It is logical to expect inter-dependencies in any system
I agree that it seems to be logical to consider that all systems are interdependent because of the essence of the very concept. The notion of a system was discussed by numerous researchers, and they did not agreed on one particular definition. However, the majority of the state that it is a set of interdependent components, which presupposes that any system is interdependent. In this way, water pumping depends upon telecommunications that depend upon electricity. Healthcare relies on transportation and electricity, and government services on financial ones. Interdependency exists on different levels and can be functional and operational (Beckford, 2015).
Thus, when a flight is canceled, the roads may be laden with people who had no opportunity to leave. The same can be said about enterprise systems. Still, the fact that one organization can produce cotton and wheat, for example, separately cannot be neglected. But even in this situation, different departments need to interact to share resources. It is claimed that enterprises today tend to become interdependent to replace independent systems and improve business processes.
For instance, all sales processes rely on resource planning (Nordmeyer, 2016). The creation of enterprise is a way to make interdependent systems work harmoniously to reach common goals. It is critical for business as the effectiveness of cooperation between different people and departments determines their success. They are to share information, equipment, and finances so that no issues occur and organizational goals can be successfully achieved.
Just because there are inter-dependencies in a system that does not mean there is risk
I do not agree that because there are interdependencies in a system that does not mean there is a risk. The existence of any system presupposes at least some potential risk. Various elements that interact with each other to meet common goals and create a system may face problems with their operations. In this way, when one element occurs to be not able to cope with its tasks and execute its function, all other components are influenced adversely, and the performance of the system becomes affected (Heal & Kunreuther, 2007).
For example, when the finance department made a mistake when allocating resources, other departments received not enough money to purchase the equipment they needed and to have a training program, which influenced the outcomes of their work. Except for that, there is a possibility of mistakes made during the transfer of information. Some data may be shared later than expected, which may result in inefficient decisions. For instance, when the company was planning to have an expatriate, the HR department should have trained one. But this information did not reach the financial department in time. As a result, the costs needed for training were not obtained when expected, and expatriation was delayed.
The information assurance architecture within an enterprise should best be viewed as a system
Information assurance architecture should be viewed as a system, as it deals with the practices that help to analyze current and future security processes in the organization. It is beneficial for the enterprise to treat it as a system because information security architecture is a complex notion that considers the harmonious interaction of information assurance services and mechanisms. Due to the nature of security and risks, it focuses on people, technology, operations, information, and related infrastructure that constantly interfere with one another.
The task of the information assurance architecture is to organize all these services and mechanisms so that they become structured, which presupposes the creation of the system (Willett, 2008). Being seen as a system that exists within the enterprise, it can define all business risks step by step so that nothing will be omitted.
If the architecture is treated just as separate practices, their interrelation will not be considered. As a result, the evaluation of the current and future situation maybe not efficient and accurate, and potential issues that occur in the framework of interdependence may be neglected. Of course, it does not mean that the enterprise will not be able to operate, but it is much easier to work with an organized set of items than with a random mass. Thus, a systems approach is rather beneficial.
The overall risk of a system is exactly equal to the sum of the individual risks of each of the system components
I agree that the common view exists that the overall risk of a system is equal to the sum of the risks of each of its elements, and such opinion is supported by numerous scientists. For example, when it is considered that each of ten parts of a bicycle can break once, this bicycle can break ten times in total. Still, Hood and Jones (2004) believe that total risks are not equal to the sum of the individual ones and are not greater than they. Such a contradiction occurs because enterprises are open systems but the risks are measured as if they were closed. It is critical to consider various influences, including unexpected human behavior.
For example, employees at the Ekofisk successfully identified the fail-safe equipment and solved the problem (Hood & Jones, 2004). In this way, it is important to take into consideration the type of system when measuring its risks. The quantitative approach may be effective in some situations and ineffective in others. Still, if discussing the situation in general, it can be said that the overall risk of a system is not greater than the sum of the risks of each of its elements and equals it.
References
Beckford, J. (2015). Infrastructure, interdependency and systems. Web.
Heal, G., & Kunreuther, H. (2007). Modeling interdependent risks. Risk Analysis, 27(3), 621-634. Web.
Hood, C., & Jones, D. (2004). Accident and design: Contemporary debates on risk management. London, UK: Routledge. Web.
Nordmeyer, B. (2016). Three different types of enterprise systems. Web.
Willett, K. (2008). Information assurance architecture. Boca Raton, FL: CRC Press. Web.