HomeHome  PortalPortal  CalendarCalendar  FAQFAQ  SearchSearch  MemberlistMemberlist  UsergroupsUsergroups  RegisterRegister  Log inLog in  

Share | 
 

 Assignment 2 (Due: July 7, 2009, before 01:00pm)

View previous topic View next topic Go down 
Go to page : Previous  1, 2, 3, 4  Next
AuthorMessage
juvilynconsejo

avatar

Posts : 40
Points : 42
Join date : 2009-06-22
Age : 26
Location : Tagum City

PostSubject: my_company   Mon Jul 13, 2009 10:20 pm

Honestly we visited many company but unfortunately all of them was just accepting our letter and tell us that we will wait for the approval....

We had update every now and then, call our selected company but they told us that the manager hasn't come yet. They were trying to contact it, so all we need to do was wait.

Perhaps, we all know that it is our fault because we did not work it ahead of time, it was one of the lesson I've learned.

THIS IS IT...

We have chosen the rhine marketing. So first, i will just take an overview of what's is this all about...

Rhine Marketing Corporation - Computer Division (RMC-CD) is a leading manufacturer of personal computers, and distributor of a complete line of peripherals and other computer-related services.

It was established in February 1992, when Rhine Marketing Corporation's interest has evolved from home appliance business has achieved a good reputation immediately. They not only provide expertise to meet the increasingly sophisticated needs of our clients, but also offer solutions that set new standards for quality performance and value.

It is located along San Pedro St., Davao City and it is one of their branches.

As we go through interview, we had ask the interviewee of what were the risks or problems they had been encountered in their managing of their business. As what he answered, they had face many problems but he specified it, when it is in connection to their software this are the following problems:

1.) Syntax error- according to the web: refers to the error in the syntax of a sequence of characters or tokens that is intended to be written in a particular language.
- the interviewee said, it implies that it is an error in the runtime. For instance, when you make a system and you want to update i,t and your syntax is wrong so it will prompt there that you had done wrong to your system.
2.)Logical error- it implies that it is a logical error when the coding of program failed to solve the problem.
- it has the same answer with the interviewee, that it is really a problem when you had create such a system but it did not satisfie3s its specific problem.

Answers to the problems:

1.) to take down notes- it is needed especially when you are the one who work on a system so that it is easily for you to know or see what are the wrong portion in your system. And if ever you were not around the other programmer will know how to continue your program.

2.) document all things- it is also important that everything you do has been documented in the sense that, you have an evidences or proofs in case of misunderstanding of the clients or customers.

Moreover, in terms of making a system and it is done by group it is really important that before and after you had a conversation about all of the information's gathered, so that all of you will know and aware of it. As for final words, we do not know everything in this world that's why we need to talk to others to learn more as well as enhancing our own knowledge and skills.

Reference:
http://www.wiley.com/college/busin/icmis/oakman/outline/chap05/slides/errors.htm
http://www.rhine.com.ph/


Last edited by juvilynconsejo on Fri Jul 17, 2009 1:32 am; edited 3 times in total
Back to top Go down
View user profile http://juvilyn-juvilyn.blogspot.com/
Tanya Clarissa G. Amancio

avatar

Posts : 44
Points : 51
Join date : 2009-06-21
Age : 27
Location : davao

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Tue Jul 14, 2009 5:06 pm

nkapost nko sir.. naa sa 4th page.. I love you


Last edited by Tanya Clarissa G. Amancio on Wed Aug 05, 2009 6:24 am; edited 1 time in total
Back to top Go down
View user profile
Michelle Adlawan

avatar

Posts : 34
Points : 36
Join date : 2009-06-23
Age : 27
Location : Lupon, Davao Oriental

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Wed Jul 15, 2009 2:57 pm

“The problems of today cannot be solved by the same kind of thinking that created them.” – Albert Einstein

As far as businesses and companies are concerned, there are definitely risks associated when it comes to business and IS/IT (Information System/Information Technology) change. And somehow in my own perception, these business or corporate organizations encounter similar risks attached with the changes in business and IS/IT.

From the companies that we’ve visited, mainly Concentrix, a call center company, meets certain cases in their company that let them take certain risks for some changes that could lead to a more develop company. Changes in a company may give significant impacts to the risks they take. Based on my observation, the occurrence of changes in a business associated with information technology is a valued need for the substantial growth of the company. However, impacts (may good or bad) are expected in associating these risks changes.

Primarily, the question to ask is what are these risks to take in acquiring these changes? As based on the company I’ve adapted, I observed that one of the risks that it encounter is security. This is because Concentrix is a call center industry that offers technical and customer support and it’s mainly linked with Information Technology in use of Information System. They use information technology in applying their services to their clients. Therefore, there’s a need to be more relevant in keeping track of files and keeping safe of the records of their clients and their company itself. Time to time, new technology emerges. That is why the technology they use requires a more developmental change in a certain period of time in order for it to be more competitive and more reliable. Security should be enhanced as time goes by as the technology evolves. As the MIS Supervisor of Concentrix had said, they make sure that the system they use is constantly evolving and it adapts and adjusts for certain changes if it justifies the company’s need to develop. In a company like Concentrix, security comes with privacy and confidentiality. And the clients are their first concern. Therefore, keeping their clients’ profiles should be kept confidentially as well as their company’s system, codes and passwords should also be kept in private. That is why security therefore needs to be improved from time to time.

However, taking a security risk would greatly give impact to the company. Performing a security enhancement might give service interruptions to the company and these would affect their facility and much more their clients. That is why a risk is involved in developing the security in a company. Acquiring the risk in security enhancement should be well-planned in order to avoid delays or inability to achieve strategic objectives of the company.

Another risk that I’ve observed in the company I’ve visited is financial risk. Tools, technology, and architectures enable business processes and IT services. Thus, in this case, people in the company should manage the needs in the company. Financial issues are going to take place every time a company plans to make some changes in their system, production, and services. Technology is a complex area in a system’s company and its inability to transform in a better ground for the company will affect largely to its given services and functions as a company. Concentrix, on the other hand, is making sure that they’re company is competitive enough to meet the scope of being a productive IT company. As they’ve stated, their Management Information System is constantly evolving and that makes them engage in a more financially issues in their company. Taking all accounts: the services, the production and the management, all of this takes planning in order to be functional and useful; and planning and developing these tasks is subjected to acquire certain financial risks. This risk involves an account to the management that if they apply this certain risk, they should make sure that it is substantial to the planned progress of the company. The management, moreover, should give an opportunity for acquiring this financial risk if it’s sustainable enough because this would somehow help in developing the company.

On the other hand, as I’ve said earlier, these risks are somehow associated with impacts to the company; it could be good or bad. These impacts may or may not strongly affect the company but yet it is part of the change that the company is going to take. Service interruptions, lost revenues and incapacity to achieve strategic objectives are one of the impacts that may take place in taking those risks in the company. But if the risks are executed properly, obtaining all the necessary applications to it, those risks will become big opportunities to the development of the company. The problems of a company can only be solved by accepting changes and taking risks, thus, making them applicable to growth and making them more competitive in the business and IT world.


Sources:
"The Risky Business of IT Change" by Adam Lavine
http://www.1000ventures.com/business_guide/bg_index_graph.html
http://searchcompliance.techtarget.com/generic/0,295582,sid195_gci1359554,00.html?asrc=SS_CLA_312593&psrc=CLT_195
Back to top Go down
View user profile
carla comoda

avatar

Posts : 50
Points : 54
Join date : 2009-06-20
Age : 26
Location : Davao City

PostSubject: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Mon Jul 20, 2009 2:05 am

==skycable===


For our second assignment, we were tasked to have another interview again to our recently visited company. We had visit Sky cable to determine there is/IT risk and change. To be consistent I would still be referring to that organization / company. Before that I would like to define what is Information System?

Information Systems (IS) refers to the interaction between people, processes, and technology. This interaction can occur within or across organizational boundaries. An information system is not only the technology an organization uses, but also the way in which the organization’s people interact with the technology and the way in which the technology works with the organization’s business processes. Information systems are distinct from information technology in that an information system has an information technology component that interacts with the people and processes components.

Company profile
SkyCable is a direct-to-home cable TV and subscription service, established by the Lopez Group of Companies and Central CATV Group Of Companies. It is one of several sister companies of ABS-CBN. SkyCable offers a range of analog and digital Cable Television services, and also offers high-speed Internet services and VOiP services.
SkyCable was established in January 1990. Commercial cable operations commenced on January 6, 1992. By the end of the year, 8,500 strand miles of cable were laid out, bringing in 20,000 subscribers by 1995.

Today, over 500,000 subscribers have made SkyCable the number one cable TV service provider in the Philippines. It has grown to feature the best and most varied cable programs for the whole family.

The success of SkyCable throughout the years enabled the business to expand and go beyond just providing postpaid cable TV service. In 2006, the first ever prepaid cable TV service inh the country was introduced, SkyCable Silver Prepaid. In 2008, SKYBROADBAND, the fastest residential broadband internet service in the land, and SKYVOICE, the lowest-prepaid IDD calling service, were launched.

This foray into innovative information and communication services created the need for the company to evolve its name into something much bigger.


== Here are the following risks associated on IS/IT change given by the IT personnel we had interviewed:==
*Security of data
- is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled. Thus data security helps to ensure privacy. It also helps in protecting personal data.

*Migrating/Changing of Operating System and New System
-Nowadays the most common OS that we have encountered in the Windows Operating System. Since most of the OS in Sky Cable are exercising Linux which is a full-fledged operating system, many of the employees find a hard time in manipulating the computer.

*Reliability and efficiency of the system
- The reliability of the system is not well tested. It will affect the business flows of the organization since it controls the information.

*Competition
- We can’t avoid competition in a business. According to the IT personnel of Sky Cable, when there is new system installed in the company the employees try there best to adopt immediately the last trend. The administration gives incentives to those whose can assimilate the system and it also might lead to the promotion of his/her position. On the other hand, the employees who cannot comprehend easily will be assigned to different manual works.
*Knowledge and Educational Background
-It is really important that the employees are well educated so that it is not hard for them to analyze the problems arise in a company.

*Cost
-It is really important to know the cost of the new technology being implemented in a company.

*Rejection to the staff
-The employees must be updated with the latest trend and they must know how to use it. We can’t deny the fact that not all employees are literate in computer so the company will hire a new one which has the knowledge of the existing technology. So, it is a threat to the employees especially to the IT personnel’s of the company.

*System Failure

- It is arise when there is a problem in hardware and it can cause the hardware to freeze, reboot, and/or stop functioning altogether.

*New technology, less employees



Reference:
http://en.wikipedia.org/wiki/Information_systems#Overview
http://en.wikipedia.org/wiki/SkyCable
http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf
http://www.computerhope.com/jargon/s/systemfa.htm


Last edited by april kaye bigonte on Mon Oct 05, 2009 1:15 am; edited 3 times in total
Back to top Go down
View user profile http://quinkaye.blogspot.com
Ida Karla Duguran

avatar

Posts : 46
Points : 47
Join date : 2009-06-19
Age : 27
Location : Matina Aplaya, Davao City

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Mon Jul 20, 2009 10:27 pm

To Sir Gamboa..

Greetings!

Sir, I don't have an entry for this thread for i wasn't able to accomplish this assignment due to continuous fever that resulted to my hospitalization after diagnosing of dengue fever that lasted a week of confinement with blood transfusion.

Hoping for your kindest consideration.
Back to top Go down
View user profile
amielou.falcon

avatar

Posts : 28
Points : 28
Join date : 2009-06-22
Age : 26
Location : mabini, ComVal Prov.

PostSubject: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Sun Jul 26, 2009 3:56 am



Based on the company's best IS/IT practices, these are mentioned risks of my adopted company.



Idea the company is using an outsource program.
Arrow therefore it is highly cost.
Arrow "mahal man ang program, naa juy i-risk,pero selected lang." -system administrator

Idea the company who purchased their program knows their database.
Arrow Security risk.Anyway, it is a contacted transaction, there is an agreement between both parties.


Idea changes brings resistance.
Arrow technology to people.
Arrow decreased in numbers of selected clerical workers.


