21st Annual IIMA Conference – “Creating new opportunities- The role of information in sustainable innovation”

The 21th Annual IIMA Conference took place in Utrecht, The Netherlands from 17 – 20 October 2010.

The International Information Management Association (IIMA) annual conferences promote the dynamic exchange of ideas among leading researchers, educators, developers and practitioners who share their research and disseminate innovations in education, business and government. The 21^st Annual Conference of the IIMA was devoted to presenting and examining information technology issues that create new innovative and sustainable opportunities in our current economical climate. Master and PhD-students were invited to apply for the Student Consortium of the 21st IIMA. With the application students were required to submit a paper describing their research approach and results, and to participate on workshop on performing design research. Workshop discussions were centered on research triggers, research questions, design artifacts and validation.

The conference was remarkable, the keynote speakers were outstanding, the researchers and presenters very innovative and practical, the topics were current and tangible, the workshop was concrete and practical, excellent information sharing and knowledge transfer through the student panel.

Me and my colleagues from the e-Business Management Master studies conducted a research and prepared a research paper on topic “Increasing Trust towards Government e-Services” which was presented on the conference as part of the Student consortium. We also took active participation in the student assignments during the conference and discussions of the Student Consortium panel.

Utrecht is incredibly delightful and charming city. The organized tour through Utrecht – Trajectum lumen was unforgettable, very creative and arty. I highly recommend visiting Utrecht, preferably in spring or summer :), also very close are Amsterdam, Den Hag that are worth visiting.

Photos from the conference, Tweeter account of the conference, the program of the conference, the certificate.

23rd Bled eConference - “eTrust: Implications for the Individual, Enterprises and Society"

The 23rd Bled eConference on topic eTrust: Implications for the Individual, Enterprises and Society was held in Bled - Slovenia in the period of 20th – 23rd June 2010. The program of the conference.

Bled eConference attracts speakers and delegates from business, government, information technology providers and universities and is the major venue for researchers working in all aspects of “e”. The conference has a wide appeal, offering:

• A fully-refereed Research Track, devoted to researchers in all aspects of "e";
• A Business and Government Panel Track which attracts eminent business and government leaders from Europe, the Americas and Asia-Pacific;
• Business, Government and Academic Meetings offering unparalleled opportunities to think and share with colleagues from around the world.

In conjunction with the 23rd Bled eConference the Faculty of Organizational Sciences University of Maribor, situated in Kranj organized Summer school, starting from 14th to 20th June 2010.

The summer school program covered various topics of innovative business operation and management, supported by modern information and communication technologies. Summer school was organized into the lectures combined with hands-on experiences, using information and communication technologies in the computer classroom. Summer School Schedule.

Both the Summer School and the eConference were excellent, with reach content and knowledge transfer, interactive sessions, practical workshops and simulations, remarkable speakers and intensive networking. I highly recommend this conference for all who want to upgrade themselves on professional, as well as personal level.

I took active participation on the summer school and the conference together with my colleagues from the eBusiness master studies. We followed the one week summer school programme, we participated in the 6th International Academic Electronic Marketplace Council (ACEM) Workshop in corporation with the 1st International eMarketplace Simulations, and we presented our prototype on the Professor René W. Wagenaar ePrototype Bazaar.

The organized social events are great, as well as the networking during the conference, but also it is very easy to organize yourself a joyful time because the nature in Bled is outstanding, and very close are Ljubljana, Postojna, Bohinj, Potroroz (not so close but worth every km traveled, especially on sunny weather :))

The official photos from the Bled eConference and my photos from the conference and summer school.

The next, 24th Bled eConference will be on topic eFuture: Solutions for the Individual, Organisations and Society and is announced for 12th – 15th June 2011. For more information on Call for Papers and Proposals click here.

itSMF Macedonia - Free Discussion Event (FDE)

The new cycle of FDE organized by itSMF Macedonia started this month. The purpose of these FDEs, that are regularly organized third year in a row, is exchange of experiences in the area of It Service Management through free and open discussions.

The FDE was held on 27th April 2010, in the MIT University. The topic of this event was “Service desks in Macedonian organizations” and realistic practical cases were presented by Nextsense (Daniela Gavrilovska), NBRM (Natasa Kostic), Neokom (Milan Temelkovski, Bijlana Petrovska).

For more information on the itSMF Free Discussion Events, new FDEs, presentations from the FDEs and other details visit the itSMF Macedonia’s website.

Information Security

Living in today’s modern age of information technologies, we become more and more aware about the importance of the information security.
The aspect of information security is very important for the business community as well as for the individuals. Due to this lately more attention is focused to this subject worldwide, as well as in Macedonia.
I will try to explain what does information security means and why it is so important through few basic definitions and short presentations.

What is information?
"Information is a means of organization, which like all other business assets, has value to the organization and therefore need to be adequately protected"

What is information security?
Provision of confidentiality, integrity and availability of written, electronic and spoken information.

• Confidentiality - Ensuring that information is available only to those authorized to have access
• Integrity - Ensuring the accuracy and completeness of the information and methods for their processing
• Availability - Ensuring that authorized users have access to information and related resources when needed

There are several international standards and best practices that have incorporated the aspect of information security in them. I would point out the following:

• ISO 27001 Management Security Information
• ISO 20000 IT service management
• ITIL - Information Technology Infrastructure Library

More details on types of information, systems for information security, common threats to information, etc. in the enclosed presentations.

The notion information and basic types of information

1 The Notion Information And Basic Types Of Information

View more presentations from Ana Meskovska.

Most common threats of information security

3 Most Common Threats Of Information Security

View more presentations from Ana Meskovska.

System for information security

4 System For Information Security

View more presentations from Ana Meskovska.

Standards and recommendations for information security on internet

5 Standards And Recommendations For Information Security On Internet

View more presentations from Ana Meskovska.

NBRM's Decisionas for ISO 20000

In the beginning of 2008, the National Bank of Republic of Macedonia (NBRM) brought Decision on the bank's information system security ("Official Gazette of the Republic of Macedonia" No. 31/2008).

In this decision NBRM prescribed the methodology for information security of the banks taking into consideration the processes for managing the security of the information system, business continuity, e-banking security standards etc.

In June 2008 NBRM brought Decision on amending the Decision on the bank's information system security ("Official Gazette of RM" No. 78/08). With this amendment NBRM prescribed that the IT suppliers of the banks (outsourcing companies) must be ISO 20000 IT Service Management certified.

"The outsourcing company* under paragraph 1 of this item shall obligatorily be certified in accordance with the international standard ISO/IEC 20000.
* Outsourcing company shall denote a company, which on the basis of a written agreement, provides services to the bank from the information system area for processing bank and financial activities.“ (based on the decision from 2008)”

In the beginning of 2009 NBRM brought another Decision on amending and consolidating the Decision on the bank's information system security ("Official Gazette of the Republic of Macedonia" No. 31/2009) in which there are clarifications for which IT providers of the banks are included in the category of companies that should be ISO 20000 certified.

„Information system services undertaking of a bank according to this Decision, shall denote:
a) ancillary services undertaking of a bank whose prevailing activity is managing and maintaining a data processing system, and which, on the basis of a written agreement processes and stores bank's data during the conduct of banking and financial activities; and/or
b) outsourcing, which, on the basis of a written agreement processes and stores bank's data during the conduct of banking and financial activities."

These NBRM’s decisions made ISO 20000 very relevant topic in Macedonia, especially among IT companies.

The card processing center CaSys first demonstrated alignment to the NBRM’s requirements or more precisely the requirements of their clients, through successful certification of IT Service Management System based on ISO 20000:2005. With this CaSys became the first company in Macedonia and the region to be ISO 20000 certified. This news was published by Kapital, Makfax etc.

Description of ISO 20000 series of standards

Effective service management delivers high levels of customer service and customer satisfaction. It also recognizes that services and service management are essential to helping organizations generate revenue and be cost-effective. The ISO/IEC 20000 series enables service providers to understand how to enhance the quality of service delivered to their customers, both internal and external.
The ISO/IEC 20000 series applies to both large and small service providers, and the requirements for best practice service management processes are independent of the service provider's organizational form. These service management processes deliver the best possible service to meet a customer's business needs within agreed resource levels, i.e. service that is professional, cost-effective and with risks which are understood and managed.

ISO/IEC 20000-1
ISO/IEC 20000-1 defines the requirements for a service provider to deliver managed services. It promotes the adoption of an integrated process approach to effectively deliver managed services to meet business and customer requirements. For an organization to function effectively it has to identify and manage numerous linked activities. Coordinated integration and implementation of the service management processes provides the ongoing control, greater efficiency and opportunities for continual improvement.
This is the standard against an organization is being certified.

ISO/IEC 20000-2
ISO/IEC 20000-2 represents an industry consensus on guidance to implementers of ISO 20000 – 1 and offers assistance to service providers planning service improvements or to be audited against ISO/IEC 20000-1.
Organizations can’t certify against this standard. This standard helps organization to get certified against ISO 20000 – 1.

ISO/IEC TR 20000-3
ISO/IEC TR 20000-3 provides guidance on scope definition, applicability and demonstration of conformance for service providers aiming to meet the requirements of ISO/IEC 20000-1, or for service providers who are planning service improvements and intending to use ISO/IEC 20000 as a business goal. It can also assist service providers who are considering using ISO/IEC 20000-1 for implementing a service management system (SMS) and who need specific advice on whether ISO/IEC 20000-1 is applicable to their circumstances and how to define the scope of their SMS.
Service providers who wish to implement an SMS based on ISO/IEC 20000-1 are required to define the scope of their SMS. Definition of service management scope, and the agreement of the scope statement, is a complex stage in the service provider's adoption of ISO/IEC 20000. ISO/IEC 20000-3:2009 provides guidance on the applicability of ISO/IEC 20000-1 and scope of the SMS based on practical examples.
ISO/IEC TR 20000-3:2009 supplements the advice in ISO/IEC 20000-2, which provides generic guidelines for implementing an SMS in accordance with ISO/IEC 20000-1.
Organizations can’t certify against this standard. This standard helps organization to get certified against ISO 20000 – 1.

ITSM terminology on Macedonian language

The English terminology which is used in the IT is more and more often adopted in Macedonian language. Best example are the words that we use every day: mouse, explorer, monitor, browser etc. Lately there are some efforts for appropriate translation of IT terminology on Macedonian language and standardization and dissemination of the translation. (mostly through the Macedonian version of the software programs and tools)

I support this initiative, but I must admit that sometimes the translation sounds very funny.

The English terminology that is used in the area of IT Service management is completely not standardized on Macedonian i.e. doesn't exist on Macedonian language.
Whit this post I would like to try to initiate standardizing at least of the basic terms from the ITSM area.



English language ----- Macedonian language

• Incident management ----- Управување со инциденти
  
• Problem management ----- Управување со проблеми
• Configuration management ----- Управување со конфигурациите
  
• Change management ----- Управување со промени
• Release management ----- Управување со верзии
  
• Supplier management ----- Управување со добавувачи
  
• Business relationship management ----- Управување со деловните врски
• Information security management ----- Управување со безбедност на информации
• Capacity management ----- Управување со капацитетите
  
• Budgeting and accounting for IT services - Одредување на цена и трошоци ја ИТ услугите
  
• Service continuity ----- Континуитет на услугата
  
• Availability management - ----- Управување сорасположивоста
• Service level management ----- Управување сонивото на квалитете на услугите
  
• Planning and implementing new or changed services - Планирање и имплементирање на нови или променети услуги
• Service strategy ----- Стратегија за услугите
• Service design ----- Дизај на услугите
• Service transition ----- Транзиција на услугата
• Service operations ------ Оперативна услуга / Користење на услуга / работење на услуга ???
  
• Continual service improvement ----- Континуирано подобрување на услугата
  

More details on this subject on my Macedonian ITSM blog.