IT C182 – Unit 7 – Business of IT – Nick Marshall

Explain the purpose of an IT department in an organization.
Identify the reasons for aligning IT goals to the business mission and goals.
Describe the internal organization of and job roles within an IT department.
Explain the importance of maintaining business and process continuity.
Identify opportunities for buying versus building a solution in-house as well as insourcing versus outsourcing.
Describe the process of system deployment and integration with existing systems.
Describe user needs and other information systems requirements, including security and accessibility functions.
Describe the process of system deployment and integration with existing systems.
Identify the different types of testing.
Define project initiation, risk and business impact analysis, risk mitigation, and control.
Describe the characteristics of a project and identify its phases.
Explain IT’s role in globalization and globalization’s role in IT.

Information technology is a large part of the day-to-day operations of almost all functioning organizations. IT governance is the system of processes that ensures the effective and efficient use of IT to enable an organization to achieve its business goals and to add value to key stakeholders in an organization. To organize projects in the IT domain, organizations follow project management methodologies to guide them to completion. Specific methodologies for developing software, such as the software development life cycle, are being adopted by virtually all development teams to manage the intricacies of complex software and the multiple people who work on or with it. Project management frameworks ensure that projects are well defined with clear, attainable goals and that resources are in place for successful completion.

Companies quickly adopt new technologies in an effort to gain and maintain a competitive advantage. Computing professionals need to monitor such emerging developments.

In this section, you will explore frameworks for IT governance and project organization, and review some of the currently emerging technologies that appear to be defining the IT landscape of today and tomorrow.

Introduction to the Business of IT

The medical office where Mei works employs one IT professional and contracts with third parties for complex IT functions. Mei shares the needs of the office with the contractors and monitors their work. The medical office works with a healthcare informatics company in the next state, and Mei communicates with them throughout the workday. Each night, the data from the offices’ various systems are copied onto magnetic tapes so that any lost data can be recovered in a reasonable amount of time.

Information technology is a large part of the day-to-day operations of almost all functioning organizations. Computers are used to store, recover, transmit, process, and secure all forms of data and information. Due to their reliance on technology and data, many companies are known as “digital enterprises.” The organizational function of IT is to support any technology used to assist in solving business and organizational problems. Specifically, IT functions cover five different domains:

communication
data collection and management
information security management
consumer relationship management
process improvement

Communication has always been an important part of any business. IT, however, has redefined the way we communicate with each other. IT enables organizations to communicate by phone, email, video conferencing, social media, and many other ways. Perhaps more significantly, the rise of social media has changed how companies communicate with their customers. Companies use social media for advertising and customer service, talking with customers in a way that makes them feel more connected with the brand.

IT systems allow an organization to collect, store, manage, and use vast amounts of information. IT tools take raw data and convert it into information for analysis.

The IT department also keeps the company’s data secure. Not only can data leaks lead to fines and regulatory action but they can also damage an organization’s reputation and business.

IT is being used to improve how organizations interact with their customers. Specifically, customer relationship management systems (CRMs) track and organize every interaction a company has with current and potential customers, providing data about customers’ needs, wants, and behaviors.

IT is responsible for designing and implementing tools to improve efficiency. Implementing technologies that automate processes can reduce repetitive human labor and human error.

IT Governance

Mei manages the IT infrastructure of the medical office. The work that she does must align with the mission, vision, and goals of the medical office.

The organizational vision is

“To be a leading local healthcare services provider dedicated to advancing the health of the people we serve through quality, accessible, and patient-centered service.”

The mission is

“To provide compassionate, accessible, and cost-effective healthcare to the community. Advancement, inclusiveness, respect, and responsibility are adopted as the company’s core values.”

The IT department is an organizational subsystem made up of skilled technology specialists working together to support the technological infrastructure of the company. The roles within the IT department collectively manage IT activities that align with the organization’s strategic, tactical, and operational goals. IT departments interact with both internal and external clients. The marketing department is the IT department’s internal client when it requests data about the average time it takes for patients to check in and check out of the emergency room. The IT department may also collaborate with external clients, such as troubleshooting a patient’s ability to log in to their medical patient portal on their app.

Strategic goals are long-term, organizational aspirations determined by management that detail things such as eventual service and product offerings and social and economic impacts. Management uses tactical planning to develop short-term plans for how to operate with maximum efficiency; operational planning is much like tactical planning, except operational plans are long term.

