.S. companies using the Internet as well. The regulation went into effect May 25, 2018. EU and non-EU countries have different approaches to protecting the data of individuals. The focus in the U.S. has been on protecting data privacy so that it does not impact commercial interests. In the EU the individual’s data privacy rights supercede those of business. Under GDPR data cannot be transferred to countries that do not have adequate data protection for individuals. Currently, those countries include, but are not limited to, the United States, Korea, and Japan. While the GDPR applies to countries in the EU, it is having an impact around the world as businesses in other Chapter 12: The Ethical and Legal Implications of Information Systems | 285 countries seek to comply with this regulation.IEEE Spectrum. Retrieved from guide-to-the-gdpr.”11 One week prior to the effective date of May 25, 2018, only 60% of companies surveyed reported they would be ready by the deadline.Information Management. Retrieved from catch-up-with-the-general-data-protection-regulation.”12 Clearly, the message of GDPR has gone out around the world. It is likely that greater data protection regulations will forthcoming from the U.S. Congress as well. Sidebar: Do Not Track When it comes to getting permission to share personal information, the US and the EU have different approaches. In the US, the “opt- out” model is prevalent. In this model the default agreement states that you have agreed to share your information with the organization and must explicitly tell them that you do not want your information shared. There are no laws prohibiting the sharing of your data, beyond some specific categories of data such as medical records. In the European Union the “opt-in” model is required to be the default. In this case you must give your explicit permission before an organization can share your information. 11. [11] 12. [12] 286 | Information Systems for Business and Beyond (2019) To combat this sharing of information, the Do Not Track initiative was created. As its creators explain13: Do Not Track is a technology and policy proposal that enables users to opt out of tracking by websites they do not visit, including analytics services, advertising networks, and social platforms. At present few of these third parties offer a reliable tracking opt out and tools for blocking them are neither user-friendly nor comprehensive. Much like the popular Do Not Call registry, Do Not Track provides users with a single, simple, persistent choice to opt out of third- party web tracking. Summary The rapid changes in information technology in the past few decades have brought a broad array of new capabilities and powers to governments, organizations, and individuals alike. These new capabilities have required thoughtful analysis and the creation of new norms, regulations, and laws. This chapter has covered the areas of intellectual property and privacy regarding how these domains have been affected by new information systems capabilities and how the regulatory environment has been changed to address them. 13. [13] Chapter 12: The Ethical and Legal Implications of Information Systems | 287 Study Questions 1. What does the term information systems ethics mean? 2. What is a code of ethics? What is one advantage and one disadvantage of a code of ethics? 3. What does the term intellectual property mean? Give an example. 4. What protections are provided by a copyright? How do you obtain one? 5. What is fair use? 6. What protections are provided by a patent? How do you obtain one? 7. What does a trademark protect? How do you obtain one? 8. What does the term personally identifiable information mean? 9. What protections are provided by HIPAA, COPPA, and FERPA? 10. How would you explain the concept of NORA? 11. What is GDPR and what was the motivation behind this regulation? Exercises 1. Provide one example of how information technology has created an ethical dilemma that would not have existed before the advent of I.T. 2. Find an example of a code of ethics or acceptable use policy related to information technology and highlight five points that you think are important. 3. Do some original research on the effort to combat patent trolls. Write a two-page paper that discusses this legislation. 4. Give an example of how NORA could be used to identify an individual. 5. How are intellectual property protections different across the 288 | Information Systems for Business and Beyond (2019) world? Pick two countries and do some original research, then compare the patent and copyright protections offered in those countries to those in the US. Write a two- to three-page paper describing the differences. 6. Knowing that GDPR had a deadline of May 25, 2018, provide an update on the status of compliance by firms in non-European countries. Labs 1. Contact someone who has created a mobile device app, composed music, written a book, or created some other type of intellectual property. Ask them about the amount of effort required to produce their work and how they feel about being able to protect that work. Write a one or two page paper on your findings. 2. Research the intellectual property portion of the End User License Agreement (EULA) on a favorite computer program of yours. Explain what the EULA is saying about protection of this work. 1. Merriam-Webster Dictionary. (n.d.). Ethics. Retrieved from↵ 2. Grigonis, H. (2018, April 5). Nine Things to Know About Facebook and Cambridge Analytica. Digital Trends. Retrieved from facebook-users-should-know-about-cambridge-analytica- and-privacy/ 3. Association for Computing Machinery (1992, October 16) ACM Code of Ethics and Professional Conduct.↵ Chapter 12: The Ethical and Legal Implications of Information Systems | 289 4. Merriam-Webster Dictionary. (n.d.). Intellectual Property. Retrieved from dictionary/intellectual%20property↵ 5. United States Department of Justice. (n.d.). Copyright Infringement – First Sale Doctrine. Retrieved from usam/title9/crm01854.htm↵ 6. United States Copyright Office. (n.d.). Fair Use Index. Retrieved from↵ 7. United States Patent and Trademark Office (n.d.). What Is A Patent? Retrieved from↵ 8. United States Patent and Trademark Office (n.d.). Visualization Center. Retrieved from↵ 9. Bachmann, S. (2016, December 22). America’s Big 5 Tech companies increase patent filings, Microsoft holds lead in AI technologies. IP Watchdog. Retrieved from companies-increase-patent/id=76019/↵ 10. McAllister, E., Grance, T., and Scarfone, K. (2010, April). Guide to Protecting the Confidentiality of Personally Identifiable Information (PII). National Institute of Standards and Technology. Retrieved from nistpubs/800-122/sp800-122 ↵ 11. Sanz, R. M. G. (2018, April 30). Your Guide to the GDPR. IEEE Spectrum. Retrieved from the-gdpr↵ 12. Zafrin, W. (2018, May 25). Playing Catch-up with the General Data Protection Regulation. Information Management. Retrieved from catch-up-with-the-general-data-protection-regulation↵ 13. Electronic Frontier Foundation. (n.d.). Do Not Track. Retrieved from↵ 290 | Information Systems for Business and Beyond (2019) Chapter 13: Trends in Information Systems Learning Objectives Upon successful completion of this chapter, you will be able to: • describe current trends in information systems. • know how to think about the impacts of changes in technology on society and culture. Introduction Information systems have evolved at a rapid pace ever since their introduction in the 1950s. Today devices you can hold in one hand are more powerful than the computers used to land a man on the moon in 1969. The Internet has made the entire world accessible to you, allowing you to communicate and collaborate like never before. This chapter examines current trends and looks ahead to what is coming next. As you read about technology trends in this chapter, think how you might gain competitive advantage in a future career through implementation of some of these devices. Chapter 13: Trends in Information Systems | 291 Global The first trend to note is the continuing expansion of globalization. The use of the Internet is growing all over the world, and with it the use of digital devices. Penetration rates, the percent of the population using the Internet, remains high in the developed world, but other continents are gaining.1 Internet Users by Continent (Source: Internet World Stats) In addition to worldwide growth in Internet penetration, the number of mobile phones in use continues to increase. At the end of 2017 the world population of people over the age 10 years (those old enough to possibly have their own mobile phone) was about 5.7 billion with an estimated 4.77 billion mobile phone users. This 1. Internet World Stats 292 | Information Systems for Business and Beyond (2019) equates to over 80% of people in the world having a mobile phone. 2 World wide mobile phone users (Source: Statista) Social Social media growth is another trend that continues at a firm growth rate. As of April 2018 there were about 2.18 billion Facebook users, a 14% increase from April 2017.3 2. Statistica Forecast of Mobile Phone Users Worldwide 3. Zephoria Top 15 Valuable Facebook Statistics Chapter 13: Trends in Information Systems | 293 Facebook users world wide in June 2017 (Source: Internet World Stats) In 2018, of the 2.2 billion users who regularly use Facebook, only half them spoke English and only 10% were from the US.4 Besides Facebook, other social media sites are also seeing tremendous growth. Over 83% of YouTube’s users are outside the US, with the UK, India, Germany, Canada, France, South Korea, and Russia leading the way.5 Pinterest gets over 57% of its users from outside the US, with over 9% residing in India. 6 Twitter now has over 330 million active users. 7 Social media sites not based in the US are also growing. China’s WeChat multipurpose messaging and social media app is the fifth most-visited site in the world.8 4. 5. Omnicore Agency Facebook Statistics 6. Omnicore Agency Pinterest Statistics 7. Omnicore Agency Twitter Statistics 8. Statista 294 | Information Systems for Business and Beyond (2019) Mary Meeker making her Internet Trends presentation Personal Ever since the advent of Web 2.0 and e-commerce, users of information systems have expected to be able to modify their experiences to meet their personal tastes. From custom backgrounds on computer desktops to unique ringtones on mobile phones, makers of digital devices provide the ability to personalize how we use them. More recently, companies such as Netflix have begun assisting their users with personalizations by viewing suggestions. In the future, we will begin seeing devices perfectly matched to our personal preferences, based upon information collected about us. Sidebar: Mary Meeker and Internet Trends Chapters such as this are difficult to maintain because the future is a moving target. The same goes for businesses looking to figure out where to develop new products and make investments. Enter Mary Meeker, up until 2018 a partner at the notable venture capital firm Kleiner Perkins Caufield & Byers and now forming her own investment group, Bond Capital. For the past several years, Ms. Meeker has presented the “Internet Trends” report at the Code Conference every May. The presentation consists of rapid-fire summaries of data that provides insights into all of the latest trends in digital technologies and their Chapter 13: Trends in Information Systems | 295 impact on economies, culture, and investing. For those wanting to keep up with technology, there is no better way than to unpack her annual presentation by watching a video of the presentation and reviewing the associated slide deck. Here are the last few years of videos of her presentation: 2019 2018 2017 You can view her slide decks from previous years by going to the Bond Capital archive. Mobile Perhaps the most impactful trend in digital technologies in the last decade has been the advent of mobile technologies. Beginning with the simple cellphone in the 1990s and evolving into the smartphones of today, the growth of mobile has been overwhelming. Here are some key indicators of this trend: • Mobile vs. Desktop. Minutes spent each day on a mobile device are 2.5 times the number of minutes spent on a desktop computer. • Daytime vs. Evening. Desktop use dominates in the daytime hours, but mobile devices are dominant in the evening, with peak usage around 8:00 pm. • Device usage. Smartphones are used more than any other technology. Laptops are in second place, followed by tablets holding a slight edge over desktops. 9 • Smartphone sales decline. According to Gartner Group, world 9. Smart Insights 296 | Information Systems for Business and Beyond (2019) wide smartphone sales declined in the fourth quarter of 2017 by 4.7% compared with the fourth quarter of 2016. This is the first decline in global smartphone sales since Gartner began tracking mobile phone sales in 2004. 10 • The rise and fall of tablets. In 2012 the iPad sold more than three times as many units in its first twelve months as the iPhone did in its first twelve months. However, tablet sales dropped 20% from the fourth quarter 2015 to fourth quarter 2016. 11 The decline in tablet sales continued into 2017 when first quarter sales dropped 8.5% to their lowest total since the third quarter of 2012, the year they were introduced. 12 In comparison, PC sales dropped only 1.7% in 2017 compared with tablet sales being down 10%. 13 As discussed in chapter 5, the advent of 5G connection technologies will accelerate an “always-connected” state for a majority of people around the world. Wearable The average smartphone user looks at his or her smartphone 150 times a day for functions such as messaging (23 times), phone calls (22), listening to music (13), and social media (9).Many of these functions would be much better served if the technology was worn 10. 11. Techcrunch 12. Business Insider 13. Telegraph Chapter 13: Trends in Information Systems | 297 Wearable Devices Actual and Forecast (Source: Gartner Group, August 2017) on, or even physically integrated into, our bodies. This technology is known as a “wearable.” Wearables have been around for a long time, with technologies such as hearing aids and, later, bluetooth earpieces. Now the product lines have expanded to include the Smartwatch, body cameras, sports watch, and various fitness monitors. The following table from the Gartner Group reports both historical and predicted sales. Wearable Devices Worldwide (millions of units) Notice the strong growth predicted by 2021. Total wearable devices are projected to increase by about 45% from 2018 to 2021. 298 | Information Systems for Business and Beyond (2019) Waze Screen Shot (Click to enlarge) Collaborative As more people use smartphones and wearables, it will be simpler than ever to share data with each other for mutual benefit. Some of this sharing can be done passively, such as reporting your location in order to update traffic statistics. Other data can be reported actively, such as adding your rating of a restaurant to a review site. The smartphone app Waze is a community-based tool that keeps track of the route you are traveling and how fast you are making your way to your destination. In return for providing your data, you can benefit from the data being sent from all of the other users of the app. Waze directs you around traffic and accidents based upon real-time reports from other users. Yelp! allows consumers to post ratings and reviews of local businesses into a database, and then it provides that data back to consumers via its website or mobile phone app. By compiling ratings of restaurants, shopping centers, and services, and then allowing consumers to search through its directory, Yelp! has become a huge source of business for many companies. Unlike data collected passively however, Yelp! relies on its users to take the time to provide honest ratings and reviews. Chapter 13: Trends in Information Systems | 299 Printable One of the most amazing innovations to be developed recently is the 3-D printer. A 3-D printer allows you to print virtually any 3-D object based on a model of that object designed on a computer. 3-D printers work by creating layer upon layer of the model using malleable materials, such as different types of glass, metals, or even wax. 3-D printing is quite useful for prototyping the designs of products to determine their feasibility and marketability. 3-D printing has also been used to create working prosthetic legs and an ear that can hear beyond the range of normal hearing. The US military now uses 3-D printed parts on aircraft such as the F-18.14 Here are more amazing productions from 3D printers. • Buildings. Researchers at MIT in 2017 unveiled a 3D printing robot that can construct a building. It has a large arm and small arm. The large arm moves around the perimeter of the building while the small arm sprays a variety of materials including concrete and insulation. Total time to construct a dome- shaped building is just 14 hours. • Musical Instruments. Flutes, fiddles, and acoustic guitars are being produced with 3D printing using both metal and plastic. You can click here for an example of making a violin. • Medical Models. Medical models are being used to help doctors train in the areas of orthopedics, transplant surgery, and oncology. Using a 3D printed brain model similar to the one shown here, surgeons were able to save a patient from a cerebral aneurysm. • Clothing. How would you like clothes that fit perfectly? Special 14. The Economist. (2013, September 13). 3-D Printing Scales Up. 300 | Information Systems for Business and Beyond (2019) software is used to measure a person, then 3D printing produces the clothing to the exact measurements. The result is well-fitting clothes that consume less raw materials. Initially the challenge was to find materials that would not break. You can read more about 3D printing of clothes and shoes. 15 3-D printing is one of many technologies embraced by the “maker” movement. Chris Anderson, editor of Wired magazine, puts it this way16: In a nutshell, the term “Maker” refers to a new category of builders who are using open-source methods and the latest technology to bring manufacturing out of its traditional factory context, and into the realm of the personal desktop computer. Until recently, the ability to manufacture was reserved for those who owned factories. What’s happened over the last five years is that we’ve brought the Web’s democratizing power to manufacturing. Today, you can manufacture with the push of a button. 15. Bosavage, J. (2017, September 5). Unbelievable Creations from 3-D Printers. 16. Anderson, C. (2012). Makers: The New Industrial Revolution.. Crown Business. Chapter 13: Trends in Information Systems | 301 Findable The “Internet of Things” (IoT) refers to devices that have been embedded into a variety of objects including appliances, lamps, vehicles, lightbulbs, toys, thermostats, jet engines, etc. and then connecting them via Wi-Fi, BlueTooth, or LTE to the Internet. Principally three factors have come together to give us IoT: inexpensive processors, wireless connectivity, and a new standard for addresses on the Internet known as IPv6. The result is these small, embedded objects (things) are capable of sending and receiving data. Lights can be turned on or off remotely. Thermostats can be reset with anyone being present. And, perhaps on the downside, how you drive your car can be monitored and evaluated by your insurance company. Processors have become both smaller and cheaper in recent years, leading to their being embedded in more devices. Consider technological advancements in your vehicles. Your car can now collect data about how fast you drive, where you go, radio stations you listen to, and your driving performance such as acceleration and braking. Insurance companies are offering discounts for the right to monitor your driving behavior. On the positive side, imagine 302 | Information Systems for Business and Beyond (2019) the benefit of being informed instantly of anticipated traffic delays each time you adjust your route to work in the morning. Think of IoT as devices that you wouldn’t normally consider being connected to the Internet. And, the connection is independent of human intervention. So a PC is not an IoT, but a fitness band could be. One keyword for IoT would be “independent”, not relying directly or constantly on human action. Another keyword would be “interconnected”, in the sense that IoTs are connected to other IoTs and data collection points or data servers. This interconnectedness or uploading of data is virtually automatic. “Ubiqutous” is also a good descriptor of IoTs. And so is “embeddedness.” It is reasonable to expect that devices through IoTs are reporting data about conditions and events that are not foremost in our thinking, at least not on a continuous basis. Today there are IoTs for monitoring traffic, air quality, soil moisture, bridge conditions, consumer electronics, autonomous vehicles, and the list seemingly never stops. The question that might come to mind is “How many IoTs are there today?” The Gartner Group released a study in January 2017 which attempted to identify where IoTs exist. They reported that over half of all IoTs are installed in devices used by consumers. They also noted that growth in IoTs increased by over 30% from 2016 to the projected levels for 2017.17 Benefits from IoTs are virtually everywhere. Here is a quick list. • Optimization of Processes. IoTs in manufacturing monitor a variety of conditions that impact production including temperature, humidity, barometric pressure – all factors which 17. Ranger, S. (2018, January 19). What is the IoT? Everything You Wanted to Know about The Internet of Things Right Now. ZDNet. Chapter 13: Trends in Information Systems | 303 require adjustment in application of manufacturing formulas. • Component Monitoring. IoTs are added to components in the manufacturing process, then monitored to see how each component is performing. • Home Security Systems. IoTs make the challenge of monitoring activity inside and outside your home are now easier. • Smart Thermostats. Remote control of home thermostats through the use of IoTs allows the homeowner to be more efficient in consumption of utilities. • Residential Lighting. IoTs provide remote control of lighting, both interior and exterior, and at any time of day.18 Security issues need to be acknowledged and resolved, preferably before IoTs in the form of remote lighting, thermostats, and security systems are installed in a residence. Here are some security concerns that need monitoring. • Eavesdropping. Smart speaker systems in residences have been hacked, allowing others to eavesdrop on conversations within the home. • Internet-connected Smart Watches. These devices are sometimes used to monitor the location of children in the family. Unfortunately, hackers have been able to breakin and again, eavesdrop as well as learn where children are located. • Lax Use by Owners. Devices such as smart thermometers, security systems, etc. come with a default password. Many owners fail to change the password, thereby allowing easy access by a hacker. 18. Ranger, S. (2018, January 19). What is the IoT? Everything You Wanted to Know about The Internet of Things Right Now. ZDNet. 304 | Information Systems for Business and Beyond (2019) Autonomous Another trend that is emerging is an extension of the Internet of Things: autonomous robots and vehicles. By combining software, sensors, and location technologies, devices that can operate themselves to perform specific functions are being developed. These take the form of creations such as medical nanotechnology robots (nanobots), self-driving cars, or unmanned aerial vehicles (UAVs). A nanobot is a robot whose components are on the scale of about a nanometer, which is one-billionth of a meter. While still an emerging field, it is showing promise for applications in the medical field. For example, a set of nanobots could be introduced into the human body to combat cancer or a specific disease. In March of 2012, Google introduced the world to their driverless car by releasing a video on YouTube showing a blind man driving the car around the San Francisco area. The car combines several technologies, including a laser radar system, worth about $150,000. While the car is not available commercially yet, three US states (Nevada, Florida, and California) have already passed legislation making driverless cars legal. A UAV, often referred to as a “drone,” is a small airplane or helicopter that can fly without a pilot. Instead of a pilot, they are either run autonomously by computers in the vehicle or operated by a person using a remote control. While most drones today are used for military or civil applications, there is a growing market for personal drones. For around $300, a consumer can purchase a drone for personal use. Secure As digital technologies drive relentlessly forward, so does the Chapter 13: Trends in Information Systems | 305 demand for increased security. One of the most important innovations in security is the use of encryption, which we covered in chapter 6. Summary As the world of information technology moves forward, we will be constantly challenged by new capabilities and innovations that will both amaze and disgust us. As we learned in chapter 12, many times the new capabilities and powers that come with these new technologies will test us and require a new way of thinking about the world. Businesses and individuals alike need to be aware of these coming changes and prepare for them. Study Questions 1. Which countries are the biggest users of the Internet? Social media? Mobile? 2. Which country had the largest Internet growth (in %) in the last five years? 3. How will most people connect to the Internet in the future? 4. What are two different applications of wearable technologies? 5. What are two different applications of collaborative technologies? 6. What capabilities do printable technologies have? 7. How will advances in wireless technologies and sensors make objects “findable”? 8. What is enhanced situational awareness? 9. What is a nanobot? 10. What is a UAV? 306 | Information Systems for Business and Beyond (2019) Exercises 1. If you were going to start a new technology business, which of the emerging trends do you think would be the biggest opportunity? Do some original research to estimate the market size. 2. What privacy concerns could be raised by collaborative technologies such as Waze? 3. Do some research about the first handgun printed using a 3-D printer and report on some of the concerns raised. 4. Write up an example of how IoT might provide a business with a competitive advantage. 5. How do you think wearable technologies could improve overall healthcare? 6. What potential problems do you see with a rise in the number of autonomous cars? Do some independent research and write a two-page paper that describes where autonomous cars are legal and what problems may occur. 7. Seek out the latest presentation by Mary Meeker on “Internet Trends” (if you cannot find it, the video from 2018 is available at Mary Meeker). Write a one-page paper describing what the top three trends are, in your opinion. 8. Select a business enterprise of interest to you, one that you may pursue following graduation. Select one or more of the technologies listed in this chapter, then write a one or two page paper about how you might use that technology to gain a competitive advantage. Chapter 13: Trends in Information Systems | 307 Index Below are listed terms that can be found in this text. The terms are indexed by chapter and page. For example, “12-254” indicates that the term can be found in chapter 12 on page 254. Please also note that page numbers may vary based upon how you are reading this text! Acceptable User Policy, 12-254 Access control, 6-127 Agile methodologies, 10-205 Altair 8800, 1-20 Apple II, 1-20 Application software, 1-16, 3-57 ARPA Net, 1-225-104 Assembly language, 10-210 Authentication, 6-125 Autonomous devices, 13-289 Availability, 6-125 Backups, 6-131 Berners-Lee, Tim, 1-22 Big Data, 4-91, 4-93 Binary, 2-33, -34 Binary prefixes, 2-36 Biometrics, 6-126 Bit, 2-33 Bitcoin, 11-245 Blockchain, 11-244 Bluetooth, 2-43, 5-114 Brynjolfson, Eric, 7-146 Build v. buy, 10-218 Bus, 2-39 Business Analytics, 4-98 Business Intelligence, 4-98 Index | 309 Business process, 8-163 Business Process Management (BPM), 7-153, 8-168 Business process re-engineering, 8-170 Byte, 2-33

Cambridge Analytica, 12-251 Career paths, 9-189 Carr, Nicholas, 1-12, 2-26, 7-147 CASE tools, 10-215 Castells, Manuel, 11-233 Cellphone abroad, 5-114 Central Processing Unit (CPU), 2-36, video 2-37, multi-core 2-45 Certifications, 9-190 Change management, 10-223 Chief Information Officer (CIO), 9-186 Client-server, 1-21, 5-116 Cloud computing, 1-25, 3-68, 5-118 Collaborative systems, 7-155, 13-283 Code of ethics, 12-252 Commoditization, 2-50 Competitive advantage, 1-13, 2-26, 7-147, 7-153, 7-158 Compiled v. interpreted, 10-213 Components, 1-14 Computer engineer, 9-183 Computer operator, 9-185 Confidentiality, 6-124 Copyright, 12-256 Creative Commons, 12-261 Cross platform development, 10-221 Customer Relationship Management (CRM), 3-65 Data dictionary, 4-93 Data-Information-Knowledge-Wisdom, 4-77 Data integrity, 4-86 Data mining, 4-96, sidebar, 4-97 Data privacy, 12-251 Data types, 4-83 310 | Information Systems for Business and Beyond (2019) Data warehouse, 4-93, benefits, 4-95 Database, 4-78 Database administrator, 9-185 Database, enterprise, 4-91 Database spreadsheet sidebar, 4-85 Database Management System (DBMS), 4-90 Database, Relational, 4-78 Decimal numbering system, 2-34 Decision Support Systems (DSS), 7-156 Developer, 9-183 Digital devices, 2-33 Digital divide, 11-240 Digital Millennium Copyright Act, 12-260 Disintermediation, 1-23 Domain name, 5-107 DNS, 5-107 Do Not Track, 12-273 Dot-comm bubble, 1-235, 5-109 Double Data Rate (DDR), 2-40 Eclipse IDE, 3-61 Electronic Data Interchange (EDI), 7-154 Email, 5-110 Encryption, 6-128 End-user computing, 10-220 Enterprise Resource Planning (ERP), 1-21, 3-64, 8-166 Eras, business computing, 1-25 Ethics, 12-250 Extranet, 5-117 Facebook, 11-251, 13-280 Fair use, 12-258 Family Educational Rights and Privacy Act, 12-271 Fernandes, Benjamin, 11-245 Findable, 13-286 Firewalls, 6-132 First sale doctrine, 12-257 Index | 311 Ford, Henry, 12-250 Friedman, Thomas, 11-234 Gantt chart, 9-188 General Data Protection Regulation, 12-272 Global firm, 11-236 Globalization, 11-232 Ghemawat, Pankaj, 11-236 Hammer, Michael, 8-170 Hard disk, 2-41 Hardware, 1-15, 2-32 Health Insurance Portability and Accountability Act, 12-271 Huang’s Law, 2-38 Implementation Methodologies, 10-222 Information security triad, 6-124 Information systems, 1-14 Information systems employment, 9-180 Integrity, 6-124 Intellectual property, 12-255 Internet speed, 11-239 Internet usage statistics, 11-233 Intrusion Detection System (IDS), 6-133 IBM-PC, 1-20 Integrated circuits, 2-45 Internet, 1-22, internet and www, 5-111, high speed, 5-111 Internet of Things (IoT), 2-49, 13-286, install, 13-287 IP address, 5-106 Integrated Development Environment (IDE), 10-214 Internet user worldwide, 5-108 Intranet, 5-116 Isabel, 7-157 ISO certification, 8-174 IT doesn’t matter, 7-147 Key-Value database, 4-89 Kim, Paul, 11-243 Knowledge Management (KM), 4-98 312 | Information Systems for Business and Beyond (2019) Laptop, 1-12 Lean methodologies, 10-207 Linux, 3-56 Local Area Network (LAN), 1-21 Machine code, 10-209 Mainframe, 1-18 Manufacturing Resource Planning (MRP), 1-19 Metadata, 4-92 Metcaffe’s Law, 5-119 Microsoft Excel, 3-57 Mobile applications, 3-67, building, 10-221, cross platform, 10-221 Mobile phone users worldwide, 13-280 Mobile networking, 5-113 Mobile security, 6-136 Mobile technology trends, 13-282 Motherboard, 2-39 Moore’s Law, 2-37 Nanobot, 13-289 Network Interface Card (NIC), 2-44 Nielsen, Jakob, 11-241 Non-obvious relationship awareness, 12-269 Normalization, 4-82 NoSQL, 4-89 Office application suites, 3-60 Open source software, 3-71 Openoffice, 3-72 Operating systems, 1-15, 3-55 Outsourcing, 9-193 Ownership of software, 3-63 Packet, 5-106 Password security, 6-130 Patent, 12-263 Patent troll, 12-265 PC, 1-12 Personal information security, 6-138 Index | 313 Personally identifiable information, 12-268 Physical security, 6-134 Powerpoint, 3-62 Portable computer, 2-47 Porter’s five forces, 7-150 Post PC world, 1-24 Primary key, 4-80 Printable, 13-284 Privacy, data, 4-97, 12-267 Procedural v. object-oriented, 10-213 Productivity paradox, 7-146 Productivity software, 3-58 Project manager, 9-188 Programming language spectrum, 10-212 Protocol, 5-108 Public key encryption, 6-129 Quality triangle, 10-208 Random Access Memory (RAM), 2-40 Rapid Application Development (RAD), 10-203 Retail Link, Walmart, 1-27 Router, 5-106 RSA SecurID token, 6-126 Security policies, 6-135 Sharepoint, 5-118 Smartphone, 1-12, 2-47 Software, 1-15 Solid State Drive (SSD), 2-41 Stop Think Connect, 6-139 Structured Query Language (SQL) 4-86 Student Clubs database, 4-81 Supply Chain Management, 1-27, 3-66 Support analyst, 9-185 Switch, 5-106 Systems analyst, 9-181 Systems Development Life Cycle (SDLC), 10-200 314 | Information Systems for Business and Beyond (2019) Tableau, 3-62 Tablet, 2-48, decline, 13-282 TCP/IP, 5-105 Ted talk fibre optic, 1-23 Time-sharing, 1-19 Trademark, 12-265 Universal Serial Bus (USB), 2-42 Unmanned Aerial Vehicle, 13-290 Usability, 6-138 Users, adoption types, 9-194 Value chain, 7-148 Virtual Machine (VM), 3-70 Virtual Private Network (VPN), 6-133 Virtualization, 3-70 Voice Over IP (VOIP), 5-115 Walmart, 1-26, 4-91 Wearable, 13-282 Web 2.0, 1-23, 5-109 Web services, 10-219 Website, build, 10-216 Wi-fi, 5-112 Windows operating system, 1-20 Word size, 2-34 World 3.0, 11-236 World is flat, 11-234 World Wide Web (WWW), 1-22 Index | 315 Information Systems for Business and Beyond (2019) Information Systems for Business and Beyond (2019) Title Page Copyright Book Contributors Changes from Previous Edition How you can help Introduction Part I: What is an information system? Chapter 1: What Is an Information System? Chapter 2: Hardware Chapter 3: Software Chapter 4: Data and Databases Chapter 5: Networking and Communication Chapter 6: Information Systems Security Part II: Information Systems for Strategic Advantage Chapter 7: Does IT Matter? Chapter 8: Business Processes Chapter 9: The People in Information Systems Chapter 10: Information Systems Development Part III: Information Systems Beyond the Organization Chapter 11: Globalization and the Digital Divide Chapter 12: The Ethical and Legal Implications of Information Systems Chapter 13: Trends in Information Systems Index Information Technology and Organizational Learning Managing Behavioral Change in the Digital Age Third Edition Information Technology and Organizational Learning Managing Behavioral Change in the Digital Age Third Edition Arthur M. Langer CRC Press Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 © 2018 by Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, an Informa business No claim to original U.S. Government works Printed on acid-free paper International Standard Book Number-13: 978-1-4987-7575-5 (Paperback) International Standard Book Number-13: 978-1-138-23858-9 (Hardback) This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information stor- age or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, please access www.copy- ( or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged. Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. Visit the Taylor & Francis Web site at and the CRC Press Web site at v Contents Foreword xi Acknowledgments xiii Author xv IntroductIon xvii chApter 1 the “rAvell” corporAtIon 1 Introduction 1 A New Approach 3 The Blueprint for Integration 5 Enlisting Support 6 Assessing Progress 7 Resistance in the Ranks 8 Line Management to the Rescue 8 IT Begins to Reflect 9 Defining an Identity for Information Technology 10 Implementing the Integration: A Move toward Trust and Reflection 12 Key Lessons 14 Defining Reflection and Learning for an Organization 14 Working toward a Clear Goal 15 Commitment to Quality 15 Teaching Staff “Not to Know” 16 Transformation of Culture 16 Alignment with Administrative Departments 17 Conclusion 19 vi Contents chApter 2 the It dIlemmA 21 Introduction 21 Recent Background 23 IT in the Organizational Context 24 IT and Organizational Structure 24 The Role of IT in Business Strategy 25 Ways of Evaluating IT 27 Executive Knowledge and Management of IT 28 IT: A View from the Top 29 Section 1: Chief Executive Perception of the Role of IT 32 Section 2: Management and Strategic Issues 34 Section 3: Measuring IT Performance and Activities 35 General Results 36 Defining the IT Dilemma 36 Recent Developments in Operational Excellence 38 chApter 3 technology As A vArIAble And responsIve orgAnIzAtIonAl dynAmIsm 41 Introduction 41 Technological Dynamism 41 Responsive Organizational Dynamism 42 Strategic Integration 43 Summary 48 Cultural Assimilation 48 IT Organization Communications with “ Others” 49 Movement of Traditional IT Staff 49 Summary 51 Technology Business Cycle 52 Feasibility 53 Measurement 53 Planning 54 Implementation 55 Evolution 57 Drivers and Supporters 58 Santander versus Citibank 60 Information Technology Roles and Responsibilities 60 Replacement or Outsource 61 chApter 4 orgAnIzAtIonAl leArnIng theorIes And technology 63 Introduction 63 Learning Organizations 72 Communities of Practice 75 Learning Preferences and Experiential Learning 83 Social Discourse and the Use of Language 89 Identity 91 Skills 92 viiContents Emotion 92 Linear Development in Learning Approaches 96 chApter 5 mAnAgIng orgAnIzAtIonAl leArnIng And technology 109 The Role of Line Management 109 Line Managers 111 First-Line Managers 111 Supervisor 111 Management Vectors 112 Knowledge Management 116 Ch ange Management 120 Change Management for IT Organizations 123 Social Networks and Information Technology 134 chApter 6 orgAnIzAtIonAl trAnsFormAtIon And the bAlAnced scorecArd 139 Introduction 139 Methods of Ongoing Evaluation 146 Balanced Scorecards and Discourse 156 Knowledge Creation, Culture, and Strategy 158 chApter 7 vIrtuAl teAms And outsourcIng 163 Introduction 163 Status of Virtual Teams 165 Management Considerations 166 Dealing with Multiple Locations 166 Externalization 169 Internalization 171 Combination 171 Socialization 172 Externalization Dynamism 172 Internalization Dynamism 173 Combination Dynamism 173 Socialization Dynamism 173 Dealing with Multiple Locations and Outsourcing 177 Revisiting Social Discourse 178 Identity 179 Skills 180 Emotion 181 chApter 8 synergIstIc unIon oF It And orgAnIzAtIonAl leArnIng 187 Introduction 187 Siemens AG 187 Aftermath 202 ICAP 203 viii Contents Five Years Later 224 HTC 225 IT History at HTC 226 Interactions of the CEO 227 The Process 228 Transformation from the Transition 229 Five Years Later 231 Summary 233 chApter 9 FormIng A cyber securIty culture 239 Introduction 239 History 239 Talking to the Board 241 Establishing a Security Culture 241 Understanding What It Means to be Compromised 242 Cyber Security Dynamism and Responsive Organizational Dynamism 242 Cyber Strategic Integration 243 Cyber Cultural Assimilation 245 Summary 246 Organizational Learning and Application Development 246 Cyber Security Risk 247 Risk Responsibility 248 Driver /Supporter Implications 250 chApter 10 dIgItAl trAnsFormAtIon And chAnges In consumer behAvIor 251 Introduction 251 Requirements without Users and without Input 254 Concepts of the S-Curve and Digital Transformation Analysis and Design 258 Organizational Learning and the S-Curve 260 Communities of Practice 261 The IT Leader in the Digital Transformation Era 262 How Technology Disrupts Firms and Industries 264 Dynamism and Digital Disruption 264 Critical Components of “ Digital” Organization 265 Assimilating Digital Technology Operationally and Culturally 267 Conclusion 268 chApter 11 IntegrAtIng generAtIon y employees to AccelerAte competItIve AdvAntAge 269 Introduction 269 The Employment Challenge in the Digital Era 270 Gen Y Population Attributes 272 Advantages of Employing Millennials to Support Digital Transformation 272 Integration of Gen Y with Baby Boomers and Gen X 273 ixContents Designing the Digital Enterprise 274 Assimilating Gen Y Talent from Underserved and Socially Excluded Populations 276 Langer Workforce Maturity Arc 277 Theoretical Constructs of the LWMA 278 The LWMA and Action Research 281 Implications for New Pathways for Digital Talent 282 Demographic Shifts in Talent Resources 282 Economic Sustainability 283 Integration and Trust 283 Global Implications for Sources of Talent 284 Conclusion 284 chApter 12 towArd best prActIces 287 Introduction 287 Chief IT Executive 288 Definitions of Maturity Stages and Dimension Variables in the Chief IT Executive Best Practices Arc 297 Maturity Stages 297 Performance Dimensions 298 Chief Executive Officer 299 CIO Direct Reporting to the CEO 305 Outsourcing 306 Centralization versus Decentralization of IT 306 CIO Needs Advanced Degrees 307 Need for Standards 307 Risk Management 307 The CEO Best Practices Technology Arc 313 Definitions of Maturity Stages and Dimension Variables in the CEO Technology Best Practices Arc 314 Maturity Stages 314 Performance Dimensions 315 Middle Management 316 The Middle Management Best Practices Technology Arc 323 Definitions of Maturity Stages and Dimension Variables in the Middle Manager Best Practices Arc 325 Maturity Stages 325 Performance Dimensions 326 Summary 327 Ethics and Maturity 333 chApter 13 conclusIons 339 Introduction 339 glossAry 357 reFerences 363 Index 373 xi Foreword Digital technologies are transforming the global economy. Increasingly, firms and other organizations are assessing their opportunities, develop- ing and delivering products and services, and interacting with custom- ers and other stakeholders digitally. Established companies recognize that digital technologies can help them operate their businesses with greater speed and lower costs and, in many cases, offer their custom- ers opportunities to co-design and co-produce products and services. Many start-up companies use digital technologies to develop new prod- ucts and business models that disrupt the present way of doing busi- ness, taking customers away from firms that cannot change and adapt. In recent years, digital technology and new business models have dis- rupted one industry after another, and these developments are rapidly transforming how people communicate, learn, and work. Against this backdrop, the third edition of Arthur Langer’ s Information Technology and Organizational Learning is most welcome. For decades, Langer has been studying how firms adapt to new or changing conditions by increasing their ability to incorporate and use advanced information technologies. Most organizations do not adopt new technology easily or readily. Organizational inertia and embed- ded legacy systems are powerful forces working against the adoption of new technology, even when the advantages of improved technology are recognized. Investing in new technology is costly, and it requires xii Foreword aligning technology with business strategies and transforming cor- porate cultures so that organization members use the technology to become more productive. Information Technology and Organizational Learning addresses these important issues— and much more. There are four features of the new edition that I would like to draw attention to that, I believe, make this a valuable book. First, Langer adopts a behavioral perspective rather than a technical perspective. Instead of simply offering norma- tive advice about technology adoption, he shows how sound learn- ing theory and principles can be used to incorporate technology into the organization. His discussion ranges across the dynamic learning organization, knowledge management, change management, com- munities of practice, and virtual teams. Second, he shows how an organization can move beyond technology alignment to true technol- ogy integration. Part of this process involves redefining the traditional support role of the IT department to a leadership role in which IT helps to drive business strategy through a technology-based learn- ing organization. Third, the book contains case studies that make the material come alive. The book begins with a comprehensive real-life case that sets the stage for the issues to be resolved, and smaller case illustrations are sprinkled throughout the chapters, to make concepts and techniques easily understandable. Lastly, Langer has a wealth of experience that he brings to his book. He spent more than 25 years as an IT consultant and is the founder of the Center for Technology Management at Columbia University, where he directs certificate and executive programs on various aspects of technology innovation and management. He has organized a vast professional network of tech- nology executives whose companies serve as learning laboratories for his students and research. When you read the book, the knowledge and insight gained from these experiences is readily apparent. If you are an IT professional, Information Technology and Organi­ zational Learning should be required reading. However, anyone who is part of a firm or agency that wants to capitalize on the opportunities provided by digital technology will benefit from reading the book. Charles C. Snow Professor Emeritus, Penn State University Co­Editor, Journal of Organization Design xiii Acknowledgments Many colleagues and clients have provided significant support during the development of the third edition of Information Technology and Organizational Learning. I owe much to my colleagues at Teachers College, namely, Professor Victoria Marsick and Lyle Yorks, who guided me on many of the the- ories on organizational learning, and Professor Lee Knefelkamp, for her ongoing mentorship on adult learning and developmental theo- ries. Professor David Thomas from the Harvard Business School also provided valuable direction on the complex issues surrounding diver- sity, and its importance in workforce development. I appreciate the corporate executives who agreed to participate in the studies that allowed me to apply learning theories to actual organizational practices. Stephen McDermott from ICAP provided invaluable input on how chief executive officers (CEOs) can success- fully learn to manage emerging technologies. Dana Deasy, now global chief information officer (CIO) of JP Morgan Chase, contributed enormous information on how corporate CIOs can integrate tech- nology into business strategy. Lynn O’ Connor Vos, CEO of Grey Healthcare, also showed me how technology can produce direct mon- etary returns, especially when the CEO is actively involved. And, of course, thank you to my wonderful students at Columbia University. They continue to be at the core of my inspiration and love for writing, teaching, and scholarly research. xv Author Arthur M. Langer, EdD, is professor of professional practice of management and the director of the Center for Technology Management at Columbia University. He is the academic direc- tor of the Executive Masters of Science program in Technology Management, vice chair of faculty and executive advisor to the dean at the School of Professional Studies and is on the faculty of the Department of Organization and Leadership at the Graduate School of Education (Teachers College). He has also served as a member of the Columbia University Faculty Senate. Dr. Langer is the author of Guide to Software Development: Designing & Managing the Life Cycle. 