Transition words essay writing: January 2020

Sunday, January 26, 2020

The Emergence of IT Governance in Greece

The Emergence of IT Governance in Greece Introduction The emergence of IT Governance The cases of Enron, Worldcom and other corporate and financial scandals in the early years of the century have raised the significance of corporate governance and control. Regulatory environments have been formed with quite distinctive characteristics, depending on the needs of each country, and the needs of specific industries. The implementation of the controls required by regulations such as Sarbanes Oxley for the publicly listed organisations in the U.S. and Basel II for European banks relies heavily on IT. That dependency, combined to the required controls on IT itself, have forced top-level executives to have a look towards the proper management and governance of the information and communication technologies that power their organisations. At the same time, the high percentage of failed IT projects, ranging between 60% and 90% depending on the definition of failure, has alarmed many executives who see their resources to be wasted on failed projects, to be followed by more failed projects. Clear decision processes and proper project management aiming at efficiency and effectiveness, are the obvious answers to the problem; both of which point directly to IT Governance. The high cost of IT investments, which is more than half of the annual CAPEX for most organisations, calls for control, accountability and risk management, not to mention cost reduction. Information security, industrial espionage, regulations for the confidentiality of the data and the privacy of employees and customers, are all gracefully handled by a proper IT Governance structure. These are only some of the reasons that have led quite a few organisations worldwide to add IT Governance in their board agenda. The status in Greece Greece has control regulations for specific industries only, such as telecommunications, an industry largely affected by the Hellenic authority for communication security and privacy. Other industries are affected by pan-European control regulations, such as banking industry that needs to comply with MIFID and Basel-II alongside the directives issued by the Bank of Greece. Finally, just a few companies are listed in foreign stock exchanges such as NYSE listed PTT, subsequently affected by the SOX act. Nevertheless, although the environment in Greece is complex, and the IT infrastructure is no simpler than any other countrys, there is no published empirical academic research on the status of IT Governance in Greece. Even surveys that are conducted in wider geographical areas and not to a specific country do not usually include Greece; probably because it is a small market. The only data that has been found are some papers mentioning the benefits of IT Governance, as taken from the international practice; the data though is not adapted to local needs and circumstances. Research Objectives This research, titled IT Governance in Greece: Status, Drivers and Barriers aims to evaluate and present the IT Governance related practices in Greece. What percentage of Greek companies are using IT Governance frameworks and best practices, which is the preferred framework between the two prevalent (ITIL and CobIT), and which is the decision model selected by the companies that employ IT Governance. An attempt will be made to find any relationships between these results, and the size of the organisation or the size of the IT department. The reasons for which Greek organisations select to implement or not an IT Governance framework will also be linked to that data and outsourcing strategies which are known to require careful governance will be evaluated. For the organisations that choose to not implement a formal governance framework, the barriers to implementation will be analysed, as well as the potential good practices which do not constitute a framework, nevertheless help to the prudent governance of an organisations IT assets and resources. The research questions that are expected to shed some light to the main areas of the status of IT Governance in Greece are formulated as follows: The penetration of ITIL and CobIT in Greece as IT Governance frameworks Which are the most common factors that prevent or delay the acceptance and deployment of an IT Governance framework (barriers)? Which are the most common reasons that led organisations to deploy, or plan the future deployment of an IT Governance framework (drivers)? Which (if any) are the management methods used if a full IT Governance framework is not deployed? Personal Interest The author has followed a career path in Information Technology for the last 15 years, acquiring positions of raising responsibilities. In alignment to that career path, the MBA was considered a good choice, providing a broader view on all areas of management such as organisational behaviour and culture, human relationships, finance and marketing, strategy and implementation. The subject of this dissertation combines the two worlds, that of management and of information technology, giving a more thorough and business oriented view to the authors subject of work. Beyond the obvious curiosity that is created by the lack of data in the Greek market in which the author lives and works, there has always been an interest in IT Governance, IT management and risk management, and this dissertation comes to cover at least some of these areas. Structure of the dissertation The rest of the dissertation has a typical structure the introduction that was just provided constitutes the chapter one. Chapter two provides a review of the existing literature and previous studies on IT Governance; that should form the basis for the research that was necessary for this dissertation. Chapter three analyses and justifies the methodology that was used for the sampling, the data collection and data analysis methods that were selected. This chapter also presents and analyses some limitations related to the methodology, and presents the ways in which these limitations may affect the data analysis and the conclusions. Chapter four is the data analysis, in which all data that were collected are analysed and presented, relations are drawn and comparisons to findings from previous research are performed in order to fully answer the research questions set in this dissertation. Chapter five draws on the conclusions of the previous chapter. It summarizes the research objectives, the findings and the implications of the results. Generalization issues and data validity is further discussed. This chapter provides also recommendations for future studies, identifying details that were not included in this survey and questions that have emerged from the results of the current dissertation. Finally, this chapter reflects on the dissertation, assessing the weaknesses of the work performed and the obstacles faced; it also identifies the areas in which the author has gained knowledge and experience. Literature Review Introduction A literature review is vital to any research project, in order to collect, present and critically analyse, what is already known in the subject under research. The evaluation of previous research leads to a better understanding of the subject, of the areas of consensus between academics and practitioners, and the points of conflict and potential gaps. Towards the answer of the status of IT Governance in Greece, an attempt will be made to explain the term IT Governance and clarify any misconceptions regarding IT Governance and IT Management. The different types of IT Governance models that have been developed in the past, along with the key roles in IT Governance, will be identified, presented and compared. The necessity for IT Governance as suggested in the literature will be evaluated, and the most commonly mentioned benefits and implementation barriers will be presented, in order to serve as potential answers to the questionnaire of the research. Previous reports on management methods that may be used instead of a full framework implementation will also be evaluated for the same reasons. The definition of IT Governance IT Governance is a subject that has gained significant focus during the last years. As a term, IT Governance, has too many definitions in the literature (Buckby, Best and Stewart, 2009; Lee and Lee, 2009; Lee, Lee and Lee, 2009). Simonsson and Ekstedt (2006) tried to find a common definition on 60 different relative articles; and came up with yet another definition, which includes many of the previous ones. The definitions used by researchers, depend on their view on what IT Governance can offer to an organisation. IT Governance is sometimes perceived as a framework or a process for auditing the use of the IT infrastructure and operations. Some other times sometimes it is perceived as an IT decision making tool which allocates the decision rights in order to encourage a predictable behaviour in the use of IT, while for others IT Governance is a branch of corporate governance focusing on the control and the strategic view of IT (Musson, 2009). Not few have used definitions that mix and match more than one of these views, such as Peterson (2004), Higgins and Sinclair (2008) and Simonsson and Johnson (2007). A definition that is, in the authors opinion, quite clear and inclusive, is the following: IT Governance is a framework for the leadership, organizational structures and business processes, standards and compliance to these standards, which ensures that the organizations IT supports and enables the achievement of its strategies and objectives. (Calder, 2007) Lee and Lee (2009) make the link of IT Governance with Corporate Governance. They suggest that IT Governance is a mix of Corporate Governance and IT Management; meaning that IT Governance addresses the transparency and control that corporate governance focuses upon, and the efficiency and effectiveness that IT management aims at. IT Governance as part of the corporate governance is also suggested by Peterson (2004), Bhatttacharjya and Chang (2009), ODonohue, Pye and Warren (2009). Several researchers have pointed out that IT Governance is not the same as IT Management. The former refers to the definition of who has the rights for major decision making, while the later refers to the actual making of the decisions and the implementation itself (Broadbend, cited in Buckby et al., 2009; Calder, 2009; Sambamurthy and Zmud, 1999; Toomey, 2009; Van Grembergen and De Haes, 2009). Regarding the subject and scope of IT Governance, the IT Governance Institute suggests five distinct but interacting domains: The Strategic Alignment, Value Delivery, Risk Management, Resource Management and Performance Management. The need for IT Governance The need for IT Governance has not been extensively debated; almost everybody agree that the proper governance of IT is necessary. The reasons though provided to support this argument vary, and the organisations do not seem to have been persuaded by that position. A quite common reason provided to support the necessity of IT Governance, is the increased complexity of the IT infrastructure that is caused by the amount of data that an organisation holds, and the role of this information (Laplante and Costello, 2006). IT is not only complex, but it also has its own fast changing and unique conditions, as such the need to apply sound management disciplines and controls is even greater (NCC, 2005). Risk management is one more reason for IT Governance. Risk is caused by the growing dependency of organisations on IT resources which should not be neglected; the percentage of companies that are vitally dependent on IT for their continuing operation, was over 75% in 2004 (KPMG, cited at Musson, 2009). That dependency makes the potential unavailability of IT based services a significant problem for organisations such as banks and hospitals. The lack of availability is not the only danger caused by that dependency; cyber crime, fraud, information inaccuracy are just a few more issues that need proper identification and management (Van Grembergen and De Haes 2009). Instead of implementing IT solutions, the focus now has shifted to changing the business processes, to be enabled by IT. The solutions implemented are generally more complex due to this shift, and subsequently there is a greater risk with the implementation of IT-enabled business processes (Higgins and Sinclair, 2008). From the management perspective, that dependency means that management needs to be more aware of the critical IT risks, and to be assured that they are adequately managed (NCC, 2005). High organisational performance is another reason found in the literature, although that one is debatable. Liew believes that IT Governance can ensure proper measurement and preservation of an achieved performance (cited at Bhattacharjya and Chang, 2009), nevertheless Young has pointed out through a literature review that there is no convincing evidence that superior business performance is a result of any of IT Governance guidelines (Young, 2006). Typically, IT investments are significantly high. They account for over 50% of the average organisations annual total capital investment (Baschab and Piot, 2007; Carr, 2003; Weill and Woodham, 2002), as such their management in a responsive, effective and efficient way is usually a requirement that should be set by the management board. On the monetary field, cost optimisation of the IT projects and service delivery, are also considered important issues by several researchers (Bhattacharjya and Chang, 2009; Fairchild et al, 2009; Menken, 2009; Peterson, 2004). The amount of money spent is important, but the need that the enterprises investment in IT is in harmony with its objectives is usually considered more significant (Buckby et al, 2009). This is called Business IT Alignment, which is a quite old issue; several studies from mid-80s have focused on the alignment of the IT operations with the business objectives (Brown and Magill, 1994). Some researchers do not agree with the need for the Business IT alignment at all (Sillince and Frost, 1995). Koh and Maguire (2009) also suggest that Business IT alignment maybe the wrong strategy for smaller businesses, which may be agile enough to change course quickly following the new ICT arrivals in the business. They also mention that Venkatraman questions the logic behind alignment; nevertheless, this is a false interpretation of Venkatramans study, who clearly states that IT needs to support the business logic. Carr (2003) has written one of the most controversial articles on the issue, statin g that IT is not able to provide the competitive advantage that organisations need. Laplante and Costello (2006) make clear that they do not agree with that view, while Harris, Herron and Iwanicki (2008) get the opportunity to provide metrics on the value that IT can provide, instead of just dismissing Carrs argument. According to a different should of thought, Business IT alignment has been identified as a significant management concern (Brown and Magill, 1994; Cameron, 2007; Kashanchi and Toland, 2006; Silvius, 2007) and effort is put in order to identify the potential benefits of Business IT alignment. In fact, a recent study by Nash (2009) proves a positive correlation between firm level sales and the so-called Strategic Alignment Maturity; i.e. the maturity level of the business IT alignment. By considering Business IT alignment as something that organisations want to achieve, it is yet another reason to exercise governance of the IT. The relationship between IT governance and Business IT alignment has been proven (BMC Software, 2007; Musson and Jordan, 2006). Additionally, IT governance is strongly suggested by researchers as the best option for the maintenance of the alignment of IT to the continuously evolving organisational needs (Cameron, 2007; Harris et al, 2008; Pultorak, 2006; Sambamurthy and Zmud, 1999). Although Business IT Alignment is a common issue, it puts IT in a passive role; it makes it a follower. Proper governance can transform IT from a follower to a leader; IT is able to set the business agenda and partially affect the organisations strategic objectives (Addy, 2007; Baschab and Piot, 2007; Weill and Woodham, 2002). A research by NCC (2005) has identified a potentially widening gap between what IT departments think the business requires, and what the business thinks the IT department is able to deliver. This can be addressed by IT Governance, through which an organisation wide view of IT may be generated and promoted (Laplante and Costello, 2006; Weill and Woodham, 2002). That means that IT should have a thorough understanding and a participation in the improvement of business processes and their interdependencies. The other way round is also important, i.e. organisations need to obtain a better understanding of the value delivered by IT, both internally and from external suppliers. Measures are required in business (the customers) terms to achieve this. Key elements for that understanding include the enterprise wide view of IT budget (Addy, 2007; Weill and Woodham, 2002). One more reason found in the literature to promote IT Governance, is the compliance to regulatory requirements. Specific legislation and regulatory requirements, such as Sarbanes Oxley Act (SOX) almost dictate the use of an IT governance framework (Buckby et al., 2009; Higgins and Sinclair, 2008). Others, such as HIPAA (Health Insurance Portability and Accountability Act) and Basel-II do not dictate, but certainly describe an IT Governance framework through their requirements for accountability on investments, information security and assurance, risk management and decision processes (Harris et al, 2008; Higgins and Sinclair, 2008; Pultorak, 2006; Network Frontiers, 2008; NCC, 2005; van Grembergen and De Haes, 2009). Yet another commonly stated key benefit of proper IT Governance is clear and transparent decision making regarding IT resources (Baschab and Piot, 2007; Brown and Grand, 2005; Lee and Lee, 2009; Tshinu, Botha and Herselman, 2008). The lack of clarity and transparency for the decision making process, can lead to reluctance to take risks, and subsequently failure to seize technology opportunities (NCC, 2005) Separate decision processes followed by the IT and business, may mean that there is not enough shared ownership and clarity of resources, which also means that there may be a lack of accountability. IT Governance models Although IT Governance sets the decision making process, it does not define who decides. IT Governance decision authorities may be structured in different models, depending on the organisation. The three prevailing ones are the centralized, decentralized and federal (hybrid) according to their modes of distributing authorities and responsibilities for decision-making (Brown and Magill, 1994; Fairchild et al, 2009; Peterson, 2004; Sambamurthy and Zmud, 1999), while the pair of centralized / decentralized may also be found as the only choices (Laplante and Costello, 2006; Robb and Parent, 2009). Ross and Weill (2002) and Cameron (2007) expressed their quite strong preference on centralized IT Governance model, i.e. decisions being made centrally, but Ross and Weill revisited that view in 2004; they suggested that there are six (6) archetypes / models of IT Governance, on 5 different IT domains. From more centralised to less centralised, they identified Business monarchy, IT monarchy, Federal, IT Duopoly, Feudal and Anarchy. The two monarchies are quite clear, meaning that Business or IT respectively has the major responsibility for decisions. Anarchy is quite clear as well, meaning that there is no standardization. Federal and IT duopoly involve business executives and IT executives in the decision making process, with federal to give more power to the business than IT duopoly. Finally, feudal archetype brings the decision level down to business units or processes. The IT domains on which decisions need to be made, are IT principles such as funding and role of the IT in the business, IT Architecture which refers to the identification and development of the core business processes of the enterprise and relative information, IT infrastructure, business application needs such as the owner of the outcome of each project and IT investment and prioritization. That model classification from Ross and Weill is unique; as stated earlier, most other researchers have selected a simpler classification scheme. Ein-Dor and Segev (cited at Tavakolian, 1989) found that the revenue of the organisation is positively related to centralized IT Governance but there is no relation between the governance model and the size of the organisation. There is empirical proof that a link between the IT structure with the organisational competitive strategy exists; conservative organisations are more centralised than aggressive ones (Tavakolian, 1989). These results are supported by more recent research with consistent findings; Weill and Woodham (2002) and Weill and Ross (2004) found that top performing firms on profit were mostly centralized, while top performers on growth were mostly decentralized. A link between the organisations industry type and level of de-centralization of IT Governance has not been found (Ahituv et al, cited at Brown and Grant, 2005). It has to be noted that the model of IT