IT governance is the system of processes that ensures the effective and efficient use of IT to enable an organization to achieve its business goals and to add value to key stakeholders in an organization. This governance provides the company’s IT function with strategic management, realizations of benefits to the organization, risk optimization, and resource optimization. In addition, it supports the company’s compliance with regulations and supports initiatives for competitive advantages, the company’s growth and innovation, an increase of assets, and the reduction of risks.

As an organizational system, an IT department should have a clearly defined vision, mission, and set of core values that define its own strategic, tactical, and operational goals for supporting the organization. The vision states what the department would like to achieve, the mission states how they will achieve the vision, and the core values state expected behaviors. The vision, mission, and objectives of the IT department should closely align with the vision, mission, and objectives of the organization.

IT Job Functions

Some organizations use the outsourcing model, keeping a core IT department to manage the operations and work with one or more third-party service providers. The third-party service providers do the needed technical work. IT employees manage the work of third parties, ensuring it is done according to specifications and requirements and acting as business analysts and project managers.

Several job functions are typical in an IT department, whether employed internally or externally contracted:

Network administrators set up, maintain, and monitor the hardware and software that support the networking components of the computer systems.
Systems administrators set up, maintain, and monitor devices that support business operations. These devices include anything from projectors and smartboards in a training room to the devices in the server room.
Web administrators control the outward-facing content on an organization’s website and intranets and ensure that the sites function and integrate with back-end systems, such as supporting databases.
Database administrators configure and troubleshoot an organization’s data repositories.
Cybersecurity analysts monitor the behaviors of the system components for anomalies and malicious attacks. They also put measures in place to deter, detect, and mitigate internal and external threats.
Technical support specialists provide end-user training and help users resolve issues accessing resources and systems.

Larger IT departments may include special-purpose teams within the IT departments. For example, an organization might have a team of cloud engineers dedicated to supporting cloud applications and virtual storage or a reporting team that maintains systems that generate reports. Typically, systems administrators and network administrators in large organizations also have dedicated responsibilities. Systems administrators focus on things like user and device support. Network administrators focus on things like network device and server management. In small to medium-sized organizations, IT roles often blend responsibilities. In small organizations, it is common for the network and systems administrator roles to be performed by a single person.

In addition to technical roles, organizations use managerial and leadership oversight roles in IT that may include functional managers, chief information officers (CIO), and chief information security officers (CISO). In addition, general managerial and leadership functions also provide direction to the IT function.

Organizational Models for the IT Function

Outsourcing uses the resources and skills of a developed workforce from an external organization. Hiring an organization that specializes in particular services is beneficial, as companies cannot always justify employing specialists with narrow skill sets. Outsourcing can improve efficiency and productivity, while also helping an organization save money. Third-party organizations are experienced in areas in which the current staff would otherwise need additional lead time for training. Also, outsourcing allows internal staff to be more productive in core business functions as the contracted organization focuses on auxiliary tasks. When an organization does decide to outsource a task or project, the first step should always be to consult with the potential third-party provider, often referred to as a vendor, and request a demonstration (demo) of the proposed solution.

Multiple outsourcing modalities include offshoring, outsourcing outside country lines; project outsourcing, where project management is outsourced; and nearshoring, offshoring to countries in a closer time zone or with an economic structure close to that of the home country.

Insourcing assigns a project to employees within the organization. Insourcing generally requires the development of new operations and processes, making it an expensive option.

An organization’s control over operations and decisions differs depending on whether the organization is outsourcing or insourcing.

Consider the advantages and disadvantages of the three outsourcing models described above. Have you ever worked for an organization that outsourced any of its IT functions? If so, think about how effective that model was.

Introduction to Project Management

The Project Management Life Cycle

The medical office is considering hiring an outside company to help Mei implement a new electronic health record system. Mei equates this project to being asked to design and supervise the construction of a house. How can she estimate the cost, time, and other resources necessary to complete the project? How can she divide the project into manageable phases? How can she ensure compatibility among the parts? What would be reasonable milestones? Mei knows that questions like these must be answered during the development of the new information system.

PM Life Cycle Model

A project is a purpose-driven event that has a defined start and finish. Project management frameworks ensure that projects are well defined, with clear, attainable goals, and that resources are in place for successful completion.

Pie chart showing project management lifecycle with the initiation phase in the upper left wedge, the planning phase in the upper right wedge, the execution phase in the lower right wedge, and the project closure phase in the lower left wedge. In the middle are arrows indicating the cyclical nature of the model.

