The report at hand is aimed at providing a consistent rationale for the implementation of governance activities assuring extra Information Security (IS) and preventing potential risks.
We will write a custom Assessment on Information Security and Potential Risks specifically for you
301 certified writers online
At the current point, the key issue of concern resides in the fact that Human Resources (HR) has a direct access to the corporate data. It is, consequently, assumed that there is a strong possibility of data misuse and spread beyond the company.
Thus, for instance, some of the HR members have an opportunity to retrieve clients’ and partners’ contact information and employ it for conducting business. In addition, there is a critical risk of the corporate data being located beyond the environment that the company currently controls. In the meantime, it is evident that a complete database lock is physically impossible as it will interfere with a large scope of the company’s operations.
As a result, it is proposed to implement the recent development in the IS field. The technology allows performing a detailed video analysis of the work flow and identifying suspicious activities that might be carried out by the employees. This video analysis implies transforming a video stream into a typed narrative. Otherwise stated, the analysts can now rely not on the image but on the narrative record that is more detailed and, thus, more valid. It is expected that the proposed implementation will be assistive not only from IS perspective but also in terms of improving the general performance. Moreover, the upgraded IS will help to enhance the image of a reliable and trustworthy corporation in the market.
The existing IS system is evidently insufficient in terms of assuring consistent security and risk management. The company does not possess enough resources that would ensure that the information misuse is prevented timely. In the meantime, the current system requires considerable financial investments; hence, it might be claimed that the company’s resource management is inefficient at the present point.
From the outcomes standpoint, the value delivered to the enterprise is evident. First and foremost, re-shaping the IS approach will allow performing a more efficient control and monitoring of the work flow and eliminating the current flaws of the security system. Secondly, the IS innovation will contribute largely to brand and reputation building. According to the recent research, one of the key determinants of a sustainable partnership is an efficient reputation risk management (The Economist, 2010).
Thus, in order to ensure long-lasting collaboration with the main stakeholders, it is essential that the company guarantees consistent security at all the level of the performance including the information segment. In such a manner, the implementation of the video analysis technology is directly aligned to the core company’s goal that resides in building enduring cooperation.
Meanwhile, it is necessary to admit that the implementation of the new IS strategy implies a series of risks. Relying on the experts’ opinion, it is kindly requested that the all the risks are critically evaluated before the implementation process starts (Hsu, 2012). First of all, the vendor’s unreliability is one of the major threats that the company is likely to face in the process of reformation. As a result, it is strongly recommended that the vender’s profile is thoroughly checked with the help of overviewing the relevant feedback,, examining its legal creditability, and carrying out a detailed research on the market reputation.
Furthermore, it is critical to see to the fact that the new implementation is accompanied by the essential explanatory activity in order to show the employees and non-governmental advocacy groups that the performed change is relevant to the established ethic norms and standards. Experts note that in order to protect the company’s image, the ethical aspect of IT strategy should be carefully seen to so that advocacy community cannot accuse the company of violating the workers’ rights (Fitzgerald, 2011). Hence, it is important to point out the benefits that each stakeholder will potentially receive from the new implementation.
It is, likewise, recommended to carry out a pilot test implementing the new technology in a sample department. In this case, the company will have a chance to examine the strategy’s productiveness, identify the main flaws and eliminate them. In addition, a pilot test will help to monitor the employees’ adaptation and work out the approaches to assist them in getting accustomed to the new environment. Lastly, a pilot test is likely to be useful in terms of the expenses’ assessment.
Finally, it is proposed that an ongoing vendor oversight is carried out in order to ensure efficient change implementation. At this stage, it will be critical to formalize and record all the oversight activities performed. In addition, some external parties might be invited to assist in productive monitoring. The engagement of the consultants and auditors should be initially included in the budget plan.
On the whole, it is expected that the proposed implementation will enhance the productiveness and reliability of the existing IS. It will also contribute to strengthening the company’s positions in terms of reputation.
Fitzgerald, T. (2011). Information Security Governance Simplified: From the Boardroom to the Keyboard. Boca Raton, Florida: CRC Press.
Hsu, D.F., & Marinucci, D. (2012). Advances in Cyber Security: Technology, Operation, and Experiences. New York, New York: Fordham University Press.
Get your first paper with 15% OFF
The Economist. (2010). Dangerous Liaisons. Web.