2nd Edition (2016), Strategic IT: Best Practices for Managers and Executives (2013 with Lyle Yorks), Information Technology and Organizational Learning (2011), Analysis and Design of Information Systems (2007), Applied Ecommerce (2002), and The Art of Analysis (1997), and has numerous published articles and papers, relating to digital transformation, service learning for underserved popula- tions, IT organizational integration, mentoring, and staff develop- ment. Dr. Langer consults with corporations and universities on information technology, cyber security, staff development, man- agement transformation, and curriculum development around the Globe. Dr. Langer is also the chairman and founder of Workforce Opportunity Services (, a non-profit social venture xvi Author that provides scholarships and careers to underserved populations around the world. Dr. Langer earned a BA in computer science, an MBA in accounting/finance, and a Doctorate of Education from Columbia University. xvii Introduction Background Information technology (IT) has become a more significant part of workplace operations, and as a result, information systems person- nel are key to the success of corporate enterprises, especially with the recent effects of the digital revolution on every aspect of business and social life (Bradley & Nolan, 1998; Langer, 1997, 2011; Lipman- Blumen, 1996). This digital revolution is defined as a form of “ dis- ruption.” Indeed, the big question facing many enterprises today is, How can executives anticipate the unexpected threats brought on by technological advances that could devastate their business? This book focuses on the vital role that information and digital technology orga- nizations need to play in the course of organizational development and learning, and on the growing need to integrate technology fully into the processes of workplace organizational learning. Technology personnel have long been criticized for their inability to function as part of the business, and they are often seen as a group outside the corporate norm (Schein, 1992). This is a problem of cultural assimila- tion, and it represents one of the two major fronts that organizations now face in their efforts to gain a grip on the new, growing power of technology, and to be competitive in a global world. The other major xviii IntroduCtIon front concerns the strategic integration of new digital technologies into business line management. Because technology continues to change at such a rapid pace, the ability of organizations to operate within a new paradigm of dynamic change emphasizes the need to employ action learning as a way to build competitive learning organizations in the twenty-first century. Information Technology and Organizational Learning integrates some of the fundamental issues bearing on IT today with concepts from organizational learning theory, providing comprehensive guidance, based on real-life business experiences and concrete research. This book also focuses on another aspect of what IT can mean to an organization. IT represents a broadening dimension of business life that affects everything we do inside an organization. This new reality is shaped by the increasing and irreversible dissemination of technology. To maximize the usefulness of its encroaching presence in everyday business affairs, organizations will require an optimal understanding of how to integrate technology into everything they do. To this end, this book seeks to break new ground on how to approach and concep- tualize this salient issue— that is, that the optimization of information and digital technologies is best pursued with a synchronous imple- mentation of organizational learning concepts. Furthermore, these concepts cannot be implemented without utilizing theories of strategic learning. Therefore, this book takes the position that technology liter- acy requires individual and group strategic learning if it is to transform a business into a technology-based learning organization. Technology­ based organizations are defined as those that have implemented a means of successfully integrating technology into their process of organiza- tional learning. Such organizations recognize and experience the real- ity of technology as part of their everyday business function. It is what many organizations are calling “ being digital.” This book will also examine some of the many existing organi- zational learning theories, and the historical problems that have occurred with companies that have used them, or that have failed to use them. Thus, the introduction of technology into organizations actually provides an opportunity to reassess and reapply many of the past concepts, theories, and practices that have been used to support the importance of organizational learning. It is important, however, not to confuse this message with a reason for promoting organizational xixIntroduCtIon learning, but rather, to understand the seamless nature of the relation- ship between IT and organizational learning. Each needs the other to succeed. Indeed, technology has only served to expose problems that have existed in organizations for decades, e.g., the inability to drive down responsibilities to the operational levels of the organization, and to be more agile with their consumers. This book is designed to help businesses and individual manag- ers understand and cope with the many issues involved in developing organizational learning programs, and in integrating an important component: their IT and digital organizations. It aims to provide a combination of research case studies, together with existing theories on organizational learning in the workplace. The goal is also to pro- vide researchers and corporate practitioners with a book that allows them to incorporate a growing IT infrastructure with their exist- ing workforce culture. Professional organizations need to integrate IT into their organizational processes to compete effectively in the technology-driven business climate of today. This book responds to the complex and various dilemmas faced by many human resource managers and corporate executives regarding how to actually deal with many marginalized technology personnel who somehow always operate outside the normal flow of the core business. While the history of IT, as a marginalized organization, is rela- tively short, in comparison to that of other professions, the problems of IT have been consistent since its insertion into business organiza- tions in the early 1960s. Indeed, while technology has changed, the position and valuation of IT have continued to challenge how execu- tives manage it, account for it, and, most important, ultimately value its contributions to the organization. Technology personnel continue to be criticized for their inability to function as part of the business, and they are often seen as outside the business norm. IT employees are frequently stereotyped as “ techies,” and are segregated in such a way that they become isolated from the organization. This book pro- vides a method for integrating IT, and redefining its role in organiza- tions, especially as a partner in formulating and implementing key business strategies that are crucial for the survival of many companies in the new digital age. Rather than provide a long and extensive list of common issues, I have decided it best to uncover the challenges of IT integration and performance through the case study approach. xx IntroduCtIon IT continues to be one of the most important yet least understood departments in an organization. It has also become one of the most significant components for competing in the global markets of today. IT is now an integral part of the way companies become successful, and is now being referred to as the digital arm of the business. This is true across all industries. The role of IT has grown enormously in companies throughout the world, and it has a mission to provide stra- tegic solutions that can make companies more competitive. Indeed, the success of IT, and its ability to operate as part of the learning organization, can mean the difference between the success and failure of entire companies. However, IT must be careful that it is not seen as just a factory of support personnel, and does not lose its justification as driving competitive advantage. We see in many organizations that other digital-based departments are being created, due to frustration with the traditional IT culture, or because they simply do not see IT as meeting the current needs for operating in a digital economy. This book provides answers to other important questions that have challenged many organizations for decades. First, how can manag- ers master emerging digital technologies, sustain a relationship with organizational learning, and link it to strategy and performance? Second, what is the process by which to determine the value of using technology, and how does it relate to traditional ways of calculating return on investment, and establishing risk models? Third, what are the cyber security implications of technology-based products and services? Fourth, what are the roles and responsibilities of the IT executive, and the department in general? To answer these questions, managers need to focus on the following objectives: • Address the operational weaknesses in organizations, in terms of how to deal with new technologies, and how to bet- ter realize business benefits. • Provide a mechanism that both enables organizations to deal with accelerated change caused by technological innovations, and integrates them into a new cycle of processing, and han- dling of change. • Provide a strategic learning framework, by which every new technology variable adds to organizational knowledge and can develop a risk and security culture. xxiIntroduCtIon • Establish an integrated approach that ties technology account- ability to other measurable outcomes, using organizational learning techniques and theories. To realize these objectives, organizations must be able to • create dynamic internal processes that can deal, on a daily basis, with understanding the potential fit of new technologies and their overall value within the structure of the business; • provide the discourse to bridge the gaps between IT- and non- IT-related investments, and uses, into one integrated system; • monitor investments and determine modifications to the life cycle; • implement various organizational learning practices, includ- ing learning organization, knowledge management, change management, and communities of practice, all of which help foster strategic thinking, and learning, and can be linked to performance (Gephardt & Marsick, 2003). The strengths of this book are that it integrates theory and practice and provides answers to the four common questions mentioned. Many of the answers provided in these pages are founded on theory and research and are supported by practical experience. Thus, evidence of the performance of the theories is presented via case studies, which are designed to assist the readers in determining how such theories and proven practices can be applied to their specific organization. A common theme in this book involves three important terms: dynamic , unpredictable , and acceleration . Dynamic is a term that rep- resents spontaneous and vibrant things— a motive force. Technology behaves with such a force and requires organizations to deal with its capabilities. Glasmeier (1997) postulates that technology evolution, innovation, and change are dynamic processes. The force then is tech- nology, and it carries many motives, as we shall see throughout this book. Unpredictable suggests that we cannot plan what will happen or will be needed. Many organizational individuals, including execu- tives, have attempted to predict when, how, or why technology will affect their organization. Throughout our recent history, especially during the “ digital disruption” era, we have found that it is difficult, if not impossible, to predict how technology will ultimately benefit or xxii IntroduCtIon hurt organizational growth and competitive advantage. I believe that technology is volatile and erratic at times. Indeed, harnessing tech- nology is not at all an exact science; certainly not in the ways in which it can and should be used in today’ s modern organization. Finally, I use the term acceleration to convey the way technology is speeding up our lives. Not only have emerging technologies created this unpre- dictable environment of change, but they also continue to change it rapidly— even from the demise of the dot-com era decades ago. Thus, what becomes important is the need to respond quickly to technology. The inability to be responsive to change brought about by technologi- cal innovations can result in significant competitive disadvantages for organizations. This new edition shows why this is a fact especially when examining the shrinking S-Curve. So, we look at these three words— dynamic, unpredictable, and acceleration— as a way to define how technology affects organizations; that is, technology is an accelerating motive force that occurs irregularly. These words name the challenges that organizations need to address if they are to manage technological innovations and integrate them with business strategy and competi- tive advantage. It only makes sense that the challenge of integrating technology into business requires us first to understand its potential impact, determine how it occurs, and see what is likely to follow. There are no quick remedies to dealing with emerging technologies, just common practices and sustained processes that must be adopted for organizations to survive in the future. I had four goals in mind in writing this book. First, I am inter- ested in writing about the challenges of using digital technologies strategically. What particularly concerns me is the lack of literature that truly addresses this issue. What is also troublesome is the lack of reliable techniques for the evaluation of IT, especially since IT is used in almost every aspect of business life. So, as we increase our use and dependency on technology, we seem to understand less about how to measure and validate its outcomes. I also want to convey my thoughts about the importance of embracing nonmon- etary methods for evaluating technology, particularly as they relate to determining return on investment. Indeed, indirect and non- monetary benefits need to be part of the process of assessing and approving IT projects. xxiiiIntroduCtIon Second, I want to apply organizational learning theory to the field of IT and use proven learning models to help transform IT staff into becoming better members of their organizations. Everyone seems to know about the inability of IT people to integrate with other depart- ments, yet no one has really created a solution to the problem. I find that organizational learning techniques are an effective way of coach- ing IT staff to operate more consistently with the goals of the busi- nesses that they support. Third, I want to present cogent theories about IT and organiza- tional learning; theories that establish new ways for organizations to adapt new technologies. I want to share my experiences and those of other professionals who have found approaches that can provide posi- tive outcomes from technology investments. Fourth, I have decided to express my concerns about the valid- ity and reliability of organizational learning theories and practices as they apply to the field of IT. I find that most of these models need to be enhanced to better fit the unique aspects of the digital age. These modified models enable the original learning techniques to address IT-specific issues. In this way, the organization can develop a more holistic approach toward a common goal for using technology. Certainly, the balance of how technology ties in with strategy is essential. However, there has been much debate over whether tech- nology should drive business strategy or vice versa. We will find that the answer to this is “ yes.” Yes, in the sense that technology can affect the way organizations determine their missions and business strate- gies; but “ no” in that technology should not be the only component for determining mission and strategy. Many managers have realized that business is still business, meaning that technology is not a “ sil- ver bullet.” The challenge, then, is to determine how best to fit tech- nology into the process of creating and supporting business strategy. Few would doubt today that technology is, indeed, the most signifi- cant variable affecting business strategy. However, the most viable approach is to incorporate technology into the process of determin- ing business strategy. I have found that many businesses still formu- late their strategies first, and then look at technology, as a means to efficiently implement objectives and goals. Executives need to better understand the unique and important role that technology provides us; it can drive business strategy, and support it, at the same time. xxiv IntroduCtIon Managers should not solely focus their attention on generating breakthrough innovations that will create spectacular results. Most good uses of technology are much subtler, and longer-lasting. For this reason, this book discusses and defines new technology life cycles that blend business strategy and strategic learning. Building on this theme, I introduce the idea of responsive organizational dynamism as the core theory of this book. Responsive organizational dynamism defines an environment that can respond to the three important terms (dynamic, unpredictable, and acceleration). Indeed, technology requires organizations that can sustain a system, in which individu- als can deal with dynamic, unpredictable, and accelerated change, as part of their regular process of production. The basis of this concept is that organizations must create and sustain such an environment to be competitive in a global technologically-driven economy. I further analyze responsive organizational dynamism in its two subcompo- nents: strategic integration and cultural assimilation, which address how technology needs to be measured as it relates to business strategy, and what related social– structural changes are needed, respectively. Change is an important principle of this book. I talk about the importance of how to change, how to manage such change, and why emerging technologies are a significant agent of change. I support the need for change, as an opportunity to use many of the learning theories that have been historically difficult to implement. That is, implementing change brought on by technological innovation is an opportunity to make the organization more “ change ready” or, as we define it today, more “ agile.” However, we also know that little is known about how organizations should actually go about modifying existing processes to adapt to new technologies and become digital entities— and to be accustomed to doing this regularly. Managing through such periods of change requires that we develop a model that can deal with dynamic, unpredictable, and accelerated change. This is what responsive organizational dynamism is designed to do. We know that over 20% of IT projects still fail to be completed. Another 54% fail to meet their projected completion date. We now sit at the forefront of another technological spurt of innovations that will necessitate major renovations to existing legacy systems, requiring that they be linked to sophisticated e-business systems. These e-business systems will continue to utilize the Internet, and emerging mobile xxvIntroduCtIon technologies. While we tend to focus primarily on what technology generically does, organizations need urgently to prepare themselves for the next generation of advances, by forming structures that can deal with continued, accelerated change, as the norm of daily opera- tions. For this edition, I have added new sections and chapters that address the digital transformation, ways of dealing with changing consumer behavior, the need to form evolving cyber security cultures, and the importance of integrating Gen Y employees to accelerate competitive advantage. This book provides answers to a number of dilemmas but ultimately offers an imbricate cure for the problem of latency in performance and quality afflicting many technologically-based projects. Traditionally, management has attempted to improve IT performance by increasing technical skills and project manager expertise through new processes. While there has been an effort to educate IT managers to become more interested and participative in business issues, their involvement continues to be based more on service than on strategy. Yet, at the heart of the issue is the entirety of the organization. It is my belief that many of the programmatic efforts conducted in traditional ways and attempting to mature and integrate IT with the rest of the organiza- tion will continue to deliver disappointing results. My personal experience goes well beyond research; it draws from living and breathing the IT experience for the past 35 years, and from an understanding of the dynamics of what occurs inside and outside the IT department in most organizations. With such experi- ence, I can offer a path that engages the participation of the entire management team and operations staff of the organization. While my vision for this kind of digital transformation is different from other approaches, it is consistent with organizational learning theo- ries that promote the integration of individuals, communities, and senior management to participate in more democratic and vision- ary forms of thinking, reflection, and learning. It is my belief that many of the dilemmas presented by IT have existed in other parts of organizations for years, and that the Internet revolution only served to expose them. If we believe this to be true, then we must begin the process of integrating technology into strategic thinking and stop depending on IT to provide magical answers, and inappropriate expectations of performance. xxvi IntroduCtIon Technology is not the responsibility of any one person or depart- ment; rather, it is part of the responsibility of every employee. Thus, the challenge is to allow organizations to understand how to modify their processes, and the roles and responsibilities of their employees, to incorporate digital technologies as part of normal workplace activi- ties. Technology then becomes more a subject and a component of discourse. IT staff members need to emerge as specialists who par- ticipate in decision making, development, and sustained support of business evolution. There are also technology-based topics that do not require the typical expertise that IT personnel provide. This is a literacy issue that requires different ways of thinking and learning during the everyday part of operations. For example, using desktop tools, communicating via e-mail, and saving files and data, are inte- gral to everyday operations. These activities affect projects, yet they are not really part of the responsibilities of IT departments. Given the knowledge that technology is everywhere, we must change the approach that we take to be successful. Another way of looking at this phenomenon is to define technology more as a commodity, readily available to all individuals. This means that the notion of technology as organizationally segregated into separate cubes of expertise is prob- lematic, particularly on a global front. Thus, the overall aim of this book is to promote organizational learning that disseminates the uses of technology throughout a busi- ness, so that IT departments are a partner in its use, as opposed to being its sole owner. The cure to IT project failure, then, is to engage the business in technology decisions in such a way that individuals and business units are fundamentally involved in the process. Such processes need to be designed to dynamically respond to technology opportunities and thus should not be overly bureaucratic. There is a balance between establishing organizations that can readily deal with technology versus those that become too complex and inefficient. This balance can only be attained using organizational learning techniques as the method to grow and reach technology maturation. Overview of the Chapters Chapter 1 provides an important case study of the Ravell Corporation (a pseudonym), where I was retained for over five years. During this xxviiIntroduCtIon period, I applied numerous organizational learning methods toward the integration of the IT department with the rest of the organiza- tion. The chapter allows readers to understand how the theories of organizational learning can be applied in actual practice, and how those theories are particularly beneficial to the IT community. The chapter also shows the practical side of how learning techniques can be linked to measurable outcomes, and ultimately related to business strategy. This concept will become the basis of integrating learning with strategy (i.e., “ strategic learning” ). The Ravell case study also sets the tone of what I call the IT dilemma, which represents the core problem faced by organizations today. Furthermore, the Ravell case study becomes the cornerstone example throughout the book and is used to relate many of the theories of learning and their practical applicability in organizations. The Ravell case has also been updated in this second edition to include recent results that support the impor- tance of alignment with the human resources department. Chapter 2 presents the details of the IT dilemma. This chapter addresses issues such as isolation of IT staff, which results in their marginalization from the rest of the organization. I explain that while executives want technology to be an important part of business strat- egy, few understand how to accomplish it. In general, I show that individuals have a lack of knowledge about how technology and busi- ness strategy can, and should, be linked, to form common business objectives. The chapter provides the results of a three-year study of how chief executives link the role of technology with business strat- egy. The study captures information relating to how chief executives perceive the role of IT, how they manage it, and use it strategically, and the way they measure IT performance and activities. Chapter 3 focuses on defining how organizations need to respond to the challenges posed by technology. I analyze technological dyna- mism in its core components so that readers understand the different facets that comprise its many applications. I begin by presenting tech- nology as a dynamic variable that is capable of affecting organizations in a unique way. I specifically emphasize the unpredictability of tech- nology, and its capacity to accelerate change— ultimately concluding that technology, as an independent variable, has a dynamic effect on organizational development. This chapter also introduces my theory of responsive organizational dynamism, defined as a disposition in xxviii IntroduCtIon organizational behavior that can respond to the demands of tech- nology as a dynamic variable. I establish two core components of responsive organizational dynamism: strategic integration and cultural assimilation . Each of these components is designed to tackle a specific problem introduced by technology. Strategic integration addresses the way in which organizations determine how to use technology as part of business strategy. Cultural assimilation, on the other hand, seeks to answer how the organization, both structurally and culturally, will accommodate the actual human resources of an IT staff and depart- ment within the process of implementing new technologies. Thus, strategic integration will require organizational changes in terms of cultural assimilation. The chapter also provides a perspective of the technology life cycle so that readers can see how responsive organi- zational dynamism is applied, on an IT project basis. Finally, I define the driver and supporter functions of IT and how these contribute to managing technology life cycles. Chapter 4 introduces theories on organizational learning, and applies them specifically to responsive organizational dynamism. I emphasize that organizational learning must result in individual, and organizational transformation, that leads to measurable performance outcomes. The chapter defines a number of organizational learning theories, such as reflective practices, learning organization, communi- ties of practice, learning preferences and experiential learning, social discourse, and the use of language. These techniques and approaches to promoting organizational learning are then configured into various models that can be used to assess individual and organizational devel- opment. Two important models are designed to be used in responsive organizational dynamism: the applied individual learning wheel and the technology maturity arc. These models lay the foundation for my position that learning maturation involves a steady linear progression from an individual focus toward a system or organizational perspec- tive. The chapter also addresses implementation issues— political challenges that can get in the way of successful application of the learning theories. Chapter 5 explores the role of management in creating and sustain- ing responsive organizational dynamism. I define the tiers of middle management in relation to various theories of management partici- pation in organizational learning. The complex issues of whether xxixIntroduCtIon organizational learning needs to be managed from the top down, bottom up, or middle-top-down are discussed and applied to a model that operates in responsive organizational dynamism. This chapter takes into account the common three-tier structure in which most organizations operate: executive, middle, and operations. The execu- tive level includes the chief executive officer (CEO), president, and senior vice presidents. The middle is the most complex, ranging from vice president/director to supervisory roles. Operations covers what is commonly known as “ staff,” including clerical functions. The knowl- edge that I convey suggests that all of these tiers need to participate in management, including operations personnel, via a self-development model. The chapter also presents the notion that knowledge manage- ment is necessary to optimize competitive advantage, particularly as it involves transforming tacit knowledge into explicit knowledge. I view the existing theories on knowledge management, create a hybrid model that embraces technology issues, and map them to responsive organizational dynamism. Discussions on change management are included as a method of addressing the unique ways that technol- ogy affects product development. Essentially, I tie together respon- sive organizational dynamism with organizational change theory, by offering modifications to generally accepted theories. There is also a specific model created for IT organizations, that maps onto organi- zational-level concepts. Although I have used technology as the basis for the need for responsive organizational dynamism, I show that the needs for its existence can be attributed to any variable that requires dynamic change. As such, I suggest that readers begin to think about the next “ technology” or variable that can cause the same needs to occur inside organizations. The chapter has been extended to address the impact of social networking and the leadership opportunities it provides to technology executives. Chapter 6 examines how organizational transformation occurs. The primary focus of the chapter is to integrate transformation theory with responsive organizational dynamism. The position taken is that organizational learning techniques must inevitably result in orga- nizational transformation. Discussions on transformation are often addressed at organizational level, as opposed to focusing on individual development. As in other sections of the book, I extend a number of theories so that they can operate under the auspices of responsive xxx IntroduCtIon organizational dynamism, specifically, the works of Yorks and Marsick (2000) and Aldrich (2001). I expand organizational transformation to include ongoing assessment within technology deliverables. This is accomplished through the use of a modified Balanced Scorecard originally developed by Kaplan and Norton (2001). The Balanced Scorecard becomes the vehicle for establishing a strategy-focused and technology-based organization. Chapter 7 deals with the many business transformation projects that require outsource arrangements and virtual team management. This chapter provides an understanding of when and how to consider outsourcing and the intricacies of considerations once operating with virtual teams. I cover such issues as management considerations and the challenges of dealing in multiple locations. The chapter extends the models discussed in previous chapters so that they can be aligned with operating in a virtual team environment. Specifically, this includes communities of practice, social discourse, self-development, knowl- edge management, and, of course, responsive organizational dyna- mism and its corresponding maturity arcs. Furthermore, I expand the conversation to include IT and non-IT personnel, and the arguments for the further support needed to integrate all functions across the organization. Chapter 8 presents updated case studies that demonstrate how my organizational learning techniques are actually applied in practice. Three case studies are presented: Siemens AG, ICAP, and HTC. Siemens AG is a diverse international company with 20 discrete businesses in over 190 countries. The case study offers a perspec- tive of how a corporate chief information officer (CIO) introduced e- business strategy. ICAP is a leading international money and secu- rity broker. This case study follows the activities of the electronic trad- ing community (ETC) entity, and how the CEO transformed the organization and used organizational learning methods to improve competitive advantage. HTC (a pseudonym) provides an example of why the chief IT executive should report to the CEO, and how a CEO can champion specific projects to help transform organizational norms and behaviors. This case study also maps the transformation of the company to actual examples of strategic advantage. Chapter 9 focuses on the challenges of forming a “ cyber security” culture. The growing challenges of protecting companies from outside xxxiIntroduCtIon attacks have established the need to create a cyber security culture. This chapter addresses the ways in which information technology organizations must further integrate with business operations, so that their firms are better equipped to protect against outside threats. Since the general consensus is that no system can be 100% protected, and that most system compromises occur as a result of internal expo- sures, information technology leaders must educate employees on best practices to limit cyberattacks. Furthermore, while prevention is the objective, organizations must be internally prepared to deal with attacks and thus have processes in place should a system become pen- etrated by third-party agents. Chapter 10 explores the effects of the digital global economy on the ways in which organizations need to respond to the consumeriza- tion of products and services. From this perspective, digital transfor- mation involves a type of social reengineering that affects the ways in which organizations communicate internally, and how they consider restructuring departments. Digital transformation also affects the risks that organizations must take in what has become an accelerated changing consumer market. Chapter 11 provides conclusions and focuses on Gen Y employ- ees who are known as “ digital natives” and represent the new supply chain of talent. Gen Y employees possess the attributes to assist com- panies to transform their workforce to meet the accelerated change in the competitive landscape. Most executives across industries recog- nize that digital technologies are the most powerful variable to main- taining and expanding company markets. Gen Y employees provide a natural fit for dealing with emerging digital technologies. However, success with integrating Gen Y employees is contingent upon Baby Boomer and Gen X management adopting new leadership philoso- phies and procedures suited to meet the expectations and needs of these new workers. Ignoring the unique needs of Gen Y employees will likely result in an incongruent organization that suffers high turnover of young employees who will ultimately seek a more entre- preneurial environment. Chapter 12 seeks to define best practices to implement and sus- tain responsive organizational dynamism. The chapter sets forth a model that creates separate, yet linked, best practices and maturity arcs that can be used to assess stages of the learning development xxxii IntroduCtIon of the chief IT executive, the CEO, and the middle management. I discuss the concept of common threads , by which each best practices arc links through common objectives and outcomes to the responsive organizational dynamism maturity arc presented in Chapter 4. Thus, these arcs represent an integrated and hierarchical view of how each component of the organization contributes to overall best practices. A new section has been added that links ethics to technology leadership and maturity. Chapter 13 summarizes the many aspects of how IT and organi- zational learning operate together to support the responsive organi- zational dynamism environment. The chapter emphasizes the specific key themes developed in the book, such as evolution versus revolu- tion; control and empowerment; driver and supporter operations; and responsive organizational dynamism and self-generating organiza- tions. Finally, I provide an overarching framework for “ organizing” reflection and integrate it with the best practices arcs. As a final note, I need to clarify my use of the words information technology, digital technology, and technology. In many parts of the book, they are used interchangeably, although there is a defined difference. Of course, not all technology is related to information or digital; some is based on machinery or the like. For the purposes of this book, the reader should assume that IT and digital technology are the primary variables that I am addressing. However, the theories and processes that I offer can be scaled to all types of technological innovation. 1 1 The “Ravell” CoRpoRaTion Introduction Launching into an explanation of information technology (IT), organizational learning, and the practical relationship into which I propose to bring them is a challenging topic to undertake. I choose, therefore, to begin this discussion by presenting an actual case study that exemplifies many key issues pertaining to organizational learn- ing, and how it can be used to improve the performance of an IT department. Specifically, this chapter summarizes a case study of the IT department at the Ravell Corporation (a pseudonym) in New York City. I was retained as a consultant at the company to improve the performance of the department and to solve a mounting politi- cal problem involving IT and its relation to other departments. The case offers an example of how the growth of a company as a “learn- ing organization”—one in which employees are constantly learning during the normal workday (Argyris, 1993; Watkins & Marsick, 1993)— utilized reflective practices to help it achieve the practical stra- tegic goals it sought. Individuals in learning organizations integrate processes of learning into their work. Therefore, a learning organiza- tion must advocate a system that allows its employees to interact, ask questions, and provide insight to the business. The learning organiza- tion will ultimately promote systematic thinking, and the building of organizational memory (Watkins & Marsick, 1993). A learning organization (discussed more fully in Chapter 4) is a component of the larger topic of organizational learning. The Ravell Corporation is a firm with over 500 employees who, over the years, had become dependent on the use of technology to run its business. Its IT department, like that of many other compa- nies, was isolated from the rest of the business and was regarded as a peripheral entity whose purpose was simply to provide technical support. This was accompanied by actual physical isolation—IT was 2 INFORMATION TECHNOLOGY placed in a contained and secure location away from mainstream operations. As a result, IT staff rarely engaged in active discourse with other staff members unless specific meetings were called relat- ing to a particular project. The Ravell IT department, therefore, was not part of the community of organizational learning—it did not have the opportunity to learn along with the rest of the organiza- tion, and it was never asked to provide guidance in matters of gen- eral relevance to the business as a whole. This marginalized status resulted in an us-versus-them attitude on the part of IT and non-IT personnel alike. Much has been written about the negative impact of marginal- ization on individuals who are part of communities. Schlossberg (1989) researched adults in various settings and how marginal- ization affected their work and self-efficacy. Her theory on mar- ginalization and mattering is applied to this case study because of its relevance and similarity to her prior research. For example, IT represents similar characteristics to a separate group on a college campus or in a workplace environment. Its physical isolation can also be related to how marginalized groups move away from the majority population and function without contact. The IT direc- tor, in particular, had cultivated an adversarial relationship with his peers. The director had shaped a department that fueled his view of separation. This had the effect of further marginalizing the posi- tion of IT within the organization. Hand in hand with this form of separatism came a sense of actual dislike on the part of IT personnel for other employees. IT staff members were quick to point fingers at others and were often noncommunicative with members of other departments within the organization. As a result of this kind of behavior, many departments lost confidence in the ability of IT to provide support; indeed, the quality of support that IT furnished had begun to deteriorate. Many departments at Ravell began to hire their own IT support personnel and were determined to create their own information systems subdepartments. This situation eventually became unacceptable to management, and the IT director was ter- minated. An initiative was begun to refocus the department and its position within the organization. I was retained to bring about this change and to act as the IT director until a structural transforma- tion of the department was complete. 3the “rAvell” CorporAtIon A New Approach My mandate at Ravell was initially unclear—I was to “fix” the problem; the specific solution was left up to me to design and imple- ment. My goal became one of finding a way to integrate IT fully into the organizational culture at Ravell. Without such integration, IT would remain isolated, and no amount of “fixing” around this issue would address the persistence of what was, as well, a cultural prob- lem. Unless IT became a true part of the organization as a whole, the entire IT staff could be replaced without any real change having occurred from the organization’s perspective. That is, just replacing the entire IT staff was an acceptable solution to senior management. The fact that this was acceptable suggested to me that the knowledge and value contained in the IT department did not exist or was mis- understood by the senior management of the firm. In my opinion, just eliminating a marginalized group was not a solution because I expected that such knowledge and value did exist, and that it needed to be investigated properly. Thus, I rejected management’s option and began to formulate a plan to better understand the contributions that could be made by the IT department. The challenge was threefold: to improve the work quality of the IT department (a matter of perfor- mance), to help the department begin to feel itself a part of the orga- nization as a whole and vice versa (a matter of cultural assimilation), and to persuade the rest of the organization to accept the IT staff as equals who could contribute to the overall direction and growth of the organization (a fundamental matter of strategic integration). My first step was to gather information. On my assignment to the position of IT director, I quickly arranged a meeting with the IT department to determine the status and attitudes of its personnel. The IT staff meeting included the chief financial officer (CFO), to whom IT reported. At this meeting, I explained the reasons behind the changes occurring in IT management. Few questions were asked; as a result, I immediately began scheduling individual meetings with each of the IT employees. These employees varied in terms of their position within the corporate hierarchy, in terms of salary, and in terms of technical expertise. The purpose of the private meetings was to allow IT staff members to speak openly, and to enable me to hear their concerns. I drew on the principles of action science, pioneered 4 INFORMATION TECHNOLOGY by Argyris and Schö n (1996), designed to promote individual self- reflection regarding behavior patterns, and to encourage a produc- tive exchange among individuals. Action science encompasses a range of methods to help individuals learn how to be reflective about their actions. By reflecting, individuals can better understand the outcomes of their actions and, especially, how they are seen by others. This was an important approach because I felt learning had to start at the indi- vidual level as opposed to attempting group learning activities. It was my hope that the discussions I orchestrated would lead the IT staff to a better understanding than they had previously shown, not only of the learning process itself, but also of the significance of that process. I pursued these objectives by guiding them to detect problem areas in their work and to undertake a joint effort to correct them (Argyris, 1993; Arnett, 1992). Important components of reflective learning are single-loop and double-loop learning. Single-loop learning requires individuals to reflect on a prior action or habit that needs to be changed in the future but does not require individuals to change their operational proce- dures with regard to values and norms. Double-loop learning, on the other hand, does require both change in behavior and change in oper- ational procedures. For example, people who engage in double-loop learning may need to adjust how they perform their job, as opposed to just the way they communicate with others, or, as Argyris and Schö n (1996, p. 22) state, “the correction of error requires inquiry through which organizational values and norms themselves are modified.” Despite my efforts and intentions, not all of the exchanges were destined to be successful. Many of the IT staff members felt that the IT director had been forced out, and that there was consequently no support for the IT function in the organization. There was also clear evidence of internal political division within the IT department; members openly criticized each other. Still other interviews resulted in little communication. This initial response from IT staff was disap- pointing, and I must admit I began to doubt whether these learning methods would be an antidote for the department. Replacing people began to seem more attractive, and I now understood why many man- agers prefer to replace staff, as opposed to investing in their transfor- mation. However, I also knew that learning is a gradual process and that it would take time and trust to see results. 