824 resultados para Collaborative business processes
Resumo:
Problem Statement: Classroom facilities developed as new construction or renovation projects for UT System institutions tend to be developed as individual, ad hoc project. There are significant opportunities for process improvement is establishing standard business processes for developing Smart Classroom, establishing design standards and referring to prototype facilities developed at other institutions. [See PDF for complete abstract]
Resumo:
Gaining economic benefits from substantially lower labor costs has been reported as a major reason for offshoring labor-intensive information systems services to low-wage countries. However, if wage differences are so high, why is there such a high level of variation in the economic success between offshored IS projects? This study argues that offshore outsourcing involves a number of extra costs for the ^his paper was recommended for acceptance by Associate Guest Editor Erran Carmel. client organization that account for the economic failure of offshore projects. The objective is to disaggregate these extra costs into their constituent parts and to explain why they differ between offshored software projects. The focus is on software development and maintenance projects that are offshored to Indian vendors. A theoretical framework is developed a priori based on transaction cost economics (TCE) and the knowledge-based view of the firm, comple mented by factors that acknowledge the specific offshore context The framework is empirically explored using a multiple case study design including six offshored software projects in a large German financial service institution. The results of our analysis indicate that the client incurs post contractual extra costs for four types of activities: (1) re quirements specification and design, (2) knowledge transfer, (3) control, and (4) coordination. In projects that require a high level of client-specific knowledge about idiosyncratic business processes and software systems, these extra costs were found to be substantially higher than in projects where more general knowledge was needed. Notably, these costs most often arose independently from the threat of oppor tunistic behavior, challenging the predominant TCE logic of market failure. Rather, the client extra costs were parti cularly high in client-specific projects because the effort for managing the consequences of the knowledge asymmetries between client and vendor was particularly high in these projects. Prior experiences of the vendor with related client projects were found to reduce the level of extra costs but could not fully offset the increase in extra costs in highly client-specific projects. Moreover, cultural and geographic distance between client and vendor as well as personnel turnover were found to increase client extra costs. Slight evidence was found, however, that the cost-increasing impact of these factors was also leveraged in projects with a high level of required client-specific knowledge (moderator effect).
Resumo:
Today many business processes are based on IT systems. These systems are exposed to different threats, which may lead to failures of critical business pro-cesses. Thus, enterprises prepare themselves against threats and failures of critical IT systems by means of Business Continuity Management (BCM). The phe-nomenon of outsourcing introduces a new dimension to BCM. In an outsourcing relationship the client organization is still responsible for the continuity of its processes but does not have full control over the implemented business continuity measures. In this paper we build a research model based on institutional and assimilation theories to describe and explain how and why BCM is assimilated in outsourcing relationships. In our case studies we found evidence that primarily coercive and normative pressures influence the assimilation of BCM in outsourcing relationships and support the explanation of variation across enterprises. Mimetic pressures seem to influence the assimilation but do not explain variations.
