Global IT Transition Framework

Based on the review of the global IT literature and its issues, an organization's IT structure can be divided into four classes (Sankar & Prabhakar, 1992; Lan, 2002), and they are:

1. Global IT infrastructure-refers to system hardware

2. Global business applications-refers to systems software

3. Global telecommunication network-refers to communication

4. Data/information systems improvement-refers to data and information

In order to obtain in depth understanding of the global IT management issues, the following sections investigate each of these classes and explore the corresponding issues for the conceptual direction of global IT transition.

Global Information Technology Infrastructure

Global information technology infrastructure is made up of the equipment and facilities that support the global information systems. It can be classified in four categories:

1. Computer hardware—includes workstations (desktop computers, terminals), mainframes, servers, digital cameras, printers, and scanners.

2. Network related facilities—includes cables, modems, gateways, routers, adapters, bridges, converters, hubs, concentrators, repeaters, switches, transceivers, and multiplexers.

3. Backup equipment—includes storage facilities such as tape and disk, and uninterrupted power supply (UPS) devices.

4. Mobile equipment—includes notebook computers, personal digital assistants (PDAs), mobile phones and wireless facilities.

Global Business Applications

Global business applications refer to the agents, or instruments that make the business operation. These agents are principally business functional and personal software applications in the global business environment. Hence, effective management and utilization of these applications is critical to the construction and operation of global information systems. Furthermore, issues such as handling systems integration, maintaining software application availability, and applying systems standards are imperative to the successful implementation and management of global information systems. Thus they are further explored in the following sections.

Systems Integration

Systems do not operate in isolation. They are always interconnected to each other. When developing new global information systems, the organization must ensure that the designs and structures of the new systems are flexible enough to connect and integrate with the existing systems. The compelling reason to integrate the systems is that organizations need to continue to flourish in the constantly changing competitive business environment. The need for systems integration is also driven by new forms of businesses, such as transition of the organization's business from domestic context to global perspective. Systems integration allows organizations to expand their business operations and services.

In planning for systems integration, the scope and objectives should be clearly identified to ensure that new systems and equipment are able to work with the existing components. This can be achieved by applying Mische's (1998) four states of systems integration strategy, which are:

1. Interconnectivity—is the initial and the fundamental state in the systems integration. It requires all new and existing information system components and equipment to connect and work together. This includes the sharing of peripherals such as printers, scanners, and backup devices through network communications, the creation of gateways that allow different components to interact each other, and the development of interfaces that permit separate applications to communicate and even integrate into a single system.

2. Interoperability—means that all interconnected information system components and equipment should be able to function and interact with each other. For example, a new deployment of global inventory system should be designed to function and interoperate with the current regional or domestic inventory systems. The implementation of interoperability is carried out through the interconnected information technology facilities that are the information infrastructure of the organization. For most organizations, interoperability is considered as the key state of systems integration.

3. Semantic consistency—refers to the concern of consistency at data level. Once the information system components and equipment are interconnected and operational, organizational users are able to access systems and manipulate data (create, retrieve, modify, and delete) across business units around the world. For this reason, the implementation of global databases management is essential to prevent data duplication, redundancy, and instability.

4. Convergent integration—systems integration involves a lot more than the integration of the information system components, technology, and global database management. Convergent integration involves the amalgamation of components and technology with business processes, people, skills, and knowledge. In Ginige et al.'s (2001) "e-business transformation roadmap," convergence is also an imperative stage which involves the integration of information technology with both internal and external business processes. In addition to the above requirements in the convergent integration state, the convergence in global organization also incorporates the organizational structure and other business factors (Mische, 1998). Thus, the proposed convergence model for information systems in a global organization involves the consideration of eight components, namely organizational structure, information system components, data and database management, knowledge, skills, people, external business processes, and internal business processes. This is illustrated in Figure 1 and described on the following page.

