Tuesday, 28 June 2011

How IT/IS can give benefits and disadvantages in education, growth of organization and interpersonal skills of a person/idnividual

Education
Advantages
Collaboration and information access
Technologies offer many opportunities to teachers and students collaboration service. By using the information system teachers and students can be able to collaborate virtually through emails, the e-conferencing and others. As for example in APIIT we do have webspace that give us opportunity to book consultation hours with lecturers, check web results, schedule, attendance and etc.
Technology like computers make possible to access to these materials and enables lecturers to work together to build lesson plan and curriculum for their classrooms.
Easy way of teaching and learning
Education technologies have made teaching quite easier for the instructors. Virtual classrooms allow an instructor to instruct and teach in any location around the world. Also computers, projectors make easy way to teach.
With the use of technology, information can be presented in many ways thus, facilitating learning for varied types of people. Any kind of learner, whether intelligent or disabled, can find appropriate study materials that can be used for enhancing knowledge. The term technology is very broad and not only includes the use of the Internet but includes other technological improvements such as smart boards and handheld dictionaries.
Provides distance learning capability
The increased use of technology in education has brought popularity to the concept of distance learning. It is now one of the most preferred methods of learning and teaching all over the world. Actual classrooms have been replaced by virtual classrooms. Online classes, which employ file transfers, chat rooms, and message boards, facilitate student’s interactions to maximize their learning experiences. Another benefit of this is that students can maintain a flexible education schedule along with their jobs. 
Disadvantages
Psychological impacts
Psychological impact relates to distance learning. The lack of social contacts could be damaging to the social, moral and cognitive development of the students who spend long periods of time working alone on the computer.
Technology can lead to the traffic congestion
The universities, schools are big organizations that work with 1000 of students and staffs. So whenever there are a lot of students that using the system in one time it can affect to the network traffic for example, 200 students want to print out assignments in one time that will cause the problems with printers or use the WiFi that will lead to the very slow connection or the lecturers are having difficulties to teach students because of the projector problems or the server failure.
Negative impacts on health and safety
Study or job stress
Computers and IS may adversely affect students and lecturers health and safety as for example, the effects of the job stress. An increase in workload and responsibilities can trigger job stress and eyesight problems. And also radiation of exposure effects on health of the students.
Negative impacts on health and safety can be lack of proper ergonomics. Ergonomic techniques focus on creating an environment for the students that is safe, well lit, and comfortable but unfortunately not all universities or schools can afford this kind of devices such as antiglare screens that help alleviate problems of fatigued or damaged eyesight.
Organization
Today information technology involves more than just computer literacy; it also takes into account how computers work and how these computers can further be used not just for information processing but also for communications and problem solving tasks as well.
Today personal PCs, cell phones, fax machines, pagers, email and internet have all not only become an integral part of organization culture but also play an essential role in our day to day activities.
For example, if we look at IBM Company we can describe some advantages of using IT or IS in order to lead a competitive advantage. 
Advantages
Globalization
IT has not only brought the world closer together, but it has allowed the world's economy to become a single interdependent system. This means that IBM can not only share information quickly and efficiently, but can also bring down barriers of linguistic and geographic boundaries. As for example, IT helped a world developed into a global village by allowing countries like Japan and America who are not only separated by the distance but also by language to share information and ideas with each other.
Cost effectiveness
Information technology has helped to computerize the business process thus streamlining businesses to make them extremely cost effective money making machines. This in turn increases productivity which ultimately gives rise to profits that means better pay and less strenuous working conditions.
Creation of new jobs
Probably the best advantage of information technology is the creation of new and interesting jobs. Computer programmers, Systems analysers, Hardware and Software developers and Web designers are just some of the many new employment opportunities created with the help of IT. 
Disadvantages
Privacy
Though information technology may have made communication quicker, easier and more convenient, it has also bought along privacy issues as cookies that tract the employees processes. From cell phone signal interceptions to email hacking, people are now worried about their once private information becoming public knowledge.
Security
Security is very important for the organization to continue the business processes. For example, cyber-crime, human errors and other threats exist to steal or damage the private information of the organization. To have strong security prevention needs to have a good budget to develop or purchase and a good IT support staffs.
Dehumanization and other physiological impacts
Many people feel a loss of identity, knows as dehumanization, because of computerization. Employees can have difficulties to work in a group as they depend on technology to use.
Interpersonal skills of a person/individual 
Advantages
Communication or collaboration
Integrating communication and collaboration technologies enables individuals to expose to wealth information as Internet, video conferencing, video chatting, chats and others technologies have exponentially increased the amount and the speed of professional communication.
No matter that the other person is in different location, country the individuals can communicate with each other at anytime and anywhere.
Social Relationships
It allows individuals to gain a better perspective from experiences of other individuals which make the individual stronger. The individual relies on diversity on life experiences and a mix of genders.
Impact on health
It improves health by reducing stress related to compromises made between family and work responsibilities as for example by using cell phones to manage the working and family problems. Or online video games entertainment provides relaxation time while the individual have problems in their work or just being stressed from personal problems. 
Disadvantages
Internet Addiction Disorder
Psychologists suggest the existence of addictive behavior patterns among heavy Internet users. Identified symptoms of the disorder include: (a) using the computer for pleasure, gratification, or relief from stress; (b) feeling irritable and out of control or depressed when not using it; (c) spending increasing amounts of time and money on hardware, software, magazines, and computer-related activities; and (d) neglecting work, school, or family obligations.
In disagreement, some psychologists argue that the list of symptoms seems more oriented toward general personality disorders rather than real computer addiction.
Time consuming
IT can give disadvantages to individual in terms of time management. Individuals sometimes don’t have control on spending their time on the Internet by communication with people using facebook or other social networking.





