What are the possible risks if you have a system change?
Changes is a completely or partially migrating or transforming from old one into a new one. Everything is changing even people change, no one is exempted. Changes is inevitable. Only thing that doesn't change is changes itself. Change is important, but change must be controlled so risk does not escalate to unacceptable levels. Because more change may mean more opportunity but also more risk. Not only do different parts of the enterprise maintain different views and definitions of risk — within the IT department a fragmented approach to defining and managing risk exists. This does not only involve IT but also involve the company. And it is very important to be aware of it because this can affect the organization.
System change for good of the company to improve accounting, finance, operations management, marketing, human resource management, or any other major business function. The blending of technologies and traditional business concerns is impacting all industries and is really the latest phase on the on going evolution of business. All companies need to update their business infrastructure and change the way the work to respond more immediately to customer needs.
Common Risk in the Company.
1. Lack of top management commitment to the project - employers shifting system for the improvement of their company but forgot to consider some requirements. Employer involvement is not that strong to address the new uprising problem while dealing the new technology. Employer cut down their support because limited management commitment.
2. Lack of adequate user involvement- in newly introduce system only few may know that the company has already shifted to a new system in which few users have been train for it. The possibility that some user may have difficulty in analyzing and dealing with the new system for lack of adequate user involvement and may lead to misinterpret.
3. Failure to manage end user expectations- end-user are important factor to be considered if there will be a shifting of system cause they are the responsible of manipulating transactions. Failure to manage end user expectations may cause downfall of the company in which before implementing new it must see to it that it fits on the end-user and end-user must properly be oriented the new produce system.
4. Lack of required knowledge or skills in the project personnel- this problem maybe address through prover training and assistance.
5. Introduction of new technology- In introducing the new technology to the end-user it might that easy or it needs time for adjustment in which some might can't go after it. Some personnel might become hard for them to shift from the system that they were being comfortable with.
6. Insufficient or inappropriate staffing- some staffs like oldies personnel that fun of using manual operation might not be capable on using the new implemented technology which leads to failure to gain user commitment.
7. Conflict between user departments- the conflict may be visible in every department lead by Misunderstanding the requirements and unclear requirements.
8. LOSS. The risk of loss resulting from inadequate or failing internal processes, people, and systems, or from external events.” While the potential for loss is the centerpiece of risk, some organizations have broadened the scope of their risk definitions to including the loss itself. By coupling the loss with the risk, risk becomes more urgent and quantifiable. In addition, an impact assessment becomes the natural output of an identified risk.
9. UNCERTAINTY. Uncertainty, so often tied to events or forces outside of the organization’s immediate control, opens a Pandora’s box of risks that organizations must recognize and mitigate. By acknowledging the importance of uncertainty and planning for it, firms convert a risk management strategy from the defensive to offensive. The COSO framework describes this as enterprise risk management.
1. Loss of Integrity. System and data integrity refers to the requirement that information be secured from inappropriate alteration. Integrity is lost if unauthorized changes are made to the data or IT system by either intentional or accidental acts. If the loss of system or data integrity is not corrected, continued use of the contaminated system or corrupted data could result in inaccuracy and incorrect decisions. In addition, violation of integrity may be the first step in a successful attack against system availability or secrecy. For all these reasons, loss of integrity reduces the assurance of an IT system.
2. Loss of Availability. If a mission-critical IT system is unavailable to its end users, the organization’s mission may be affected. Loss of system functionality and operational effectiveness, for example, may result in loss of productive time, thus impeding the end users’ performance of their functions in supporting the organization’s mission.
3. Loss of Confidentiality. System and data confidentiality refers to the protection of information from unauthorized disclosure. The impact of unauthorized disclosure of confidential information can range from the jeopardizing of national security to the disclosure of Privacy Act data. Unauthorized, unanticipated, or unintentional disclosure could result in loss of public confidence, embarrassment, or legal action against the organization.
10. SERVICE DISRUPTION. Service disruption approaches the issue of risk from effect rather than cause — forcing IT to recognize the consequences of service disruption on non tangibles such as its reputation and business expectations.
11. Job loss- it is really possible that many may loss their jobs if new technology be introduced for machine may manage and take place the task which was worked by the workers. Employer may favor on the machine for machine for it do task faster and more efficient. This is might unfair but still being practice in business firm.
These presented above risk are just the common and easy detected ones. In the long run many problem may arises but it can be minimized if it will be address as early as possible and find the best suitable solution for the problem. These risk must taken by granted cause it can be reason for company's downfall. It arises in any form of business firms it might be a small enterprise or the giant one.
Reference:
http://mariechelleit.blogspot.com/2008/09/what-are-risks-associated-with-business.html
http://ladyinstinct.blogspot.com/2008/07/it-risks-know-them.html
Assignment 2
- Tuesday, August 4, 2009
Subscribe to:
Posts (Atom)