Final Project on Change Management of NetSol Technologies

Introduction
This project is made to understand, experience and to get the practical knowledge that how the Change is important on each and every step of any organization. This project includes introduction of NetSol Technologies Limited, Change pursued by the NetSol Technologies in Security Standards demanded by local and especially foreign customers. We mainly focus change implemented by NetSol in its security standards. Our basic objective in this particular assignment is to know how NetSol implemented the change. We visited the head office of NetSol Technologies Limited Software Technology Park, NetSol Avenue Main Ghazi Road, Lahore Cantt, Pakistan and we gathered information from Mr. Imran Zaheer (Associate Software Architect) & Mr. Sajjad Hussain Kirmani (Executive Director) regarding the Change adopted by NetSol Technologies in their Security Standards.







Preface
First of all thanks to almighty Allah who gave us the strength, courage and sense to acquire knowledge, wisdom to differentiate and without his mercy and help we would not have been gone through this report.
We really appreciate the support and guidance that our teacher Prof. Sohail Saleem provided us during the completion of this report.
We would like to thank all the participants and respondents in the study that helped us completing our report and those who allowed us to undertake the change pursued by NetSol Technologies Limited.
We also acknowledge our families who supported and helped us when we were engaged in this project.
In the end we wish to express sincere acknowledgement of the many contributions who are thinking from many sources and we take responsibility for any remaining deficiencies and omissions.





Introduction to NetSol Technologies Limited
NetSol Technologies, Inc. (NASDAQ CM: NTWK) (NASDAQ DUBAI: NTWK) is a worldwide provider of global business services and enterprise application solutions. Since its inception in 1995, NetSol has used its BestShoring™ practices and highly experienced resources in analysis, development, quality assurance, and implementation to deliver high-quality, cost-effective solutions.
Specialized by industry, these product and services offerings include credit and finance portfolio management systems, hospital/healthcare information management systems (HIMS), SAP consulting and services, custom development, systems integration, and technical services for the global Financial, Healthcare, Insurance, Energy, and Technology markets. NetSol's commitment to quality is demonstrated by its achievement of the ISO 9001, ISO 27001, and SEI (Software Engineering Institute) CMMI (Capability Maturity Model) Maturity Level 5 assessments, a distinction shared by fewer than 100 companies worldwide.
NetSol Technologies' clients include Fortune 500 manufacturers, global automakers, financial institutions, utilities, technology providers, and government agencies. Headquartered in Emeryville, California, NetSol Technologies has operations and offices in Adelaide, Dubai, Beijing, Bangkok, Lahore, London, and Los Angeles.
Sole Mission at NetSol Technologies is to use their top-down dedication to the highest ethical principles and quality standards, their worldwide domain and subject matter expertise, their incomparable BestShoring™ methodology, and their proven track record to give you a truly cost-effective solution that not only meets, but surpasses your needs.
Board of Directors
Salim U. Ghauri Chief Executive & Chairman
Najeeb U. Ghauri Non-Executive Director
Naeem U. Ghauri Non-Executive Director
Irfan Mustafa Non-Executive Director
Shahid Javed Burki Non-Executive Director
Sajjad Hussain Kirmani Executive Director
Zahid Bashir Mirza Executive Director
Rehmat U. Ghauri Alternate Director
Ayub Ghauri Alternate Director
Company Secretary
Boo-Ali Siddiqui
Audit Committee
Najeeb U. Ghauri Chairman
Irfan Mustafa
Sajjad Hussain Kirmani
Head - Internal Audit
Imran Ahmad
Auditors
Kabani Saeed Kamran Patel & Co.
Chartered Accountants
321 - Upper Mall, Lahore
Legal Advisor
Corporate Law Associates
1st Floor Queen's Centre
Shahra-e-Fatima Jinnah, Lahore
Bankers
Askari Bank Limited
United Bank Limited
Bank Al Falah Limited
JS Bank Limited
IGI Investment Bank Limited
First National Bank Modaraba
Innovative Investment Bank Limited
Share Registrar
Vision Consulting Ltd
3-C, LDA Flats, Lawrence Road, Lahore.
Tel: +92-42-6375531, 6375339
Fax: +92-42-6374839
Registered Office
NetSol Technologies Limited
Software Technology Park, NetSol Avenue
Main Ghazi Road, Lahore Cantt, Pakistan
Tel: +92-42-111-44-88-00, 5727096-7
Fax: +92-42-5701046, 5726740

Web Presence
www.netsolpk.com
info@netsolpk.com
NetSol Technologies
History
NetSol Technologies was founded in 1995 as a global provider of software and business services solutions. They are proud to have achieved the ISO 9001, ISO 27001, and CMMI Maturity Level 5 assessments, a distinction shared by fewer than 100 companies worldwide. Their premium suite of asset-based leasing software, LeaseSoft (now part of the NetSol Financial Suite) recently won APICTA's "Best Financial Industry Application" award for 2007. NetSol has also received the 2004-2005 "Best Software Exporter Award" from the NCR National IT Excellence Awards.
With the addition of the lease, loan, and asset enterprise solution software LeasePak (also now part of the NetSol Financial Suite), NetSol gained LeasePak's 35+ years of proven functionality for the Financial industry and significantly deepened its domain and subject matter experience with LeasePak's expert staff.
In June 2008, NetSol Technologies became the first U.S. company to dual list on both the Nasdaq Capital Market and Dubai International Financial (DIFX) exchanges (now Nasdaq Dubai), supporting strategic mission to further expand their brand visibility and investor base in the United Arab Emirates (UAE) and broader Middle East region.
Most recently, NetSol aquired its SAP® Practices division, adding a robust line of SAP products, consulting, training, and staff augmentation services to their offerings.
NetSol believe that within all their clients are the potential of achieving the very best solutions now and in the future to promote their growth and excellence. Towards this end, they dedicate themselves to employing their resources and expertise to create the state-of-the-art framework today that will deliver on tomorrow's capabilities.
Vision Statement
Mr. Salim Ghauri, Chairman and CEO NetSol Technologies Ltd, commented, “Our vision is to become a leading digital security organization in Pakistan providing support in securing the digital boundaries of Pakistan”
Mission Statement
Deliver high quality, innovative and best-in-class IT solutions and services to help our customers achieve their business objectives and operational efficiencies.
Values
We care for our employees who are our most valuable asset. We offer our employees a challenging and harmonious work environment where we encourage everyone to work to their utmost potential.
We will always aim to develop long lasting relationship with our customers by delivering value for their investments.
Our workplace will be an environment of great learning, extraordinary customer service, consideration for our colleagues and self-development. A place where we are happy to spend our working days.
We will be diligent expending company resources. We'll use them to serve our clients better and perform our roles more effectively.
While we grow in size and scale, we will continue to improve our quality of service delivery.
We will work tirelessly to grow in efficiency and productivity using best practices, innovation and imagination.
As we are a global Company, we'll respect every other culture, religion and embrace the change & the challenges that come with such diversity.
Behavior
While we grow in size and scale, we will continue to improve our quality of service delivery.
We will continue to invest in training in Quality.
We'll grow quality initiatives with better “Best Practices” and more quality accreditations
We'll implement better tools for measuring quality both in production and Customer Services.
Quality is not a domain with the few chosen ones but is a responsibility of all.
We'll not pass the buck to the “Quality People” when we can see and address deficiencies

Services Portfolio
Industries they serve:
Lease & Finance
Manufacturing
Health
Banking
Education
Information Technology
Insurance
E-Government
Defense
Services they offer:
Application Development & Maintenance
Technology Outsourcing
IT Consulting & BPR
System Integration
Software Process Consulting
Business Intelligence Consulting
Information Security Consulting
Product Based Solutions
Education
Major Customer
Global:
Mercedes Benz Leasing Thailand
Mercedes Benz Auto Finance China
Mercedes Benz Financial Services Australia
Mercedes Benz Financial Services Taiwan
Mercedes Benz Services Korea
Mercedes Benz Services New Zealand
Mercedes-Benz Finance Company Japan
BMW Financial Services China
BMW Hong Kong
Yamaha Motors Finance Australia
Toyota Leasing Thailand
Toyota Motor Finance Company China
UMF Singapore
Australian Motor Finance
CNH Capital Australia
Finlease Company Limited Mauritius
Al-Amthal Leasing Saudi Arabia
FIAT Motors China
Nissan Motor Company Limited China
Innovation Group UK
Local:
State Bank of Pakistan
Information Technology Department, Punjab
General Head Quarter, Rawalpindi
Electronic Government Directorate, Ministry of IT
Excise & Taxation Department, Islamabad
Command & Staff College, Quetta
Ministry of Health, Government of Punjab
MCB Bank Limited
Highnoon Laboratories Limited
Pakistan Military Academy, Kakul
USAID
Punjab Rural Support Program
Punjab Assembly
Competitors
Neither a single company nor a small number of companies dominate the IT market in the space in which netsol competes. A substantial number of companies offer services that overlap and are competitive with those offered by NetSol. It has a huge number of competitors in IT industry some of which are listed here:
Local direct and indirect competitors
Trg Pakistan.
Techlogix.
Cybernet Pvt. Ltd
Kabbot international Pakistan.
Foreign direct and indirect competitors
International Decisions Systems, Inc.,
McHugh Systems, Ltd
Data Scan, Inc
CresSoft Pvt Ltd.,
Systems Limited.
Tenhill Plc
SouthPac Australia.
HCL (India)
InfoSys (India)
Partners
Oracle
Microsoft Gold Partner
IBM Business Partner
Sun Microsystems
HP DSPP Partner
Innovation Group
SAP
Business Objects
GE
Software Engineering Institute
Thales Raytheon Systems
IBM- Internet Security Systems
Kaspersky Lab
Shaukat Khanum Memorial Cancer Hospital


SWOT Analysis

Helpful
To achieving the objective Harmful
To achieving the objective
Internal Origin
Attributes of the organization
Strengths

Excellent financial strength
Company with a vision to become a billion $ company.
First organization to achieve SEI CMMI Level 5 assessment in Pakistan.
Increasing market share
products and services quality
Sound organizational structure
Highly skilled IT labor force
A large number of blue chip clients
Strong PR and corporate linkages
Largest exporter in IT industry of Pakistan
Weaknesses

Improper use of strategic concepts
High employee turnover
Ineffective market segmentation
Least focus on branding
Least focus on Pakistani market
Ineffective promotion and advertisement policies
Insufficient MIS facilities
Limited R&D facilities
Unclear career paths
Poor rewards and benefits structure

External Origin
Attributes of the organization Opportunities

Need of e-governance solutions in both the government and the corporate sector of Pakistan.
Expansion in global computer software market.
International organizations are outsourcing their IT operation in Pakistan.
Tax exemption until 2016, the establishment of IT parks with low rent, foreign ownership of equity invested in IT, and 100 percent repatriation of profits for IT companies.
Immense business sector growth in china.
Threats

Global economic turmoil and its severe effects on Pakistani economy.
Competitors around the globe.
Copy rights and patent violations.
Brain drain faced by Pakistan.
Inconsistent IT policies formed by government of Pakistan.
Hacking and other illegal and unethical practices.



What was needed to be changed?
Previous processes that did not meet the security standards demanded by local and especially foreign customers were needed to be changed with a secured process that does not hurt privacy of information regarding customer’s corporate activities.
How was the need for change identified?
As major clients of company are from financial sector and as we know that the data from financial sector is the most confidential data. So this was the need of time,
Secondly with the passage of time the cyber crimes have increased so in international market people are very conscious about the secrecy and confidentiality of their data.
Why important to change?
Without information security management system (ISMS), it was very difficult for NetSol Technologies to convince their customers. It was very important for marketing and was a requirement of ISO 27001:2005 standards as well. Information security management system enabled their employees to work according to specified procedure and was expected to reduce the efforts for training newly appointed employees.
Forces for change:
Main forces we assessed that stimulated the idea for change were as follow:
Rapid growth in technology.
Heightened competition in the market.
Increased demand of productivity,
Requirement for integration of available information
Increased levels of customization.
To gain more market share.
Ensure the security of client’s vital information.
Challenges:
Data secrecy, ensuring privacy of client, fool proof security at work place and adjusting new employees in company’s working environment were major challenges to the company.
Bottlenecks:
Company’s processes previously were not in way to ensure the security of the information. Due to lack of defined processes employees were not trained to meet security standards described by ISO 27001.
Major Change In system limited:
They had introduced the “INFORMATION SECURITY MANAGEMENT SYSTEM” in their BPO division. This change was introduced in 2007 and it was authorized by complete group including the CEO, MD, CFO and Director.
Information Security Management System (ISMS)
“An information security management system (ISMS) includes all of the policies, procedures, plans, processes, practices, roles, responsibilities, resources, and structures that are used to protect and preserve information. It includes all of the elements that organizations use to manage and control their information security risks.” (Ref: ISO 27001:2005)
This Information Security Management System conforms to the world class ISO 27001 and is applicable in four major areas:
1. Physical Security 2-Personnel Security
3- Network Security Management 4-Access Controls


Goal of Change
At NetSol Technologies their goal is to exceed their customers’ expectations by timely delivery of state-of-the-art software solution -- a solution that would translate their needs into increased productivity and profitability. Major goal was to implement the ISO 27001 practices and pass the certification for it. Then the market requirement, business needs, customer needs and the quality of system were focused. The major intent was to define Simple and realistic goals which can be achieved in specified time and can be measured as per defined measurements.

Among their goals were:
To make their system fool proof, and with minimum possible virus attacks.
To make all employees to be security conscious that even if they do not monitor the system it remains secure with zero unauthorized attempts to secure data.


