A large firm with many divisions and operating in different locations was focused on adding controls and reducing the risks associated with the offsite storage of the company’s records.
Statement of the Problem
The firm lacked the effective business intelligence solution to control the offsite storage of the company’s records, and it had no developed strategy in order to reduce possible risks associated with the offsite storage.
The stated objectives were to assess the technology options available in the firm for improving the controls and assess the used strategies and approaches to reduce possible risks associated with the offsite storage. Furthermore, the BIS experts’ task was to develop specific requirements for “a consistent approach for records ownership, metadata quality, and records labeling” (“Case Study 3”).
Areas of Considerations
The problem associated with the offsite storage records was in the fact that the company had many offsite storage vendors. Furthermore, different methods of storing and retrieving records were used in the firm. In addition, the “limited controls for adding new users, inconsistent data requirements for records, and lack of clear ownership for records” were identified as the areas for considerations while focusing on the problem to be addressed (“Case Study 3”).
From this perspective, it was important to focus on assessing the available technology options and approaches to reduce offsite storage risks. Furthermore, it was necessary to revise the requirements to storing the data offsite and to provide the effective strategy to add controls and contribute to reducing the offsite records storage risks.
Alternative Courses of Action
It is important to focus on two possible courses of actions appropriate for the resolution of the discussed case. The first course of actions is proposed as the primary because it is developed by the BIS experts. The company was proposed with such solutions to the problem as the use of offsite inventory for vendors according to the firm’s requirements formulated for the offsite storage (“Case Study 3”).
The second solution was based on conducting the assessment of technology options while comparing them with the set requirements. The appropriate technology solution to address the requirements was chosen. Thus, the requirements were defined and set as regular for the company.
The next step was on developing, testing, and presenting the new technology to offsite users of the records’ storage. Finally, a regional rollout approach was developed by experts to address the problem of controlling the work activities and workload.
The alternative course of action reflects the main steps performed by the BIS experts, but it is more focused on the formulation of requirements and on the issue of the data security. Requirements should include compliance, security, accessibility, convenience, consistent work, completeness, accuracy, and validity.
If the company has multiple offsite storage vendors, it is necessary to focus on using one effective back up plan to store and share the necessary information with the help of the most appropriate system (Howson Secrets to Making BI 58).
The first step is to decide on the requirements and standards followed to add controls and the next step is the encryption of the data to guarantee the security and the development of protocols if there are “limited controls for adding new users” (“Case Study 3”). It is also necessary to focus on the data organization and classification to reduce possible risks.
In addition, such stage as reporting on the operations with the offsite records can be discussed as necessary because of informing about any risks or non-allowable operations (Boyer et al. 12). The next step is the guarantee of following the same standards and the guarantee of interoperability of systems to improve the process of storing and retrieving records.
Analysis of Each Alternative Courses of Action
It is stated that the solution proposed by the BIS experts “resulted in consistent user access controls, records labeling, and categorization of contents” (“Case Study 3”). Still, it is necessary to analyze two courses of actions in order to conclude on their effectiveness to add controls and reduce offsite data storage risks.
The first course of action is rather effective to provide the fundament for the further improvement of controls and risk mitigation strategies (Howson Unlock the Value of BI 37). The second course of actions is effective to address the problem at the current stage, while providing reasonable steps associated with the development of the alternative BI strategy.
Thus, data security is one of the most important issues associated with the offsite data storage risks and adding controls strategies. It is important to state that the company can benefit while choosing the alternative course of action because it provides clear steps to perform while adding controls and mitigating risks.
In order to avoid risks associated with the offsite records storage and use effective control strategies, it is necessary to follow some recommendations:
- The first step is the implementation of assessment and testing strategies for evaluating the work of stated controls and security standards.
- The monitoring of the BI system should be regular.
- The next step is the creation of the BI policy followed in the company.
- The important step is the development of the control framework for offsite storages based on standards and experts’ support.
- The company should address the issue of common standards and interoperability in relation to the process of storing and retrieving records.
Boyer, John, Bill Frank, Brian Green, Tracy Harris, and Kay Van De Vaner. Business Intelligence Strategy: A Practical Guide for Achieving BI Excellence. New York: Mc Press, 2010. Print.
Case Study 3. 2008. Web.
Howson, Cindi. Successful Business Intelligence: Secrets to Making BI a Killer App. New York: McGraw Hill, 2008. Print.
Howson, Cindi. Successful Business Intelligence: Unlock the Value of BI and Big Data. New York: McGraw Hill, 2014. Print.