Idea the system administrator had also mentioned ethical issues among their users.
Arrow there some cases in which users are visiting restricted areas online, such as pornographic sites.
Arrow fortunately, this issue had been closed since they put a firewall on their SAP program. (this is best explained in my assignment1)


So much with our conducted interview in PHOENIX PETROLEUM PHILIPPINES INC. with the company's system administrator, these are the only things that are being risked and had been changed with the implementation of their Information System Technology. Rolling Eyes Rolling Eyes

evidences:

my letter of approval Razz Razz




on the spot taken notes silent silent


(to be honest, my first proposed and approved company was SMART Telecommunication Inc. but some instances had happened... Crying or Very sad it just happen that their company's existing IT professional was only one that is, he is assigned only in main office of the company and visited their branches only if needed.)
[i]


Last edited by amielou.falcon on Wed Oct 07, 2009 3:55 pm; edited 1 time in total
Back to top Go down
View user profile
jerald jean pullos

avatar

Posts : 52
Points : 57
Join date : 2009-06-21
Age : 26
Location : davao city

PostSubject: Assignment2   Mon Jul 27, 2009 5:04 pm

study still working study
Back to top Go down
View user profile http://jeraldjeanpullos.blogspot.com
aeros salaga



Posts : 45
Points : 63
Join date : 2009-06-21
Age : 26
Location : Davao City

PostSubject: Assignment 2: Company Visit   Mon Jul 27, 2009 10:13 pm

We are task to visit some large local companies/organizations that can be found here in Davao or near to Davao in order for us to learn, and know something about business administration and business flow of information. I myself could say that this kind of activity could challenge me as a student and learn thing through reality. Yeah! This activity is very tiring especially if you have been rejected by the company you choose but at least this will help us especially when we talk about management (time management), that has been taught(always!) by our facilitator. With this, we learn how manage our time (even if we did not perfectly manage it), we learn how to become patient in many rejections we receive, and we learn to have determination. Finally, I found the local organization together with some of my classmates, which would help me comply the requirement and help me gather information. The company that warmly welcomes and accepts us to conduct an interview and visit their company is the RHINE MARKETING CORPORATION. First, I will post some information about this company…

RHINE MARKETING CORPORATION



ORIGIN

In 1947, the late Claude Marion Wilson Jr. after has retirement from the US Army, invested his savings and set up the Claude M. Wilson Trading Co., a company engaged in the imporation and selling of construction materials, essential items needed for the country's reconstruction after World War II. The small enterprise was later renamed Claude Wilson Corporation. The company started selling imported sewing machines, and business machines, principally the Italian Olivetti typewriter.

The Claude Wilson Corporation established its Cebu branch in 1957, at the center of Juan Luna and D. Jakosalem Streets, under the supervision of Mr. Juan Ross. Mr. Lou Da Costa was then General Manager of the Manila Head Office.

In less than a year, the company grew and Cebu branch moved to bigger offices of the old Osmella situated at the corner of D. Jakosalem and Magallanes Streets. Mr. Jose Antonio Martinez became the first branch manager, while another trusted Wilson executive, Mr. Senen Valero, took charge of company operations.

In the later 50's and early 60's, the Philippine economy began to flourish resulting in an increased demand for sewing machines and other home appliances. This gave the company through Claude Wilson's entrepreneurship, the impetus to diversify and expand its product lines.

In line with the government's call for the establishment of more factories, Mr. Wilson decided to manufacture instead of import sewing machines. This daring move was vigorously challenged by competitors who could import sewing machines more cheaply than to manufacture them.

In 1961, Claude Wilson Corporation became Philippine Sewing Machines Manufacturing Corporation (PSMMC). The company head office was in Manila with branches in Cebu and Dagupan, locations designed to meet demands in Luzon and the southern part of the country. Martinez was transfered back to head office in Manila and A.F. Martelino was appointed Cebu Branch Manager.

On May 26, 1964, PSMMC (now METERCOR) formed a marketing arm called Rhine Marketing Corporation principally to sell Rhine sewing machines. Paid-up capital was P50, 000.00.

In the 70's product lines were expanded to include other consumer durables which, like sewing machines, were also in short supply. Since the company's main thrust was to be installment sales, Wilson and his executives reasoned that a provincial head office would stand a better chance of succeeding. That nationale was that a small, cohesive community where people knew each other and have lived in the area for many years would result in safer, less risky sales on credit. Cebu was a natural choice. That policy was a wise one indeed and Rhine today continues to operate a nationwide network of branches from its home base in Cebu.
The following year there more branches opened in 1980. These are located in Makati, Mati, Gingoog, Valencia, San Jose, Calamba and San Fernando.

Rhine Marketing Corporation - Computer Division (RMC-CD) is a leading manufacturer of personal computers, and distributor of a complete line of peripherals and other computer-related services. Established in February 1992, when Rhine Marketing Corporation's interest has evolved from home appliance business to Information Technology (I.T.), we now enjoy a rapid growth and have achieved a good reputation immediately. We not only provide expertise to meet the increasingly sophisticated needs of our clients, but also offer solutions that set new standards for quality performance and value.

Reference: http://www.rhine.com.ph/about-us/rhine-marketing-corporation.html#about%20us

Based on the organization(s) that you visited, what do you think are the risks associated with business and IS/IT change?

…the company chooses one of their employees who is capable or has knowledge/skills that could help us gather information on their company that would reflect to our studies. One of their employees introduces himself to us. He is Mr. Crisologo Abella, MIS staff and a programmer of their branch. He is our interviewee of that company. After introducing each other I ask him a lot of questions that would help us gather information about the question above, together with my co-interviewer.
The branch of Rhine Marketing Corporation we visit is located at San Pedro St., Davao City.
These are some of the important questions that we asked or presented to him:
…How important IT/IS to your company? …What are the systems you have implemented to help the company, how do you call it? …Can you give us some details about the flow of information on this system? …How do you maintain or manage it? …are there any problems you have encounter on developing this system? …what are the risks on maintaining or managing the system? …I’m sure you’ve gone though updating your system? What are the problems or risks you’ve met on updating your system? …what are your techniques or way in order to solve these problems?

…Those are the questions we have presented and after every question, he answered it well. These are the information I have gathered from the interviewee (but I put it in my own words based on my own understanding)… He said that Information System is the most important thing on business because without it their will be no exact flow of information. In order to lessen the capacity of their work, they develop a system and they called it Rhine System. On this system, every data and information for their company such as supplies, payroll, inventory and etc., will be saved and retrieved for every moment they will needing it. He said that he is one of person who developed the software of the Rhine System such as programs, database, as well as managing or maintaining the system. He also rate to us how important is Information system; he rated it as 101%. He also taught us some of the flow of information of their companies. He also taught us what are the components or the thing flows to their system, such us the supplies  sales  inventory  payroll  etc. He said that being the head of the IS personnel and a head of their system maintenance, it cause a lot of work and problem. He said that maintaining IS/IT is as challenge because there are a lot of risks and problems you will encounter and need to solve immediately. He said that first problem you will encounter is from making or developing programs for your system. And as usual it starts from planning what kind of system capable for their company and also its limits. But, a lot of problems you will encounter are from maintaining the system, because it includes updating or changing some aspect of the system. He said that, as time goes by; many changes should be done because technology is also evolving. He also said that one of their main problems is the risk for their data security. Their system is not well secured that can be accessed by unauthorized person and probably cause system error and system change, and the flow of their information will be affected that will cause false information. Updating or changing a system is a lot of work because the whole flow of information will be interrupted that is why they will make an immediate solution for the problem. In order to solve those risks, you should be an expert for this job and well planned. He also said that they encounter a lot of error of their system that is why they have developed a backup system for data recovery. Those are the information he shared to us…




Back to top Go down
View user profile http://aerosusep.blogspot.com
Chris Romarate



Posts : 54
Points : 55
Join date : 2009-06-20
Age : 26
Location : Tagum City

PostSubject: Assignment 2   Tue Jul 28, 2009 11:54 am

Our second task is to identify the risks in the company that we've visited, and my company that I visited is the Rhine Marketing-Computer Division located at the San Pedro St., here in Davao City. According to Rhine Marketing's website, Rhine Marketing Corporation - Computer Division (RMC-CD) is a leading manufacturer of personal computers, and distributor of a complete line of pheripherals and other computer-related services. Established in February 1992, when Rhine Marketing Corporation's interest has evolved from home appliance business has achieved a good reputation immediately. We not only provide expertise to meet the increasingly sophisticated needs of our clients, but also offer solutions that set new standards for quality performance and value.

As we interview the MIS staff in the said company, he discussed to us some practices of Rhine Marketing regarding with the systems they used. Before, Rhine Marketing used the manual system in recording and making inventory. It is so hassle in inputting and recording the data of the customers and the products, for sure there are lots of errors with that. The company used two systems in operating their business. These two systems are the Accounting System and the Desktop System. Now, from manual system of recording and making inventories of the products and customers, Rhine Marketing use the computerized system in order that their activity will be faster and free from hassles.

The MIS staff of the Rhine Marketing tackled also about software. He said, software is important especially in business operations. Without software, hardware of your computer is useless he added. There are factors he mentioned in software. First, software is less time consuming. Software is less time consuming simply because, since it is computerized all records can be inputted easily. If there are errors, you can easily detect so that you can change it and make it correct and the second one is, in searching records, it is easy to use. If there are thousands of customers in the company, you can easily search the important data of that person, not only to the customers but also to the employees and products of the company.

Rhine Marketing has its own system which made by hired IT professionals. This system is the so-called Rhine System. Rhine System is used by the different Rhine Marketing branches all over the Philippines which has its own features: 1. Inventory, 2. Account Receivable, 3. Disbursement and 4. Payroll. Rhine System is compatible to any operating system but they only used the Windows 98 and Windows Vista only.

The MIS staff of the Rhine Marketing mentioned also one of the risks happening in their company especially in the field of IS and this is the security. This security is referring to the data to the company. The security of the program is out of date sometimes. That is why, they want this to be enhanced so that errors should be minimized. Also, he mentioned that some of their programs do not have its own database engine. He added also about syntax error and logical error that usually happens to their systems. According to an online free dictionary, syntax error is an error of language resulting from code that does not conform to the syntax of the programming language. That is why, he said that is difficult to find errors especially in debugging a program. He added, it is better to put comments in your program so that you will know which part of that program you will easily debug.

A common encyclopedia defined logical error as a bug in a program that causes it to operate incorrectly, but not to terminate abnormally (or crash). In this error, it is difficult also because you should know the logic or flow of your program so that you can easily find the error/s of it. Best remedy of it? Put comments and jot down notes in your program.

After that interview, we invited him to render us some lectures about the IT/IS practices and some risks they've encountered in their company but sad to say, he refuse that invitation it is because not all the times he is around in the city. Sometimes, he went to the other branches of Rhine Marketing in Mindanao to visit and give some check-up to the Rhine System. Anyway, thanks Mr. MIS Staff of Rhine Marketing-Computer Division (Davao)!!! He5.......<3

Back to top Go down
View user profile
Marlie E. Sisneros

avatar

Posts : 42
Points : 45
Join date : 2009-06-22
Age : 28
Location : Obrero,Davao city

PostSubject: Assignment 2   Wed Jul 29, 2009 11:26 pm

NOTE: This company has been approve in our MIS Group [MODULE 10]
The Proof Letter has been compiled.


THe company that we've visited is ABS-CBN.
Tuesday, July 14, 2009


ABS-CBN

MIS again..
Assignment No. 2

I've been there!
[WE'VE BEEN THERE!]





Information System and Information Technology Best Practices of ABS-CBN




ABS-CBN Broadcasting Corporation
ABS-CBN Broadcasting Corporation (ABS-CBN)
[u]







COMPANY PROFILE:

ABS-CBN Broadcasting Corporation (PSE: ABS) (ABS-CBN:
"Alto Broadcasting System-Chronicle Broadcasting Network") is a Philippine-based multi-media conglomerate. It is an integrated media and entertainment company in the Philippines with 42 subsidiaries and an asset base of more than PHP34 billion (US$707.09 million) as of March 2009. ABS-CBN is principally involved in television and radio broadcasting, as well as the production of television programming for domestic and international audiences and other related businesses. It was founded on June 13, 1946 (62), becoming Asia's first commercial television broadcaster in 1953. It is part of the Lopez Group of Companie. It also broadcasts content to the rest of the world through The Filipino Channel (TFC Direct), TFCko (video on demand) and TFCnow internet TV.

