For IT professionals looking for an early, high-level view of Windows Server 2012, there’s no better resource than the Microsoft Press e-book. Based on the beta release, this guide introduces its new features and capabilities, with scenario-based insights demonstrating how the platform can meet the needs of your business.
Model-Based Software Testing and Analysis with C# (Cambridge University Press, 2007, English)
Nature’s Clocks: How Scientists Measure the Age of Almost Everything (University of California Press, 2008, English)
Nuclear Weapons: A Very Short Introduction (Oxford University Press, 2008, English)
MySQL (4th Edition) (Developer’s Library) (Addison Wesley, 2008, English)
The Nine Numbers of the Cosmos (Oxford University Press, 1999, English)
Complete Maya Programming: An Extensive Guide to MEL and C++ API (Morgan Kaufmann, 2003, English)
OpenSUSE 11.0 and SUSE Linux Enterprise Server Bible (John Wiley & Sons, 2008, English)
Mobius and his Band: Mathematics and Astronomy in Nineteenth-Century Germany (Oxford University Press, 1993, English)
Oracle PL/SQL by Example (4th Edition) (Prentice Hall, 2008, English)
Oscillators Simplified, With Sixty One Projects (TAB Books, 1987, English)
The Martians of Science: Five Physicists Who Changed the Twentieth Century (Oxford University Press, 2006, English)
Cosmology (Oxford University Press, 2008, English)
Introduction to Precise Numerical Methods, Second Edition (Academic Press, 2007, English)
The Light Fantastic: A Modern Introduction to Classical and Quantum Optics (Oxford University Press, 2008, English)
Partial Differential Equations in Fluid Dynamics (Cambridge University Press, 2008, English)
Ubuntu Kung Fu: Tips, Tricks, Hints, and Hacks (Pragmatic Bookshelf, 2008, English)
Mastering Financial Mathematics in Microsoft Excel: A Practical Guide for Business Calculations (Market Editions) (Trans-Atlantic Publications, 2005, English)
Platform Interference in Wireless Systems: Models, Measurement, and Mitigation (Newnes, 2008, English)
Programming 32-bit Microcontrollers in C: Exploring the PIC32 (Embedded Technology) (Newnes, 2008, English)
Microsoft SQL Server 2008 A BEGINNER’S GUIDE 4/E (McGraw-Hill, 2008, English)
Handbook of Usability Testing: Howto Plan, Design, and Conduct Effective Tests (John Wiley & Sons, 2008, English)
Windows XP Media Center Edition 2004 PC for Dummies (For Dummies, 2003, English)
A Simple Guide to Windows XP (Simple Guides) (Prentice Hall, 2002, English)
Visual Thinking: for Design (Morgan Kaufmann Series in Interactive Technologies) (Morgan Kaufmann, 2008, English)
The Art of Sound Reproduction (Focal Press, 1998, English)
Information and Communications Security: 9th International Conference, ICICS 2007, Zhengzhou, China (Springer, 2008, English)
Rightshore!: Successfully Industrialize SAP® Projects Offshore (Springer, 2008, English)
PHP Web 2.0 Mashup Projects (Packt Publishing, 2007, English)
Digital Logic Design, Fourth Edition (Newnes, 2002, English)
Patterns in Network Architecture: A Return to Fundamentals (Prentice Hall, 2008, English)
How to Cheat at Configuring VmWare ESX Server (Syngress Publishing, 2007, English)
Open Source Fuzzing Tools (Syngress Publishing, 2007, English)
Professional Plone Development (Packt Publishing, 2007, English)
IT and ITeS outsourcing has gained great momentum globally over the last few years, unlocking value for corporations and shareholders. This has brought about considerable change in operating models as different functions of the same supply chain are now being performed in geographically dispersed environments.
This is a paradigm shift and is still in evolution. Businesses are continuously trying to adapt to this change. Such changes in operating models and dispersed global footprints of corporations has brought with it risks, which need to be managed effectively. These risks have multiple dimensions that include political, economic, geographical, legal, social, technological and operating model risks.
A few indicative risks are: (i)business continuity management (BCM) risks. This includes existence of single point of failure (SPOF) arising out of concentration of operations at one location; lack of adequate fault tolerance/ redundancy in IT infrastructure etc;
(ii) information security/data privacy related risks. This includes risk of data theft, exploitation of IT security vulnerabilities, social engineering attacks, etc;
(iii) process related risks. This includes inadequate segregation of duties, inappropriate management oversight
A robust risk management model is therefore a critical business fundamental and increasingly a differentiator particularly for outsourced operations. Risk management can be done by adopting quantitative/qualitative methods and there are many ways in which it can be approached.
It is very important that such initiatives be driven by qualified professionals who have the knowledge to understand various threats, vulnerabilities, controls and residual risks. Factors such as financial impact, operational impact, legal impact, reputation impact, health and safety etc need to be considered before arriving at risk ratings.
Risks, once identified, need to be carefully analysed by leadership in order to understand the various options for a cost-benefit analysis. This stage is crucial in arriving at a sound risk treatment plan in line with the risk appetite of the organisation. There are various risk treatment options that can be considered in order to address risks.
? risk mitigation (implementation of additional controls to bring down the residual risk);
? risk acceptance (management agrees to accept this risk);
? risk elimination (eg, changing the way in which a particular process is being performed to eliminate/ circumvent the source of risk;
? risk transfer (eg, outsourcing a part of significantly risky process to a provider which specialises in that process or by other appropriate means).
Once a robust risk management model has been established and is functional, it leads to subsequent programs to address the risks exposures across the cross section of the organisation. Some of the programs include: Sarbanes Oxley Act (SOX) compliance; information security management; business continuity management and disaster recovery program; operational risk management program; fraud risk reduction program;
Let’s consider some specific examples. A large global organisation with multi-geography presence can bank on multi site, multi network strategy to deliver 24X7 business continuity solutions. This approach, best summarised as ‘don’t keep all your eggs in one basket gives better redundancy. This approach may impact cost and that will be dependent on the geographies selected for delivery.
"Fortune favours the prepared" ? a rigorous testing schedule of the business continuity plans provides additional comfort to management and customers as well.
Data privacy programs must reflect the privacy posture of the organisations. The privacy framework needs to focus on choice of data use, data access and data integrity, security, onward transfer, security and enforcement/oversight. Given the typical information life cycle through the organisation, the privacy framework needs to include measures to protect personal information and map them with the privacy policies. For instance, while collecting information directly from customers, the organisation should: provide notice of how the information is to be used and choice to the customers on providing the information; store personal information in accordance with the IT Security policy and standards; ensure data integrity; Ensure that the information is used only for the intended purposes; ensure that the information is not transferred or shared with 3rd parties without consent.
Implement an oversight program addressing customer enquiries, complaints, and a system of audits are in place to ensure that personal information is handled and managed appropriately.
Going forward, risk management programs are getting linked to the competitive advantage of the organisations. In the outsourcing world, a robust risk management model not only alleviates management concerns but also pleases the buy-side decision makers.
Essential Components of ALM
The basic objective of an Application Lifecycle Management system is to help IT organizations do a better job of delivering to their end users what they want, when they want it and making sure it works when it gets there. In other words, they are designed to help ensure that IT is an agile organization that delivers results in alignment with the needs of the business by improving the productivity, quality and predictability of your efforts.
Application Lifecycle Management (ALM) contributes greatly towards IT agility. ALM provides the necessary functionality to help manage software creation and the iterations throughout the application lifecycle. ALM includes the specification, access control, change management, process management, build, and deployment of software configurations over the product lifecycle.
The primary components of ALM that improve IT agility include:
Software Configuration Management
Central to the notion of Software Configuration Management (SCM) is the concept of ‘configuration’ and that software is delivered in an arrangement of a specific set of files and functionality. Software development is ongoing, so any particular configuration is a snapshot of the continuous stream of development. An SCM system manages and coordinates the creation and change of various software configurations over any given time. SCM provides the version control, access control and process management required for a managed development process, as well as controlling and coordinating the configuration of software that is built and deployed.
Automated deployment can simplify a complex process and ensure accuracy. Software deployment is usually performed manually, which leads to unintentional errors such as using the incorrect versions of files or placing files in incorrect locations. An ALM solution ties deployment in with the SCM system so that the right files are deployed to the right locations automatically, as part of the overall software development process.
Throughout the application lifecycle, changes occur, bugs are discovered, enhancements created, processes created and modified, and all of it needs to be coordinated, tracked, approved and managed. The change management function within ALM provides a way to store, approve and verify change requests. The change management system also provides status information to the requestor, and provides the traceability needed for internal or external compliance programs. Change management serves as a wrapper around the entire application lifecycle, coordinating change within all aspects of application development.