Resumo:
Expenditures for personal health services in the United States have doubled over the last decade. They continue to outpace the growth rate of the gross national product. Costs for medical care have steadily increased at an annual rate well above the rate of inflation and have gradually outstripped payers' ability to meet their premiums. This limitation of resources justifies the ongoing healthcare reform strategies to maximize utilization and minimize costs. The majority of the cost-containment effort has focused on hospitals, as they account for about 40 percent of total health expenditures. Although good patient outcomes have long been identified as healthcare's central concern, continuing cost pressures from both regulatory reforms and the restructuring of healthcare financing have recently made improving fiscal performance an essential goal for healthcare organizations. ^ The search for financial performance, quality improvement, and fiscal accountability has led to outsourcing, which is the hiring of a third party to perform a task previously and traditionally done in-house. The incomparable nature and overwhelming dissimilarities between health and other commodities raise numerous administrative, organizational, policy and ethical issues for administrators who contemplate outsourcing. This evaluation of the outsourcing phenomenon, how it has developed and is currently practiced in healthcare, will explore the reasons that healthcare organizations gravitate toward outsourcing as a strategic management tool to cut costs in an environment of continuing escalating spending. ^ This dissertation has four major findings. First, it suggests that U.S. hospitals in FY2000 spent an estimated $61 billion in outsourcing. Second, it finds that the proportion of healthcare outsourcing highly correlates with several types of hospital controlling authorities and specialties. Third, it argues that healthcare outsourcing has implications in strategic organizational issues, professionalism, and organizational ethics that warrant further public policy discussions before expanding its limited use beyond hospital “hotel functions” and back office business processes. Finally, it devises an outsourcing suitability scale that organizations can utilize to ensure the most strategic option for outsourcing and concludes with some public policy implications and recommendations for its limited use. ^
Resumo:
The properties of data and activities in business processes can be used to greatly facilítate several relevant tasks performed at design- and run-time, such as fragmentation, compliance checking, or top-down design. Business processes are often described using workflows. We present an approach for mechanically inferring business domain-specific attributes of workflow components (including data Ítems, activities, and elements of sub-workflows), taking as starting point known attributes of workflow inputs and the structure of the workflow. We achieve this by modeling these components as concepts and applying sharing analysis to a Horn clause-based representation of the workflow. The analysis is applicable to workflows featuring complex control and data dependencies, embedded control constructs, such as loops and branches, and embedded component services.
Resumo:
In the present competitive environment, companies are wondering how to reduce their IT costs while increasing their efficiency and agility to react when changes in the business processes are required. Cloud Computing is the latest paradigm to optimize the use of IT resources considering ?everything as a service? and receiving these services from the Cloud (Internet) instead of owning and managing hardware and software assets. The benefits from the model are clear. However, there are also concerns and issues to be solved before Cloud Computing spreads across the different industries. This model will allow a pay-per-use model for the IT services and many benefits like cost savings, agility to react when business demands changes and simplicity because there will not be any infrastructure to operate and administrate. It will be comparable to the well known utilities like electricity, water or gas companies. However, this paper underlines several risk factors of the model. Leading technology companies should research on solutions to minimize the risks described in this article. Keywords - Cloud Computing, Utility Computing, Elastic Computing, Enterprise Agility
Resumo:
The use of semantic and Linked Data technologies for Enterprise Application Integration (EAI) is increasing in recent years. Linked Data and Semantic Web technologies such as the Resource Description Framework (RDF) data model provide several key advantages over the current de-facto Web Service and XML based integration approaches. The flexibility provided by representing the data in a more versatile RDF model using ontologies enables avoiding complex schema transformations and makes data more accessible using Web standards, preventing the formation of data silos. These three benefits represent an edge for Linked Data-based EAI. However, work still has to be performed so that these technologies can cope with the particularities of the EAI scenarios in different terms, such as data control, ownership, consistency, or accuracy. The first part of the paper provides an introduction to Enterprise Application Integration using Linked Data and the requirements imposed by EAI to Linked Data technologies focusing on one of the problems that arise in this scenario, the coreference problem, and presents a coreference service that supports the use of Linked Data in EAI systems. The proposed solution introduces the use of a context that aggregates a set of related identities and mappings from the identities to different resources that reside in distinct applications and provide different views or aspects of the same entity. A detailed architecture of the Coreference Service is presented explaining how it can be used to manage the contexts, identities, resources, and applications which they relate to. The paper shows how the proposed service can be utilized in an EAI scenario using an example involving a dashboard that integrates data from different systems and the proposed workflow for registering and resolving identities. As most enterprise applications are driven by business processes and involve legacy data, the proposed approach can be easily incorporated into enterprise applications.