Tuesday, 21 June 2011

Disaster recovery plan

Disaster is an event that makes the continuation of normal functions impossible as for example, earthquake, fire and others and all that could be the result of significant damage to a portion of the operations, a total loss of a facility, or the inability of the employees to access that facility. Disaster recovery plan consists of the precautions taken so that the effects of a disaster will be minimized and the organization will be able to either maintain or quickly resume mission-critical functions. Typically, disaster recovery planning involves an analysis of business processes and continuity needs; it may also include a significant focus on disaster prevention. (Tech Target, 2009-2011)
In order to reduce and minimize the effects of a disaster such as a fire, earthquake, tornado, flood, hurricane, etc., firms should do some advance planning to identify potential problems caused by disasters and determine how to most effectively deal with them. (Inside Practice, n.d.)
To limit problems due to an unexpected disaster underscores the need for firms to prepare for the unexpected by having Disaster Recovery Plan in effect. The organization should think about what it should do if the office was damaged or destroyed because of some disaster, is the organization prepared for that so it is better to think about the problems now in advance and not have to do it         under the stress created when a disaster actually strikes. Thus, many firms have developed a disaster plan that provides a detailed script of the actions to be taken by the firm and its personnel in the event of a disaster in order to provide for the health and safety of firm employees and visitors and to quickly restore firm operations where all or part of a firm’s office becomes inaccessible or inoperative. The plan should also establish priorities for the utilization and recovery of internal resources, protect property and assets and protect client interests while insuring continuity of service to the firm’s clients. Copies of the plan must be made available within the firm’s office for staff and lawyer review. New hires must be educated regarding the plan as part of their initial firm orientation. Training must be undertaken. (Inside Practice, n.d.)
To be an effective risk prevention tool, the plan has to be regularly updated to accommodate changes in the firm. For example, the plan normally contains a list of staff and lawyer addresses and phone numbers. Staffs members may move or change phone numbers. People leave or there may be new hires. Vendors may be added or dropped. There may be newly added equipment or technology to be covered. (Inside Practice, n.d.)
Implementation
According to (Wold G.H., 1997), there is planning process as described below: 
1. Obtain Top Management Commitment 
Top management must support and be involved in the development of the disaster recovery planning process
2. Establish a planning committee
Planning committee should be appointed to oversee the development and implementation of the plan. The planning committee should include representatives from all functional areas of the organization. Key committee members should include the operations manager and the data processing manager. The committee also should define the scope of the plan
      3. Perform a risk assessment
The planning committee should prepare a risk analysis and business impact analysis that includes a range of possible disasters, including natural, technical and human threats.
Each functional area of the organization should be analyzed to determine the potential consequence and impact associated with several disaster scenarios.
4. Establish priorities for processing and operations
The critical needs of each department within the organization should be carefully evaluated in such areas as:
·         Functional operations
·         Key personnel
·         Information
·         Processing Systems
·         Service
·         Documentation
·         Vital records
·         Policies and procedures
5. Determine Recovery Strategies
The most practical alternatives for processing in case of a disaster should be researched and evaluated. It is important to consider all aspects of the organization such as:
·         Facilities
·         Hardware
·         Software
·         Communications
·         Data files
·         Customer services
·         MIS
·         End-user systems
Alternatives, dependent upon the evaluation of the computer function, may include:
·         Hot sites
