Thursday, July 24, 2008

risks associated with business and IS/IT change..

Information technology performs the key role in the development not just the business itself, but also for the assurance that its strategic objectives are not in a risk by IT failures. Risk with business associated with IT/IS changes are increasingly a big issue on the business IT failure.

What are the risks? Since it plays such a significant part in most project approaches and functions, business personnel must think of some possible risk associated in IS change.

An expense risk happens when there are some transactions to be made and the company fails to provide enough funds to support the investment made in IT.

Access or Security Risk
, in many countries, it is required by law that the personal data must be kept private. Due to the increase demand of IT and change in IS in most businesses, revealing of personal data is such a big risk for it will be available to those without appropriate authority which will turn out to loss of privacy.

Integrity Risk
happens when some data are not anymore reliable for the reason that they are incomplete and not accurate. In this day and age, we are experiencing this kind of problem through internet. I have heard lots of rumors that information in internet now is not anymore reliable. The reliability of information in IT is such a great menace for it causes IT failure.

An infrastructure risk takes place when the organization does not have enough IT infrastructure and systems that can efficiently support the needs of the business. Changes in information technology can also be the cause of system failure which results to damage in business development.

Project ownership risk
occur when a company choose to change some of its strategies in IT/IS business plans and the future business IT project fails to meet its objectives through lack of liability and assurance and due to the new IT business approaches.

In changing business approaches especially in IS/IT, we need to deem some lists of risks and established some possible actions to this menace. We need to fully identify and know all information that needs to be protected and managed. Implement controls to cover the missing areas that expose the organization to a high level of risk.

More ideas from:

No comments:

Post a Comment