Resumo:
En los últimos años, el desarrollo industrial a nivel globalizado en los diferentes sectores, la difusión de la TI y el uso estratégico de la misma, han crecido de manera exponencial. El uso adecuado de esta, se ha convertido en una gran preocupación para los órganos de gobierno de las organizaciones ya que la falta de dirección y control en las inversiones que se realizan en ellas, así como un uso inadecuado de las mismas pueden comprometer la consecución de los objetivos de la organización, su competitividad y su sostenibilidad a medio-largo plazo. La preocupación de los propietarios de los negocios es mejorar su rendimiento con la ayuda de la TI frente a sus competidores, realizando los procesos de negocio de una manera eficaz y eficiente, por lo que muchas organizaciones han realizado inversiones importantes en la adquisición de tecnología para lograr sus propósitos. Sin embargo la ejecución de estas inversiones no se ha gestionado adecuadamente, conforme a las políticas y planes especificados en los planes de negocio de la organización y la entrega de los servicios de TI no ha sido conforme a los objetivos previstos, generando pérdidas importantes y lo que es peor un gran deterioro de la imagen de la organización, por lo que consideramos a la gestión de la demanda estratégica de la TI como uno de los factores claves para el éxito de los negocios, el cual no ha sido tomada en cuenta por los consejos de gobierno o los altos ejecutivos de las organizaciones. La investigación comienza con una amplia revisión de la literatura, identificando dos elementos muy importantes, la demanda y el suministro de la TI dentro de la gobernanza corporativa de la TI; notándose la escasa información relacionado con la gestión de la demanda estratégica de la TI. Se realizó un estudio exploratorio para conocer como los miembros del consejo de administración y altos ejecutivos de una organización gestionan la demanda estratégica de la TI, obteniendo una respuesta de 130 encuestados, donde se confirma que hace falta normas o metodologías para la gestión de la demanda estratégica de la TI. En base a estos resultados se ha construido un marco de trabajo para todo el proceso de la gestión de la demanda de la TI y como una solución que se plantea en esta tesis doctoral, consiste en la elaboración de una metodología, combinando e integrando marcos de trabajo y estándares relacionados con la gobernanza corporativa de la TI. La metodología propuesta está conformada por tres fases, cada fase con sus actividades principales, y cada actividad principal por un conjunto de sub-actividades. Además, se establecen los roles y responsabilidades de los altos ejecutivos para cada una de las actividades principales. Esta propuesta debe ser de fácil implantación y aplicable en las organizaciones, permitiendo a estas afrontar con éxito el desarrollo de sus negocios, con una mejor calidad, reduciendo los costes de operación y empleando el menor tiempo posible. La validación de la metodología propuesta se realizó a través de una encuesta online y un estudio de casos. En la encuesta de validación participaron 42 altos ejecutivos de diferentes empresas y el estudio de casos se realizó con 5 empresas internacionales. Las respuestas de los estudios fueron analizados, para determinar la aceptación o el rechazo de la metodología propuesta por los participantes, confirmando la validez y confiabilidad del estudio. Este es uno de los primeros estudios reportado con evidencias empíricas para el proceso de la gestión de la demanda estratégica de la TI. Los resultados de esta investigación han sido publicados en revistas y congresos internacionales. ABSTRACT In recent years, the globalized industrial development, diffusion and strategic use of IT in different sectors has grown exponentially. Proper use of IT has become a major concern for government bodies and organizations. Uncontrolled or mismanaged IT investments or improper IT use may compromise the achievement of an organization’s objectives, competitiveness and sustainability in the medium to long term. Business owners set out to use IT to outperform their competitors, enacting business processes effectively and efficiently. Many organizations have made significant investments in technology in order to achieve their aims. However, the deployment of these investments has not been managed properly in accordance with the policies and plans specified in the organizations’ business plans, and IT services have not been delivered in accordance with the specified objectives. This has generated significant losses and, worse still, has seriously damaged the image of organizations. Accordingly, we believe that IT strategic demand management is one of the key factors for business success which has not been overlooked by the boards of trustees or senior executives of organizations. The research begins with an extensive review of the literature. This review has identified two very important elements: IT demand and supply within the corporate governance of IT. We have found that information related to IT strategic demand management is scant. We conducted an exploratory study to learn how members of the board of directors and senior executives of an organization manage IT strategic demand. The survey, which was taken by 130 respondents, confirmed that standards or methodologies are needed to manage IT strategic demand. Based on the results, we have built a framework for the entire IT demand management process. The solution proposed in this thesis is to develop a methodology, combining and integrating frameworks and standards related to the corporate governance of IT. The proposed methodology is divided into three phases. Each phase is composed of a series of key activities, and each key activity is further split into minor activities. We also establish the roles and responsibilities of senior executives for each of the key activities. This proposal should be easy to implement and apply in organizations, enabling corporations to successfully conduct better quality business, reduce operating costs and save time. The proposed methodology was validated by means of an online survey and a case study. The validation survey was completed by 42 senior executives from different companies, and the case study was conducted at five international companies. The study results were analysed to determine the acceptance or rejection of the proposed methodology by the participants, confirming the validity and reliability of the study. This is one the first studies to report empirical evidence for the process of IT strategic demand management. The results of this research have been published in international journals and conferences.
Resumo:
La Especificación Aeroespacial y de Defensa 2000M, también conocida como S2000M, es un protocolo de intercambio electrónico de datos utilizado en el apoyo logístico de equipos de defensa. La S2000M, resultado de un trabajo conjunto entre Fuerzas Armadas (FFAA) y empresas de Naciones diversas desarrollado durante las últimas cuatro décadas, define tanto los procesos para la adquisición y mantenimiento de componentes militares, como los mensajes normalizados en apoyo de dichos procesos. Equipos de trabajo constituidos por representantes de las citadas FFAA e industria mantienen actualizada la S2000M, por lo que el protocolo evoluciona continuamente con objeto de adaptarse a las necesidades que puedan surgir. Como consecuencia de dicha actualización, existen diversas versiones de la S2000M actualmente en servicio, y este trabajo se basa en la versión denominada 2.1, si bien, una parte importante de las conclusiones del estudio pueden aplicarse a otras versiones del protocolo. A través de los años, la S2000M se ha convertido en un elemento esencial del comercio electrónico de piezas de repuesto y de servicios de mantenimiento y reparación de modernos sistemas aeronáuticos Europeos tales como los aviones de combate Typhoon, Tornado y Rafale, el avion de transporte A400M y los helicópteros NH90 y Tiger, por lo que la S2000M constituye un elemento esencial en el apoyo logístico necesario para asegurar la disponibilidad operativa de dichos sistemas. Así mismo, la S2000M juega un papel fundamental en el comercio electrónico entre las principales empresas aeronáuticas europeas y las organizaciones logísticas de defensa de Naciones tales como Alemania, España, Francia, Holanda, Italia, etc. En consecuencia, la importancia de la S2000M en aspectos tales como logística, nivel de operatividad de los sistemas de armas mencionados, comercio electrónico y sistemas de información es manifiesta, por lo que resulta necesario evaluar la eficacia y eficiencia del protocolo para optimizarlo al máximo. Con este propósito, el presente trabajo estudia la S2000M con objeto de encontrar una respuesta a la pregunta que ha constituido la base de la investigación: ¿Cómo medir el éxito de la Especificación Aeroespacial y de Defensa S2000M? Como la S2000M se utiliza para intercambiar información logística en formato electrónico entre organizaciones y entidades por medio de documentos estructurados y de procesos automatizados, los sistemas de información juegan un papel fundamental en este trabajo. En consecuencia, la base teoríca para tratar de responder a la pregunta anteriormente citada se sustenta en las investigaciones en curso sobre el éxito de los sistemas de información, adaptadas a la problemática específica del protocolo S2000M. Para finalizar, es importante mencionar que debido a que la investigación sobre la S2000M es prácticamente inexistente, este trabajo se centra en un área específica de conocimiento hasta ahora casi inexplorada. El resultado de la investigación se materializa en una serie de propuestas teoricas y prácticas con las que se contribuyen al desarrollo de tres áreas de conocimiento: S2000M, Sistemas de Información e Intercambio Electrónico de Datos. Asimismo, se proponen nuevas áreas de estudio en las tres áreas mencionadas. ABSTRAC The Aerospace and Defence Specification 2000M, in short S2000M, is an Electronic Data Interchange (EDI) standard used in the logistic support of defence equipment. The S2000M is the result of the joint effort undertaken by the Armed Forces and industry of several Nations over the last four decades. The protocol defines the business processes for the supply, maintenance and repair of military components, as well as the standard messages on support of the said processes. Representatives from industry and military keep the S2000M up-to-date and therefore, the protocol evolves continuously to support new requirements that may arise. Consequently, there are different versions of the standard currently available and this study is about one of them, precisely, Revision 2.1; however, many of the research outcomes are also be valid for other versions of the protocol. Through the years, the S2000M has become an essential element for the electronic trade of spare parts and repair services on support of modern European aeronautical systems such as the fighters Typhoon, Tornado and Rafale, the airlifter A400M and the helicopters NH90 and Tiger. As a result, the S2000M is at the center of the logistic support required to ensure the operational availability of these systems. Further, the protocol plays a key role in the electronic exchanges among main European aeronautical players and defence logistics organizations from Nations such as France, Germany, Italy, Netherlands, Spain, etc. Therefore, the significance of the S2000M on the operational availability of the mentioned weapon systems, and in logistics, electronic business and Information Systems (IS) terms is noticeable, and it is then worth evaluating how the S2000M is doing with respect to its effectiveness and efficiency in order to improve these two areas as much as possible. To this end, this work analyzes the S2000M with the aim to find a response to the following research question: How to measure the success of the Aerospace and Defence Specification 2000M? As in the end the S2000M is about the electronic exchange of logistics information among organizations and firms by means of standard messages and processes automation, IS are at the core of this dissertation. For that reason, the theoretical foundation to tackle the research question rests on the ongoing stream of research on IS success, which will be extended to take into consideration the S2000M standpoint as well. Last, it is worth noting that due to the practically inexistent research on the S2000M M, this investigation help filling a gap in this domain. The outcomes from this study materialize in a number of conceptual and practical proposals that contribute to the theory and practice on three main knowledge areas, that is, S2000M, IS and EDI. Further, this work opens the door for further research in the said or related fields.
Resumo:
The SESAR (Single European Sky ATM Research) program is an ambitious re-search and development initiative to design the future European air traffic man-agement (ATM) system. The study of the behavior of ATM systems using agent-based modeling and simulation tools can help the development of new methods to improve their performance. This paper presents an overview of existing agent-based approaches in air transportation (paying special attention to the challenges that exist for the design of future ATM systems) and, subsequently, describes a new agent-based approach that we proposed in the CASSIOPEIA project, which was developed according to the goals of the SESAR program. In our approach, we use agent models for different ATM stakeholders, and, in contrast to previous work, our solution models new collaborative decision processes for flow traffic management, it uses an intermediate level of abstraction (useful for simulations at larger scales), and was designed to be a practical tool (open and reusable) for the development of different ATM studies. It was successfully applied in three stud-ies related to the design of future ATM systems in Europe.
Resumo:
El presente texto se ha desarrollado como Proyecto Fin de Grado en la Escuela Técnica Superior de Ingeniería y Sistemas de Telecomunicación de la Universidad Politécnica de Madrid en colaboración con la Consultora Tecnológica everis. El mismo tiene como objetivo realizar un estudio de los requisitos necesarios para poder desplegar un servicio que permita ofrecer a las Operadoras Móviles Virtuales (OMV) soporte técnico a sus clientes a través de las redes sociales. Este módulo establecerá una nueva vía de comunicación entre el consumidor y el cliente de la OMV con la propia OMV, el cual se caracterizará por una alta accesibilidad y una gran rapidez en el servicio permitiendo de este modo, una mayor satisfacción del cliente con su operador móvil y por tanto de una nueva vía para conseguir la fidelización del mismo y la captación de nuevos clientes. Para ello, este proyecto se lleva a cabo sobre el sistema de información 4mobile el cual es comercializado por la mencionada Consultora Tecnológica. Este sistema consiste en una plataforma web la cual permite cubrir todos los procesos de negocio comunes que un OMV necesita gestionar. Es por ello, que el mencionado estudio se centra en la evaluación de los aspectos necesarios para la integración de un módulo de estas características dentro de la plataforma de 4mobile. Este módulo, estará basado en una herramienta software que permitirá gestionar el ciclo de vida completo del comentario realizado por el cliente a través de una red social, desde que es publicado por el cliente, hasta que se haya respondido al mismo y su solución sea considerada como satisfactoria por el cliente. Por ello, y de cara a definir correctamente esta herramienta, será necesario un detallado análisis el cual recoja diversos aspectos y que a lo largo del texto, será denominado como Plan de Marketing de Medios Sociales (PMMS). Estos aspectos versarán tanto de las necesidades tecnológicas para su mencionada integración, como de la serie de características funcionales que una solución basada en servicio técnico a través de las redes sociales deberá poseer con el objetivo de ofrecer un servicio técnico de calidad. Finalmente, estas funcionalidades y necesidades tecnológicas se expondrán en forma de propuesta a everis para su integración en la plataforma 4mobile junto con un análisis de diseño a alto nivel software de la solución a desarrollar. ABSTRACT. This text has been developed as Final Degree Project in the Escuela Técnica Superior de Ingeniería y Sistemas de Telecomunicación de la Universidad Politécnica de Madrid in collaboration with the Technology Consultant everis, aims to conduct a study of how to provide technical support through social networks and the evaluation of the integration of a social support module within the system platform 4mobile, which cover all business processes that need to manage a Mobile Virtual Network Operator (MVNO), which is marketed by above-mentioned consultant . This module will establish a new communication channel between the consumer and the client with the OMV and itself, which is characterized by high accessibility and great fast service. Thus will allow a higher customer satisfaction with him service and thus a new way to get the same loyalty and attract new customers To this end, this project is performed on the information system 4mobile which is marketed by the consulting part thereof everis. This system is a platform to cover all business processes that need to manage an MVNO. Therefore, the mentioned study focuses on the evaluation of the elements necessary for integrating module these features within the platform 4mobile. This module will be based on a software tool for managing the entire lifecycle of the comment made by the customer via social networking, from the moment it is published, until it has been respond and their solution is considered satisfactory for the customer. So, in order to properly define this tool, a detailed analysis which will be necessary to collect various aspects and throughout the text, it will be referred to as Plan of Social Media Marketing (PMMS). These aspects will be address both: the technological needs for the mentioned integration, and the number of functional characteristics-based service through social networking solution, as this must in order to provide a quality service Finally, these goals and requirements will be discussed as everis offer for integration into the platform 4mobile analysis along with a high level of software design to develop the solution.
Resumo:
Real-world experimentation facilities accelerate the development of Future Internet technologies and services, advance the market for smart infrastructures, and increase the effectiveness of business processes through the Internet. The federation of facilities fosters the experimentation and innovation with larger and more powerful environment, increases the number and variety of the offered services and brings forth possibilities for new experimentation scenarios. This paper introduces a management solution for cloud federation that automates service provisioning to the largest possible extent, relieves the developers from time-consuming configuration settings, and caters for real-time information of all information related to the whole lifecycle of the provisioned services. This is achieved by proposing solutions to achieve the seamless deployment of services across the federation and ability of services to span across different infrastructures of the federation, as well as monitoring of the resources and data which can be aggregated with a common structure, offered as an open ecosystem for innovation at the developers' disposal. This solution consists of several federation management tools and components that are part of the work on Cloud Federation conducted within XIFI project to build the federation of cloud infrastructures for the Future Internet Lab (FIWARE Lab). We present the design and implementation of the solution-concerned FIWARE Lab management tools and components that are deployed within a federation of 17 cloud infrastructures distributed across Europe.
