2010

INFORMATION MANAGEMENT PBSA 823

Lecturer: Mr. J. C. Coetzee
9/18/2010

Ch

CRITERIA FOR MARKING MBA-ASSIGNMENTS

1

Meeting the objectives of the assignment

60

The extent to which:

*1.1

the assignment was understood and answered

comprehensively

10

Nestl struggles with Enterprise

Systems

*1.2

independent (own) thought is reflected

10

1.3

insight in the topic was demonstrated

10

1.4

logical, systematic thought and reasoning is demonstrated

10

1.5

quality research (literature study and / or empirical work)

was done

10

1.6

conclusions are logic, meaningful and substantiated

10

Presentation and technical aspects

30

The extent to which:

2.1

the content shows a logical andintegrateddevelopment

and forms a balancedholisticwhole

15

2.2

the executivesummary reflects the content

comprehensively and meaningfully

2.3

the table of contents, references and list of sources are

noted correctly

2.4

the style and language (grammar) meet the requirements

General quality rating

10

Evaluators general evaluation mark of the assignments

quality - taking into consideration the above and other factors
TOTAL

100

Assignment Word Count:

Page 2

Chicken Run Group Members

There is nothing more determined than poultry with a plan

Bezuidenhout, P.J.

1224 6093

Botha, Desere (Mrs.)

2250 2556

Buys, Johan

2049 8705

Kleynhans, Wessel

1251 7755

Schoeman, Willie

1032 6065

Wohlfahrt, Andre

2255 3533

Van Wieringen, Anton

12318388

Page 3

CONTENTS
EXECUTIVE SUMMARY........................................................................................................ 5
LIST OF ILLUSTRATIONS...................................................................................................... 6
LIST OF APPENDICES.......................................................................................................... 6
LIST OF ACRONYMS............................................................................................................ 6
Question 1......................................................................................................................... 7
Question 2........................................................................................................................... 9
Question 3........................................................................................................................... 9
Question 4......................................................................................................................... 10
Question 5......................................................................................................................... 12
Question 6......................................................................................................................... 12
Question 7......................................................................................................................... 16
Question 8......................................................................................................................... 18
Question 9......................................................................................................................... 18
LIST OF SOURCES............................................................................................................. 20

EXECUTIVE SUMMARY
Page 4

The Nestls case study on ERP or Enterprise Resource Planning forms the base of this
document. Although Nestl is a global company with production facilities in 80 countries, they
were lacking standard business processes and each business unit operated almost
independently. This created problems and Nestl was not as competitive as they wanted to be.
The arrival of Jeri Dunn as CIO was meant to integrate the company to operate as a single
minded e-business. The implementation of solutions didnt always solve the problems. The
following issues are discussed:

IT processes and functions that were either conducted properly or poorly

key considerations to align IT strategy with overall business strategy
the reasons why Nestl encountered problems when ERP was introduced
management, organizational and technological factors that contributed to those
problems

A few other issues not related to the Nestl case study are also under discussion and covers
cybercrime and also the King III report which in essence is the South African version of the
American Sarbanes-Oxley Act that regulates the way business is to be conducted, including
information technology which is now also regarded as an integral part of a sustainable
business.
The conclusion of this report is that standard business processes, in specific KMS or knowledge
management systems can be beneficial to an organisation, ensuring a sustainable and
profitable future.

Page 5

LIST OF ILLUSTRATIONS

Picture 1: Jeri Dunn, CIO of Nestle

Picture 2: Sample of phishing scam

Figure 1: Phishing pie chart

Figure 2: Knowledge management scenario
Figure 3: Reasons why organizations launch knowledge management programs