Governance in an organisation may also be dictated by external factors, such as SOX which promotes a centralized IT Governance model, while Australian governance frameworks (mainly, AS 8015) drive the organisations towards a de-centralized IT Governance model (Robb and Parent, 2009). IT Governance Frameworks Information Technology Infrastructure Library The Information Technology Infrastructure Library (ITIL) is a framework of best practices for IT Service Management. It is comprised of five books which focus on five different aspects of IT Service Management and Service Lifecycle: Service Strategy Service Design Service Transition Service Operation Continual Service Improvement Each one of the books, defines a set of processes such as IT Financial Management, Supplier Management, Change Management, Incident Management and Service Measurement and Reporting; a total of 23 processes are defined with a set of actions and roles required for each process. The definition of several of the processes and the subsequent roles is consistent with the IT Governance definition we used earlier; nevertheless a big amount of the defined processes such as event management and validation and testing, are much more focused on the management part than to that of the governance. ITIL is considered to be the framework that is closer to service management than control, from the other two frameworks, CobIT and ISO/IEC 38500:2008 and has a more narrow scope than CobIT (Van Grembergen and De Haes, 2009; Simonsson and Ekstedt, 2006; Simonsson, Johnson and WijkstrÃƒ ¶m, 2007; SallÃƒ ©, 2004; McBride, 2009). That focus of ITIL to service delivery and management was more obvious in version 2, which did not address issues such as Risk Management, Performance Monitoring and IT Governance (generic strategic direction and alignment) at all. As such it was mostly perceived as a framework for service desk management. Although the effectiveness of ITIL version 2 to the alignment of IT with business objectives has been repeatedly pointed out (BMC Software, 2007; Harris et al, 2008; Pultorak, 2006) and even experimentally proven (Kashanchi and Toland, 2006), it was never the primary driver for ITIL adaptation. A survey conducted by Bruton Consultancy for the Helpdesk Institute Europe (now renamed as Service Desk Institute) for the value that ITIL has brought in companies that have implemented it, indicated that the contribution of ITIL to the business strategy was not even considered as an issue by the majority of the correspondents (70%). The same holds for the perception of the participants on t he competitive advantage that may be provided by proper IT management through ITIL. More than half (66%) responded that this was not considered in the decision for ITIL implementation (Bruton, 2005). With version 3, ITIL gained a broader scope than version 2 and added significant emphasis on business strategy. That change, led some IT management consultants to declare ITIL version 3 as inappropriate for helpdesk and service management processes (Bruton, 2007), not strange since version 2 focused on processes while version 3 focuses on Business Value (Harris et al, 2008). Beyond the not strategic enough type of criticism, ITIL has also been criticised as a flawed and uneven framework. Dean Meyer identifies pitfalls in its implementation; nevertheless, he also states that it is an implementation issue and not a framework issue (Meyer, 2009 web site). ITIL has also been characterized as a too generic framework, which is not able to provide value if used off-the-shelf without significant adaptations (Baschab and Piot, 2007), an unfair criticism as ITIL is promoted as a set of best practices, not as a complete, fits-all framework. This concession should invalidate yet another criticism raised by Simonsson (2008), the lack of a maturity model. Another criticism of ITIL is that the documentation is not free (Bhattacharjya and Chang, 2009). That is a valid point, nevertheless the cost of the books is quite low for companies (less than Ã‚ £400 for the whole set). Other criticisms include the stifling of the creativity of those who implement it, and that it b ecomes a goal by itself having a heavy administrative burden (Addy, 2007). All these points are valid, but they can be attributed to the extension of ITIL. Control Objectives for Information and related Technology Control Objectives for information and related Technology (CobIT) is a control framework developed by the IT Governance Institute. CobIT defines processes and controls, and uses the grouping of activities in four domains: Plan and Organise Acquire and Implement Deliver and Support Monitor and Evaluate Each domain contains a set of processes, 34 at total, and each process defines specific controls, which sum up to 210 for all processes. CobIT defines inputs and outputs, as well as a maturity model for each process, making the control of compliance a very easy task. RACI (responsible, accountable, consulted and informed) charts are also provided, drawing a clear guideline on who should be involved in every process step. Goals and metrics, in the form of outcome measures (key goal indicators KGIs) and performance indicators (key performance indicators KPIs) respectively are also provided, mapping business goals to IT goals, which can be achieved by one, or the interaction of several processes. CobIT is generally used where there is a need for auditing functions, in comparison with ITIL, which is better suited to operational process improvement (ODonohue et al, 2009). In contrast to ITIL, CobIT has extensive documentation available free of charge, including the framework itself and several case studies. Several implementation documents though are only available for purchase, such as CobIT Quickstart, while others are available free for ISACA members or for purchase for non-members such as Security Baseline and User Guide for Service Managers. Several consultants and practitioners criticise CobIT that it only states the obvious, that it is very high level, is only a generic framework and does not provide specific and repeatable implementation steps (Culmsee, 2009; Toigo, 2005). This is not a common view, as others find CobIT to be quite prescriptive (Pultorak, 2006; Robb and Parent, 2009). That may be explained by the fact that although CobIT framework itself is indeed high level, a different publication is provided by ISACA, named CobIT Control Practices which is quite prescriptive. Academics criticise CobIT as providing little support for improved decision making, although many metrics are defined (Simonsson and Johnson, 2006). Others state that CobIT is expressed almost entirely in terms of process, focusing on how to govern but not what to govern (Lee et al, 2009). Another criticism states that CobIT is significantly more focused on auditing, largely ignoring other aspects of governance such as software development an d service delivery (NetFrontiers, 2005). CobIT is also characterized as a framework that needs significant knowledge and know how for a successful implementation (Simonsson et al, 2007), and that it takes time to introduce solid IT Governance through it (Rogers, 2009); although the opposite would be strange, given the wide area of processes and functions that CobIT addresses. Finally, while ITIL is known as the framework that guides you on how to get where you want to be, CobIT merely focuses on where you should be; that may be good or bad, depending on ones point of view and needs. ISO / IEC 38500:2008 The International Organization for Standardization (ISO) attempted to solve the confusion between IT Management and IT Governance, and at the same time provide guiding principles on IT Governance, in the recently published ISO/IEC 38500:2008. Because ISO/IEC 38500 establishes principles to guide the behaviour of organisations, it complements frameworks that focus on process, such as ITIL and COBIT. Thus, with the right frameworks or processes, complemented by the right behaviours, organisations are more likely to establish highly effective systems of governance. After all, it has been stated that ITIL and CobIT are not mutually exclusive; they are rather complementary and organisations will probably benefit from a mixed approach, adopting what is more applicable in every case, from the two frameworks (Chickowsky, cited at Bhattacharjya and Chang, 2009). ISO/IEC 38500 can also be combined with these two and ITGI has even issued a specific document demonstrating how and which specific CobIT and ValIT controls support the adoption of the standards principles and implementation approach. Nevertheless, ISO/IEC 38500:2008 is very recent to be evaluated. As of the time of conducting this research, there is not enough information on the implementation, benefits or drawbacks of ISO 38500:2008. Common drivers for IT Governance implementation While the need for IT Governance has well been described, the benefits sought, i.e. the reasons for the implementation of an IT Governance framework vary, sometimes depending on the point of view of the observer. As drivers, we consider the motivator factors, which may lead an organisation to the implementation of an IT Governance framework. For IT Managers, IT Governance is a mechanism for the alignment of the IT with business on the projects that are going to be pursuit. For IT Auditors, it is mainly a control mechanism that can help them achieve compliance with regulations, and to manage the risks that are related to IT projects better. For IT Service management professionals, IT Governance ensures that not only the IT services offered are aligned to the current and future business needs, but they are also managed for efficiency, effectiveness and specific quality objectives (Pultorak, 2006). Recent surveys have indicated that the most important benefits expected from the implementation of an IT Governance framework are proper risk management, the resource management of IT, the performance measurement of IT and the business IT alignment. Along these, cost reduction, productivity improvements and organisation wide view of IT are commonly mentioned. (ITGI, 2008; BMC Software, 2007; Milne and Bowles, 2009; Yanosky and McCredie The Emergence of IT Governance in Greece The Emergence of IT Governance in Greece Introduction The emergence of IT Governance The cases of Enron, Worldcom and other corporate and financial scandals in the early years of the century have raised the significance of corporate governance and control. Regulatory environments have been formed with quite distinctive characteristics, depending on the needs of each country, and the needs of specific industries. The implementation of the controls required by regulations such as Sarbanes Oxley for the publicly listed organisations in the U.S. and Basel II for European banks relies heavily on IT. That dependency, combined to the required controls on IT itself, have forced top-level executives to have a look towards the proper management and governance of the information and communication technologies that power their organisations. At the same time, the high percentage of failed IT projects, ranging between 60% and 90% depending on the definition of failure, has alarmed many executives who see their resources to be wasted on failed projects, to be followed by more failed projects. Clear decision processes and proper project management aiming at efficiency and effectiveness, are the obvious answers to the problem; both of which point directly to IT Governance. The high cost of IT investments, which is more than half of the annual CAPEX for most organisations, calls for control, accountability and risk management, not to mention cost reduction. Information security, industrial espionage, regulations for the confidentiality of the data and the privacy of employees and customers, are all gracefully handled by a proper IT Governance structure. These are only some of the reasons that have led quite a few organisations worldwide to add IT Governance in their board agenda. The status in Greece Greece has control regulations for specific industries only, such as telecommunications, an industry largely affected by the Hellenic authority for communication security and privacy. Other industries are affected by pan-European control regulations, such as banking industry that needs to comply with MIFID and Basel-II alongside the directives issued by the Bank of Greece. Finally, just a few companies are listed in foreign stock exchanges such as NYSE listed PTT, subsequently affected by the SOX act. Nevertheless, although the environment in Greece is complex, and the IT infrastructure is no simpler than any other countrys, there is no published empirical academic research on the status of IT Governance in Greece. Even surveys that are conducted in wider geographical areas and not to a specific country do not usually include Greece; probably because it is a small market. The only data that has been found are some papers mentioning the benefits of IT Governance, as taken from the international practice; the data though is not adapted to local needs and circumstances. Research Objectives This research, titled IT Governance in Greece: Status, Drivers and Barriers aims to evaluate and present the IT Governance related practices in Greece. What percentage of Greek companies are using IT Governance frameworks and best practices, which is the preferred framework between the two prevalent (ITIL and CobIT), and which is the decision model selected by the companies that employ IT Governance. An attempt will be made to find any relationships between these results, and the size of the organisation or the size of the IT department. The reasons for which Greek organisations select to implement or not an IT Governance framework will also be linked to that data and outsourcing strategies which are known to require careful governance will be evaluated. For the organisations that choose to not implement a formal governance framework, the barriers to implementation will be analysed, as well as the potential good practices which do not constitute a framework, nevertheless help to the prudent governance of an organisations IT assets and resources. The research questions that are expected to shed some light to the main areas of the status of IT Governance in Greece are formulated as follows: The penetration of ITIL and CobIT in Greece as IT Governance frameworks Which are the most common factors that prevent or delay the acceptance and deployment of an IT Governance framework (barriers)? Which are the most common reasons that led organisations to deploy, or plan the future deployment of an IT Governance framework (drivers)? Which (if any) are the management methods used if a full IT Governance framework is not deployed? Personal Interest The author has followed a career path in Information Technology for the last 15 years, acquiring positions of raising responsibilities. In alignment to that career path, the MBA was considered a good choice, providing a broader view on all areas of management such as organisational behaviour and culture, human relationships, finance and marketing, strategy and implementation. The subject of this dissertation combines the two worlds, that of management and of information technology, giving a more thorough and business oriented view to the authors subject of work. Beyond the obvious curiosity that is created by the lack of data in the Greek market in which the author lives and works, there has always been an interest in IT Governance, IT management and risk management, and this dissertation comes to cover at least some of these areas. Structure of the dissertation The rest of the dissertation has a typical structure the introduction that was just provided constitutes the chapter one. Chapter two provides a review of the existing literature and previous studies on IT Governance; that should form the basis for the research that was necessary for this dissertation. Chapter three analyses and justifies the methodology that was used for the sampling, the data collection and data analysis methods that were selected. This chapter also presents and analyses some limitations related to the methodology, and presents the ways in which these limitations may affect the data analysis and the conclusions. Chapter four is the data analysis, in which all data that were collected are analysed and presented, relations are drawn and comparisons to findings from previous research are performed in order to fully answer the research questions set in this dissertation. Chapter five draws on the conclusions of the previous chapter. It summarizes the research objectives, the findings and the implications of the results. Generalization issues and data validity is further discussed. This chapter provides also recommendations for future studies, identifying details that were not included in this survey and questions that have emerged from the results of the current dissertation. Finally, this chapter reflects on the dissertation, assessing the weaknesses of the work performed and the obstacles faced; it also identifies the areas in which the author has gained knowledge and experience. Literature Review Introduction A literature review is vital to any research project, in order to collect, present and critically analyse, what is already known in the subject under research. The evaluation of previous research leads to a better understanding of the subject, of the areas of consensus between academics and practitioners, and the points of conflict and potential gaps. Towards the answer of the status of IT Governance in Greece, an attempt will be made to explain the term IT Governance and clarify any misconceptions regarding IT Governance and IT Management. The different types of IT Governance models that have been developed in the past, along with the key roles in IT Governance, will be identified, presented and compared. The necessity for IT Governance as suggested in the literature will be evaluated, and the most commonly mentioned benefits and implementation barriers will be presented, in order to serve as potential answers to the questionnaire of the research. Previous reports on management methods that may be used instead of a full framework implementation will also be evaluated for the same reasons. The definition of IT Governance IT Governance is a subject that has gained significant focus during the last years. As a term, IT Governance, has too many definitions in the literature (Buckby, Best and Stewart, 2009; Lee and Lee, 2009; Lee, Lee and Lee, 2009). Simonsson and Ekstedt (2006) tried to find a common definition on 60 different relative articles; and came up with yet another definition, which includes many of the previous ones. The definitions used by researchers, depend on their view on what IT Governance can offer to an organisation. IT Governance is sometimes perceived as a framework or a process for auditing the use of the IT infrastructure and operations. Some other times sometimes it is perceived as an IT decision making tool which allocates the decision rights in order to encourage a predictable behaviour in the use of IT, while for others IT Governance is a branch of corporate governance focusing on the control and the strategic view of IT (Musson, 2009). Not few have used definitions that mix and match more than one of these views, such as Peterson (2004), Higgins and Sinclair (2008) and Simonsson and Johnson (2007). A definition that is, in the authors opinion, quite clear and inclusive, is the following: IT Governance is a framework for the leadership, organizational structures and business processes, standards and compliance to these standards, which ensures that the organizations IT supports and enables the achievement of its strategies and objectives. (Calder, 2007) Lee and Lee (2009) make the link of IT Governance with Corporate Governance. They suggest that IT Governance is a mix of Corporate Governance and IT Management; meaning that IT Governance addresses the transparency and control that corporate governance focuses upon, and the efficiency and effectiveness that IT management aims at. IT Governance as part of the corporate governance is also suggested by Peterson (2004), Bhatttacharjya and Chang (2009), ODonohue, Pye and Warren (2009). Several researchers have pointed out that IT Governance is not the same as IT Management. The former refers to the definition of who has the rights for major decision making, while the later refers to the actual making of the decisions and the implementation itself (Broadbend, cited in Buckby et al., 2009; Calder, 2009; Sambamurthy and Zmud, 1999; Toomey, 2009; Van Grembergen and De Haes, 2009). Regarding the subject and scope of IT Governance, the IT Governance Institute suggests five distinct but interacting domains: The Strategic Alignment, Value Delivery, Risk Management, Resource Management and Performance Management. The need for IT Governance The need for IT Governance has not been extensively debated; almost everybody agree that the proper governance of IT is necessary. The reasons though provided to support this argument vary, and the organisations do not seem to have been persuaded by that position. A quite common reason provided to support the necessity of IT Governance, is the increased complexity of the IT infrastructure that is caused by the amount of data that an organisation holds, and the role of this information (Laplante and Costello, 