This reading case describes a system implementation problem that has caused several damages to the students of Indiana University. The university was implementing this financial aid system when the problems crop up. Not only the University but also the outside observers gave their opinions and statements about the ones they consider responsible about the fact. In my opinion university’s explanation is not satisfactory and sounds more like a justification. Meanwhile outside specialists give a reasonable explanation supported by adequate arguments, questions and examples. All the facts and arguments indicate that the university is the one to be blamed. All indicates that it could have prevented the failure.
The other part of the paper explains the importance of keeping the information safe from the different attacks of viruses and hackers because it plays e key role in a business. Today has become very difficult to protect a company’s data. The positive thing in all that is that every day the number of companies that are focused on improving information security, increases. We can mention some of these companies: energy and utility companies, Accenture Finance Solutions company, Cisco Systems, Microsoft etc.
A system implementation failure
This case describes a system implementation problem that has caused several damages to the students of Indiana University. The university was implementing this financial aid system when the problems crop up. Like many other cases after the occurrence came the problem’s analysis. Not only the University which is directly involved in the problem, but also the outside observers gave their opinions and statements about the ones they consider responsible about the fact. Both sides give arguments to support their statements. Before giving a personal opinion is important to examine carefully arguments from the both sides. After reading the explanation I can say that I have to give the right to the outside observers. Apparently seems that they can’t understand the situation better than the university which is within the situation and has all the information required to make analyses. It is not as it seems. In my opinion university’s explanation is not satisfactory and sounds more like a justification. Meanwhile outside specialists give a reasonable explanation supported by adequate arguments, questions and examples. The associate vice president of the university says that it is a system proper problem and the staff also supports the fact that the problem was impossible to be foreseen and prevented. We can not accept that because we know that a system is composed of some elements which include lo other parts besides the software. The university could do more regarding the processes and the people. Outside observers give full arguments about the university’s mistakes. It shouldn’t have been working to retire systems and should have calculated better the time to make possible the comprehensive testing and the staff training before the start of classes. Sometimes is possible that certain implementation programs can’t be easily foreseen and prevented. I would like to present the failed implementation program in a large and prestigious company.
As many of us may know, NIKE is a leading footwear and apparel company. In 2001 the company had e revenue shortfall which was caused by the failure in the supply chain software installation. The purpose of the Supply and Demand Planning software implementation, was to help the company match its supply with demand. This would be realized by making a map of the manufacturing of some products. After the failure which affected very much the reputation of the company, the analysts gave the possible reasons for it. They think Nike made lapses in the project management, too much customization and put more trust than it had to put on-demand forecasting software. Analysts say that Nike could have avoided this failure by taking the implementation seriously and setting realistic goals. In other words they blame the company for an erroneous strategy. This is only one side of the analysis.
The other side indicates that the problem was difficult to be foreseen and prevented. The company which provided the software did a good job of delivering it on time but unfortunately, it resulted in several malfunctions. According to Nike this company forecasted different results from the occurred once. NIKE could not foresee the fact that the other company wouldn’t “keep the word given”. NIKE tried to do its best to repair the damages and now it has successfully implemented the program becoming an example for many other companies.
I do not think that the university we are talking about faced the same situation as NIKE. It had the possibility to prevent the failure by taking certain measures at the proper time. If we read carefully university’s explanation in our minds comes many questions and unclear things. The first thing to be considered is: Did the university think the same as me before starting the program implementation. What I am trying to say is that possibly the university did not pay attention to some key aspects of the implementation. I think that the main reason for this is that the staff considered the system compounded only by a part: the software. Thinking like that they pass all the responsibility to the software forgetting that the system has also other key components. The first thing that could have been done differently has to do with the human component of the system. The university had to find out if the users were ready to make the necessary changes and by which time this could happen. Even if doesn’t seem to change people’s attitudes and behaviors is a real challenge in implementing new software systems. It was a great error of the university to wait until the start of the classes to begin training the users. To avoid problems with interface issues the university should have started in time the comprehensive testing.
We can say that the system interfaces’ probable problems were quiet ignored. It could foresee the quality of the incoming data and a possible infrastructure incompatibility.
By missing all these steps it became impossible to avoid the damages. From all the facts above seems that the university could have prevented the failure.
We do not have sufficient evidence to say that it accepts the responsibility of the failure but I think that it learned from this experience and the next time will think twice before implementing another system.
The importance of a security information system
Some business managers recognize the importance of the security because the information is the main part of your business. If, for any chance, any unauthorized outsider manages to access the system, then all the businesses will suffer negative consequences. Today has become very difficult to protect a company’s data. Every day the number of the companies that are focused on improving information security, increases. The companies who want to take this measure should be careful to make sure that the older applications in different operations are not a problem for company’s security standards. They should protect themselves from the mobile security threats and set strong data protection policies.
The Accenture Finance Solutions is a global company that provides management consulting and technology services. It is an example of companies that want to improve data security. The company managed to build a central repository where were put all the reliable data. It was very safe because the users had to present their identity to control them. It was a challenge for the company to do that because it was operating in a complex technology environment and had to integrate itself with that. The company also upgraded the reporting tools. Currently, energy and utility companies worldwide are making greater efforts to improve security. They are investing a considerable part of their IT budget to achieve that, spending much more than the years before. These companies are building up their security programs and systems. They are making safer the control access by improving the infrastructure. Another important priority of these companies is the protection of the private information of the employees and customers. They are working to create an inventory of user data by encrypting the stored data and the data transmission. All the companies are interested to prevent the impacts caused by security accidents. They cause financial losses and affect the organization’s reputation. Many companies collaborate with partners making strategic alliances in order to protect their information. Here we have the case of two companies.
Cisco Systems and Microsoft will integrate their efforts to improve their security architectures in order to protect their data and computers from the attacks of viruses, hackers or other threats. The companies have decided to collaborate and make the necessary efforts to better coordinate the work between the network and the computer servers. The senior vice president of Cisco’s Security and Technology Group explains that the main goal of this collaboration is to improve the security of the network systems of their customers and reduce the cost of the security management. They want to help customers to utilize better their existing investments in the products and technologies of these companies. We have to accept that we can not have perfect information security. The only thing we can pretend to achieve is a reasonable level of security. Many times the information security is considered only a technology issue. This is not right because it is a process that includes another part besides the technology like procedures and people. The information’s security purpose is to provide availability and confidentiality by protecting the data within the information system. Information security should be implemented through an information security program. All businesses have ethical responsibilities related to the management and security of the data.
Business companies have to protect the data of their clients and also employees. They have the right to be ensured that the privacy of the information they give is guaranteed. The companies have to manage their data correctly to avoid different problems like the ones mentioned above. Businesses should guaranty basic physical security. Securing your hardware, software and data has become an essential aspect of information technology.