Figure. Sample project management life cycle model.

The project management life cycle is represented differently in various models, but projects generally include four phases: initiation, planning, execution, and closure.

Project Initiation

Project initiation broadly defines the project. It usually begins with a business case, followed by a feasibility study. During the feasibility study, research assesses whether the business case will lead to a reasonable, feasible solution. Project stakeholders provide input in the analysis of the business case, resulting in a project charter, or project initiation document, that outlines the business needs, the stakeholders, and the business case.

Project Planning

Project planning includes developing a road map that everyone follows. This phase starts with setting the project goals, commonly using the SMART or CLEAR frameworks, both of which are described below.

Specific	Set a specific goal that answers the questions who, what, where, when, which, and why.
Measurable	Create criteria that can be used to measure the success of the goal.
Attainable	Ensure the goal is attainable given the resources.
Realistic	Assess the willingness to work toward the goal.
Timely	The goal should be achievable within the available timeframe.

Source: Attributes of a SMART goal: https://corporatefinanceinstitute.com/resources/knowledge/others/smart-goal/

Collaborative	The goal should encourage employees to work together.
Limited	The goal should be limited in scope and time to keep it manageable.
Emotional	The goal should tap into the passion of employees and be something they can form an emotional connection to. This can optimize the quality of work.
Appreciable	Break larger goals into smaller tasks that can be quickly achieved.
Refinable	As new situations arise, be flexible and refine the goal as needed.

Source: Attributes of a CLEAR goal: https://www.inc.com/peter-economy/forget-smart-goals-try-clear-goals-instead.html

Project planning defines the project scope and drafts a project management plan. The project management plan identifies project resources, including cost and time estimations. A project generally has each of the following documents by the end of the planning phase:

scope statement outlining the objectives, deliverables, and milestones
work breakdown structure (WBS) breaking the project into manageable segments for the team
milestones defining high-level goals to meet throughout the project’s duration
communication plan outlining the frequency and methods of communicating with stakeholders
risk management plan identifying foreseeable risks, including cost overruns and delays

Project Execution

During project execution, project deliverables are developed and completed. A kickoff meeting usually marks the start of this phase. Tasks typically include developing the project team, assigning resources, setting up tracking systems, conducting status meetings, and monitoring the project timetable.

Project performance is constantly observed during the execution phase. Key performance indicators, or metrics, are used to monitor the progress of the project, determining whether the project is on track to meet the defined milestones.

Project Closure

At the project closure phase, the project is declared complete and the project team is dissolved. Project managers complete the final project documentation, including financial reports. Generally, meetings are also a part of this phase, allowing members of the project team to reflect on strengths and opportunities for improvement.

Mitigating Project Risks

Risks in execution, risks in integration, and risks of the unknown are three broad categories of risks a project may encounter. These risks need to be considered during project planning and monitored during project execution to minimize their effect on project completion.

Considering risks during the project planning phase includes several steps:

Identify the risks
Analyze their impact on the project outcome
Prioritize the risks by severity and likelihood
Outline a mitigation strategy to minimize potential risks
Install monitoring systems for anticipated and unanticipated risks

Risks in execution typically revolve around budget, people, technology, equipment, and stakeholder support. Issues that can deem a project unsuccessful include cost overrun, insufficient staff, inadequate tools to support the project, and lack of support from project stakeholders. Planning in advance is one of the best ways to mitigate risks of execution.

The outcome of a project will likely affect other systems and processes in an organization. Risks of integration can be mitigated by assessing potential disruptions, ensuring adequate support from stakeholders, and having a shared understanding of the project’s complexity.

Two key strategies to successfully identify risks are frequent monitoring of project parameters and milestones and sound communication between project participants.