2006). IT is not only complex, but it also has its own fast changing and unique conditions, as such the need to apply sound management disciplines and controls is even greater (NCC, 2005). Risk management is one more reason for IT Governance. Risk is caused by the growing dependency of organisations on IT resources which should not be neglected; the percentage of companies that are vitally dependent on IT for their continuing operation, was over 75% in 2004 (KPMG, cited at Musson, 2009). That dependency makes the potential unavailability of IT based services a significant problem for organisations such as banks and hospitals. The lack of availability is not the only danger caused by that dependency; cyber crime, fraud, information inaccuracy are just a few more issues that need proper identification and management (Van Grembergen and De Haes 2009). Instead of implementing IT solutions, the focus now has shifted to changing the business processes, to be enabled by IT. The solutions implemented are generally more complex due to this shift, and subsequently there is a greater risk with the implementation of IT-enabled business processes (Higgins and Sinclair, 2008). From the management perspective, that dependency means that management needs to be more aware of the critical IT risks, and to be assured that they are adequately managed (NCC, 2005). High organisational performance is another reason found in the literature, although that one is debatable. Liew believes that IT Governance can ensure proper measurement and preservation of an achieved performance (cited at Bhattacharjya and Chang, 2009), nevertheless Young has pointed out through a literature review that there is no convincing evidence that superior business performance is a result of any of IT Governance guidelines (Young, 2006). Typically, IT investments are significantly high. They account for over 50% of the average organisations annual total capital investment (Baschab and Piot, 2007; Carr, 2003; Weill and Woodham, 2002), as such their management in a responsive, effective and efficient way is usually a requirement that should be set by the management board. On the monetary field, cost optimisation of the IT projects and service delivery, are also considered important issues by several researchers (Bhattacharjya and Chang, 2009; Fairchild et al, 2009; Menken, 2009; Peterson, 2004). The amount of money spent is important, but the need that the enterprises investment in IT is in harmony with its objectives is usually considered more significant (Buckby et al, 2009). This is called Business IT Alignment, which is a quite old issue; several studies from mid-80s have focused on the alignment of the IT operations with the business objectives (Brown and Magill, 1994). Some researchers do not agree with the need for the Business IT alignment at all (Sillince and Frost, 1995). Koh and Maguire (2009) also suggest that Business IT alignment maybe the wrong strategy for smaller businesses, which may be agile enough to change course quickly following the new ICT arrivals in the business. They also mention that Venkatraman questions the logic behind alignment; nevertheless, this is a false interpretation of Venkatramans study, who clearly states that IT needs to support the business logic. Carr (2003) has written one of the most controversial articles on the issue, statin g that IT is not able to provide the competitive advantage that organisations need. Laplante and Costello (2006) make clear that they do not agree with that view, while Harris, Herron and Iwanicki (2008) get the opportunity to provide metrics on the value that IT can provide, instead of just dismissing Carrs argument. According to a different should of thought, Business IT alignment has been identified as a significant management concern (Brown and Magill, 1994; Cameron, 2007; Kashanchi and Toland, 2006; Silvius, 2007) and effort is put in order to identify the potential benefits of Business IT alignment. In fact, a recent study by Nash (2009) proves a positive correlation between firm level sales and the so-called Strategic Alignment Maturity; i.e. the maturity level of the business IT alignment. By considering Business IT alignment as something that organisations want to achieve, it is yet another reason to exercise governance of the IT. The relationship between IT governance and Business IT alignment has been proven (BMC Software, 2007; Musson and Jordan, 2006). Additionally, IT governance is strongly suggested by researchers as the best option for the maintenance of the alignment of IT to the continuously evolving organisational needs (Cameron, 2007; Harris et al, 2008; Pultorak, 2006; Sambamurthy and Zmud, 1999). Although Business IT Alignment is a common issue, it puts IT in a passive role; it makes it a follower. Proper governance can transform IT from a follower to a leader; IT is able to set the business agenda and partially affect the organisations strategic objectives (Addy, 2007; Baschab and Piot, 2007; Weill and Woodham, 2002). A research by NCC (2005) has identified a potentially widening gap between what IT departments think the business requires, and what the business thinks the IT department is able to deliver. This can be addressed by IT Governance, through which an organisation wide view of IT may be generated and promoted (Laplante and Costello, 2006; Weill and Woodham, 2002). That means that IT should have a thorough understanding and a participation in the improvement of business processes and their interdependencies. The other way round is also important, i.e. organisations need to obtain a better understanding of the value delivered by IT, both internally and from external suppliers. Measures are required in business (the customers) terms to achieve this. Key elements for that understanding include the enterprise wide view of IT budget (Addy, 2007; Weill and Woodham, 2002). One more reason found in the literature to promote IT Governance, is the compliance to regulatory requirements. Specific legislation and regulatory requirements, such as Sarbanes Oxley Act (SOX) almost dictate the use of an IT governance framework (Buckby et al., 2009; Higgins and Sinclair, 2008). Others, such as HIPAA (Health Insurance Portability and Accountability Act) and Basel-II do not dictate, but certainly describe an IT Governance framework through their requirements for accountability on investments, information security and assurance, risk management and decision processes (Harris et al, 2008; Higgins and Sinclair, 2008; Pultorak, 2006; Network Frontiers, 2008; NCC, 2005; van Grembergen and De Haes, 2009). Yet another commonly stated key benefit of proper IT Governance is clear and transparent decision making regarding IT resources (Baschab and Piot, 2007; Brown and Grand, 2005; Lee and Lee, 2009; Tshinu, Botha and Herselman, 2008). The lack of clarity and transparency for the decision making process, can lead to reluctance to take risks, and subsequently failure to seize technology opportunities (NCC, 2005) Separate decision processes followed by the IT and business, may mean that there is not enough shared ownership and clarity of resources, which also means that there may be a lack of accountability. IT Governance models Although IT Governance sets the decision making process, it does not define who decides. IT Governance decision authorities may be structured in different models, depending on the organisation. The three prevailing ones are the centralized, decentralized and federal (hybrid) according to their modes of distributing authorities and responsibilities for decision-making (Brown and Magill, 1994; Fairchild et al, 2009; Peterson, 2004; Sambamurthy and Zmud, 1999), while the pair of centralized / decentralized may also be found as the only choices (Laplante and Costello, 2006; Robb and Parent, 2009). Ross and Weill (2002) and Cameron (2007) expressed their quite strong preference on centralized IT Governance model, i.e. decisions being made centrally, but Ross and Weill revisited that view in 2004; they suggested that there are six (6) archetypes / models of IT Governance, on 5 different IT domains. From more centralised to less centralised, they identified Business monarchy, IT monarchy, Federal, IT Duopoly, Feudal and Anarchy. The two monarchies are quite clear, meaning that Business or IT respectively has the major responsibility for decisions. Anarchy is quite clear as well, meaning that there is no standardization. Federal and IT duopoly involve business executives and IT executives in the decision making process, with federal to give more power to the business than IT duopoly. Finally, feudal archetype brings the decision level down to business units or processes. The IT domains on which decisions need to be made, are IT principles such as funding and role of the IT in the business, IT Architecture which refers to the identification and development of the core business processes of the enterprise and relative information, IT infrastructure, business application needs such as the owner of the outcome of each project and IT investment and prioritization. That model classification from Ross and Weill is unique; as stated earlier, most other researchers have selected a simpler classification scheme. Ein-Dor and Segev (cited at Tavakolian, 1989) found that the revenue of the organisation is positively related to centralized IT Governance but there is no relation between the governance model and the size of the organisation. There is empirical proof that a link between the IT structure with the organisational competitive strategy exists; conservative organisations are more centralised than aggressive ones (Tavakolian, 1989). These results are supported by more recent research with consistent findings; Weill and Woodham (2002) and Weill and Ross (2004) found that top performing firms on profit were mostly centralized, while top performers on growth were mostly decentralized. A link between the organisations industry type and level of de-centralization of IT Governance has not been found (Ahituv et al, cited at Brown and Grant, 2005). It has to be noted that the model of IT Governance in an organisation may also be dictated by external factors, such as SOX which promotes a centralized IT Governance model, while Australian governance frameworks (mainly, AS 8015) drive the organisations towards a de-centralized IT Governance model (Robb and Parent, 2009). IT Governance Frameworks Information Technology Infrastructure Library The Information Technology Infrastructure Library (ITIL) is a framework of best practices for IT Service Management. It is comprised of five books which focus on five different aspects of IT Service Management and Service Lifecycle: Service Strategy