5the “rAvell” CorporAtIon I realized that the task ahead called for nothing short of a total cul- tural transformation of the IT organization at Ravell. Members of the IT staff had to become flexible and open if they were to become more trusting of one another and more reflective as a group (Garvin, 2000; Schein, 1992). Furthermore, they had to have an awareness of their history, and they had to be willing to institute a vision of partnering with the user community. An important part of the process for me was to accept the fact that the IT staff were not habitually inclined to be reflective. My goal then was to create an environment that would foster reflective learning, which would in turn enable a change in individual and organizational values and norms (Senge, 1990). The Blueprint for Integration Based on information drawn from the interviews, I developed a pre- liminary plan to begin to integrate IT into the day-to-day operations at Ravell, and to bring IT personnel into regular contact with other staff members. According to Senge (1990), the most productive learn- ing occurs when skills are combined in the activities of advocacy and inquiry. My hope was to encourage both among the staff at Ravell. The plan for integration and assimilation involved assigning IT resources to each department; that is, following the logic of the self-dissemina- tion of technology, each department would have its own dedicated IT person to support it. However, just assigning a person was not enough, so I added the commitment to actually relocate an IT person into each physical area. This way, rather than clustering together in an area of their own, IT people would be embedded throughout the organiza- tion, getting first-hand exposure to what other departments did, and learning how to make an immediate contribution to the productiv- ity of these departments. The on-site IT person in each department would have the opportunity to observe problems when they arose— and hence, to seek ways to prevent them—and, significantly, to share in the sense of accomplishment when things went well. To reinforce their commitment to their respective areas, I specified that IT person- nel were to report not only to me but also to the line manager in their respective departments. In addition, these line managers were to have input on the evaluation of IT staff. I saw that making IT staff offi- cially accountable to the departments they worked with was a tangible 6 INFORMATION TECHNOLOGY way to raise their level of commitment to the organization. I hoped that putting line managers in a supervisory position, would help build a sense of teamwork between IT and non-IT personnel. Ultimately, the focus of this approach was to foster the creation of a tolerant and supportive cultural climate for IT within the various departments; an important corollary goal here was also to allow reflective reviews of performance to flourish (Garvin, 1993). Enlisting Support Support for this plan had to be mustered quickly if I was to create an environment of trust. I had to reestablish the need for the IT func- tion within the company, show that it was critical for the company’s business operations, and show that its integration posed a unique challenge to the company. However, it was not enough just for me to claim this. I also had to enlist key managers to claim it. Indeed, employees will cooperate only if they believe that self-assessment and critical thinking are valued by management (Garvin, 2000). I decided to embark on a process of arranging meetings with specific line man- agers in the organization. I selected individuals who would represent the day-to-day management of the key departments. If I could get their commitment to work with IT, I felt it could provide the stimulus we needed. Some line managers were initially suspicious of the effort because of their prior experiences with IT. However, they generally liked the idea of integration and assimilation that was presented to them, and agreed to support it, at least on a trial basis. Predictably, the IT staff were less enthusiastic about the idea. Many of them felt threatened, fearing that they were about to lose their independence or lose the mutual support that comes from being in a cohesive group. I had hoped that holding a series of meetings would help me gain support for the restructuring concept. I had to be care- ful to ensure that the staff members would feel that they also had an opportunity to develop a plan, that they were confident would work. During a number of group sessions, we discussed various scenarios of how such a plan might work. I emphasized the concepts of integra- tion and assimilation, and that a program of their implementation would be experimental. Without realizing it, I had engaged IT staff members in a process of self-governance. Thus, I empowered them 7the “rAvell” CorporAtIon to feel comfortable with voicing new ideas, without being concerned that they might be openly criticized by me if I did not agree. This pro- cess also encouraged individuals to begin thinking more as a group. Indeed, by directing the practice of constructive criticism among the IT staff, I had hoped to elicit a higher degree of reflective action among the group and to show them that they had the ability to learn from one another as well as the ability to design their own roles in the organization (Argyris, 1993). Their acceptance of physical integration and, hence, cultural assimilation became a necessary condition for the ability of the IT group, to engage in greater reflective behavior (Argyris & Schö n, 1996). Assessing Progress The next issue concerned individual feedback. How was I to let each person know how he or she was doing? I decided first, to get feedback from the larger organizational community. This was accomplished by meeting with the line managers and obtaining whatever feed- back was available from them. I was surprised at the large quantity of information they were willing to offer. The line managers were not shy about participating, and their input allowed me to complete two objectives: (1) to understand how the IT staff was being perceived in its new assignment and (2) to create a social and reflective relation- ship between IT individuals and the line managers. The latter objec- tive was significant, for if we were to be successful, the line managers would have to assist us in the effort to integrate and assimilate IT functions within their community. After the discussions with managers were completed, individual meetings were held with each IT staff member to discuss the feedback. I chose not to attribute the feedback to specific line managers but rather to address particular issues by conveying the general consensus about them. Mixed feelings were also disclosed by the IT staff. After convey- ing the information, I listened attentively to the responses of IT staff members. Not surprisingly, many of them responded to the feedback negatively and defensively. Some, for example, felt that many technology users were unreasonable in their expectations of IT. It was important for me as facilitator not to find blame among them, particularly if I was to be a participant in the learning organization (Argyris & Schö n, 1996). 8 INFORMATION TECHNOLOGY Resistance in the Ranks Any major organizational transformation is bound to elicit resistance from some employees. The initiative at Ravell proved to be no excep- tion. Employees are not always sincere, and some individuals will engage in political behavior that can be detrimental to any organiza- tional learning effort. Simply put, they are not interested in partici- pating, or, as Marsick (1998) states, “It would be naï ve to expect that everyone is willing to play on an even field (i.e., fairly).” Early in the process, the IT department became concerned that its members spent much of their time trying to figure out how best to position themselves for the future instead of attending to matters at hand. I heard from other employees that the IT staff felt that they would live through my tenure; that is, just survive until a permanent IT director was hired. It became difficult at times to elicit the truth from some members of the IT staff. These individuals would skirt around issues and deny making statements that were reported by other employees rather than con- front problems head on. Some IT staff members would criticize me in front of other groups and use the criticism as proof that the plan for a general integration was bound to fail. I realized in a most tangible sense that pursuing change through reflective practice does not come without resistance, and that this resistance needs to be factored into the planning of any such organizationally transformative initiative. Line Management to the Rescue At the time that we were still working through the resistance within IT, the plan to establish a relationship with line management began to work. A number of events occurred that allowed me to be directly involved in helping certain groups solve their IT problems. Word spread quickly that there was a new direction in IT that could be trusted. Line management support is critical for success in such trans- formational situations. First, line management is typically comprised of people from the ranks of supervisors and middle managers, who are responsible for the daily operations of their department. Assuming they do their jobs, senior management will cater to their needs and listen to their feedback. The line management of any organiza- tion, necessarily engaged to some degree in the process of learning 9the “rAvell” CorporAtIon (a “learning organization”), is key to its staff. Specifically, line manag- ers are responsible for operations personnel; at the same time, they must answer to senior management. Thus, they understand both exec- utive and operations perspectives of the business (Garvin, 2000). They are often former staff members themselves and usually have a high level of technical knowledge. Upper management, while important for financial support, has little effect at the day-to-day level, yet this is the level at which the critical work of integration and the building of a single learning community must be done. Interestingly, the line management organization had previously had no shortage of IT-related problems. Many of these line managers had been committed to developing their own IT staffs; however, they quickly realized that the exercise was beyond their expertise, and that they needed guidance and leadership. Their participation in IT staff meetings had begun to foster a new trust in the IT department, and they began to see the possibilities of working closely with IT to solve their problems. Their support began to turn toward what Watkins and Marsick (1993, p. 117) call “creating alignment by placing the vision in the hands of autonomous, cross-functional synergetic teams.” The combination of IT and non-IT teams began to foster a synergy among the communities, which established new ideas about how best to use technology. IT Begins to Reflect Although it was initially difficult for some staff members to accept, they soon realized that providing feedback opened the door to the process of self-reflection within IT. We undertook a number of exer- cises, to help IT personnel understand how non-IT personnel per- ceived them, and how their own behavior may have contributed to these perceptions. To foster self-reflection, I adopted a technique developed by Argyris called “the left-hand column.” In this technique, individuals use the right-hand column of a piece of paper to transcribe dialogues that they felt had not resulted in effective communication. In the left-hand column of the same page, participants are to write what they were really thinking at the time of the dialogue but did not say. This exercise is designed to reveal underlying assumptions that speakers may not be aware of during their exchanges and that may be 10 INFORMATION TECHNOLOGY impeding their communication with others by giving others a wrong impression. The exercise was extremely useful in helping IT personnel understand how others in the organization perceived them. Most important, the development of reflective skills, according to Schö n (1983), starts with an individual’s ability to recognize “leaps of abstraction”—the unconscious and often inaccurate generalizations people make about others based on incomplete information. In the case of Ravell, such generalizations were deeply entrenched among its various personnel sectors. Managers tended to assume that IT staffers were “ just techies,” and that they therefore held fundamentally differ- ent values and had little interest in the organization as a whole. For their part, the IT personnel were quick to assume that non-IT people did not understand or appreciate the work they did. Exposing these “leaps of abstraction” was key to removing the roadblocks that pre- vented Ravell from functioning as an integrated learning organization. Defining an Identity for Information Technology It was now time to start the process of publicly defining the identity of IT. Who were we, and what was our purpose? Prior to this time, IT had no explicit mission. Instead, its members had worked on an ad hoc basis, putting out fires and never fully feeling that their work had contributed to the growth or development of the organization as a whole. This sense of isolation made it difficult for IT members to begin to reflect on what their mission should or could be. I organized a series of meetings to begin exploring the question of a mission, and I offered support by sharing exemplary IT mission statements that were being implemented in other organizations. The focus of the meetings was not on convincing them to accept any particular idea but rather to facilitate a reflective exercise with a group that was undertaking such a task for the first time (Senge, 1990). The identity that emerged for the IT department at Ravell was dif- ferent from the one implicit in their past role. Our new mission would be to provide technical support and technical direction to the organi- zation. Of necessity, IT personnel would remain specialists, but they were to be specialists who could provide guidance to other depart- ments in addition to helping them solve and prevent problems. As they became more intimately familiar with what different departments 11the “rAvell” CorporAtIon did—and how these departments contributed to the organization as a whole—IT professionals would be able to make better informed rec- ommendations. The vision was that IT people would grow from being staff who fixed things into team members who offered their expertise to help shape the strategic direction of the organization and, in the process, participate fully in organizational growth and learning. To begin to bring this vision to life, I invited line managers to attend our meetings. I had several goals in mind with this invita- tion. Of course, I wanted to increase contact between IT and non-IT people; beyond this, I wanted to give IT staff an incentive to change by making them feel a part of the organization as a whole. I also got a commitment from IT staff that we would not cover up our prob- lems during the sessions, but would deal with all issues with trust and honesty. I also believed that the line managers would reciprocate and allow us to attend their staff meetings. A number of IT indi- viduals were concerned that my approach would only further expose our problems with regard to quality performance, but the group as a whole felt compelled to stick with the beliefs that honesty would always prevail over politics. Having gained insight into how the rest of the organization perceived them, IT staff members had to learn how to deal with disagreement and how to build consensus to move an agenda forward. Only then could reflection and action be intimately intertwined so that after-the-fact reviews could be replaced with peri- ods of learning and doing (Garvin, 2000). The meetings were constructive, not only in terms of content issues handled in the discussions, but also in terms of the number of line managers who attended them. Their attendance sent a strong message that the IT function was important to them, and that they under- stood that they also had to participate in the new direction that IT was taking. The sessions also served as a vehicle to demonstrate how IT could become socially assimilated within all the functions of the community while maintaining its own identity. The meetings were also designed as a venue for group members to be critical of themselves. The initial meetings were not successful in this regard; at first, IT staff members spent more time blaming oth- ers than reflecting on their own behaviors and attitudes. These ses- sions were difficult in that I would have to raise unpopular questions and ask whether the staff had truly “looked in the mirror” concerning 12 INFORMATION TECHNOLOGY some of the problems at hand. For example, one IT employee found it difficult to understand why a manager from another department was angry about the time it took to get a problem resolved with his computer. The problem had been identified and fixed within an hour, a time frame that most IT professionals would consider very respon- sive. As we looked into the reasons why the manager could have been justified in his anger, it emerged that the manager had a tight deadline to meet. In this situation, being without his computer for an hour was a serious problem. Although under normal circumstances a response time of one hour is good, the IT employee had failed to ask about the manager’s par- ticular circumstance. On reflection, the IT employee realized that putting himself in the position of the people he was trying to support would enable him to do his job better. In this particular instance, had the IT employee only understood the position of the manager, there were alternative ways of resolving the problem that could have been implemented much more quickly. Implementing the Integration: A Move toward Trust and Reflection As communication became more open, a certain synergy began to develop in the IT organization. Specifically, there was a palpable rise in the level of cooperation and agreement, with regard to the over- all goals set during these meetings. This is not to suggest that there were no disagreements but rather that discussions tended to be more constructive in helping the group realize its objective of providing outstanding technology support to the organization. The IT staff also felt freer to be self-reflective by openly discussing their ideas and their mistakes. The involvement of the departmental line manag- ers also gave IT staff members the support they needed to carry out the change. Slowly, there developed a shift in behavior in which the objectives of the group sharpened its focus on the transformation of the department, on its acknowledgment of successes and failures, and on acquiring new knowledge, to advance the integration of IT into the core business units. Around this time, an event presented itself that I felt would allow the IT department to establish its new credibility and authority to the other departments: the physical move of the organization to a 13the “rAvell” CorporAtIon new location. The move was to be a major event, not only because it represented the relocation of over 500 people and the technologi- cal infrastructure they used on a day-to-day basis, but also because the move was to include the transition of the media communications systems of the company, to digital technology. The move required tremendous technological work, and the organization decided to perform a “technology acceleration,” meaning that new technology would be introduced more quickly because of the opportunity pre- sented by the move. The entire moving process was to take a year, and I was immediately summoned to work with the other departments in determining the best plan to accomplish the transition. For me, the move became an emblematic event for the IT group at Ravell. It would provide the means by which to test the creation of, and the transitioning into, a learning organization. It was also to pro- vide a catalyst for the complete integration and assimilation of IT into the organization as a whole. The move represented the introduction of unfamiliar processes in which “conscious reflection is … necessary if lessons are to be learned” (Garvin, 2000, p. 100). I temporarily reorganized IT employees into “SWAT” teams (subgroups formed to deal with defined problems in high-pressure environments), so that they could be eminently consumed in the needs of their com- munity partners. Dealing with many crisis situations helped the IT department change the existing culture by showing users how to bet- ter deal with technology issues in their everyday work environment. Indeed, because of the importance of technology in the new location, the core business had an opportunity to embrace our knowledge and to learn from us. The move presented new challenges every day, and demanded openness and flexibility from everyone. Some problems required that IT listen intently to understand and meet the needs of its commu- nity partners. Other situations put IT in the role of teaching; assess- ing needs and explaining to other departments what was technically possible, and then helping them to work out compromises based on technical limitations. Suggestions for IT improvement began to come from all parts of the organization. Ideas from others were embraced by IT, demonstrating that employees throughout the organization were learning together. IT staff behaved assertively and without fear of failure, suggesting that, perhaps for the first time, their role had 14 INFORMATION TECHNOLOGY extended beyond that of fixing what was broken to one of helping to guide the organization forward into the future. Indeed, the move established the kind of “special problem” that provided an opportunity for growth in personal awareness through reflection (Moon, 1999). The move had proved an ideal laboratory for implementing the IT integration and assimilation plan. It provided real and important opportunities for IT to work hand in hand with other departments— all focusing on shared goals. The move fostered tremendous cama- raderie within the organization and became an excellent catalyst for teaching reflective behavior. It was, if you will, an ideal project in which to show how reflection in action can allow an entire organiza- tion to share in the successful attainment of a common goal. Because it was a unique event, everyone—IT and non-IT personnel alike— made mistakes, but this time, there was virtually no finger-pointing. People accepted responsibility collectively and cooperated in finding solutions. When the company recommenced operations from its new location—on time and according to schedule—no single group could claim credit for the success; it was universally recognized that success had been the result of an integrated effort. Key Lessons The experience of the reorganization of the IT department at Ravell can teach us some key lessons with respect to the cultural transforma- tion and change of marginalized technical departments, generally. Defining Reflection and Learning for an Organization IT personnel tend to view learning as a vocational event. They gener- ally look to increase their own “technical” knowledge by attending special training sessions and programs. However, as Kegan (1998) reminds us, there must be more: “Training is really insufficient as a sole diet of education—it is, in reality a subset of education.” True education involves transformation, and transformation, according to Kegan, is the willingness to take risks, to “get out of the bedroom of our comfortable world.” In my work at Ravell, I tried to augment this “diet” by embarking on a project that delivered both vocational train- ing and education through reflection. Each IT staff person was given 15the “rAvell” CorporAtIon one week of technical training per year to provide vocational develop- ment. But beyond this, I instituted weekly learning sessions in which IT personnel would meet without me and produce a weekly memo of “reflection.” The goal of this practice was to promote dialogue, in the hope that IT would develop a way to deal with its fears and mistakes on its own. Without knowing it, I had begun the process of creating a discursive community in which social interactions could act as insti- gators of reflective behavior leading to change. Working toward a Clear Goal The presence of clearly defined, measurable, short-term objectives can greatly accelerate the process of developing a “learning organiza- tion” through reflective practice. At Ravell, the move into new physi- cal quarters provided a common organizational goal toward which all participants could work. This goal fostered cooperation among IT and non-IT employees and provided an incentive for everyone to work and, consequently, learn together. Like an athletic team before an important game, or even an army before battle, the IT staff at Ravell rallied around a cause and were able to use reflective practices to help meet their goals. The move also represented what has been termed an “eye-opening event,” one that can trigger a better understanding of a culture whose differences challenge one’s presuppositions (Mezirow, 1990). It is important to note, though, that while the move accelerated the development of the learning organization as such, the move itself would not have been enough to guarantee the successes that followed it. Simply setting a deadline is no substitute for undergoing the kind of transformation necessary for a consummately reflective process. Only as the culmination of a process of analysis, socialization, and trust building, can an event like this speed the growth of a learning organization. Commitment to Quality Apart from the social challenges it faced in merging into the core business, the IT group also had problems with the quality of its out- put. Often, work was not performed in a professional manner. IT organizations often suffer from an inability to deliver on schedule, 16 INFORMATION TECHNOLOGY and Ravell was no exception. The first step in addressing the qual- ity problem, was to develop IT’s awareness of the importance of the problem, not only in my estimation but in that of the entire company. The IT staff needed to understand how technology affected the day- to-day operations of the entire company. One way to start the dia- logue on quality is to first initiate one about failures. If something was late, for instance, I asked why. Rather than addressing the problems from a destructive perspective (Argyris & Schö n, 1996; Schein, 1992; Senge, 1990), the focus was on encouraging IT personnel to under- stand the impact of their actions—or lack of action—on the company. Through self-reflection and recognition of their important role in the organization, the IT staff became more motivated than before to per- form higher quality work. Teaching Staff “Not to Know” One of the most important factors that developed out of the process of integrating IT was the willingness of the IT staff “not to know.” The phenomenology of “not knowing” or “knowing less” became the facilitator of listening; that is, by listening, we as individuals are better able to reflect. This sense of not knowing also “allows the individual to learn an important lesson: the acceptance of what is, without our attempts to control, manipulate, or judge” (Halifax, 1999, p. 177). The IT staff improved their learning abilities by suggesting and adopting new solutions to problems. An example of this was the creation of a two-shift help desk that provided user support during both day and evening. The learning process allowed IT to contribute new ideas to the community. More important, their contributions did not dramat- ically change the community; instead, they created gradual adjust- ments that led to the growth of a new hybrid culture. The key to this new culture was its ability to share ideas, accept error as a reality (Marsick, 1998), and admit to knowing less (Halifax, 1999). Transformation of Culture Cultural changes are often slow to develop, and they occur in small intervals. Furthermore, small cultural changes may even go unnoticed or may be attributed to factors other than their actual causes. This 17the “rAvell” CorporAtIon raises the issue of the importance of cultural awareness and our ability to measure individual and group performance. The history of the IT problems at Ravell made it easy for me to make management aware of what we were newly attempting to accomplish and of our reasons for creating dialogues about our successes and failures. Measurement and evaluation of IT performance are challenging because of the intrica- cies involved in determining what represents success. I feel that one form of measurement can be found in the behavioral patterns of an organization. When it came time for employee evaluations, reviews were held with each IT staff member. Discussions at evaluation reviews focused on the individuals’ perceptions of their role, and how they felt about their job as a whole. The feedback from these review meetings suggested that the IT staff had become more devoted, and more willing to reflect on their role in the organization, and, gen- erally, seemed happier at their jobs than ever before. Interestingly, and significantly, they also appeared to be having fun at their jobs. This happiness propagated into the community and influenced other supporting departments to create similar infrastructures that could reproduce our type of successes. This interest was made evident by frequent inquiries I received from other departments about how the transformation of IT was accomplished, and how it might be trans- lated to create similar changes in staff behavior elsewhere in the com- pany. I also noticed that there were fewer complaints and a renewed ability for the staff to work with our consultants. Alignment with Administrative Departments Ravell provided an excellent lesson about the penalties of not align- ing properly with other strategic and operational partners in a firm. Sometimes, we become insistent on forcing change, especially when placed in positions that afford a manager power—the power to get results quickly and through force. The example of Ravell teaches us that an approach of power will not ultimately accomplish transforma- tion of the organization. While senior management can authorize and mandate change, change usually occurs much more slowly than they wish, if it occurs at all. The management ranks can still push back and cause problems, if not sooner, then later. While I aligned with the line units, I failed to align with important operational partners, 18 INFORMATION TECHNOLOGY particularly human resources (HR). HR in my mind at that time was impeding my ability to accomplish change. I was frustrated and determined to get things done by pushing my agenda. This approach worked early on, but I later discovered that the HR management was bitter and devoted to stopping my efforts. The problems I encountered at Ravell are not unusual for IT organizations. The historical issues that affect the relationship between HR and IT are as follows: • IT has unusual staff roles and job descriptions that can be inconsistent with the rest of the organization. • IT tends to have complex working hours and needs. • IT has unique career paths that do not “fit” with HR standards. • IT salary structures shift more dynamically and are very sen- sitive to market conditions. • IT tends to operate in silos. The challenge, then, to overcome these impediments requires IT to • reduce silos and IT staff marginalization • achieve better organization-wide alignment • develop shared leadership • define and create an HR/IT governance model The success of IT/HR alignment should follow practices similar to those I instituted with the line managers at Ravell, specifically the following: • Successful HR/IT integration requires organizational learn- ing techniques. • Alignment requires an understanding of the relationship between IT investments and business strategy. • An integration of IT can create new organizational cultures and structures. • HR/IT alignment will likely continue to be dynamic in nature, and evolve at an accelerated pace. The oversight of not integrating better with HR cost IT dearly at Ravell. HR became an undisclosed enemy—that is, a negative force against the entire integration. I discovered this problem only later, and was never able to bring the HR department into the fold. Without HR being part of the learning organization, IT staff continued to 19the “rAvell” CorporAtIon struggle with aligning their professional positions with those of the other departments. Fortunately, within two years the HR vice presi- dent retired, which inevitably opened the doors for a new start. In large IT organizations, it is not unusual to have an HR member assigned to focus specifically on IT needs. Typically, it is a joint position in which the HR individual in essence works for the IT executive. This is an effective alternative in that the HR person becomes versed in IT needs and can properly represent IT in the area of head count needs and specific titles. Furthermore, the unique aspect of IT organizations is in the hybrid nature of their staff. Typically, a number of IT staff members are consultants, a situation that presents problems similar to the one I encountered at Ravell—that is, the resentment of not really being part of the organization. Another issue is that many IT staff members are outsourced across the globe, a situation that brings its own set of chal- lenges. In addition, the role of HR usually involves ensuring compliance with various regulations. For example, in many organizations, a con- sultant is permitted to work on site for only one year before U.S. gov- ernment regulations force the company to hire them as employees. The HR function must work closely with IT to enforce these regulations. Yet another important component of IT and HR collaboration is talent management. That is, HR must work closely with IT to understand new roles and responsibilities as they develop in the organization. Another challenge is the integration of technology into the day-to-day business of a company, and the question of where IT talent should be dispersed throughout the organization. Given this complex set of challenges, IT alone cannot facilitate or properly represent itself, unless it aligns with the HR departments. This becomes further complex with the prolifera- tion of IT virtual teams across the globe that create complex structures that often have different HR ramifications, both legally and culturally. Virtual team management is discussed further in the book. Conclusion This case study shows that strategic integration of technical resources into core business units can be accomplished, by using those aspects of organizational learning that promote reflection in action. This kind of integration also requires something of a concomitant form of assimila- tion, on the cultural level (see Chapter 3). Reflective thinking fosters the 20 INFORMATION TECHNOLOGY development of a learning organization, which in turn allows for the integration of the “other” in its various organizational manifestations. The experience of this case study also shows that the success of organi- zational learning will depend on the degree of cross fertilization achiev- able in terms of individual values and on the ability of the community to combine new concepts and beliefs, to form a hybrid culture. Such a new culture prospers with the use of organizational learning strategies to enable it to share ideas, accept mistakes, and learn to know less as a regular part their discourse and practice in their day-to-day operations. Another important conclusion from the Ravell experience is that time is an important factor to the success of organizational learning approaches. One way of dealing with the problem of time is with patience—something that many organizations do not have. Another element of success came in the acceleration of events (such as the relo- cation at Ravell), which can foster a quicker learning cycle and helps us see results faster. Unfortunately, impatience with using organiza- tional learning methods is not an acceptable approach because it will not render results that change individual and organizational behavior. Indeed, I almost changed my approach when I did not get the results I had hoped for early in the Ravell engagement. Nevertheless, my per- sistence paid off. Finally, the belief that replacing the staff, as opposed to investing in its knowledge, results from a faulty generalization. I found that most of the IT staff had much to contribute to the orga- nization and, ultimately, to help transform the culture. Subsequent chapters of this book build on the Ravell experience and discuss spe- cific methods for integrating organizational learning and IT in ways that can improve competitive advantage. Another recent perception, which I discuss further in Chapter 4, is the commitment to “complete” integration. Simply put, IT cannot select which departments to work with, or choose to participate only with line managers; as they say, it is “all or nothing at all.” Furthermore, as Friedman (2007, p. 8) states “The world is flat.” Certainly, part of the “flattening” of the world has been initiated by technology, but it has also created overwhelming challenges for seamless integration of technology within all operations. The flattening of the world has cre- ated yet another opportunity for IT to better integrate itself into what is now an everyday challenge for all organizations. 21 2 The iT Dilemma Introduction We have seen much discussion in recent writing about how informa- tion technology has become an increasingly significant component of corporate business strategy and organizational structure (Bradley & Nolan, 1998; Levine et al., 2000; Siebel, 1999). But, do we know about the ways in which this significance takes shape? Specifically, what are the perceptions and realities regarding the importance of technology from organization leaders, business managers, and core operations personnel? Furthermore, what forms of participation should IT assume within the rest of the organization? The isolation of IT professionals within their companies often pre- vents them from becoming active participants in the organization. Technology personnel have long been criticized for their inability to function as part of the business and are often seen as a group falling outside business cultural norms (Schein, 1992). They are frequently stereotyped as “techies” and segregated into areas of the business where they become marginalized and isolated from the rest of the organization. It is my experience, based on case studies such as the one reviewed in Chapter 1 (the Ravell Corporation), that if an orga- nization wishes to absorb its IT department into its core culture, and if it wishes to do so successfully, the company as a whole must be pre- pared to consider structural changes and to seriously consider using organizational learning approaches. The assimilation of technical people into an organization presents a special challenge in the development of true organizational learning practices (developed more fully in Chapter 3). This challenge stems from the historical separation of a special group that is seen as stand- ing outside the everyday concerns of the business. IT is generally acknowledged as having a key support function in the organization as a whole. However, empirical studies have shown that it is a challenging 22 InForMAtIon teChnoloGY endeavor to successfully integrate IT personnel into the learning fold and to do so in such a way that they not only are accepted, but also understood to be an important part of the social and cultural struc- ture of the business (Allen & Morton, 1994; Cassidy, 1998; Langer, 2007; Schein, 1992; Yourdon, 1998). In his book In Over Our Heads, Kegan (1994) discusses the chal- lenges of dealing with individual difference. IT personnel have been consistently regarded as “different” fixtures; as outsiders who do not quite fit easily into the mainstream organization. Perhaps, because of their technical practices, which may at times seem “foreign,” or because of perceived differences in their values, IT personnel can become marginalized; imagined as outside the core social structures of business. As in any social structure, marginalization can result in the withdrawal of the individual from the community (Schlossberg, 1989). As a result, many organizations are choosing to outsource their IT services rather than confront and address the issues of cultural absorption and organizational learning. The outsourcing alternative tends to further distance the IT function from the core organiza- tion, thus increasing the effects of marginalization. Not only does the outsourcing of IT personnel separate them further from their peers, but it also invariably robs the organization of a potentially important contributor to the social growth and organizational learning of the business. For example, technology personnel should be able to offer insight into how technology can support further growth and learning within the organization. In addition, IT personnel are usually trained to take a logical approach to problem solving; as a result, they should be able to offer a complementary focus on learning. Hence, the inte- gration of IT staff members into the larger business culture can offer significant benefits to an organization in terms of learning and orga- nizational growth. Some organizations have attempted to improve communications between IT and non-IT personnel through the use of an intermedi- ary who can communicate easily with both groups. This intermediary is known in many organizations as the business analyst. Typically, the business analyst will take responsibility for the interface between IT and the larger business community. Although a business analyst may help facilitate communication between IT and non-IT personnel, this arrangement cannot help but carry the implication that different 23the It dIleMMA “languages” are spoken by these two groups and, by extension, that direct communication is not possible. Therefore, the use of such an intermediary suffers the danger of failing to promote integration between IT and the rest of the organization; in fact, it may serve to keep the two camps separate. True integration, in the form of direct contact between IT and non-IT personnel, represents a greater chal- lenge for an organization than this remedy would suggest. Recent Background Since the 1990s, IT has been seen as a kind of variable that possesses the great potential to reinvent business. Aspects of this promise affected many of the core business rules used by successful chief executives and business managers. While organizations have used IT for the process- ing of information, decision-support processing, and order processing, the impact of the Internet and e-commerce systems has initiated revolutionary responses in every business sector. This economic phe- nomenon became especially self-evident with the formation of dot-coms in the mid- and late 1990s. The advent of this phenomenon stressed the need to challenge fundamental business concepts. Many financial wizards surmised that new technologies were indeed changing the very infrastructure of business, affecting how businesses would operate and compete in the new millennium. Much of this hoopla seemed justified by the extraordinary potential that technology offered, particularly with respect to the revolutionizing of old-line marketing principles, for it was technology that came to violate what was previously thought to be protected market conditions and sectors. Technology came to reinvent these business markets and to allow new competitors to cross market in sectors they otherwise could not have entered. With this new excitement also came fear— fear that fostered unnat- ural and accelerated entry into technology because any delay might sacrifice important new market opportunities. Violating some of their traditional principles, many firms invested in creating new organi- zations that would “incubate” and eventually, capture large market segments using the Internet as the delivery vehicle. By 2000, many of these dot-coms were in trouble, and it became clear that their notion of new business models based on the Internet contained significant flaws and shortfalls. As a result of this crisis, the role and valuation 24 InForMAtIon teChnoloGY of IT is again going through a transformation and once more we are skeptical about the value IT can provide a business and about the way to measure the contributions of IT. IT in the Organizational Context Technology not only plays a significant role in workplace operations, but also continues to increase its relevance among other traditional components of any business, such as operations, accounting, and marketing (Earl, 1996b; Langer, 2001a; Schein, 1992). Given this increasing relevance, IT gains significance in relation to 1. The impact it bears on organizational structure 2. The role it can assume in business strategy 3. The ways in which it can be evaluated 4. The extent to which chief executives feel the need to manage operational knowledge and thus to manage IT effectively IT and Organizational Structure Sampler’s (1996) research explores the relationship between IT and organizational structure. His study indicated that there is no clear-cut relationship that has been established between the two. However, he concluded that there are five principal positions that IT can take in this relationship: 1. IT can lead to centralization of organizational control. 2. Conversely, IT can lead to decentralization of organizational control. 3. IT can bear no impact on organizational control, its signifi- cance being based on other factors. 4. Organizations and IT can interact in an unpredictable manner. 5. IT can enable new organizational arrangements, such as net- worked or virtual organizations. According to Sampler (1996), the pursuit of explanatory models for the relationship between IT and organizational structure continues to be a challenge, especially since IT plays dual roles. On the one 25the It dIleMMA hand, it enhances and constrains the capabilities of workers within the organization, and because of this, it also possesses the ability to create a unique cultural component. While both roles are active, their impact on the organization cannot be predicted; instead, they evolve as unique social norms within the organization. Because IT has changed so dramatically over the past decades, it continues to be difficult to compare prior research on the relationship between IT and organizational structure. Earl (1996a) studied the effects of applying business process reen- gineering (BPR) to organizations. BPR is a process that organizations undertake to determine how best to use technology, to improve busi- ness performance. Earl concludes that BPR is “an unfortunate title: it does not reflect the complex nature of either the distinctive underpin- ning concept of BPR [i.e., to reevaluate methods and rules of business operations] or the essential practical challenges to make it happen [i.e., the reality of how one goes about doing that]” (p. 54). In my 2001 study of the Ravell Corporation (“Fixing Bad Habits,” Langer, 2001b), I found that BPR efforts require buy-in from business line managers, and that such efforts inevitably require the adaptation by individuals of different cultural norms and practices. Schein (1992) recognizes that IT culture represents a subculture in collision with many others within an organization. He concludes that if organizations are to be successful in using new technologies in a global context, they must cope with ceaseless flows of information to ensure organizational health and effectiveness. His research indicates that chief executive officers (CEOs) have been reluctant to implement a new sys- tem of technology unless their organizations felt comfortable with it and were ready to use it. While many CEOs were aware of cost and effi- ciency implications in using IT, few were aware of the potential impact on organizational structure that could result from “adopting an IT view of their organizations” (p. 293). Such results suggest that CEOs need to be more active and more cognizant than they have been of potential shifts in organizational structure when adopting IT opportunities. The Role of IT in Business Strategy While many chief executives recognize the importance of IT in the day-to-day operations of their business, their experience with 26 InForMAtIon teChnoloGY attempting to utilize IT as a strategic business tool, has been frustrat- ing. Typical executive complaints about IT, according to Bensaou and Earl (1998), fall into five problem areas: 1. A lack of correspondence between IT investments and busi- ness strategy 2. Inadequate payoff from IT investments 3. The perception of too much “technology for technology’s sake” 4. Poor relations between IT specialists and users 5. The creation of system designs that fail to incorporate users’ preferences and work habits McFarlan created a strategic grid (as presented in Applegate et al., 2003) designed to assess the impact of IT on operations and strategy. The grid shows that IT has maximum value when it affects both oper- ations and core business objectives. Based on McFarlan’s hypothesis, Applegate et al. established five key questions about IT that may be used by executives to guide strategic decision making: 1. Can IT be used to reengineer core value activities, and change the basis of competition? 2. Can IT change the nature of the relationship, and the balance of power, between buyers and sellers? 3. Can IT build or reduce barriers to entry? 4. Can IT increase or decrease switching costs? 5. Can IT add value to existing products and services, or create new ones? The research and analysis conducted by McFarlan and Applegate, respectively, suggest that when operational strategy and its results are maximized, IT is given its highest valuation as a tool that can transform the organization. It then receives the maximum focus from senior management and board members. However, Applegate et al. (2003) also focus on the risks of using technology. These risks increase when executives have a poor understanding of competitive dynamics, when they fail to understand the long-term implications of a strategic system that they have launched, or when they fail to account for the time, effort, and cost required to ensure user adop- tion, assimilation, and effective utilization. Applegate’s conclusion 27the It dIleMMA underscores the need for IT management to educate senior man- agement, so that the latter will understand the appropriate indi- cators for what can maximize or minimize their investments in technology. Szulanski and Amin (2000) claim that while emerging technologies shrink the window in which any given strategy can be implemented, if the strategy is well thought out, it can remain viable. Mintzberg’s (1987) research suggests that it would be useful to think of strategy as an art, not a science. This perspective is especially true in situations of uncertainty. The rapidly changing pace of emerging technologies, we know, puts a strain on established approaches to strategy— that is to say, it becomes increasingly difficult to find comfortable implemen- tation of technological strategies in such times of fast-moving envi- ronments, requiring sophisticated organizational infrastructure and capabilities. Ways of Evaluating IT Firms have been challenged to find a way to best evaluate IT, particularly using traditional return on investment (ROI) approaches. Unfortunately, in this regard, many components of IT do not generate direct returns. Cost allocations based on overhead formulas (e.g., costs of IT as a percentage of revenues) are not applicable to most IT spend- ing needs. Lucas (1999) established nonmonetary methods for evalu- ating IT. His concept of conversion effectiveness places value on the ability of IT to complete its projects on time and within its budgets. This alone is a sufficient factor for providing ROI, assuming that the project was approved for valid business reasons. He called this overall process for evaluation the “garbage can” model. It allows organizations to present IT needs through a funneling pipeline of conversion effec- tiveness that filters out poor technology plans and that can determine which projects will render direct and indirect benefits to the organiza- tion. Indirect returns, according to Lucas, are those that do not pro- vide directly measurable monetary returns but do provide significant value that can be measured using his IT investment opportunities matrix. Utilizing statistical probabilities of returns, the opportunities matrix provides an effective tool for evaluating the impact of indirect returns. 28 InForMAtIon teChnoloGY Executive Knowledge and Management of IT While much literature and research have been produced on how IT needs to participate in and bring value to an organization, there has been relatively little analysis conducted on what non-IT chief execu- tives need to know about technology. Applegate et al. (2003) suggest that non-IT executives need to understand how to differentiate new technologies from older ones, and how to gauge the expected impact of these technologies on the businesses, in which the firm competes for market share. This is to say that technology can change the rela- tionship between customer and vendor, and thus, should be examined as a potential for providing competitive advantage. The authors state that non-IT business executives must become more comfortable with technology by actively participating in technology decisions rather than delegating them to others. They need to question experts as they would in the financial areas of their businesses. Lou Gerstner, former CEO of IBM , is a good example of a non-IT chief executive who acquired sufficient knowledge and understanding of a technology firm. He was then able to form a team of executives who better understood how to develop the products, services, and overall business strategy of the firm. Allen and Percival (2000) also investigate the importance of non- IT executive knowledge and participation with IT: “If the firm lacks the necessary vision, insights, skills, or core competencies, it may be unwise to invest in the hottest [IT] growth market” (p. 295). The authors point out that success in using emerging technologies is dif- ferent from success in other traditional areas of business. They con- cluded that non-IT managers need to carefully consider expected synergies to determine whether an IT investment can be realized and, especially, whether it is efficient to earn cost of capital. Recent studies have focused on four important components in the linking of technology and business: its relationship to organizational structure, its role in business strategy, the means of its evaluation, and the extent of non-IT executive knowledge in technology. The chal- lenge in determining the best organizational structure for IT is posed by the accelerating technological advances since the 1970s and by the difficulty in comparing organizational models to consistent business cases. Consequently, there is no single organizational structure that has been adopted by businesses. 29the It dIleMMA While most chief executives understand the importance of using technology as part of their business strategy, they express frustra- tion in determining how to effectively implement a technology-based strategic approach. This frustration results from difficulties in under- standing how IT investments relate to other strategic business issues, from difficulty in assessing payoff and performance of IT generally and from perceived poor relations between IT and other departments. Because most IT projects do not render direct monetary returns, exec- utives find themselves challenged to understand technology investments. They have difficulty measuring value since traditional ROI formulas are not applicable. Thus, executives would do better to focus on valuing tech- nology investments by using methods that can determine payback based on a matrix of indirect returns, which do not always include monetary sources. There is a lack of research on the question of what general knowl- edge non-IT executives need to have to effectively manage the strategic use of technology within their firms. Non-IT chief executives are often not engaged in day-to-day IT activities, and they often delegate dealing with strategic technology issues to other managers. The remainder of this chapter examines the issues raised by the IT dilemma in its various guises especially as they become relevant to, and are confronted from, the top management or chief executive point of view. IT: A View from the Top To investigate further the critical issues facing IT, I conducted a study in which I personally interviewed over 40 chief executives in vari- ous industries, including finance/investment, publishing, insurance, wholesale/retail, and hotel management. Executives interviewed were either the CEO or president of their respective corporations. I canvassed a population of New York-based midsize corporations for this interview study. Midsize firms, in our case, comprise businesses of between 200 and 500 employees. Face-to-face interviews were conducted, to allow participants the opportunity to articulate their responses, in contrast to answering printed survey questions; execu- tives were therefore allowed to expand, and clarify, their responses to questions. An interview guide (see questions in Tables 2.1 through 2.3) was designed to raise issues relevant to the challenges of using technology, as reported in the recent research literature, and to 30 InForMAtIon teChnoloGY consider significant phenomena, that could affect changes in the uses of technology, such as the Internet. The interview discussions focused on three sections: (1) chief executive perception of the role of IT, (2) management and strategic issues, and (3) measuring IT performance and activities. The results of the interviews are summarized next. Table 2.1 Perception and Role of IT QUESTION ANALYSIS 1. How do you define the role and the mission of IT in your firm? Fifty-seven percent responded that their IT organizations were reactive and did not really have a mission. Twenty-eight percent had an IT mission that was market driven; that is, their IT departments were responsible for actively participating in marketing and strategic processes. 2. What impact has the Internet had on your business strategy? Twenty-eight percent felt the impact was insignificant, while 24% felt it was critical. The remaining 48% felt that the impact of the Internet was significant to daily transactions. 3. Does the firm have its own internal software development activity? Do you develop your own in-house software or use software packages? Seventy-six percent had an internal development organization. Eighty-one percent had internally developed software. 4. What is your opinion of outsourcing? Do you have the need to outsource technology? If so, how is this accomplished? Sixty-two percent had outsourced certain aspects of their technology needs. 5. Do you use consultants to help formulate the role of IT? If yes, what specific roles do they play? If not, why? Sixty-two percent of the participants used consultants to assist them in formulating the role of IT. 6. Do you feel that IT will become more important to the strategy of the business? If yes, why? Eighty-five percent felt that IT had recently become more important to the strategic planning of the business. 7. How is the IT department viewed by other departments? Is the IT department liked, or is it marginalized? Twenty-nine percent felt that IT was still marginalized. Another 29% felt it was not very integrated. Thirty-eight percent felt IT was sufficiently integrated within the organization, but only one chief executive felt that IT was very integrated with the culture of his firm. 8. Do you feel there is too much “ hype” about the importance and role of technology? Fifty-three percent felt that there was no hype. However, 32% felt that there were levels of hype attributed to the role of technology; 10% felt it was “ all hype.” 9. Have the role and the uses of technology in the firm significantly changed over the last 5 years? If so, what are the salient changes? Fourteen percent felt little had changed, whereas 43% stated that there were moderate changes. Thirty-eight percent stated there was significant change. 31the It dIleMMA Table 2.2 Management and Strategic Issues QUESTION ANALYSIS 1. What is the most senior title held by someone in IT? Where does this person rank on the organization hierarchy? Sixty-six percent called the highest position chief information officer (CIO). Ten percent used managing director, while 24% used director as the highest title. 2. Does IT management ultimately report to you? Fifty percent of IT leaders reported directly to the chief executive (CEO). The other half reported to either the chief financial officer (CFO) or the chief operating officer (COO). 3. How active are you in working with IT issues? Fifty-seven percent stated that they are very active— on a weekly basis. Thirty-eight percent were less active or inconsistently involved, usually stepping in when an issue becomes problematic. 4. Do you discuss IT strategy with your peers from other firms? Eighty-one percent did not communicate with peers at all. Only 10% actively engaged in peer-to-peer communication about IT strategy. 5. Do IT issues get raised at board, marketing, and/or strategy meetings? Eighty-six percent confirmed that IT issues were regularly discussed at board meetings. However, only 57% acknowledged IT discussion during marketing meetings, and only 38% confirmed like discussions at strategic sessions. 6. How critical is IT to the day-to-day business? Eighty-two percent of the chief executives felt it was very significant or critical to the business. Table 2.3 Measuring IT Performance and Activities QUESTION ANALYSIS 1. Do you have any view of how IT should be measured and accounted for? Sixty-two percent stated that they had a view on measurement; however, there was significant variation in how executives defined measurement. 2. Are you satisfied with IT performance in the firm? There was significant variation in IT satisfaction. Only 19% were very satisfied. Thirty-three percent were satisfied, another 33% were less satisfied, and 14% were dissatisfied. 3. How do you budget IT costs? Is it based on a percentage of gross revenues? Fifty-seven percent stated that they did not use gross revenues in their budgeting methodologies. 4. To what extent do you perceive technology as a means of increasing marketing or productivity or both? Seventy-one percent felt that technology was a significant means of increasing both marketing and productivity in their firms. 5. Are Internet/Web marketing activities part of the IT function? Only 24% stated that Internet/Web marketing efforts reported directly to the IT organization. 32 InForMAtIon teChnoloGY Section 1: Chief Executive Perception of the Role of IT This section of the interview focuses on chief executive perceptions of the role of IT within the firm. For the first question, about the role and mission of IT, over half of the interviewees responded in ways that suggested their IT organizations were reactive, without a strate- gic mission. One executive admitted, “IT is not really defined. I guess its mission is to meet our strategic goals and increase profitability.” Another response betrays a narrowly construed understanding of its potential: “The mission is that things must work— zero tolerance for failure.” These two responses typify the vague and generalized percep- tion that IT “has no explicit mission” except to advance the important overall mission of the business itself. Little over a quarter of respon- dents could confirm a market-driven role for IT; that is, actively par- ticipating in marketing and strategic processes. Question 2, regarding the impact of the Internet on business strategy, drew mixed responses. Some of these revealed the deeply reflective challenges posed by the Internet: “I feel the Internet forces us to take a longer-term view and a sharper focus to our business.” Others emphasized its transformative potential: “The Internet is key to decentralization of our offices and business strategy.” Questions 3 and 4 focused on the extent to which firms have their own software development staffs, whether they use internally developed or packaged software, and whether they outsource IT services. Control over internal development of systems and applications remained important to the majority of chief executives: “I do not like outsourcing— surrender control, and it’s hard to bring back.” Almost two-thirds of the partici- pants employed consultants to assist them in formulating the role of IT within their firms but not always without reservation: “Whenever we have a significant design issue we bring in consultants to help us— but not to do actual development work.” Only a few were downright skepti- cal: “I try to avoid consultants— what is their motivation?” The percep- tion of outsourcing is still low in midsize firms, as compared to the recent increase in IT outsourcing abroad. The lower use could be related to the initial costs and management overheads that are required to properly implement outsource operations in foreign countries. A great majority of chief executives recognized some form of the strategic importance of IT to business planning: “More of our business 33the It dIleMMA is related to technology and therefore I believe IT is more important to strategic planning.” Still, this sense of importance remained some- what intuitive: “I cannot quantify how IT will become more strategic to the business planning— but I sense that job functions will be dra- matically altered.” In terms of how IT is viewed by other departments within the firm, responses were varied. A little over a third of respon- dents felt IT was reasonably integrated within the organization: “The IT department is vitally important— but rarely noticed.” The major- ity of respondents, however, recognized a need for greater integra- tion: “IT was marginalized— but it is changing. While IT drives the system— it needs to drive more of the business.” Some articulated clearly the perceived problems: “IT needs to be more proactive— they do not seem to have good interpersonal skills and do not understand corporate politics.” A few expressed a sense of misgiving (“IT people are strange— personality is an issue”) and even a sense of hopeless- ness: “People hate IT— particularly over the sensitivity of the data. IT sometimes is viewed as misfits and incompetent.” Question eight asked participants whether they felt there was too much “hype” attributed to the importance of technology in business. Over half responded in the negative, although not without reserva- tion: “I do not think there is too much hype— but I am disappointed. I had hoped that technology at this point would have reduced paper, decreased cost— it just has not happened.” Others felt that there is indeed some degree of sensationalism: “I definitely think there is too much hype— everyone wants the latest and greatest.” Hype in many cases can be related to a function of evaluation, as in this exclama- tion: “The hype with IT relates more to when will we actually see the value!” The last question in this section asks whether the uses of technology within the firm had significantly changed over the last five years. A majority agreed that it had: “The role of IT has changed significantly in the last five years—we need to stay up-to-date because we want to carry the image that we are ‘ on the ball’.” Many of these stressed the importance of informational flows: “I find the ‘ I’ [infor- mation] part to be more and more important and the ‘ T’ [technol- ogy] to be diminishing in importance.” Some actively downplayed the significance: “I believe in minimizing the amount of technology we use—people get carried away.” 34 InForMAtIon teChnoloGY Section 2: Management and Strategic Issues This section focuses on questions pertaining to executive and man- agement organizational concerns. The first and second questions asked executives about the most senior title held by an IT officer and about the reporting structure for IT. Two-thirds of the par- ticipants ranked their top IT officer as a chief information officer (CIO). In terms of organizational hierarchy, half of the IT leaders were at the second tier, reporting directly to the CEO or presi- dent, while the other half were at the third tier, reporting either to the chief financial officer (CFO) or to the chief operating offi- cer (COO). As one CEO stated, “Most of my activity with IT is through the COO. We have a monthly meeting, and IT is always on the agenda.” The third question asked executives to consider their level of involvement with IT matters. Over half claimed a highly active rela- tionship, engaging on a weekly basis: “I like to have IT people close and in one-on-one interactions. It is not good to have artificial barri- ers.” For some, levels of involvement may be limited: “I am active with IT issues in the sense of setting goals.” A third of participants claimed less activity, usually becoming active when difficulties arose. Question four asked whether executives spoke to their peers at other firms about technology issues. A high majority managed to skip this potential for communication with their peers. Only one in 10 actively pursued this matter of engagement. Question 5 asked about the extent to which IT issues were discussed at board meetings, marketing meetings, and business strategy sessions. Here, a great majority confirmed that there was regular discussion regarding IT concerns, especially at board meet- ings. A smaller majority attested to IT discussions during market- ing meetings. Over a third reported that IT issues maintained a presence at strategic sessions. The higher incidence at board meet- ings may still be attributable to the effects of Year 2000 (Y2K) preparations. The final question in this section concerned the level of criticality for IT in the day-to-day operations of the business. A high majority of executives responded affirmatively in this regard: “IT is critical to our survival, and its impact on economies of scale is significant.” 35the It dIleMMA Section 3: Measuring IT Performance and Activities This section is concerned with how chief executives measured IT per- formance and activities within their firms. The first question of this section asked whether executives had a view about how IT performance should be measured. Almost two-thirds affirmed having some formal or informal way of measuring performance: “We have no formal pro- cess of measuring IT other than predefined goals, cost constraints, and deadlines.” Their responses demonstrated great variation, sometimes leaning on cynicism: “I measure IT by the number of complaints I get.” Many were still grappling with this challenge: “Measuring IT is unqualified at this time. I have learned that hours worked is not the way to measure IT— it needs to be more goal- oriented.” Most chief execu- tives expressed some degree of quandary: “We do not feel we know enough about how IT should be measured.” Question two asked execu- tives to rate their satisfaction with IT performance. Here, also, there was significant variation. A little more than half expressed some degree of satisfaction: “Since 9/11 IT has gained a lot of credibility because of the support that was needed during a difficult time.” Slightly fewer than half revealed a degree of dissatisfaction: “We had to overhaul our IT department to make it more customer-service oriented.” Question three concerned budgeting; that is, whether or not chief executives budgeted IT costs as a percentage of gross revenues. Over half denied using gross revenues in their budgeting method: “When handling IT projects we look at it on a request-by-request basis.” The last two questions asked chief executives to assess the impact of technology on marketing and productivity. Almost three quarters of the participants felt that technology represented a significant means of enhancing both marketing and productivity. Some maintained a cer- tainty of objective: “We try to get IT closer to the customer— having them understand the business better.” Still, many had a less-defined sense of direction: “I have a fear of being left behind, so I do think IT will become more important to the business.” And others remained caught in uncertainty: “I do not fully understand how to use technol- ogy in marketing— but I believe it’s there.” Chief executive certainty, in this matter, also found expression in the opposite direction: “IT will become less important— it will be assumed as a capability and a service that companies provide to their customers.” Of the Internet/ 36 InForMAtIon teChnoloGY Web marketing initiatives, only one quarter of these reported directly to the IT organization: “IT does not drive the Web activities because they do not understand the business.” Often, these two were seen as separate or competing entities of technology: “Having Web develop- ment report to IT would hinder the Internet business’s growth poten- tial.” Yet, some might be willing to explore a synergistic potential: “We are still in the early stages of understanding how the Internet relates to our business strategy and how it will affect our product line.” General Results Section 1 revealed that the matter of defining a mission for the IT organization remains as unresolved as finding a way to reckon with the potential impact of IT on business strategy. Executives still seemed to be at a loss on the question of how to integrate IT into the workplace— a human resource as well as a strategic issue. There was uncertainty regard- ing the dependability of the technology information received. Most agreed, however, in their need for software development departments to support their internally developed software, in their need to outsource certain parts of technology, and in their use of outside consultants to help them formulate the future activities of their IT departments. Section 2 showed that while the amount of time that executives spent on IT issues varied, there was a positive correlation between a structure in which IT managers reported directly to the chief executive and the degree of activity that executives stated they had with IT matters. Section 3 showed that chief executives understood the potential value that technol- ogy can bring to the marketing and productivity of their firms. They did not believe, however, that technology can go unmeasured; there needs to be some rationale for allotting a spending figure in the budget. For most of the firms in this study, the use of the Internet as a technological vehicle for future business was not determined by IT. This suggests that IT does not manage the marketing aspects of technology, and that it has not achieved significant integration in strategic planning. Defining the IT Dilemma The variations found in this study in terms of where IT reports, how it is measured, and how its mission is defined were consistent with 37the It dIleMMA existing research. But, the wide-ranging inconsistencies and uncer- tainties among executives described here left many of them wonder- ing whether they should be using IT as part of their business strategy and operations. While this quandary does not in itself suggest an inadequacy, it does point to an absence of a “best practices” guideline for using technology strategically. Hence, most businesses lacked a clear plan on how to evolve IT contributions toward business develop- ment. Although a majority of respondents felt that IT was critical to the survival of their businesses, the degree of IT assimilation within the core culture of organizations still varied. This suggests that the effects of cultural assimilation lag behind the actual involvement of IT in the strategic direction of the company. While Sampler (1996) attributes many operational inconsistencies to the changing landscape of technology, the findings of this study suggest that there is also a lack in professional procedures, rules, and established governance, that could support the creation of best practices for the profession. Bensaou and Earl (1998), on the one hand, have addressed this concern by taking a pro-Japanese perspective in extrapolating from five “Western” problems five “general” principles, presumably not cul- ture bound, and thence a set of “best principles” for managing IT. But, Earl et al. (1995), on the other hand, have sidestepped any attempt to incorporate Earl’s own inductive approach discussed here; instead, they favor a market management approach, based on a supply-and-demand model to “balance” IT management. Of course, best practices already embody the implicit notion of best principles; however, the problems confronting executives— the need for practical guidelines— remain. For instance, this study shows that IT performance is measured in many different ways. It is this type of practical inconsistency that leaves chief executives with the difficult challenge of understanding how technol- ogy decisions can be managed. On a follow-up call related to this study, for example, a CEO informed me of a practical yet significant difference she had instituted since our interview. She stated: The change in reporting has allowed IT to become part of the main- stream vision of the business. It now is a fundamental component of all discussions with human resources, sales and marketing, and accounting. The change in reporting has allowed for the creation of a critical system, 38 InForMAtIon teChnoloGY which has generated significant direct revenues for the business. I attri- bute this to my decision to move the reporting of technology directly to me and to my active participation in the uses of technology in our business. This is an example of an executive whom Schein (1994) would call a “change agent”— someone who employs “cognitive redefinition through scanning,” in this case to elicit the strategic potential of IT. We might also call this activity reflective thinking (Langer, 2001b). Schein’s change agents, however, go on to “acknowledge that future generations of CEOs will have been educated much more thoroughly in the possibilities of the computer and IT, thus enabling them to take a hands-on adopter stance” (p. 343). This insight implies a distanc- ing (“future”) of present learning responsibilities among current chief executives. The nearer future of this insight may instead be seen in the development of organizational learning.* These are two areas of contemporary research that begin to offer useful models in the pursuit of a best practices approach to the understanding and managing of IT. If the focus of this latter study was geared toward the evaluation of IT based on the view of the chief executive, it was, indeed, because their views necessarily shape the very direction for the organizations that they manage. Subsequent chapters of this book examine how the various dilemmas surrounding IT that I have discussed here are affecting organizations and how organizational learning practices can help answer many of the issues of today as raised by executives, man- agers, and operations personnel. Recent Developments in Operational Excellence The decline in financial markets in 2009, and the continued increase in mergers and acquisitions due to global competition have created an interesting opportunity for IT that reinforces the need for integration via organizational learning. During difficult economic periods, IT has traditionally been viewed as a cost center and had its operations * My case study “Fixing Bad Habits” (Langer, 2001b) has shown that integrating the practices of reflective thinking, to support the development of organizational learning, has greatly enhanced the adaptation of new technologies, their strategic valuation to the firm, and their assimilation into the social norms of the business. 39the It dIleMMA reduced (I discuss this further in Chapter 3, in which I introduce the concept of drivers and supporters). However, with the growth in the role of technology, IT management has now been asked to help improve efficiency through the use of technology across departments. That is, IT is emerging as an agent for business transformation in a much stronger capacity than ever before. This phenomenon has placed tremendous pressure on the technology executive to align with his or her fellow executives in other departments and to get them to partici- pate in cost reductions by implementing more technology. Naturally, using technology to facilitate cuts to the workforce is often unpopular, and there has been much bitter fallout from such cross-department reductions. Technology executives thus face the challenge of position- ing themselves as the agents of a necessary change. However, opera- tional excellence is broader than just cutting costs and changing the way things operate; it is about doing things efficiently and with qual- ity measures across corporate operations. Now that technology affects every aspect of operations, it makes sense to charge technology execu- tives with a major responsibility to get it accomplished. The assimilation of technology as a core part of the entire orga- nization is now paramount for survival, and the technology execu- tive of today and certainly tomorrow will be one who understands that operational excellence through efficiency must be accomplished by educating business units in self-managing the process. The IT executive, then, supports the activity as a leader, not as a cost cut- ter who invades the business. The two approaches are very different, and adopting the former can result in significant long-term results in strategic alignment. My interviews with CEOs supported this notion: The CEO does not want to be the negotiator; change must be evolutionary within the business units themselves. While taking this kind of role in organiza- tional change presents a new dilemma for IT, it can also be an oppor- tunity for IT to position itself successfully within the organization. 41 3 TeChnology as a vaRiable anD Responsive oRganizaTional Dynamism Introduction This chapter focuses on defining the components of technology and how they affect corporate organizations. In other words, if we step back momentarily from the specific challenges that information tech- nology (IT) poses, we might ask the following: What are the generic aspects of technology that have made it an integral part of strategic and competitive advantage for many organizations? How do organizations respond to these generic aspects as catalysts of change? Furthermore, how do we objectively view the role of technology in this context, and how should organizations adjust to its short- and long-term impacts? Technological Dynamism To begin, technology can be regarded as a variable, independent of others, that contributes to the life of a business operation. It is capable of producing an overall, totalizing, yet distinctive, effect on organizations— it has the unique capacity to create accelerations of corporate events in an unpredictable way. Technology, in its aspect of unpredictability, is necessarily a variable, and in its capacity as accel- erator— its tendency to produce change or advance— it is dynamic. My contention is that, as a dynamic kind of variable, technology, via responsive handling or management, can be tapped to play a special role in organizational development. It can be pressed into service as the dynamic catalyst that helps bring organizations to maturity in dealing not only with new technological quandaries, but also with other agents of change. Change generates new knowledge, which in turn requires a structure of learning that should, if managed properly, 42 INFORMATION TECHNOLOGY result in transformative behavior, supporting the continued evolution of organizational culture. Specifically, technology speeds up events, such as the expectation of getting a response to an e-mail, and requires organizations to respond to them in ever-quickening time frames. Such events are not as predictable as those experienced by individuals in organizations prior to the advent of new technologies— particu- larly with the meteoric advance of the Internet. In viewing technology then as a dynamic variable, and one that requires systemic and cul- tural organizational change, we may regard it as an inherent, internal driving force— a form of technological dynamism. Dynamism is defined as a process or mechanism responsible for the development or motion of a system. Technological dynamism charac- terizes the unpredictable and accelerated ways in which technology, specifically, can change strategic planning and organizational behav- ior/culture. This change is based on the acceleration of events and interactions within organizations, which in turn create the need to better empower individuals and departments. Another way of under- standing technological dynamism is to think of it as an internal drive recognized by the symptoms it produces. The new events and interac- tions brought about by technology are symptoms of the dynamism that technology manifests. The next section discusses how organiza- tions can begin to make this inherent dynamism work in their favor on different levels. Responsive Organizational Dynamism The technological dynamism at work in organizations has the power to disrupt any antecedent sense of comfortable equilibrium or an unwelcome sense of stasis. It also upsets the balance among the vari- ous factors and relationships that pertain to the question of how we might integrate new technologies into the business— a question of what we will call strategic integration— and how we assimilate the cul- tural changes they bring about organizationally— a question of what we call cultural assimilation. Managing the dynamism, therefore, is a way of managing the effects of technology. I propose that these orga- nizational ripples, these precipitous events and interactions, can be addressed in specific ways at the organizational management level. The set of integrative responses to the challenges raised by technology 43teChnoloGY As A vArIAble And responsIve is what I am calling responsive organizational dynamism, which will also receive further explication in the next few chapters. For now, we need to elaborate the two distinct categories that present themselves in response to technological dynamism: strategic integration and cul- tural assimilation. Figure 3.1 diagrams the relationships. Strategic Integration Strategic integration is a process that addresses the business- strategic impact of technology on organizational processes. That is, the business-strategic impact of technology requires immediate orga- nizational responses and in some instances zero latency. Strategic integration recognizes the need to scale resources across traditional business– geographic boundaries, to redefine the value chain in the life cycle of a product or service line, and generally to foster more agile business processes (Murphy, 2002). Strategic integration, then, Technology as an independent variable Creates Organizational dynamism Acceleration of events that require different infrastructures and organizational processes Requires Strategic integration Cultural assimilation Symptoms and implications Figure 3.1 Responsive organizational dynamism. 44 INFORMATION TECHNOLOGY is a way to address the changing requirements of business processes caused by the sharp increases in uses of technology. Evolving tech- nologies have become catalysts for competitive initiatives that create new and different ways to determine successful business investment. Thus, there is a dynamic business variable that drives the need for technology infrastructures capable of greater flexibility and of exhib- iting greater integration with all business operations. Historically, organizational experiences with IT investment have resulted in two phases of measured returns. The first phase often shows negative or declining productivity as a result of the investment; in the second phase, we often see a lagging of, although eventual return to, productivity. The lack of returns in the first phase has been attributed to the nature of the early stages of technology exploration and experimentation, which tend to slow the process of organizational adaptation to technology. The production phase then lags behind the ability of the organization to integrate new technologies with its existing processes. Another complication posed by technological dynamism via the process of strategic integration is a phenomenon we can call factors of multiplicity — essentially, what happens when several new technology opportunities overlap and create myriad projects that are in various phases of their developmental life cycle. Furthermore, the problem is compounded by lagging returns in productivity, which are complicated to track and to represent to management. Thus, it is important that organizations find ways to shorten the period between investment and technology’ s effective deployment. Murphy (2002) identifies several factors that are critical to bridging this delta: 1. Identifying the processes that can provide acceptable business returns from new technological investments 2. Establishing methodologies that can determine these processes 3. Finding ways to actually perform and realize expected benefits 4. Integrating IT projects with other projects 5. Adjusting project objectives when changes in the business require them Technology complicates these actions, making them more difficult to resolve; hence the need to manage the complications. To tackle these compounded concerns, strategic integration can shorten life cycle maturation by focusing on the following integrating factors: 45teChnoloGY As A vArIAble And responsIve • Addressing the weaknesses in management organizations in terms of how to deal with new technologies, and how to bet- ter realize business benefits • Providing a mechanism that both enables organizations to deal with accelerated change caused by technological innova- tions and integrates them into a new cycle of processing and handling change • Providing a strategic learning framework by which every new technology variable adds to organizational knowledge, par- ticularly using reflective practices (see Chapter 4) • Establishing an integrated approach that ties technology accountability to other measurable outcomes using organiza- tional learning techniques and theories To realize these objectives, organizations must be able to • Create dynamic internal processes that can function on a daily basis to deal with understanding the potential fit of new technologies and their overall value to the business • Provide the discourse to bridge the gaps between IT- and non-IT-related investments and uses into an integrated system • Monitor investments and determine modifications to the life cycle • Implement various organizational learning practices, includ- ing learning organization, knowledge management, change management, and communities of practice, all of which help foster strategic thinking and learning that can be linked to performance (Gephardt & Marsick, 2003) Another important aspect of strategic integration is what Murphy (2002) calls “ consequential interoperability,” in which “ the conse- quences of a business process” are understood to “ dynamically trigger integration” (p. 31). This integration occurs in what he calls the five pillars of benefits realization: 1. Strategic alignment: The alignment of IT strategically with business goals and objectives. 2. Business process impact: The impact on the need for the organi- zation to redesign business processes and integrate them with new technologies. 46 INFORMATION TECHNOLOGY 3. Architecture: The actual technological integration of appli- cations, databases, and networks to facilitate and support implementation. 4. Payback: The basis for computing return on investment (ROI) from both direct and indirect perspectives. 