StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

GAP Analysis Issues - Report Example

Cite this document
Summary
The report "GAP Analysis Issues" focuses on the critical analysis of the major issues in the implementation of GAP analysis. Business operations face interruption risks that could lead to terminated processes and lost data. Many techniques prepare an organization for such interruptive occurrences…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER98.8% of users find it useful
GAP Analysis Issues
Read Text Preview

Extract of sample "GAP Analysis Issues"

GAP analysis November GAP analysis Introduction Business operations face interruption risks that could lead to terminated processes and lost data. Disaster recovery and business continuity (DRBC) planning however prepares an organization for such interruptive occurrences. Bank Solutions Inc. offers item processing services, such as in-clearing and Proof of Deposit (POD) processing, item capture, return and exception item processing, and image archive storage and retrieval, to diversified stakeholders such as community banks, internet banks, and small to midsized credit unions. The company is at its prime image for buyout and seeks to maintain this attractive position. Risk assessment however identifies issues, risks, and challenges that could threaten this position, and this report offers an analysis of the factors and recommends a security strategy and security solution for managing the risks, issues and challenges. The report is organized into five sections for clarity. Step 1: Key Issues/Challenges/Risks Key security and technology issues Scope of the company’s operations that include clearing deposits and processing proof of deposits, as well as item processing and data storage and retrieval identify exposure to diversified security and technological issues. “Integrity and authentication” as well as confidentiality are some of the security issues that are apparent to the company’s operations, based on the assessment (The United Nations, 2007, p. 31). Ease of alteration of electronic data offers threats to unauthorized changes and difficulty in detecting such changes or the times at which the changes are made. Assessment results shows that the company’s system has not been updated since January 2009 and that its disaster recovery and business plans have not been tested (Camara, Crossler, Midha, & Wallace, 2011). These exposes the company to integrity and authentication issues among its employees as fraudulent programs could lead to undetected malicious errors. Even though disaster recovery and business continuity master plan was developed, with intention of modification at facility levels, some facilities have not customized and implemented the plan, a factors that also offer threat of malicious data loss. Assessment results also note that measures for addressing security incidents towards preservation of evidence lack and means easy leak of information and data, contrary to expectations of confidentiality doctrine. This also extends privacy, as a security issue. Repudiation issues is another security based concern (Chhabra, 2013) that is imminent in the company’s system. Results on event logins shows that power users with write access also use general even log and the multiple access point is an indicator of possible actions with which power users do not want to associate. Use of a system whose update is long overdue is also a threat to system performance and the organization could be operating inefficiently. Some of the company’s plan participants have also not accessed the company’s DRBC plan, a factor that identifies possible incompetence in the plan’s implementation. Full back up performance are also dome on a weekly basis and this exposes data to loss from the system’s physical damage. From a technological perspective, multiple layer applications, such as experienced in different outsourced data storage and possible add in applications to the company’s system, is another issue. Design complexity of the DRBC plan as well as that of the system, since some users have not even accessed the plan, is another issue (Beqiri, n.d.). Risks and challenges Unskilled staff, inefficient change management, insufficient training, inefficient communication of procedures are some of the risks and challenges that database management and operations face (Abdalla & Albadri, 2010). Unskilled staff lack competence in their expected operations the fact that some personnel have not accessed DRBC plan suggest risk of their incompetence in expected practices. The experience at one facility where back up operations have failed is another indicator of incompetence operations. Outsourcing for backup while the company has systems for the same operation also suggests personnel’s inability to utilize available resources. It is also evident that the company uses an outdated system that it has also not tested for compatibility with the dynamic operational environment. Poor change management is therefore a challenge. Not only is the organization under threat of effects of insufficient training for personnel but analysis results show that it plan participants have not undergone any form of training. Availability of DRBC plans in the organization system, yet some plan personnel have not accessed the plan is also an indicator of poor communication. Derived paradigms The identified risks and challenges are likely to compromise efficiency of the organization’s systems into poor service delivery. Processes may be slow, may be erroneous, and could fail to identify fraud by employees of external hackers. “Technological paradigm” and “socio-technological paradigm” can however aid the company’s service delivery (Academic Conferences, 2009, p. 239). Technological paradigm integrate systems with the aim of availing, sharing, and distributing knowledge and such applications as enterprise resource planning and cloud computing could inform the organization’s system update. Socio-technological paradigm could also facilitate communication and personnel’s motivation into pursuing the organization’s objectives. The paradigm is likely to eliminate laxities such as personnel’s incompetence and lack of fundamental information on the organization’s blue print for operations. Step 2: Recommended Security Strategy for Mitigating the Issues and Challenges Times back up data base strategy that incorporate data encryption and restricted data access is the recommended security strategy for mitigating the issues and challenges. Based on a developed model from Oracle database, the timed backup system ensures automated backup creation, and would remedy such issues as system performance, and untrained staff because such a system is automatic and would therefore require minimal personnel attention. It will also guarantee back up and therefore prevent risk of data loss through damaged systems. The automated system also limits multiple data storage approach such as interlinking data centers and simplifies the backup system (Du, 2012). “Transparent data encryption” that encrypts data automatically could enhance safety of stored data through restricting readability (Solomon, 2013, p. 296). This would guarantee confidentiality and privacy of information, especially if decryption is restricted to specific personnel or office. Following such an application is the need to restrict access to data, especially decrypted data, and Structured Query Language (SQL) can facilitate this. This will ensure that only people who are authorized to access data access it, and would reinforce confidentiality and privacy issues besides improving authenticity of data. With restricted data access, ensuring integrity is easier because users can be traced and be held accountable, especially with use of designated individual access accounts with private entry passwords (Solomon, 2013). Step 3: Proposed Security Solutions and Relationship to the Case Changing from the current backup system to an integrated automated backup system that includes data encryption and Structured Query Language is therefore the recommended security solution. The solution’s technology is an upgraded Oracle database, Structured Query Language, and Transparent data encryption. The database backup system is automatic and procedure only exists for developing it. This includes creating backup parameters and then following this by a stepwise procedure of setting up backup intervals, defining backup directory, and running the program. a technology expert is needed for this. The technician also incorporate key for the encryption program but a programmer is necessary for creating the Structured Query Language (Du, 2012). Step 4: Proposed Timelines for Addressing Elements of the Strategy The strategy involves development and running an automated and improved Oracle backup system that has encryption and SQL programs. This will ensure integrity and authentication through restricting access of stored data to specific individual, a factor that will facilitate accountability and truthfulness among personnel who access stored data. Attained integrity will also eliminate possible repudiation of ills. Efficient system performance and limited need for staff training are other recommended solutions that the automated system will achieve. Secured data, through an efficient backup system, and simplified data backup system are other recommended solutions. Three tasks help in achieving the solutions. Development of the automated Oracle backup system is one of the tasks and relates to system performance, staff training, data safety, and complexity. Integration of Transparent data encryption and SQL programs are the other activities and the two resolves problems that relate to integrity, authentication, confidentiality, privacy, non-repudiation. The table shows proposed timeline for implementing the three activities. Table 1: Timeline of activities Time Activity People involved Resources 2 weeks Recruitment and appointment of technology specialist Outsourced human resource specialist Money for consultancy 1 week Review of recommendations and the organization’s system Appointed technologist, the company’s technologist and member of the engagement team Human resource 1 ½ weeks Development of the backup system Outsourced technologist Oracle software and human resource 2 week Pilot implementation in one of the data centers Outsourced technologist Human resource 1 week Incorporation of Transparent data encryption program and testing in the same facility Outsourced technologist Human resource 1 week Incorporation of SQL program and piloting in the same facility Outsourced technologist Human resource 3 weeks Evaluation of success and effects of the proposed change Outsourced technologist and the engagement team Human resource 1 week Implementation Outsourced technologist and the engagement team Human resource 3 months Evaluation and recommendation of possible changes Outsourced technologist and the engagement team Human resource Step 5: High-level Recommendation for Mitigating Risks Mitigation An upgraded Oracle backup system that also has transparent data encryption and SQL is recommended for mitigating the identified issues, challenges, and risks. The backup system will facilitate the organization’s key objective through proper data storage while the integrated programs will ensure safety. This will reduce burden on human resource due to data management. Next steps The company should develop a team of IT specialist that can develop and run a secure internal database management system. This will the company’s image among its customers and ensure its competence in protecting data from external threats. References Abdalla, S. & Albadri, F. (2010). ICT acceptance, investment, and organization: Cultural practices and values in the Arab world. New York, NY: IGI Global. Academic Conferences. (2009). Proceedings of the 6th international conference on intellectual capital, knowledge management and organizational learning. Reading, UK: Academic Conferences Limited. Beqiri, E. (n.d.). Information and communication technology security issues. University of East London. Retrieved from: http://www.kaspersky.com/images/information_and_communication_technology_security_issues.pdf. Camara, S., Crossler, R., Midha, V., & Wallace, L. (2011). Bank solution disaster recovery and business continuity: A case study for CSIA 485. Journal of Information Systems Education, 22(2) : 117-123. Chhabra, S. (2013). ICT influences on human development, interaction, and collaboration. Hershey, PA: Idea Group Inc (IGI). Du, W. (2012). Informatics and management science I. New York, NY: Springer Science & Business Media. Solomon, M. (2013). Security strategies in windows platforms and applications. Burlington, MA: Jones & Bartlett Publishers. The United Nations. (2007). Information and communication technology policy and legal issues for Central Asia: Guide for ICT policymakers. Geneva: United Nations Publications. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(GAP Analysis Report Example | Topics and Well Written Essays - 1500 words, n.d.)
GAP Analysis Report Example | Topics and Well Written Essays - 1500 words. https://studentshare.org/information-technology/1844566-gap-analysis
(GAP Analysis Report Example | Topics and Well Written Essays - 1500 Words)
GAP Analysis Report Example | Topics and Well Written Essays - 1500 Words. https://studentshare.org/information-technology/1844566-gap-analysis.
“GAP Analysis Report Example | Topics and Well Written Essays - 1500 Words”. https://studentshare.org/information-technology/1844566-gap-analysis.
  • Cited: 0 times

CHECK THESE SAMPLES OF GAP Analysis Issues

FEMA. A Gap Analysis: Mandated Expectations vs. Reality

EMA A gap analysis: Mandated Expectations vs.... Real issues are related to distribution of federal funding to state, local, and regional level organizations and insufficient capabilities for disaster operational planning that affect the performance level of preparedness.... The article discusses the FEMA's housing program, hurricane Katrina, and problems of drought-hit regions to get a perspective on the issues and their solutions but before that it discusses the organizational requirements and present status of FEMA in effectively performing the tasks at hand....
19 Pages (4750 words) Research Paper

Surface and Interface States of Ga Compound

The paper discusses various issues related to the gallium compound semiconductors including both the interface and the surface properties.... Abstract The characteristics of semiconductor compounds can be best understood by studying the semiconductor atom reactions, interactions and composition at both the surface state and the interface state where the semiconductor atoms and element form a junction with the compound element forming the semiconductor alloy....
25 Pages (6250 words) Research Paper

Organizational Cultural Audit and Gap Analysis - McDonald's

The paper "Organizational Cultural Audit and gap analysis - McDonald's" discusses that the animal welfare and wildlife protection issues are continuously being ignored by the management.... The people, who are pure vegetarians, are strongly opposing the offerings of meet related meals....
4 Pages (1000 words) Essay

Analysis of Cap and Trade Issues

This essay "Analysis of Cap and Trade issues" discusses cap and trade that essentially refers to a market strategy that attempts to cut down the environmental effect of large-scale pollution emitters without necessarily crashing the economic activities going on within an economic system.... elationship between the Coase Theorem, Pigouvian tax, and the cap and trade issues ...
2 Pages (500 words) Essay

Organizational Cultural Audit and Gap Analysis

An essay "Organizational Cultural Audit and gap analysis " reports that they have effective marketing and advertising strategies which helps to create value, strong brand positioning and building positive product related perception in customers' mind.... ... ... ... McDonald's is one of the world's largest fast food retail chains operating all around the world....
4 Pages (1000 words) Essay

The Impact of the Expectation Gap to Auditor and the Possibility to Eliminate Such Gap

In relation to the modern phenomena of global auditing and accounting system, audit expectation gap can be witnessed as a serious concern, having major influences on the modern accounting firms.... The paper "The Impact of the Expectation gap to Auditor and the Possibility to Eliminate Such gap" is a great example of a research paper on finance and accounting.... In relation to the modern phenomena of global auditing and accounting system, the audit expectation gap can be witnessed as a serious concern, having major influences on modern accounting firms....
20 Pages (5000 words) Research Paper

The Gender Poverty Gap in Transitional Economies: Southeast Asia in Focus

To understand the problem of poverty, its depth and breadth, diverse issues must be analyzed.... The analysis of qualitative data to yield richness requires an inductive tool from which the themes or results will be drawn as opposed to the data being imposed.... Thematic content analysis will thus be employed for the analysis of this data.... The initial step in qualitative data analysis is to prepare the transcriptions of the interview responses....
36 Pages (9000 words) Coursework

Warehouse Greenhouse Gas Emission in Freight Transport

This research proposal "Warehouse Greenhouse Gas Emission in Freight Transport" discusses the greenhouse gas emission (GHG) which is assumed to induce substantial environmental damages and cause climate change has significantly increased due to due to increase in the number of carbon dioxide.... ...
13 Pages (3250 words) Research Proposal
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us