IT Economics 2
Risks
Evaluation of Projects
IT Project Risks
- failure / cancellation
- budget / time overrun
- unmet objectives
Business Operational Risks
- business loss
- reputational damage
- financial damage
Cyber Risks
- intrusion to damage
- intellectual theft
- device abuse
- ransom
View of Managers
- compare Cost / Benefit / Risks
- flexibility: change direction or stuck with decision?
Evaluation of Projects
.png)
Overrun
- average cost overrun: 89%
- average time overrun: 122%
Reasons for failures
projects are rarely failing because of Technology
- incomplete requirements: 13%
- difficult to obtain complete req.
- unknown or mis-expressed needs
- diverse users complicate finding req.
- details lost over time
- often wants excessive "flexibility" req.
- insufficient user involvement: 12%
- inadequate resources 11%
- unrealistic user expectations: 10%
- people expect all problems solved
- lack of management support: 9%
- requirement changes: 9%
- updating useable parts tedious
Project Management Triple Constraints:
three “levers” to adapt project on the fly
- time (when do we want it?)
- cost (how much does it cost?)
- scope (what do we want?)
Problems of large projects:
- take longer & more parts and people involved
- requirements change over time
- staff leave / changes, turnover
- add new people and introduce to project
Problems of projects with multiple stakeholders:
- "scope creep"
- req. from one group incentivize req. from others
- if cost is split, you don't want to pay an equal share if you receive less
- they don’t challenge req. so they are not challenged back
- from assumptions that req. are clear (i.e. everyone knows the req.)
.png)
Business Operational Risks
Example: UBS
- IPO (Initial Public Offering) of Facebook had UBS send requests again if no ACK came in
- bought more shares than planned
- drove up price as there was a "huge interest"
- sold back shares after noticing, driving prices down
- resulted in a 356$ million loss
Example: Goldman Sachs
- invested a lot in back-up infrastructure
- operating during Hurricane Sandy while other traders were down
- gained lots of money & customers
Example: Cyber Security
Cyber-Security
- Attacks will happen, you can only prepare for them
- reduce the attack surface
- especially challenge convenience: wireless connections, …
- What are motives?
- stealing valuable information
- demanding ransom
- indirect benefits (insider trading, disrupt stock moves, disrupt competitor sales)
Ramification Post-Breach
- company falling victim of a Cyber-Attack:
- public relation worse
- cost of legal fees & technical investigation
- service disruption costs
- hidden costs (i.e. increase in insurance fees)
- …
Be Safe & Not Sorry, Prepare for them
Strategic Flexibility
Key inhibitors for technology
Vendor Dependency
- understand strategic relevance
- understand intent of supplier
- aim for partnership or vendor independence
- make smart make & buy decisions
- standardize processes & interfaces to allow easy swaps
- monitor performance
IT Complexity
- proactively manage tech landscape
- avoid business requirements of marginal value
- review software before sign-off
- invest in architecture clean-up project (reduce technical debt)
Lack of Skills
- encourage & support staff to build skills in strategic areas
- hire talent in relevant fields & let them learn about company & industry
Make | Buy
Make:
- capability is a competitive advantage
- system is tightly integrated with Int. Systems
- no strong solution on the market
Buy:
- capability is commodity for business
- system integration needs are low
- one or multiple strong solutions
Supplier Strategy
Forward-Integration (grow into direction of customer)
- optimize process
- increase market control, power & profits
- bad for chain, as it is built on their money
Disintermediation (cut out middle-man)
- direct interaction between supplier and your customers
- optimizes processes, increases profits, market control & power
Example: Cisco
without CCO:
- designing hard, error-prone & expensive
- total duration: 6-8 weeks
- indirect contact to customers:
- customer go to reseller for solution
with CCO:
- designing better in every way
- total duration: 2-3 weeks
- direct contact to customers
- customer can order online
- only Cisco-products used
- resellers still get margin for install
Antitrust-Circumvention
Essential Facilities Doctrine
monopoly owning “a facility essential to competitors” needs to grant reasonable access to facility.
- You can't use the strong control to become strong in other markets
to evade the law, big players often allow small competitors to compete
- if they become too large, they go against it
Be Like Google & Facebook
Things Google Can Do
- Trends: what topis is researched in which community
- Analytics: which communities visit which sites
- Maps: where are traffic jams
- Where are people throughout day and night
- where do they work (by location data)
- analyze business of retailer
Things Facebook Can Do
- Who interacts how often with a certain person?
- Which topis trigger people to communicate with each other?
- how much time do users spend on which topic?
- Where are users using their mobile devices?