REFERENCE:
http://tl.wikipedia.org/wiki/ABS-CBN_Broadcasting_Corporation

ABS-CBN Corporation presented to us their Information System and Information Technology best practices. Headed by Mr. Bobby C. Nolasco, engineer manager of engineering’s department, he gave us the systems which ABS-CBN used from late centuries until now. With my group mates in Human Resource Management, we interview Mr. Nolasco together with his assistant manager; he detailed some information’s that we need in the study. We’ve learned various things about news, systems they use, personnel, strategies, and how they handle some problems without the help of IT professionals. As what they said they are “Superman” because of their ability to maintain and finance all the needs of engineering department. They can be a programmer, engineer, and manager. Here are the systems which ABS-CBN Corporation used:

THESE ARE THE SYTEMS THAT ABS-CBN IS USING:


Newsroom Management












The Newsroom can be one of the most high energy environments in a radio station, making it one of the places that can benefit the most from having the right tools. Newsroom management software from Broadcast Electronics can more than just gather wire stories and audio feeds from newswire services. NewsBoss is the complete package for radio newsrooms. All aspects of your news operation are addressed with intuitive tools designed to streamline operations.

Easily gather wire stories and audio feeds from newswire services, create scripts and audio cuts using either original material or network material, manage the scripts and audio cuts to quickly build a newscast, and present the newscast On-Air with the best tools in the business. Having the right suite of tools means your news staff will be able to spend more time on the things that really matter, contrbuting to the overall sound and success of your station. The NewsBoss advantage is the ease and speed with which these tasks can be accomplished. For more detailed information, either download the NewsBoss brochure or visit the NewsBoss website, where you can also find manuals and information on support options.

REFERENCEhttp://www.bdcast.com/hierarchy/secondary.php?maj=101&sec=225



Aspera Enterprise Server and Aspera Point-to-Point

1. Introduction

Permission determines who can access certain files, thus it is an essential organization that corresponds to how work groups collaborate. This document instructs you how to set up the proper user permission on your server machine that runs either Aspera enterprise Server or Aspera Scp for Point-to-Point, also explains the permission of transferred files.

2. Configuring User Accounts on the Server

The Aspera Enterprise Server and Aspera Scp for Point-to-Point use the same user account management system as your system. Users connecting to this server can use their system accounts to log in with equivalent permissions.

2.1 Windows

http://3.bp.blogspot.com/_TCVYoLFcfao/SldqlenYu3I/AAAAAAAAAIc/OW65mIONXAw/s1600-h/3

All incoming connections require authentication against Aspera-enabled Windows user accounts. If you want to enable a user that doesn't already exist on your system, on Windows 2000/XP you can create one in Control Panel -> User Accounts; on Windows 2003 go to Start menu -> Administrative Tools -> Computer Management. For additional help on managing user accounts, please refer to the Windows manual.



REFERENCE:http://www.asperasoft.com/en/support/how_tos_8/Managing_user_and_file_permissions_20



ITS (Issue Tracking System)



An issue tracking system (also called trouble ticket system or incident ticket system) is a computer software package that manages and maintains lists of issues, as needed by an organization. Issue tracking systems are commonly used in an organization's customer support call center to create, update, and resolve reported customer issues, or even issues reported by that organization's other employees. An issue tracking system often also contains a knowledge base containing information on each customer, resolutions to common problems, and other such data. An issue tracking system is similar to a "bugtracker", and often, a software company will sell both, and some bugtrackers are capable of being used as an issue tracking system, and vice versa.

A ticket is a file contained within an issue tracking system which contains information about support interventions made by technical support staff or third parties on behalf of an end user who has reported an incident that is preventing them from working with their computer as they would expect to be able to. Tickets are commonly created in a help desk or call center environment. Typically the ticket will have a unique reference number, also known as a case, issue or call log number which is used to allow the user or support staff to quickly locate, add to or communicate the status of the users issue or request. These tickets are so called because of their origin as small cards within a typical wall mounted work planning system when this kind of support started. Operators or staff receiving a call or query from a user would fill out a small card with the user's details and a brief summary of the request and place it into a position (usually the last) in a column of pending slots for an appropriate engineer, so determining the staff member who would deal with the query and the priority of the request.

REFERENCE:http://en.wikipedia.org/wiki/Issue_tracking_system



Lotus Notes



Lotus Notes is a client-server, collaborative application developed and sold by IBM Software Group. IBM defines the software as an "integrated desktop client option for accessing business e-mail, calendars and applications on [an] IBM Lotus Domino server. The Notes client is mainly used as an email client, but also acts as an instant messaging client (for Lotus Sametime), browser, notebook, and calendar/resource reservation client, as well as a platform for interacting with collaborative applications.

In the early days of the product, the most common applications were threaded discussions and simple contact management databases. Today Notes also provide blogs, wikis, RSS aggregators, CRM and Help Deskapplications for Notes using Domino Designer. systems, and organizations can build a variety of custom. The Notes client can be used as an IMAP and POP e-mail client with non-domino mail servers. Recipient addresses can be retrieved from any LDAP server, including Active Directory. The client also does web browsing although it can be configured to launch the default browser instead. Features include group calendaring and scheduling, SMTP/MIME-based e-mail, NNTP-based news support, and automatic HTML conversion of all documents by the Domino HTTP task.

REFERENCE:http://en.wikipedia.org/wiki/IBM_Lotus_Notes


SAP



SAP provides a comprehensive range of business software and enterprise applications – designed for global operations and supported with globalization services – to empower every aspect of your business.

You gain the visibility to pinpoint inefficiencies – and the capabilities to transform them into competitive advantage. The foresight to identify new opportunities – and the agility to respond. The functionality to optimize your operations – and resources to extend best practices to your entire value chain.


REFERENCE:http://www.sap.com/solutions/index.epx


Lout



The Lout system reads a high-level description of a document similar in style to LaTeX and produces a PostScript file which can be printed on many laser printers and graphic display devices. Plain text output is also available. Lout offers an unprecedented range of advanced features, including optimal paragraph and page breaking, automatic hyphenation, PostScript EPS file inclusion and generation, equation formatting, tables, diagrams, rotation and scaling, sorted indexes, bibliographic databases, running headers and odd-even pages, automatic cross referencing, multilingual documents including hyphenation (most European languages are supported, including Russian), formatting of C/C++ programs, and much more, all ready to use. Furthermore, Lout is easily extended with definitions which are very much easier to write than troff of TeX macros because Lout is a high-level language, the outcome of an eight-year research project that went back to the beginning. (from rpm description)


REFERENCE:http://linux.maruhn.com/sec/lout.html

what are the risk associated with the business?

-definitely ABS-CBN is a broadcasting corporation and as we aqsked Sir. Lawrence Bation,they are being multitask
-some threats and problems they were encountering are network Traffic and probably
the wether, when there comes the times of 'Bagyo', the cablings and towers will somehow be destroyed,
that scenario will be accumulated urgently. Eventually the network [ABS-CBN] can hadle from bad to worst problems
for, they were pioner broadcasting corparation for Decades.


What a Face What a Face
~FIN~


Last edited by Marlie E. Sisneros on Mon Aug 17, 2009 10:27 pm; edited 2 times in total
Back to top Go down
View user profile http://msisneros.blogspot.com/
Tanya Clarissa G. Amancio

avatar

Posts : 44
Points : 51
Join date : 2009-06-21
Age : 27
Location : davao

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Wed Aug 05, 2009 1:41 am


For our second assignment on MIS 1, our task is to identify the possible risk if having a system change.

Last July 07, 2009 we visited our adopted company Lapanday Agricultural and Development Corporation and interviewed a MIS Manager. Lapanday Foods Corporation is known today as one of the leading fresh produce growers and exporters in the Philippines and located at Maryknoll Drive, Sasa Davao City. Regarding on their best IT/IS practices, Lapanday Agricultural and Development Corporation build an infrastructure management environment that reduces IT complexity, automates and supports desired performance and service availability levels, and resolves problems to ensure business continuity.
• Decrease Business risk
• Increase Organizational Productivity
• Reduce Operational Costs
• Increase Service Quality
• Reduce Downtime
• Increase Business Planning
• Increase the value of IT to the Business

Years ago, its beginnings were planted in a small seed. On three parcels of land near Davao City, banana farms had flourished in the 1970s but had become virtually abandoned in the 1980s as world oversupply depressed banana export prices. Luis F. Lorenzo, Sr., whose family had deep roots in Mindanao, looked at these lands and saw the opportunity amid the challenges. The Lorenzos acquired the Guihing, Lapanday, and Cadeco farms from the Ayala-Aboitiz group in 1982.
We asked him several questions about our case study also including the question on our
assigment # 2. When we asked him “what are the possible risks associated with business and IS/IT change?” he answered this:
1. Lack of top management commitment to the project
2. Failure to gain user commitment
3. Misunderstanding the requirements
4. Lack of adequate user involvement
5. Failure to manage end user expectations
6. Changing scope/ objections
7. Lack of required knowledge or skills in the project personnel
8. Introduction of new technology
9. Insufficient or inappropriate staffing
10. Conflict between user departments.


LAPANDAY AGRICULTURAL AND DEVELOPMENT CORPORATION

Lapanday Foods Corporation is known today as one of the leading fresh produce growers and exporters in the Philippines and located at Maryknoll Drive, Sasa Davao City. Years ago, its beginnings were planted in a small seed. On three parcels of land near Davao City, banana farms had flourished in the 1970s but had become virtually abandoned in the 1980s as world oversupply depressed banana export prices. Luis F. Lorenzo, Sr., whose family had deep roots in Mindanao, looked at these lands and saw the opportunity amid the challenges,. The Lorenzos acquired the Guihing, Lapanday, and Cadeco farms from the Ayala-Aboitiz group in 1982.

To sum up those bulleted possible risks:
With the fast-evolving technology and the huge number of systems created everyday, it is to be expected for a company to change its information systems or information technology infrastructure. Yet, such transformations may present some threats for the company. The features such as financial management of investment, poor equipped and technical controls, or reliance on vendors without appropriate cost, technical and operational controls may not be up to parity.
The worst things that could happen is that the projected program effectives or business goals of the program may not be achieved. Regarding the IT/IS change, it is possible there is a perceived “lack of expertise” in the planning process as well as the
technology itself. Responses were split over loss of managerial control: Business
owner-managers want to remain in control, IT may be associated with growth, and
some may resist growth. Familiarization takes time especially adjusting to the new technology so that the output of the company will not be affected that much if the
workers had a hard time familiarizing the technology. Reliability of the system is also a factor if IS/IT change is one risk, prone to unreliability of the system is a great deal. this may happen if the one who works with the system is not capable or (still) lack of knowledge to maintain and use the system, as well.

But according to the MIS manager we interviewed, they has a another system in which they can used it as a tester before settling it on their company system.




confused confused confused my blog confused confused confused

Reference:
http://www.bukidnononline.com/wp-content/uploads/2009/03/lapanday-logo.gif
http://www.symantec.com/business/theme.jsp?themeid=itrisk_report
http://itc.virginia.edu/security/riskmanagement/



Last edited by Tanya Clarissa G. Amancio on Wed Aug 05, 2009 6:21 am; edited 3 times in total
Back to top Go down
View user profile
Venus Millena

avatar

Posts : 41
Points : 41
Join date : 2009-06-23
Age : 27
Location : lacson ext., brgy. obrero, davao city

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Wed Aug 05, 2009 4:34 am

What are the possible risks if you have a system change?

Changes is a completely or partially migrating or transforming from old one into a new one. Everything is changing even people change, no one is exempted. Changes is inevitable. Only thing that doesn't change is changes itself. Change is important, but change must be controlled so risk does not escalate to unacceptable levels. Because more change may mean more opportunity but also more risk. Not only do different parts of the enterprise maintain different views and definitions of risk — within the IT department a fragmented approach to defining and managing risk exists. This does not only involve IT but also involve the company. And it is very important to be aware of it because this can affect the organization.