5. Risk: Identifying the exposure for underachievement or fail- ure in the technology investment. Murphy’ s (2002) pillars are useful in helping us understand how technology can engender the need for responsive organizational dyna- mism (ROD), especially as it bears on issues of strategic integration. They also help us understand what becomes the strategic integration component of ROD. His theory on strategic alignment and business process impact supports the notion that IT will increasingly serve as an undergirding force, one that will drive enterprise growth by identify- ing the initiators (such as e-business on the Internet) that best fit busi- ness goals. Many of these initiators will be accelerated by the growing use of e-business, which becomes the very driver of many new market realignments. This e-business realignment will require the ongoing involvement of executives, business managers, and IT managers. In fact, the Gartner Group forecasted that 70% of new software applica- tion investments and 5% of new infrastructure expenditures by 2005 would be driven by e-business. Indeed, this has occurred and contin- ues to expand. The combination of evolving business drivers with accelerated and changing customer demands has created a business revolution that best defines the imperative of the strategic integration component of ROD. The changing and accelerated way businesses deal with their customers and vendors requires a new strategic integration to become a reality rather than remain a concept discussed but affecting little action. Without action directed toward new strategic integration, organizations would lose competitive advantage, which would affect profits. Most experts see e-business as the mechanism that will ulti- mately require the integrated business processes to be realigned, thus providing value to customers and modifying the customer– vendor relationship. The driving force behind this realignment emanates from the Internet, which serves as the principle accelerator of the change in transactions across all businesses. The general need to optimize 47teChnoloGY As A vArIAble And responsIve resources forces organizations to rethink and to realign business pro- cesses to gain access to new business markets. Murphy’ s (2002) pillar of architecture brings out yet another aspect of ROD. By architecture we mean the focus on the effects that technol- ogy has on existing computer applications or legacy systems (old exist- ing systems). Technology requires existing IT systems to be modified or replacement systems to be created that will mirror the new busi- ness realignments. These changes respond to the forces of strategic integration and require business process reengineering (BPR) activi- ties, which represent the reevaluation of existing systems based on changing business requirements. It is important to keep in mind the acceleration factors of technology and to recognize the amount of organizational effort and time that such projects take to complete. We must ask the following question: How might organizations respond to these continual requirements to modify existing processes? I discuss in other chapters how ROD represents the answer to this question. Murphy’ s (2002) pillar of direct return is somewhat limited and nar- row because not all IT value can be associated with direct returns, but it is important to discuss. Technology acceleration is forcing organiza- tions to deal with broader issues surrounding what represents a return from an investment. The value of strategic integration relies heavily on the ability of technology to encapsulate itself within other departments where it ultimately provides the value. We show in Chapter 4 that this issue also has significance in organizational formation. What this means is simply that value can be best determined within individual business units at the microlevel and that these appropriate-level busi- ness units also need to make the case for why certain investments need to be pursued. There are also paybacks that are indirect; for example, Lucas (1999) demonstrates that many technology investments are non- monetary. The IT department (among others) becomes susceptible to great scrutiny and subject to budgetary cutbacks during economically difficult times. This does not suggest that IT “ hide” itself but rather that its investment be integrated within the unit where it provides the most benefit. Notwithstanding the challenge to map IT expenditures to their related unit, there are always expenses that are central to all departments, such as e-mail and network infrastructure. These types of expenses can rarely provide direct returns and are typically allocated across departments as a cost of doing business. 48 INFORMATION TECHNOLOGY Because of the increased number of technology opportuni- ties, Murphy’ s (2002) risk pillar must be a key part of strategic integration. The concept of risk assessment is not new to an organiza- tion; however, it is somewhat misunderstood as it relates to technology assessment. Technology assessment, because of the acceleration factor, must be embedded within the strategic decision-making process. This can only be accomplished by having an understanding of how to align technology opportunities for business change and by understanding the cost of forgoing the opportunity as well as the cost of delays in delivery. Many organizations use risk assessment in an unstructured way, which does not provide a consistent framework to dynamically deal with emerging technologies. Furthermore, such assessment needs to be managed at all levels in the organization as opposed to being an event-driven activity controlled only by executives. Summary Strategic integration represents the objective of dealing with emerg- ing technologies on a regular basis. It is an outcome of ROD, and it requires organizations to deal with a variable, that forces acceleration of decisions in an unpredictable fashion. Strategic integration would require businesses to realign the ways in which they include technol- ogy in strategic decision making. Cultural Assimilation Cultural assimilation is a process that focuses on the organizational aspects of how technology is internally organized, including the role of the IT department, and how it is assimilated within the organiza- tion as a whole. The inherent, contemporary reality of technologi- cal dynamism requires not only strategic but also cultural change. This reality demands that IT organizations connect to all aspects of the business. Such affiliation would foster a more interactive culture rather than one that is regimented and linear, as is too often the case. An interactive culture is one that can respond to emerging technology decisions in an optimally informed way, and one that understands the impact on business performance. 49teChnoloGY As A vArIAble And responsIve The kind of cultural assimilation elicited by technological dyna- mism and formalized in ROD is divided into two subcategories: the study of how the IT organization relates and communicates with “ others,” and the actual displacement or movement of traditional IT staff from an isolated “ core” structure to a firm-wide, integrated framework. IT Organization Communications with “ Others” The Ravell case study shows us the limitations and consequences of an isolated IT department operating within an organization. The case study shows that the isolation of a group can lead to marginalization, which results in the kind of organization in which not all individuals can participate in decision making and implementation, even though such individuals have important knowledge and value. Technological dynamism is forcing IT departments to rethink their strategic posi- tion within the organizational structure of their firm. No longer can IT be a stand-alone unit designed just to service outside departments while maintaining its separate identity. The acceleration factors of technology require more dynamic activity within and among depart- ments, which cannot be accomplished through discrete communica- tions between groups. Instead, the need for diverse groups to engage in more integrated discourse, and to share varying levels of techno- logical knowledge, as well as business-end perspectives, requires new organizational structures that will of necessity give birth to a new and evolving business— social culture. Indeed, the need to assimilate technology creates a transformative effect on organizational cultures, the way they are formed and re-formed, and what they will need from IT personnel. Movement of Traditional IT Staff To facilitate cultural assimilation from an IT perspective, IT must become better integrated with non-IT personnel. This form of inte- gration can require the actual movement of IT staff into other depart- ments, which begins the process of a true assimilation of resources among business units. While this may seem like the elimination of 50 INFORMATION TECHNOLOGY the integrity or identity of IT, such a loss is far from the case. The elimination of the IT department is not at all what is called for here; on the contrary, the IT department is critical to the function of cul- tural assimilation. However, the IT department may need to be struc- tured differently from the way it has been so that it can deal primarily with generic infrastructure and support issues, such as e-mail, net- work architecture, and security. IT personnel who focus on business- specific issues need to become closely aligned with the appropriate units so that ROD can be successfully implemented. Furthermore, we must acknowledge that, given the wide range of available knowledge about technology, not all technological knowl- edge emanates from the IT department. The question becomes one of finding the best structure to support a broad assimilation of knowledge about any given technology; then, we should ask how that knowledge can best be utilized by the organization. There is a pitfall in attempting to find a “ standard” IT organizational structure that will address the cultural assimilation of technology. Sampler’ s (1996) research, and my recent research with chief executives, confirms that no such standard structure exists. It is my position that organizations must find their own unique blend, using organizational learning con- structs. This simply means that the cultural assimilation of IT may be unique to the organization. What is then more important for the success of organizational development is the process of assimilation as opposed to the transplanting of the structure itself. Today, many departments still operate within “ silos” where they are unable to meet the requirements of the dynamic and unpredictable nature of technology in the business environment. Traditional orga- nizations do not often support the necessary communications needed to implement cultural assimilation across business units. However, business managers can no longer make decisions without considering technology; they will find themselves needing to include IT staff in their decision-making processes. On the other hand, IT departments can no longer make technology-based decisions without concerted efforts toward assimilation (in contrast to occasional partnering or project-driven participation) with other business units. This assimi- lation becomes mature when new cultures evolve synergistically as opposed to just having multiple cultures that attempt to work in con- junction with each other. The important lesson from Ravell to keep 51teChnoloGY As A vArIAble And responsIve in mind here is that the process of assimilating IT can create new cultures that in turn evolve to better support the requirements estab- lished by the dynamism of technology. Eventually, these new cultural formations will not perceive them- selves as functioning within an IT or non-IT decision framework but rather as operating within a more central business operation that understands how to incorporate varying degrees of IT involvement as necessary. Thus, organizational cultures will need to fuse together to respond to new business opportunities and requirements brought about by the ongoing acceleration of technological innovation. This was also best evidenced by subsequent events at Ravell. Three years after the original case study, it became necessary at Ravell to inte- grate one of its business operations with a particular group of IT staff members. The IT personnel actually transferred to the business unit to maximize the benefits of merging both business and technical cul- tures. Interestingly, this business unit is currently undergoing cultural assimilation and is developing its own behavioral norms influenced by the new IT staff. However, technology decisions within such groups are not limited to the IT transferred personnel. IT and non-IT staff need to formulate decisions using various organizational learning techniques. These techniques are discussed in the next chapter. Summary Without appropriate cultural assimilation, organizations tend to have staff that “ take shortcuts, [then] the loudest voice will win the day, ad hoc decisions will be made, accountabilities lost, and lessons from suc- cesses and failures will not become part of ... wisdom” (Murphy, 2002, p. 152). As in the case of Ravell Corporation, it is essential, then, to provide for consistent governance that fits the profile of the existing cul- ture or can establish the need for a new culture. While many scholars and managers suggest the need to have a specific entity responsible for IT governance, one that is to be placed within the operating structure of the organization, such an approach creates a fundamental problem. It does not allow staff and managers the opportunity to assimilate tech- nologically driven change and understand how to design a culture that can operate under ROD. In other words, the issue of governance is misinterpreted as a problem of structural positioning or hierarchy when 52 INFORMATION TECHNOLOGY it is really one of cultural assimilation. As a result, many business solu- tions to technology issues often lean toward the prescriptive, instead of the analytical, in addressing the real problem. Murphy’ s (2002) risk pillar theory offers us another important component relevant to cultural assimilation. This approach addresses the concerns that relate to the creation of risk cultures formed to deal with the impact of new systems. New technologies can actually cause changes in cultural assimilation by establishing the need to make cer- tain changes in job descriptions, power structures, career prospects, degree of job security, departmental influence, or ownership of data. Each of these potential risks needs to be factored in as an important part of considering how best to organize and assimilate technology through ROD. Technology Business Cycle To better understand technology dynamism, or how technology acts as a dynamic variable, it is necessary to define the specific steps that occur during its evolution in an organization. The evolution or business cycle depicts the sequential steps during the maturation of a new technology from feasibility to implementation and through subsequent evolution. Table 3.1 shows the five components that comprise the cycle: feasibil- ity, measurement, planning, implementation, and evolution. Table 3.1 Technology Business Cycle CYCLE COMPONENT COMPONENT DESCRIPTION Feasibility Understanding how to view and evaluate emerging technologies, from a technical and business perspective. Measurement Dealing with both the direct monetary returns and indirect nonmonetary returns; establishing driver and support life cycles. Planning Understanding how to set up projects, establishing participation across multiple layers of management, including operations and departments. Implementation Working with the realities of project management; operating with political factions, constraints; meeting milestones; dealing with setbacks; having the ability to go live with new systems. Evolution Understanding how acceptance of new technologies affects cultural change, and how uses of technology will change as individuals and organizations become more knowledgeable about technology, and generate new ideas about how it can be used; objective is established through organizational dynamism, creating new knowledge and an evolving organization. 53teChnoloGY As A vArIAble And responsIve Feasibility The stage of feasibility focuses on a number of issues surrounding the practicality of implementing a specific technology. Feasibility addresses the ability to deliver a product when it is needed in com- parison to the time it takes to develop it. Risk also plays a role in feasibility assessment; of specific concern is the question of whether it is possible or probable that the product will become obsolete before completion. Cost is certainly a huge factor, but viewed at a “ high level” (i.e., at a general cost range), and it is usually geared toward meeting the expected ROI of a firm. The feasibility process must be one that incorporates individuals in a way that allows them to respond to the accelerated and dynamic process brought forth by technological innovations. Measurement Measurement is the process of understanding how an investment in technology is calculated, particularly in relation to the ROI of an organization. The complication with technology and measurement is that it is simply not that easy to determine how to calculate such a return. This problem comes up in many of the issues discussed by Lucas (1999) in his book Information Technology and the Productivity Paradox. His work addresses many comprehensive issues, surround- ing both monetary and nonmonetary ROI, as well as direct ver- sus indirect allocation of IT costs. Aside from these issues, there is the fact that for many investments in technology the attempt to compute ROI may be an inappropriate approach. As stated, Lucas offered a “ garbage can” model that advocates trust in the operational management of the business and the formation of IT representatives into productive teams that can assess new technologies as a regu- lar part of business operations. The garbage can is an abstract con- cept for allowing individuals a place to suggest innovations brought about by technology. The inventory of technology opportunities needs regular evaluation. Lucas does not really offer an explana- tion of exactly how this process should work internally. ROD, how- ever, provides the strategic processes and organizational– cultural needs that can provide the infrastructure to better understand and 54 INFORMATION TECHNOLOGY evaluate the potential benefits from technological innovations using the garbage can model. The graphic depiction of the model is shown in Figure 3.2. Planning Planning requires a defined team of user and IT representatives. This appears to be a simple task, but it is more challenging to understand how such teams should operate, from whom they need support, and what resources they require. Let me be specific. There are a number of varying types of “ users” of technology. They typically exist in three tiers: executives, business line managers, and operations users. Each of these individuals offers valuable yet different views of the benefits of technology (Langer, 2002). I define these user tiers as follows: 1. Executives: These individuals are often referred to as execu­ tive sponsors. Their role is twofold. First, they provide input into the system, specifically from the perspective of pro- ductivity, ROI, and competitive edge. Second, and per- haps more important, their responsibility is to ensure that users are participating in the requisite manner (i.e., made Garbage can model of IT value Failed systems Direct benefits Indirect benefits User needs, etc. C on ve rs io n eff ec tiv en es s �e IT value pipeline Figure 3.2 Garbage can model of IT value. (From Lucas, H.C., Information Technology and the Productivity Paradox. Oxford University Press, New York, 1999.) 55teChnoloGY As A vArIAble And responsIve to be available, in the right place, etc.). This area can be problematic because internal users are typically busy doing their jobs and sometimes neglect to provide input or to attend project meetings. Furthermore, executive sponsors can help control political agendas that can hurt the success of the project. 2. Business line managers: This interface provides the most information from a business unit perspective. These indi- viduals are responsible for two aspects of management. First, they are responsible for the day-to-day productivity of their unit; therefore, they understand the importance of productive teams, and how software can assist in this endeavor. Second, they are responsible for their staff. Thus, line managers need to know how software will affect their operational staff. 3. Functional users: These are the individuals in the trenches who understand exactly how processing needs to get done. While their purview of the benefits of the system is relatively nar- rower than that of the executives and managers, they provide the concrete information that is required to create the feature/ functions that make the system usable. The planning process becomes challenging when attempting to get the three user communities to integrate their needs and “ agree to agree” on how a technology project needs to be designed and managed. Implementation Implementation is the process of actually using a technology. Implementation of technology systems requires wider integration within the various departments than other systems in an organization because usually multiple business units are affected. Implementation must combine traditional methods of IT processes of development yet integrate them within the constraints, assumptions, and cultural (perhaps political) environments of different departments. Cultural assimilation is therefore required at this stage because it delves into the structure of the internal organization and requires individual participation in every phase of the development and implementation 56 INFORMATION TECHNOLOGY cycle. The following are some of the unique challenges facing the implementation of technological projects: 1. Project managers as complex managers: Technology projects require multiple interfaces that often lie outside the traditional user community. They can include interfacing with writers, editors, marketing personnel, customers, and consumers, all of whom are stakeholders in the success of the system. 2. Shorter and dynamic development schedules: Due to the dynamic nature of technology, its process of development is less lin- ear than that of others. Because there is less experience in the general user community, and there are more stakeholders, there is a tendency by those in IT, and executives, to underes- timate the time and cost to complete the project. 3. New untested technologies: There is so much new technol- ogy offered to organizations that there is a tendency by IT organizations to implement technologies that have not yet matured— that are not yet the best products they will eventu- ally be. 4. Degree of scope changes: Technology, because of its dynamic nature, tends to be prone to scope creed — the scope of the orig- inal project expanding during development. 5. Project management: Project managers need to work closely with internal users, customers, and consumers to advise them on the impact of changes to the project schedule. Unfortunately, scope changes that are influenced by changes in market trends may not be avoidable. Thus, part of a good strategy is to manage scope changes rather than attempt to stop them, which might not be realistic. 6. Estimating completion time: IT has always had difficulties in knowing how long it will take to implement a technology. Application systems are even more difficult because of the number of variables and unknowns. 7. Lack of standards: The technology industry continues to be a profession that does not have a governing body. Thus, it is impossible to have real enforced standards that other pro- fessions enjoy. While there are suggestions for best prac- tices, many of them are unproven and not kept current with 57teChnoloGY As A vArIAble And responsIve changing developments. Because of the lack of successful application projects, there are few success stories to create new and better sets of best practices. 8. Less­specialized roles and responsibilities: The IT team tends to have staff members who have varying responsibilities. Unlike traditional new technology-driven projects, separation of roles and responsibilities is more difficult when operating in more dynamic environments. The reality is that many roles have not been formalized and integrated using something like ROD. 9. Broad project management responsibilities: Project management responsibilities need to go beyond those of the traditional IT manager. Project managers are required to provide manage- ment services outside the traditional software staff. They need to interact more with internal and external individuals, as well as with non-traditional members of the development team, such as Web text and content staff. Therefore, there are many more obstacles that can cause implementation problems. Evolution The many ways to form a technological organization with a natural capacity to evolve have been discussed from an IT perspective in this chapter. However, another important factor is the changing nature of application systems, particularly those that involve e-businesses. E-business systems are those that utilize the Internet and engage in e-commerce activities among vendors, clients, and internal users in the organization. The ways in which e-business systems are built and deployed suggest that they are evolving systems. This means that they have a long life cycle involving ongoing maintenance and enhancement. They are, if you will, “ living systems” that evolve in a manner similar to organizational cultures. So, the traditional beginning-to-end life cycle does not apply to an e-business proj- ect that must be implemented in inherently ongoing and evolving phases. The important focus is that technology and organizational development have parallel evolutionary processes that need to be in balance with each other. This philosophy is developed further in the next chapter. 58 INFORMATION TECHNOLOGY Drivers and Supporters There are essentially two types of generic functions performed by departments in organizations: driver functions and supporter func- tions. These functions relate to the essential behavior and nature of what a department contributes to the goals of the organization. I first encountered the concept of drivers and supporters at Coopers & Lybrand, which was at that time a Big 8* accounting firm. I stud- ied the formulation of driver versus supporter as it related to the role of our electronic data processing (EDP) department. The firm was attempting to categorize the EDP department as either a driver or a supporter. Drivers were defined in this instance as those units that engaged in frontline or direct revenue-generating activities. Supporters were units that did not generate obvious direct revenues but rather were designed to support frontline activities. For example, operations such as internal accounting, purchasing, or office management were all classified as supporter departments. Supporter departments, due to their nature, were evaluated on their effectiveness and efficiency or economies of scale. In contrast, driver organizations were expected to generate direct revenues and other ROI value for the firm. What was also interesting to me at the time was that drivers were expected to be more daring— since they must inevitably generate returns for the business. As such, drivers engaged in what Bradley and Nolan (1998) coined “ sense and respond” behaviors and activities. Let me explain. Marketing departments often generate new business by investing or “ sensing” an opportunity quickly because of competitive forces in the marketplace. Thus, they must sense an opportunity and be allowed to respond to it in a timely fashion. The process of sensing opportunity, and responding with competitive products or services, is a stage in the cycle that organizations need to support. Failures in the cycles of sense and respond are expected. Take, for example, the * The original “ Big 8” consisted of the eight large accounting and management con- sulting firms— Coopers & Lybrand, Arthur Anderson, Touche Ross, Deloitte Haskins & Sells, Arthur Young, Price Waterhouse, Pete Marwick Mitchell, and Ernst and Whinney— until the late 1980s, when these firms began to merge. Today, there are four: Price Waterhouse Coopers, Deloitte & Touche, Ernst & Young, and KPMG (Pete Marwick and others). 59teChnoloGY As A vArIAble And responsIve launching of new fall television shows. Each of the major stations goes through a process of sensing which shows might be interesting to the viewing audience. They respond, after research and review, with a number of new shows. Inevitably, only a few of these selected shows are actually successful; some fail almost immediately. While relatively few shows succeed, the process is acceptable and is seen by manage- ment as the consequence of an appropriate set of steps for competing effectively— even though the percentage of successful new shows is low. Therefore, it is safe to say that driver organizations are expected to engage in high-risk operations, of which many will fail, for the sake of creating ultimately successful products or services. The preceding example raises two questions: (1) How does sense and respond relate to the world of IT? and (2) Why is it important? IT is unique in that it is both a driver and a supporter. The latter is the generally accepted norm in most firms. Indeed, most IT functions are established to support myriad internal functions, such as • Accounting and finance • Data center infrastructure (e-mail, desktop, etc.) • Enterprise-level application (enterprise resource planning, ERP) • Customer support (customer relationship management, CRM) • Web and e-commerce activities As one would expect, these IT functions are viewed as overhead related, as somewhat of a commodity, and thus are constantly man- aged on an economy-of-scale basis— that is, how can we make this operation more efficient, with a particular focus on cost containment? So, what then are IT driver functions? By definition, they are those that engage in direct revenues and identifiable ROI. How do we define such functions in IT because most activities are sheltered under the umbrella of marketing organization domains? (Excluding, of course, software application development firms that engage in marketing for their actual application products.) I define IT driver functions as those projects that, if delivered, would change the relationship between the organization and its customers; that is, those activities that directly affect the classic definition of a market: forces of supply and demand, which are governed by the customer (demand) and the vendor (sup- plier) relationship. This concept can be shown in the case example that follows. 60 INFORMATION TECHNOLOGY Santander versus Citibank Santander Bank, the major bank of Spain, had enjoyed a dominant market share in its home country. Citibank had attempted for years to penetrate Santander’ s dominance using traditional approaches (open- ing more branch offices, marketing, etc.) without success, until, that is, they tried online banking. Using technology as a driver, Citibank made significant penetration into the market share of Santander because it changed the customer– vendor relationship. Online bank- ing, in general, has had a significant impact on how the banking industry has established new markets, by changing this relationship. What is also interesting about this case is the way in which Citibank accounted for its investment in online banking; it knows little about its total investment and essentially does not care about its direct pay- back. Rather, Citibank sees its ROI in a similar way that depicts driver/marketing behavior; the payback is seen in broader terms to affect not only revenue generation, but also customer support and quality recognition. Information Technology Roles and Responsibilities The preceding section focuses on how IT can be divided into two dis- tinct kinds of business operations. As such, the roles and responsibili- ties within IT need to change accordingly and be designed under the auspices of driver and supporter theory. Most traditional IT depart- ments are designed to be supporters, so that they have a close-knit organization that is secure from outside intervention and geared to respond to user needs based on requests. While in many instances this type of formation is acceptable, it is limited in providing the IT department with the proper understanding of the kind of business objectives that require driver-type activities. This was certainly the experience in the Ravell case study. In that instance, I found that making the effort to get IT support personnel “ out from their com- fortable shells” made a huge difference in providing better service to the organization at large. Because more and more technology is becoming driver essential, this development will require of IT per- sonnel an increasing ability to communicate to managers and execu- tives and to assimilate within other departments. 61teChnoloGY As A vArIAble And responsIve The Ravell case, however, also brought to light the huge vacuum of IT presence in driver activities. The subsequent chief executive inter- view study also confirmed that most marketing IT-oriented activities, such as e-business, do not fall under the purview of IT in most orga- nizations. The reasons for this separation are correlated with the lack of IT executive presence within the management team. Another aspect of driver and supporter functions is the concept of a life cycle. A life cycle, in this respect, refers to the stages that occur before a product or service becomes obsolete. Technology products have a life cycle of value just as any other product or service. It is important not to confuse this life cycle with processes during devel- opment as discussed elsewhere in this chapter. Many technical products are adopted because they are able to deliver value that is typically determined based on ROI calculations. However, as products mature within an organization, they tend to become more of a commodity, and as they are normalized, they tend to become support- oriented. Once they reach the stage of support, the rules of economies of scale become more important and relevant to evaluation. As a prod- uct enters the support stage, replacement based on economies of scale can be maximized by outsourcing to an outside vendor who can provide the service cheaper. New technologies then can be expected to follow this kind of life cycle, by which their initial investment requires some level of risk to provide returns to the business. This initial investment is accomplished in ROD using strategic integration. Once the evalua- tions are completed, driver activities will prevail during the maturation process of the technology, which will also require cultural assimilation. Inevitably, technology will change organizational behavior and struc- ture. However, once the technology is assimilated and organizational behavior and structures are normalized, individuals will use it as a per- manent part of their day-to-day operations. Thus, driver activities give way to those of supporters. Senior managers become less involved, and line managers then become the more important group that completes the transition from driver to supporter. Replacement or Outsource After the technology is absorbed into operations, executives will seek to maximize the benefit by increased efficiency and effectiveness. 62 INFORMATION TECHNOLOGY Certain product enhancements may be pursued during this phase; they can create “ mini-loops” of driver-to-supporter activities. Ultimately, a technology, viewed in terms of its economies of scale and longevity, is considered for replacement or outsourcing. Figure 3.3 graphically shows the cycle. The final stage of maturity of an evolving driver therefore includes becoming a supporter, at which time it becomes a commodity and, finally, an entity with potential for replacement or outsourcing. The next chapter explores how organizational learning theories can be used to address many of the issues and challenges brought forth in this chapter. Mini loop technology enhancementsTechnology driver Evaluation cycle Driver maturation Support status Replacement or outsource Economies of scale Figure 3.3 Driver-to-supporter life cycle. 63 4 oRganizaTional leaRning TheoRies anD TeChnology Introduction The purpose of this chapter is to provide readers with an under- standing of organizational theory. The chapter covers some aspects of the history and context of organizational learning. It also defines and explains various learning protocols, and how they can be used to promote organizational learning. The overall objective of organiza- tional learning is to support a process that guides individuals, groups, and entire communities through transformation. Indeed, evidence of organizational transformation provides the very proof that learning has occurred, and that changes in behavior are occurring. What is important in this regard is that transformation remains internal to the organization so that it can evolve in a progressive manner while maintaining the valuable knowledge base that is contained within the personnel of an organization. Thus, the purpose of organiza- tional learning is to foster evolutionary transformation that will lead to change in behaviors and that is geared toward improving strategic performance. Approaches to organizational learning typically address how indi- viduals, groups, and organizations “notice and interpret information and use it to alter their fit with their environments” (Aldrich, 2001, p. 57). As such, however, organizational learning does not direct itself toward, and therefore has not been able to show, an inherent link to success—which is a critical concern for executive management. There are two perspectives on organizational learning theory. On the one hand, the adoptive approach, pioneered by Cyert and March (1963), treats organizations as goal-oriented activity systems. These systems generate learning when repeating experiences that have either suc- ceeded or failed, discarding, of course, processes that have failed. 64 INFORMATION TECHNOLOGY Knowledge development, on the other hand, treats organizations as sets of interdependent members with shared patterns of cognition and belief (Argyris & Schö n, 1996). Knowledge development empha- sizes that learning is not limited to simple trial and error, or direct experience. Instead, learning is understood also to be inferential and vicarious; organizations can generate new knowledge through experi- mentation and creativity. It is the knowledge development perspec- tive that fits conceptually and empirically with work on technological evolution and organizational knowledge creation and deployment (Tushman & Anderson, 1986). There is a complication in the field of organizational learning over whether it is a technical or social process. Scholars disagree on this point. From the technical perspective, organizational learning is about the effective processing of, interpretation of, and response to information both inside and outside the organization. “An organiza- tion is assumed to learn if any of its units acquires knowledge that it recognizes as potentially useful to the organization” (Huber, 1991, p. 89). From the social perspective, on the other hand, comes the con- cept that learning is “something that takes place not with the heads of individuals, but in the interaction between people” (Easterby-Smith et al., 1999, p. 6). The social approach draws from the notion that patterns of behavior are developed, via patterns of socialization, by evolving tacit knowledge and skills. There is, regrettably, a lack of ongoing empirical investigation in the area of organizational learning pertaining, for example, to in-depth case studies, to micropractices within organizational settings, and to processes that lead to outcomes. Indeed, measuring learning is a difficult process, which is why there is a lack of research that focuses on outputs. As Prange (1999, p. 24) notes: “The multitude of ways in which organizational learning has been classified and used purports an ‘organizational learning jungle,’ which is becoming progressively dense and impenetrable.” Mackenzie (1994, p. 251) laments that what the “scientific community devoted to organizational learning has not produced discernable intellectual progress.” Ultimately, organizational learning must provide transformation that links to performance. Most organizations seeking improved per- formance expect changes that will support new outcomes. The study of organizational learning needs an overarching framework under which 65orGAnIzAtIonAl leArnInG theorIes an inquiry into the pivotal issues surrounding organizational change can be organized. Frameworks that support organizational learning, whether their orientation is on individuals, groups, or infrastructure, need to allow for natural evolution within acceptable time frames for the organization. This is the problem of organizational learning the- ory. It lacks a method of producing measurable results that executives can link to performance. While scholars seek outcomes through stra- tegic learning, there must be tangible evidence of individual and orga- nizational performance to ensure future investments in the concepts of learning. Technology, we should remember, represents the oppor- tunity to provide outcomes through strategic learning that addresses transitions and transformations over a specific life cycle. We saw this opportunity occur in the Ravell case study; the information technology (IT) department used organizational learn- ing. Specifically, individual reflective practices were used to provide measurable outcomes for the organization. In this case, the out- comes related to a specific event, the physical move of the business to a different location. Another lesson we can derive (with hindsight) from the Ravell experience is that learning was converted to strategic benefit for the organization. The concept of converting learning to strategic benefit was pioneered by Pietersen (2002). He established a strategic learning cycle composed of four component processes that he identified with the action verbs learn, focus, align, and execute. These are stages in the learning cycle, as follows: 1. Learn: Conduct a situation analysis to generate insights into the competitive environment and into the realities of the company. 2. Focus: Translate insights into a winning proposition that out- lines key priorities for success. 3. Align: Align the organization and energize the people behind the new strategic focus. 4. Execute: Implement strategy and experiment with new con- cepts. Interpret results and continue the cycle. At Ravell, technology assisted in driving the learning cycle because, by its dynamic nature, it mandated the acceleration of the cycle that Pietersen (2002) describes in his stage strategy of implementation. Thus, Ravell required the process Pietersen outlined to occur within 66 INFORMATION TECHNOLOGY 6 months, and therein established the opportunity to provide outcomes. It also altered the culture of the organization (i.e., the evolution in cul- ture was tangible because the transformation was concrete). We see from the Ravell case that technology represents the best opportunity to apply organizational learning techniques because the use of it requires forms of evolutionary-related change. Organizations are continually seeking to improve their operations and competi- tive advantage through efficiency and effective processes. As I have discussed in previous chapters, today’s businesses are experiencing technological dynamism (defined as causing accelerated and dynamic transformations), and this is due to the advent of technologically driven processes. That is, organizations are experiencing more pressure to change and compete as a result of the accelerations that technology has brought about. Things happen quicker, and more unpredictably, than before. This situation requires organizations to sense the need for change and execute that change. The solution I propose is to tie orga- nizational theory to technological implementation. Another way of defining this issue is to provide an overarching framework that orga- nizes an inquiry into the issues surrounding organizational change. Another dimension of organizational learning is political. Argyris (1993) and Senge (1990) argue that politics gets “in the way of good learning.” In my view, however, the political dimension is very much part of learning. It seems naï ve to assume that politics can be elimi- nated from the daily commerce of organizational communication. Instead, it needs to be incorporated as a factor in organizational learn- ing theory rather than attempting to disavow or eliminate it, which is not realistic. Ravell also revealed that political factors are simply part of the learning process. Recall that during my initial efforts to create a learning organization there were IT staff members who deliberately refused to cooperate, assuming that they could “outlast” me in my interim tenure as IT director. But politics, of course, is not limited to internal department negotiations; it was also a factor at Ravell with, and among, departments outside IT. These interdepartmental rela- tionships applied especially to line managers, who became essential advocates for establishing and sustaining necessary forms of learning at the organizational level. But, not all line managers responded with the same enthusiasm, and a number of them did not display a sense of authentically caring about facilitating synergies across departments. 