Service Design Service Transition Service Operation Continual Service Improvement Each one of the books, defines a set of processes such as IT Financial Management, Supplier Management, Change Management, Incident Management and Service Measurement and Reporting; a total of 23 processes are defined with a set of actions and roles required for each process. The definition of several of the processes and the subsequent roles is consistent with the IT Governance definition we used earlier; nevertheless a big amount of the defined processes such as event management and validation and testing, are much more focused on the management part than to that of the governance. ITIL is considered to be the framework that is closer to service management than control, from the other two frameworks, CobIT and ISO/IEC 38500:2008 and has a more narrow scope than CobIT (Van Grembergen and De Haes, 2009; Simonsson and Ekstedt, 2006; Simonsson, Johnson and WijkstrÃƒ ¶m, 2007; SallÃƒ ©, 2004; McBride, 2009). That focus of ITIL to service delivery and management was more obvious in version 2, which did not address issues such as Risk Management, Performance Monitoring and IT Governance (generic strategic direction and alignment) at all. As such it was mostly perceived as a framework for service desk management. Although the effectiveness of ITIL version 2 to the alignment of IT with business objectives has been repeatedly pointed out (BMC Software, 2007; Harris et al, 2008; Pultorak, 2006) and even experimentally proven (Kashanchi and Toland, 2006), it was never the primary driver for ITIL adaptation. A survey conducted by Bruton Consultancy for the Helpdesk Institute Europe (now renamed as Service Desk Institute) for the value that ITIL has brought in companies that have implemented it, indicated that the contribution of ITIL to the business strategy was not even considered as an issue by the majority of the correspondents (70%). The same holds for the perception of the participants on t he competitive advantage that may be provided by proper IT management through ITIL. More than half (66%) responded that this was not considered in the decision for ITIL implementation (Bruton, 2005). With version 3, ITIL gained a broader scope than version 2 and added significant emphasis on business strategy. That change, led some IT management consultants to declare ITIL version 3 as inappropriate for helpdesk and service management processes (Bruton, 2007), not strange since version 2 focused on processes while version 3 focuses on Business Value (Harris et al, 2008). Beyond the not strategic enough type of criticism, ITIL has also been criticised as a flawed and uneven framework. Dean Meyer identifies pitfalls in its implementation; nevertheless, he also states that it is an implementation issue and not a framework issue (Meyer, 2009 web site). ITIL has also been characterized as a too generic framework, which is not able to provide value if used off-the-shelf without significant adaptations (Baschab and Piot, 2007), an unfair criticism as ITIL is promoted as a set of best practices, not as a complete, fits-all framework. This concession should invalidate yet another criticism raised by Simonsson (2008), the lack of a maturity model. Another criticism of ITIL is that the documentation is not free (Bhattacharjya and Chang, 2009). That is a valid point, nevertheless the cost of the books is quite low for companies (less than Ã‚ £400 for the whole set). Other criticisms include the stifling of the creativity of those who implement it, and that it b ecomes a goal by itself having a heavy administrative burden (Addy, 2007). All these points are valid, but they can be attributed to the extension of ITIL. Control Objectives for Information and related Technology Control Objectives for information and related Technology (CobIT) is a control framework developed by the IT Governance Institute. CobIT defines processes and controls, and uses the grouping of activities in four domains: Plan and Organise Acquire and Implement Deliver and Support Monitor and Evaluate Each domain contains a set of processes, 34 at total, and each process defines specific controls, which sum up to 210 for all processes. CobIT defines inputs and outputs, as well as a maturity model for each process, making the control of compliance a very easy task. RACI (responsible, accountable, consulted and informed) charts are also provided, drawing a clear guideline on who should be involved in every process step. Goals and metrics, in the form of outcome measures (key goal indicators KGIs) and performance indicators (key performance indicators KPIs) respectively are also provided, mapping business goals to IT goals, which can be achieved by one, or the interaction of several processes. CobIT is generally used where there is a need for auditing functions, in comparison with ITIL, which is better suited to operational process improvement (ODonohue et al, 2009). In contrast to ITIL, CobIT has extensive documentation available free of charge, including the framework itself and several case studies. Several implementation documents though are only available for purchase, such as CobIT Quickstart, while others are available free for ISACA members or for purchase for non-members such as Security Baseline and User Guide for Service Managers. Several consultants and practitioners criticise CobIT that it only states the obvious, that it is very high level, is only a generic framework and does not provide specific and repeatable implementation steps (Culmsee, 2009; Toigo, 2005). This is not a common view, as others find CobIT to be quite prescriptive (Pultorak, 2006; Robb and Parent, 2009). That may be explained by the fact that although CobIT framework itself is indeed high level, a different publication is provided by ISACA, named CobIT Control Practices which is quite prescriptive. Academics criticise CobIT as providing little support for improved decision making, although many metrics are defined (Simonsson and Johnson, 2006). Others state that CobIT is expressed almost entirely in terms of process, focusing on how to govern but not what to govern (Lee et al, 2009). Another criticism states that CobIT is significantly more focused on auditing, largely ignoring other aspects of governance such as software development an d service delivery (NetFrontiers, 2005). CobIT is also characterized as a framework that needs significant knowledge and know how for a successful implementation (Simonsson et al, 2007), and that it takes time to introduce solid IT Governance through it (Rogers, 2009); although the opposite would be strange, given the wide area of processes and functions that CobIT addresses. Finally, while ITIL is known as the framework that guides you on how to get where you want to be, CobIT merely focuses on where you should be; that may be good or bad, depending on ones point of view and needs. ISO / IEC 38500:2008 The International Organization for Standardization (ISO) attempted to solve the confusion between IT Management and IT Governance, and at the same time provide guiding principles on IT Governance, in the recently published ISO/IEC 38500:2008. Because ISO/IEC 38500 establishes principles to guide the behaviour of organisations, it complements frameworks that focus on process, such as ITIL and COBIT. Thus, with the right frameworks or processes, complemented by the right behaviours, organisations are more likely to establish highly effective systems of governance. After all, it has been stated that ITIL and CobIT are not mutually exclusive; they are rather complementary and organisations will probably benefit from a mixed approach, adopting what is more applicable in every case, from the two frameworks (Chickowsky, cited at Bhattacharjya and Chang, 2009). ISO/IEC 38500 can also be combined with these two and ITGI has even issued a specific document demonstrating how and which specific CobIT and ValIT controls support the adoption of the standards principles and implementation approach. Nevertheless, ISO/IEC 38500:2008 is very recent to be evaluated. As of the time of conducting this research, there is not enough information on the implementation, benefits or drawbacks of ISO 38500:2008. Common drivers for IT Governance implementation While the need for IT Governance has well been described, the benefits sought, i.e. the reasons for the implementation of an IT Governance framework vary, sometimes depending on the point of view of the observer. As drivers, we consider the motivator factors, which may lead an organisation to the implementation of an IT Governance framework. For IT Managers, IT Governance is a mechanism for the alignment of the IT with business on the projects that are going to be pursuit. For IT Auditors, it is mainly a control mechanism that can help them achieve compliance with regulations, and to manage the risks that are related to IT projects better. For IT Service management professionals, IT Governance ensures that not only the IT services offered are aligned to the current and future business needs, but they are also managed for efficiency, effectiveness and specific quality objectives (Pultorak, 2006). Recent surveys have indicated that the most important benefits expected from the implementation of an IT Governance framework are proper risk management, the resource management of IT, the performance measurement of IT and the business IT alignment. Along these, cost reduction, productivity improvements and organisation wide view of IT are commonly mentioned. (ITGI, 2008; BMC Software, 2007; Milne and Bowles, 2009; Yanosky and McCredie

Saturday, January 18, 2020

Zombie Survival Guide