In today’s global, highly competitive and rapidly changing business environment, it is more important than ever to ensure that IT is tightly aligned with the overall objectives of the business. So, it is of great concern to most CIOs that, according to the latest information from Gartner, most companies see IT as an impediment to change rather than an enabler of change. That view is undoubtedly tied to the startling statistics that over 80% of IT projects arrive late or over budget or both; that development projects more often than not deliver less function than originally promised; and that software quality continues to lag behind the quality standards achieved in other areas of the business.
Ironically, these problems are often the result of attempts by IT to be responsive. In order to satisfy their end users, IT staff often accepts more work than they can possibly complete while providing end users with unrealistically optimistic delivery estimates. Meanwhile, the end users have ongoing “emergency” requirements that IT must deliver on immediately. Unfortunately, rather than creating the desired impression of responsiveness, these tactics actually result in significant end user dissatisfaction. Fortunately, there are a few proven areas in which Application Lifecycle Management Systems and Processes can be used in order to turn a typical IT organization into one that delivers excellent results in alignment with the company’s objectives.
Managing Change: The Business Benefits of Application Lifecycle Management
There is no question that in order to be an enabler of change, IT organizations simply must be able to deliver more functionality more quickly. The application lifecycle management system must automate the processes in the change lifecycle to allow each member of the team to concentrate on their highest value activity. Developers should be creating and enhancing applications rather than moving code around or manually documenting activity, for example.
Taking advantage of new development technology also increases productivity. Code re-use through object oriented and service oriented architectures are promising technologies that have been around for years. Yet, the lack of comprehensive, easily accessible metadata about the inventory of available re-useable components, have kept the benefits elusive.
However, productivity is not simply a measure of how much work the IT organization gets done. It is, maybe more importantly, a measure of how quickly IT delivers those things that are critical to the success of the organization. The difference between the first idea and the second is comprehensive and effective prioritization. Too often, IT reacts to whoever screams the loudest. Important projects are constantly superseded by projects perceived to be ‘urgent.’ In order to support appropriate prioritization, the application lifecycle system must provide a central repository of detailed information about the request backlog. Using that repository, end user representatives and IT staff can agree on which items should come first and which can wait.
In order to create a high level of customer satisfaction, IT must ensure that they keep the delivery promises they make to end-users. The difficult challenge faced by IT is that it is generally necessary to prioritize and schedule projects before anyone knows exactly what it will take to get them done. IT does not have the resources to complete detailed designs and estimates for every requested project before building a project schedule. Yet, good estimates are critical in successfully working with end users in creating their priority list. Accurately making those estimates requires easy access to comprehensive historical information on similar projects so that IT staff can see how accurate the estimates were in the past, where in the process inaccuracies cropped up and how long the projects actually took.
Organizations using application lifecycle management tools to automatically track historical information have successfully used that data to increase their on-time/on-budget delivery performance from below 20% to over 90% of their projects.
There is little that interferes more with productivity than the constant need to fix production problems. By their very nature, production problems are urgent and, therefore, are moved to the top of the priority list. Problems in production can corrupt data and can use up valuable IT resources in repairing the information. In order to continue operations, the broken systems might need to be backed out, creating additional maintenance headaches in attempting to ensure that other dependent items are backed out as well. Emergency fixes can lead to parallel development situations where an older production version of a program needs a fix before a newer version in development can be completed. These quality problems become unexpected additions to the project schedule with the potential to create cascading delays.
By implementing structured, repeatable, measurable processes in accordance with the principles of total quality management, users of application lifecycle systems have achieved significant reductions in production defect rates. This frees developers to continue working on new changes and helps to maintain the integrity of the IT project plan.
For too long, IT has treated application development and maintenance as a “black box.” Users are interviewed for their requirements and then sometime later, IT magically delivers. Users are often left in the dark as to what happens in between. Consequently, when things are delivered late, users are surprised and unhappy.
The entire application development lifecycle must be a collaborative process. End users need visibility into IT so they understand the volume and impact of “emergency” requests. With more information, they can provide better input into the prioritization process. If a project begins to run over schedule, they will know early on while there is still time to change the project’s scope or to re-prioritize the project backlog. If the end users decide to change priorities, the impact of that decision will be apparent to everyone. This constant interaction ensures that IT stays aligned with the current priorities of the business.
Needless to say, visibility is also critical to IT management. There is an old saying that you can only “expect” what you can “inspect.” If you can’t see it and you can’t measure it, you can’t improve it.