Project risks take many forms and emerge for different reasons. Some of the most common examples of project risks are listed here:

Scope creep—uncontrolled change of a project’s scope, typically adding tasks and increased, unplanned costs to the project
Budget risk—budget control issues, such as underestimated or improper allocation of cost
Resistance to change—departments and individuals resist organizational changes resulting from the project
Resource risk—inability to secure sufficient resources for the project
Contract risk—a vendor fails to deliver on contractual obligations
Disputes or disagreements between project participants
Project dependencies—especially when completion of some tasks is dependent on the completion of other tasks
Project assumptions risk—when assumptions about the project are invalidated during project development
Benefit shortfall—the project meets the requirements but delivers fewer benefits than outlined in the business case
Requirements quality risk—requirements have not been properly validated or documented
Force majeure risk—the chance of a major negative event beyond human control, such as a natural disaster

The System Development Lifecycle

Mei’s office is implementing a new electronic system for patient health records. They have not decided yet whether the system will be developed for the office or they will buy an off-the-shelf solution and configure it to their needs. To begin the initiative, Mei needs to specify the requirements for the new system. She has scheduled interviews with the company’s employees and leadership and developed questionnaires for the patients. She has also set up several workshops to disseminate the preliminary findings and gather more input. Mei plans to refine the requirements using brainstorming, role-playing, user observation, and use-case scenarios. Next, she will develop a prototype to validate the requirements. This is not the first time she has worked on a system development project; she knows specifying the requirements is the beginning of a complex multiphase process.

System Development

Computer system engineers use principles to guide the development of large, complex information systems. The development of these systems requires multiple employees over an extended period. It is also common for system and staffing requirements to change, adding more time to the project. While off-the-shelf products work for many tasks, they are not always a feasible solution. Unlike other fields of engineering, building information systems lack quantitative data for analysis, or metrics, for measuring the properties of the information systems.

Figure. Traditional system development life cycle.

Circle diagram representing the 3 phases of the system development life cycle including Development, Use, and Maintenance, with arrows around the outer edge depicting the cyclical nature of the model.

Figure. The system development life cycle.

Case

Many methodologies used in the past have been replaced. Overcoming engineering issues related to computer systems, including the lack of metrics and prefabricated systems, leads to progress. Developing software that can collect and analyze every aspect of the software development life cycle (SDLC), led to the computer-aided software engineering (CASE) domain of software development:

project planning, project scheduling, and personnel allocation
documentation tools to assist in writing, organizing, and managing documents
interface design tools to develop graphical user interfaces (GUIs)
programming tools to assist in writing and debugging code

Integrated development environments (IDEs) combine tools, such as editing, compiling, and debugging tools, into a single package. A few examples of IDEs that help users develop smartphone applications include Appery.io, TheAppBuilder, and AppMachine. Such programs provide the programming tools needed to write and debug the apps as well as a graphical display to simulate the application’s interface and performance.

Organizations such as the International Organization for Standardization (ISO), the Association for Computing Machinery (ACM), and the Institute of Electrical and Electronics Engineers (IEEE) provide guidelines for developing integrated systems and establish standards for measuring the quality of system and software development.

Requirement Analysis

The goal of the requirements analysis is to determine what services the system will provide, identify any conditions (such as time constraints and security), and define how users will interact with the system.

What methods did Mei use for gathering requirements?

Requirements analysis requires significant input from stakeholders, such as potential users, as well as those with other ties, such as legal or financial interests. In cases where the beneficiary is an entity, like a company or government agency, requirements analysis may start with a feasibility study. The feasibility study determines whether development is possible under the given constraints and whether the development aligns with the organization’s mission. In the case of producing commercial off-the-shelf (COTS) systems for the mass market, requirements analysis is likely to begin with a market study by the system developer.

The requirements analysis process consists of three steps:

Compiling and analyzing the needs of the system use
Negotiating with project stakeholders on trade-offs between wants, needs, costs, and feasibility
Developing a set of requirements identifying the necessary features and services of the completed system

The system requirement specification (SRS) is a written agreement between all parties that records the system requirements and guides system development. The SRS also helps resolve disputes that arise during development. Because of how important the SRS is in the development process, organizations such as IEEE and large systems clients, such as the U.S. Department of Defense, have adopted standards for requirement specifications.

The SRS should clearly define objectives to determine a system’s success. Too often, however, the SRS fails to delineate the system objectives.

Design

While the requirements analysis describes the system, the design creates a plan for constructing the system. Requirements analysis identifies the problem to be solved, while design plans a solution. Requirements analysis is often equated with deciding what the system should do, whereas design is equated with deciding how the system would do it. If, for example, the user’s ability to access necessary systems using a limited number of steps is defined as a user requirement, the design phase may include the layout of drop-down boxes and the coloring scheme. When the design phase is complete, the organization should have a detailed description of the system structure.