·         Warm sites
·         Cold sites
·         Reciprocal agreements
·         Two data centers
·         Multiple computers
·         Perform Data Collection
Recommended data gathering materials and documentation includes:
Backup position listing
·                            Critical telephone numbers
·                            Communications Inventory
·                            Distribution register
·                            Equipment inventory
·                           Insurance Policy inventory
·                           Office supply inventory
·                          Other materials and documentation
Written agreements for the specific recovery alternatives selected should be prepared, including the following special considerations:
·         Contract duration
·         Termination condition
·         Testing
·         Costs
·         Other contractual issues
     6. Perform Data Collection
Recommended data gathering materials and documentation includes:
·                Backup position listing
·                Critical telephone numbers
·               Communications Inventory
·               Distribution register
·               Documentation inventory
·              Other materials and documentation
     7. Organize and document a written plan
An outline of the plan’s contents should be prepared to guide the development of the detailed procedures. Top management should review and approve the proposed plan. The outline can ultimately be used for the table of contents after final revision. Other benefits of this approach are that it:
·         Helps to organize the detailed procedures
·         Identifies all major steps before the writing begins
·         Identifies redundant procedures that only need to be written once.
·         Provides a road map for developing the procedures
A standard format should be developed to facilitate the writing of detailed procedures and the documentation of other information to be included in the plan.
The plan should be thoroughly developed, including all detailed procedures to be used before, during and after a disaster. It may not be practical to develop detailed procedures until backup alternatives have been defined.
8. Develop testing criteria and procedures
It is essential that the plan be thoroughly tested and evaluated on a regular basis (at least annually). Procedures to test the plan should be documented. The tests will provide the organization with the assurance that all necessary steps are included in the plan. Other reasons for testing include:
·         Determining the feasibility and compatibility of backup facilities and procedures
·         Identifying areas in the plan that need modification
·         Providing training to the team managers and team members
·         Demonstrating the ability of the organization to recover
·         Providing motivation for maintaining and updating the disaster recovery plan
9. Test the Plan
After testing procedures have been completed, an initial test of the plan should be performed by conducting a structured walk-through test. The test will provide additional information regarding any further steps that may need to be included, changes in procedures that are not effective, and other appropriate adjustments.
Types of tests include:
·         Checklist tests
·         Simulation tests
·         Parallel tests
·         Full interruption tests
10. Approve the plan
Once the disaster recovery plan has been written and tested, the plan should be approved by top management. It is top management’s ultimate responsibility that the organization has a documented and tested plan.
Management is responsible for:
·    Establishing policies, procedures and responsibilities for comprehensive contingency planning
·       Reviewing and approving the contingency plan annually, documenting such reviews in writing
If the organization receives information processing from a service bureau, management must also:
·         Evaluate the adequacy of contingency plans for its service bureau
·         Ensure that its contingency plan is compatible with its service bureau’s plan


Disaster recovery planning involves more than off-site storage or backup processing. Organizations should also develop written, comprehensive disaster recovery plans that address all the critical operations and functions of the business. The plan should include documented and tested procedures, which, if followed, will ensure the on-going availability of critical resources and continuity of operations.


Referencing:
Tech Target, 2009-2011, disaster recovery plan (DRP) [online], available at http://searchenterprisewan.techtarget.com/definition/disaster-recovery-plan
Inside Practice, n.d., The Importance of Disaster Recovery Plans [online], available at http://apps.americanbar.org/abastore/books/inside_practice/2007/nov-dec/disaster.html
Wold G.H., 1997, Disaster Recovery Planning Process [online], available at http://www.drj.com/new2dr/w2_002.htm






Tuesday, 7 June 2011

Risk, Security and Disaster recovery plan

1. Human errors - fraud risks
Fraud impacts organizations in several areas including financially, operationally and psychologically. While the monetary loss due to fraud is significant, its full impact of fraud on an organization can be staggering. Its loss of reputation, goodwill and customer relations can be devastating.  
The risk of employees misusing confidential information and colluding with fraudsters. 
A fraud risk management strategy is key to a successful anti-fraud program. The implementation of a fraud risk management strategy is an important first step in terms of aligning the fraud risk management activities of the organization with the risk environment within which it operates, and with the risk appetite of the organization.
Fraud management program creates a framework for tracking and monitoring the processes and transactions to identify potential fraud and leakages therein, builds analytical tools and capabilities to identify and mitigate quantum of losses from various fraud incidences, and finally, increases levels of
awareness in this regard, both within organizations and in the industry as a whole.
Fraud policy
An effective communication program is essential if the fraud policy framework is to deliver maximum benefit to the organization.The content of the policies (particularly any changes to those policies) needs to be continually communicated to staff and other key stakeholders, so that the behaviors inherent in those policies become part of the ‘way we do business around here’.
It reduces the risk of sanctions being applied by the organization in relation to fraud being challenged e.g. staff member disputing dismissal for a fraud related incident.
It helps staff to determine what course of action to take when facing ethical dilemmas or ‘grey areas’. 
Ernst & Young’s Fraud Investigation & Dispute Services (FIDS)
FIDS team has specific domain knowledge, along with wide industry experience.
Forensic technology - use sophisticated tools and established forensic techniques to provide the requisite services to address individual client challenges.
Global exposure  - Several of our team members have been trained on international engagements to obtain global exposure on fraud scenarios.
Market intelligence - have dedicated field professionals, who are specifically experienced and trained in corporate intelligence, and are capable of conducting extensive market intelligence and background studies on various subjects, industries, companies and people.
Thought leadership - have a significant repository of thought leadership reports and white papers.
Qualified professionals - have a qualified and experienced mix of certified fraud examiners, CIAs, CAs, CISAs, engineers, MBAs and computer forensic professionals.
Services provided:
• Fraud risk management
• Brand protection
• Technology
• Regulatory compliance
• Corporate intelligence
• Fraud investigation
• Dispute advisory services
• Anti-bribery program
 2. Cyber crime
Mobile computing devices (e.g., laptops, tablet PCs, multimedia enabled smartphones) are in widespread use, allowing individuals to access and distribute business information from anywhere and at any time. Recent improvements in mobile applications, bandwidth and connectivity have made it possible to interact with information like never before: accessing information-intensive reports, retrieving corporate data and even conducting remote meetings from a mobile device
The increased use of mobile computing devices for business purposes is not without serious risks. The popularity and widespread use of these devices has led to the unwanted, but somewhat predictable, outcome of such devices becoming a target for computer viruses and sophisticated mobile malware. In addition, due to the small size of the portable devices,
simple theft of the device is also a real concern.
The most serious risk associated with mobile computing is the potential loss or leakage of
important business information. When we asked our survey participants to identify their
top five areas of IT risk, 64% of respondents indicated that data (i.e., disclosure of sensitive
data) was one of their top five IT risk areas, second only in overall ranking to the continuous
availability of critical IT resources.
Data leakage prevention 
Data leakage prevention (also known as data loss prevention or information leak prevention) is the combination of tools and processes for identifying, monitoring and protecting sensitive data or information according to an organization’s policies or government and industry regulations. Data leakage prevention services will typically focus on preventing specific data or information from leaking out of the organization and detecting any unauthorized access or transmission of sensitive data.
 3.Environmental hazards
Scalable WAN Acceleration for the Security-Conscious Enterprise.
The WAN is undergoing a transformation as a result of many key enterprise initiatives.These include business continuity and disaster recovery (both of which drive the need for network backup and data replication), server and storage consolidation. WAN acceleration appliances incorporate a collection of techniques that transparently and securely optimize WAN traffic to mitigate the impact of limited bandwidth, latency and packet loss for any collection of IP-based applications. The more advanced techniques are ‘data reduction’, latency mitigation and error correction, which recovers from dropped packets in the network.
Silver Peak
Ernst and Young, a global leader in professional services, has large data centers and distributed offices throughout the world. In Canada, for example, the firm is paying for expensive 500 Mbps SONET connections between Toronto and Montreal to serve over 4,000 users. The company rarely could achieve more than 10% utilization on that link, making it difficult to perform real-time data replication using Double-Take software. This also made it difficult to deliver other applications from these offices, including Lotus Notes and Microsoft file services.
"Silver Peak’s WAN acceleration opened up a lot of possibilities - from centralizing servers to implementing virtual tape libraries in our data centers” — Assistant Director for Information Security
Results: 
Optimized SONET backbone; Enabled centralized application delivery across WAN
47x peak improvement in data replication (achieved 475 Mbps throughput)
73x peak improvement on CIFS traffic (achieved 220 Mbps throughput)
47x peak improvement with FTP (achieved 475 Mbps throughput)
20x peak improvement on Lotus Notes (achieved 60 Mbps throughput)
 
