chapter 15 managing information. agenda chief information officer is department and end users...
TRANSCRIPT
Chapter 15
Managing Information
Agenda
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
Chief Information Officer
• Align technology with business strategy
• Implement state-of-art solutions
• Provide and improve information access
Agenda
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
IS Department and End Users
• Let them sink or swim (do nothing or educating)
• Use the stick (policies and procedures)– Steering committee
• Use carrot ( incentives)• Offer support
– Information center– Help desk
Agenda
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
Control and Security
• Logical control
• Physical control
• Data control
• Communication control
• Administration control
• Application control
Physical Control
• Location (traffic)
• Security (lock)
• Environmental (air)
• Fire
• Power
Logical Control
• Photo
• Fingerprints
• Voice
• Eye
• Signature
• Password
Data Control
• Minimal privilege
• Minimal exposure
Communication Control
• Firewall
• Decryption
• Encryption
• Private & public key
Administrative Control
• Policy
• Procedure
• Hardware
• Software
• Employee
• Data
Application Control
• Input control
• Processing control
• Output control
Agenda
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
Contingency Mgmt
• NOT disaster recovery– Reactive, not proactive
• Worst case scenario– All our eggs in one basket– Natural disaster– Human error / sabotage
Contingency Mgmt. Methods
• Disaster Recovery firm– Outsource strategic function?
• Off-line storage
• Data redundancy– Replicated databases– Fragmented databases
Contingency Methods
• Back-up power generators
• “What if” scenarios– Military war games
• Scaled-down manual system
• Back-up / recovery procedures
Contingency Methods
• Parallel systems
• Processing backup facility– Cold, warm, hot site
Cardinal Health• Redundant systems for critical order
processing
• Redundant WAN trunks
• System data backed up daily– Backup media kept off-site
• Backup replica site– Different part of country– Switched on within 30 minutes
Points to Remember
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
Discussion Questions
• What types of control do you have implemented in your organization?
• Tell us a Contingency Management war story– What happened?– How did the firm recover?– How could the situation have been
• Averted?• Mitigated?
Assignment
• Review chapters 8-14
• Exam 2
• Group assignment
• Research paper & presentation