Our world has experienced many pandemics over the course of history, from the bubonic plaque to the HIV/AIDS virus. But what happens when a virus brings us back from the dead. IÃ¢â‚¬â„¢m talking about zombies, the undead. Today I will show you how to adequately prepare and survive a zombie apocalypse. Everything from identifying the enemy to defending your home and riding out the storm. Before we can divulge into preparations upon yourself and your home, we must first identify the enemy. What is a Zombie? This West African word defines a Zombie as Ã¢â‚¬Å"an animated corpse that feeds on living human flesh. Though many Hollywood movies have depicted Zombies as supernatural beings, with extreme strength and cognitive abilities, these accusations are wildly inaccurate. Zombies, in a sense, are basically human. They have the same attributes as humans do. They neither create nor destroy any part of their body (unless physical maiming has occurred before the reanimation). ZombieÃ¢â‚¬â„¢s p hysical attributes are basically the same to humans. Their eyes are still capable of transmitting and interpreting visual signals. They seem to have excellent hearing, capable of detecting sound and determine its location. Their smell is more acute, though they are able to distinguish between living prey and the already dead. Since Zombies are the Ã¢â‚¬Å"Un-DeadÃ¢â‚¬ , most of their nerves have also died, leaving the Zombie incapable of touch. This proves to be one advantage the Zombie has over humans. Without the ability to feel pain, Zombies can perform at a higher level of stamina than humans, being able to push themselves further and faster despite the pain it would cause a normal human. Despite Hollywood fiction, Zombies do not possess self-healing abilities, they cut and bleed like normal humans. But as previously stated they do not feel such pain. The Zombie is a ruthless killing machine, it takes wits and brains to conquer such beasts, and a little fire power wonÃ¢â‚¬â„¢t hurt either. When preparing for the Zombie Apocalypse, choosing the right weapons can be a matter of life and death. Contrary to popular belief, loading up with the heaviest, most powerful weapons ready to kick ass is basically suicidal. Proper consideration should be taken when choosing your weaponry. First and foremost, you should always obey state and federal laws regarding lethal weapons. No matter what weapon you choose, itÃ¢â‚¬â„¢s basically useless without proper training. Your weapon should become an extension of your body. If your weapon can be disassembled, you should learn how to take apart your weapon and reassemble it in the dark, it should become second nature. You should care for your weapon as if it were a member of your family, possibly the crazy uncle that could go off at any moment. Be cautious of replica weapons, as these are generally used as movie props and displays. When choosing your weapon, consider your situation. Are you in a close combat situation, or have you fortified your home adequately to where you can shoot from a distance. For blades, the Japanese Katana is ideal. ItÃ¢â‚¬â„¢s incredibly sharp blade and light weight makes it ideal for slicing through bone and muscle. Remember blades do not need reloading. As for guns, there is a wide range of guns to consider. Everything from heavy machine guns to shotguns. While each have their own pros and cons, for the sake of time weÃ¢â‚¬â„¢ll focus on the ones imperative for survival. Heavy machine guns have a high capacity for ammo, though the weight would slow you down on the run, these weapons are best suited for stationary use. The assault rifle is significantly lighter and with the option for single fire or rapid fire. Though the urge to empty a clip into a Zombie body may be tempting, resisting that urge is imperative to save ammo. The semi-automatic rifle has shown itself to be a superior zombie killer. With its high caliber bullets and sharp accuracy, it makes mincemeat of zombies. In a close combat situation, the shotgun reigns supreme. Though its range is limited, due to the pellet pattern, this weapon will surely suffice in close combat. Finally we come to the pistol. This should be reserved as a secondary weapon; it will prove to be your best friend. Now that we have covered who weÃ¢â‚¬â„¢re running from and how to defend and kill them, we focus our attention to fortifying and defending our homes. We live in a rural area, and if history teaches us anything; itÃ¢â‚¬â„¢s that major outbreaks are mostly concentrated in major cities. Though no house built in the modern era was designed to defend against a zombie attack, modifications should be used to fortify your home. Protecting your home from the undead is virtually the same as defending against human intruders, though ADT alarms will not help you. Secure iron bars should be placed in window sills to prevent zombies from climbing in the windows. In addition to bars, tempered glass should replace pane glass windows to avoid shattering; giving you added time once a horde comes. Any type of fencing should be placed around the perimeter of your property. The higher the better as zombies are not great climbers. Strength in your fencing is everything, as a horde of zombies can easily take down a weak fence. Consider using concrete or cinder blocks and add strength. Proper supplies should be in place to endure the time spent in your home during an outbreak. Water, and lots of it, is the key to survival; about 3 quarts a day per person. Canned foods and dried preserved foods, in addition to portable electric stoves will keep stomachs full. In addition, a gasoline generator and bicycle generator should be in place should the power grid fail. An advanced medical kit, complete with field surgery implements and antibiotics will treat minor and major injuries. Flashlights, lamps and radios should be used and back up batteries should be in place. A high powered telescope, emergency flares and chemical light sticks should finish of your survival equipment. During the attack, you should designate one corner of your back yard for your latrine, also creating a self-sufficient garden for fruits and vegetables, as far away from the latrine as possible. For electrical needs, unless the power grid is still functioning, use the bicycle powered generator. Not only will it keep your home powered, it will keep you physically fit. Patrol your home constantly, on a 24 hour basis. The chance of survival is higher in numbers. Keeping up moral in the group will significantly increase your chance of survival too. Create a library of books and games to keep you entertained. Make sure you have everything in place, ready to be used at a momentÃ¢â‚¬â„¢s notice. Everything from an escape route to a survival packs for on the run. Leave no stone unturned and no corner cut when preparing for an attack. Hopefully I have shown you today to properly prepare for a zombie outbreak. And hopefully you heed my warnings. These people are not your neighbors, your school teachers, or even your loving grandmother. These are zombies, the undead. ItÃ¢â‚¬â„¢s us against them. A battle to the end. Remember to stay alert, stay prepared, and stay alive.

Friday, January 10, 2020

Shocking Info Regarding Get Essay on Sale Uncovered

Shocking Info Regarding Get Essay on Sale Uncovered You can trust the ideal essay help online. When students don't understand how to finish and compose an essay, they immediately google essays for sale online trying to discover a decent on-line support. Today, most college students discover that it's tough to compose an essay on a specific topic. Essays are usually published to provide the writer's viewpoint on the specific subject or question. Books my very best friend essay. You're ready to compose articles on literally any topic that's single. On our site, it's very likely to readily get custom essay documents that are created by means of a group of expert writers. Also, usually there are a few on-line websites that may paraphrase an essay. Our website is just one of the most appropriate for essay help. Any paper is going to be written on time for an inexpensive price. Be confident that the essay for sale is going to be delivered to you at the appropriate time and that quality work and originality is the thing that defines the essay for sale service we provide. Needless to say, with the maturation of the internet and tons of different apps both for your computer in addition to for your cellphone, you can be asking yourself either essay reports are in reality growing extinct. The conventional account is the consideration that's Private. Even then you're unable to discover the informative and accurate info. There are a number of reasons why you o ught to prefer our services. The internet sites is supposed to be rather easy to work with but plus in the event you produce an account that is immensely effective of, you've probably the capacity to discover some assignments from individuals eager to buy slightly more for the quality. If you should learn how to create an ideal dissertation, you. It is vital that your research fits logically within the present research locally, and you may have found a very best study to link with and to extend in some fashion. You may easily depend on us to find essay help as we have a tendency to assist and guide the students with the aid of our professional experts. To start with, you're likely to want study materials. A few find a new house on the website, and a couple of businesses are trimmed out of our website. Your town park your automobile is a superb superior area, nevertheless there are different places offering picnic cause for bare minimal fees and also absolutely reduce. Ther e are rapid changes happening in the field of research and technology. Think about producing your own website. Essays will likely be written and published to provide the writer's viewpoint on a precise difficulty or region of interest. Take care as you buy essays and whenever you have solutions from which to decide on that enables you to cover essays. If you achieve essays at EssayDune, you've simply just the best quality! Before moving into the subject, you prefer to comprehend what a persuasive essay would be. There are lots of support in which it is truly simple to learn about essays to get. The greater volume of you inform us regarding the needs, the increased essay assistance we'll be in a position to supply. Among the biggest methods to better realize each type of essay is definitely to review examples. It will be inclined to buy essay newspapers online at sensible prices. Getting the Best Get Essay on Sale You are going to receive unique texts, which will be finished in time. Acquire Essay instantly Tailor-made crafting from the beginning is not really usually ideal, as you might not want your goals which should be spent. Another benefit of our website is the quickness. Buy essay on-line commonly indicates which you are able to choose the aid of special on-line stage after you sense the requirement and in return you merely pay some. Don't be worried about your college workload if you're doing task or dealing with trouble in composing English. It's actually frequently hard t o put dollars into the improved schooling tasks, which should preferably be accomplished by a youthful learner. There are a number of university students, college students and higher school students who've been facing lots of difficulties with essay paper for hire. In fact, writing editorials is one of the best tactics to create knowledge about wellness difficulties. Owning an essay that's certainly well written is currently in your reach. Don't worry in case the paper you received doesn't satisfy all of your own expectations. Nobody can deny the fact that article writing can leave a huge effect on your last levels.

Wednesday, January 1, 2020

Literature Review - 818 Words

This review has got several limitations which authors also acknowledge. Apart from the heterogeneity discussed above, only RCTs compared the thromboprophylaxis methods. This is a major flaw in the review. All-cause mortality is not a good parameter due to the fact major abdominal surgery, age and cancer would be major contributory factors. Disease specific mortality would have been the most appropriate parameter. However, given the small abount of reported PE related mortalities within the considered studies lack the statistical to power. It is also questionable how the authors only managed to consider 3 RCTs. Lack of online database search could be a reason. Considering the 3 RCTs mainly, overall VTE prophylcatic effect of ETP derrivedÃ¢â‚¬ ¦show more contentÃ¢â‚¬ ¦Since cancer patients are included in the review author of this document considered for discussion. RCTs or cohort studies comparing extended VTE with CTP (7 days of VTE prophylaxis) were considered for review. Trials reporting interventions as LMWH, UFH, graded compression stockings, sequential compression devices and vitamin K antagonists were considered. Minimal ETP duration considered as 14 days after surgery. The primary outcome measures were DVT, PE after 30 days of surgery and secondary outcome measures were postoperative 90-day mortality and bleeding complications. Authors consider primary study definition of bleeding for the analysis. This will bring the wide range of heterogeneity to with regarding bleeding. Similar to previous systematic review authors used standard DVT, PE screening methods at day 30 as benchmark. The authors carried out systematic and wide range of search from 1967 to 2008. Pubmed, Lilacs, Embase, and Cochrane database, Medline online databases were reviewed for both RCT and non RCT studies. The bibliography of each trial report were checked for additional references. Primary authors of RCTs were contacted, if necessary, for clarification of data. Additionally, reference lists from major review articles, all references from past meta-analyses, abstract books or two major conferences were also considered. Appropriate MeSH terms and electronic search criteria was followed. However, it is difficult to determine whetherShow MoreRelatedEssay Literature Review1001 Words Ã‚ |Ã‚ 5 PagesLiterature Review The purpose of this research project is for you to create a scholarly piece of graduate-level research and writing, which conforms to APA format. Competency in the APA format is required of all Business graduates of Liberty University, as set forth by policy of both the Graduate Faculty and the administration. You will research and write a literature review on a topic relevant to our course. What is a Literature Review? Ã¢â‚¬Å"A literature review discusses published informationRead MoreNarrative Literature Reviews1589 Words Ã‚ |Ã‚ 7 PagesNarrative literature reviews Introduction n A literature review is a comprehensive study and interpretation of the work that has been published on a particular topic n A literature review should convey the knowledge and ideas that have been established on a topic and their strengths and limitations Why undertake a literature review? n To provide a review of the current knowledge in a particular field n Provide a description of research studies n Identify gaps in current knowledge n Identify emergingRead MoreImportance And Characteristics Of Literature Reviews1615 Words Ã‚ |Ã‚ 7 PagesImportance and Characteristics of Literature Reviews A literature review examines existing research that is important to the work that you want to do. Literature reviews provide important background information and details about a specific research topic. Providing background information can help to demonstrate the importance of a topic, and can help to establish understanding of a subject or issue. An effective literature review also provides a space to elaborate on future work to be done on aRead MoreHrd Audit Literature Review683 Words Ã‚ |Ã‚ 3 PagesLiterature Review If you believe everything you read, better not read. (Japanese Proverb) [pic] What is a literature review? A literature review is an account of what has been published on a topic in the past. Its purpose is to inform the reader what has been established about a topic and what the strengths and weaknesses are. A literature review must be defined by a guiding concept and should not be a list of all the material that you can find (Porter, S. 2008, p.49). What isRead MoreA Literature Review : The Walden University Library Essay1070 Words Ã‚ |Ã‚ 5 PagesA literature review is an interpretation of arrays of circulating articles written by the scholar-authorsÃ¢â‚¬â„¢ of researchers related to several topics. A literature search for evidence-based research can be overpowering. The Walden University library illuminates on the superlative quality of evidence-based research and which databases to utilize with research searches. Filtered resources are the superlative quality of studies related to evidence-based practice and encompasses systemic reviews, criticallyRead MoreThe Impact Of Telemedicine On Health, A Systematic Literature Review1530 Words Ã‚ |Ã‚ 7 PagesIntroduction To evaluate and study the impact of telemedicine in health, a systematic literature review was conducted. An electronic research through the University of Maryland library was done the articles selected dated from 2000 to 2014. A total of 12 articles was reviewed that dealt with clinical outcomes, efficacy, patient and provider satisfaction. Telemedicine as an emerging field can greatly improve the outcomes of healthcare thus resulting in decrease the delivery cost of healthcare. WhileRead MoreLiterature Review : The Class Collage By Jeff Sommers1503 Words Ã‚ |Ã‚ 7 PagesexploitationÃ¢â‚¬ by Matt Zwolinski is about the ethical questions that are raised about the moral claim of the conditions in sweatshop that are accepted by choice and exploited for gains. These two peered review articles both shows some common similarity and a minute different between the two Identification Both peer-review articles use MLA citation. They both have a lengthy work cited pages/ references at the end of the article. The citations are alphabetically put in order and the citation itself is shown byRead MoreReview Of Formative Fictions : Imaginative Literature And The Training Of The Capacities `` Essay2185 Words Ã‚ |Ã‚ 9 PagesNayiri Khatchadourian HNRS 63W Prof. Bruce Stone 6 June 2017 The Consequence of Reading Fiction In his essay Ã¢â‚¬ Formative Fictions: Imaginative Literature and the Training of the CapacitiesÃ¢â‚¬ , Joshua Landy, professor at Stanford University, aims to explain the function of fiction and the reward of our engagement with literary works. Landy highlights three theories of the function of fiction: the exemplary branch, which invites the reader to consider characters as models for emulation or avoidance,Read MoreReview Of Literature Review On Literature Essay2370 Words Ã‚ |Ã‚ 10 PagesChapter - 4. REVIEW OF LITERATURE Literature survey is undertaken to study and analyze the finding of other researcher in their studies that are related to the subject under consideration. A research literature review, as a process, is a systematic, explicit, and reproducible method for identifying, evaluating and synthesizing the existing body of completed and recorded work produced by researchers, scholars and practitioners (Fink, 2010). As a noun, literature review is an organizedRead MoreLiterature Review793 Words Ã‚ |Ã‚ 4 PagesU02a1 Building Your Literature Review Plan: Part One - Sheila Darden The plan to collect and organize literature that explains the history of retention starts with the collections of scholarly, peer reviewed articles that provide insight to the history of retention. The literature will be organized alphabetically at first then to gain a better insight into the history of retention the collections of scholarly, peer review articles will be organized according to the date they were published. The