Abstract
Large scale implementation of information systems undergoes a lot of process and risk management. With organization-wide information systems that are bound to automate large-scale business processes, complexity is increased as there is a need to have good integration of the divergent processes in the organization. With automation in the business processes in many companies, there is the saving of operations costs and the possibilities of attaining collaboration in a creative and innovative way. The recent developments in large-scale information systems have made the working of the various departments synergized so that the human resource department can work on the information from the finance department and get the financial details of someone without the need to get it physically from the department. The use of distributed databases has been the most important factor that has greatly facilitated the quantum jump in technology which will be instrumental. Grid computing is a new technology that is being implemented and rolled out in various companies. There are various risk factors that should be considered while undertaking the project. This paper will focus on the large-scale management and implementation of information systems by Synergy Ltd. Company and how they ensure that the various risk factors are well managed and articulated. It will also focus on the factors that should be considered when rolling out grid computing technology in the various client companies of Synergy Ltd.
RISK FACTORS AND ORGANISATIONAL IMPACT
The implementation of the project can be said to be highly risky. With the partnership with the various universities for spare-capacity of the quality and quality of the service. This will enable services to be offered on an on-demand basis. With this partnership, there are various risks that will be met.
One of the risks that will be met with this arrangement with the universities is that of Bandwidth and quality of service. The PrivateInvestor package depends on the network for most of its processes. Dependency on internet connectivity is one such disadvantage. Data storage and retrieval require a constant connection of internet. While many websites are usable in non-broadband or slow connections, grid based applications are not. Grid computing requires connection speeds in the range of Kilobytes and above. Other attractive features of concern include Quality of Service (QoS) response time and latency. With the arrangement that will be entered with the universities, it will mean that the universities will have to dedicate their time and network to the working out of this partnership. With network use in the university and the need for faster connections by both students and faculty members, there might be experienced limited connection bandwidth which will affect the data retrieval for the clients. With the equity data being sought by investors, there is a need to ensure that the data is available all the time. Any laxity in the connectivity will bring into fore failure. With share prices depending on time and any decision that is made being affected by, there is a need to ensure that the network is optimal.
Another risk that will be experienced in this aspect is that of security of data. The use of grid computing entrusts data to third parties who may not be trusted to secure it properly. The third parties in this case are the universities who will be partners in in the process. Synergy Finance Solutions Ltd., which offers grid computing services for many companies, may not have advanced security apparatus to safeguard private investment data. Many grids based companies provide services to each other thus a need to share information. Client information may be unwillingly shared as well with advertisers to help offset costs. In the case of the university providing spare-capacity of the nodes which are used in the university, the issue of security is an important one. This is because there may be other partners with the university and data and information systems could be run on the same servers.
Another risk factor is the legal constraints. There is a lack of legislation in some universities that safeguard the storing, encrypting and security of data and information. In the case of security breach, infrastructure failure or bankruptcy of a company, users are left with no recourse. Many universities serve many partners and may have limited restrictions to their data access and use.
Another risk issue is that of human rights violation. There are no clear guidelines concerning human rights and grid computing. Issues of rights to freedom of expression and freedom of the association are not clearly defined as to be subjected to unwarranted university surveillance. With the handling of investment data, there might be interested parties who will want to analyze the data and the historical data of the various companies whose share prices are of interest to the private investors. This will mean that the data and the historical data and information will be accessed and used by various agents.
Another risk factor is that of lack of technological knowhow. With the new systems being implemented, there might be a lack of proper knowledge by the technical crew to handle the grid infrastructure. This is because grid computing is still a new technology. There could be compatibility issues with the technology. The technology is still evolving and there is still research that is being undertaken.
Another risk factor is that of the high cost of the setup of the new partnership technology. This is because of the fact that the grid technology is still new. There will be the need to set the security feature infrastructure. Also there is the issue of the boundary of the handling of the data between the university and Synergy Finance Solutions Ltd.
Negative impact of failure
If the technology fails and does not perform as expected, there will be a lack of trust in the implementation of information systems by Synergy Finance Solutions Ltd. They will also make the universities lose trust in their research as they will be taken to be not thorough in their research.