LIST OF APPENDICES

Appendix A

LIST OF ACRONYMS

BPR

Business Process Engineering

CRM

Customer Relationship Management

ERP

Enterprise Resource Planning

GLOBE

Global Business Excellence program

KMS

Knowledge Management System

IT

Information Technology

SCM

Supply Chain Management

SOX

Sarbanes-Oxley Act

Page 6

QUESTION 1
From the case study, identify those IT processes and functions that Nestl conducted properly
and those that Nestl conducted poorly.
There were several stages during this implementation in the case study and when a case such
as this is reviewed, it is a good idea to benchmark activities against standard sets of good
practices with successful implementations and those factors that usually cause failures.
Gartner makes use of the winners/losers analogy to verify check what successful companies
are doing vs. companies that experienced failures during their ERP implementations. Their view
is that winning businesses will use IT or ERP to standardize their business processes and
hence create a platform for innovation. The losers on the other hand tend to use IT in spite of
their business processes and as a result have a lot of difficulty finding business value.
The following were identified as some of the bad aspects and processes that were followed by
Nestle:

Systems were extremely dispersed, 900 IBM AS/400 servers, 15 different mainframe
systems, and 200 UNIX systems.

Due to the dispersed systems they could not apply economies of scale, due to the fact
they had no ability to influence standardized pricing and orders. This also created
problems with stock management global agreements. Every business unit was required
to repeat negotiations with providers. Hence they could not leverage their global
bargaining power.

There were no standards with for tasks and processes, thus none of business units were
performing processes in the same way.

The executive team of Nestle was not aware of major and numerous changes to the
business processes. In most cases ERP solutions are not very open to change, it is
usually the business that needs to adapt to the standard processes contained within the
ERP solution.

The staff and end-users that were directly affected by the changes were not included in
the planning and hence had no idea what the end result and impact will be to their ability
to make use of the systems.

The lower level staff did not know how to use the system; they have not received the
requisite training.
Page 7

They overcommit to deliver the system by a certain time as a result of this rush to get
the ERP implemented; they failed to implement certain modules. This in turn caused
irregularities with accounts and orders.

The deadline was not achievable and they lost sight of the bigger picture and only
focussed on the technology.

The following were identified as some of the good aspects and processes that were followed by
Nestle.

With the final deployment they did consider local conditions and business cultures.

They realized that a common system would assist in the sharing of data among the
different subsidiaries of Nestle

They did a SWOT analysis to understand where their strengths and weaknesses lie and
this also allowed them to understand and identify opportunities and threats.

They also realized that this was more than only software or technology changes but that
it would be business process reorganization and that it would change the way that they
do business.

They reviewed the needs

o

First they determined the business drivers.

Established a completion date.

Agreement to educate and train those that will be impacted by the change.

With the second implementation they created a detailed design and project deployments
map.

They created a change management team to manage the business change in the
organisation.

The total organization benefited from the standardization of business processes.

Page 8

QUESTION 2
One of the key factors in any contemporary organisation is the accurate
alignment of the IT strategy to the overall business strategy.
Discuss key consideration when aligning the IT strategy to the overall
business strategy.

QUESTION 3
Why did Nestls initial enterprise resource system project encounter so many problems?
Jeri Dunn, CIO of Nestl that spearheaded the project said that no software implementation is
really about the software. She said it is actually about challenging company principles, beliefs
and the way they have done things for many, many years. This remark tends to give the
impression that Dunn was underestimating the project and even though she made provision for
a time frame of a few years to implement the ERP system, her initial approach to the whole
project was one of software installation only.
Barker and Frolick (2003:1) states that while it is true that successful implementation of an
enterprise resource planning (ERP) system is a task of Herculean proportions, it is not
impossible. If your organization is to reap the benefits of ERP, it must first develop a plan for
success, but prepare
Picture 1: Jeri Dunn, CIO of Nestle
to see your organization reengineered, your staff disrupted, and your productivity drop before
the payoff is realized. Barker et al (2003:1) further states that implementation of ERP must be
viewed and undertaken as a new business endeavour and a team mission, not just a software
installation. Companies must involve all employees, and unconditionally and completely sell
them on the concept of ERP for it to be a success. A successful implementation means
involving, supervising, recognizing, and retaining those who have worked or will work closely
Page 9

with the system. Without a team attitude and total backing by everyone involved, an ERP
implementation will end in less than an ideal situation.
When Nestls case is considered against the background of this statement, it is clear that Jeri
Dunn tackled a task of huge proportions, even more so because of Nestls representation in 80
countries worldwide. Dunn undertook to install an ERP system and to have it up and running
within a timeframe of between 3 to 5 years.
Leshinsky (2008:1) is of opinion that one of Nestls initial mistakes was that they didnt realize
that changing their supply chain and resource planning structures would mean very prolonged
planning and analysis of their core business systems. They failed to implement broad business
process changes before rolling out the software that would make them more agile and
competitive. According to Leshinsky (2008:1) this problem was even further aggravated by
them not knowing which modules of the SCM and ERP would integrate seamlessly and which
would not. Nestl decided to outsource the software implementations to SAP. Nestl then had to
make a last minute change in demand planning software from a core SAP product to
Manugistics which in turn led to their SCM debacle.
The case study highlights problems that were created in the early stages of the project by not
including staff that were to be directly affected by the vast changes that Dunn was about to
introduce. This oversight by Dunn to adequately train and prepare its core staff for the software
rollout eventually led to rebellion and exceptional high staff turn-over of 77% in a very critical
department who was responsible for forecasting product demand.
Leshinsky (2008:1) states that Nestls operational problems stemmed from its massive
acquisitions drive in the early nineties. The company was comprised of so many different units
and held together in a loose network that each subsidiary had a unique business process and
any attempt to change the process was regarded by management as an attempt to take away
autonomy and in the worst case decrease competitiveness.
Dunns was determined to standardize and coordinate all business processes and even though
she faced many problems, she readjusted her strategies, learned out of mistakes and even restarted the process to ensure success.

Page 10

QUESTION 4
Discuss the management, organization, and technological factors that contributed to those
problems.
Managerial factors:
The

following

managerial

factors

influenced

the

deployment:

Decision-making

was

decentralised. Negotiations for sales from suppliers (Supply Chain Management system) were
also decentralised and duplicated. Top management underestimated the size of the project and
the impact of such a big effort to standardize processes;they did not understand that this will not
only be a technology change but effectively a change to the way Nestle do business. The
management team did not train or involve the people that were directly influenced by this major
change. This in turn negatively influences the attitude of employees and the end-users did not
make any effort to learn the new system. Management further did not follow a participative style
to involve all the relative stakeholders in the project, and provide them with enough
communication to see them through the change. During the first implementation they did not
have effective change management and overcommitted to certain dates without managing the
business expectation.
Organisational factors:
Nestle run an extremely dispersed operating environment this caused the environment to be
managed differently in all their regional sites and they could hence not implement a corporate
business model. This dispersed model is expenses to manage and increases increase total cost
of ownership and subsequently creates a lot of duplication. There was no standard financial
system in place, different points of customer entry existed and multiple purchasing systems
were also evident.
Technological factors:
The biggest threat to IT environments is the lack of governance, when considering Nestle is
clear that they had no governance in place for the management of IT systems and
infrastructure. The organisations, because of the decentralised approach thus had dispersed IT
systems. Infrastructure and technology are built on proper standards and business processes it
is evident that neither existed initially within Nestle. The total cost of IT ownership could not be
measured or managed there were no standard operating platform in place. They did not follow
Page 11

good technology management principles or implementation lifecycles. They did not plan there IT
deployments effectively and hence had various issues on a technology and people side. They
overcommitted on the delivery dates and as a result put in place neglected systems. The
business also did not adapt to the technology requirements and this was responsible for the
dysfunctional systems.
QUESTION 5
Nest is a global business giant and operating in a global environment and thus it poses unique
IT chalanges and strategy.
Using Nestl as the example, discuss the global approach to IT under the following headings:

Global business drivers and challenges

Corporate global strategy

Organisation structure

Management and process

Technology

Page 12

QUESTION 6
Cybercrime is on the increase. Given the international nature of it, what would you do to:

Prevent yourself to become a victim and

Should you be a victim what should you do?

Baltzan and Philips (2010:300) defines information security as the protection of information from
accidental or intentional misuse by persons inside or outside an organization. It is therefore vital
that companies (and individuals) have strategies to prevent loss of information from both sides
of the company. Customer database, company strategies and any other information regarded
as valuable intellectual capital should be protected in order to prevent that the company falls
victim to cybercrime.
Baltzan (2008:300-303) identifies two problem areas that pose security risks for companies
namely people and technology, but having said that, people and technology, if applied correctly,
can also become first and second line of defense against IT threats.
In his presentation, Grobler (2006:13) states that the arsenal of the cyber criminal includes the
following:

Social Engineering
"Insiders"
Dumpster Diving
Phishing
Denial of Service Attacks
Picture 2: Sample of Phishing scam

Page 13

(Credit: Beaunard Groblers PowerPoint presentation (2006:14)

Norton (2010:1) suggests the following tips as basic information against online fraud

Keep computers current with the latest patches and updates.

Ensurecomputers are configured securely.
Choose strong passwords and keep them safe.
Protect computers with security software.
Protect personal information.
Online offers that look too good to be true usually are.
Review bank and credit card statements regularly.

The various schemes that are available changes by the day, and the fact that the perpetrator
does not need to be with the victim, makes it very difficult. Once you have the knowledge, you
can take precautionary measures to ensure you protect yourself from becoming a victim.
Keeping personal information safe, is probably the most important rule. Caution shoulde be
Page 14

execercised when sharing personal information such as banking information, access codes and
pins, addresses, telephone numbers and identity numbers. Even throwing personal information
like bank statements and cheques away could give syndicates the opportunity to work through
your garbage and steal your information and/or your identity. Always ensure you are on a safe
site when doing online transactions such as banking etc. Beware of phishing scams where
perpetrators are trying to steal your information, for example falsifying bank notices to obtain pin
number.
The magnitude of cybercrime is highlighted with Mills (2010:1) statement that during a threemonth study of its global malware database, Panda Security found on average 57,000 new Web
sites created each week with the aim of exploiting a brand name in order to steal information
that can be used to drain peoples' bank accounts.

Figure 1: This pie chart shows the business categories targeted by phishers and their
respective proportion of fake sites, according to PandaLab's latest report.
(Credit: PandaLab, Website: http://news.cnet.com/8301-27080_3-20016026-245.html)

What To Do If You're a Victim

Page 15

When one does fall victim to cybercrime, it is important that it is reported with the police,
relevant financial institution and/or home affairs office. It is critical that victims co-operate so
that the perpetrators may be caught. Victims need to limit and mitigate their risk as information
is sold on the black market, and it may only be the beginning of huge frustrations.
Norton (2010:1) on their website What To Do If You're a Victim recommend victims to
disconnect immediately by unplugging the network cable, phone, or cable line from the
computer. This can prevent data from being leaked back to the attacker. Bots may also use the
victims computer as a zombie in a larger, coordinated attack. Disconnecting the network
connection is a sure-fire way to put a stop to the immediate damage.
Inspector Beaunard Grobler, (2006:23) in charge of South African Polices cyber crime unit
makes the following basic recommendations that will aid investigation when an information
system is compromised:

Preservation is the key to successful prosecution of cyber criminals.

As far as possible preserve the original system, appropriate logs, artefacts, etc. in a

legally acceptable manner.

DO NOT work, analyse or open ANY files from the original system!

QUESTION 7
Discuss the impact of Chapter 5 of the King 3 report and what whould you do to implement it in
your organisation.
It is important to understand what KingIII is and how it relates to or daily operational business in
corporate organizations. The King code of good governance provides boards of directors to
companies with insight into the daily decisions and choices that they have make in complex
situations and scenarios. These insights are given through a list of best practices and principles.
King III provides guidence to all corporate organizations in various areas.

Ethical leadership and corporate citizenship

Boards and directors
Audit commitees
Governance of risk
The governance of information technology
Compliance with laws, rules, codes and standards
Internal audit
Governing steakholder relationships
Page 16

Integrated reporting and disclosure

It is the first time that King makes reference to the governance of information technology and
give explicit reference to certain guidelines and principles that need to be adhered to for
effective goverance of information technology in corporates.
The sudden change in perspective and the addition of information technology to the King III
report indicates that King recognises the importance of information technology in corporates. It
form a integral part of the daily operations in corporates and is fundemental to sustain, grow
and support organizations.
The implications of the infomation technology addition will require the board to disclose hoe it
satisfied IT governance, this will need to be evidences. Due care and diligence need to be
disclosed in this regards.

This can be achieved through partaking and preparing the following:

An IT governance framework, which includes:

Decision structures for IT decisions

Accountability structures for IT

IT governance processes

IT reporting structures

IT policies and standards

IT compliance

IT controls and risk mitigation

Information security management practices

Business and disaster recovery

Information technology strategy as part of the strategic business planning process

Page 17

Project management practices

IT benefits realization processes

IT value and performance measurement processes

IT acquisition and disposal processes

IT strategy

Understanding the current state of IT governance and determining improvements

required in an IT governance plan

Effective IT governance practices through the application of recognized frameworks,

methodologies, continuous assessments and monitoring

Reporting on the state and initiatives of IT governance and IT in general to the board

Ensuring that the board receives adequate assurance on the efficiency and
effectiveness of the IT and IT governance processes and on the management of specific
IT-related issues

Disclosing how satisfied the board is with the effectiveness of IT governance.

Due to the fact that IT is the lifeline of business operations and the fact that most if not all
systems and processes are build on IT whether it be finance or safety and health systems it is
finely weaved in every business hence corporate governance should actively consider and drive
IT governance to ensure secure and efficient operations.
King II sets out principles but the it presents various challenges when it comes to a practical
way of implementation. Many companies have already implemented many good global
governance guidelines like COBIT and ITIL. It is important that the board take cognisance of
these governance processes and understand them.
King III is the next step in responsable corporate citizenship. Where Sarbanes Oxley provided
the guidence and controls to manage finances within a corporate King III provides the
governace guidlines and practices. In chapter 5 of King III the report recognises that information

Page 18

tachnology have become quintessetial part of business and corporate functioning and hence
the changes in corporate management and governance.

Page 19

QUESTION 8
Briefly explain the differences between SCM, CRM and
ERP.

QUESTION 9
Describe how your organisation could leverage the power
of a knowledge management system for its employees and for its customers.
Any organisation or business has vast amounts of knowledge floating around, either in the form
of explicit or tacit knowledge. Baltzan (2010:206) defines explicit knowledge as knowledge that
consists of anything that can be documented, archived, and codified, often with the help of IT .
Tacit knowledge is knowledge contained in peoples heads. Although a lot of information is
traditionally stored such as business records and manufacturing drawings, tacit knowledge is
very often neglected and this is only realized when key employees retire or resign.
KMS is the process of capturing all these kinds of information that exists within an organisation
in an effective manner in order to be retrieved and used again. This process must be easily
accessible to ensure its effectiveness. Baltzan (2010:205) compares KMS to a golf caddie who
is more than just someone carrying golf clubs he has a wealth of information and his detailed
information can make or break a golfer.It is also imperative that a company using KMS should
also have a culture of knowledge sharing. Without this, knowledge harvesting cant take place
and the database cant be expanded. The flow of knowledge is illustrated in figure 2.
Figure 2: Knowledge management scenario
(Credit: Stylusinc, http://www.stylusinc.com/Common/Scenarios/km.php)

The key benefit of KMS is competitive advantage and Stylusinc (2010:1) argues that when
employees possess the requisite knowledge or information and are able to use it at the right
moment, relationships with customers, dealers, suppliers and distributors generally improve.
Such knowledge workers can make better decisions by increasing the amount of relevant
information that they have access to. A knowledge management system introduces the
elements of expertise and experience through collaboration capabilities and shortens the time it
takes to make better decisions.
Page 20

A graphic representation of benefits gained can be seen in Figure 3, which ranges from
increased profits to streamlined operations and cost reduction.
Figure 3: Reasons why organizations launch knowledge management programs
(Credit: Baltzan, 2010:207)

The biggest challenge of KMS lies in adopting a methodology or process to ensure 100%
cooperation of employees, because without full commitment there will be varying degrees of
success. The more motivated and loyal the employees, the higher the success and ultimately
the profitability of the organisation.

Page 21

LIST OF SOURCES

ANON. 2010. ERP. http://www.gartner.com/technology/initiatives/erp.jsp. Date of

access: 14 Sep. 2010.
ANON. 2010. Chapter 5: The governance of information technology.
http://www.pwc.com/za/en/king3/the-governance-of-information-technology/index.jhtml.
Date of access: 10 Sep. 2010.
BALTZAN, P. & PHILLIPS, A. 2010. Business Driven Technology. 4th ed. New York:

McGraw-Hill. 616 p.
BARKER, T. & FROLICK, M. 2003. ERP Implementation Failure: A Case Study. Information
Systems Management, Vol. 20, Issue 4, September 2003.
http://www.informaworld.com/smpp/content~db=all~content=a768425614 Date of access: 7
Sep. 2010.
CARR, D. 2010. The Hurdles Nestl Overcame to Deploy a Common Global System.
http://www.baselinemag.com/c/a/Projects-Processes/The-Hurdles-Nestleacute-Overcame-toDeploy-a-Common-Global-System/. Date of access: 7 Sep. 2010.
ERP. ASIA. 2010. ERP software implementation failure analysis and causes.
http://www.erp.asia/erp-failures.asp. Date of access: 10 Sep. 2010.
GROBLER, B. 2006. Responding to the challenges of Cybercrime: A case for law enforcement.
http://www.forgeahead.co.za/e_presents.asp Date of access: 12 Sep. 2010.
KING, M.E. 2010. Corporate Governance Workshop. Johannesburg: Mandela Institute. 75 p.
KING III. 2009. King Report on governance for South Africa. 2009.
http://african.ipapercms.dk/IOD/KINGIII/kingiiireport/ Date of access: 13 Aug. 2010.
KLOPPERS, M. 2010. KING III: Information Technology just got elevated to Board Level.
http://www.epilon.co.za/joomla/index.php?option=com_content&view=article&id=46:king-iiiinformation-technology-just-got-elevated-to-board-level&catid=1:latest-news&Itemid=2 Date of
access: 12 Aug. 2010.
LESHINSKY, G. 2008. Nestl and Nike: How they almost failedhttp://www.boston-technicalrecruiter.com/2008/02/18/nestle-and-nike-how-they-almost-failed/ Date of access: 14 Sep.
2010.
McAFEE, R.P. 2004. The real lesson of Enronss implosion: market makers are in the trust
business. The Economists Voice, Volume 1, Issue 2, Article 4. 10 p.
MILLS, E. 2010. A flood of phishing sites and how to avoid them. http://news.cnet.com/830127080_3-20016026-245.html Date of access: 16 Sep. 2010.
Page 22

NORTON. 2010. Prevention Tips http://www.symantec.com/norton/cybercrime/prevention.jsp

Date of access: 15 Sep. 2010.
NORTON. 2010. What To Do If You're a Victim
http://www.symantec.com/norton/cybercrime/victim.jsp Date of access: 15 Sep. 2010.
SOX.COM, 2008. How to create well-written policy statements.
http://www.sarbanesoxleyfocus.com/how-to-create-a-well-written-policy-statements/
Date of access: 27 Jul. 2010.
STEINERT-THREKELD, T. 2006. Nestl Pieces Together Its Global Supply Chain.
http://www.baselinemag.com/c/a/Projects-Processes/Nestleacute-Pieces-Together-Its-GlobalSupply-Chain/8/ Date of access: 9 Sep. 2010.
STYLUSInc, 2010. Web Development Scenario - Knowledge Management.
http://www.stylusinc.com/Common/Scenarios/km.php Date of access: 16 Sep. 2010.
WORTHEN, B. 2002. Nestl's Enterprise Resource Planning (ERP) Odyssey.
http://www.cio.com/article/31066/Nestl_eacute_s_Enterprise_Resource_Planning_ERP_Odyss
ey Date of access: 14 Sep. 2010.

Page 23