Resumo:
RESUMEN En los últimos años, debido al incremento en la demanda por parte de las empresas de tecnologías que posibiliten la monitorización y el análisis de un gran volumen de datos en tiempo real, la tecnología CEP (Complex Event Processing) ha surgido como una potencia en alza y su uso se ha incrementado notablemente en ciertos sectores como, por ejemplo, la gestión y automatización de procesos de negocios, finanzas, monitorización de redes y aplicaciones, así como redes de sensores inteligentes como el caso de estudio en el que nos centraremos. CEP se basa en un lenguaje de procesamiento de eventos (Event Processing Language,EPL) cuya utilización puede resultar bastante compleja para usuarios inexpertos. Esta complejidad supone un hándicap y, por lo tanto, un problema a la hora de que su uso se extienda. Este Proyecto Fin de Grado (PFG) pretende dar una solución a este problema, acercando al usuario la tecnología CEP mediante técnicas de abstracción y modelado. Para ello, este PFG ha definido un lenguaje de modelado específico dominio, sencillo e intuitivo para el usuario inexperto, al que se ha dado soporte mediante el desarrollo de una herramienta de modelado gráfico (CEP Modeler) en la que se pueden modelar consultas CEP de forma gráfica, sencilla y de manera más accesible para el usuario. ABSTRACT Over recent years, more and more companies demand technology for monitoring and analyzing a vast volume of data in real time. In this regard, the CEP technology (Complex Event Processing) has emerged as a novel approach to that end, and its use has increased dramatically in certain domains, such as, management and automation of business processes, finance, monitoring of networks and applications, as well as smart sensor networks as the case study in which we will focus. CEP is based on in the Event Processing Language (EPL). This language can be rather difficult to use for new users. This complexity can be a handicap, and therefore, a problem at the time of extending its use. This project aims to provide a solution to this problem, trying to approach the CEP technology to users through abstraction and modelling techniques. To that end, this project has defined an intuitive and simple domain-specific modelling language for new users through a web tool (CEP Modeler) for graphically modeling CEP queries, in an easier and more accessible way.
Resumo:
En la actualidad no se concibe una empresa, por pequeña que esta sea, sin algún tipo de servicio TI. Se presenta para cada empresa el reto de emprender proyectos para desarrollar o contratar servicios de TI que soporten los diferentes procesos de negocio de la empresa. Por otro lado, a menos que los servicios de TI estén aislados de toda red, lo cual es prácticamente imposible en la actualidad, no existe un servicio o un proyecto que lo desarrolle garantizando el 100% de seguridad. Así la empresa maneja una dualidad entre desarrollar productos/servicios de TI seguros y el mantenimiento constante de sus servicios TI en estado seguro. La gestión de los proyectos para el desarrollo de los servicios de TI se aborda, en la mayoría de las empresas, aplicando distintas prácticas, utilizadas en otros proyectos y recomendadas, a tal efecto, por marcos y estándares con mayor reconocimiento. Por lo general, estos marcos incluyen, entre sus procesos, la gestión de los riesgos orientada al cumplimiento de plazos, de costes y, a veces, de la funcionalidad del producto o servicio. Sin embargo, en estas prácticas se obvian los aspectos de seguridad (confidencialidad, integridad y disponibilidad) del producto/servicio, necesarios durante el desarrollo del proyecto. Además, una vez entregado el servicio, a nivel operativo, cuando surge algún fallo relativo a estos aspectos de seguridad, se aplican soluciones ad-hoc. Esto provoca grandes pérdidas y, en ocasiones, pone en peligro la continuidad de la propia empresa. Este problema, se va acrecentando cada día más, en cualquier tipo de empresa y, son las PYMEs, por su la falta de conocimiento del problema en sí y la escasez de recursos metodológicos y técnicos, las empresas más vulnerables. Por todo lo anterior, esta tesis doctoral tiene un doble objetivo. En primer lugar, demostrar la necesidad de contar con un marco de trabajo que, integrado con otros posibles marcos y estándares, sea sencillo de aplicar en distintos tipos y envergaduras de proyectos, y que guíe a las PYMEs en la gestión de proyectos para el desarrollo seguro y posterior mantenimiento de la seguridad de sus servicios de TI. En segundo lugar, cubrir esta necesidad desarrollando un marco de trabajo que ofrezca un modelo de proceso genérico aplicable sobre distintos patrones de proyecto y una librería de activos de seguridad que sirva a las PYMEs de guía durante el proceso de gestión del proyecto para el desarrollo seguro. El modelo de proceso del marco propuesto describe actividades en los tres niveles organizativos de la