67orGAnIzAtIonAl leArnInG theorIes The irrepressible existence of politics in social organizations, however, must not in itself deter us from implementing organizational learn- ing practices; it simply means that that we must factor it in as part of the equation. At Ravell, I had to work within the constraints of both internal and external politics. Nevertheless, in the end I was able to accomplish the creation of a learning organization. Another way one might look at the road bumps of politics is to assume that they will temporarily delay or slow the implementation of organizational learning initiatives. But, let us make no mistake about the potentially disruptive nature of politics because, as we know, in its extreme cases of inflexibility, it can be damaging. I have always equated politics with the dilemma of blood cholesterol. We know that there are two types of cholesterol: “good” cholesterol and “bad” cholesterol. We all know that bad cholesterol in your blood can cause heart disease, among other life-threatening conditions. However, good cholesterol is essential to the body. My point is simple; the general word politics can have damaging perceptions. When most people discuss the topic of cholesterol, they focus on the bad type, not the good. Such is the same with politics—that is, most individuals dis- cuss the bad type, which often corresponds with their personal expe- riences. My colleague Professor Lyle Yorks, at Columbia University, often lectures on the importance of politics and its positive aspects for establishing strategic advocacy, defined as the ability to establish per- sonal and functional influence through cultivating alliances through defining opportunities for the adding value to either the top or bottom line (Langer & Yorks, 2013). Thus, politics can add value for indi- viduals by allowing them to initiate and influence relationships and conversations with other leaders. This, then, is “good” politics! North American cultural norms account for much of what goes into organizational learning theory, such as individualism, an empha- sis on rationality, and the importance of explicit, empirical informa- tion. IT, on the other hand, has a broadening, globalizing effect on organizational learning because of the sheer increase in the number of multicultural organizations created through the expansion of global firms. Thus, technology also affects the social aspects of organizational learning, particularly as it relates to the cultural evolution of commu- nities. Furthermore, technology has shown us that what works in one culture may not work in another. Dana Deasy, the former CIO of the 68 INFORMATION TECHNOLOGY Americas region/sector for Siemens AG, experienced the difficulties and challenges of introducing technology standards on a global scale. He quickly learned that what worked in North America did not oper- ate with the same expectations in Asia or South America. I discuss Siemens AG as a case study in Chapter 8. It is my contention, however, that technology can be used as an intervention that can actually increase organizational learning. In effect, the implementation of organizational learning has lacked and has needed concrete systemic processes that show results. A solution to this need can be found, as I have found it, in the incorporation of IT itself into the process of true organizational learning. The prob- lem with IT is that we keep trying to simplify it—trying to reduce its complexity. However, dealing with the what, when, and how of working with technology is complex. Organizations need a kind of mechanism that can provide a way to absorb and learn all of the com- plex pieces of technology. It is my position that organizational change often follows learn- ing, which to some extent should be expected. What controls whether change is radical or evolutionary depends on the basis on which new processes are created (Argyris & Schö n, 1996; Senge, 1990; Swieringa & Wierdsma, 1992). Indeed, at Ravell the learning fol- lowed the Argyris and Schö n approach: that radical change occurs when there are major events that support the need for accelerated change. In other words, critical events become catalysts that promote change, through reflection. On the other hand, there can be non- event-related learning, that is not so much radical in nature, as it is evolutionary. Thus, evolutionary learning is characterized as an ongo- ing process that slowly establishes the need for change over time. This evolutionary learning process compares to what Senge (1990, p. 15) describes as “learning in wholes as opposed to pieces.” This concept of learning is different from an event-driven perspec- tive, and it supports the natural tendency that groups and organiza- tions have to protect themselves from open confrontation and critique. However, technology provides an interesting variable in this regard. It is generally accepted as an agent of change that must be addressed by the organization. I believe that this agency can be seized as an opportunity to promote such change because it establishes a reason why organizations need to deal with the inevitable transitions brought 69orGAnIzAtIonAl leArnInG theorIes about by technology. Furthermore, as Huysman (1999) points out, the history of organizational learning has not often created measurable improvement, particularly because implementing the theories has not always been efficient or effective. Much of the impetus for implement- ing a new technology, however, is based on the premise that its use will result in such benefits. Therefore, technology provides compelling reasons for why organizational learning is important: to understand how to deal with agents of change, and to provide ongoing changes in the processes that improve competitive advantage. There is another intrinsic issue here. Uses of technology have not always resulted in efficient and effective outcomes, particularly as they relate to a firm’s expected ROI. In fact, IT projects often cost more than expected and tend to be delivered late. Indeed, research performed by the Gartner Group and CIO Magazine (Koch, 1999) reports that 54% of IT projects are late and that 22% are never com- pleted. In May 2009, McGraw reported similar trends, so industry performance has not materially improved. This is certainly a disturb- ing statistic for a dynamic variable of change that promises outcomes of improved efficiency and effectiveness. The question then is why is this occurring? Many scholars might consider the answer to this ques- tion as complex. It is my claim, however, based on my own research, that the lack of organizational learning, both within IT and within other departments, poses, perhaps, the most significant barrier to the success of these projects in terms of timeliness and completion. Langer (2001b) suggests that the inability of IT organizations to understand how to deal with larger communities within the organization and to establish realistic and measurable outcomes are relevant both to many of the core values of organizational learning and to its importance in attaining results. What better opportunity is there to combine the strengths and weaknesses of each of IT and organizational learning? Perhaps what is most interesting—and, in many ways, lacking within the literature on organizational learning—is the actual way individuals learn. To address organizational learning, I believe it is imperative to address the learning styles of individuals within the organization. One fundamental consideration to take into account is that of individual turnover within departments. Thus, methods to measure or understand organizational learning must incorporate the individual; how the individual learns, and what occurs when 70 INFORMATION TECHNOLOGY individuals change positions or leave, as opposed to solely focusing on the event-driven aspect of evolutionary learning. There are two sociological positions about how individual learning occurs. The first suggests that individual action derives from determining influences in the social system, and the other suggests that it emanates from individual action. The former proposition supports the concept that learning occurs at the organizational, or group level, and the lat- ter supports it at the individual level of action and experience. The “system” argument focuses on learning within the organization as a whole and claims that individual action functions within its boundar- ies. The “individual” argument claims that learning emanates from the individual first and affects the system as a result of outcomes from individual actions. Determining a balance between individual and organizational learning is an issue debated by scholars and an impor- tant one that this book must address. Why is this issue relevant to the topic of IT and organizational learning? Simply put, understanding the nature of evolving technolo- gies requires that learning—and subsequent learning outcomes—will be heavily affected by the processes in which it is delivered. Therefore, without understanding the dynamics of how individuals and organi- zations learn, new technologies may be difficult to assimilate because of a lack of process that can determine how they can be best used in the business. What is most important to recognize is the way in which responsive organizational dynamism (ROD) needs both the system and individual approaches. Huysman (1999) suggests (and I agree) that organizational versus individual belief systems are not mutually exclusive pairs but dualities. In this way, organizational processes are not seen as just top-down or bottom-up affairs, but as accumulations of history, assimilated in organizational memory, which structures and positions the agency or capacity for learning. In a similar way, organizational learning can be seen as occurring through the actions of individuals, even when they are constrained by institutional forces. The strategic integration component of ROD lends itself to the system model of learning to the extent that it almost mandates change— change that, if not addressed, will inevitably affect the competitive advantage of the organization. On the other hand, the cultural assim- ilation component of ROD is also involved because of its effect on individual behavior. Thus, the ROD model needs to be expanded to 71orGAnIzAtIonAl leArnInG theorIes show the relationship between individual and organizational learning as shown in Figure 4.1. An essential challenge to technology comes from the fact that organizations are not sure about how to handle its overall potential. Thus, in a paradoxical way, this quandary provides a springboard to learning by utilizing organizational learning theories and concepts to create new knowledge, by learning from experience, and ultimately by linking technology to learning and performance. This perspective can be promoted from within the organization because chief executives are generally open to investing in learning as long as core business principles are not violated. This position is supported by my research with chief executives that I discussed in Chapter 2. Organizational dynamism Acceleration of events that require different infrastructures and organizational processes Requires Strategic integration Cultural assimilation Organization structures (system) Individual actions Renegotiation of relationship Organizational learning techniques Symptoms and implications Technology Figure 4.1 ROD and organizational learning. 72 INFORMATION TECHNOLOGY Organizational learning can also assist in the adoption of technologies by providing a mechanism to help individuals manage change. This notion is consistent with Aldrich (2001), who observes that many organizations reject technology-driven changes or “pio- neering ventures,” which he called competence-destroying ventures because they threaten existing norms and processes. Organizations would do well to understand the value of technology, particularly for those who adopt it early (early adopters), and how it can lead to com- petitive advantages. Thus, organizations that position themselves to evolve, to learn, and to create new knowledge are better prepared to foster the handling, absorption, and acceptance of technology-driven change than those that are not. Another way to view this ethic is to recognize that organizations need to be “ready” to deal with change— change that is accelerated by technology innovations. Although Aldrich (2001) notes that organizational learning has not been tied to performance and success, I believe it will be the technology revolu- tion that establishes the catalyst that can tie organizational learning to performance. The following sections of this chapter expand on the core concept that the success of ROD is dependent on the uses of organizational learning techniques. In each section, I correlate this concept to many of the organizational learning theories and show how they can be tailored and used to provide important outcomes that assist the pro- motion of both technological innovation and organizational learning. Learning Organizations Business strategists have realized that the ability of an organization to learn faster, or “better,” than its competitors may indeed be the key to long-term business success (Collis, 1994; Dodgson, 1993; Grant, 1996; Jones, 1975). A learning organization is defined as a form of organization that enables, in an active sense, the learning of its mem- bers in such a way that it creates positive outcomes, such as innovation, efficiency, improved alignment with the environment, and competi- tive advantage. As such, a learning organization is one that acquires knowledge from within. Its evolution, then, is primarily driven by itself without the need for interference from outside forces. In this sense, it is a self-perpetuating and self-evolving system of individual 73orGAnIzAtIonAl leArnInG theorIes and organizational transformations integrated into the daily processes of the organization. It should be, in effect, a part of normal organiza- tional behavior. The focus of organizational learning is not so much on the process of learning but more on the conditions that allow suc- cessful outcomes to flourish. Learning organization literature draws from organizational learning theory, particularly as it relates to inter- ventions based on outcomes. This provides an alternative to social approaches. In reviewing these descriptions of what a learning organization does, and why it is important, we can begin to see that technology may be one of the few agents that can actually show what learning organi- zations purport to do. Indeed, Ravell created an evolving population that became capable of dealing with environmental changes brought on by technological innovation. The adaptation of these changes created those positive outcomes and improved efficiencies. Without organizational learning, specifically the creation of a learning organi- zation, many innovations brought about by technology could produce chaos and instability. Organizations generally tend to suffer from, and spend too much time reflecting on, their past dilemmas. However, given the recent phenomenon of rapid changes in technology, orga- nizations can no longer afford the luxury of claiming that there is simply too much else to do to be constantly worrying about technol- ogy. Indeed, Lounamaa and March (1987) state that organizations can no longer support the claim that too-frequent changes will inhibit learning. The fact is that such changes must be taken as evolutionary, and as a part of the daily challenges facing any organization. Because a learning organization is one that creates structure and strategies, it is positioned to facilitate the learning of all its members, during the ongoing infiltration of technology-driven agents of change. Boland et al. (1994) show that information systems based on multimedia technologies may enhance the appreciation of diverse interpretations within organizations and, as such, support learning organizations. Since learning organizations are deliberately created to facilitate the learning of their members, understanding the urgency of technologi- cal changes can provide the stimulus to support planned learning. Many of the techniques used in the Ravell case study were based on the use of learning organizational techniques, many of which were pioneered by Argyris and Schö n (1996). Their work focuses on using 74 INFORMATION TECHNOLOGY “action science” methods to create and maintain learning organiza- tions. A key component of action science is the use of reflective prac- tices—including what is commonly known among researchers and practitioners as reflection in action and reflection on action. Reflection with action is the term I use as a rubric for these various methods, involving reflection in relation to activity. Reflection has received a number of definitions, from different sources in the literature. Depending on the emphasis, whether on theory or practice, defini- tions vary from philosophical articulation (Dewey, 1933; Habermas, 1998), to practice-based formulations, such as Kolb’s (1984b) use of reflection in the experiential learning cycle. Specifically, reflection with action carries the resonance of Schö n’s (1983) twin constructs: reflection on action and reflection in action, which emphasize reflec- tion in retrospect, and reflection to determine which actions to take in the present or immediate future, respectively. Dewey (1933) and Hullfish and Smith (1978) also suggest that the use of reflection sup- ports an implied purpose: individuals reflect for a purpose that leads to the processing of a useful outcome. This formulation suggests the possibility of reflection that is future oriented—what we might call “reflection to action.” These are methodological orientations covered by the rubric. Reflective practices are integral to ROD because so many technology-based projects are event driven and require individu- als to reflect before, during, and after actions. Most important to this process is that these reflections are individually driven and that technology projects tend to accelerate the need for rapid decisions. In other words, there are more dynamic decisions to be made in less time. Without operating in the kind of formation that is a learning organization, IT departments cannot maintain the requisite infra- structure to develop products timely on time and support business units—something that clearly is not happening if we look at the existing lateness of IT projects. With respect to the role of reflec- tion in general, the process can be individual or organizational. While groups can reflect, it is in being reflective that individuals bring about “an orientation to their everyday lives,” according to Moon (1999). “For others reflection comes about when conditions in the learning environment are appropriate” (p. 186). However, IT departments have long suffered from not having the conditions 75orGAnIzAtIonAl leArnInG theorIes to support such an individual learning environment. This is why implementing a learning organization is so appealing as a remedy for a chronic problem. Communities of Practice Communities of practice are based on the assumption that learning starts with engagement in social practice and that this practice is the fundamental construct by which individuals learn (Wenger, 1998). Thus, communities of practice are formed to get things done by using a shared way of pursuing interest. For individuals, this means that learning is a way of engaging in, and contributing to, the practices of their communities. For specific communities, on the other hand, it means that learning is a way of refining their distinctive practices and ensuring new generations of members. For entire organizations, it means that learning is an issue of sustaining interconnected com- munities of practice, which define what an organization knows and contributes to the business. The notion of communities of practice supports the idea that learning is an “inevitable part of participat- ing in social life and practice” (Elkjaer, 1999, p. 75). Communities of practice also include assisting members of the community, with the particular focus on improving their skills. This is also known as situ­ ated learning. Thus, communities of practice are very much a social learning theory, as opposed to one that is based solely on the indi- vidual. Communities of practice have been called learning in working, in which learning is an inevitable part of working together in a social setting. Much of this concept implies that learning, in some form or other will occur, and that it is accomplished within a framework of social participation, not solely or simply in the individual mind. In a world that is changing significantly due to technological innovations, we should recognize the need for organizations, communities, and individuals to embrace the complexities of being interconnected at an accelerated pace. There is much that is useful in the theory of communities of practice and that justifies its use in ROD. While so much of learning technol- ogy is event driven and individually learned, it would be shortsighted to believe that it is the only way learning can occur in an organization. Furthermore, the enormity and complexity of technology requires a 76 INFORMATION TECHNOLOGY community focus. This would be especially useful within the confines of specific departments that are in need of understanding how to deal with technological dynamism. That is, preparation for using new technolo- gies cannot be accomplished by waiting for an event to occur. Instead, preparation can be accomplished by creating a community that can assess technologies as a part of the normal activities of an organization. Specifically, this means that, through the infrastructure of a commu- nity, individuals can determine how they will organize themselves to operate with emerging technologies, what education they will need, and what potential strategic integration they will need to prepare for changes brought on by technology. Action in this context can be viewed as a continuous process, much in the same way that I have presented technol- ogy as an ongoing accelerating variable. However, Elkjaer (1999) argues that the continuous process cannot exist without individual interaction. As he states: “Both individual and collective activities are grounded in the past, the present, and the future. Actions and interactions take place between and among group members and should not be viewed merely as the actions and interactions of individuals” (p. 82). Based on this perspective, technology can be handled by the actions (community) and interactions (individuals) of the organiza- tion as shown in Figure 4.2. Communities of practice: Social actions of how to deal with technology Allows groups to engage in discourse and examine the ongoing effects on the department/unit, including short/long-term education requirements, skills transfer and development, organizational issues, relationships with other departments and customers �e individual interacts with others and determines new methods of utilizing technology within his/her specific business objectives. Individuals use reflection as the basis of transformative learning. Event-driven individual- based learning Figure 4.2 Technology relationship between communities and individuals. 77orGAnIzAtIonAl leArnInG theorIes It seems logical that communities of practice provide the mecha- nism to assist, particularly, with the cultural assimilation component of ROD. Indeed, cultural assimilation targets the behavior of the community, and its need to consider what new organizational struc- tures can better support emerging technologies. I have, in many ways, already established and presented the challenge of what should be called the “community of IT practice” and its need to understand how to restructure to meet the needs of the organization. This is the kind of issue that does not lend itself to event-driven, individual learning, but rather to a more community-based process that can deal with the realignment of departmental relationships. Essentially, communities of IT practice must allow for the con- tinuous evolution of learning based on emergent strategies. Emergent strategies acknowledge unplanned action. Such strategies are defined as patterns that develop in the absence of intentions (Mintzberg & Waters, 1985). Emergent strategies can be used to gather groups that can focus on issues not based on previous plans. These strategies can be thought of as creative approaches to proactive actions. Indeed, a frustrating aspect of technology is its uncertainty. Ideas and concepts borrowed from communities of practice can help departments deal with the evolutionary aspects of technological dynamism. The relationship, then, between communities of practice and tech- nology is significant. Many of the projects involving IT have been tra- ditionally based on informal processes of learning. While there have been a number of attempts to computerize knowledge using various information databases, they have had mixed results. A “structured” approach to creating knowledge reporting is typically difficult to estab- lish and maintain. Many IT departments have utilized International Organization for Standardization (ISO) 9000 concepts. The ISO is a worldwide organization that defines quality processes through for- mal structures. It attempts to take knowledge-based information and transfer it into specific and documented steps that can be evaluated as they occur. Unfortunately, the ISO 9000 approach, even if realized, is challenging when such knowledge and procedures are undergoing constant and unpredictable change. Technological dynamism cre- ates too many uncertainties to be handled by the extant discourses on how organizations have dealt with change variables. Communities of practice provide an umbrella of discourses that are necessary to deal 78 INFORMATION TECHNOLOGY with ongoing and unpredictable interactions established by emerging technologies. Support for this position is found in the fact that technology requires accumulative collective learning that needs to be tied to social prac- tices; this way, project plans can be based on learning as a participatory act. One of the major advantages of communities of practice is that they can integrate key competencies into the very fabric of the organi- zation (Lesser et al., 2000). The typical disadvantage of IT is that its staff needs to serve multiple organizational structures simultaneously. This requires that priorities be set by the organization. Unfortunately, it is difficult, if not impossible, for IT departments to establish such priorities without engaging in concepts of communities of practice that allow for a more integrated process of negotiation and determination. Much of the process of communities of practice would be initiated by strategic integration and result in many cultural assimilation changes; that is, the process of implementing communities of practice will necessitate changes in cultural behavior and organization processes. As stated, communities-of-practice activities can be initiated via the strategic integration component of ROD. According to Lesser et al. (2000), a knowledge strategy based on communities of practice consists of seven basic steps (Table 4.1). Lesser and Wenger (2000) suggest that communities of practice are heavily reliant on innovation: “Some strategies rely more on inno- vation than others for their success. … Once dependence on innova- tion needs have been clarified, you can work to create new knowledge where innovation matters” (p. 8). Indeed, electronic communities of practice are different from physical communities. IT provides another dimension to how technology affects organizational learning. It does so by creating new ways in which communities of practice operate. In the complexity of ways that it affects us, technology has a dichoto- mous relationship with communities of practice. That is, there is a two-sided issue: (1) the need for communities of practice to imple- ment IT projects and integrate them better into learning organiza- tions, and (2) the expansion of electronic communities of practice invoked by technology, which can, in turn, assist in organizational learning, globally and culturally. The latter issue establishes the fact that a person can now readily be a member of many electronic communities, and in many different 79orGAnIzAtIonAl leArnInG theorIes capacities. Electronic communities are different, in that they can have memberships that are short-lived and transient, forming and re-forming according to interest, particular tasks, or commonality of issue. Communities of practice themselves are utilizing technologies to form multiple and simultaneous relationships. Furthermore, the growth of international communities resulting from ever-expanding global economies has created further complexities and dilemmas. Thus far, I have presented communities of practice as an infra- structure that can foster the development of organizational learn- ing to support the existence of technological dynamism. Most of what I presented has an impact on the cultural assimilation com- ponent of ROD—that is, affecting organizational structure and the Table 4.1 Extended Seven Steps of Community of Practice Strategy STEP COMMUNITIES-OF-PRACTICE STEP TECHNOLOGY EXTENSION 1 Understanding strategic knowledge needs: What knowledge is critical to success. Understanding how technology affects strategic knowledge, and what specific technological knowledge is critical to success. 2 Engaging practice domains: People form communities of practice to engage in and identify with. Technology identifies groups, based on business-related benefits; requires domains to work together toward measurable results. 3 Developing communities: How to help key communities reach their full potential. Technologies have life cycles that require communities to continue; treats the life cycle as a supporter for attaining maturation and full potential. 4 Working the boundaries: How to link communities to form broader learning systems. Technology life cycles require new boundaries to be formed. This will link other communities that were previously outside discussions and thus, expand input into technology innovations. 5 Fostering a sense of belonging: How to engage people’s identities and sense of belonging. The process of integrating communities: IT and other organizational units will create new evolving cultures that foster belonging as well as new social identities. 6 Running the business: How to integrate communities of practice into running the business of the organization. Cultural assimilation provides new organizational structures that are necessary to operate communities of practice and to support new technological innovations. 7 Applying, assessing, reflecting, renewing: How to deploy knowledge strategy through waves of organizational transformation. The active process of dealing with multiple new technologies that accelerates the deployment of knowledge strategy. Emerging technologies increase the need for organizational transformation. 80 INFORMATION TECHNOLOGY way things need to be done. However, technology, particularly the strategic integration component of ROD, fosters a more expanded vision of what can represent a community of practice. What does this mean? Communities of practice, through the advent of strate- gic integration, have expanded to include electronic communities. While technology can provide organizations with vast electronic libraries that end up as storehouses of information, they are only valuable if they are allowed to be shared within the community. Although IT has led many companies to imagine a new world of leveraged knowledge, communities have discovered that just storing information does not provide for effective and efficient use of knowl- edge. As a result, many companies have created these “electronic” communities so that knowledge can be leveraged, especially across cultures and geographic boundaries. These electronic communities are predictably more dynamic as a result of what technology pro- vides to them. The following are examples of what these communi- ties provide to organizations: • Transcending boundaries and exchanging knowledge with internal and external communities. In this circumstance, communities are extending not only across business units, but also into communities among various clients—as we see developing in advanced e-business strategies. Using the Internet and intranets, communities can foster dynamic inte- gration of the client, an important participant in competitive advantage. However, the expansion of an external commu- nity, due to emergent electronics, creates yet another need for the implementation of ROD. • Creating “Internet” or electronic communities as sources of knowledge (Teigland, 2000), particularly for technical- oriented employees. These employees are said to form “com- munities of techies”: technical participants, composed largely of the IT staff, who have accelerated means to come into con- tact with business-related issues. In the case of Ravell, I cre- ated small communities by moving IT staff to allow them to experience the user’s need; this move is directly related to the larger, and expanded, ability of using electronic communities of practice. 81orGAnIzAtIonAl leArnInG theorIes • Connecting social and workplace communities through sophisticated networks. This issue links well to the entire expansion of issues surrounding organizational learning, in particular, learning organization formation. It enfolds both the process and the social dialectic issues so important to cre- ating well-balanced communities of practice that deal with organizational-level and individual development. • Integrating teleworkers and non-teleworkers, including the study of gender and cultural differences. The growth of dis- tance workers will most likely increase with the maturation of technological connectivity. Videoconferencing and improved media interaction through expanded broadband will support further developments in virtual workplaces. Gender and cul- ture will continue to become important issues in the expan- sion of existing models that are currently limited to specific types of workplace issues. Thus, technology allows for the “globalization” of organizational learning needs, especially due to the effects of technological dynamism. • Assisting in computer-mediated communities. Such media- tion allows for the management of interaction among com- munities, of who mediates their communications criteria, and of who is ultimately responsible for the mediation of issues. Mature communities of practice will pursue self-mediation. • Creating “flame” communities. A flame is defined as a lengthy, often personally insulting, debate in an electronic commu- nity that provides both positive and negative consequences. Difference can be linked to strengthening the identification of common values within a community but requires organiza- tional maturation that relies more on computerized commu- nication to improve interpersonal and social factors to avoid miscommunications (Franco et al., 2000). • Storing collective knowledge in large-scale libraries and databases. As Einstein stated: “Knowledge is experience. Everything else is just information.” Repositories of informa- tion are not knowledge, and they often inhibit organizations from sharing important knowledge building blocks that affect technical, social, managerial, and personal developments that are critical for learning organizations (McDermott, 2000). 82 INFORMATION TECHNOLOGY Ultimately, these communities of practice are forming new social networks, which have established the cornerstone of “global connectiv- ity, virtual communities, and computer-supported cooperative work” (Wellman et al., 2000, p. 179). These social networks are creating new cultural assimilation issues, changing the very nature of the way organizations deal with and use technology to change how knowledge develops and is used via communities of practice. It is not, therefore, that communities of practice are new infrastructure or social forces; rather, the difference is in the way they communicate. Strategic inte- gration forces new networks of communication to occur (the IT effect on communities of practice), and the cultural assimilation component requires communities of practice to focus on how emerging technolo- gies are to be adopted and used within the organization. In sum, what we are finding is that technology creates the need for new organizations that establish communities of practice. New members enter the community and help shape its cognitive schemata. Aldrich (2001) defines cognitive schemata as the “structure that repre- sents organized knowledge about persons, roles, and events” (p. 148). This is a significant construct in that it promotes the importance of a balanced evolutionary behavior among these three areas. Rapid learn- ing, or organizational knowledge, brought on by technological inno- vations can actually lessen progress because it can produce premature closure (March, 1991). Thus, members emerge out of communities of practice that develop around organizational tasks. They are driven by technological innovation and need constructs to avoid premature clo- sure, as well as ongoing evaluation of perceived versus actual realities. As Brown and Duguid (1991, p. 40) state: The complex of contradictory forces that put an organization’s assump- tions and core beliefs in direct conflict with members’ working, learn- ing, and innovating arises from a thorough misunderstanding of what working, learning, and innovating are. As a result of such misunder- standings, many modern processes and technologies, particularly those designed to downskill, threaten the robust working, learning, and inno- vating communities and practice of the workplace. This perspective can be historically justified. We have seen time and time again how a technology’s original intention is not realized 83orGAnIzAtIonAl leArnInG theorIes yet still productive. For instance, many uses of e-mail by individuals were hard to predict. It may be indeed difficult, if not impossible, to predict the eventual impact of a technology on an organization and provide competitive advantages. However, based on evolutionary theories, it may be beneficial to allow technologies to progress from driver-to-supporter activity. Specifically, this means that communi- ties of practice can provide the infrastructure to support growth from individual-centered learning; that is, to a less event-driven process that can foster systems thinking, especially at the management levels of the organization. As organizations evolve into what Aldrich (2001) call “bounded entities,” interaction behind boundaries heightens the salience of cultural difference. Aldrich’s analysis of knowledge cre- ation is consistent with what he called an “adaptive organization”—one that is goal oriented and learns from trial and error (individual-based learning)—and a “knowledge development” organization (system- level learning). The latter consists of a set of interdependent members who share patterns of belief. Such an organization uses inferential and vicarious learning and generates new knowledge from both experi- mentation and creativity. Specifically, learning involves sense mak- ing and builds on the knowledge development of its members. This becomes critical to ROD, especially in dealing with change driven by technological innovations. The advantages and challenges of vir- tual teams and communities of practice are expanded in Chapter 7, in which I integrate the discussion with the complexities of outsourcing teams. Learning Preferences and Experiential Learning The previous sections of this chapter focused on organizational learn- ing, particularly two component theories and methods: learning organizations and communities of practice. Within these two meth- ods, I also addressed the approaches to learning; that is, learning that occurs on the individual and the organizational levels. I advocated the position that both system and individual learning need to be part of the equation that allows a firm to attain ROD. Notwithstanding how and when system and individual learning occurs, the investi- gation of how individuals learn must be a fundamental part of any theory-to-practice effort, such as the present one. Indeed, whether 84 INFORMATION TECHNOLOGY one favors a view of learning as occurring on the organizational or on the individual level (and it occurs on both), we have to recog- nize that individuals are, ultimately, those who must continue to learn. Dewey (1933) first explored the concepts and values of what he called “experiential learning.” This type of learning comes from the experiences that adults have accrued over the course of their individual lives. These experiences provide rich and valuable forms of “literacy,” which must be recognized as important components to overall learning development. Kolb (1984a) furthered Dewey’s research and developed an instrument that measures individual preferences or styles in which adults learn, and how they respond to day-to-day scenarios and concepts. Kolb’s (1999) Learning Style Inventory (LSI) instrument allows adults to better understand how they learn. It helps them understand how to solve problems, work in teams, manage conflicts, make better career choices, and negotiate personal and professional relationships. Kolb’s research provided a basis for comprehending the different ways in which adults prefer to learn, and it elaborated the distinct advantages of becoming a bal- anced learner. The instrument schematizes learning preferences and styles into four quadrants: concrete experience , reflective observation , abstract con­ ceptualization , and active experimentation . Adults who prefer to learn through concrete experience are those who need to learn through actual experience, or compare a situation with reality. In reflective observation, adults prefer to learn by observing others, the world around them, and what they read. These individuals excel in group discussions and can effectively reflect on what they see and read. Abstract conceptualization refers to learning, based on the assimila- tion of facts and information presented, and read. Those who prefer to learn by active experimentation do so through a process of evaluat- ing consequences; they learn by examining the impact of experimen- tal situations. For any individual, these learning styles often work in combinations. After classifying an individual’s responses to questions, Kolb’s instrument determines the nature of these combinations. For example, an individual can have a learning style in which he or she prefers to learn from concrete experiences using reflective observation as opposed to actually “doing” the activity. Figure 4.3 shows Kolb’s model in the form of a “learning wheel.” The wheel graphically shows 85orGAnIzAtIonAl leArnInG theorIes an individual’s learning style inventory, reflecting a person’s strengths and weaknesses with respect to each learning style. Kolb’s research suggests that learners who are less constrained by learning preferences within a distinct style are more balanced and are better learners because they have available to them more dimensions in which to learn. This is a significant concept; it suggests that adults who have strong preferences may not be able to learn when faced with learning environments that do not fit their specific preference. For example, an adult who prefers group discussion and enjoys reflective conversation with others may feel uncomfortable in a less interper- sonal, traditional teaching environment. The importance of Kolb’s LSI is that it helps adults become aware that such preferences exist. McCarthy’s (1999) research furthers Kolb’s work by investigating the relationship between learning preferences and curriculum devel- opment. Her Learning Type Measure (4Mat) instrument mirrors and extends the Kolb style quadrants by expressing preferences from an individual’s perspective on how to best achieve learning. Another important contribution in McCarthy’s extension of Kolb’s work is the inclusion of brain function considerations, particularly in terms of hemisphericity. McCarthy focuses on the cognitive functions asso- ciated with the right hemisphere (perception) and left hemisphere (process) of the brain. Her 4Mat system shows how adults, in each Concrete experience Abstract conceptualization Learns from hands-on experience Observes concrete situation and reflects on its meaning Seeks to find practical uses for ideas and theories Interested in abstract ideas and concepts Active experimentation Reflective observation Figure 4.3 Kolb’s Learning Style Inventory. 86 INFORMATION TECHNOLOGY style quadrant, perceive learning with the left hemisphere of the brain and how it is related to processing in the right hemisphere. For example, for Type 1 learners (concrete experience and reflective observation), adults perceive in a concrete way and process in a reflec- tive way. In other words, these adults prefer to learn by actually doing a task and then processing the experience by reflecting on what they experienced during the task. Type 2 learners (reflective observation and abstract conceptualization), however, perceive a task by abstract thinking and process it by developing concepts and theories from their initial ideas. Figure 4.4 shows McCarthy’s rendition of the Kolb learning wheel. The practical claim to make here is that practitioners who acquire an understanding of the concepts of the experiential learning mod- els will be better able to assist individuals in understanding how they learn, how to use their learning preferences during times of Meaning Con ce pts W hat? Skills How? W hy? Adaptat ions If? Integrate QIV QIII QI QII Try Define Refine Examine ImageExtend Counsel Figure 4.4 McCarthy rendition of the Kolb Learning Wheel. 87orGAnIzAtIonAl leArnInG theorIes transition, and the importance of developing other dimensions of learning. The last is particularly useful in developing expertise in learning from individual reflective practices, learning as a group in communities of practice, and participating in both individual transformative learning, and organizational transformations. How, then, does experiential learning operate within the framework of organizational learning and technology? This is shown Figure 4.5 in a combined wheel, called the applied individual learning for tech­ nology model, which creates a conceptual framework for linking the technology life cycle with organizational learning and experiential learning constructs. Figure 4.5 expands the wheel into two other dimensions. The first quadrant (QI) represents the feasibility stage of technology. It requires communities to work together, to ascertain why a particular technology might be attractive to the organization. This quadrant is Engaging in the technology process Con ce ptuali ze driv er an d su ppor ter life cy cle sMeas urem en t a nd an aly sis –W hat? Exploring technology opportunities Planning and design–How? Feasibility–W hy? Im plem en tin g te ch nology Crea tio n–W hat If? Action learning QIV QIII QI QII Knowledge management Transformative learning Communities of practice Figure 4.5 Combined applied learning wheel. 88 INFORMATION TECHNOLOGY best represented by individuals who engage in group discussions to make better connections from their own experiences. The process of determining whether a technology is feasible requires integrated discourse among affected communities, who then can make better decisions, as opposed to centralized or individual and predetermined decisions on whether to use a specific technology. During this phase, individuals need to operate in communities of practice, as the infra- structure with which to support a democratic process of consensus building. The second quadrant (QII) corresponds to measurement and analy- sis. This operation requires individuals to engage in specific details to determine and conceptualize driver and supporter life cycles ana- lytically. Individuals need to examine the specific details to under- stand “ what” the technology can do, and to reflect on what it means to them, and their business unit. This analysis is measured with respect to what the ROI will be, and which driver and supporter functions will be used. This process requires transformation theory that allows individuals to perceive and conceptualize which components of the technology can transform the organization. Quadrant 3 (QIII), design and planning, defines the “how” component of the technology life cycle. This process involves explor- ing technology opportunities after measurement and analysis have been completed. The process of determining potential uses for technology requires knowledge of the organization. Specifically, it needs the abstract concepts developed in QII to be integrated with tacit knowledge, to then determine possible applications where the technology can succeed. Thus, knowledge management becomes the predominant mechanism for translating what has been conceptual- ized into something explicit (discussed further in Chapter 5). Quadrant 4 (QIV) represents the implementation-and-creation step in the technology life cycle. It addresses the hypothetical ques- tion of “What if?” This process represents the actual implementation of the technology. Individuals need to engage in action learning tech- niques, particularly those of reflective practices. The implementation step in the technology life cycle is heavily dependent on the indi- vidual. Although there are levels of project management, the essential aspects of what goes on inside the project very much relies on the individual performances of the workers. 89orGAnIzAtIonAl leArnInG theorIes Social Discourse and the Use of Language The successful implementation of communities of practice fosters heavy dependence on social structures. Indeed, without understand- ing how social discourse and language behave, creating and sustaining the internal interactions within and among communities of practice are not possible. In taking individuals as the central component for continued learning and change in organizations, it becomes impor- tant to work with development theories that can measure and support individual growth and can promote maturation with the promotion of organizational/system thinking (Watkins & Marsick, 1993). Thus, the basis for establishing a technology-driven world requires the inclu- sion of linear and circular ways of promoting learning. While there is much that we will use from reflective action concepts designed by Argyris and Schö n (1996), it is also crucial to incorporate other theo- ries, such as marginality, transitions, and individual development. Senge (1990) also compares learning organizations with engineer- ing innovation; he calls these engineering innovations “technologies.” However, he also relates innovation to human behavior and distin- guishes it as a “discipline.” He defines discipline as “a body of theory and technique that must be studied and mastered to be put into prac- tice, as opposed to an enforced order or means of punishment” (p. 10). A discipline, according to Senge, is a developmental path for acquir- ing certain skills or competencies. He maintains the concept that cer- tain individuals have an innate “gift”; however, anyone can develop proficiency through practice. To practice a discipline is a lifelong learning process—in contrast to the work of a learning organization. Practicing a discipline is different from emulating a model. This book attempts to bring the arenas of discipline and technology into some form of harmony. What technology offers is a way of addressing the differences that Senge proclaims in his work. Perhaps this is what is so interesting and challenging about attempting to apply and under- stand the complexities of how technology, as an engineering innova- tion, affects the learning organization discipline—and thereby creates a new genre of practices. After all, I am not sure that one can master technology as either an engineering component, or a discipline. Technology dynamism and ROD expand the context of the glo- balizing forces that have added to the complexity of analyzing “the 90 INFORMATION TECHNOLOGY language and symbolic media we employ to describe, represent, interpret, and theorize what we take to be the facticity of organi- zational life” (Grant et al., 1998, p. 1). ROD needs to create what I call the “language of technology.” How do we then incorporate technology in the process of organizing discourse, or how has tech- nology affected that process? We know that the concept of dis- course includes language, talk, stories, and conversations, as well as the very heart of social life, in general. Organizational discourse goes beyond what is just spoken; it includes written text and other informal ways of communication. Unfortunately, the study of dis- course is seen as being less valuable than action. Indeed, discourse is seen as a passive activity, while “doing” is seen as supporting more tangible outcomes. However, technology has increased the importance of sensemaking media as a means of constructing and understanding organizational identities. In particular, technology, specifically the use of e-mail, has added to the instability of lan- guage, and the ambiguities associated with metaphorical analysis— that is, meaning making from language as it affects organizational behavior. Another way of looking at this issue is to study the meta- phor, as well as the discourse, of technology. Technology is actually less understood today, a situation that creates even greater reason than before for understanding its metaphorical status in organiza- tional discourse—particularly with respect to how technology uses are interpreted by communities of practice. This is best shown using the schema of Grant et al. of the relationship between content and activity and how, through identity, skills, and emotion, it leads to action (Figure 4.6). To best understand Figure 4.4 and its application to technology, it is necessary to understand the links between talk and action. It is the activity and content of conversations that discursively produce identities, skills, and emotions, which in turn lead to action. Talk, in respect to conversation and content, implies both oral and writ- ten forms of communications, discourse, and language. The written aspect can obviously include technologically fostered communications over the Internet. It is then important to examine the unique condi- tions that technology brings to talk and its corresponding actions. 91orGAnIzAtIonAl leArnInG theorIes Identity Individual identities are established in collaborations on a team, or in being a member of some business committee. Much of the theory of identity development is related to how individuals see themselves, particularly within the community in which they operate. Thus, how active or inactive we are within our communities, shapes how we see ourselves and how we deal with conversational activity and content. Empowerment is also an important part of identity. Indeed, being excluded or unsupported within a community establishes a different identity from other members of the group and often leads to margin- ality (Schlossberg, 1989). Identities are not only individual but also collective, which to a large extent contributes to cultures of practice within organiza- tional factions. It is through common membership that a collec- tive identity can emerge. Identity with the group is critical during discussions regarding emerging technologies and determining how they affect the organization. The empowerment of individuals, and the creation of a collective identity, are therefore important in fos- tering timely actions that have a consensus among the involved community. Skills Identity Emotions Action Conversational activity Conversational content Figure 4.6 Grant’s schema— relationship between content and activity. 92 INFORMATION TECHNOLOGY Skills According to Hardy et al. (1998, p. 71), conversations are “arenas in which particular skills are invested with meaning.” Watson (1995) suggests that conversations not only help individuals acquire “techni- cal skills” but also help develop other skills, such as being persuasive. Conversations that are about technology can often be skewed toward the recognition of those individuals who are most “technologically talented.” This can be a problem when discourse is limited to who has the best “credentials” and can often lead to the undervaluing of social production of valued skills, which can affect decisions that lead to actions. Emotion Given that technology is viewed as a logical and rational field, the application of emotion is not often considered a factor of action. Fineman (1996) defines emotion as “personal displays of affected, or ‘moved’ and ‘agitated’ states—such as joy, love, fear, anger, sadness, shame, embarrassment,”—and points out that these states are socially constructed phenomena. There is a positive contribution from emo- tional energy as well as a negative one. The consideration of positive emotion in the organizational context is important because it drives action (Hardy et al., 1998). Indeed, action is more emotion than ratio- nal calculation. Unfortunately, the study of emotions often focuses on its negative aspects. Emotion, however, is an important part of how action is established and carried out, and therefore warrants attention in ROD. Identity, skills, and emotion are important factors in how talk actu- ally leads to action. Theories that foster discourse, and its use in orga- nizations, on the other hand, are built on linear paths of talk and action. That is, talk can lead to action in a number of predefined paths. Indeed, talk is typically viewed as “cheap” without action or, as is often said, “action is valued,” or “action speaks louder than words.” Talk, from this perspective, constitutes the dynamism of what must occur with action science, communities of practice, transformative learn- ing, and, eventually, knowledge creation and management. Action, by contrast, can be viewed as the measurable outcomes that have been 93orGAnIzAtIonAl leArnInG theorIes eluding organizational learning scholars. However, not all actions lead to measurable outcomes. Marshak (1998) established three types of talk that lead to action: tool­talk , frame­talk , and mythopoetic­talk : 1. Tool­talk includes “instrumental communities required to: discuss, conclude, act, and evaluate outcomes” (p. 82). What is most important in its application is that tool-talk be used to deal with specific issues for an identified purpose. 2. Frame­talk focuses on interpretation to evaluate the mean- ings of talk. Using frame-talk results in enabling implicit and explicit assessments, which include symbolic, conscious, pre- conscious, and contextually subjective dimensions. 3. Mythopoetic­talk communicates ideogenic ideas and images (i.e., myths and cosmologies) that can be used to communicate the nature of how to apply tool-talk and frame-talk within the particular culture or society. This type of talk allows for con- cepts of intuition and ideas for concrete application. Furthermore, it has been shown that organizational members experience a difficult and ambiguous relationship, between discourse that makes sense, and non-sense—what is also known as “the struggle with sense” (Grant et al., 1998). There are two parts that comprise non-sense: The first is in the difficulties that individuals experience in understanding why things occur in organizations, particularly when their actions “make no sense.” Much of this difficulty can be cor- related with political issues that create “nonlearning” organizations. However, the second condition of non-sense is more applicable, and more important, to the study of ROD than the first—that is, non- sense associated with acceleration in the organizational change pro- cess. This area comes from the taken-for-granted assumptions about the realities of how the organization operates, as opposed to how it can operate. Studies performed by Wallemacq and Sims (1998) provide examples of how organizational interventions can decompose stories about non-sense and replace them with new stories that better address a new situation and can make sense of why change is needed. This phenomenon is critical to changes established, or responded to, by the advent of new technologies. Indeed, technology has many nonsensi- cal or false generalizations regarding how long it takes to implement a product, what might be the expected outcomes, and so on. Given 94 INFORMATION TECHNOLOGY the need for ROD—due to the advent of technology—there is a con- comitant need to reexamine “old stories” so that the necessary change agents can be assessed and put into practice. Ultimately, the challenge set forth by Wallemacq and Sims is especially relevant, and critical, since the very definition of ROD suggests that communities need to accelerate the creation of new stories—stories that will occur at unpredictable intervals. Thus, the link between discourse, organiza- tional learning, and technology is critical to providing ways in which to deal with individuals and organizations facing the challenge of changing and evolving. Grant’s (1996) research shows that sense making using media and stories provided effective ways of constructing and understanding organizational identities. Technology affects discourse in a similar way that it affects communities of practice; that is, it is a variable that affects the way discourse is used for organizational evolution. It also provides new vehicles on how such discourse can occur. However, it is important not to limit discourse analysis to merely being about “texts,” emotion, stories, or conversations in organizations. Discourse analysis examines “the constructing, situating, facilitating, and communicat- ing of diverse cultural, instrumental, political, and socio-economic parameters of ‘organizational being’” (Grant, 1996, p. 12). Hence, discourse is the essential component of every organizational learn- ing effort. Technology accelerates the need for such discourse, and language, in becoming a more important part of the learning matura- tion process, especially in relation to “system” thinking and learning. I propose then, as part of a move toward ROD, that discourse theories must be integrated with technological innovation and be part of the maturation in technology and in organizational learning. The overarching question is how to apply these theories of dis- course and language to learning within the ROD framework and par- adigm. First, let us consider the containers of types of talk discussed by Marshak (1998) as shown in Figure 4.7. These types of talk can be mapped onto the technology wheel, so that the most appropriate oral and written behaviors can be set forth within each quadrant, and development life cycle, as shown in Figure 4.8. Mythopoetic-talk is most appropriate in Quadrant 1 (QI), where the fundamental ideas and issues can be discussed in communities of practice. These technological ideas and concepts, deemed feasible, are 95orGAnIzAtIonAl leArnInG theorIes then analyzed through frame-talk, by which the technology can be evaluated in terms of how it meets the fundamental premises estab- lished in QI. Frame-talk also reinforces the conceptual legitimacy of how technology will transform the organization while provid- ing appropriate ROI. Tool-talk represents the process of identifying applications and actually implementing them. For this reason, tool- talk exists in both QIII and QIV. The former quadrant represents Mythopoetic-talk: Ideogenic Frame-talk: Interpretive Tool-talk: Instrumental Figure 4.7 Marshak’s type of talk containers. Planning and design–How? Im plem en tat ion–W hat If? Tool-talk: Doing using reflective practices QIV QIII QI QII Tool-talk: Discuss-decide: Knowledge management Frame-talk: Transformative Mythopoetic- talk: Ground ideas using communities of practice Feasibility–W hy? Meas urem en t a nd an aly sis –W hat? Figure 4.8 Marshak’s model mapped to the technology learning wheel. 96 INFORMATION TECHNOLOGY the discussion-to-decision portion, and the latter represents the actual doing and completion of the project itself. In QIII, table-talk requires knowledge management to transition technology concepts into real options. QIV transforms these real options into actual projects, in which, reflecting on actual practices during implementation, provides an opportunity for individual- and organizational-level learning. Marshak’s (1998) concept of containers and cycles of talk and action are adapted and integrated with cyclical and linear matu- rity models of learning. However, discourse and language must be linked to performance, which is why it needs to be part of the discourse and language-learning wheel. By integrating discourse and language into the wheel, individual and group activities can use discourse and language as part of ref lective practices to create an environment that can foster action that leads to measurable outcomes. This process, as explained throughout this book, is of paramount importance in understanding how discourse operates with ROD in the information age. Linear Development in Learning Approaches Focusing only on the role of the individual in the company is an incom- plete approach to formulating an effective learning program. There is another dimension to consider that is based on learning maturation. That is, where in the life cycle of learning are the individuals and the organization? The best explanation of this concept is the learning mat- uration experience at Ravell. During my initial consultation at Ravell, the organization was at a very early stage of organizational learning. This was evidenced by the dependence of the organization on event- driven and individual reflective practice learning. Technology acted as an accelerator of learning—it required IT to design a new network during the relocation of the company. Specifically, the acceleration, operationalized by a physical move, required IT to establish new rela- tionships with line management. The initial case study concluded that there was a cultural change as a result of these new relationships— cultural assimilation started to occur using organizational learning techniques, specifically reflective practices. After I left Ravell, another phase in the evolution of the company took place. A new IT director was hired in my stead, who attempted 97orGAnIzAtIonAl leArnInG theorIes to reinstate the old culture: centralized infrastructure, stated opera- tional boundaries, and separations that mandated anti-learning orga- nizational behaviors. After six months, the line managers, faced with having to revert back to a former operating culture, revolted and demanded the removal of the IT director. This outcome, regrettable as it may be, is critical in proving the conclusion of the original study that the culture at Ravell had indeed evolved from its state, at the time of my arrival. The following are two concrete examples that support this notion: 1. The attempt of the new IT director to “roll back” the process to a former cultural state was unsuccessful, showing that a new evolving culture had indeed occurred. 2. Line managers came together from the established learning organization to deliver a concerted message to the execu- tive team. Much of their learning had now shifted to a social organization level that was based less on events and was more holistic with respect to the goals and objectives of the organization. Thus, we see a shift from an individual-based learning process to one that is based more on the social and organizational issues to stimulate transformation. This transformation in learning method occurred within the same management team, suggesting that changes in learning do occur over time and from experience. Another way of viewing the phenomenon is to see Ravell as reaching the next level of organizational learning or maturation with learning. Consistent with the conclusion of the original study, technology served to accelerate the process of change or accelerate the maturation process of organi- zational learning. Another phase (Phase II) of Ravell transpired after I returned to the company. I determined at that time that the IT department needed to be integrated with another technology-based part of the business—the unit responsible for media and engineering services (as opposed to IT). While I had suggested this combination eight months earlier, the organization had not reached the learning matu- ration to understand why such a combination was beneficial. Much of the reason it did not occur earlier, can also be attributed to the organization’s inability to manage ROD, which, if implemented, 98 INFORMATION TECHNOLOGY would have made the integration more obvious. The initial Ravell study served to bring forth the challenges of cultural assimilation, to the extent that the organization needed to reorganize itself and change its behavior. In phase II, the learning process matured by accelerating the need for structural change in the actual reporting processes of IT. A year later, yet another learning maturation phase (phase III) occurred. In Ravell, Phase III, the next stage of learning matura- tion, allowed the firm to better manage ROD. After completing the merger of the two technically related business units discussed (phase II), it became necessary to move a core database depart- ment completely out of the combined technology department, and to integrate it with a business unit. The reason for this change was compelling and brought to light a shortfall in my conclusions from the initial study. It appears that as organizational learning matures within ROD, there is an increasing need to educate the executive management team of the organization. This was not the case during the early stages of the case study. The limitation of my work, then, was that I predominantly interfaced with line management and neglected to include executives in the learning. During that time, results were encouraging, so there was little reason for me to include executives in event-driven issues, as discussed. Unfortunately, lack- ing their participation fostered a disconnection with the strategic integration component of ROD. Not participating in ROD created executive ignorance of the importance that IT had on the strategy of the business. Their lack of knowledge resulted in chronic problems with understanding the relationship and value of IT on the business units of the organization. This shortcoming resulted in continued conflicts over investments in the IT organization. It ultimately left IT with the inability to defend many of its cost requirements. As stated, during times of economic downturns, firms tend to reduce support organizations. In other words, executive management did not understand the driver component of IT. After the move of the cohort of database developers to a formal business line unit, the driver components of the group provided the dialogue and support necessary to educate executives. However, this education did not occur based on events, but rather, on using the social and group dynamics of organizational learning. We see 99orGAnIzAtIonAl leArnInG theorIes here another aspect of how organizational and individual learning methods work together, but evolve in a specific way, as summarized in Table 4.2. Another way of representing the relationship between individual and organizational learning over time is to chart a “maturity” arc to illustrate the evolutionary life cycle of technology and organiza- tional learning. I call this arc the ROD arc. The arc is designed to assess individual development in four distinct sectors of ROD, each in relation to five developmental stages of organizational learning. Thus, each sector of ROD can be measured in a linear and inte- grated way. Each stage in the course of the learning development Table 4.2 Analysis of Ravell’s Maturation with Technology LEARNING PHASE I PHASE II PHASE III Type of learning Individual reflective practices used to establish operations and line management. Line managers defend new culture and participate in less event-driven learning. Movement away from holistic formation of IT, into separate driver and supporter attributes. Learning approaches are integrated using both individual and organizational methods, and are based on functionality as opposed to being organizationally specific. Learning outcomes Early stage of learning organization development. Combination of event-driven and early-stage social organizational learning formation. Movement toward social- based organizational decision making, relative to the different uses of technology. Responsive organizational dynamism: cultural assimilation. Established new culture; no change in organizational structure. Cultural assimilation stability with existing structures; early phase of IT organizational integration with similar groups. Mature use of cultural assimilation, based on IT behaviors (drivers and supporters). Responsive organizational dynamism: Strategic integration. Limited integration due to lack of executive involvement. Early stages of value/needs based on similar strategic alignment. Social structures emphasize strategic integration based on business needs. 100 INFORMATION TECHNOLOGY of an organization reflects an underlying principle that guides the process of ROD norms and behaviors; specifically, it guides orga- nizations in how they view and use the ROD components available to them. The arc is a classificatory scheme that identifies progressive stages in the assimilated uses of ROD. It reflects the perspective— paralleling Knefelkamp’s (1999) research—that individuals in an organization are able to move through complex levels of thinking, and to develop independence of thought and judgment, as their careers progress within the management structures available to them. Indeed, assimilation to learning at specific levels of opera- tions and management are not necessarily an achievable end but one that fits into the psychological perspective of what productive employees can be taught about ROD adaptability. Figure 4.9 illus- trates the two axes of the arc. The profile of an individual who assimilates the norms of ROD can be characterized in five developmental stages (vertical axis) along four sectors of literacy (horizontal axis). The arc character- izes an individual at a specific level in the organization. At each level, the arc identifies individual maturity with ROD, specifically strategic integration, cultural assimilation, and the type of learning process (i.e., individual vs. organizational). The arc shows how each tier integrates with another, what types of organizational learning theory best apply, and who needs to be the primary driver within the organization. Thus, the arc provides an organizational schema for how each conceptual component of organizational learning applies to each sector of ROD. It also identifies and constructs a path for those individuals who want to advance in organizational rank; that is, it can be used to ascertain an individual’s ability to cope with ROD requirements as a precursor for advancement in management. Each position within a sector, or cell, represents a specific stage of development within ROD. Each cell contains spe- cific definitions that can be used to identify developmental stages of ROD and organizational learning maturation. Figure 4.10 rep- resents the ROD arc with its cell definitions. The five stages of the arc are outlined as follows: 101orGAnIzAtIonAl leArnInG theorIes St ra te gi c in te gr at io n Se ct or s o f r es po ns iv e or ga ni za tio na l d yn am ism O pe ra tio na l kn ow le dg e D ep ar tm en t/ un it vi ew a s o th er In te gr at ed di sp os iti on St ab le o pe ra tio ns O rg an iz at io na l le ad er sh ip O rg an iz at io na l l ea rn in g co ns tr uc ts M an ag em en t l ev el C ul tu ra l a ss im ila tio n Fi gu re 4 .9 Re fle ct iv e or ga ni za tio na l d yn am is m a rc m od el . 102 INFORMATION TECHNOLOGY Se ct or v ar ia bl e O pe ra tio na l kn ow le dg e D ep ar tm en t/ un it vi ew as o th er In te gr at ed d isp os iti on St ab le o pe ra tio ns O rg an iz at io na l le ad er sh ip St ra te gi c in te gr at io n O pe ra tio ns p er so nn el un de rs ta nd th at te ch no lo gy h as a n im pa ct o n st ra te gi c de ve lo pm en t, pa rt ic ul ar ly o n ex ist in g pr oc es se s Vi ew th at te ch no lo gy ca n an d w ill a ffe ct th e w ay th e or ga ni za tio n op er at es a nd th at it ca n aff ec t r ol es a nd re sp on sib ili tie s C ha ng es b ro ug ht fo rt h by te ch no lo gy n ee d to b e as sim ila te d in to de pa rt m en ts a nd a re de pe nd en t o n ho w o th er s pa rt ic ip at e U nd er st an ds n ee d fo r or ga ni za tio na l c ha ng es ; di ffe re nt c ul tu ra l be ha vi or n ew st ru ct ur es ar e se en a s v ia bl e so lu tio ns O rg an iz at io na l c ha ng es ar e co m pl et ed a nd in op er at io n; e xi st en ce o f ne w o r m od ifi ed em pl oy ee p os iti on s D ep ar tm en t- le ve l or ga ni za tio na l c ha ng es an d cu ltu ra l e vo lu tio n ar e in te gr at ed w ith or ga ni za tio n- w id e fu nc tio ns a nd c ul tu re s In di vi du al b el ie fs o f st ra te gi c im pa ct a re in co m pl et e; in di vi du al ne ed s t o in co rp or at e ot he r v ie w s w ith in th e de pa rt m en t o r b us in es s un it Re co gn iti on th at in di vi du al an d de pa rt m en t v ie w s m us t b e in te gr at ed to b e co m pl et e an d st ra te gi ca lly p ro du ct iv e fo r t he d ep ar tm en t/ un it C ha ng es m ad e to pr oc es se s a t t he de pa rt m en t/ un it le ve l fo rm al ly in co rp or at e em er gi ng te ch no lo gi es D ep ar tm en ta l s tr at eg ie s ar e pr op ag at ed a nd in te gr at ed a t or ga ni za tio n le ve l C ul tu ra l as sim ila tio n O rg an iz at io na l le ar ni ng c on st ru ct s In di vi du al -b as ed re fle ct iv e pr ac tic e Sm al l g ro up -b as ed re fle ct iv e pr ac tic es In te ra ct iv e w ith b ot h in di vi du al a nd m id dl e m an ag em en t u sin g co m m un iti es o f p ra ct ic e In te ra ct iv e be tw ee n m id dl e m an ag em en t a nd ex ec ut iv es u sin g so ci al di sc ou rs e m et ho ds to pr om ot e tr an sf or m at io n O rg an iz at io na l l ea rn in g at ex ec ut iv e le ve l u sin g kn ow le dg e m an ag em en t M an ag em en t l ev el O pe ra tio ns O pe ra tio n an d m id dl e m an ag em en t M id dl e m an ag em en t M id dl e m an ag em en t a nd ex ec ut iv e Ex ec ut iv e Fi gu re 4 .1 0 Re sp on si ve o rg an iza tio na l d yn am is m a rc . 103orGAnIzAtIonAl leArnInG theorIes 1. Operational knowledge: Represents the capacity to learn, con- ceptualize, and articulate key issues relating to how technology can have an impact on existing processes and organizational structure. Organizational learning is accomplished through individual learning actions, particularly reflective practices. This stage typically is the focus for operations personnel, who are usually focused on their personal perspectives of how technology affects their daily activities. 2. Department/unit view as other : Indicates the ability to inte- grate points of view about using technology from diverse indi- viduals within the department or business unit. Using these new perspectives, the individual is in position to augment his or her understanding of technology and relate it to others within the unit. Operations personnel participate in small- group learning activities, using reflective practices. Lower levels of middle managers participate in organizational learn- ing that is in transition, from purely individual to group-level thinking. 3. Integrated disposition : Recognizes that individual and depart- mental views on using technology need to be integrated to form effective business unit objectives. Understanding that organizational and cultural shifts need to include all mem- ber perspectives, before formulating departmental decisions, organizational learning is integrated with middle managers, using communities of practice at the department level. 4. Stable operations : Develops in relation to competence in sec- tors of ROD appropriate for performing job duties for emerg- ing technologies, not merely adequately, but competitively, with peers and higher-ranking employees in the organization. Organizational learning occurs at the organizational level and uses forms of social discourse to support organizational transformation. 5. Organizational leadership : Ability to apply sectors of ROD to multiple aspects of the organization. Department concepts can be propagated to organizational levels, including strate- gic and cultural shifts, relating to technology opportunities. Organizational learning occurs using methods of knowledge management with executive support. Individuals use their 104 INFORMATION TECHNOLOGY technology knowledge for creative purposes. They are will- ing to take risks using critical discernment and what Heath (1968) calls “freed” decision making. The ROD arc addresses both individual and organizational learning. There are aspects of Senge’s (1990) “organizational” approach that are important and applicable to this model. I have mentioned its appropriateness in regard to the level of the manager— suggesting that the more senior manager is better posi- tioned to deal with nonevent learning practices. However, there is yet another dimension within each stage of matured learning. This dimension pertains to timing. The timing dimension focuses on a multiple-phase approach to maturing individual and organiza- tional learning approaches. The multiple phasing of this approach suggests a maturing or evolutionary learning cycle that occurs over time, in which individual learning fosters the need and the acceptance of organizational learning methods. This process can be applied within multiple tiers of management and across differ- ent business units. The ROD arc can also be integrated with the applied individual learning wheel. The combined models show the individual’s cycle of learning along a path of maturation. This can be graphically shown to reflect how the wheel turns and moves along the continuum of the arc (Figure 4.11). Figure 4.11 shows that an experienced technology learner can maximize learning by utilizing all four quadrants in each of the maturity stages. It should be clear that certain quadrants of indi- vidual learning are more important to specific stages on the arc. However, movement through the arc is usually not symmetrical; that is, individuals do not move equally from stage to stage, within the dimensions of learning (Langer, 2003). This integrated and multiphase method uses the applied individual learning wheel with the arc. At each stage of the arc, an individual will need to draw on the different types of learning that are available in the learning wheel. Figure 4.12 provides an example of this con- cept, which Knefelkamp calls “multiple and simultaneous” (1999), meaning that learning can take on multiple meanings across dif- ferent sectors simultaneously. 105orGAnIzAtIonAl leArnInG theorIes Figure 4.12 shows that the dimension variables are not necessarily parallel in their linear maturation. This phenomenon is not unusual with linear models, and in fact, is quite normal. However, it also reflects the complexity of how variables mature, and the importance of having the capability and infrastructure to determine how to measure such levels of maturation within dimensions. There are both qualitative and quantitative approaches to this analysis. Qualitative approaches typically include interviewing, ethnographic-type experiences over Engaging in the technology process Con ce ptuali ze driv er an d su ppor ter life cy cle sMeas urem en t a nd an aly sis –W hat? Exploring technology opportunities Planning and design–How? Feasibility–W hy? Im plem en tin g te ch nology Crea tio n–W hat If? Action learning QIV QIII QI QII Operational knowledge Department/unit view as other Integrated disposition Increased levels of maturity with organizational dynamism Stable operations Organizational leadership Knowledge management Transformative learning Communities of practice Figure 4.11 ROD arc with applied individual learning wheel. 106 INFORMATION TECHNOLOGY D im en si on v ar ia bl e O pe ra tio na l kn ow le dg e D ep ar tm en t/ un it vi ew a s o th er In te gr at ed di sp os iti on St ab le o pe ra tio ns O rg an iz at io na l le ad er sh ip St ra te gi c in te gr at io n C ul tu ra l a ss im ila tio n O rg an iz at io na l l ea rn in g co ns tr uc ts M an ag em en t l ev el Fi gu re 4 .1 2 Sa m pl e RO D ar c. 107orGAnIzAtIonAl leArnInG theorIes some predetermined time period, individual journals or diaries, group meetings, and focus groups. Quantitative measures involve the cre- ation of survey-type measures; they are based on statistical results from answering questions that identify the level of maturation of the individual. The learning models that I elaborate in this chapter are suggestive of the rich complexities surrounding the learning process for indi- viduals, groups, and entire organizations. This chapter establishes a procedure for applying these learning models to technology-specific situations. It demonstrates how to use different phases of the learning process to further mature the ability of an organization to integrate technology strategically and culturally. 109 5 managing oRganizaTional leaRning anD TeChnology The Role of Line Management In Chapter 1, the results of the Ravell case study demonstrated the importance of the role that line managers have, for the success of imple- menting organizational learning, particularly in the objective of inte- grating the information technology (IT) department. There has been much debate related to the use of event-driven learning. In particular, there is Senge’s (1990) work from his book, The Fifth Discipline. While overall, I agree with his theories, I believe that there is a need to critique some of his core concepts and beliefs. That is, Senge tends to make broad generalizations about the limits of event-driven education and learning in organizations. He believes that there is a limitation of learn- ing from experience because it can create limitations to learning based on actions—as he asks: “What happens when we can no longer observe the consequences of our actions?” (Senge, 1990, p. 23). My research has found that event-driven learning is essential to most workers who have yet to learn through other means. I agree with Senge that not all learning can be obtained through event-oriented thinking, but I feel that much of what occurs at this horizon pertains more to the senior levels than to what many line managers have to deal with as part of their functions in business. Senge’s concern with learn- ing methods that focus too much on the individual, perhaps, is more powerful, if we see the learning organization as starting at the top and then working its way down. The position, however, particularly with respect to the integration of technology, is that too much dependence on executive-driven programs to establish and sustain organizational learning, is dangerous. Rather, the line management—or middle managers who fundamentally run the business—is best positioned to make the difference. My hypothesis here is that both top-down and bottom-up approaches to organizational learning are riddled with 110 INFORMATION TECHNOLOGY problems, especially in their ability to sustain outcomes. We cannot be naï ve—even our senior executives must drive results to maintain their positions. As such, middle managers, as the key business drivers, must operate in an event- and results-driven world—let us not under- estimate the value of producing measurable outcomes, as part of the ongoing growth of the organizational learning practicum. To explore the role of middle managers further, I draw on the inter- esting research done by Nonaka and Takeuchi (1995). These research- ers examined how Japanese companies manage knowledge creation, by using an approach that they call “middle-up-down.” Nonaka and Takeuchi found that middle managers “best communicate the contin- uous iterative process by which knowledge is created” (p. 127). These middle managers are often seen as leaders of a team, or task, in which a “spiral conversion process” operates and that requires both executive and operations management personnel. Peters and Waterman (1982), among others, often have attacked middle managers as representing a layer of management that creates communication problems and inef- ficiencies in business processes that resulted in leaving U.S. workers trailing behind their international competitors during the automobile crisis in the 1970s. They advocate a “flattening” of the never-ending levels of bureaucracy responsible for inefficient operations. However, executives often are not aware of details within their operating depart- ments and may not have the ability or time to acquire those details. Operating personnel, on the other hand, do not possess the vision and business aptitudes necessary to establish the kind of knowledge creation that fosters strategic learning. Middle managers, or what I prefer to identify as line managers (Langer, 2001b), possess an effective combination of skills that can pro- vide positive strategic learning infrastructures. Line managers under- stand the core issues of productivity in relation to competitive operations and return on investment, and they are much closer to the day-to-day activities that bring forth the realities of how, and when, new strategic processes can be effectively implemented. While many researchers, such as Peters and Waterman, find them to be synonymous with backward- ness, stagnation, and resistance to change, middle managers are the core group that can provide the basis for continuous innovation through strategic learning. It is my perspective that the difference of opinion regarding the positive or negative significance middle managers have 111MAnAGInG orGAnIzAtIonAl leArnInG in relation to organizational learning has to do with the wide-ranging variety of employees who fall into the category of “middle.” It strikes me that Peters and Waterman were somewhat on target with respect to a certain population of middle managers, although I would not char- acterize them as line managers. To justify this position, it is important to clearly establish the differences. Line managers should be defined as pre-executive employees who have reached a position of managing a business unit that contains some degree of return on investment for the business. In effect, I am suggesting that focusing on “middle” manag- ers, as an identifiable group, is too broad. Thus, there is a need to further delineate the different levels of what comprises middle managers, and their roles in the organization. Line Managers These individuals usually manage an entire business unit and have “return-on-investment” responsibilities. Line managers should be categorized as those who have middle managers reporting to them; they are, in effect, managers of managers, or, as in some organiza- tions, they serve a “directorial” function. Such individuals are, in many ways, considered future executives and perform many low-end executive tasks. They are, if you will, executives in training. What is significant about this managerial level is the knowledge it carries about operations. However, line managers are still involved in daily operations and maintain their own technical capabilities. First­Line Managers First-line individuals manage nonmanagers but can have supervisory employees who report to them. They do not carry the responsibility for a budget line unit but for a department within the unit. These managers have specific goals that can be tied to their performance and to the department’s productivity. Supervisor A supervisor is the lowest-level middle manager. These individu- als manage operational personnel within the department. Their 112 INFORMATION TECHNOLOGY management activities are typically seen as “functions,” as opposed to managing an entire operation. These middle managers do not have other supervisors or management-level personnel reporting to them. We should remember that definitions typically used to character- ize the middle sectors of management, as described by researchers like Peters, Nonaka, and others, do not come from exact science. The point must be made that middle managers cannot be categorized by a single definition. The category requires distinctive definitions within each level of stratification presented. Therefore, being more specific about the level of the middle manager can help us determine the man- ager’s role in the strategic learning process. Given that Nonaka and Takeuchi (1995) provide the concept of middle-up-down as it related to knowledge management, I wish to broaden it into a larger sub- ject of strategic learning, as a method of evolving changes in culture and organizational thinking. Furthermore, responsive organizational dynamism (ROD), unlike other organizational studies, represents both situational learning and ongoing evolutionary learning require- ments. Evolutionary learning provides a difficult challenge to organi- zational learning concepts. Evolutionary learning requires significant contribution from middle managers. To understand the complexity of the middle manager, all levels of the organization must be taken into consideration. I call this process management vectors. Management Vectors Senge’s (1990) work addresses some aspects of how technology might affect organizational behavior: “The central message of the Fifth Discipline is more radical than ‘ radical organization redesign’— namely that our organizations work the way they work, ultimately because of how we think and how we interact” (p. xiv). Technology aspires to be a new variable or catalyst that can change everyday approaches to things—to be the radical change element that forces us to reexamine norms no longer applicable to business operations. On the other hand, technology can be dangerous if perceived unre- alistically as a power that possesses new answers to organizational performance and efficiency. In the late 1990s, we experienced the “bust” of the dot-com explosion, an explosion that challenged conven- tional norms of how businesses operate. Dot-coms sold the concepts 113MAnAGInG orGAnIzAtIonAl leArnInG that brick-and-mortar operations could no longer compete with new technology-driven businesses and that “older” workers could not be transformed in time to make dot-com organizations competitive. Dot-coms allowed us to depart from our commitment to knowledge workers and learning organizations, which is still true today. For example, in 2003, IBM at its corporate office in Armonk, New York, laid off 1,000 workers who possessed skills that were no lon- ger perceived as needed or competitive. Rather than retrain work- ers, IBM determined that hiring new employees to replace them was simply more economically feasible and easier in terms of trans- forming their organization behaviors. However, in my interview with Stephen McDermott, chief executive officer (CEO) of ICAP Electronic Trading Community (ETC), it became apparent that many of the mystiques of managing technology were incorrect. As he stated, “Managing a technology company is no different from manag- ing other types of businesses.” While the technical skills of the IBM workers may no longer be necessary, why did the organization not provide enough opportunities to migrate important knowledge work- ers to another paradigm of technical and business needs? Widespread worker replacements tell us that few organizational learning infra- structures actually exist. The question is whether technology can pro- vide the stimulus to prompt more organizations to commit to creating infrastructures that support growth and sustained operation. Most important is the question of how we establish infrastructures that can provide the impetus for initial and ongoing learning organizations. This question suggests that the road to working successfully with tech- nology will require the kind of organizational learning that is driven by both individual and organization-wide initiatives. This approach can be best explained by referring to the concept of driver and sup- porter functions and life cycles of technology presented in Chapter 3. Figure 5.1 graphically shows the relationship between organizational structure and organizational learning needs. We also see that this relationship maps onto driver and supporter functionality. Figure 5.1 provides an operational overview of the relations between the three general tiers of management in most organizations. These levels or tiers are mapped onto organizational learning approaches; that is, organizational/system or individual. This mapping follows a general view based on what individuals at each of these tiers view or 114 INFORMATION TECHNOLOGY seek as their job responsibilities and what learning method best sup- ports their activities within their environment. For example, execu- tive learning focuses on system-level thinking and learning because executives need to view their organizations in a longer-term way (e.g., return on investment), as opposed to viewing learning on an indi- vidual, transactional event way. Yet, executives play an integral part in long-term support for technology, as an accelerator. Their role within ROD is to provide the stimulus to support the process of cultural assimilation, and they are also very much a component of strategic integration. Executives do not require as much event-driven reflective change, but they need to be part of the overall “social” structure that paves the way for marrying the benefits of technology with organi- zational learning. What executives do need to see, are the planned measurable outcomes linked to performance from the investment of coupling organizational learning with technology. The lack of execu- tive involvement and knowledge will be detrimental to the likelihood of making this relationship successful. Operations, on the other hand, are based more on individual prac- tices of learning. Attempting to incorporate organizational vision and social discourse at this level is problematic until event-driven learning is experienced individually to prove the benefits that can be derived from reflective practices. In addition, there is the problem of the credibility of a learning program. Workers are often wary of new Management/ operational layers Executive tier Middle management tiers Operations tier Support Event-driven individual Reflective practices Organization/ system on driver individual on support Communities of practice (driver) reflective practices (supporter) Driver/support life cycle Organizational learning method Knowledge management Learning approach Organization system Driver/support life cycle involvement Driver Figure 5.1 Three-tier organizational structure. 115MAnAGInG orGAnIzAtIonAl leArnInG programs designed to enhance their development and productivity. Many question the intentions of the organization and why it is mak- ing the investment, especially given what has occurred in corporations over the last 20 years: Layoffs and scandals have riddled organizations and hurt employee confidence in the credibility of employer programs. Ravell showed us that using reflective practices during events pro- duces accelerated change, driven by technological innovation, which in turn, supports the development of the learning organization. It is important at this level of operations to understand the narrow and pragmatic nature of the way workers think and learn. The way opera- tions personnel are evaluated is also a factor. Indeed, operations per- sonnel are evaluated based on specific performance criteria. The most complex, yet combined, learning methods relate to the middle management layers. Line managers, within these layers, are engrossed in a double-sided learning infrastructure. On one side, they need to communicate and share with executives what they perceive to be the “overall” issues of the organization. Thus, they need to learn using an organizational learning approach, which is less dependent on event-driven learning and uses reflective practice. Line managers must, along with their senior colleagues, be able to see the business from a more proactive perspective and use social-oriented methods if they hope to influence executives. Details of events are more of an assumed responsibility to them than a preferred way of interacting. In other words, most executives would rather interface with line manag- ers on how they can improve overall operations efficiently and effec- tively, as opposed to dealing with them on a micro, event-by-event basis. The assumption, then, is that line managers are expected to deal with the details of their operations, unless there are serious problems that require the attention of executives; such problems are usually cor- related to failures in the line manager’s operations. On the other side are the daily relationships and responsibilities managers face for their business units. They need to incorporate more individual-based learning techniques that support reflective practices within their operations to assist in the personal development of their staff. The middle management tier described in Figure 5.1 is shown at a summary level and needs to be further described. Figure 5.2 pro- vides a more detailed analysis based on the three types of middle man- agers described. The figure shows the ratio of organizational learning 116 INFORMATION TECHNOLOGY to individual learning based on manager type. The more senior the manager, the more learning is based on systems and social processes. Knowledge Management There is an increasing recognition that the competitive advantage of organizations depends on their “ability to create, transfer, utilize, and protect difficult-to-intimate knowledge assets” (Teece, 2001, p. 125). Indeed, according to Bertels and Savage (1998), the dominant logic of the industrial era requires an understanding of how to break the learning barrier to comprehending the information era. While we have developed powerful solutions to change internal processes and organizational structures, most organizations have failed to address the cultural dimensions of the information era. Organizational knowledge creation is a result of organizational learning through stra- tegic processes. Nonaka and Takeuchi (1995) define organizational knowledge as “the capability of a company as a whole to create new knowledge, disseminate it throughout the organization, and embody it in products, services, and systems” (p. 3). Nonaka and Takeuchi use the steps shown in Figure 5.3 to assess the value and chain of events surrounding the valuation of organization knowledge. Supervisor High individual- based learning High org/system- based learning Individual System Manager Director Figure 5.2 Organizational/system versus individual learning by middle manager level. Knowledge creation Continuous innovation Competitive advantage Figure 5.3 Nonaka and Takeuchi steps to organizational knowledge. 117MAnAGInG orGAnIzAtIonAl leArnInG If we view the Figure 5.3 processes as leading to competitive advan- tage, we may ask how technology affects the chain of actions that Nonaka and Takeuchi (1995) identify. Without violating the model, we may insert technology and observe the effects it has on each step, as shown in Figure 5.4. According to Nonaka and Takeuchi (1995), to create new knowl- edge means to re-create the company, and everyone in it, in an ongo- ing process that requires personal and organizational self-renewal. That is, knowledge creation is the responsibility of everyone in the organization. The viability of this definition, however, must be ques- tioned. Can organizations create personnel that will adhere to such parameters, and under what conditions will senior management sup- port such an endeavor? Again, technology has a remarkable role to play in substantiat- ing the need for knowledge management. First, executives are still challenged to understand how they need to deal with emerging tech- nologies as this relates to whether their organizations are capable of using them effectively and efficiently. Knowledge management provides a way for the organization to learn how technology will be used to support innovation and competitive advantage. Second, IT departments need to understand how they can best operate within the larger scope of the organization—they are often searching for a true mission that contains measurable outcomes, as defined by the entire organization, including senior management. Third, both execu- tives and IT staff agree that understanding the uses of technology is a continuous process that should not be utilized solely in a reactionary Knowledge creation: Technology provides more dynamic shifts in knowledge, thus accelerating the number of knowledge-creation events that can occur. Continuous innovation: Innovations are accelerated because of the dynamic nature of events and the time required to respond—therefore, continuous innovation procedures are more significant to have in each department in order to respond to technological opportunities on an ongoing basis. Competitive advantage: Technology has generated more global competition. Competitive advantages that depend on technological innovation are more common. Figure 5.4 Nonaka and Takeuchi organizational knowledge with technology extension. 118 INFORMATION TECHNOLOGY and event-driven way. Finally, most employees accept the fact that technology is a major component of their lives at work and at home, that technology signifies change, and that participating in knowledge creation is an important role for them. Again, we can see that technology provides the initiator for understanding how organizational learning is important for com- petitive advantage. The combination of IT and other organizational departments, when operating within the processes outlined in ROD, can significantly enhance learning and competitive advantage. To expand on this point, I now focus on the literature specifically relat- ing to tacit knowledge and its important role in knowledge man- agement. Scholars theorize knowledge management is an ability to transfer individual tacit knowledge into explicit knowledge. Kulkki and Kosonen (2001) define tacit knowledge as an experience-based type of knowledge and skill and as the individual capacity to give intuitive forms to new things; that is, to anticipate and preconcep- tualize the future. Technology, by its very definition and form of being, requires this anticipation and preconceptualization. Indeed, it provides the perfect educational opportunity in which to practice the transformation of tacit into explicit knowledge. Tacit knowledge is an asset, and having individual dynamic abilities to work with such knowledge commands a “higher premium when rapid organic growth is enabled by technology” (Teece, 2001, p.  140). Thus, knowledge management is likely to be greater when technological opportunity is richer. Because evaluating emerging technologies requires the ability to look into the future, it also requires that individuals translate valu- able tacit knowledge, and creatively see how these opportunities are to be judged if implemented. Examples of applicable tacit knowledge in this process are here extracted from Kulkki and Kosonen (2001): • Cultural and social history • Problem-solving modes • Orientation to risks and uncertainties • Worldview organizing principles • Horizons of expectations I approach each of these forms of tacit knowledge from the per- spective of the components of ROD as shown in Table 5.1. 119MAnAGInG orGAnIzAtIonAl leArnInG It is not my intention to suggest that all technologies should be, or can be, used to generate competitive advantage. To this extent, some technologies may indeed get rejected because they cannot assist the organization in terms of strategic value and competitive advantage. As Teece (2001) states, “Information transfer is not knowledge transfer and information management is not knowledge management, although the former can assist the latter. Individuals and organizations can suffer from information overload” (p. 129). While this is a significant issue for many firms, the ability to have an organization that can select, interpret, Table 5.1 Mapping Tacit Knowledge to Responsive Organizational Dynamism TACIT KNOWLEDGE STRATEGIC INTEGRATION CULTURAL ASSIMILATION Cultural and social history How the IT department and other departments translate emerging technologies into their existing processes and organization. Problem-solving modes Individual reflective practices that assist in determining how specific technologies can be useful and how they can be applied. Technology opportunities may require organizational and structural changes to transfer tacit knowledge to explicit knowledge. Utilization of tacit knowledge to evaluate probabilities for success. Orientation to risks and uncertainties Technology offers many risks and uncertainties. All new technologies may not be valid for the organization. Tacit knowledge is a valuable component to fully understand realities, risks, and uncertainties. Worldviews Technology has global effects and changes market boundaries that cross business cultures. It requires tacit knowledge to understand existing dispositions on how others work together. Review how technology affects the dynamics of operations. Organizing principles How will new technologies actually be integrated? What are the organizational challenges to “rolling out” products and to implementation timelines? What positions are needed, and who in the organization might be best qualified to fill new responsibilities? Identify limitations of the organization; that is, tacit knowledge versus explicit knowledge realities. Horizons of expectations Individual limitations in the tacit domain that may hinder or support whether a technology can be strategically integrated into the organization. 120 INFORMATION TECHNOLOGY and integrate information is a valuable part of knowledge management. Furthermore, advances in IT have propelled much of the excitement surrounding knowledge management. It is important to recognize that learning organizations, reflective practices, and communities of prac- tice all participate in creating new organizational knowledge. This is why knowledge management is so important. Knowledge must be built on its own terms, which requires intensive and laborious interactions among members of the organization. Change Management Because technology requires that organizations accelerate their actions, it is necessary to examine how ROD corresponds to theories in organizational change. Burke (2002) states that most organiza- tional change is evolutionary; however, he defines two distinct types of change: planned versus unplanned and revolutionary versus evolu- tionary. Burke also suggests that the external environmental changes are more rapid today and that most organizations “are playing catch up.” Many rapid changes to the external environment can be attrib- uted to emerging technologies, which have accelerated the divide between what an organization does and what it needs to do to remain competitive. This is the situation that creates the need for ROD. The catching-up process becomes more difficult because the amount of change required is only increasing given ever-newer technologies. Burke (2002) suggests that this catching up will likely require planned and revolutionary change. Such change can be mapped onto much of my work at Ravell. Certainly, change was required; I planned it, and change had to occur. However, the creation of a learning organiza- tion, using many of the organizational learning theories addressed in Chapter 4, supports the eventual establishment of an operating organization that can deal with unplanned and evolutionary change. When using technology as the reason for change, it is then important that the components of ROD be integrated with theories of organi- zational change. History has shown that most organizational change is not success- ful in providing its intended outcomes, because of cultural lock-in. Cultural lock­in is defined by Foster and Kaplan (2001) as the inability of an organization to change its corporate culture even when there 121MAnAGInG orGAnIzAtIonAl leArnInG are clear market threats. Based on their definition, then, technology may not be able to change the way an organization behaves, even when there are obvious competitive advantages to doing so. My con- cern with Foster and Kaplan’s conclusion is whether individuals truly understand exactly how their organizations are being affected—or are we to assume that they do understand? In other words, is there a pro- cess to ensure that employees understand the impact of not changing? I believe that ROD provides the infrastructure required to resolve this dilemma by establishing the processes that can support ongoing unplanned and evolutionary change. To best show the relationship of ROD to organizational change theory, I use Burke’s (2002) six major points in assisting change in organizations: 1. Understanding the external environment: What are competitors and customers’ expectations? This is certainly an issue, specif- ically when tracking whether expected technologies are made available in the client– vendor relationship. But, more critical is the process of how emerging technologies, brought about through external channels, are evaluated and put into produc- tion; that is, having a process in place. Strategic integration of ROD is the infrastructure that needs to facilitate the moni- toring and management of the external environment. 2. Evaluation of the inside of the organization: This directly relates to technology and how it can be best utilized to improve internal operations. While evaluation may also relate to a restructuring of an organization’s mission, technology is often an important driver for why a mission needs to be changed (e.g., expanding a market due to e-commerce capabilities). 3. Readiness of the organization: The question here is not whether to change but how fast the organization can change to address technological innovations. The ROD arc provides the steps necessary to create organizations that can sustain change as a way of operation, blending strategic integration with cultural assimilation. The maturation of learning: moving toward sys- tem-based learning also supports the creation of infrastruc- tures that are vitally prepared for changes from emerging technologies. 122 INFORMATION TECHNOLOGY 4. Cultural change as inevitable: Cultural assimilation essentially demands that organizations must dynamically assimilate new technologies and be prepared to evolve their cultures. Such evolution must be accelerated and be systemic within business units, to be able to respond effectively to the rate of change created by technological innovations. 5. Making the case for change: It is often difficult to explain why change is inevitable. Much of the need for change can be sup- ported using the reflective practices implemented at Ravell. However, such acceptance is directly related to the process of time. Major events can assist in establishing the many needs for change, as discussed by Burke (2002). 6. Sustaining change: Perhaps the strongest part of ROD is its ability to create a process that is evolutionary and systemic. It focuses on driving change to every aspect of the organization and provides organizational learning constructs to address each level of operation. It addresses what Burke (2002) calls the “prelaunch, launch, postlaunch, and sustaining,” in the important sequences of organizational change (p. 286). Another important aspect of change management is leadership. Leadership takes many forms and has multiple definitions. Technology plays an interesting role in how leadership can be presented to orga- nizations, especially in terms of the management style of leadership, or what Eisenhardt and Bourgeois (1988) have coined as “power cen- tralization.” Their study examines high-velocity environments in the microcomputer industry during the late 1980s. By high velocity, they refer to “those environments in which there is a rapid and discon- tinuous change in demand, competitors, technology, or regulation, so that information is often inaccurate, unavailable, or obsolete” (p. 738). During the period of their study, the microcomputer industry was undergoing substantial technological change, including the introduc- tion of many new competitors. As it turns out, the concept of high velocity is becoming more the norm today given the way organizations find themselves needing to operate in constant fluxes of velocity. The term power centralization is defined as the amount of decision-making control wielded by the CEO. Eisenhardt and Bourgeois’s study finds that the more the CEO engages in power-centralized leadership, 123MAnAGInG orGAnIzAtIonAl leArnInG the greater the degree of politics, which has a negative impact on the strategic performance of the firms examined. This finding suggests that the less democratic the leadership is in high-velocity environ- ments, the less productive the organization will be. Indeed, the study found that when individuals engaged in team learning, political ten- sion was reduced, and the performance of the firms improved. The structure of ROD provides the means of avoiding the high- velocity problems discovered by the Eisenhardt and Bourgeois (1988) study. This is because ROD allows for the development of more indi- vidual learning, as well as system thinking, across the executive ranks of the business. If technology is to continue to establish such high velocities, firms need to examine the Eisenhardt and Bourgeois study for its relevance to everyday operations. They also need to use orga- nizational learning theories as a basis for establishing leadership that can empower employees to operate in an accelerated and unpredict- able environment. Change Management for IT Organizations While change management theories address a broad population in organizations, there is a need to create a more IT-specific approach to address the unique needs of this group. Lientz and Rea (2004) estab- lish five specific goals for IT change managers: 1. Gain support for change from employees and non-IT managers. 2. Implement change along measurements for the work so that the results of the change are clearly determined. 3. Implement a new culture of collaboration in which employees share more information and work more in teams. 4. Raise the level of awareness of the technology process and work so that there is less of a tendency for reversion. 5. Implement an ongoing measurement process for the work to detect any problems. Lientz and Rea’s (2004) position is that when a new culture is instilled in IT departments, it is particularly important that it should not require massive management intervention. IT people need to be self-motivated to keep up with the myriad accelerated changes in the 124 INFORMATION TECHNOLOGY world of technology. These changes occur inside IT in two critical areas. The first relates to the technology itself. For example, how do IT personnel keep up with new versions of hardware and software? Many times, these changes come in the form of hardware (often called system) and software upgrades from vendors who require them to maintain support contracts. The ongoing self-management of how such upgrades and changes will ultimately affect the rest of the organization is a major challenge and one that is difficult to manage top-down. The second area is the impact of new or emerg- ing technologies on business strategy. The challenge is to develop IT personnel who can transform their technical knowledge into busi- ness knowledge and, as discussed, take their tacit knowledge and convert it into explicit, strategic knowledge. Further understanding of the key risks to the components of these accelerated changes is provided as follows: System and software version control: IT personnel must continue to track and upgrade new releases and understand the impact of product enhancements. Some product-related enhance- ments have no bearing on strategic use; they essentially fix problems in the system or software. On the other hand, some new releases offer new features and functions that need to be communicated to both IT and business managers. Existing legacy systems: Many of these systems cannot support the current needs of the business. This often forces IT staff to figure out how to create what is called “workarounds” (quick fixes) to these systems. This can be problematic given that workarounds might require system changes or modifications to existing software. The risk of these changes, both short and long term, needs to be discussed between user and IT staff communities of practice. Software packages (off­the­shelf software): Since the 1990s, the use of preprogrammed third-party software packages has become a preferred mode of software use among users. However, many of these packages can be inflexible and do not support the exact processes required by business users. IT personnel need to address users’ false expectations about what software packages can and cannot do. 125MAnAGInG orGAnIzAtIonAl leArnInG System or software changes: Replacement of systems or software applications is rarely 100% complete. Most often, remnants of old systems will remain. IT personnel can at times be insensi- tive to the lack of a complete replacement. Project completion: IT personnel often misevaluate when their involvement is finished. Projects are rarely finished when the software is installed and training completed. IT staff tend to move on to other projects and tasks and lose focus on the like- lihood that there will be problems discovered or last-minute requests made by business users. Technical knowledge: IT staff members need to keep their techni- cal skills up to date. If this is not done, emerging technolo- gies may not be evaluated properly as there may be a lack of technical ability inside the organization to map new technical developments onto strategic advantage. Pleasing users : While pleasing business users appears to be a good thing, it can also present serious problems with respect to IT projects. What users want, and what they need, may not be the same. IT staff members need to judge when they might need assistance from business and IT management because users may be unfairly requesting things that are not feasible within the constraints of a project. Thus, IT staff must have the ability to articulate what the system can do and what might be advisable. These issues tend to occur when certain business users want new systems to behave like old ones. Documentation: This, traditionally, is prepared by IT staff and contains jargon that can confuse business users. Furthermore, written procedures prepared by IT staff members do not con- sider the entire user experience and process. Training: This is often carried out by IT staff and is restricted to covering system issues, as opposed to the business realities surrounding when, how, and why things are done. These issues essentially define key risks to the success of imple- menting technology projects. Much of this book, thus far, has focused on the process of organizational learning from an infrastructure per- spective. However, the implementation component of technology possesses new risks to successfully creating an organization that can 126 INFORMATION TECHNOLOGY learn within the needs of ROD. These risks, from the issues enumer- ated, along with those discussed by Lientz and Rea (2004) are sum- marized as follows: Business user involvement: Continuous involvement from busi- ness users is necessary. Unfortunately, during the life of a proj- ect there are so many human interfaces between IT staff and business users that it is unrealistic to attempt to control these communications through tight management procedures. Requirements, definition, and scope: These relate to the process by which IT personnel work with business users to deter- mine exactly what software and systems need to accomplish. Determining requirements is a process, not a predetermined list that business users will necessarily have available to them. The discourse that occurs in conversations is critical to whether such communities are capable of developing require- ments that are unambiguous in terms of expected outcomes. Business rules: These rules have a great effect on how the organi- zation handles data and transactions. The difference between requirements and business rules is subtle. Specifically, busi- ness rules, unlike requirements, are not necessarily related to processes or events of the business. As such, the determina- tion of business rules cannot be made by reviewing proce- dures; for example, all account numbers must be numeric. Documentation and training materials: IT staff members need to interact with business users and establish joint processes that foster the development of documentation and training that best fit user needs and business processes. Data conversion: New systems and applications require that data from legacy systems be converted into the new formats. This process is called data mapping; IT staff and key business users review each data field to ensure that the proper data are rep- resented correctly in the new system. IT staff members should not be doing this process without user involvement. Process measurement: Organizations typically perform a post- completion review after the system or software application is installed. Unfortunately, this process measurement should occur during and after project completion. 127MAnAGInG orGAnIzAtIonAl leArnInG IT change management poses some unique challenges to imple- menting organizational learning, mostly because managers cannot conceivably be available for all of the risks identified. Furthermore, the very nature of new technologies requires that IT staff mem- bers develop the ability to self-manage more of their daily functions and interactions, particularly with other staff members outside the IT department. The need for self-development is even more critical because of the existence of technological dynamism, which focuses on dynamic and unpredictable transactions that often must be han- dled directly by IT staff members and not their managers. Finally, because so many risks during technology projects require business user interfaces, non-IT staff members also need to develop better and more efficient self-management than they are accustomed to doing. Technological dynamism, then, has established another need for change management theory. This need relates to the implementation of self-development methods. Indeed, part of the reason for the lack of success of IT projects can be attributed to the inability of the core IT and business staff to perform in a more dynamic way. Historically, more management cannot provide the necessary learning and reduc- tion of risk. The idea of self-development became popular in the early 1980s as an approach to the training and education of managers, and managers to be. Thus, the focus of management self-development is to increase the ability and willingness of managers to take responsibility for themselves, particularly for their own learning (Pedler et al., 1988). I believe that management self-development theory can be applied to nonmanagers, or to staff members, who need to practice self-manage- ment skills that can assist them in transitioning to operating under the conditions of technological dynamism. Management self-development draws on the idea that many peo- ple emphasize the need for learner centeredness. This is an impor- tant concept in that it ties self-development theory to organizational learning, particularly to the work of Chris Argyris and Malcolm Knowles. The concept of learner centeredness holds that individuals must take prime responsibility for their own learning: when and how to learn. The teacher (or manager) is assigned the task of facilitator—a role that fosters guidance as opposed to direct initiation of learning. In many ways, a facilitator can be seen as a mentor whose role it is to 128 INFORMATION TECHNOLOGY guide an individual through various levels of learning and individual development. What makes self-development techniques so attractive is that learners work on actual tasks and then reflect on their own efforts. The methods of reflective practice theory, therefore, are applicable and can be integrated with self-development practices. Although self- development places the focus on the individual’s own efforts, manag- ers still have responsibilities to mentor, coach, and counsel their staff. This support network allows staff to receive appropriate feedback and guidance. In many ways, self-development relates to the professional process of apprenticeship but differs from it in that the worker may not aspire to become the manager but may wish simply to develop better management skills. Workers are expected to make mistakes and to be guided through a process that helps them reflect and improve. This is why self-development can be seen as a management issue as opposed to just a learning theory. A mentor or coach can be a supervisor, line manager, director, or an outside consultant. The bottom line is that technological dyna- mism requires staff members who can provide self- management to cope with constant project changes and risks. These individu- als must be able to learn, be self-aware of what they do not know, and possess enough confidence to initiate the required learning and assistance that they need to be successful (Pedler et al., 1988). Self-development methods, like other techniques, have risks. Most notable, is the initial decrement in performance followed by a slow increment as workers become more comfortable with the process and learn from their mistakes. However, staff members must be given support and time to allow this process to occur; self-development is a trial-and-error method founded on the basis of mastery learning (i.e., learning from one’s mistakes). Thus, the notion of self-development is both continuous and discontinuous and must be implemented in a series of phases, each having unique outcomes and maturity. The concept of self-development is also consistent with the ROD arc, in which early phases of maturation require more individual learning, particularly reflective practices. Self-development, in effect, becomes a method of indirect man- agement to assist in personal transformation. This personal trans- formation will inevitably better prepare individuals to participate 129MAnAGInG orGAnIzAtIonAl leArnInG in group- and organizational-level learning at later stages of maturation. The first phase of establishing a self-development program is to create a “learning-to-learn” process. Teaching individuals to learn is a fundamental need before implementing self-development techniques. Mumford (1988) defines learning to learn as 1. Helping staff to understand the stages of the learning process and the pitfalls to not learning 2. Helping staff to find their own preferences to learning 3. Assisting staff in understanding their present learning prefer- ences and how to deal with, and overcome, learning weaknesses 4. Helping staff to build on their learning experience and apply it to their current challenges in their job The first phase of self-development clearly embraces the Kolb (1999) Learning Style Inventory and the applied individual learn- ing wheel that were introduced in Chapter 4. Thus, all staff members should be provided with both of these learning wheels, made aware of their natural learning strengths and weaknesses, and provided with exercises to help them overcome their limitations. Most important is that the Kolb system will make staff aware of their shortfalls with learning. The applied individual learning wheel will provide a per- spective on how individuals can link generic learning preferences into organizational learning needs to support ROD. The second phase of self-development is to establish a formal learn- ing program in which staff members 1. Are responsible for their own learning, coordinated with a mentor or coach 2. Have the right to determine how they will meet their own learning needs, within available resources, time frames, and set outcomes 3. Are responsible for evaluating and assessing their progress with their learning In parallel, staff coaches or mentors 1. Have the responsibility to frame the learning objectives so that they are consistent with agreed-on individual weaknesses 130 INFORMATION TECHNOLOGY 2. Are responsible for providing access and support for staff 3. Must determine the extent of their involvement with mentor- ing and their commitment to assisting staff members achieve stated outcomes 4. Are ultimately responsible for the evaluation of individual’s progress and success This program must also have a formal process and structure. According to Mossman and Stewart (1988), formal programs, called self-managed learning (SML), need the following organization and materials: 1. Staff members should work in groups as opposed to on their own. This is a good opportunity to intermix IT and non- IT staff with similar issues and objectives. The size of these groups is (typically) from four to six members. Groups should meet every two– three weeks, and should develop what are known as learning contracts . Learning contracts specifically state what the individual and management have agreed on. Essentially, the structure of self-development allows staff members to experience communities of practice, which by their very nature, will also introduce them to group learning and system-level thinking. 2. Mentors or coaches should preside over a group as opposed to presiding over just one individual. There are two benefits to doing this: (1) There are simply economies of scale for which managers cannot cover staff on an individual basis, and (2) facilitating a group with similar objectives benefits interac- tion among the members. Coaches obviously need to play an important role in defining the structure of the sessions, in offering ideas about how to begin the self-development pro- cess, and in providing general support. 3. Staff members need to have workbooks, films, courses, study guides, books, and specialists in the organization, all of which learners can use to help them accomplish their goals. 4. Typically, learning contracts will state the assessment meth- ods. However, assessment should not be limited only to indi- viduals but also should include group accomplishments. 131MAnAGInG orGAnIzAtIonAl leArnInG An SML should be designed to ensure that the learning program for staff members represents a commitment by management to a for- mal process, that can assist in the improvement of the project teams. The third phase of self-development is evaluation. This process is a mixture of individual and group assessments from phase II, coupled with assessments from actual practice results. These are results from proven outcomes during normal workday operations. To garner the appropriate practice evaluation, mentors and coaches must be involved in monitoring results and noting the progress on specific events that occur. For example, if a new version of software is implemented, we will want to know if IT staff and business users worked together to determine how and when it should be implemented. These results need to be formally communicated back to the learning groups. This process needs to be continued on an ongoing basis to sustain the effects of change management. Figure 5.5 represents the flow of the three phases of the process. The process for self-development provides an important approach in assisting staff to perform better under the conditions of technologi- cal dynamism. It is one thing to teach reflective practice; it is another Individual learning contracts Learning styles inventory Self-managed learning program communities of practice IT and non-IT staff Phase 1: Establish learning to learn objectives Phase 2: Create formal learning program Make necessary changes to self- development learning Individual and group assessment monitor operations for measurable outcomes Phase 3: Implement evaluation Figure 5.5 Phases of self-development. 132 INFORMATION TECHNOLOGY to get staff members to learn how to think in a manner that takes into consideration the many risks that have plagued systems and software projects for decades. While the role of management continues to play a major part in getting things done within strategic objectives, self- development can provide a strong learning method, that can foster sustained bottom-up management, which is missing in most learning organizations. The Ravell case study provides some concrete evidence on how self-development techniques can indeed get results. Because of the time pressures at Ravell, I was not able to invest in the learning-to- learn component at the start of the process. However, I used informal methods to determine the learning preferences of the staff. This can be accomplished through interviews in which staff responses can pro- vide a qualitative basis for evaluating how specific personnel prefer to learn. This helped me to formulate a specific training program that involved group meetings with IT and non-IT-oriented groups. In effect, phase II at Ravell had two communities. The first com- munity was the IT staff. We met each week to review progress and to set short-term objectives of what the community of IT wanted to accomplish. I acted as a facilitator, and although I was in a power position as their manager, I did not use my position unless there were clear signs of resistance in the team (which there were in specific situ- ations). The second community was formed with various line manager departments. This is where I formed “dotted-line” reporting struc- tures, which required IT staff members also to join other commu- nities of practice. This proved to be an invaluable strategy because it brought IT and business users together and formed the links that eventually allowed IT staff members to begin to learn and to form relationships with the user community, which fostered reflective thinking and transformation. As stated, there are setbacks at the start of any self-development program, and the experience at Ravell was no exception. Initially, IT staff members had difficulty understanding what was expected of them; they did not immediately perceive the learning program as an opportunity for their professional growth. It was through ongo- ing, motivated discourse in and outside of the IT community that helped achieve measurable increments of self-developmental growth. Furthermore, I found it necessary to integrate individual coaching 133MAnAGInG orGAnIzAtIonAl leArnInG sessions with IT staff. While group sessions were useful, they were not a substitute for individual discussions, which at times allowed IT staff members to personally discuss their concerns and learning requirements. I found the process to be ultimately valuable, and I maintained the role of coach, as opposed to that of a manager who tells IT staff members what to do in every instance. I knew that direct management only would never allow for the development of learning. Eventually, self-development through discourse will foster identity development. Such was the case at Ravell, where both user and IT groups eventually came together to form specific and interactive com- munities of practice. This helped form a clearer identity for IT staff members, and they began to develop the ability to address the many project risk issues that I defined in this chapter. Most important for the organization was that Ravell phase I built the foundation for later phases that required more group and system thinking among the IT ranks. Evaluation of the performance at Ravell (phase III of the self- development process) was actually easier than expected, which means that if the first two phases are successful, evaluation will naturally be easy to determine. As reflective thinking became more evident in the group, it was easier to see the growth in transformative behavior; the IT groups became more proactive and critical by themselves, without necessarily needing my input. In fact, my participation fell into more of a supporter role; I was asked to participate more when I felt needed to provide a specific task for the group. Evaluation based on perfor- mance was also easier to determine, mainly because we had formed interdepartmental communities and because of the relationships I established with line managers. Another important decision we made and one that nurtured our evaluation capabilities was the fact that line managers often joined our IT staff meetings. So, getting feedback on actual results was always open for discussion. Viewing self-development in the scope of organizational learning and management techniques provides an important support method for later development in system thinking. The Ravel experience did just that, as the self-development process inevitably laid the foun- dation for more sophisticated organizational learning, required as a business matures under ROD. 134 INFORMATION TECHNOLOGY Social Networks and Information Technology The expansion of social networks, through the use of technological innovations, has substantially changed the way information flows in and out of a business community. Some companies, particularly in the financial services communities, have attempted to “lock out” social network capabilities. These attempts are ways for organizations to control, as opposed to change, behavior. Historically, such controls to enforce compliance have not worked. This is particularly relevant because of the emergence of a younger generation of workers who use social networking tools as a regular way to communicate and carry out discourse. Indeed, social networking has become the main vehicle for social discourse both inside and outside organizations. There are those who feel that the end of confidentiality may be on the horizon. This is not to suggest that technology executives give up on security—we all know this would be ludicrous. On the other hand, the increasing pressure to “open” the Web will inevitably become too significant to ignore. Thus, the technology executive of the future must be prepared to provide desired social and professional networks to their employees while figuring out how to minimize risk—certainly not an easy objec- tive. Organizations will need to provide the necessary learning tech- niques to help employees understand the limits of what can be done. We must r