   
   Figure 1: Convergence model for information systems in the global organization

The proposed convergence model aims to provide global organizations with an overview of the integration of planning systems during the development of global information systems. Development of global information systems does not merely involve design and construction of software applications; it requires consideration of business factors and operations from a global perspective. The factors are business components that need to be identified and linked through a process towards the convergence state. To succeed in the development of integrated global information systems, it is imperative to recognize how these components are related and incorporated into information systems. By adopting the model, organizations are expected to develop an effective global information system that would carry out the global business operations as well as enhance the interconnection of dispersed business units around the world. The following points provide detailed descriptions of each component in the convergence model.

1. Organizational structure—refers to the management and strategic hierarchy of the business. Four types of multinational corporations include multinational, international, global, and transnational organizational structures (Bartlett & Ghoshal, 1998).

2. Information system components—include parts, modules, and components that are involved in the enterprise's global information systems such as IT infrastructure, business applications, and telecommunication networks mentioned in the earlier section.

3. Data and database management—data can be seen as one of the most valuable assets in any firms, and it is even more critical in global enterprises. By applying appropriate database management systems, enterprises are able to effective by manipulate and mange data from diverse business units globally.

4. Knowledge—through effective management of global database systems the collection of information from various sources can be transformed into invaluable knowledge that would provide senior executives rigorous supports in decision-making situations.

5. Skills—refer to the competence and capability that employees are required to have to accomplish daily business operations.

6. People—refer to staff members regardless of location.

7. External business processes—contains business functions linking different enterprises. For example, supply chain management, customer relationship management, and supplier relationship management.

8. Internal business processes—comprise high-level business functions within the enterprise such as management, finance, accounting, inventory, production, sales, and marketing.

Software Applications Availability

Software applications either can be purchased off-the-shelf, or can be written in-house. Many enterprises have adopted off-the-shelf software applications as the business tools that enable employees to carry out their business operations. For example, some of these applications include general office automation software such as word processors, spreadsheets, and project plan; special purpose applications like engineering and designing softwares. In a global organization, the availability of software applications in each business unit and subsidiary has a direct influence on the effectiveness of cross-border information sharing and communication, efficient performance of business operations and collaborative teamwork. For instance, if the organization has decided to use AutoCAD as the designing tool for their products, then it should be made available for all business units and subsidiaries that require to view, modify, and create designs.

Additionally, an alternative is provided by "component-based" technologies, wherein ready-made components are put together to form an application. These applications, when made available on the Internet, are able to provide information to employees, enabling them to become knowledge workers. Under certain conditions, and for some functionality, even potential clients can use software applications (for example, calculators for home loan or home content insurances).

Systems Standards

Systems standards are an important issue when dealing with the global information systems in terms of the development, operation, communication, and maintenance. Three levels of systems standards should be considered including at project level, organizational level, and industrial level.

1. Project level standards—it is mainly dealing with the analysis, design and development of the new global information systems. In the analysis and design stage, business functions and operations are often presented in models. These models should be standardized to provide the convenience of communications between development teams, users, and managers. The solution is to introduce a unique modeling technique that is well presented and accepted by most of developers, business and industrial users. For example, the Unified Modeling Language (UML) is a modeling technique that fulfils the requirement. In the development phase as well, the development teams should focus on few standard programming languages. This would facilitate the tasks for the purposes of future integration and maintenance.

2. Organizational level—the focus of standards at the organizational level is the business process. For a global organization to be efficient, one would expect that multiple, dispersed business units carry out business processes in a similar manner. It would be very difficult to develop global information systems when a business process is implemented in different ways by different business units. Consequently, the organization must make sure each business process has a unique and standard procedure for any required business unit. In addition to the business processes, the systems operation and maintenance procedures should be standardized throughout the organization. These standards then apply to all projects within the organization.

3. Industrial level—this is based on quality evaluation of the organization's products and services. The implementation of global information systems should be incorporated into the organization's quality assurance policy and procedures to ensure the products and services are in a constant quality level. ISO (International Organization for Standardization) assurance system, for instance, is one of the well-known standards to enable organizations to consistently produce products and services that will meet the customer and regulatory requirements, and address customer satisfaction.

Global Telecommunication Network

The current telecommunication and networking infrastructure serves as the global organization's nervous system that interconnects the information systems of dispersed business units through the telecommunication and internetworking protocol called TCP/IP (see Figure 2). To maintain continuous and quality services of the networking systems, the global organization should be concerned about the availability of network bandwidth, national telecommunication services, and networking facilities and equipment as well as essential security strategies for both collection and distribution of business information.

Figure 2: Internetworking through TCP/IP protocol

Network Bandwidth

The network bandwidth continuous to be an issue for a global organization because of its limitation and delay of transmitting large-sized high-volume files across business units. Although the speed of data transmission has reached a certain degree of satisfaction such as instant e-mail delivery, the capability of delivering large-sized files in real-time mode is still unreliable.

Furthermore, the network bandwidth may also rely on the telecommunication services of individual nations. Depending on the level of ICT (information and communication technology) adoption, some nations have advanced telecommunication infrastructure and services (such as the availability of cable, ADSL or mobile communications) while others may provide elementary supports only (dial-up connection). For this reason, the network bandwidth issue should be taken into account when planning the global information systems development strategy.

Telecommunication Availability

To make the effective use of information technology, the availability of connecting between business units in a global organization seems to be prominent than other domestic companies. Hence, all types of connection methods should be considered to provide the best performance of a global organization's information systems. Furthermore, availability of connections in today's world is imperative to the success of global business operations, particularly in electronic business. Although most of the developed and developing countries have cutting edge technology, organizations still have to realize the available telecommunication services provided by each proposed country in terms of the availability, flexibility and feasibility.

Network Infrastructure

Network infrastructure is the communication backbone for flow of data and information in any enterprises. As business units are required to interconnect each other, the network infrastructure is even imperative for the global organizations. An appropriate network infrastructure is crucial as it enhances the intra-organizational communication services for global business operations in a number of perspectives, such as real-time communications within or cross-regional borders, ability to reach out each end-node within the organization, to be used as fundamental architecture for organization-wide application deployment base, and full utilization in terms of bandwidth and costs.

In addition to the network infrastructure itself, network maintenance is also an important task that requires a well-defined strategy. A well-defined network maintenance strategy will include the control of users on the network, implementation of various security levels on accessing facilities and applications, maintenance of the software license agreements across the network, agreement of standard application setup and upgrade procedures to a single source, implementation of efficient backup procedures, maintenance of virus protection strategy, and implementation of constant network transmission speed (bandwidth) to meet certain business requirements.

Data and Information Systems Improvement

In the modern digital world, it is believed that data and information is the imperative asset of any organization and it should be made available whenever needed. Furthermore, efficient organization and utilization of data and information would result in the creation of new knowledge that may provide organizations with critical information in decision-making. On the other hand, the sensitivity of data and information requires carefully planned maintenance, security and recovery strategies. Issues in relation to data and information improvement include data resources utilization, security, and systems recovery, as described below.

Data Resources Utilization

In the global business environment, more data resources are available than local business environment. Data can be collected from a variety of sources such as customers, suppliers, employees, managers, as well as for business processes, business units, and subsidiaries and so forth. One way of utilizing business data is through the creation of data warehouses with the ability to drill down deep inside the data and ascertain new and innovative correlationships between various data items. Therefore, understanding and utilizing data is not merely creation of information systems, but creation and sharing of knowledge. Good utilization of data deals with capturing, storing and retrieving unique relationships between pieces of information that are known as "knowledge." Usually, this knowledge remains in the minds of people. Good data utilization means good "electronification" of knowledge. Examples of data utilization include sales forecast, prediction of market demands, support of decision-making, allocation of human resources, and business negotiation.

In addition to the way that we use data, it is also important to "manage" this data. Effective data management is crucial as it facilitates the data to be transformed into information and knowledge for maximum use in the organization. This requires regular backups, offsite storage of databases, as well as regular cleanups of databases so that they are not riddled with redundant and archaic data items. Finally in addition to backing up data, respective versions of software that specifically deal with the data should also be backed up to facilitate retrieval.

