Rico Knapper

Decision-Making Based on Incident Data Analysis

The intertwining of service-oriented architectures, service management concepts and cloud computing services leads to a new form of service landscapes. These modern IT service landscapes with loosely coupled services, short-term contracting and on-demand service provisioning have added an additional layer of complexity in service sourcing decision processes and thus require new forms of risk management and decision support for service sourcing. In addition, flexibility has become an important managerial variable in service management, which adds even more complexity to service management decisions. To address this rise of complexity, we analyse service sourcing based on a formal model and propose a risk-aware decision model for service sourcing. We show that our approach supports IT service management with continuous decision support and an effective and always current view on the risk situation of a service portfolio by means of a simulation based on the analysis of incident data from a real-world high demand financial trading platform.

A Risk-Aware Decision Model for Service Sourcing (Short Paper)

With cloud computing becoming more than a buzz word and other modern IT service solutions catching on in enterprise environments, decision support models lag behind. Modern IT service landscapes with their loosely coupled services, short-term contracting and on-demand service provisioning have added an additional layer of complexity in service sourcing decision processes and thus require a new form of risk management and decision support for service sourcing. The necessity to determine the right service and provider combination for any given situation in a timely fashion has become even more eminent. The contribution of this research is a decision model for service sourcing that integrates risk and cost information of innovative software services into the decision rationale.

Towards Objectives-Based Process Redesign

Continuously growing and changing multinational companies oftentimes struggle with feterogeneous degrees of standardization. Especially in case of redesigning business processes that have been historically grown over decades, the capability of handling semi-structures process is central. Nevertheless, for competitive advantages, it is essential for a company to work on the optimization of all processes. Existing redesign techniques either focus on completely unstructured or structured processes. The Redesign Model presented in this paper transforms semi-structured processes into processes with an increased degree of standardization. Our technique consists of four main steps: (i) we extract the objectives for an efficient business process redesign from existing literature; (ii) we formulate a list of requirements an innovative redesign model has to fulfill; (iii) we present a design science based Business Process Redesign Framework including our Redesign model; (iv) we evaluate our model showing its applicability and completeness.

Risk in modern IT service landscapes: Towards a dynamic model

The “Cloud Computing” paradigm is gaining ground with new IT service providers and traditional IT out-sourcing providers alike. Customers want to use cloud computing solutions with all their advertised advantages and without the hassle of traditional long term outsourcing migration and contracting. Risk is at the center of attention when dealing with the adoption of cloud services. Because of the security concerns and the consequential reservations towards the acceptance of public cloud computing platforms, a lot has been done to improve security and trust in these environments. However, most of the implementations and research regarding this issue is concerning technical security risks with a focus on preventing perimeter-based attacks. Security and trust issues beyond perimeter based security risks have gained little attention. This paper identifies the need to look beyond technical issues and turns the attention to improving compliance and governance in cloud environments. In this process the focus is set on the discontinuity cap between existing methods to identify and evaluate IT risks and the treatment of these risks with Service Level Agreements. To close this cap a model for a dynamic view on current IT risk is proposed to comply with modern IT environments that are composed of an ampleness of different services. The model has a strong corporate context and will help companies to evaluate their current risk exposure and thus make better decisions when choosing their services.

Steering Through Incentives in Large-Scale Lean Software Development

The application of lean principles and agile project management techniques in the domain of large-scale software product development has gained tremendous momentum over the last decade. This results in empowerment of individuals which leads to increased flexibility but at the same time sacrifices managerial control through traditional steering practices. Hence, the design of adequate incentive schemes in order to align local optimization and opportunistic behavior with the overall strategy of the company is a crucial activity from a business perspective.

Managing the Quality of Modular Services -- A Process-Oriented Aggregation of Expected Service Levels Based on Probability Distributions

Service oriented architectures provide modular service components which can be combined to complex services. Besides the problem of finding optimal combinations of service components the quality of the overall service (the complex service) is important. It is often assumed in literature that the quality of the individual service components is expressed as one single value (e.g. the average). In fact, we observe different probabilities for certain quality levels which are summarized in a probability distribution of the service level indicators. Given the distribution of the quality levels of the individual service components we present an approach to aggregate these distribution functions. As such, we are able to derive one distribution function for the overall complex service. The distribution function of the complex service carries much more information than a single value. This fact is essential for analyzing, managing and controlling the overall process in order to detect weaknesses and to approve overall quality.