System change for good of the company to improve accounting, finance, operations management, marketing, human resource management, or any other major business function. The blending of technologies and traditional business concerns is impacting all industries and is really the latest phase on the on going evolution of business. All companies need to update their business infrastructure and change the way the work to respond more immediately to customer needs.

Common Risk in the Company.

1. Lack of top management commitment to the project-
employers shifting system for the improvement of their company but forgot to consider some requirements. Employer involvement is not that strong to address the new uprising problem while dealing the new technology. Employer cut down their support because limited management commitment.

2. Lack of adequate user involvement- in newly introduce system only few may know that the company has already shifted to a new system in which few users have been train for it. The possibility that some user may have difficulty in analyzing and dealing with the new system for lack of adequate user involvement and may lead to misinterpret.

3. Failure to manage end user expectations-
end-user are important factor to be considered if there will be a shifting of system cause they are the responsible of manipulating transactions. Failure to manage end user expectations may cause downfall of the company in which before implementing new it must see to it that it fits on the end-user and end-user must properly be oriented the new produce system.

4. Lack of required knowledge or skills in the project personnel-
this problem maybe address through prover training and assistance.

5. Introduction of new technology-
In introducing the new technology to the end-user it might that easy or it needs time for adjustment in which some might can't go after it. Some personnel might become hard for them to shift from the system that they were being comfortable with.

6. Insufficient or inappropriate staffing- some staffs like oldies personnel that fun of using manual operation might not be capable on using the new implemented technology which leads to failure to gain user commitment.

7. Conflict between user departments- the conflict may be visible in every department lead by Misunderstanding the requirements and unclear requirements.

8. LOSS- The risk of loss resulting from inadequate or failing internal processes, people, and systems, or from external events.” While the potential for loss is the centerpiece of risk, some organizations have broadened the scope of their risk definitions to including the loss itself. By coupling the loss with the risk, risk becomes more urgent and quantifiable. In addition, an impact assessment becomes the natural output of an identified risk.
1. Loss of Integrity- System and data integrity refers to the requirement that information be secured from inappropriate alteration. Integrity is lost if unauthorized changes are made to the data or IT system by either intentional or accidental acts. If the loss of system or data integrity is not corrected, continued use of the contaminated system or corrupted data could result in inaccuracy and incorrect decisions. In addition, violation of integrity may be the first step in a successful attack against system availability or secrecy. For all these reasons, loss of integrity reduces the assurance of an IT system.
2. Loss of Availability- If a mission-critical IT system is unavailable to its end users, the organization’s mission may be affected. Loss of system functionality and operational effectiveness, for example, may result in loss of productive time, thus impeding the end users’ performance of their functions in supporting the organization’s mission.
3. Loss of Confidentiality- System and data confidentiality refers to the protection of information from unauthorized disclosure. The impact of unauthorized disclosure of confidential information can range from the jeopardizing of national security to the disclosure of Privacy Act data. Unauthorized, unanticipated, or unintentional disclosure could result in loss of public confidence, embarrassment, or legal action against the organization.


9. UNCERTAINTY- Uncertainty, so often tied to events or forces outside of the organization’s immediate control, opens a Pandora’s box of risks that organizations must recognize and mitigate. By acknowledging the importance of uncertainty and planning for it, firms convert a risk management strategy from the defensive to offensive. The COSO framework describes this as enterprise risk management.


10. SERVICE DISRUPTION- Service disruption approaches the issue of risk from effect rather than cause — forcing IT to recognize the consequences of service disruption on non tangibles such as its reputation and business expectations.


11. Job loss- it is really possible that many may loss their jobs if new technology be introduced for machine may manage and take place the task which was worked by the workers. Employer may favor on the machine for machine for it do task faster and more efficient. This is might unfair but still being practice in business firm.

These presented above risk are just the common and easy detected ones. In the long run many problem may arises but it can be minimized if it will be address as early as possible and find the best suitable solution for the problem. These risk must taken by granted cause it can be reason for company's downfall. It arises in any form of business firms it might be a small enterprise or the giant one.


Reference:
http://mariechelleit.blogspot.com/2008/09/what-are-risks-associated-with-business.html
http://ladyinstinct.blogspot.com/2008/07/it-risks-know-them.html

Back to top Go down
View user profile http://venus_astarte16@yahoo.com
katherine eng lajom

avatar

Posts : 40
Points : 41
Join date : 2009-06-23
Age : 28
Location : Davao City, Philippines

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Wed Aug 05, 2009 4:33 pm

Our second assignment is based from the first one, from the organization(s) that we visited, we were asked, what do we think are the risks associated with business and IS/ IT change?

Managing the risks associated with the business' growing reliance on IS/IT is a continuing challenge. Many private organizations have struggled to find efficient ways to ensure that they fully understand these risks affecting their operations and implement actions to lessen these risks.

As for GH Office Depot, according to the company's one and only IT personnel, having their own company system is a very big help for them to achieve effective, accurate and complete business operation. The only risk, he identified, is coping up with its change, a change that may affect the business’ earnings or capital.

The processing and distribution of data using computer hardware and software, telecommunications and digital electronics, that's Information Technology. Computer and IT are continually evolving; such organizations must cope up with these changes in order to preserve their business.

Valuing and giving appropriate attention and understanding to the user’s and customer’s feedback to their business’ system is important. Mr. Po mentioned that this is a great help for him to improve the company’s system. Though there are a lot of factors to be considered to make these changes/improvements and that is why some organizations are experiencing technological change difficulties. Undergoing such difficulties may drive them to improve their business.

What are the risk associated with GH and IS/IT change?

Information provided to management must be relevant. Information that is inappropriate, unnecessary, or too detailed for effective decision making has no value. IS must be appropriate to support the management level using it.

Failure to back up. The most important best practice of GH Office Depot is the backing up of their system files. Failure to do so might affect their business operations. It might cost the management to spend time and effort to redo or recover/retrieve the lost data.

Users ability to understand the newly implemented system. To function effectively as an interacting, interrelated, and interdependent feedback tool for their staff, IS must be “useable” (user friendly). The system’s interface must be kept simple as possible.

Security. Keeping the data secured is a very big issue for GH. And there might a risk in data security when the new system fails to give protection to the data. Since they started using the internet since 2002, welcoming E – Commerce to their business, they stay connected to the internet to cater customers’ order and feedbacks and update with their suppliers’ new products. System exposure is unavoidable. Illegal intrusions, hacking and viruses might destroy their system that might affect the systems operation accuracy and integrity. And again might cost the organization time and effort to get rid of these problems.

An organization’s IS should be capable of providing and distributing current information to appropriate users. Information systems should be designed to speed up reporting of information. The system should be able to quickly collect and edit data, summarize results, and be able to adjust and correct errors promptly.


Cheers Cappuccino drunken
Back to top Go down
View user profile http://grandliver.blogspot.com
March Dawn Eder

avatar

Posts : 10
Points : 10
Join date : 2009-06-20
Age : 27
Location : Davao City

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Mon Aug 10, 2009 4:14 pm

According to the one we have interviewed at the Jollibee Food Corps., he said that the risks that the organization will face during business and IT/IS changes are the time to acquaint the employees/users with the new business or IT/IS, time to make/develop/implement the new IS/IT, costs that the new IT/IS would bring, time for planning for the new business, costs if the company needs new employees for the change, the risks in failing because of the change and also lay-offing employees for they are not needed anymore. Certain changes really need time before it is embraced by the employees.

First that he mentioned of the risks to face during IT/IS change is the time to acquaint the users for it is new to them and they need enough time to be familiar with it. Patience is also needed during this time for maybe every other hour the ITs or technicians are to be called for help in using the said system. Also, if the company changes its business specially when they have shifted to a totally different business is the time to teach, seminar, and train the employees about it for them to be effective in the said new business.

Secondly, the change could take up time in making, developing, implementing, and altering the new IT/IS. For me, as an IT student, our instructor have told us that it is not easy to make a system not to mention the time in developing and altering it and also in implementing it. In making a system, you have to collect necessary data first them making an algorithm, design, and code. For these alone, it would take up so much time. Not days or weeks, but could be couple of months and evens years! Second, you have to develop it well and alter it to fully respond to what the company needs. Again, it would time as well. Implementing it also costs a lot of time. For these, it would be a great risk not only the time it would consume but also the energy and effort that it would consume.

Third, that the company should consider is the cost that it would bring along. For changing the IT/IS, we could say that it would really cost a big sum of money for its programmers not to mention advisers and etc. If there is really a need to have change, you must been preparing the expenses it would cost, and that you have enough resources to support the change. Cost not only for the programmers during IT/IS change but also cost for added employees during business change for every business there are people who specializes in those. You need these people to really have the success you’re aiming for. The people who will guide you along the way and help you ascend your business. They could be really costly too. During business change, it is necessary to change IT/IS for the old IT/IS would not respond fully or anymore to your new business (paradigm shift) but not in an IT/IS change you need also to change business. For IT/IS change I believe happens for the system to fully respond to what the company needs.

Time for planning the new business is also the risk you need to put in mind. Before venturing into a new business, you need to know the means and ways of it. You need to think of it and plan for it for you will eventually fail if you don’t. Planning needs a lot of time, you need not to rush things if you really want to be successful. You have to know what are the things that are related to the business for they would be useful in nurturing it. Planning is one of the best weapons you could use to assure success. Planning could also be your shield in times of troubles for you will know what to do because you know what would come because you thought it over and you planned for it.

Another risk you need to face in times of change IT/IS or business is the failing of/on it. It is not always that you could assure success. The risks you need to face during failure are the energy, effort and money that you have put into waste. Failure on these could bring you in bankruptcy. This is the scariest risk of them all. That is why you need to carefully plan things to avoid this one. If you really don’t have to change, or even venture into something, you don’t have to for you will just be bringing yourself a headache. LOL. Change must be properly thought of for it could bring many implications.

Retrenchment of labor is also a risk for you will be sending employees into an unemployed state. The risk of protest or even picketing outside your building during streamlining must be on mind. These employees’ skills are not qualified anymore in the new business. This could tarnish your reputation that also could lead into series of fights and legal demands that also make your company bankrupt for some people don’t patronize companies with tarnished names.

All of the risks that I have explained have a lot in common. You can trim it down into two little words: TIME and COSTS. These little words really play a vital role in making and breaking your business. They come hand in hand. Time costs money. For every time you are consuming, you are spending money on it. Maybe in your employees, the system itself and other matters. Money costs time. Money cost time for you need time to get money, to get it from resources for you can’t just do magic to have money. You can’t have it in a jiffy. As what I could say regarding this topic, one must think things over to secure success. You need not to rush things for I believe that rushed success could never be that long. Patience is would always be a virtue they say. *.*
Back to top Go down
View user profile http://muycaliente1690.blogspot.com
Joan Rose P. Dandoy

avatar

Posts : 18
Points : 20
Join date : 2009-06-23

PostSubject: The risks associated with Information System/Information Technology change   Thu Aug 13, 2009 6:07 pm

The company that we had visited was Concentrix, a call center that offers solution supports throughout the globe. The MIS supervisor of the said company had entertained us and had catered to answer our simple questions regarding on information system or information technology change.

According to the supervisor, Concentrix, like all other Business Processing Outsourcing Company, is constantly evolving to achieve the most efficient means of service. He said that before coming up to the conclusion of changing there IS/IT, they make sure that it is for the advantage to the company. A feasible study will be conducted to show the effects of the change and how will it affect the production of their company. This feasible study will be under a thorough analysis especially to the risks that will be undergone in the proposed change in the IS/IT.

We asked him what possible problem or things that might happen if the information system will be changed; he said that the most common factors that they do consider are the following: system failure, information system security, cost, design, and loss of data. He added that these common factors are very important to think about before taking an action because even a single problem that will happen to any of the mentioned factors will really make a mark on the company progress.

To fully understand what our interviewee had said regarding to the factors affecting their system, I researched some of the information about the factors he had shared.

According to the analysis of Ben Meadowcroft, the reasons why system failure occurs are the following:
1. Poor development practices.
2. Incorrect assumptions with regard to system requirements
3. Poor user interface.
4. Faulty hardware.
5. Inadequate user training or user error.
6. Poor fit between systems and organization.

As I look over the analysis of Mr. Ben Meadowcroft and comparing it to the answer of our interviewee, it seems that they are very much alike.

I roam around in the Internet to look for additional information about the factors that affects Information Technology change. As I was searching for the word “Information System Security”, I found out these following sites and their definitions about the latter.

Wikipedia (an online encyclopedia) defines Information Security as the means of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. Furthermore, the terms information security, computer security and information assurance are frequently incorrectly used interchangeably. These fields are interrelated often and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them.

Moreover, this site http://www.iso27001security.com/html/27002.html which is entitled as “ISO/IEC 27002 Code of Practice” had also their own definition of Information security. According to them, “Information security” is explicitly defined as the “preservation of confidentiality, integrity and availability of information”. For me, it is a brief and concise definition for sensitive and vulnerable issue. You can also visit the link I had provided to see the content of the “ISO/IEC 27002 Code of Practice”.

As I had observed, it is more than a must to focus in the security of information especially for the companies and organizations that possesses many rivalry in their field of business. Any record or a bit of information lick, if placed in the hands of sinister, will surely place your business or organization million miles below the earth.

It was just earlier, we had interviewed a business center that deals with the innovation of information technology/information systems. The business center that I was referring to is Digilution which is located in Jacinto St. (near Ateneo de Davao University), Davao City. The establishment that we had interviewed was a business center. They are offering desktop publishing, digital printing, computer rental and internet access. They also deals in web page design, multimedia presentation, website hosting, web application development and online marketing e-commerce. They are also catering innovation services such us networking, conversion of manual to automated business operation, installation of software and hardware and the like. The structure of their building is made of two floors. The lower portion was used as an internet café and the upper portion are the workplace of their employees. They allowed us to post our findings regarding to the topic that we had discussed during our interview session. The person we are concerned with in our convention in the said business center was the production manager of Digilution.

To begin with, we asked the manager what risks are associated with Information System of Information Management change. He said that changing the information system in a certain establishment was not as easy as a tick of our hand or as fast as a blink of an eye. Many things should be considered, he added. The first thing that should be considered according to him was the compatibility of the old and the new platform that will be going to implement. But, before he deemed with the platform, the major thing that should pass the compatibility issues in innovation are the compatibility of the data processing and data transformation was his point.

He explained that most company do not really risk in Information Technology change because the information is very vulnerable to be innovated. The companies that they are partnering with are 4 to 2 years late in technology because they are not more concern with the latest technology coming up but on how the existing technology could be develop. According to his experiences, the resistances to the latest technology are common episode in their deals and they mostly hear their clients saying, “If it works, then let’s not fix it”.





Based on both companies, it is rest assured that changing the information system or the information technology of a certain establishment or organization should undergo a deep and thorough analysis on how will it be beneficial in the increase of profit growth. In the first company, security and system failure was being focused by our interviewee while compatibility and vulnerability was the center of the discussion in our second interview. They had different considerations in the factors of changing the Information Technology or Information Management but still in the end of the day their main concern are the protection, confidentiality and availability of the information.


References:


http://en.wikipedia.org/wiki/Information_security

http://www.benmeadowcroft.com/reports/systemfailure/

http://www.iso27001security.com/html/27002.html


Please do visit my blog....

http://djoanrose.blogspot.com
Back to top Go down
View user profile
Maria Theresa F. Rulete

avatar

Posts : 66
Points : 75
Join date : 2009-06-20
Age : 26
Location : Obrero, Davao City

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Sun Aug 16, 2009 12:11 pm


Company description:


Hubport Interactive Inc. enables a business to build an imperative subsistence in the online B2C (Business-to-Consumer) space. We empower your website to attain optimum function and revolutionize your business by creating online channels to effectively connect with existing clients and successfully tap new ones. Our accomplished E-Commerce Storefront encoders, Retail Shop Managers, Online Marketing Consultants, and Production Team associates provide the technology backbone that launch prospering and profitable websites.

Satellite offices in North America, the U.K., and an upcoming presence in Japan help counter communication, and accessibility issues. Subsequently, creating a smooth working relationship between client and service provider. Projects are delivered on time, with little or no hitches. Our fulfillment teams observe a synchronized shifting schedule to accommodate client concerns at any time most convenient to them. Hubport Interactive Inc. is sensitive to a clients’ web investment margin and his ultimate goal of increasing profits.

Hubport Interactive Inc. has a high regard for service excellence and client satisfaction. Hence, we only have people whose commitment is as fervent as ours. Project managers and fulfillment teams who specialize in Website Development, Web Application Program, E-Commerce Business Process Development and Maintenance, System Software Development, Auto CAD, Animations, Graphics Development, Video Editing, Music and Audio Voice Development, GSM SMS Service, WIFI Mobile Solutions, IT Managerial and IT Marketing Development.


During the interview:

Last July 9, 2009, our group went to the office of Hubport Interactive Incorporated to conduct an interview regarding the risks associated with business and IS/IT change. We have interviewed their IT Officer and Chief Operations Officer, Mr. Paulo S. Saravia. Sir Paulo told us that the risks associated with their business and IS/IT change are the following:

1. Rejection to the staff – this happens when their company would implement another system. And with that new system, it is advisable for the company to reject their staff especially those staff that doesn’t know how to use their new system. So, the company would be forced to recruit new staff for the implementation of their new system.

2. Data Loss – of course, when a new system is implemented, some of the data stored on their old system would be loss because of the fact that the old system’ data are not portable or hard to implement using the new system.

NOTE: Due to the company’s confidentiality of information, Mr. Paulo had only shared some of their company’s best practices in IT/IS. And actually, someone from Hubport told us that the best of the best practices that a company must possess is confidentiality.





http://www.hubportgroup.com

My Blog: http://etelur.blogspot.com/2009/08/mis-assignment-2.html

bounce Arrow Razz

Back to top Go down
View user profile
Fritzielaine A. Barcena

avatar

Posts : 53
Points : 54
Join date : 2009-06-20
Age : 26
Location : Tagum City

PostSubject: Risk in IT/IS Change   Mon Aug 31, 2009 11:40 pm

Risk in IT/IS Change:





We’ve visited Sky Cable for some interview about risk in IT/IS changes.. We’ve interviewed the head of IT there.. Here are some of his idea about the risk..
1. Migrating/Changing of Operating System and New System
Nowadays, most of the computers are using the Windows OS as their operating system. Microsoft-designed computer operating system, a program that controls the basic functions of personal computers. Sky Cable uses Linux. Linux is a full-fledged operating system. It provides full multitasking in a multi-user environment. It gives a high quality of software for a cost far lower than other commercial versions of Unix. There are many advantages of Linux, it is cheap, almost all the distributions are available in their entirety as free downloads via FTP. Linux is a low hardware requirements operating system. It can run on much more modest hardware than most other modern operating systems require. An old 486 with 16 megabytes of ram and 500 megs of hard drive space has plenty of capacity to host an intranet, including duties as firewall and print/AMTP/POP server for dozens of other computers. Linux will boot and run (with full graphical user interface) in less than 4 megabytes of ram, and 8 megs of ram is plenty for web surfing with Netscape. Linux is available under the GNU public license, which states that anyone is allowed to copy, distribute, and modify it. It's impossible to "pirate" a GNU program. Anyone and everyone is explicitly allowed to make and use as many copies as they need, without ever having to buy.

If there is changes of Operating System, it has a great risk for the personnel to adopt the new changes, it takes also a lot of trainings and acceptance.

2. New technology, less employees

3. Knowledge and Educationcal Background

4. Competition

5. Security of data`
The security of data is very important, as many people store extremely important documents on their computers, for example bank or health records which may contain personal and confidential information about a person, which when discovered could cause major problems. If somebody were to discover another persons bank details through data being insecure, money could be taken from their account, which would cause confusion and disruption for everybody. Data does need to be kept secure, and there are many ways to do this, for example by backing up data or putting passwords on your files.

6. Reliability and efficient of the system



affraid wooooo..sooo late.. cyclops pig Wink Wink

Visit my blog:
http://prettypriti-pretty.blogspot.com/


Last edited by Fritzielaine A. Barcena on Thu Oct 01, 2009 12:37 am; edited 1 time in total
Back to top Go down
View user profile http://prettypriti-pretty.blogspot.com/
Ida Karla Duguran

avatar

Posts : 46
Points : 47
Join date : 2009-06-19
Age : 27
Location : Matina Aplaya, Davao City

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Sat Sep 19, 2009 3:38 pm


In recent years, especially because of the growth of online business, corporations have considered protection of there IS resources an increasingly important issue, for good reasons. Downtime, the time during which ISs or data are not available in the course of conducting business, has become a dreaded situation for almost every business worldwide. Such as the different Airlines in Davao International Airport, the online airline reservation business can lose hundred thousands per hour of downtime.

Other risks that the Davao International Airport consider are the Risks to Hardware and the Risks to Data and Application which are the most pervasive risks to there IS operations.

Risks to Hardware

While stories about damage to ISs by malicious Internet attacks grab headlines, the truth about risks to ISs is simply this: the number one cause of systems downtime is hardware failure. Risks to hardware involve physical damage to computers, peripheral equipment, and communications media. The major causes of such damages are natural disasters, blackouts and brownouts, and vandalism.

Natural Disasters

Natural Disasters that pose a risk to ISs include fires, floods, earthquakes, hurricanes, tornadoes, and lightning, which can destroy hardware, software, or both, causing total or partial paralysis of systems or communications lines. Floodwater can ruin storage media and cause short circuits that burn delicate components such as microchips. Lightning and voltage surges cause tiny wires to melt and destroy circuitry. In addition, wildlife and human error occasionally destroy communications lines; animals gnaw cables, and farmers occasionally cut wires inadvertently while tending their crops.

Blackouts and Brownouts

Computers run on electricity. Of power is disrupted, the computer and its peripheral devices cannot function, and the change in power supply can be very damaging to computer processes and storage. Blackouts are total losses of electrical power. In brownouts, the voltage of the power decreases, or there are very short interruptions in the flow of power. Power failure might not only disrupt operations, but it can also cause irreparable damage to hardware. Occasional surges in voltage are equally harmful, because their impact on equipment is similar to that of lightning.
The popular way of handling brownouts is to connect a voltage regulator between computers and electrical network. A voltage regulator boosts or decreases voltage to smooth out drops or surges and maintains voltage within an acceptable tolerance.
To ensure against interruption in power supply, organizations use uninterruptible power supply (UPS) systems, which provide an alternative power supply for a short time, as soon as a power network fails. The only practical measure against prolonged blackouts in a public electrical network is to maintain an alternative source of power, such as generator that uses diesel or another fuel. Once the general power stops, the generator can kick in and produce the power needed for the computer system.

Vandalism

Vandalism occurs when human beings deliberately destroy computer systems, bitter customers damage ATMs, or disgruntled employees might destroy computer equipment out of fear that it will eliminate their jobs or simply to get even with their superiors. It is difficult to defend computers against vandalism. ATMs and other equipment that are accessible to the public are often encased in metal boxes, but someone with persistence can still cause severe damage. In the workplace, the best measure against vandalism is to allow access only to those who have a real need for the system. Sensitive equipment, such as servers, should be locked in a special room. Such rooms usually are well equipped with fire suppression systems and are air-conditioned, and thus protect also against environmental risks.


Risks to Data and Applications

The primary concern of any organization should be its data, because it is often a unique resource. Data collected over time can almost never be recollected the same way, and even when it can, the process would be too expensive and too time consuming to recover the business from its loss. The concern for applications, especially if the applications are not tailor-made, should come second. All data and applications are susceptible to disruption, damage, and theft. While the culprit in the destruction of hardware is often a natural disaster or power spike, the culprit it damage to software is almost always human.

Theft of Information and Identify Theft

Sometimes the negligence of corporations and the careless use of technology, especially on public links to the Internet, create security “holes” or vulnerabilities. In one case, a young man named Juju Jiang installed a program called Invisible KeyLogger Stealth in public-use computers in 14 Kinko’s stores where customers can access the Internet. (Such Internet-connected PCs are also available in public libraries and airports). Keystroke logging software records individual keystrokes. For one year, his software secretly recorded more than 450 usernames and passwords, which he used to access existing bank accounts and create new ones. Jiang was caught when he used an application called GoToMyPC. Subscribers to the GoToMyPC service can use an application by the same name to link a PC from another PC and fully control the remote one as if they were sitting in front of it. Using the application , he remotely accessed and used one of his victims’ PCs. Using the PC at home, this person noticed that the cursor was moving “by itself”. The cursor opened files and subscribed to an online payment transfer service. Jiang pled guilty in court.

In 2005 keystroke logging was put to work online by a criminal ring on a massive scale. Spyware is used for several purposes. This time spyware was used to install a keystroke logging application that recorded communication with the victim’s bank, insurance company, or other financial institutions. The collected data included credit-card details, Social Security numbers, usernames, passwords, Instant messaging chat sessions, and search terms. Some of the data was then saved in a file hosted on a server that had an offshore-registered domain name. Sunbelt, a company that develops and sells antispam and security software, managed to obtain access to a victim’s computer and track what the spyware did. The company reported that the online thieves obtained confidential financial details of customers of 50 international banks. They keystroke logging software was small (26KB), and took advantage of Internet Explorer browsers. For example, it accessed the browser’s Protected Storage area, in which users often save their usernames and passwords for convenient automatic logins. Sunbelt recommended disabling this feature.

In some cases it is employees who unwittingly give away important information such as access codes. Con artists use tricks known as social engineering. They telephone an employee who has a password to access an application or a database, introduce themselves as service people from a telephone company, or the organization’s own IT unit, and say they must have the employee’s password to fix a problem. Employees are often tempted to provide their password. The “social engineers” then steal valuable information.

Once criminals have a person’s identifying details, such as a Social Security number, driver’s license number, or credit-card number, they can pretend to be this person. This crime is called identity theft. the imposter can easily withdraw money from victim’s bank accounts, put charges on the victim’s credit card, and apply for new credit cards. Since an increasing number of applications for such instruments as well as financial transactions are executed online, identity theft has become a serious problem.



Reference:
Oz, E. Management Information Systems (Fifth Edition)

Back to top Go down
View user profile
leah_saavedra

avatar

Posts : 39
Points : 40
Join date : 2009-06-20
Age : 28

PostSubject: Based on the orgnaization(s) that you visited, what do you think are the risks associated with business and IS/IT change? (1000 words)   Sun Sep 20, 2009 10:47 pm

In a broad sense, the term Information Systems (IS) refers to the interaction between people, processes, and technology. This interaction can occur within or across organizational boundaries. An information system is not only the technology an organization uses, but also the way in which the organization’s people interact with the technology and the way in which the technology works with the organization’s business processes. Information systems are distinct from information technology in that an information system has an information technology component that interacts with the people and processes components.
The Information System consists of five parts which include: people, procedures, software, hardware, and data. There are various types of information systems, for example: transaction processing systems, office systems, decision support systems, knowledge management systems, database management systems, and office information systems. Critical to most information systems are information technologies, which are typically designed to enable humans to perform tasks for which the human brain is not well suited, such as: handling large amounts of information, performing complex calculations, and controlling many simultaneous processes.
The process industry has always had to deal with changes to plant and equipment. More recently people and organisational changes have become critical (e.g. staffing levels, supervision, control room arrangements, shift patterns). Identifying and managing the potential risks has been a challenge.
As a consequence of the competitive operating environment, enterprises need to implement change to develop and maintain their competitive advantage. This requires changing the behavior of people in organizations by changing attitudes about what can and should happen at work. The need for change could originate from multiple business interventions- Strategic changes (changes in corporate/ functional direction), Organizational changes (structures / roles & responsibilities / performance assessment and compensation mechanisms), Process Changes (redefined and redesigned processes) or IT Interventions (change in work methods / tools / techniques)

Charting and managing the road map for change transformation is the single most important element of the process. While change is fairly common, it is very difficult to implement successfully. Success hinges on being able to convince groups and individuals to change the way they work, possible only if people are ready to think differently about their jobs.

Any change needs to be managed. Process changes or changes consequent to the implementation of an IT solution are no exception. In case changes are not managed effectively, the success of the change implementation gets at risk.

Change management is the process of motivating and equipping people to a level of competency that facilitates their migration along the path of change.

Our consultants touch upon the crucial elements that are expected to be affected by the process change – organization and people requirements. We help manage change through a three step process:
• Assessment of change readiness and identification of risks
• Definition of the change management road map
• Facilitation of the execution of the change management plan through appropriate change communication, change sensitization and the definition of governance structures and revised roles
The other aspect that needs to be managed is risk. Our consultants bring to the table extensive hands on experience in managing PLM implementations and that experience enables them to identify up-front factors that could potentially cause risk to projects. Using industry standard program management techniques, our consultants identify risks and monitor their probability of occurrence and potential impact. They plan for mitigation of risks and execute those plans to ensure that risks do not get realized. They put in place back up plans and plans for scenarios that assume that risks do get realized. Systematic risk management ensures project success and predictability on project metrics.
A business (also called a firm, or enterprise) is a legally recognized organization designed to provide goods and/or services to consumers. Businesses are predominant in capitalist economies, most being privately owned and formed to earn profit that will increase the wealth of its owners and grow the business itself. The owners and operators of a business have as one of their main objectives the receipt or generation of a financial return in exchange for work and acceptance of risk. Notable exceptions include cooperative enterprises and state-owned enterprises. Socialist systems involve either government agencies, public ownership, state-ownership or direct worker ownership of enterprises and assets that would be run as businesses in a capitalist economy. The distinction between these institutions and a business is that socialist institutions often have alternative or additional goals aside from maximizing or turning a profit.
Business/IT alignment is a desired state in which a business organization is able to use information technology (IT) effectively to achieve business objectives - typically improved financial performance or marketplace competitiveness. Some definitions focus more on outcomes (the ability of IT to produce business value) than means (the harmony between IT and business decision-makers within the organizations); for example,
alignment is the capacity to demonstrate a positive relationship between information technologies and the accepted financial measures of performance.
This alignment is in contrast to what is often experienced in organizations: IT and business professionals unable to bridge the gap between themselves because of differences in objectives, culture, and incentives and a mutual ignorance for the other group's body of knowledge. This rift generally results in expensive IT systems that do not provide adequate return on investment. For this reason, the search for Business / IT Alignment is closely associated with attempts to improve the business value of IT investments.
It is not unusual for business and IT professionals within an organization to experience conflict and in-fighting as lack of mutual understanding and the failure to produce desired results leads to blaming and mistrust. The search for B/I alignment often includes efforts to establish trust between these two groups and a mechanism for consensus decision-making.
Information Technology Management is concerned with exploring and understanding Information Technology as a corporate resource that determines both the strategic and operational capabilities of the firm in designing and developing products and services for maximum customer satisfaction, corporate productivity, profitability and competitiveness.
IT Management is a different subject from Management Information Systems. Management Information Systems refer to information management methods tied to the automation or support of human decision making. IT Management, as stated in the above definition, refers to the IT related management activities in organizations. MIS as it is refered to is focus mainly on the business aspect with a strong input into the technology phase of the business/organisation.



http://plm.geometricglobal.com/PLM+Services+Portfolio/Business+Process+Consulting/Organizational+Change+Management+and+Program+Risk+Management/index.aspx


Last edited by leah_saavedra on Fri Oct 02, 2009 1:38 am; edited 1 time in total
Back to top Go down
View user profile
florenzie_palma

avatar

Posts : 61
Points : 62
Join date : 2009-06-20
Age : 26

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Thu Oct 01, 2009 1:23 pm

Concerning on the Assignment 2 that talks about the risks on IS/IT change, we considered the Sky Cable as our adopted organization.

Every organization has a mission. In this digital era, as organizations use automated information technology (IT) systems1 to process their information for better support of their missions, risk management plays a critical role in protecting an organization’s information assets, and therefore its mission, from IT-related risk. An effective risk management process is an important component of a successful IT security program. The principal goal of an organization’s risk management process should be to protect the organization and its ability to perform their mission, not just its IT assets. Therefore, the risk management process should not be treated primarily as a technical function carried out by the IT experts who operate and manage the IT system, but as an essential management function of the organization.

SkyCable is a direct-to-home cable TV and subscription service, established by the Lopez Group of Companies and Central CATV Group Of Companies. It is one of several sister companies of ABS-CBN. SkyCable offers a range of analog and digital Cable Television services, and also offers high-speed Internet services and VOiP services.
SkyCable was established in January 1990. Commercial cable operations commenced on January 6, 1992. By the end of the year, 8,500 strand miles of cable were laid out, bringing in 20,000 subscribers by 1995.

Today, over 500,000 subscribers have made SkyCable the number one cable TV service provider in the Philippines. It has grown to feature the best and most varied cable programs for the whole family.

The success of SkyCable throughout the years enabled the business to expand and go beyond just providing postpaid cable TV service. In 2006, the first ever prepaid cable TV service inh the country was introduced, SkyCable Silver Prepaid. In 2008, SKYBROADBAND, the fastest residential broadband internet service in the land, and SKYVOICE, the lowest-prepaid IDD calling service, were launched.

This foray into innovative information and communication services created the need for the company to evolve its name into something much bigger.

The IT personnel of SkyCable pointed-out some of the risk on associated on IS/IT change and the following are:

New technology, less employees

- Technological advancements brought many advantages, one of which is that it can minimize manpower. This means that as the new trends technology arises, manual works are shortened. Therefore, as we embrace the latest trend in technology it can decrease the number of employees in the company because all the transactions are computerized, it will lessen the paper works and hustle free.

Security of data

- this is associated with the susceptibility of data in the system. Threats of intrusions and other risk associated with the evolution of credible threats

Migrating of Operating System

- These days the most common OS that we have encountered in the Windows Operating System. Since most of the OS in SkyCable are exercising Linux which is a full-fledged operating system, many of the employees find a hard time in manipulating the computer. So, a thorough trainings and seminars must be conducted to fully aware the end-users to manipulate their system.

Reliability and efficiency of the system

- Certainly, when a new system is implemented, the reliability of the system is not well tested. Some bugs might occur that will make an obstacle in the midst of their business transactions. In connection with this, the efficiency of the system is not excellent. It will affect the business flows of the organization since it controls the information.

Competition

- In a business regime, we cannot hide the fact that competition is present. According to the IT personnel of SkyCable, when there is new system installed in the company the employees try there best to adopt immediately the last trend. Since, it is mandatory to have awareness on their system. The administration gives incentives to those whose can assimilate the system and it also might lead to the promotion of his/her position. On the other hand, the employees who cannot comprehend easily will be assigned to different manual works.

Rejection to the staff

- Apparently, not all the employees have the edge on technology. When a new-fangled technology will crop up some of the employees must be fired and the company will hire a new one which has the knowledge of the existing technology. So, it is a threat to the employees especially to the IT personnel’s of the company. They must be updated with the latest trend and they must know how to use it.

Cost

- As a new technology will come in our way, we cannot rebuff that financial factor must be considered. The organization must understand what they really need and not what they want.

System Failure

- A system failure can occur because of a hardware failure or a severe software issue. Commonly, a system failure will cause the system to freeze, reboot, and/or stop functioning altogether.



“Nothing is constant except change”


In most organizations, the network itself will continually be expanded and updated, its components changed, and its software applications replaced or updated with newer versions. In addition, personnel changes will occur and security policies are likely to change over time. These changes mean that new risks will surface and risks previously mitigated may again become a concern. Thus, the risk management process is ongoing and evolving.

Shifting the information system of a particular organization should undertake a profound and systematic analysis on how will it be beneficial to the success of their organization.

Change is inevitable; the organization must have to undergo several changes in the Information System as a whole. As new technology arises there is a need to embrace and cope-up with it. There is a need to upgrade programs and systems and the organization must take the risk in order to be victorious. an appropriate decision-making must be done to give solutions to the existing problem of the organization.

KEYS FOR SUCCESS

A successful risk management program will rely on (1) senior management’s commitment; (2) the full support and participation of the IT team (see Section 2.3); (3) the competence of the risk assessment team, which must have the expertise to apply the risk assessment methodology to a specific site and system, identify mission risks, and provide cost-effective safeguards that meet the needs of the organization; (4) the awareness and cooperation of members of the user community, who must follow procedures and comply with the implemented controls to safeguard the mission of their organization; and (5) an ongoing evaluation and assessment of the IT-related mission risks.


References: http://en.wikipedia.org/wiki/SkyCable
http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf
http://www.computerhope.com/jargon/s/systemfa.htm


visit my blog at http://florenzie-palma.blogspot.com/
Back to top Go down
View user profile
janraysuriba

avatar

Posts : 34
Points : 35
Join date : 2009-06-20
Age : 29
Location : Davao City

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Thu Oct 01, 2009 2:19 pm

For our second assignment, we were tasked to have another interview again to our recently visited company. Last week, we had a visit at Sony, near Aljem’s Inn at Magallanes. To be consistent, I would still be referring to that organization / company.

What IS/IT change?
“Information systems and organizations influence one another. Information systems are built by managers to serve the interests of the business firm. At the same time, the organization must be aware of and open to the influences of information systems to benefit from new technologies.The interaction between information technology and organizations is complex and is influenced by many mediating factors, including the organization’s structure, business processes, politics, culture, surrounding environment, and management decisions. You will need to understand how information systems can change social and work life in your firm. You will not be able to design new systems successfully or understand existing systems without understanding your own business organization.”

In organizations without a formal information technology (IT) change management process, it is estimated that 80% of IT service outage problems are caused by updates and alterations to systems, applications, and infrastructure. Consequently, one of the first areas to address to improve service reliability is to track all changes and systematically manage change with full knowledge of the risks of the change and the potential organizational impact. While tracking change events is fairly well understood and is a common practice, consistently and reliably predicting the impact of change requires a disciplined, standards-based approach to assessing risk and likelihood of impact, a technique not usually found in off-the-shelf change tracking tools. –PNNL, Joanne R. Hugi

At Sony, the following are the risks in there IS / IT change:
- network connection
- One main Source
- Security Risks
- Financial Risks

To evaluate my learning about the recent interview, first, the network connection. During an IS / IT change, happens every time especially when an interruption to the signal occurs. No one can ever determine nor estimate when and where the interruption will happen, as according to the interviewee. Some of the said possible reasons (internet based) were it may be that you have simply made a typing mistake, and there is an error in the name of the remote host computer. In this case you should also receive an error stating that the host is unknown. Second, There may be problems with the configuration or physical setup of the network connection. Verify that other network connections are functioning. And, there may also be a temporary problem with the remote host computer. If this is the case, you should wait for a while and try to connect again later. You can contact the administrator of the remote host computer for additional information.

One Main Source. Actually, as said by the interviewee, the main server of their Information System is at Manila. If changes will occur, it would be hard for the personnel somewhere far at Manila to make communication with the main office. Also, Data Recovery would also be prolonged if their would be an IS change, IT personnel in charged especially if it is outsourcing, would feel different and likely would not use the new implemented system.

Security Risks. With regards to the security risks in an organization, when change will occur, it would be a new start al over again. From the firewall, to the anti-viruses used. Security risk is often, quantitatively, represented as any event that compromises the assets, operations and objectives of an organization. 'Event', in the security paradigm, comprises those undertaken by actors intentionally for purposes that adversely affect the organization.

Financial Risks. It involves large amount of capital to tests what are the suitable IS/IT in a particular business. Also the cost of the training of the employee in order for them to know about the new system and we should also consider the cost of the new hardware or software if there is a need to change the old. Due to the changing phases of systems, new techniques and technologies business enterprise has invested in Information Technology (IT) /Information System (IS) to hasten and creating a systematize transactions. Some technologies adopted are not suitable to the environment or the needs of the organizations. Moreover embracing new technologies or system usually starts in a trial and error process so the risk factor here is financial risk since not all technologies/system can be use every time we fail.

Reference:
http://www.prenhall.com/behindthebook/0132304619/pdf/Laudon%20Feature%203.pdf
Back to top Go down
View user profile
Jethro Alburo Querubin

avatar

Posts : 43
Points : 45
Join date : 2009-06-22

PostSubject: Assignment 2   Thu Oct 01, 2009 7:39 pm

With respect to the company we have interviewed, there are a lot of risks that will be faced as the company grew bigger. As technology evolve, you have to go with the level of business process or else the company will be left behind by all the technologies. Here are some risks they have encountered:

1. Compatibility with the business process

("Kinahanglan daw nimo gukdon ang business process while ga evolve ang technology". Which means, you have to be updated with "what's new" in the present with regards to technology.)

*compatibility indicates that a product can work with or is equivalent to another, better-known product.

*A business process or business method is a collection of related, structured activities or tasks that produce a specific service or product (serve a particular goal) for a particular customer or customers. It often can be visualized with a flowchart as a sequence of activities.

There are three types of business processes:

1. Management processes, the processes that govern the operation of a system. Typical management processes include "Corporate Governance" and "Strategic Management".
2. Operational processes, processes that constitute the core business and create the primary value stream. Typical operational processes are Purchasing, Manufacturing, Marketing and Sales.
3. Supporting processes, which support the core processes. Examples include Accounting, Recruitment, Technical support.

A business process begins with a customer’s need and ends with a customer’s need fulfillment. Process oriented organizations break down the barriers of structural departments and try to avoid functional silos.

A business process can be decomposed into several sub-processes, which have their own attributes, but also contribute to achieving the goal of the super-process. The analysis of business processes typically includes the mapping of processes and sub-processes down to activity level.

Business Processes are designed to add value for the customer and should not include unnecessary activities. The outcome of a well designed business process is increased effectiveness (value for the customer) and increased efficiency (less costs for the company).

Business Processes can be modeled through a large number of methods and techniques. For instance, the Business Process Modeling Notation is a Business Process Modeling technique that can be used for drawing business processes in a workflow.

2. Piracy
The unauthorized copying of software. Most retail programs are licensed for use at just one computer site or for use by only one user at any time. By buying the software, you become a licensed user rather than an owner (see EULA). You are allowed to make copies of the program for backup purposes, but it is against the law to give copies to friends and colleagues.

Software piracy is all but impossible to stop, although software companies are launching more and more lawsuits against major infractors. Originally, software companies tried to stop software piracy by copy-protecting their software. This strategy failed, however, because it was inconvenient for users and was not 100 percent foolproof. Most software now requires some sort of registration, which may discourage would-be pirates, but doesn't really stop software piracy.

Some common types of software piracy include counterfeit software, OEM unbundling, softlifting, hard disk loading, corporate software piracy, and Internet software piracy.

Software piracy can be defined as "copying and using commercial software purchased by someone else". Software piracy is illegal. Each pirated piece of software takes away from company profits, reducing funds for further software development initiatives.

The roots of software piracy may lie in the early 1960s, when computer programs were freely distributed with mainframe hardware by hardware manufacturers (e.g. AT&T, Chase Manhattan Bank, General Electric and General Motors). In the late 1960s, manufacturers began selling their software separately from the required hardware.

Current illegal software in the US accounts for 25 - 50% of the software in use (see web sites below for further detail). Other countries often have levels of piracy well beyond that of the US. For example, Carol Bartz, the president and chairman of Autodesk, Inc. (www.autodesk.com) reports that one of their flagship products, AutoCAD, has 90% of the computer-aided design (CAD) market in China, yet sales are virtually negligible due to the widespread acceptance of software piracy (Fighting Computer Crime: A New Framework for Protecting Information, Donn B. Parker, 1998). A number of annotated web sites at the end of this document contain information regarding estimates of software piracy throughout the world. Bartz also states that many software companies are reluctant to pursue the educational market due to concerns that several copies of purchased software may lead to millions of copies of illegal software, produced "in the name of educating children" (Parker, 1998).

Ways to Deal With / Minimize Software Piracy

As teachers, the easiest way to minimize piracy is to set a good example. Don't use pirated software or distribute commercial software to students or colleagues. It is important that policies go beyond individual classrooms, and that schools / districts develop software management, acquisition and implementation policies. These policies should be made clear to each teacher in the school's Acceptable Use Policy, with explicit statements regarding the unacceptability of software piracy. Technology Coordinators should determine which commonly used software packages are compatible with anticipated hardware and network upgrades, and make faculty aware of those changes prior to upgrade. Other ways to reduce the likelihood of software piracy are explicitly stated in Safeguarding Your Technology: Practical Guidelines for Electronic Education Information Security (http://nces.ed.gov/pubsearch/pubsinfo.asp?pubid=98297). Among their recommendations are:

1. Have a central location for software programs. Know which applications are being added, modified or deleted.
2. Secure master copies of software and associate documentation, while providing faculty access to those programs when needed.
3. Never lend or give commercial software to unlicensed users.
4. Permit only authorized users to install software.
5. Train and make staff aware of software use and security procedures which reduce likelihood of software piracy.

Finally, there are a number of network utilities which remove unauthorized files and programs on a preset basis. These utilities can effectively monitor and remove illegally possessed shareware and commercial software without any significant additional investment in network administrator time or effort.

3. Hacking
Hack has several related meanings in the technology and computer science fields. It may refer to a clever or quick fix to a computer program problem, or to what may be perceived to be a clumsy or inelegant (but usually relatively quick) solution to a problem. The term is also used to refer to a modification of a program or device to give the user access to features that were otherwise unavailable, such as DIY circuit bending.

acking is unauthorized use of computer and network resources. (The term "hacker" originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications.)

Hacking is a felony in the United States and most other countries. When it is done by request and under a contract between an ethical hacker and an organization, it's OK. The key difference is that the ethical hacker has authorization to probe the target.

We work with IBM Consulting and its customers to design and execute thorough evaluations of their computer and network security. Depending on the evaluation they request (ranging from Web server probes to all-out attacks), we gather as much information as we can about the target from publicly available sources. As we learn more about the target, its subsidiaries and network connectivity, we begin to probe for weaknesses.

Examples of weaknesses include poor configuration of Web servers, old or unpatched software, disabled security controls, and poorly chosen or default passwords. As we find and exploit vulnerabilities, we document if and how we gained access, as well as if anyone at the organization noticed. (In nearly all the cases, the Information Syhstems department is not informed of these planned attacks.) Then we work with the customer to address the issues we've discovered.

The number of really gifted hackers in the world is very small, but there are lots of wannabes.... When we do an ethical hack, we could be holding the keys to that company once we gain access. It's too great a risk for our customers to be put in a compromising position. With access to so many systems and so much information, the temptation for a former hacker could be too great -- like a kid in an unattended candy store.

4. People

With regards to people, they can't deny the fact that people wants a "greener pastures". People or employees are considered their risks if they look for a greener pastures. The capability of one person especially in the MIS department is unique to every different person. In effect, it would delay the work if someone is taken from a department to look for a greener pastures. It would also affect the service of the company to the customer.

http://en.wikipedia.org/wiki/Business_process
http://www.webopedia.com/TERM/S/software_piracy.html
http://www.ed.uiuc.edu/wp/crime/piracy.htm
http://www.crime-research.org/news/05.05.2004/241/
Back to top Go down
View user profile
fatima paclibar

avatar

Posts : 28
Points : 32
Join date : 2009-06-22

PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   Thu Oct 01, 2009 10:43 pm

Subject: Assignment 2 (Due: July 7, 2009, before 01:00pm) Fri Jun 19, 2009 9:30 am

Based on the organization(s) that you visited, what do you think are the risks associated with business and IS/IT change? (1000 words)

(Before anything else I would to apologize for the late reply post regarding this topic.)

When there is a change a risk is expected and business world is not an exception to this aspect. In business, taking risk is not new strategy if want to improve and to be able to compete to the fast evolving world of technology. An efficient strategy to be able to cope up with this scheme, changing or implementing an Information System is advisable.

What is an Information System?

Everything will be clearer if I’ll define first what an Information System is. So, according to our class discussion an Information System is more than technology, more than a computerized system that enables to automate all business processes. An information System is the combination of PEOPLEWARE + HARDWARE + SOFTWARE. It focuses in three dimensions which are the management, organization and technology.

Why Information System?

Business world is a very competitive phase of the real situation of today’s living. To be able to have an edge with other business firm, having an Information System is a great help. With this, an organization can automate its business processes, it is very useful in coordinating organization’s activities, how it support the decision making, synchronization of knowledge from different management levels, functions and business firms. This also gives more importance to the customer relationship; automate the flow of information to manage and coordination of the organization to its other business partner if any.

What are the risks associated with IS/IT change?

• Integrity risk, this refers to the information being vulnerable. While developing a new system the information is expose and a great possibility that it is incomplete, inaccurate and unreliable. The organization sets the standard requirements and policies to be use in the process of development of the said system thus data gathering must be collected cautiously, for this affects the system consistency. This aspect should not be bypass, for this may result to IT failure.

• Organizational risks, pertain to the resistance of the people within the organization to use the available technology. The end-users may find reluctant to operate it due to unfamiliarity of the system. The users and technology should cooperate hand in hand in this way we can say the system is fully utilized and the IT benefit is maximized.

• According to what I have read from the internet another risk is the business risks. This focuses on the financial or the monetary risks in an organization. Changing the Information System of an organization requires a lot of resources in the process as well as time yet the results or the success is not guaranteed. This attempt may improve the functionalities, efficiency and competence of the company’s system yet it may also pull it down resulting to bankruptcy.

• Security jeopardy is another thing to be considered. In here, the exposure of the significant and confidential information is at stake. There must be an access control and data manipulation restriction especially to those hackers which are not authorized to gain access to the company’s information.

• Another threat that must be considered is the Technical Risks. Here, we are talking about the capable of the end user of manipulating the said information system. It is said to be the one of the reasons why implementing an Information System in an organization fails because of the end-users. Lacking of the capability, skills, knowledge and ability to maximize the functions of the designed system and how to use it, the system would be useless and will only a liability to the organization. Thus, this requires intensive training and orientation of the system to all its users, which also means this will another process for the organization to make and this also include some financial aspects.


Back to top Go down
View user profile
joverly gonzales

avatar

Posts : 54
Points : 54
Join date : 2009-06-19

PostSubject: Assignment #2   Fri Oct 02, 2009 1:32 pm

Assignment #: 2 Based on the organization(s) that you visited, what do you think are the risks associated with business and IS/IT change?

The Risks that are associated with business and IS/IT change:

NEW CITY COMMERCIAL CORPORATION

NCCC are all about people: their associates, customers, business partners and community. Since starting out as a textile store in 1952 they continue to grow, expanding to different retail businesses and locations to serve more people.
The Company strives to offer Service from the Heart first of all to our associates. NCCC also maintain solid relationships with their business partners to provide a wide assortment of basic and unique merchandise that offers
They are proud of our journey and we continue to pay tribute to our founders and history by living up to our core values of humility, caring, hard work, excellence and fun. We live for our vision to be A Leader Who Cares.

We schedule to interview with there IT personnel about the risk of their IS/IT change in the organization. The following are some of the risk that the company experience.
The challenge that their department might encounter are the changes or switching of their system and their security. As technology arises, the company must adopt to the fast changing environment in order for the company to be competitive and updated. The personnel said that it is not easy for them to shift into another system because the company’s transactions might be delay. Aside from that, they have many aspect that they considered, like the end users, the people involve in the company. The following list describes some considerations related to the control environment and IT
  • -IT is often mistakenly regarded as a separate organization of the business and thus a separate control environment.
    -IT is complex, not only with regard to its technical components but also in how those components integrate into the organization’s overall system of internal control.
    -IT can introduce additional or increased risks that require new or enhanced control activities to mitigate successfully.
    -IT requires specialized skills that may be in short supply.
    -IT may require reliance on third parties where significant processes or IT components are outsourced.
    -Ownership of IT controls may be unclear, especially for application controls.


They considered risk in the company when they have to shift into new Information system or Information technology is how the company adopts those changes. Their personnel also considered the end user of the system, if it is difficult for them to use it. It should be a user’s friendly systems that can also be satisfy the needs of the company.

While early IT implementations clearly focused on automation of clerical and repetitive tasks, in today’s highly competitive business environment, effective and innovative use of information technology (IT) has the potential to transform businesses and drive stakeholder value According to the recent ITGI-PricewaterhouseCoopers study results, IT is quite to very important to delivery of the corporate strategy and vision .
On the other hand, poorly managed IT investment or badly implemented IT projects will lead to value erosion and competitive disadvantage. A number of or company–level studies and analyses show that IT contributes substantially to company's productivity growth. This contribution is by all means strong where IT strategy is linked with business strategy, thus IT can initiate major changes in organization structure, business processes and overall activities.
In one study, Brynjolfsson and Hitt concluded 'that while computers make a positive contribution to productivity growth at the firm level, the greatest benefit of computers appears to be realized when computer investment is coupled with other complementary investments; new strategies, new business processes, and new organizations all appear to be important.'

The technology itself has no inherent value and that IT is unlikely to be source of sustainable competitive advantage. The business value derived from IT investments only emerges through business changes and innovations, whether they are product/service innovation, new business models, or process change.
Therefore, successful organizations that manage to derive business value out of IT investments also IT risks are risks associated with intensive use of IT to support and improve business processes and business as a whole. They are related to threats and dangers that the intensive use of IT may cause undesired or unexpected damages, misuses and losses in whole business model and its environment.
Conscience about the systematic IT risk management should be present at all managerial level in organizations whose business is in any way related to the functioning of modern information systems (IS), no matter if they are used only for the purpose of business automation, or some vital business process are performed electronically. Since the efficiency, effectiveness and in a great deal the successfulness of all business activities depend on the functioning of the IT and IS, a sound risk management process should not only include technical or operational issues but also executive management’ frameworks such as IT Governance and IT Audit.

Therefore, successful organizations that manage to derive business value out of IT investments also understand the importance of IT control environment and manage the associated risks, such as increasing regulatory compliance and critical dependence of many business processes on IT. This in particular means that they manage the risks associated with growing IT opportunities. The risks associated with business processes conducted through IT support are not only any more marginal or ‘technical’ problems and become more and more a key ‘business problem’.

Back to top Go down
View user profile
ailaine adaptar

avatar

Posts : 50
Points : 57
Join date : 2009-06-19
Age : 98

PostSubject: p   Fri Oct 02, 2009 7:47 pm

Assignment 2:
Based on the organization(s) that you visited, what do you think are the risks associated with business and IS/IT change?


NekenFab Inc.
2/F Arañez Bldg., Prk 30, KM Ma-a
8000, Davao City, Philippines



NekenFab, Inc. is a Securities and Exchange Commission (SEC) duly registered company, is owned and managed by Filipino professionals whose address is at 2/F Arañez Bldg., Prk 30, KM Ma-a Davao City, Philippines.

The provision of appropriate and adequate housing for “all” signifies the state of the people’s well being, hence, like many countries, the Philippines has been pursuing to provide shelter to the homeless and the underprivileged.

It is in this concept that the NekenFab, Inc. was conceived and established to address the need for adequate housing in the country. As a private entity, the incorporators feel to venture in this kind of industry as their contribution to the solution of this social problem that the government is facing, and as partners in achieving national development.

The company has employed Filipino Architects, Engineers, Planners, and other professionals with track record of experience in planning, design, and construction. Likewise, its staff is updated with modern technology and project implementation and construction.

Furthermore, NekenFab’s uses their own Information System (MIS) in their business transactions. With the support from the latest computer-based design system, the company offer services that can manage, design and optimize or operations from the initial conceptualization to the actual construction of the project.

Risks associated with business and IS/IT change:

This dynamic business change and the consequent new configurations are believed to have a significant and pervasive impact upon the role of IS/IT. The formal 'technology push' common to these circumstances is clearly inappropriate given the coming out of these increasingly diverse and complex structures. IS/IT leveraged advantages may be enabled through more emphasis upon informal managerial coalitions and interdependent groups where successful business transformation incorporates behavioral adjustments.

This paper presents an analysis of three case studies in this respect, which demonstrate that the competitive environment encompasses multiple dimensions of change. This will necessitate attention to improving the organization culture through intense information sharing and communication enhanced through IS/IT implementation.

All businesses take risks based on two factors: the probability an adverse circumstance will come about and the cost of such adverse circumstance.


They have this what they call Operations Program (OP) which what they consider their Management Information System. The application is programmed using MS Access. Here listed below are some of the risks associated with business and IS/IT change in NekenFab, Inc:

No Lack of expertise- The OP they are using is developed and created by the owner himself. Consider that the owner is a Civil Engineer and he learned the MS Access himself. Their system is a product of a study which makes it not secured because of lack of expertise.

No Managing problem- (Please read the first risk first) The owner resides in Manila which makes the maintenance/ check-up of their system not constant. A non-IT staff is pointed to fix the system whenever there is a problem. He is thought by the owner. And, again, like the owner, he is an Engineer, not an IT personnel. That's the main risks to their system.

No System Failure- A system failure can occur because of a hardware failure or a severe software issue. Commonly, a system failure will cause the system to freeze, reboot, and/or stop functioning altogether. This is the worse risks that the company is worried about.

The company is a picture of an expert in construction works which is specialized on housing. On the other hand, their management lacks of data security that might cause a great loss for their company.
Important data from the construction site is travelled through flash disk and as mention earlier is prone to data loss. Aside from that, data management with Microsoft access as its aide is not sufficient to protect important information. The management relies on hard copy as there file back-up in case the system might crash or the files get corrupted. They have to print hard copies of data which might get lost when not properly kept.
Another thing, the company does not have any personnel that take care of their data-keeping system. The owner who developed their system relies on other staff he thought of how to use the program fixes the system whenever there is a problem. The personnel who are in charge the system is not really educated of programming.

No Security Risks- as stated above, their data from sites regarding their construction projects are saved on a flash disk and a staff is going to bring it to the office. In this process itself, the data security is weak. During the data transfer, the storage device is exposed to the outer interference and there is a possibility that some unauthorized personnel/worker can view the data.

No Financial exposure- according to them, their financial reports are sometimes exposed to some unauthorized personnel due to their process of transferring of data.

No Daily Backup- There is a risk and at the same time hassle to the company associated to their IT/IS. Our interviewee said that they are producing a back-up copy of the data (hardcopy/ print-out copy) from time-to-time. What am I referring here as from time-to-time is every data transferred from the d=site to the office. The flash disk, as we all know, is prone to viruses or unwanted programs. The flash disk then is not just carrier of their data but also a carrier of risks. The company encountered a system failure for how many times now just because of the viruses their storage device is carrying. If that happens, Encoders benefits a lot! The office will retype/re-encode ALL their business transaction into the system. See? How hassle it is for them to make a daily back-up! This is the risks of their IT/IS which converted from manual to simple Information System.


I have here nice list from an article that states some concept on how to manage associated IT risks in an organization.

The Three Core Disciplines of IT Risk Management—These are:
study A well-structured foundation of IT assets, an installed technology base of infrastructure and application technologies, and supporting personnel and procedures
study A well-designed and well-executed risk governance process that provides an enterprise-level view of all risks
study A risk-aware culture in which everyone has appropriate knowledge of risk


Reference:
http://www2.computer.org/portal/web/csdl/doi/10.1109/HICSS.2000.926955

Back to top Go down
View user profile
Sponsored content




PostSubject: Re: Assignment 2 (Due: July 7, 2009, before 01:00pm)   

Back to top Go down
 
Assignment 2 (Due: July 7, 2009, before 01:00pm)
View previous topic View next topic Back to top 
Page 3 of 4Go to page : Previous  1, 2, 3, 4  Next
 Similar topics
-
» reinstituting selective pre-audit on government transactions
» Amendments to the Revised IRR through GPPB Resolution No. 06-2009
» A Boutique and an assignment against me.
» New Baby, New Assignment, Old Dress
» 09th July 2011 - London UK - Masjid Al Ansar presents The Key to Paradise by Sh. Mohamad Salah

Permissions in this forum:You cannot reply to topics in this forum
USEP-IC  :: MIS 1-
Jump to: