Managing ERP Systems: Stabilization to Upgrade PDF

1 Lesson 8 Managing an ERP System from Stabilization to Upgrade ing. Massimiliano Oleotto Learning Objectives 2 Q1. What happens after the go-live of an ERP System? Q2. Who manages the ERP System? Q3. What Is ISs Security? G1. Let’s give the floor to … Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 3 A successful ERP System implementation does not end at go-live However, too many companies focus on the go-live rather than the years they will be using it An ERP System has a long life cycle – more than 10 years (!) And during this period it must be managed Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 4 Many companies implement an ERP system to meet today’s needs, not tomorrow’s → instead they should treat it as a plant that has to be constantly watered in order to obtain every possible fruit Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 5 There are 3 phases in managing an ERP System: • first stabilization → it normally lasts between three months and a year, depending on the success of the implementation • then maintenance → it begins after one year, and is characterized by an annual ERP maintenance fee • finally upgrade → it happens when the ERP vendor upgrades its system to a new version – an ERP System has an upgrade cycle of about 5 years Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 6 During stabilization, a company often experiences a fall in its performance due to the fine-tuning of the “to-be” Business Processes In this phase an evaluation of the ERP System should be performed at regular intervals to see if the benefits of its use have been achieved because: • • things certainly did not all go well (!) things that went wrong become the reason for improvement initiatives Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 7 The stabilization continues beyond the supporting phase of the ERP System implementation project Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 8 Typical maintenance activities include: • • • Software updates → ERP vendors are regularly updating their Software with new Best Practices and bug fixes preventive maintenance → there are scheduled tasks that must be performed to keep the system functioning properly – e.g. updating the DB metadata to keep it “fast” emergency maintenance → certain maintenance activities must be performed immediately due to their business impacts – e.g. fix a software bug that can have damaging effects Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 9 It is impossible for any ERP vendors to exhaustively test: • every combination of Software update • in every Module • for every configuration • against every possible combination of OS, DB, Other Applications, Hardware and Network So: • Software updates can lead to … problems (!) • and the responsibility to decide what updates to apply and when to apply them … falls to the company (!) Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 10 Maintenance costs can become very high and not only concern the annual ERP maintenance fee Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 11 Upgrading an ERP systems has: • a clear advantage → company benefits from the vendor’s R&D, which clearly improves system processes and functionalities • some hidden disadvantages: ➢ an upgrade implementation is similar to a new system implementation – the former is approximately one third of the latter ➢ employees can be tired of constantly adapting their actions to new functionalities and processes ➢ upgrade may not be compatible with the customizations done by the customer – they must be “aligned” to the new version of the system Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 12 Companies often delay upgrading an ERP system However, at some point, they have no choice … because they are forced to do so to continue to have vendor’s support Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 13 We have seen the selection, implementation and maintenance of an ERP System ... but what happens after 10 years? ... well, it’s time to select a new one (!) Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q1. What happens after the go-live of an ERP System? 14 Some ERP Systems can have very long life cycles (+20 years) just thanks to upgrades → so you don’t have to select a new one The most famous example is SAP S/4HANA, which has been on the market for... 50 years (!) Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Learning Objectives – Recap 1 15 Q1. What happens after the go-live of an ERP System? • • • After the ERP System implementation, there is the management of it – it lasts the entire life of the system, i.e. 10 years or more There are 3 phases in managing an ERP System: stabilization, maintenance and upgrade At the end of the ERP System life cycle, you have to... select a new one Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q2. Who manages the ERP System? 16 What is the company function that is responsible for the management of the ERP System, and more generally of all ISs? There are three possibilities: • • • IT department – the most common one, of course AFC department (!) BP department Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q2. Who manages the ERP System? 17 What is the IT department? … Yes, what is it? • • It is directed by CIO It has these main activities carried out by the IT staff: ▪ Network administration, company communication, application development, technical support, cyber security If the IT department is responsible for the management of all ISs, the approach to all IS management activities is always technical Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q2. Who manages the ERP System? 18 What is the AFC department? … Well, you know it (!) And you also know: • that it is directed by CFO • what the main activities carried out by the AFC staff are The AFC department can be responsible for the management of all ISs if it is responsible for IT department → in this case the approach to all IS management activities is always functional Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q2. Who manages the ERP System? 19 What is the BP department? … Yes, what is it? • • It is directed by CPO It has only one activity carried out by the BP staff that is … BPM The BP department can be responsible for the management of all ISs if it is responsible for IT department → in this case the approach to all IS management activities is always holistic This is the best option but also … the less common one (!) Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Learning Objectives – Recap 2 20 Q2. Who manages the ERP System? • • • The most common solution is to give the responsibility to the IT department → technical approach Another solution is to give it to the AFC department → functional approach The better solution – but the less common – is to give it to the BP department → both technical and functional approach, so holistic approach Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 21 We know that: • an IS contains company Data but also the ability to extract Information from them • the ISs allow company management by supporting its Business Processes Therefore, unauthorized access to the IS can result: • the (illegal) theft of company Data or even Information • the (illegal) damage of company Data or even of the IS that can compromise or block company management Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 22 ISs Security is the process of preventing unauthorized access to an IS for theft or damage of its Data It is a part of Cyber Security → it is the process of protecting the Computer system of an organization from: • • the theft or damage of its Hardware, Software, Networks but also Data the alteration or disruption of the services they provide Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 23 Today ISs Security – but in general Cyber Security – is one of the most important issues in organizations because Data has become the world’s most valuable resource … even for criminals (!) Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 24 There are some basic terms when it comes to Cyber Security: • • • a threat is a person or organization that seeks to obtain or alter Data or other assets illegally – e.g. your credit card a vulnerability is a weakness in the system that is an opportunity for threats to access individual or organizational Data or other assets – e.g. the online use of your credit card a safeguard is some measure that individuals or organizations take to block the threat – e.g. using only secure websites for credit card transactions Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 25 Of course … Cyber Security threat, i.e. a Computer crime, is one source of IS threat There are other two sources of IS threat: • a human error → it is simply an error in Data entry or an unintended deletion of Data or an unintended mistake • a natural disaster → like a flood, an hurricane, etc. However Cyber Security threat is the most dangerous one because there is someone with the intent to do something – even an employee who wishes to sabotage the organization (!) Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 26 ISs are very vulnerable to threats because: • Data is designed to be copied and shared easily • they use newer technologies that are often the less secure (!) So organizations must respond to IS security threats: • identifying vulnerabilities • implementing safeguards Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 27 There are four basic types of vulnerabilities: • unauthorized Data disclosure – e.g. phishing • incorrect Data modification – e.g. hackers that gain unauthorized access to the system and make changes to Data for … fun (!) • DOS – e.g. hacker attack that creates artificial traffic on the Network in order to slow or stop it • loss of infrastructure – e.g. Advanced Persistent Threat (APT) Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 28 There are three basic types of safeguards: • Technical → it’s the Computer side • Data → it’s the Information side • Human → it’s the Role side Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 29 Technical safeguards involves: • • • • identification and authorization → of a user thorough credentials (account and password), smart cards or even biometric devices encryption → i.e. process of transforming clear text into key coded text for secure storage or communication Firewalls → i.e. systems that prevent unauthorized Network access malware protection → i.e. protection against malicious Software that can cause disruption to computers and IS Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 30 Data safeguards involves: • • • • • data rights and responsibilities → of the user passwords → ensuring users are using correctly identification and authentication techniques encryption → of Data to prevent its sharing with untrusted people backup and recovery → performed regularly physical security → of all the Hardware used to store and process Data Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Q3. What is ISs Security? 31 Human safeguards involves: • • • • • employees → in creating security mindset, separating approvals and executions, managing hiring and firing, etc. nonemployees → when opening IS to temporary personnel or business partners – a contract should regulate appropriate security measures account admin → because he/she grants permissions backup and recovery → procedures used in the event of failure security monitoring → i.e. an ongoing process usually carried on with activity logs Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto Learning Objectives – Recap 3 32 Q3. What is ISs Security? • • • There are 3 possible IS threats: human error, natural disaster and... security, that is the most dangerous one because it is intentional ISs Security is the process of preventing unauthorized access to (illegally) steal or damage its Data – it’s a part of Cyber Security ISs Security first identifies vulnerabilities and then implements safeguards Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto G1. Let’s give the floor to … 33 … Stefano Del Fabbro, Head of Supply Chain Management Solutions at Quin Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto References 34 Course book: Earl McKinney Jr. • David M. Kroenke – Processes, Systems, and Information, An Introduction to MIS – Chapters 6-9, 12 ❑ Other books: Marianne Bradford – Modern ERP, select implement & use today's advanced business systems – Chapter 6 ❑ Massimiliano Oleotto – La mappa dei processi aziendali operativi nelle PMI, Come evitare di perdersi in azienda – Chapter 2 ❑ Organization and Information Systems | a.y. 2023-2024 | Diego Campagnolo – Massimiliano Oleotto

Managing ERP Systems: Stabilization to Upgrade PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue