How IT/IS can give benefits and disadvantages in education, growth of organization and interpersonal skills of a person/idnividual

Education

Advantages

Collaboration and information access

Technologies offer many opportunities to teachers and students collaboration service. By using the information system teachers and students can be able to collaborate virtually through emails, the e-conferencing and others. As for example in APIIT we do have webspace that give us opportunity to book consultation hours with lecturers, check web results, schedule, attendance and etc.

Technology like computers make possible to access to these materials and enables lecturers to work together to build lesson plan and curriculum for their classrooms.

Easy way of teaching and learning

Education technologies have made teaching quite easier for the instructors. Virtual classrooms allow an instructor to instruct and teach in any location around the world. Also computers, projectors make easy way to teach.

With the use of technology, information can be presented in many ways thus, facilitating learning for varied types of people. Any kind of learner, whether intelligent or disabled, can find appropriate study materials that can be used for enhancing knowledge. The term technology is very broad and not only includes the use of the Internet but includes other technological improvements such as smart boards and handheld dictionaries.

Provides distance learning capability

The increased use of technology in education has brought popularity to the concept of distance learning. It is now one of the most preferred methods of learning and teaching all over the world. Actual classrooms have been replaced by virtual classrooms. Online classes, which employ file transfers, chat rooms, and message boards, facilitate student’s interactions to maximize their learning experiences. Another benefit of this is that students can maintain a flexible education schedule along with their jobs. 

Disadvantages

Psychological impacts

Psychological impact relates to distance learning. The lack of social contacts could be damaging to the social, moral and cognitive development of the students who spend long periods of time working alone on the computer.

Technology can lead to the traffic congestion

The universities, schools are big organizations that work with 1000 of students and staffs. So whenever there are a lot of students that using the system in one time it can affect to the network traffic for example, 200 students want to print out assignments in one time that will cause the problems with printers or use the WiFi that will lead to the very slow connection or the lecturers are having difficulties to teach students because of the projector problems or the server failure.

Negative impacts on health and safety

Study or job stress

Computers and IS may adversely affect students and lecturers health and safety as for example, the effects of the job stress. An increase in workload and responsibilities can trigger job stress and eyesight problems. And also radiation of exposure effects on health of the students.

Negative impacts on health and safety can be lack of proper ergonomics. Ergonomic techniques focus on creating an environment for the students that is safe, well lit, and comfortable but unfortunately not all universities or schools can afford this kind of devices such as antiglare screens that help alleviate problems of fatigued or damaged eyesight.

Organization

Today information technology involves more than just computer literacy; it also takes into account how computers work and how these computers can further be used not just for information processing but also for communications and problem solving tasks as well.

Today personal PCs, cell phones, fax machines, pagers, email and internet have all not only become an integral part of organization culture but also play an essential role in our day to day activities.

For example, if we look at IBM Company we can describe some advantages of using IT or IS in order to lead a competitive advantage. 

Advantages

Globalization

IT has not only brought the world closer together, but it has allowed the world's economy to become a single interdependent system. This means that IBM can not only share information quickly and efficiently, but can also bring down barriers of linguistic and geographic boundaries. As for example, IT helped a world developed into a global village by allowing countries like Japan and America who are not only separated by the distance but also by language to share information and ideas with each other.

Cost effectiveness

Information technology has helped to computerize the business process thus streamlining businesses to make them extremely cost effective money making machines. This in turn increases productivity which ultimately gives rise to profits that means better pay and less strenuous working conditions.

Creation of new jobs

Probably the best advantage of information technology is the creation of new and interesting jobs. Computer programmers, Systems analysers, Hardware and Software developers and Web designers are just some of the many new employment opportunities created with the help of IT. 

Disadvantages

Privacy

Though information technology may have made communication quicker, easier and more convenient, it has also bought along privacy issues as cookies that tract the employees processes. From cell phone signal interceptions to email hacking, people are now worried about their once private information becoming public knowledge.

Security

Security is very important for the organization to continue the business processes. For example, cyber-crime, human errors and other threats exist to steal or damage the private information of the organization. To have strong security prevention needs to have a good budget to develop or purchase and a good IT support staffs.

Dehumanization and other physiological impacts

Many people feel a loss of identity, knows as dehumanization, because of computerization. Employees can have difficulties to work in a group as they depend on technology to use.

Interpersonal skills of a person/individual 

Advantages

Communication or collaboration

Integrating communication and collaboration technologies enables individuals to expose to wealth information as Internet, video conferencing, video chatting, chats and others technologies have exponentially increased the amount and the speed of professional communication.

No matter that the other person is in different location, country the individuals can communicate with each other at anytime and anywhere.

Social Relationships

It allows individuals to gain a better perspective from experiences of other individuals which make the individual stronger. The individual relies on diversity on life experiences and a mix of genders.

Impact on health

It improves health by reducing stress related to compromises made between family and work responsibilities as for example by using cell phones to manage the working and family problems. Or online video games entertainment provides relaxation time while the individual have problems in their work or just being stressed from personal problems. 

Disadvantages

Internet Addiction Disorder

Psychologists suggest the existence of addictive behavior patterns among heavy Internet users. Identified symptoms of the disorder include: (a) using the computer for pleasure, gratification, or relief from stress; (b) feeling irritable and out of control or depressed when not using it; (c) spending increasing amounts of time and money on hardware, software, magazines, and computer-related activities; and (d) neglecting work, school, or family obligations.

In disagreement, some psychologists argue that the list of symptoms seems more oriented toward general personality disorders rather than real computer addiction.

Time consuming

IT can give disadvantages to individual in terms of time management. Individuals sometimes don’t have control on spending their time on the Internet by communication with people using facebook or other social networking.

Disaster recovery plan

Disaster is an event that makes the continuation of normal functions impossible as for example, earthquake, fire and others and all that could be the result of significant damage to a portion of the operations, a total loss of a facility, or the inability of the employees to access that facility. Disaster recovery plan consists of the precautions taken so that the effects of a disaster will be minimized and the organization will be able to either maintain or quickly resume mission-critical functions. Typically, disaster recovery planning involves an analysis of business processes and continuity needs; it may also include a significant focus on disaster prevention. (Tech Target, 2009-2011)

In order to reduce and minimize the effects of a disaster such as a fire, earthquake, tornado, flood, hurricane, etc., firms should do some advance planning to identify potential problems caused by disasters and determine how to most effectively deal with them. (Inside Practice, n.d.)

To limit problems due to an unexpected disaster underscores the need for firms to prepare for the unexpected by having Disaster Recovery Plan in effect. The organization should think about what it should do if the office was damaged or destroyed because of some disaster, is the organization prepared for that so it is better to think about the problems now in advance and not have to do it         under the stress created when a disaster actually strikes. Thus, many firms have developed a disaster plan that provides a detailed script of the actions to be taken by the firm and its personnel in the event of a disaster in order to provide for the health and safety of firm employees and visitors and to quickly restore firm operations where all or part of a firm’s office becomes inaccessible or inoperative. The plan should also establish priorities for the utilization and recovery of internal resources, protect property and assets and protect client interests while insuring continuity of service to the firm’s clients. Copies of the plan must be made available within the firm’s office for staff and lawyer review. New hires must be educated regarding the plan as part of their initial firm orientation. Training must be undertaken. (Inside Practice, n.d.)

To be an effective risk prevention tool, the plan has to be regularly updated to accommodate changes in the firm. For example, the plan normally contains a list of staff and lawyer addresses and phone numbers. Staffs members may move or change phone numbers. People leave or there may be new hires. Vendors may be added or dropped. There may be newly added equipment or technology to be covered. (Inside Practice, n.d.)

Implementation

According to (Wold G.H., 1997), there is planning process as described below: 

1. Obtain Top Management Commitment 

Top management must support and be involved in the development of the disaster recovery planning process
2. Establish a planning committee
Planning committee should be appointed to oversee the development and implementation of the plan. The planning committee should include representatives from all functional areas of the organization. Key committee members should include the operations manager and the data processing manager. The committee also should define the scope of the plan

      3. Perform a risk assessment

The planning committee should prepare a risk analysis and business impact analysis that includes a range of possible disasters, including natural, technical and human threats.

Each functional area of the organization should be analyzed to determine the potential consequence and impact associated with several disaster scenarios.
4. Establish priorities for processing and operations

The critical needs of each department within the organization should be carefully evaluated in such areas as:

·         Functional operations

·         Key personnel

·         Information

·         Processing Systems

·         Service

·         Documentation

·         Vital records

·         Policies and procedures
5. Determine Recovery Strategies

The most practical alternatives for processing in case of a disaster should be researched and evaluated. It is important to consider all aspects of the organization such as:

·         Facilities

·         Hardware

·         Software

·         Communications

·         Data files

·         Customer services

·         MIS

·         End-user systems

Alternatives, dependent upon the evaluation of the computer function, may include:

·         Hot sites

·         Warm sites

·         Cold sites

·         Reciprocal agreements

·         Two data centers

·         Multiple computers

·         Perform Data Collection

Recommended data gathering materials and documentation includes:
Backup position listing

·                            Critical telephone numbers

·                            Communications Inventory

·                            Distribution register

·                            Equipment inventory

·                           Insurance Policy inventory

·                           Office supply inventory

·                          Other materials and documentation

Written agreements for the specific recovery alternatives selected should be prepared, including the following special considerations:

·         Contract duration

·         Termination condition

·         Testing

·         Costs

·         Other contractual issues
     6. Perform Data Collection

Recommended data gathering materials and documentation includes:

·                Backup position listing

·                Critical telephone numbers

·               Communications Inventory

·               Distribution register

·               Documentation inventory

·              Other materials and documentation
     7. Organize and document a written plan

An outline of the plan’s contents should be prepared to guide the development of the detailed procedures. Top management should review and approve the proposed plan. The outline can ultimately be used for the table of contents after final revision. Other benefits of this approach are that it:

·         Helps to organize the detailed procedures

·         Identifies all major steps before the writing begins

·         Identifies redundant procedures that only need to be written once.

·         Provides a road map for developing the procedures

A standard format should be developed to facilitate the writing of detailed procedures and the documentation of other information to be included in the plan.

The plan should be thoroughly developed, including all detailed procedures to be used before, during and after a disaster. It may not be practical to develop detailed procedures until backup alternatives have been defined.
8. Develop testing criteria and procedures

It is essential that the plan be thoroughly tested and evaluated on a regular basis (at least annually). Procedures to test the plan should be documented. The tests will provide the organization with the assurance that all necessary steps are included in the plan. Other reasons for testing include:

·         Determining the feasibility and compatibility of backup facilities and procedures

·         Identifying areas in the plan that need modification

·         Providing training to the team managers and team members

·         Demonstrating the ability of the organization to recover

·         Providing motivation for maintaining and updating the disaster recovery plan

9. Test the Plan

After testing procedures have been completed, an initial test of the plan should be performed by conducting a structured walk-through test. The test will provide additional information regarding any further steps that may need to be included, changes in procedures that are not effective, and other appropriate adjustments.

Types of tests include:

·         Checklist tests

·         Simulation tests

·         Parallel tests

·         Full interruption tests
10. Approve the plan

Once the disaster recovery plan has been written and tested, the plan should be approved by top management. It is top management’s ultimate responsibility that the organization has a documented and tested plan.

Management is responsible for:

·    Establishing policies, procedures and responsibilities for comprehensive contingency planning

·       Reviewing and approving the contingency plan annually, documenting such reviews in writing

If the organization receives information processing from a service bureau, management must also:

·         Evaluate the adequacy of contingency plans for its service bureau

·         Ensure that its contingency plan is compatible with its service bureau’s plan

Disaster recovery planning involves more than off-site storage or backup processing. Organizations should also develop written, comprehensive disaster recovery plans that address all the critical operations and functions of the business. The plan should include documented and tested procedures, which, if followed, will ensure the on-going availability of critical resources and continuity of operations.

Referencing:

Tech Target, 2009-2011, disaster recovery plan (DRP) [online], available at http://searchenterprisewan.techtarget.com/definition/disaster-recovery-plan

Inside Practice, n.d., The Importance of Disaster Recovery Plans [online], available at http://apps.americanbar.org/abastore/books/inside_practice/2007/nov-dec/disaster.html

Wold G.H., 1997, Disaster Recovery Planning Process [online], available at http://www.drj.com/new2dr/w2_002.htm

Risk, Security and Disaster recovery plan

1. Human errors - fraud risks

Fraud impacts organizations in several areas including financially, operationally and psychologically. While the monetary loss due to fraud is significant, its full impact of fraud on an organization can be staggering. Its loss of reputation, goodwill and customer relations can be devastating.  

The risk of employees misusing confidential information and colluding with fraudsters. 

A fraud risk management strategy is key to a successful anti-fraud program. The implementation of a fraud risk management strategy is an important first step in terms of aligning the fraud risk management activities of the organization with the risk environment within which it operates, and with the risk appetite of the organization.

Fraud management program creates a framework for tracking and monitoring the processes and transactions to identify potential fraud and leakages therein, builds analytical tools and capabilities to identify and mitigate quantum of losses from various fraud incidences, and finally, increases levels of
awareness in this regard, both within organizations and in the industry as a whole.

Fraud policy

An effective communication program is essential if the fraud policy framework is to deliver maximum benefit to the organization.The content of the policies (particularly any changes to those policies) needs to be continually communicated to staff and other key stakeholders, so that the behaviors inherent in those policies become part of the ‘way we do business around here’.

It reduces the risk of sanctions being applied by the organization in relation to fraud being challenged e.g. staff member disputing dismissal for a fraud related incident.

It helps staff to determine what course of action to take when facing ethical dilemmas or ‘grey areas’. 

Ernst & Young’s Fraud Investigation & Dispute Services (FIDS)

FIDS team has specific domain knowledge, along with wide industry experience.

•Forensic technology - use sophisticated tools and established forensic techniques to provide the requisite services to address individual client challenges.

• Global exposure  - Several of our team members have been trained on international engagements to obtain global exposure on fraud scenarios.

• Market intelligence - have dedicated field professionals, who are specifically experienced and trained in corporate intelligence, and are capable of conducting extensive market intelligence and background studies on various subjects, industries, companies and people.

• Thought leadership - have a significant repository of thought leadership reports and white papers.

• Qualified professionals - have a qualified and experienced mix of certified fraud examiners, CIAs, CAs, CISAs, engineers, MBAs and computer forensic professionals.

Services provided:

• Fraud risk management

• Brand protection

• Technology

• Regulatory compliance

• Corporate intelligence

• Fraud investigation

• Dispute advisory services

• Anti-bribery program

 2. Cyber crime

Mobile computing devices (e.g., laptops, tablet PCs, multimedia enabled smartphones) are in widespread use, allowing individuals to access and distribute business information from anywhere and at any time. Recent improvements in mobile applications, bandwidth and connectivity have made it possible to interact with information like never before: accessing information-intensive reports, retrieving corporate data and even conducting remote meetings from a mobile device. 

The increased use of mobile computing devices for business purposes is not without serious risks. The popularity and widespread use of these devices has led to the unwanted, but somewhat predictable, outcome of such devices becoming a target for computer viruses and sophisticated mobile malware. In addition, due to the small size of the portable devices,

simple theft of the device is also a real concern.

The most serious risk associated with mobile computing is the potential loss or leakage of

important business information. When we asked our survey participants to identify their

top five areas of IT risk, 64% of respondents indicated that data (i.e., disclosure of sensitive

data) was one of their top five IT risk areas, second only in overall ranking to the continuous

availability of critical IT resources.

Data leakage prevention 

Data leakage prevention (also known as data loss prevention or information leak prevention) is the combination of tools and processes for identifying, monitoring and protecting sensitive data or information according to an organization’s policies or government and industry regulations. Data leakage prevention services will typically focus on preventing specific data or information from leaking out of the organization and detecting any unauthorized access or transmission of sensitive data.

 3.Environmental hazards

Scalable WAN Acceleration for the Security-Conscious Enterprise.

The WAN is undergoing a transformation as a result of many key enterprise initiatives.These include business continuity and disaster recovery (both of which drive the need for network backup and data replication), server and storage consolidation. WAN acceleration appliances incorporate a collection of techniques that transparently and securely optimize WAN traffic to mitigate the impact of limited bandwidth, latency and packet loss for any collection of IP-based applications. The more advanced techniques are ‘data reduction’, latency mitigation and error correction, which recovers from dropped packets in the network.

Silver Peak

Ernst and Young, a global leader in professional services, has large data centers and distributed offices throughout the world. In Canada, for example, the firm is paying for expensive 500 Mbps SONET connections between Toronto and Montreal to serve over 4,000 users. The company rarely could achieve more than 10% utilization on that link, making it difficult to perform real-time data replication using Double-Take software. This also made it difficult to deliver other applications from these offices, including Lotus Notes and Microsoft file services.

"Silver Peak’s WAN acceleration opened up a lot of possibilities - from centralizing servers to implementing virtual tape libraries in our data centers” — Assistant Director for Information Security

Results: 

Optimized SONET backbone; Enabled centralized application delivery across WAN

47x peak improvement in data replication (achieved 475 Mbps throughput)

73x peak improvement on CIFS traffic (achieved 220 Mbps throughput)

47x peak improvement with FTP (achieved 475 Mbps throughput)

20x peak improvement on Lotus Notes (achieved 60 Mbps throughput)

 

 Referencing:

http://www.ey.com/Publication/vwLUAssets/Fraud_in_insurance_on_rise/$FILE/Fraud_in_insurance.pdf

http://www.ey.com/Publication/vwLUAssets/Assurance_-_FIDS_-_Fraud_Survey_Report/$FILE/Fraud%20Survey%20Report%20Low-Res.pdf

http://www.ey.com/Publication/vwLUAssets/Global_information_security_survey_2010_advisory/$FILE/GISS%20report_final.pdf

http://www.silver-peak.com/assets/download/pdf/Disaster-Recovery-Research-ZD.pdf