How we can differentiate the previous state of the organization before the change from current condition?
They did not change a lot, they already had quality management system in place and they are CMMI Level 3 certified organization, they had many controls in place earlier, but now they have better management of these controls, the records for all activities are kept and the security of data is more focused now. The secrecy and confidentiality of customer data is grown stronger now.
Compatibility of change to organizational culture
Introduction of the change is one of the most difficult activities in organizational culture; people are always reluctant to change, especially when there is installation of cameras identification devices at entry points, making restricted areas secure and locked.
So the most difficult thing was to change the behavior of people but employees are very cooperative and hardworking.
The culture of organization is autocratic, tasks are assigned by the top management and the employees have to work accordingly to complete the project before the deadlines.
When information security management system (ISMS) was introduced into the system then employees have to perform task under some procedures, so it was according to the culture because they were already working according to some defined procedures.
Type and techniques of change
This was organizational development change. Unfreezing technique was “ restructuring and burning plat form” as organization’s processes were designed to ensure a behavior change while the Transition technique was “ whole system planning and education” as every department was involved to ensure and implement information security and as Refreezing technique was “institutionalizing and burning the bridge” as the change was built into the formal systems and structure.
How change was incorporated?
To achieve above described goals NetSol Technologies adopted Quality Management Procedures that include well-defined management and software development processes and mechanisms for continuous improvement of their products and services.
They also focus not only on the professional growth of their human resources but also on their working environment. This helps them to attract and retain the best professionals and keep the company abreast of innovations in technology.
Involvement of vision
The vision of NetSol technologies is to be recognized by its customers, employees, stakeholders, vendors, partners and competitors as the number one Software house and IT enabled services provider in Pakistan. It is focusing on security of data (change) to remain best choice for its customer.
Change plan
How was change planned?
Complete planning process was done including SWOT analysis, framing reframing, individual analysis, team session, development of action steps, collate action steps, and brain storming.
Change manager first of all after identifying problem of insecurity of customer data, through using SWOT analysis, in a briefing session with teams from different departments of company described all details regarding following issues:
What actions does this issue require?
What detail must be included?
(e.g; need of employees, technology requirements like cameras and software,)
How this should be communicated?
Who is responsible to do what? By when?
How action will be monitored?
How was the change implemented?
It followed the complete cycle of change management i.e. freezing, transition and refreezing. They hired international consultants for this purpose, which helped them starting from the GAP analysis till the Stage B audit.
Individual teams from each department were formed and assigned a specific task to make change effective within their department. Through above described communication strategies message is delivered effectively. Their performances are checked through internal audit conducted on quarterly basis and all issues causing hurdles in change implementations are
Challenges faced during implementation
Cost was a major factor during the entire change to purchase all infrastructures, hardware, software and security devices.
How was change Reinforced?
They have replaced previous procedures with new processes, hence depletion of old techniques and introduction of totally new ones does not allow people to return back to work in insecure working conditions, permanent bonding with new process is developed. Monitory rewards are also attached with working perfectly in changed environment.
Communication System
Management has clear insight in the communication system. Communication network is hierarchal so highly formal in nature. Information moves in both downward and upward directions without bypassing any link in the network.
Following strategies are being followed to communicate a clear cut message throughout the organization:
Public address /written memos lower level employees.
Briefing sessions middle level managers.
One-to-one directors and higher authorities.
Employee development and training sessions for change understanding
NetSol Technologies internal audit and Process developing team conducts workshops and in-house training sessions in all departments at different timings on regular interval basis. It also ensures through employee trials that they have been trained enough and change has been actually in practice.
Monitoring and Evaluation
NetSol Technologies has a very strong monitoring system, they have logical monitoring through different soft wares, physical monitoring, CCTV cameras, and intrusion detection systems are installed on all glass windows within the premises.
NetSol Technologist’s internal audit and Process developing team conducts internal audit on quarterly basis which never leaves anything hidden. Also annual audit is conducted by “Kabani Saeed Kamran Patel & Co” on every first week of June.
Beneficiaries of change, How they are benefited
Customers are the major beneficiaries of this change as this change ensures data secrecy and leads to more satisfied customers. Other beneficiary is company’s management itself because they need not to put more efforts on training newly hired employees to adjust them in company’s working environment.
Change perceived by employees
Employees are very cooperative, hard working, young, energetic and supportive to change and through team work in all departments anticipated to make change successful. Management has distributed the responsibilities among different departments, and different teams are made having representations from all departments in change management process.
Major Pitfalls and Resistors, Strategies proposed to overcome registers
In NetSol Technologies, currently more than SIX hundred employees are working, majority of them are young employees. Employees are very passionate, energetic and hard working. They didn’t resist when the change was introduced. However a five or six senior employees showed minor resistance in the early stages of change. Through motivation and involving them in change planning process this problem was resolved.
Gains of the change
It has improved quality of services, data security. Management now can better plan the business continuity, incidents are well managed, all kinds of risk and threats are well assessed and managed, and lots of other benefits which are worthy to consider.
Impact of change
Impact of this change has on the overall quality of services. Changed process has helped management to better monitor either services are smooth and secure enough to make customers satisfied or not. Impact of change on the cost and ROI (return on investment). As quality of services has improved, the defect count has decreased, cost of quality has reduced and they have now a very loyal customer. This trust of customer has increased ROI by almost 30%.
Future plans of the organization
They are planning to improve further by implementing Six Sigma and ITIL.