Comments on: Quantitative Analysis of Web Application Usefulness (Or Why Your ROSI is wRONG)

By: Kevin

Kevin — Fri, 23 Sep 2011 13:56:28 +0000

This seems like a good approach to prioritising issues that need a fix- however I would be wary of trusting too much the figures users give for the amount of time they have lost. These could be swayed dramatically by a particuarly demanding user.

@Chandler, I agree – in many cases it is quicker to find a fix yourself if you are familar with the software. When you compare the time this can take with to that needed to document the issue and explain exacty how the program should function it seems the “quicker” option. However this could result in a large number of users still experiencing problems which they don’t know how to fix.

By: Incorporating “User Frustration” into Calculations of Return on Security Investment (ROSI) « Trust Economics

Sat, 22 Aug 2009 16:46:44 +0000

[...] Return on Security Investment (ROSI) August 22, 2009 Posted by separkin in Blog. trackback A recent post by Alex Hutton on the New School of Information Security blog discusses the notion of “User [...]

By: Chandler

Chandler — Mon, 10 Aug 2009 13:56:37 +0000

I’m definitely an example of the behavior that Alex refers to–I consider opening a ticket to the Helpless Desk to be the support of last resort, and usually only do so for hardware issues.

I spend a non-trivial amount of time most weeks dealing with broken apps–as a user, not as a risk & security person–and from what I can tell, I’m better at working around broken tools than most.

By: Interesting Information Security Bits for 08/05/2009 | Infosec Ramblings

Interesting Information Security Bits for 08/05/2009 | Infosec Ramblings — Wed, 05 Aug 2009 23:13:52 +0000

[...] avoidance based on UFH from an information security perspective definitely deserves some thought. Quantitative Analysis of Web Application Usefulness (Or Why Your ROSI is wRONG) << The New Sch… Tags: ( general [...]

By: alex

alex — Wed, 05 Aug 2009 14:51:02 +0000

Chris,

I’m trying to be minimalist here. Simplifying the development of IT Help Desks to only what is too important to jettison. And that is “how much do we suck”?

In other words, while Verizon IT does a good job relative to the industry (*you* try serving 250k users), there’s no way I’m going to call the helpdesk and say “Hey, my phone sucks”. Because they’ll ask “why” and I’ll tell them, and then we’ll spend 3 hours figuring out that it’s just a crappy phone that is operating to specifications. Or my travel app? It’s probably operating to functional and technical requirements. That doesn’t mean it doesn’t unnecessarily cost the company money.

If you follow what I suggest, the user gets to hit an internal website and tell them that my phone sucked again today, or that it took me 30 minutes to enter in 4 receipts. Not only is that “easy” but it’s measuring something that I wouldn’t normally call in about, and something that tangibly costs the company money.

Another example, if you have a Mac and have gone through the learning curve to learn Pages, you might feel, like me, that it’s a much nicer application than other Mac Office Apps. But I would never call into a help desk just to say “Your standard build of Open Office crashed on me again today and wasted 20 minutes of my time”. The help desk would be like “uh, thanks”, or they would take 50 minutes of my life running through a script of “fixes” to my problem.

If you just measure UFH – you might see that while there are few HD calls, this application costs the average user 40 minutes a week in “frustration”. If you want, you can multiply that by a standard “average user cost per hour” and # of users metric.

By: Chris Walsh

Chris Walsh — Wed, 05 Aug 2009 14:27:44 +0000

Doesn’t Verizon have an IT service desk? Don’t they track calls? Looks to me like this frustration metric is a big part of (what should be…) relatively standard IT service management.

Maybe I drank too much ITIL Kool-Aid…