Implementing Information Technology To Improve Business Continuity And Employee Efficiencies: A Case Study Of STP Limited
Problems faced by STP Limited
Discuss about the Funding and Strategic Alignment Guidance.
The company which is taken into consideration is the STP Limited. The company is mainly running into a structure of problems in which their customer rings them in order to check the delivery of their product. Due to this reason the staffs ring all around the locations in order to get the solution of anyone having the part of order in stock. There was also a problem in the context that when a customer rings them for a particular product, the person concerned checks the product is available or not. In this way they see the item is in stock bout on the other hand when the customer comes to take the delivery the organisation sees that the item is not available because it may have been transferred to another location.
In order to eradicate the problem, the organisation is reinforcing upgradation in their information system with the implementation of a new control system for the stock, anew website and a management system which is for the customer.
The scope of the Project always needs to be very much multi – disciplinary i.e. it needs to support directly integration which is related to the prospective and the information about the project related to many disciplines. The IT also needs to cover the design concept of the products and the construction of the process (schedule) which is needed to carry out the project and reach the pre estimated goal of the organisation. The main concept which should be taken into consideration is that the design concept of the implementation is not completed until the product, the process and the organisation is designed and the understanding between the concepts is properly understood.
The main goal of the project is to establish a system of information technology which would directly help the organisation in achieving the strategic goal which are predefined. The main concern of the organisation is keeping the customers related to their business, improvement of the networking which is related to the organisation and keeping the data of the organisation in a secured manner away from breaching. The main concern factor that is related to the organisation is that the employees are not highly skilled when relating to use of nay information technology. The main strategic goal which is set for the organisation for which the implementation for the information technology aspect is being introduced is to help their employee exceed the sales growth.
The Scope of the Project
The concept of the strategic alignment of the project is directly related to the concept of prioritization. Periodization is one of the abilities which can be termed as a key ability that drives the project towards the goal of the organisation (Borlase, 2016). It is very much essential for the organisation to know what sort of business they are dealing in specially knowing what are the project drivers in the thriving towards the goal of the project. There can be lots of project drivers which may help in moving towards the goal of the organisation. The concept which should be taken into consideration Is the alignment concept of the project with the drivers in order to achieve the goals. Some of the most common example which are related to the topic are:
- The time to market the business: This may be related to the marketing of the product at the right time in order to catch the attention of the users
- Improvement of the quality of the product: This is directly related to the client. if the product which is delivered to the client is of quality then the client would always demand service from the organisation.
- Maintenance cost saving relating to the post selling: the maintenance cost after the release of the product to the client should be considered in the main budget of the project.
- Assurance of the customer satisfaction: customer satisfaction should be the main motive of any organisation in order to achieve goals of the organisation.
- Increase of the share in the market.
Securing the data is a very important aspect which should be taken into consideration by any of the organisation. Two strong arguments can be stated for the protection of the data are protect the privacy and avoid of the identity theft. The points that should be taken into consideration are:
- Protect with password: This may seem very much unfamiliar but most of the cyber-attack are successful due to the fact that the password protocol which was set was very much weak. The access to all the wireless network, equipment’s and the data which are sensitive should be guarded with strong password so that any unwanted user cannot crack the code and get access to it.
- Safe design system: Limiting the access to the technology infrastructure can directly reduce the exposure which is given to the thieves and the hackers. It should be taken into consideration that the scope of the potential damage into the organisation network is minimized by the implementation of a unique set of email address, servers and domain name with would be related to each of the users, department and work groups.
- Basic training requirement: There are number of security breaches that mainly occur due to human activity or carelessness. A creation of a culture which is corporate should be created by means of training that directly deals with the aspect of the risk which is associated with practise of sloppy password and on the other hand the careless use of program, networks and devices.
- Avoid of the unknown email: Clicking of unwanted mails and with it the attachments which the mail contents could directly expose the system with virus, programs which are Trojan and computer worms. Before opening any mail attachments, it should be taken into consideration to contact the email sender in order to confirm the message which is content in the emails.
- Keeping the data which is sensitive out of the cloud: Cloud computing can offer many benefits to the organisation with it the aspect of time saving as well as money saving. But on the other hand the technology may pose threats which are additional as the sensitive data are housed on a server which is located at a remote location. This data is mainly operated by a third party who may have issue with the security. It should be taken into consideration that most of the cloud providers are infants, so it would be appropriate correct decision to keep the sensitive data under the own control of the organisation so that data breach of loss of data is not encountered (Prabhakar, 2017).
Organisations should always take into consideration that the value of the mobile devices can add advantage for the employees. This mainly give them the access to the resources which are related to the business from anywhere and at any time. The concept has not only brought a reshaping in the traditional in task which are related to the in- office but also the organisations are devising a way which is entirely new and highly advanced. On the other hand, it can be stated that there are many threats which are associated with the concept. Following are few threats which can be directly be associated with the technology of the mobile device.
- Data leakage: Many a times the mobile device is stolen or lost. This is incorporated with leaking of data into the hand of sometimes who may use the data for their own personal benefit and gain advantage from it. The user of the mobile in the first hand had trusted the device in order to keep the sensitive data in the system but it may result in a huge damage to the user as well as the organisation.
- Unsecured Wi-Fi: The free Wi-Fi network which is sometimes readily available in order to indulge in activity related to the mobile, it can be highly unsecured from the end of the user. The user can be easily being hacked by the technology and have the data stored in the mobile being breached which is directly being held by someone else.
- Phishing activity: Since the mobile devices are always on the can be indulged in front line of the phishing activity. The phishing activity can be termed as an activity which is done on any networked device in order to gain access to the sensitive information.
- Network spoofing: Network spoofing can be related to the activity which can be done on mobile device or any networked device in which the hacker tends to create an access point which is fake (which may look like a Wi-Fi network). This is done in high traffic regions for example coffee shops where the user tends to use the free internet connection and fall into the trap of the hackers (Téllez & Zeadally, 2017).
The security aspect when related to the use of mobile device in order to access business information should always be taken into consideration.
- Mobile devices always need antimalware software in order to safe guard the system from malware activities.
- Encryption of the device should be in corporate due to the factor that communication which is related to the wireless are very much easily to intercept and snoop into the device.
- Password set up for the device should be always on the high end that no unwanted user can get the direct access to the device as well as the data which is stored in the device as a whole.
- At least ones a year any organisation which is related to this form of technology should hire a reputable security farm in order to perform security test on the device. Such actions could directly reduce the mitigation and remediation aspect which is related to the technology.
The plan of the hardware purchase is a very important issue when related to any organisation. there are mainly three things which should be taken into consideration while implanting the plan of the purchase they are.
- Quality: the quality of the product is a very important issue. Few question that should be included during the quality check are.
- How well does the product match the requirement of the organisation?
- Does it contain the features that the organisation wants?
- How well is the product made
- How long would the product service (Chandrasekaran & Bittau, 2017).
- Price: everything has a budget involved in it. It should not be taken into account that buying product would directly reduce the overall budget which is related to the concept. After all, buying something which is cheap and does not serve the purpose of the purchase would result in replacing of the product which would mean a budget loss
- After sales service: the after sales service is also a very important issue which can be also be related to the maintenance part of the product in order to gain advantage of the product.
The business continuity aspect directly states the functions which are very much essential. Identifying the processes and the system’s must be sustained and the detailed view on how the maintaining part is introduced should be taken into account. Business disruption which can be enforced in many ways should also be considered. Taking into account the risk which are ranged in the form of cyber-attacks to human error to natural disaster is very much vital for any organisation in order to obtain business continuity plan in order to perceive its reputation and the health of the business (Koen, Von Solms & Gerber, 2016). A plan which is related to the business continuity according to a business consultant expert Paul Kirwan should have the following items:
- Initial data which is related to the important information about the contacts located should be taking into consideration at the first point.
- Revision of the process of the management that mainly describes the change management procedures.
- Scope and the purpose.
- Emergency management and response.
- Step by step procedure.
- Flow diagram of the organisation and checklist related to the agenda of the organisation.
- Scheduling of the testing, reviewing and the updating of the plans (Ramalingam, Carr & Walsh, 2016).
Strategic Alignment and Prioritization of Project Drivers
The steps which can be implemented for the organisation in order to execute proper business continuity plans are:
- Initiation of the project is done
- The gathering of the information is done which mainly features the aspect of business impact analysis (BIA) and the assessment of the risk
- Plan development
- Plan testing, updating and the maintenance sector.
There are many factors which can be related to the successful management of the risk management which are discussed below:
- Internal check is conducted continuously: the criminals which are termed as Cyber criminals can attack the spots which are considered to the vulnerable any time, so in order to stop the activity continuous monitoring should be done within the organisation’s network in order to reduce the overall chances that the criminals will get far into the system.
- Segmentation of data from network and other functions of the business: ones the criminal has access to the system they tend to search of nodes and ways in order to gain money out of the business body. The separation of the system would make it easier to detect the criminals and also restrict them in a proper time.
- Organisation collaboration with others: the cyber criminals tend to target all types of organisation and business, so by creating a means of communication would directly create a community that mainly checks for report of any attack, intrusion activity and locate the direct sources from where the attack is generated (Glendon, Clarke & McKenna, 2016).
However, it can be stated that most of the attacks are more or less somewhat predictable. The cyber criminals use the method which is same in order to enter the system and gain the overall access of the system and steal data or money. The most common entry method is mainly through employees allowing access (15% of attacks), devices which are stolen (13%) and the system of the organisation which is in the supply chain (14%) (Almeida, Hankins & Williams, 2016).
It can be concluded from the above report that the company movement towards the IT framework would be very much beneficial taking into consideration the overall benefits which are involved with the technology. By the implementation of the technology the organisation can achieve the concept the business continuity and the ability to achieve the client keeping aspect and overall growth of the business and its overall working within and outside of the organisation.
Recommendation 1: The company should give proper training to the employee in order to utilize the concepts of the business and the advantages that are related to the concept
Recommendation 2: The implementation of the software should be tested and the maintenance of the software should be done in order to achieve the proper working of the software’s.
Recommendation 3: The overall budget of the implementation should be taken into consideration so that fail of budget is not encountered after the implementation of the process is done.
Alec Cram, W., Kathryn Brohman, M., Chan, Y. E., & Brent Gallupe, R. (2016). Information systems control alignment. Information and Management, 53(2), 183-196.
Almeida, H., Hankins, K. W., & Williams, R. (2016). Risk management with supply contracts. The Review of Financial Studies.
Beberlein, L. T., Dias, G., Levitt, K. N., Mukherjee, B., & Wood, J. (2017). Network attacks and an Ethernet-based network security monitor.
Beberlein, L. T., Dias, G., Levitt, K. N., Mukherjee, B., & Wood, J. (2017). Network attacks and an Ethernet-based network security monitor.
Borlase, S. (Ed.). (2016). Smart Grids: Infrastructure, Technology, and Solutions. CRC press.
Chandrasekaran, G. P., & Bittau, A. (2017). U.S. Patent No. 9,628,452. Washington, DC: U.S. Patent and Trademark Office.
Glendon, A. I., Clarke, S., & McKenna, E. (2016). Human safety and risk management. Crc Press.
Koen, R., Von Solms, R., & Gerber, M. (2016, May). ICT Readiness for Business Continuity in local government. In IST-Africa Week Conference, 2016 (pp. 1-11). IEEE.
MacLeod, M. A. (2016). The role of risk management in business continuity: A generic qualitative inquiry of information technology managers (Doctoral dissertation, Capella University).
Nguyen, H. D., & Steele, G. C. (2016). Funding and Strategic Alignment Guidance for Infusing Small Business Innovation Research Technology Into Science Mission Directorate Projects at Glenn Research Center for 2015.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in a public world. Pearson Education India.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in a public world. Pearson Education India.
Ramalingam, H., Carr, M., & Walsh, P. J. (2016). U.S. Patent No. 9,386,507. Washington, DC: U.S. Patent and Trademark Office.
Téllez, J., & Zeadally, S. (2017). Mobile Device Security. In Mobile Payment Systems (pp. 19-33). Springer, Cham.