 Referencing:




http://www.silver-peak.com/assets/download/pdf/Disaster-Recovery-Research-ZD.pdf












Monday, 30 May 2011

What do you want

While I am only studying at university i want to enjoy my universtiy life before i go and work because what i have heard from people outside they say that the working life it is very difficult and enjoy while you are a student because the student time is the best time in your life.
So I am just trying to study good to get first class certificate because i want to have a bright future after i will graduate. I beleive that while I am here in Malaysia very far away from my country I need to concentrate on myself harder because now i dont have my parents to support me when i need them i mean that home support that any child willing to have or my parents guide to tell me what i have to do or what i plan to do. So everything i should do on my own and i think it is really hard but i beleive that it is good for me as being resposible for my life for myself. My parents pay for my education and i want to repay them back by getting first class certificate and later on get my dream job with good salary. Basically right now my concentration is my education and my personal life as well.
After all when i graduate and get a good job I want to be successful on my job. I want to develop myself  in working life as a resposible and trusted person. I want to be a specialized in my desire major and i want to be a satisfied with my work and love this work.
After when i will get my dream job i want to keep my money and buy a property - my dream house in Canada. I really love that country and i hear from my relatives who stay there that is a very beautiful country and a good country- the perfect place to settle and stay. So i beleive i also will follow they choice of living. And i will bring my parents to live with me and enjoy the life with me.
After all i want to travel around the world. I want to bring my parents with me as well because i think it is my job to do. I really want to see different cultures and different people, visit different places and enjoy my trips by learning different languages as well.
And i beleive that i could find a good, proper and reliable guy to marry with to get a serious relationship with him.
After i settle in Canada and after when i make my parents dreams come true i want to have my own happy family with my own children. And after all i will want to see their success, their little steps in their life.
Overall i want to have a happy life which means a good health and good people around me.

Tuesday, 10 May 2011

A Rural Tale

Problem
One of the features of village life that the experts noticed was the considerable time the women spent going quite long distances to bring back water in jars to their hurts.

Solution
By identifying the problem in the village, the villagers were approached by foreign aid workers with a view to making their lives easier.

The experts considered this problem and came up with a fairly low-tech solution to ease the women’s burden.

Result
The overall result is failure of implementation of technology or Information system (IS) because collectively the women decided not to use the taps the IS providers provided.

The failure of the implementation

The main problems of implementing Information System are to define what is to be evaluated as in our case we see the followings:

1.      People involved
The villages (local people) were approached by foreign aid workers to solve the problems they have faced. The reason why it is failure can be that the IS provider are foreigners so it can cause the misunderstandings of what to implement and poor co-ordination of effort. Such major strategic change often demands major cultural or attitude change which, according to Gestalt psychology, is the alteration of feelings, beliefs or behaviours and creates a need for rebalance. Culture is the level at which knowledge and unconscious basic assumptions and beliefs are shared by all members, relative to the IS providers perception of reality, thinking, feeling and problem-solving.

I think that even the IS providers are professionally experienced they could have problem with understanding of different culture people, their issue, their real need and vision.

2.      Facts finding failure or not clear statement of requirements
Research shows that historically a lack of communication between project workers has led to some spectacular development failures. Culture may have a positive or negative influence on communication.

Natural language is more than a means of sharing information - it is part of our identity - allowing the sharing of ideas, emotions and attitudes. May be the user’s requirements could change. The experts probably did not facilitate their requirements and the IS does not suit the complete requirements including effectiveness because requirements (and benefits) appears to be a combination of quantitative often tangible elements e.g. budget, time, safety and manpower and qualitative, esoteric and often intangible elements e.g. creativity, team collaboration.

Assume that it is lack of manpower, budget, and time that lead to implement the low-tech solution to villagers.

I think in our case we have two types of people local and foreigners so the culture and different language of communication lead a negative influence in implementation of IS.

And second of all I think the experts have problems to explain to locals how to effectively use the technology. So the users are facing the problem to use it.

3.      Observation failure or technology failure
Assume that the experts make a wrong decision on implementing new technology because the technology does not suit their lives and their life style.

Tuman & Williams’ (2002) propose reality-based project management which aims to make the best use of existing resources and ensure that systems and information are adequate and effective before investing in potential costly new resources or, as described by Ward & Griffiths (1998), throwing technology at the problem.

The new technology could include unexpected value and wrong value. I think they could better improve the current system rather than implement new and useless because complexity, continues changes in technology may result failure.

      4.      User involvement
Another reason given for the failure of IS can be that the foreign aid committee embarked on the project without the full support of the end users.

5.      Not satisfied performance of IS providers
Non-financial performance may be task-related performance that measures a team’s ability to produce a technically successful system within budget and on time and people related performance, which measures the quality of team member’s interaction and satisfaction of team members.
<><><><> <><><><> <><><><> <><><><> <><><><> <><><><> <><><><> <><><><> <><><><>

Causes of failure

Effect of failure on the project

Design and definition failure

Decision-making failure

Project discipline failure

Supplier management failure
People failure

Ultimately, failure is designed in

Ultimately, a failed project evolves

Ultimately, the project moves, unacknowledged, into failure, costs escalate
Ultimately, the project focuses its energies on blame for failure
Ultimately, the project delivers failure

IT project managers failed to meet deadlines and budgets
  • Unrealistic deadlines or a lack of understanding of the deadlines
  • Changes in specification from management and clients
  •  Differences in the amount of training undergone by project managers
   6.      Too many stakeholders to satisfy

 Successful implementation

Successful implementation requires an organised process guided by sound models grounded in shared professional expertise/experience, observations and facts and targeted toward realistic goals. The main factors influencing the outcome of implementations are people issues, technology and processes.

If tangible, quantitative and intangible, qualitative elements are included into the requirements definition, benefit delivery and measurement perhaps the percentage of measurable benefits delivered may be increased from the current 25%.

1)      Top management support
Leadership is essential during periods of change and projects need a strong business commitment to making them work. The increase and maintenance of sponsor support demonstrated through top down leadership or direction is also important to increase the chance of success.

2)      Evaluating the project outcome
Project outcome may be defined as the extent to which a team meets or exceeds standards in output, organisational commitment and satisfaction of group members. A post project review (PPR) is one way of evaluating the project outcome with the underlying principle that IS/IT implementation may be improved if experience and knowledge was extracted during and retained after the project. The application of experience gathered from all previous implementations which can be applied to a given situation to make sense of it.

3)      Stakeholders identification, mapping, management
Determine the optimum number of stakeholders. The philosophy of pre-project partnering is about stakeholders working together before the start of the project to build a foundation for collaboration or collaborative working. This philosophy helps in the identification of key stakeholders, their objectives and potential conflict areas but also demands large investment and commitment before the start of a project.

4)      User involvement
The villagers should participate in the process by telling their needs and wants. Then they should plan what to implement, later organise system, then after implement, then operate and control.

5)      A clear statement of requirements
No matter that participants are from different culture, country they must make sure that they will solve these problems of misunderstanding for example by hiring translator.

Reference: