Introduction to the changes
Being the information technology (IT) assistant project director, I should organize the work of a new office in Seattle, Washington in the relation to IT and information system. Riordan Manufacturing is an organization which has the headquarters in San Jose, CA, and manages two plants in different parts of the country (Albany, GA and Pontiac, MI) and a plant in China. Having understood that the collaboration between the plants and the main offices is important, the information exchange is provided on the basis of the wide area network, WAN (Information Technology, 2006).
Before expanding the company’s IT infrastructure by setting up the IT system in the new office, it is important to consider the organization’s information systems and their functionalities, the information technology system in the new office and the major system which failure may lead to many problems, along with the consideration of the reasons for protecting this system and the consequences of inadequate security.
The organization’s information systems and their functionalities
The R&D processes are centered in the San Jose office, the headquarters, and function on the basis of the Six Sigma. These systems allow the company to share the information on the Internet. The routers, gateways/switches, and a number of servers organize the work both inside each department and to share information distantly (Information Technology, 2006). IT systems function on the basis of the Internet and the opportunities it provides.
The company understands that having plants in different parts of the country and in absolutely different country, it should pay much attention to the information delivery. The information is gathered in the central office, all plants have an access to that information, but the Internet connection between the plants does not exist. All information share process is provided in the headquarters, thus, it is impossible to get the information from the plant without being connected with the office in San Jose.
IT system in the new office
To implement a new IT system in a new office in Seattle, accompany should think about IT compliance of a new information system with the existing ones. There are a number of different ways for doing it, still, to reach the desired results, we are going to come through five main steps. The implementation of IT compliance as the part of IT infrastructure is the most important process in the whole system of IT governance and control.
It to consider the work that should be done, it is important to mention two spheres, inside and outside. The company should have good IT connection inside the office. The communication via the Internet should be provided in order to increase the responsiveness and the quality of information delivery. At the same time, it is important to connect a new office in Seattle with the headquarters with the help of WAN, as the whole system works on its basis.
IT compliance, its global interconnectivity and the potential result of a failure of a major component of this system
To implement the IT compliance framework in a new office, it is necessary to complete the following steps,
- Defining the scope to IT compliance.
- Mapping and documentation IT components in the area.
- Designing the controls.
- Evaluation of the controls.
- Reporting about IT compliance activity (Dameri, 2009, p. 29).
The failure of at last one of the steps may result in the ruining of the whole controlling system. IT compliance is the system which is aimed at completing many different functions. Most regulations are directed at the control of accounting entries only. In this case, the company scope perimeter covers only financial data, but other information delivery should be also under control. Therefore, “enterprise systems create integrated databases and sets of applications, so that all the IT applications are included in the scope of IT compliance” (Dameri, 2009, p. 29). It means that the IT compliance scope is large and varied and it is important to protect it is order to avoid information leakage.
The reasons to protect this system
As it has been mentioned above, IT compliance scope includes too much data and information which should be protected. WAN system is not very secure, but the information protection should be the main priority of the company. The key challenge of Riordan Manufacturing is the understanding of the damage the attacks can provide to the company and how they are economically harmful. Information systems security should be based on the countermeasures aimed at preventing and reflecting different attacks which may cause too much harm to the company. Virus and DOS attacks, various threats of information theft, etc. are the very dangerous if not to take them seriously.
The information leakage may lead to different problems, as well as information loss. Living in the world where everything is bought and sell on the Internet, the security plays crucial role, no matter which sphere of interest the company deals with (Kumar, Park, & Subramaniam, 2008, p. 242).
The consequences of inadequate security
The inadequate security of the information at any of the plants may lead to the most dangerous facility, the access to the information in the headquarters. Sumner (2009) offers five main threats an organization may experience,
- “deliberate software attacks,
- technical software failures or errors,
- acts of human error failure,
- deliberate acts of espionage or trespass,
- deliberate acts of sabotage or vandalism” (p. 3).
It is impossible to manage all these risks and be aware of the problems. The main consequences of inadequate security may be the disinformation and personal data exposure. The business contacts and financial data are going to be available to the third parties and the company is responsible for sharing and keeping such data under protection. Intellectual property may also be in risk (Sumner, 2009, p. 11). Riordan Manufacturing is working with unique plastic shapes of beverage package and different medical equipment (Information Technology, 2006). The information devoted to these issues should be highly protected as in case the data is got by the competitors, they may use it in their personal need for unfair competition.
Conclusion
Thus, it may be concluded that Riordan Manufacturing is the company which needs high IT system protection. A new office in Seattle should have the same equipment as other plants, the connection with the headquarters in San Jose is the main component of IT infrastructure which must be perfectly protected. This is the center of information storage, and the leakage of the data via this channel may bring too much harm for the company. The company should implement IT compliance in order to increase the IT governance and control in the company departments.
Reference List
Dameri, R. P. (2009). Improving the benefits of IT compliance using enterprise management information systems. Electronic Journal of Information Systems Evaluation, 12(1), 27-38.
Information Technology. (2006). Riordan Manufacturing. Web.
Kumar, R. L., Park, S., & Subramaniam, C. (2008). Understanding the value of countermeasure portfolios in information systems security. Journal of Management Information Systems, 25(2), 241-279.
Sumner, M. (2009). Information security threats: A comparative analysis of impact, probability, and preparedness. Information Systems Management, 26(1), 2-12.