ebook img

Executive Guide to Preventing Information Technology Disasters PDF

194 Pages·1995·13.566 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Executive Guide to Preventing Information Technology Disasters

EXECUTIVE Guide to Preventing Information Technology Disasters Springer-Verlag London Ltd. Richard Ennals EXECUTIVE Guide to Prevenling Informalion Technology Disaslers , Springer Richard Ennals Professor of Business Information Technology Kingston Business School Kingston University Kingston-upon-Thames KT27LB ISBN 978-3-540-19928-1 British Library Cataloguing in Publication Data Enna1s, J. R. Executive Guide to Preventing Information Technology Disasters 1. Title 658.4038011 ISBN 978-3-540-19928-1 Library of Congress Cataloging-in-Publication Data Enna1s, J. R. (John Richard),1951- Executive guide to preventing information technology disasters I Richard Ennals. p. cm. Includes bibliographica1 references and index. ISBN 978-3-540-19928-1 ISBN 978-1-4471-0383-7 (eBook) DOI 10.1007/978-1-4471-0383-7 1. Information technology--Management. 2. Management information systems 3. Computer security. 1. Title. T58.64.E66 1995 658.4'78--dc20 95-30435 Apart Crom any fair dea1ing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form or by any means, with the prior permission in writing of the publishers, or in the case of reprographic reproduction in accordance with the terms and licences issued by the Copyright Licensing Agency. Enquiries conceming reproduction outside those terms should be sent to the publishers. e Springer-Ve rlag London 1995 Originally published by Springer-Verlag London Limited in 1995 The publisher makes no representation, express or implied, with regard to the accuracy of the information contained in this book and cannot accept any legal responsibility for any errors or omissions thal may be made. Interfaced Crom the author's disk by Geoff Amor Typeset by Richard Powe1l Editorial and Production Services, Basingstoke, Hants RG22 4TIC 34/3830-543210 (printed on acid-Cree paper) Contents Preface ......................................................................................................... ix 1. INTRODUCTION ................................................................................ 1 Disasters: Some Examples .................................................................. 2 Disaster Prevention Through Skill .................................................... 10 Fraud: Management in Crisis ............................................................. 12 Systems and Decision-Making ........................................................... 20 Strategic Functions.............................................................................. 23 Technical Issues ................................................................................... 26 Organisational Cultural Issues ........................................................... 28 Intelligent Solutions ............................................................................ 30 How to Cause IT Disasters ................................................................. 31 :1. HISTORICAL AND TECHNICAL PERSPECTIVES .......................... 41 Single Technology Solutions .............................................................. 42 Tools ..................................................................................................... 45 Keeping IT Simple ............................................................................... 46 The Emperor's Old Clothes ................................................................ 48 Human-Centred Systems .................................................................... 49 Executive Information Systems ......................................................... 51 3. CULTURE, COMPETENCE AND COMPLEXITy ............................. 53 The Demands of the Modem Economy ............................................ 53 Challenging Professionals .................................................................. 56 Engineering as a Form of Life ............................................................ 56 Competence and Professional Education ......................................... 57 Subcontracting the Management of Complexity .............................. 60 Consequences of Discontinuity. ......................................................... 62 vi CONTENTS A Question of Scale ............................................................................ 64 Working on Infeasible Projects ......................................................... 67 The Case for Programming ............................................................... 69 4. ISSUES OF INTEGRATION ............................................................... 71 Managing IT in the Organisation...................................................... 71 Expert Systems and Mainstream Software....................................... 78 Management and Information Systems ........................................... 83 Open and Distributed Systems.......................................................... 84 Business Health .................................................................................. 86 Computer Viruses .............................................................................. 87 5. MANAGEMENT DILEMMAS ............................................................ 89 Problems ............................................................................................. 89 Professionals ....................................................................................... 90 Panaceas .............................................................................................. 95 Method ................................................................................................ 97 Automation ......................................................................................... 98 People .................................................................................................. 100 Standards ............................................................................................ 102 Quality ................................................................................................. 109 Profits and Prophets........................................................................... 111 6. LEARNING FROM EXPERIENCE ..................................................... 112 Support Services ................................................................................. 112 From Computer Centres to Distributed Processing ....................... 114 Networking the Organisation ............................................................ 115 IT Strategy as a Process. ..................................................................... 116 Who Needs to Know What? ............................................................... 117 Crisis and Disaster ............................................................................. 124 Responsibilities .................................................................................. 128 Pragmatics ........................................................................................... 129 7. INFORMATION TECHNOLOGY AND BUSINESS ETHICS: CASE STUDIES ................................................................................... 131 Wessex Regional Health Authority. .................................................. 132 CONTENTS Compliance with Financial Services Legislation ............................. 133 Training and Enterprise Councils ..................................................... 135 Selling Solutions ................................................................................. 136 Defence and Diversification .............................................................. 138 Marketing Quality .............................................................................. 140 Talking to Your Computer ................................................................ I'll Arms, Technology and Business Ethics ........................................... 142 8. INFORMATION TECHNOLOGY CONSULTANCY ........................ 149 To What Extent Can Consultants Help to Prevent IT Disasters? ..................................................................................... 149 Consultants, Outsourcing and the Fear onT Disasters .................. 153 Accountability and Responsibility .................................................... 155 Business Process Re-engineering ...................................................... 156 Disasters, Strategy and Development ............................................... 158 9. WAYS FORWARD .............................................................................. 159 Education ............................................................................................ 159 Economic Collapse and Change ........................................................ 161 Learning from Political Experience .................................................. 163 A New Management Paradigm: Human-Centred Systems ............ 167 Disaster Recovery Planning as Strategic Planning .......................... 169 Practical Next Steps ............................................................................ 170 References and Bibliography ...................................................................... _ J]3 Name Index ..................................................................................................... J8J Subject Index................................................................................................... J83 Preface As organisations become more dependent on information technology for their smooth running and their very survival, managers would like to find a guaranteed method of preventing IT disasters. This book argues that no such guarantee is possible, and that management in the age of IT has to consider the strengths and limitations of the technology, making appropriate use of human knowledge and skill. An account is given of competing claims from computer scientists and IT consultants, who purport to offer solutions to technological bottlenecks. In contrast, we draw lessons from a series of recipes for disaster as exemplified in a number of detailed case studies. As technology cannot be completely reliable, a human-centred approach to management of information technology in organisations is presented, with practical guidance on how to proceed. As all managers fmd themselves users of IT, it is no longer sensible to delegate all responsibility to others: all managers have become managers of in formation technology, and must face up to the prospects and challenges ofIT disasters. Theory is fme, but there is no substitute for experience. This book is intended to help the reader to benefit from the experience of others, and to question the practice of his or her organisation in a way that makes IT disasters less likely. At Kingston Business School we have benefited from the support of a skilled technical support team, led by Colin Butler with network man agement from Ted Slade, in close association with John Bird and Brenda Ness of the University Computing Service. Their skill has sustained the environment in which this work has been conducted, and they have contributed greatly to the author's understanding of the practical realities of system management and disaster prevention. I am grateful for the advice and support of the series co-editor, Phil Molyneux of Kingston Business School, and the Publishing Director, John Watson, of Springer-Verlag London Limited. Kingston. February 1995 R.E. Introduction An information technology disaster is defmed as any incident that impairs the effective working of the data-processing function. Given the distribution of data processing capabilities from central Computing Departments to managers across organisations, disasters can also be distributed in their pattern of occurrence and in their impacts. All staff can be affected by IT disasters. Many have the power to cause disasters, of different scales. Few understand the different dependences that parts of the organisation have on IT for their operation and survival. For many organisations, IT disasters only exist once discovered. Until that stage, IT operations may be problematic but have no visible adverse impact. Indeed, it may be considered advisable, from the perspective of corporate image, to act as if IT disasters do not take place. Crisis management can be seen as a public-relations issue. The activity of suppressing consideration of systems failures and problems can be dangerous. It may mean that the safety valve, necessary for safe operation of systems, is removed. When the disaster becomes unavoidably apparent, it may be too late for countermeasures. There is a tendency for companies to seek to disguise developing disasters, until it is too late. In-house approaches will be used rather than bringing in external consultants, who could pose a threat to the organisation's self-image. Alternatively, consultants may be called in as a substitute for local consideration of sensitive issues. In areas where official secrecy is involved, the existence of a problem will itself be an official secret. High security clearance is required, and the capacity to consult users is impaired, unless this is done indirectly. On the other hand, the implementation of security measures may lead to a false confidence among those who lack understanding of the nature and potential of IT disasters. 2 PREVENTING INFORMATION TECHNOLOGY DISASTERS Disasters: So.e Exa.,les Beautiful Railway Bridge oft he Si/v'ry Tay! Alas, I am very sorry to say That ninetyJ ives have been taken away On the last Sabbath dayof1 879. Which will be remember'd for a very long time. William McGonagall (1825-1902), The Tay Bridge Disaster Information technology and software engineering may be thought to be almost as well formed as McGonagall's poetry. All too frequently they are the product of the well-meaning but untrained enthusiast. Information technology has been sold as providing all the solutions. In practice, it can lead to disasters that had not previously been considered. WAITING TO HAPPEN Hard luck A new secretary deletes the contents of a hard disk, losing all the data that had not been backed up. As the system lacked user documentation, she did not know what to do, or whom to ask. Her manager had previously left such technical details to her predecessor, and did not use the technology himself. No initial training was provided. After all, the system was sold as being "user-friendly". Hard Feehngs A disgruntled sacked employee leaves a "time-bomb" on the company computer system, wiping out all files on a preset date or diverting funds to an external account. He was not employed as a Systems Engineer, but used his access to the company network to gain entry to key files, evading detection. This phenomenon explains the growing practice of immediate removal of technically competent staff at the time of dismissal. Rebudding SocIeties Two Building Societies seek to merge, but their senior managers have to face the complications of incompatible computer systems. It takes some months before it is agreed that systems incompatibilities cannot be resolved, and talks are abandoned. It is suggested that incompatible systems may have been installed as a means of preventing take-over: a form of poison pill. IT was central to both

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.