A CMMI-compliant requirements management and development process

Requirements Engineering has been acknowledged an essential discipline for Software Quality. Poorly-defined processes for eliciting, analyzing, specifying and validating requirements can lead to unclear issues or misunderstandings on business needs and project’s scope. These typically result in customers’ non-satisfaction with either the products’ quality or the increase of the project’s budget and duration. Maturity models allow an organization to measure the quality of its processes and improve them according to an evolutionary path based on levels. The Capability Maturity Model Integration (CMMI) addresses the aforementioned Requirements Engineering issues. CMMI defines a set of best practices for process improvement that are divided into several process areas. Requirements Management and Requirements Development are the process areas concerned with Requirements Engineering maturity. Altran Portugal is a consulting company concerned with the quality of its software. In 2012, the Solution Center department has developed and applied successfully a set of processes aligned with CMMI-DEV v1.3, what granted them a Level 2 maturity certification. For 2015, they defined an organizational goal of addressing CMMI-DEV maturity level 3. This MSc dissertation is part of this organization effort. In particular, it is concerned with the required process areas that address the activities of Requirements Engineering. Our main goal is to contribute for the development of Altran’s internal engineering processes to conform to the guidelines of the Requirements Development process area. Throughout this dissertation, we started with an evaluation method based on CMMI and conducted a compliance assessment of Altran’s current processes. This allowed demonstrating their alignment with the CMMI Requirements Management process area and to highlight the improvements needed to conform to the Requirements Development process area. Based on the study of alternative solutions for the gaps found, we proposed a new Requirements Management and Development process that was later validated using three different approaches. The main contribution of this dissertation is the new process developed for Altran Portugal. However, given that studies on these topics are not abundant in the literature, we also expect to contribute with useful evidences to the existing body of knowledge with a survey on CMMI and requirements engineering trends. Most importantly, we hope that the implementation of the proposed processes’ improvements will minimize the risks of mishandled requirements, increasing Altran’s performance and taking them one step further to the desired maturity level.

Integrated management systems: A model for maturity assessment

Maturity models are adopted to minimise our complexity perception over a truly complex phenomenon. In this sense, maturity models are tools that enable the assessment of the most relevant variables that impact on the outputs of a specific system. Ideally a maturity model should provide information concerning the qualitative and quantitative relationships between variables and how they affect the latent variable, that is, the maturity level. Management systems (MSs) are implemented worldwide and by an increasing number of companies. Integrated management systems (IMSs) consider the implementation of one or several MSs usually coexisting with the quality management subsystem (QMS). It is intended in this chapter to report a model based on two components that enables the assessment of the IMS maturity, considering the key process agents (KPAs) identified through a systematic literature review and the results collected from two surveys.

The transtheoretical model in weight management: Validation of the Processes of Change Questionnaire

Objective: The processes of change implied in weight management remain unclear. The present study aimed to identify these processes by validating a questionnaire designed to assess processes of change (the P-Weight) in line with the transtheoretical model. The relationship of processes of change with stages of change and other external variables is also examined. Methods: Participants were 723 people from community and clinical settings in Barcelona. Their mean age was 32.07 (SD = 14.55) years; most of them were women (75.0%), and their mean BMI was 26.47 (SD = 8.52) kg/m2. They all completed the P-Weight and the stages of change questionnaire (SWeight), both applied to weight management, as well as two subscales from the Eating Disorders Inventory-2 and Eating Attitudes Test-40 questionnaires about the concern with dieting. Results: A 34-item version of the PWeight was obtained by means of a refinement process. The principal components analysis applied to half of the sample identified four processes of change. A confirmatory factor analysis was then carried out with the other half of the sample, revealing that the model of four freely correlated first-order factors showed the best fit (GFI = 0.988, AGFI = 0.986, NFI = 0.986, and SRMR = 0.0559). Corrected item-total correlations (0.322-0.865) and Cronbach"s alpha coefficients (0.781-0.960) were adequate. The relationship between the P-Weight and the S-Weight and the concern with dieting measures from other questionnaires supported the validity of the scale. Conclusion: The study identified processes of change involved in weight management and reports the adequate psychometric properties of the P-Weight. It also reveals the relationship between processes and stages of change and other external variables.

Developing A Knowledge Management Process Model for Internal IT Organization, Case: Stora Enso Oyj, Corporate IT

The objectives of this Master’s Thesis were to find out what kind of knowledge management strategy would fit best an IT organization that uses ITIL (Information Technology Infrastructure Library) framework for IT Service Management and to create a knowledge management process model to support chosen strategy. The empirical material for this research was collected through qualitative semi-structured interviews of a case organization Stora Enso Corporate IT. The results of the qualitative interviews indicate that codification knowledge management strategy would fit best for the case organization. The knowledge management process model was created based on earlier studies and a literature of knowledge management. The model was evaluated in the interview research and the results showed that the created process model is realistic, useful, and it responds to a real life phenomenon.

Assessment of purchasing maturity in spare parts supply chain

To describe the change of purchasing moving from administrative to strategic function academics have put forward maturity models which help practitioners to compare their purchasing activities to industry top performers and best practices. However, none of the models aim to distinguish the purchasing maturity from the after-sales point of view, even though after-sales activities are acknowledged as a relevant source of revenue, profit and competitive advantage in most manufacturing firms. The maturity of purchasing and supply management practices have a large impact to the overall performance of the spare parts supply chain and ultimately to the value creation and relationship building for the end customer. The research was done as a case study for a European after-sales organization which is part of a globally operating industrial firm specialized in heavy machinery. The study mapped the current state of the purchasing practices in the case organization and also distinguished the relevant areas for future development. The study was based on the purchasing maturity model developed by Schiele (2007) and investigated also how applicable is the maturity model in the spare parts supply chain context. Data for the assessment was gathered using five expert interviews inside the case organization and other parties involved in the company’s spare parts supply chain. Inventory management dimension was added to the original maturity model in order to better capture the important areas in a spare parts supply chain. The added five questions were deduced from the spare parts management literature and verified as relevant areas by the case organization’s personnel. Results indicate that largest need for development in the case organization are: better collaboration between sourcing and operative procurement functions, use of installed base information in the spare parts management, training plan development for new buyers, assessment of aligned KPI’s between the supply chain parties and better defining the role of after-sales sourcing. The purchasing maturity model used in this research worked well in H&R Leading, Controlling and Inventory Management dimensions. The assessment was more difficult to conduct in the Supplier related processes, Process integration and Organizational structure –dimensions, mainly because the assessment in these sections would for some parts require more company-wide assessment. Results indicate also that the purchasing maturity model developed by Schiele (2007) captures the relevant areas in the spare parts supply as well.

Developing and evaluating a methodology for business process improvement

Purpose – There appears to be an ever-insatiable demand from markets for organisations to improve their products and services. To meet this, there is a need to provide business process improvement (BPI) methodologies that are holistic, structured and procedural. Therefore, this paper describes research that has formed and tested a generic and practical methodology termed model-based and integrated process improvement (MIPI) to support the implementation of BPI; and to validate its effectiveness in organisations. This methodology has been created as an aid for practitioners within organisations. Design/methodology/approach – The research objectives were achieved by: reviewing and analysing current methodologies, and selecting a few frameworks against key performance indicators. Using a refined Delphi approach and semi-structured interview with the “experts” in the field. Intervention, case study and process research approach to evaluating a methodology. Findings – The BPI methodology was successfully formed and applied by the researcher and directly by the companies involved against the criteria of feasibility, usability and usefulness. Research limitations/implications – The paper has demonstrated a new knowledge on how to systematically assess a BPI methodology in practice. Practical implications – Model-based and integrated process improvement methodology (MIPI) methodology offers the practitioner (experienced and novice) a set of step-by-step aids necessary to make informed, consistent and efficient changes to business processes. Originality/value – The novelty of this research work is the creation of a holistic workbook-based methodology with relevant tools and techniques. It extends the capabilities of existing methodologies.

Team diversity and leadership: Tests of model of process and direct effects

A model was tested to examine relationships among leadership behaviors, team diversity, and team process measures with team performance and satisfaction at both the team and leader-member levels of analysis. Relationships between leadership behavior and team demographic and cognitive diversity were hypothesized to have both direct effects on organizational outcomes as well as indirect effects through team processes. Leader member differences were investigated to determine the effects of leader-member diversity leader-member exchange quality, individual effectiveness and satisfaction.^ Leadership had little direct effect on team performance, but several strong positive indirect effects through team processes. Demographic Diversity had no impact on team processes, directly impacted only one performance measure, and moderated the leadership to team process relationship.^ Cognitive Diversity had a number of direct and indirect effects on team performance, the net effects uniformly positive, and did not moderate the leadership to team process relationship.^ In sum, the team model suggests a complex combination of leadership behaviors positively impacting team processes, demographic diversity having little impact on team process or performance, cognitive diversity having a positive net impact impact, and team processes having mixed effects on team outcomes.^ At the leader-member level, leadership behaviors were a strong predictor of Leader-Member Exchange (LMX) quality. Leader-member demographic and cognitive dissimilarity were each predictors of LMX quality, but failed to moderate the leader behavior to LMX quality relationship. LMX quality was strongly and positively related to self reported effectiveness and satisfaction.^ The study makes several contributions to the literature. First, it explicitly links leadership and team diversity. Second, demographic and cognitive diversity are conceptualized as distinct and multi-faceted constructs. Third, a methodology for creating an index of categorical demographic and interval cognitive measures is provided so that diversity can be measured in a holistic conjoint fashion. Fourth, the study simultaneously investigates the impact of diversity at the team and leader-member levels of analyses. Fifth, insights into the moderating impact of different forms of team diversity on the leadership to team process relationship are provided. Sixth, this study incorporates a wide range of objective and independent measures to provide a 360$\sp\circ$ assessment of team performance. ^

Model based integration of management systems (MSs) – case study

Abstract Purpose – The purpose of this paper is to present a case study regarding the deployment of a previously developed model for the integration of management systems (MSs). The case study is developed at a manufacturing site of an international enterprise. The implementation of this model in a real business environment is aimed at assessing its feasibility. Design/methodology/approach – The presented case study takes into account different management systems standards (MSSs) progressively implemented, along the years, independently. The implementation of the model was supported by the results obtained from an investigation performed according to a structured diagnosis that was conducted to collect information related to the organizational situation of the enterprise. Findings – The main findings are as follows: a robust integrated management system (IMS), objectively more lean, structured and manageable was found to be feasible; this study provided an holistic view of the enterprise’s global management; clarifications of job descriptions and boundaries of action and responsibilities were achieved; greater efficiency in the use of resources was attained; more coordinated management of the three pillars of sustainability – environmental, economic and social, as well as risks, providing confidence and added value to the company and interested parties was achieved. Originality/value – This case study is pioneering in Portugal in respect to the implementation, at the level of an industrial organization, of the model previously developed for the integration of individualized MSs. The case study provides new insights regarding the implementation of IMSs including the rationalization of several resources and elimination of several types of organizational waste leveraging gains of efficiency. Due to its intrinsic characteristics, the model is able to support, progressively, new or revised MSSs according to the principles of annex SL (normative) – proposals for MSSs – of the International Organization for Standardization and the International Electrotechnical Commission, that the industrial organization can adopt beyond the current ones.

Aplicação da filosofia Lean management:caso de estudo, aplicado à manutenção de edifícios

Trabalho Final de Mestrado para obtenção do grau de Mestre em Engenharia da Manutenção

An information model for lean, agile, resilient and green supply chain management

Dissertação para a obtenção de Grau de Mestre em Engenharia e Gestão Industrial

ANA, SA: A risk management approach

A Work Project, presented as part of the requirements for the Award of a Masters Degree in Finance from the NOVA – School of Business and Economics

Definició d'un procés de gestió de projectes que compleixi amb el model d'avaluació i millora de processos CMM a Nivell 3

Aquest TFC vol fer una presentació del model CMM, presentar un sistema de gestió que cobreixi els seus requeriments a nivell 3, fer una proposta de desplegament i avaluar els costos i els beneficis de l'adopció del nou sistema de gestió per a una empresa dedicada al desenvolupament i el manteniment de programari. El resultat del treball és la memòria en si i els seus annexos.

An assurance-based model to holistically assess the information security posture

EXECUTIVE SUMMARY : Evaluating Information Security Posture within an organization is becoming a very complex task. Currently, the evaluation and assessment of Information Security are commonly performed using frameworks, methodologies and standards which often consider the various aspects of security independently. Unfortunately this is ineffective because it does not take into consideration the necessity of having a global and systemic multidimensional approach to Information Security evaluation. At the same time the overall security level is globally considered to be only as strong as its weakest link. This thesis proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat will exploit the weakest link. A formalized structure taking into account all security elements is presented; this is based on a methodological evaluation framework in which Information Security is evaluated from a global perspective. This dissertation is divided into three parts. Part One: Information Security Evaluation issues consists of four chapters. Chapter 1 is an introduction to the purpose of this research purpose and the Model that will be proposed. In this chapter we raise some questions with respect to "traditional evaluation methods" as well as identifying the principal elements to be addressed in this direction. Then we introduce the baseline attributes of our model and set out the expected result of evaluations according to our model. Chapter 2 is focused on the definition of Information Security to be used as a reference point for our evaluation model. The inherent concepts of the contents of a holistic and baseline Information Security Program are defined. Based on this, the most common roots-of-trust in Information Security are identified. Chapter 3 focuses on an analysis of the difference and the relationship between the concepts of Information Risk and Security Management. Comparing these two concepts allows us to identify the most relevant elements to be included within our evaluation model, while clearing situating these two notions within a defined framework is of the utmost importance for the results that will be obtained from the evaluation process. Chapter 4 sets out our evaluation model and the way it addresses issues relating to the evaluation of Information Security. Within this Chapter the underlying concepts of assurance and trust are discussed. Based on these two concepts, the structure of the model is developed in order to provide an assurance related platform as well as three evaluation attributes: "assurance structure", "quality issues", and "requirements achievement". Issues relating to each of these evaluation attributes are analysed with reference to sources such as methodologies, standards and published research papers. Then the operation of the model is discussed. Assurance levels, quality levels and maturity levels are defined in order to perform the evaluation according to the model. Part Two: Implementation of the Information Security Assurance Assessment Model (ISAAM) according to the Information Security Domains consists of four chapters. This is the section where our evaluation model is put into a welldefined context with respect to the four pre-defined Information Security dimensions: the Organizational dimension, Functional dimension, Human dimension, and Legal dimension. Each Information Security dimension is discussed in a separate chapter. For each dimension, the following two-phase evaluation path is followed. The first phase concerns the identification of the elements which will constitute the basis of the evaluation: ? Identification of the key elements within the dimension; ? Identification of the Focus Areas for each dimension, consisting of the security issues identified for each dimension; ? Identification of the Specific Factors for each dimension, consisting of the security measures or control addressing the security issues identified for each dimension. The second phase concerns the evaluation of each Information Security dimension by: ? The implementation of the evaluation model, based on the elements identified for each dimension within the first phase, by identifying the security tasks, processes, procedures, and actions that should have been performed by the organization to reach the desired level of protection; ? The maturity model for each dimension as a basis for reliance on security. For each dimension we propose a generic maturity model that could be used by every organization in order to define its own security requirements. Part three of this dissertation contains the Final Remarks, Supporting Resources and Annexes. With reference to the objectives of our thesis, the Final Remarks briefly analyse whether these objectives were achieved and suggest directions for future related research. Supporting resources comprise the bibliographic resources that were used to elaborate and justify our approach. Annexes include all the relevant topics identified within the literature to illustrate certain aspects of our approach. Our Information Security evaluation model is based on and integrates different Information Security best practices, standards, methodologies and research expertise which can be combined in order to define an reliable categorization of Information Security. After the definition of terms and requirements, an evaluation process should be performed in order to obtain evidence that the Information Security within the organization in question is adequately managed. We have specifically integrated into our model the most useful elements of these sources of information in order to provide a generic model able to be implemented in all kinds of organizations. The value added by our evaluation model is that it is easy to implement and operate and answers concrete needs in terms of reliance upon an efficient and dynamic evaluation tool through a coherent evaluation system. On that basis, our model could be implemented internally within organizations, allowing them to govern better their Information Security. RÉSUMÉ : Contexte général de la thèse L'évaluation de la sécurité en général, et plus particulièrement, celle de la sécurité de l'information, est devenue pour les organisations non seulement une mission cruciale à réaliser, mais aussi de plus en plus complexe. A l'heure actuelle, cette évaluation se base principalement sur des méthodologies, des bonnes pratiques, des normes ou des standards qui appréhendent séparément les différents aspects qui composent la sécurité de l'information. Nous pensons que cette manière d'évaluer la sécurité est inefficiente, car elle ne tient pas compte de l'interaction des différentes dimensions et composantes de la sécurité entre elles, bien qu'il soit admis depuis longtemps que le niveau de sécurité globale d'une organisation est toujours celui du maillon le plus faible de la chaîne sécuritaire. Nous avons identifié le besoin d'une approche globale, intégrée, systémique et multidimensionnelle de l'évaluation de la sécurité de l'information. En effet, et c'est le point de départ de notre thèse, nous démontrons que seule une prise en compte globale de la sécurité permettra de répondre aux exigences de sécurité optimale ainsi qu'aux besoins de protection spécifiques d'une organisation. Ainsi, notre thèse propose un nouveau paradigme d'évaluation de la sécurité afin de satisfaire aux besoins d'efficacité et d'efficience d'une organisation donnée. Nous proposons alors un modèle qui vise à évaluer d'une manière holistique toutes les dimensions de la sécurité, afin de minimiser la probabilité qu'une menace potentielle puisse exploiter des vulnérabilités et engendrer des dommages directs ou indirects. Ce modèle se base sur une structure formalisée qui prend en compte tous les éléments d'un système ou programme de sécurité. Ainsi, nous proposons un cadre méthodologique d'évaluation qui considère la sécurité de l'information à partir d'une perspective globale. Structure de la thèse et thèmes abordés Notre document est structuré en trois parties. La première intitulée : « La problématique de l'évaluation de la sécurité de l'information » est composée de quatre chapitres. Le chapitre 1 introduit l'objet de la recherche ainsi que les concepts de base du modèle d'évaluation proposé. La maniéré traditionnelle de l'évaluation de la sécurité fait l'objet d'une analyse critique pour identifier les éléments principaux et invariants à prendre en compte dans notre approche holistique. Les éléments de base de notre modèle d'évaluation ainsi que son fonctionnement attendu sont ensuite présentés pour pouvoir tracer les résultats attendus de ce modèle. Le chapitre 2 se focalise sur la définition de la notion de Sécurité de l'Information. Il ne s'agit pas d'une redéfinition de la notion de la sécurité, mais d'une mise en perspectives des dimensions, critères, indicateurs à utiliser comme base de référence, afin de déterminer l'objet de l'évaluation qui sera utilisé tout au long de notre travail. Les concepts inhérents de ce qui constitue le caractère holistique de la sécurité ainsi que les éléments constitutifs d'un niveau de référence de sécurité sont définis en conséquence. Ceci permet d'identifier ceux que nous avons dénommés « les racines de confiance ». Le chapitre 3 présente et analyse la différence et les relations qui existent entre les processus de la Gestion des Risques et de la Gestion de la Sécurité, afin d'identifier les éléments constitutifs du cadre de protection à inclure dans notre modèle d'évaluation. Le chapitre 4 est consacré à la présentation de notre modèle d'évaluation Information Security Assurance Assessment Model (ISAAM) et la manière dont il répond aux exigences de l'évaluation telle que nous les avons préalablement présentées. Dans ce chapitre les concepts sous-jacents relatifs aux notions d'assurance et de confiance sont analysés. En se basant sur ces deux concepts, la structure du modèle d'évaluation est développée pour obtenir une plateforme qui offre un certain niveau de garantie en s'appuyant sur trois attributs d'évaluation, à savoir : « la structure de confiance », « la qualité du processus », et « la réalisation des exigences et des objectifs ». Les problématiques liées à chacun de ces attributs d'évaluation sont analysées en se basant sur l'état de l'art de la recherche et de la littérature, sur les différentes méthodes existantes ainsi que sur les normes et les standards les plus courants dans le domaine de la sécurité. Sur cette base, trois différents niveaux d'évaluation sont construits, à savoir : le niveau d'assurance, le niveau de qualité et le niveau de maturité qui constituent la base de l'évaluation de l'état global de la sécurité d'une organisation. La deuxième partie: « L'application du Modèle d'évaluation de l'assurance de la sécurité de l'information par domaine de sécurité » est elle aussi composée de quatre chapitres. Le modèle d'évaluation déjà construit et analysé est, dans cette partie, mis dans un contexte spécifique selon les quatre dimensions prédéfinies de sécurité qui sont: la dimension Organisationnelle, la dimension Fonctionnelle, la dimension Humaine, et la dimension Légale. Chacune de ces dimensions et son évaluation spécifique fait l'objet d'un chapitre distinct. Pour chacune des dimensions, une évaluation en deux phases est construite comme suit. La première phase concerne l'identification des éléments qui constituent la base de l'évaluation: ? Identification des éléments clés de l'évaluation ; ? Identification des « Focus Area » pour chaque dimension qui représentent les problématiques se trouvant dans la dimension ; ? Identification des « Specific Factors » pour chaque Focus Area qui représentent les mesures de sécurité et de contrôle qui contribuent à résoudre ou à diminuer les impacts des risques. La deuxième phase concerne l'évaluation de chaque dimension précédemment présentées. Elle est constituée d'une part, de l'implémentation du modèle général d'évaluation à la dimension concernée en : ? Se basant sur les éléments spécifiés lors de la première phase ; ? Identifiant les taches sécuritaires spécifiques, les processus, les procédures qui auraient dû être effectués pour atteindre le niveau de protection souhaité. D'autre part, l'évaluation de chaque dimension est complétée par la proposition d'un modèle de maturité spécifique à chaque dimension, qui est à considérer comme une base de référence pour le niveau global de sécurité. Pour chaque dimension nous proposons un modèle de maturité générique qui peut être utilisé par chaque organisation, afin de spécifier ses propres exigences en matière de sécurité. Cela constitue une innovation dans le domaine de l'évaluation, que nous justifions pour chaque dimension et dont nous mettons systématiquement en avant la plus value apportée. La troisième partie de notre document est relative à la validation globale de notre proposition et contient en guise de conclusion, une mise en perspective critique de notre travail et des remarques finales. Cette dernière partie est complétée par une bibliographie et des annexes. Notre modèle d'évaluation de la sécurité intègre et se base sur de nombreuses sources d'expertise, telles que les bonnes pratiques, les normes, les standards, les méthodes et l'expertise de la recherche scientifique du domaine. Notre proposition constructive répond à un véritable problème non encore résolu, auquel doivent faire face toutes les organisations, indépendamment de la taille et du profil. Cela permettrait à ces dernières de spécifier leurs exigences particulières en matière du niveau de sécurité à satisfaire, d'instancier un processus d'évaluation spécifique à leurs besoins afin qu'elles puissent s'assurer que leur sécurité de l'information soit gérée d'une manière appropriée, offrant ainsi un certain niveau de confiance dans le degré de protection fourni. Nous avons intégré dans notre modèle le meilleur du savoir faire, de l'expérience et de l'expertise disponible actuellement au niveau international, dans le but de fournir un modèle d'évaluation simple, générique et applicable à un grand nombre d'organisations publiques ou privées. La valeur ajoutée de notre modèle d'évaluation réside précisément dans le fait qu'il est suffisamment générique et facile à implémenter tout en apportant des réponses sur les besoins concrets des organisations. Ainsi notre proposition constitue un outil d'évaluation fiable, efficient et dynamique découlant d'une approche d'évaluation cohérente. De ce fait, notre système d'évaluation peut être implémenté à l'interne par l'entreprise elle-même, sans recourir à des ressources supplémentaires et lui donne également ainsi la possibilité de mieux gouverner sa sécurité de l'information.

Innovation Benchmark Study: Analysis of Innovation Processes in Finnish Companies

Liikevaihdon orgaaninen kasvu on ensisijainen tekijä ja haaste yritysjohdolle yrityksen omistaja-arvon kasvattamiseksi. Tutkimus tarkastelee suosivatko suomalaisyritykset pääasiallisesti olemassa olevaa liiketoimintaa palvelevia innovaatioita vai tukevatko nykyhetken toimintatavat myös uusia kasvua kiihdyttäviä radikaaleja innovaatioita. Lisäksi työ kartoitti suomalaisyritysten innovaatioprosessien kehitysalueita käyttäen itsearviointitutkimusta.Tulokset johtivat kolmeen johtopäätökseen. Tutkimus osoitti, että vastaajayritykset ovat keskittyneet innovaatiotoiminnassaan vahvasti ydinliiketoimintaansa, jättäen potentiaaliset kasvumahdollisuudet huomioimatta. Yritykset tavoittelevat maksimaalisia tuottoja keskittymällä tuotteidensa korkeaan suorituskykyyn. Lyhyen aikavälin epärealistiset tuotto-odotukset sekä projekteille suunnatut arviointikriteerit rajoittavat liiketoimintaa mullistavien radikaalien innovaatioiden kehittymistä organisaatiossa. Toiseksi, tutkimus osoitti, että suuri osa yrityksistä käyttää perinteisen projektien arviointi- ja kehitysprosessin lisäksi vaihtoehtoisia ja huonosti kontrolloitavissa olevia kehitysprosesseja, mikäli projektille annetaan kielteinen rahoituspäätös standardin prosessin sisällä. Kolmanneksi, suomalaisyritysten innovaatioprosesseissa paljastui merkittäviä puutteita mitattavien elementtien suhteen.

Development of IT Service Management in a Large International Company

The purpose of this Master’s thesis is to examine the IT Service Management (ITSM) capabilities of a large international company and develop a design for the IT Service Management of the company. The thesis consists of two parts: a literature review and a case study. The first part is the literature review. It examines different aspects of IT Service Management. The purpose of the literature review is to increase the credibility of the case study. In the case study, the IT Service Management of a large industrial company is assessed, and an improved design for IT Service Management is created. The services are limited to common IT services, and management is limited to operative management. To assess and develop the case company’s IT Service Management, the IT organization and its ITSM capabilities are analyzed, and on the basis of the analyses, an improved IT Service Management model is created. As a result of the analyses, it was found out that the management of the IT organization is function-oriented. Therefore, the organization needs a management model that breaks the functional borders and brings services to the center of management. The designed model aspires to achieve this by defining IT services and modeling management processes from the service perspective.