TRUST AND SECURITY
With the grid computing technology, the issue of data and their security is an important one. The arrangement of the PrivateInvestor package and the way data and information is handled in this package is a point of concern that should be handled well in the new setup. Data which are stored outside the premises of an enterprise brings to the issue of security. How safe is the data? Who else assesses the data? Data which have been outsourced bypass the controls of the personnel of the enterprise. The client should get as much information as possible about how the data is stored and how the integrity of this data is catered for. The providers should be asked specific information about their hiring of privileged administrators who will manage the data.
With the new setup of the grid, it will be hard and difficult to know which areas and data the university partners will be allowed to access and which ones they will not be allowed to access. The private investors will lose control of information because of the introduction of third-parties in the management of the data and information. There is the issue of loss of control for information. The private investors will lose control of the investment data and historical data once they are sent to the grid. Hackers are no longer teenagers who are idle but they have become expert IT professionals who have made hacking their full time mission. The issue of security cannot be left on remote managers and servers and expect that everything will be right.
TECHNOLOGICAL MATURITY
Grid computing is a mature technology. The issue of sharing data in the cloud and grid is something that has attracted extensive research. There are frameworks which have been developed. The technology is mature enough and there are frameworks which have been developed that will be used to handle security. The maturity of grid computing is enough and the implementation of grid computing in any aspect can use the many research implementations and strategies to achieve full implementation.
There are various risk factors that are associated with this. One inherent risk factor that is associated with this technology is that there is still ongoing research that is being undertaken. This way, there are changes that might be experienced with the use of this technology. The changes may force the virtual organization to change the technology; this will bring other expenses in undertaking the change.
Another inherent risk is that there may be lack of technological support staff that will support the use of the technology. The users and the PrivateInvestor package may lack support if better technologies are realized in the future.
References
Beisse, F 2009, 'Customer service skills for user support agents', in A guide to computer user support for help desk & support specialists, Cengage Learning, New York.
Beisse, F 2009, 'Introduction to computer user support', in A guide to computer user support for help desk & support specialists, Cengage Learning, New York.
Berry, S 2009, 'Social institutions and access to resources', Cambridge Journals, vol 59, no. 1, pp. 34-45.
Ciampa, M 2009, Security Awareness: Applying Practical Security in Your World, Cengage Learning, New York.
Computer Security Institute 2011, 'Computer Crime and Security Survey', Computer Security Institute Survey, pp. 28-29.
Dhillon, G 2005, 'Interpreting the management of information systems security', Computer and Security, vol 54, no. 6, pp. 65-76.
Dieter, G 2009, Computer security, John Wiley and Sons, New York.
Kim, D & Solomon, M 2010, Fundamentals of Information Systems Security, Jones & Bartlett Learning.
Lindup, K 2006, 'The role of information security and corporate governance', Computers and Security, vol 54, no. 15, pp. 447-485.
Matt, B 2003, Computer security: Art and science, Pearson Education, Inc., New York.
Morley, D 2008, Understanding Computers in a Changing Society, Cengage Learning, New York.
Neumann, P 2006, Computer-related risks, Addison-Wesley, New York.
Peltier, T 2005, Information security policies, procedures, and standards: Guidelines for effective information security management, Auerbach publications, Boca Raton, Florida.
Pretur, J & Erdrat, P 2011, 'Computing and information technology', Academy of Management Review, vol 20, no. 2, pp. 343-348.
Raman, M, Sharma, S & Sharma, S( 2004, Technical communication: Principles and practice, Oxford University Press, London.
Randall, P 2007, Multimedia: From Wagner to Virtual Reality, Norton, New York.
Russell, D & Gangemi, G 2011, Computer security basics, O'Reilly and Associates, Sebastopol, CA.
Sadgrove, K 2005, The Complete Guide To Business Risk Management, Gower Publishing, Ltd, New Delhi.
Schneier, B 2010, Secrets and lies: Digital security in a networked world, John Wiley and Sons, New York.
Steinmetz, R & Nahrstedt, K 2005, Multimedia: Computing, communications, and applications, Prentice Hall, New York.
Tan, C & Ruighaver, A 2005, 'A framework for investigating the development of security strategy context in organizations', Conference Proceedings of the 6th Australian Information Warfare and Security Conference: Protecting the Australian Homeland, Deakin University, Sydney.