Security

As more and more business operations are transformed into global arena and cyberspace, organizations have to face an increasing number of security related threats than before. It is crucial that the organization constructs a realistic security strategy early in the global transition process. Various elements should be considered in the development of the security strategy, including the connection with business strategy, the organization's security and privacy policy, authentication, authorization, administration, recovery, and enabling technology and issues. These are discussed in detail below.

1. Connection with business strategy—The security plan must be linked with the organization business strategy. All decisions must be passed through the filter of the organizational structure and business models. In global organization structure, the security plan should cover the headquarters as well as foreign business units and subsidiaries.

2. Policy—All of the organization's security and privacy policies and procedures must be codified, communicated, and updated on a regular basis. The security policy needs to be specific enough to reduce ambiguity. All levels of employees should be aware of the policy and the training programs may be conducted where needed. Some essential items that may be included in the organization's security are data access, applications access, network access, software, privacy, business resumption planning, systems design and development, and risk assessments.

3. Authentication—Authentication is commonly done through the use of logon passwords. In the networked global information systems, password policies should be well developed to efficiently control the use of applications or systems, and minimize complicated administrative tasks. Firewall is another import aspect an organization should focus on when planning its authentication strategy.

4. Authorization—Once users are authenticated, they need to be monitored according to a pre-defined authorization schema. Access to networks, applications, and databases needs to be defined, and individual and classes of users need to know where they can go and what they can do once they get there.

5. Administration—All security and privacy policy, authentication, authorization, and recovery requires administration. Organizations need to ensure the consideration of methods, tools, techniques, and processes as main part of the administrative procedures.

6. Recovery—It is as essential to security as authentication. Organizations need to make sure the investments in systems recovery are equal value as any prevention tasks.

7. Enabling technology—Technologies enable the implementation of security strategy including firewall technology, anti-virus technology, certificate authority technology, biometric technology, encryption technology, and privacy compliance technology.

After the September 11 tragedy, many organizations realized a complete backup strategy should also include a multi-backup plan at various remote sites. A single backup plan in one location (either remote or local site) does not guarantee the security of organizations' data and information. Global organizations have the advantage of planning multiple backups at transborder sites. Ideally, each business unit in the global organization should have a multibackup plan of its own data locally as well as remotely. A number of factors should be taken into account when deciding a remote backup site. They are technological capability, level of data sensitivity, and level of national security. When a system failure occurs in a business unit, the data can be easily restored through the remote backup site; and if the business unit is also a remote backup site of another, it will request the original site to replicate the data for remote backup purpose. As Figure 3 illustrates, Business Unit 1 backs up its own data as well as data from Business Unit 2 (remote site). Business Unit 1's data is also transferred to Business unit 3 for remote backup. Thus if Business Unit 1 is destroyed, it can easily to reinstate it own data through a restoring request from Business Unit 3. In the meantime, Business Unit 1 can also request data from Business Unit 2 for remote backup.

Figure 3: Multi-backup model for global organizations

Systems Recovery

A systems recovery plan is culmination of the details on how to recover an organization's entire operations, especially the mission critical processes. The recovery plan also identifies the recovery resource to effect recovery operations. The main objective of the recovery plan is to prepare the emergency business operations strategy for the situations caused by disasters resulting in inoperability and inaccessibility of any information systems. As global information systems require more complex and sophisticated procedures in system recovery, global organizations need to pay more attention on developing the system recovery plan.

The impact of a disaster can be tremendous. It includes temporary and permanent loss of revenues (customers, business opportunity, market share, competitive edge, or customer confidence), violation of regulatory requirements, legal liabilities, personnel safety, damages to personnel morale, expense of personnel downtime, embarrassment of not being prepared, and so forth. There are numerous events that can cause a disaster such as fire, flood, earthquake, power outage, and terrorism.

Due to high level of complication in recovering global business operations, the business continuity and disaster recovery planning is essential to every global organization. As multiple business units operate all over the world, many business rules such as the auditing compliance, insurance requirements, and legislation and regulatory requirements are varying from country to country. Hence, global organizations should have multiple business recovery plans that cover all business operations across the world.