empresa (estratégico, táctico y operativo). Está basado en el ciclo de mejora continua (PDCA) y en la filosofía Seguridad por Diseño, propuesta por Siemens. Se detallan las prácticas específicas de cada actividad, las entradas, salidas, acciones, roles, KPIs y técnicas aplicables para cada actividad. Estas prácticas específicas pueden aplicarse o no, a criterio del jefe de proyecto y de acuerdo al estado de la empresa y proyecto que se quiera desarrollar, estableciendo así distintos patrones de proceso. Para la validación del marco se han elegido dos PYMEs. La primera del sector servicios y la segunda del sector TIC. El modelo de proceso ha sido aplicado sobre un mismo patrón de proyecto que responde a necesidades comunes a ambas empresas. El patrón de proceso ha sido valorado en los proyectos elegidos en ambas empresas, antes y después de su aplicación. Los resultados del estudio, después de su aplicación en ambas empresas, han permitido la validación del patrón de proceso, en la mejora de la gestión de proyecto para el desarrollo seguro de TI en las PYMEs. ABSTRACT Today a company without any IT service is not conceived, even if it is small either. It presents the challenge for each company to undertake projects to develop or contract IT services that support the different business processes of the company. On the other hand, unless IT services are isolated from whole network, which is virtually impossible at present, there is no service or project, which develops guaranteeing 100% security. So the company handles a duality, develop products / insurance IT services and constant maintenance of their IT services in a safe state. The project management for the development of IT services is addressed, in most companies, using different practices used in other projects and recommended for this purpose by frameworks and standards with greater recognition. Generally, these frameworks include, among its processes, risk management aimed at meeting deadlines, costs and, sometimes, the functionality of the product or service. However, safety issues such as confidentiality, integrity and availability of the product / service, necessary for the project, they are ignored in these practices. Moreover, once the service delivered at the operational level, when a fault on these safety issues arise, ad-hoc solutions are applied. This causes great losses and sometimes threatens the continuity of the company. This problem is adding more every day, in any kind of business and SMEs are, by their lack of knowledge of the problem itself and the lack of methodological and technical resources, the most vulnerable companies. For all these reasons, this thesis has two objectives. Firstly demonstrate the need for a framework that integrated with other possible frameworks and standards, it is simple to apply in different types and wingspans of projects, and to guide SMEs in the management of development projects safely, and subsequent maintenance of the security of their IT services. Secondly meet this need by developing a framework that provides a generic process model applicable to project different patterns and a library of security assets, which serve to guide SMEs in the process of project management for development safe. The process model describes the proposed activities under the three organizational levels of the company (strategic, tactical and operational). It is based on the continuous improvement cycle (PDCA) and Security Design philosophy proposed by Siemens. The specific practices, inputs, outputs, actions, roles, KPIs and techniques applicable to each activity are detailed. These specific practices can be applied or not, at the discretion of the project manager and according to the state of the company and project that the company wants to develop, establishing different patterns of process. Two SMEs have been chosen to validate the frame work. The first of the services sector and the second in the ICT sector. The process model has been applied on the same pattern project that responds to needs common to both companies. The process pattern has been valued at the selected projects in both companies before and after application. The results of the study, after application in both companies have enabled pattern validation process, improving project management for the safe development of IT in SMEs.
Resumo:
Alistair Milne argues in this ECRI Commentary that ‘FinTech’ (newly emerging Financial Technologies) can play a crucial role in achieving European policy objectives in the area of financial markets. These notably include increasing access by smaller firms to trade credit and other forms of external finance and completing the banking and capital markets unions. He points out, however, that accomplishing these objectives will require a coordinated European policy response, focused especially on promoting common business processes and the adoption of shared technology and data standards.