Implementation and Integration

The system is built during the implementation phase, including such things as developing programs and databases and creating data files. As projects move from the design phase into the implementation phase, the demand for specialized technical skills increases. It is during the implementation stage of software development projects, for example, that the distinction between a system analyst and a programmer becomes clear. A system analyst is involved throughout the entire development process. A programmer is primarily tasked with writing programs that implement the design produced by a system analyst.

Many factors influence the successful implementation of a system—training, team skills, team communication, effective project management, quality assurance, and upper-management commitment are just a few.

System Maintenance

During system maintenance, the system is monitored, evaluated, and modified as needed. System maintenance is a continuous phase that covers a wide variety of activities, including troubleshooting application errors and incompatibilities, updating documentation, and providing end-user support. There are four primary categories of software maintenance: corrective, adaptive, perfective, and preventive.

The goal of corrective maintenance is to remove errors to ensure functionality of the system. In Mei’s medical office, if a patient record application causes the operating system to reboot, Mei might begin corrective maintenance by reviewing the application and/or operating system logs.

Adaptive maintenance is performed when organizational changes affect system requirements, such as changes in the organizational procedures, forms, or system controls and security needs. For example, Mei’s medical office might change how nurses obtain and verify their patients’ identity, such as adding barcode reader functionality to read barcodes from patients’ wristbands.

Perfective maintenance is performed when new components are introduced, or existing components are improved, to enhance overall system performance. Examples of perfective maintenance include a new operating system for performance improvement or a new technology to increase efficiency.

Preventive maintenance refers to changes made to increase the life span of systems and could include restructuring, optimizing code, or updating documentation that impacts the scalability, stability, and maintainability of the system. One maintenance activity that could be categorized as preventative is testing air conditioning units in the server rooms.

Quality Assurance

As systems have become more complex, malfunctions, cost overruns, and missed deadlines are becoming more common, resulting in a need for more effective quality control processes. System quality control goes beyond debugging to include improving procedures and developing training for employees. The ISO 9000 series of standards address industrial activities such as design, production, installation, and servicing. The ISO/IEC 15504 is a set of standards developed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It is common for third-party system developers to meet specific standards.

Quality control must also maintain effective documentation practices. It is important that each step of the development process is accurately documented for future reference. Without maintaining up-to-date documentation, it is likely the records will be inaccurate or no longer applicable. Documenting the various audits throughout the system development process helps reduce errors.

Testing

In the past, testing was primarily the process of checking systems and confirming that the final product was compatible with the system requirement specification. Now, testing is only one part of quality assurance. Systems are not the only artifacts that are tested during the system development process. The result of each intermediate step in the entire development process is also tested for accuracy. Many system engineers believe that testing should be incorporated into the other steps of the development process, creating a three-step development process:

Requirements analysis and confirmation
Design and validation
Implementation and testing

Unfortunately, even with modern quality assurance techniques, large systems continue to contain errors. Even after significant testing periods, many errors go undetected for the life of the system, while other errors cause major malfunctions. Reducing these errors is one of the goals of system engineering.

Systems need thorough testing to ensure that functionality and performance requirements are met. System engineers have developed testing methodologies to improve the ability to identify errors with a limited number of tests. The Pareto principle is based on the theory that 80% of errors come from 20% of the system, meaning most errors can be identified by testing carefully selected groups of samples. Basis path testing is another software testing methodology. Basis path testing develops a set of test data that ensures each instruction in the software is executed at least once.

Techniques based on the Pareto principle and basis path testing rely on knowledge of a system’s internal components. This is known as glass-box testing commonly referred to as white-box testing, meaning the tester is familiar with the interior structure of the system and uses that knowledge when designing the test. Black-box testing does not rely on the tester’s knowledge of the system’s structure but is focused on the user experience (UX).

Methodologies that fall within the black-box category are alpha, beta, and user acceptance testing. In alpha testing, the first stage, developers, and/or an internal UX team test a preliminary version of the software, providing feedback about performance and functionality. The second stage is beta testing, sometimes referred to as pilot testing. In this stage, the next version of the system is given to a segment of end users for similar testing from their perspective before the final version is released. The final stage is referred to as user acceptance testing. During this stage, the users test the system in an operational setting to make sure the system continues to align with business objectives and meet the goals of the stakeholders.

Documentation

A system is not effective unless people can learn to use it and maintain it properly. Documentation is an important part of a system. The production of documentation is a component of the system development process. There are three types of system documentation: user documentation, system documentation, and technical documentation. User documentation explains the system to users and may include information such as how to access certain features, frequently asked questions (FAQs), and contact information for customer support.

System documentation describes the system’s internal configuration so the system can be maintained later in its life cycle. A major part of software development system documentation is software code. The code needs to be versioned and presented in a readable format. Versioned code allows developers to track modifications and reverse any changes that have been problematic. Readability is important so that any contributing developer can read the code. Development companies have created conventions for writing programs that include several common features:

indentation conventions for script readability
naming conventions for variables and constraints
documentation conventions for sufficient program documentation

Technical documentation describes how to install and maintain the system, including information about installing updates and providing feedback to the development team.

System Engineering Methodologies

Early approaches to system engineering used the waterfall model, following the development process sequentially: first requirements analysis, then design and implementation, and finally testing. Each step needed to be finished before moving on to the next. New models have evolved to reflect the natural trial-and-error creative process of problem-solving. Using the incremental model, the system is constructed in increments. The first increment is a simplified version of the final product. As tests are completed, more features are added and tested incrementally until the system is complete. If a patient record system is being developed for a hospital, the first increment might incorporate only the ability to view a small sample of patient records. Additional features would be available when this version is operational, such as the ability to add and update records.

Prototyping is building and evaluating basic versions of a proposed system. Rapid prototyping involves quickly constructing a simple sample that may consist of only a few screen images, indicating how the system would function. Rapid prototyping is used to build a “rough draft” of a product, with minimal resources and effort, giving stakeholders a clear picture of the intended system.

Open-source development permits users to modify the software code. Possibly the most notable example is the Linux operating system. Although most software from Microsoft is closed source (meaning the code cannot be modified), PowerShell Core was made open source in 2016. Under the open-source model, applications are developed and shared to be downloaded, used, and updated by a local or even global community of enthusiasts.

Rectangles with arrows going down from one to the next representing a waterfall model. Starting from the top, these are labeled requirements, analysis, design, implementation, and testing.

Figure. Sample waterfall model.

Agile Methodologies

Agile methods are system development methodologies that propose incremental implementations, respond to rapidly changing requirements, and reduce the emphasis on rigorous requirements. Scrum and extreme programming are both examples of agile methodologies.

Scrum is a hands-on system consisting of simple steps:

The system owner makes a prioritized wish list.
The scrum team selects an item toward the top of the wish list and plans the implementation during an event called “sprint.”
The team completes the list of objectives while assessing progress in daily meetings called scrums.
The sprint ends with the system ready to be released.
A new sprint starts, using another item on the wish list.
This process continues until the prioritized wish list is clear.

Following the extreme programming (XP) model, systems are developed by a team of fewer than a dozen individuals working in a communal workspace, where they freely share ideas and assist each other in the development project. The system is developed incrementally by repeated daily cycles of informal requirements analyses, designs, and common tests. New, expanded versions of the system appear on a regular basis. Each version is usually evaluated by the project stakeholders.

Agile development is quick, increases customer satisfaction, values employees, and reduces rework.

Business Continuity and Disaster Recovery

One of IT’s many important roles is ensuring the core organizational activities execute as planned and that disaster recovery and business continuity plans are in place to limit the risk and impact of disruptions and catastrophic events. In most industries, organizations are required by various contracts and regulatory bodies to have a contingency plan in place and to continuously test and revise contingency plans. Another common requirement for regulated industries is uptime, the amount of time client data and resources are available on the servers. Availability is often measured in the number of nines (including the whole number) found in a percentage. For example, if an organization is required to have 99.999% uptime, it is stated as “five nines.” This means the organization is required to have an average of less than approximately three seconds of downtime per week.

High availability solutions provide replicas, or copies, of critical systems that can be deployed when the original systems are not available.

Disaster recovery plans (DRPs) rely on solutions to ensure that systems can recover from catastrophic events in a reasonable amount of time with minimal data loss.

When disruptions do occur, business continuity plans help define how to resume services to customers and vital business operations, while auxiliary services may remain offline. While these conditions are not ideal, such plans allow the business to operate with limited resources until services are fully restored.

Data mirroring, data backups, and off-site storage are some of the strategies used for disaster recovery and business continuity. Data mirroring involves setting up the operating system to simultaneously write copies of the data on several storage devices. If something happens to one drive, another drive will be used in place of the faulty one, enabling the systems to recover functionality quickly without significant degradation of service. Data backups can be stored on any data storage device, but tape archival is common for businesses. Tape drives are inexpensive and can be transported to an off-site location. Off-site locations are a common solution for disaster recovery; if the primary site is damaged in some way, the data can likely be restored at another site.

Off-site storage locations are often found in other states. Salt mines and caves are popular locations for physical storage because of the low humidity and the protection provided by the earth’s terrain. Storing data in the cloud is another popular option. Storing a copy of company data in the cloud improves the ability to recover, as many public cloud service providers replicate their data across various geographic locations.

*Suggested Criteria for Assessing Off-Site Storage*
*Accessibility*	The length of time necessary to retrieve the data from storage. Also, the storage facility’s opening hours.
*Cost*	The cost of shipping, operational fees, and disaster response/recovery services.
Environment	The structural and environmental conditions of the storage facility: temperature, humidity, fire prevention, and power management control.
Geographic area	The distance from the organization. The probability of the storage site being affected by the same adverse event as the organization.
Security	The security capabilities of the storage facility and employee confidentiality. Both the storage facility and employee confidentiality must meet the data’s sensitivity and security requirements.

National Institute of Standards and Technology (NIST)

IT professionals often refer to storage as hot or cold. The key difference is that the hotter the storage solution is, the quicker an organization’s data can be retrieved and normal IT operations can resume after a disaster.

Hot storage

Hot storage allows organizations the quickest access to restore critical data in the event of a disaster or catastrophe. Hot storage solutions typically involve the latest and greatest storage equipment and the fastest protocols. In addition, hot storage is typically located close to the client or in multiple locations to ensure fast access. Some hot data storage solutions include Microsoft’s Azure Hot Blobs and Amazon’s AWS service, but these premium solutions can be quite expensive because of the high-performing resources and protocols involved.

Cold storage

Cold storage offers less frequent access and is maintained on minimal equipment that is considered lower performance. Returning to normal operations after a disaster is slower with cold storage. Some examples of cold storage include tape backup, offline cloud storage, and even some online services such as Amazon Glacier and Google Coldline. One significant advantage of cold storage, however, is that it is less expensive than hot storage.

Emerging Trends in IT

Mei’s personal professional mission is to support the medical office in providing infrastructural solutions that patients enjoy. The patients’ preferences change often, especially when new technologies become widely adopted. Therefore, Mei constantly attends training on various relevant technologies that may be beneficial and follows professional literature to stay aware of all the emerging technologies.

Mobile Computing

Mobile computing is the use of handheld devices, such as laptops, smartphones, and tablets. Due to the miniaturization of hardware, mobile devices are approaching the computational capabilities and speed of larger computing systems, while continuously decreasing in size. The popularity of mobile computing devices continues to increase the demand for infrastructures that adequately support these needs.

The Internet of Things (IoT)

Embedded and mechanical devices, objects, animals, and people are increasingly being provided with unique identifiers (UIDs), which provides the ability to transfer data, or even funds, via a network without the need for direct human interaction. This system of interconnected devices is known as the Internet of Things (IoT). Smart home devices, wearables, and connected cars are examples of IoT devices. These items rely heavily on sensors and network infrastructures to acquire and transmit data and possibly generate more new data. IoT is a notable emerging trend in IT because these devices can be attached to nearly anything and become components of a larger system.

Globalization

The IT revolution is changing the way we communicate and process data and affecting the way we live, work, and play.

Globalization refers to the growing interdependence of the world’s economies and cultures, brought about by the trade of goods and services and the flow of information and people. Advancements in computer hardware, software, and networking have increased people’s ability to access information and reach economic potential. Internet applications change the way people use and share information. IT drives the innovative use of resources to promote new products, services, and ideas across the globe. The internet and the World Wide Web have transformed commerce, creating entirely new products and services, enhancing the way companies and their customers make transactions.

These advances in IT have spread quickly because they have progressively reduced the unit cost of computing power and transmissions. Smartphones and other handheld devices are preferred over personal computers.

In addition, the IT revolution is driving the extraordinarily rapid decrease in the cost and the rapid increase in the processing power of digital technologies. To keep up, technology firms seek skilled workers with not only knowledge of technology but also solid problem-solving abilities that give them an edge over the competition. Additionally, by dispersing offices globally, companies aim to recruit the best talent from different parts of the world. While technology accelerates globalization, globalization also accelerates developing technology.

Nick Marshall – WGU Note Repository

IT C182 – Unit 7 – Business of IT