Management Guidelines and Information Security for IT Projects - Assignment Example

?Introduction Today’s world is based on information and the information needs to be stored accurately, completely, and securely. A database facilitates storing, handling and utilizing huge diverse organization’s information easily. A database can be defined as “an application that manages, and organises data and allows fast storage, and retrieval of that data” (Bolton, 2006). The databases are evaluated against set criteria in order to assess the accessibility, phrase searching, performance, scalability, accuracy, reliability, completeness, consistency, and timeliness. The document pertains to the evaluation of the database that was developed in response to the request of a local recruiting agency. The document also summarises the theories and concepts learnt in the unit, how these theories influenced my work, example/case study of a successful IT project and its comparison with the developed database. Lastly, the document includes the impact of these lessons on my future work, and what I would do differently along with its rationale. Database of Local Recruitment Agency A local recruitment agency requested to have a database in order to store their business information and access the information in the form of reports. The agency deals with the information of customers (job applicants), jobs (currently available and archived) and tracks contact between customers. In order to fulfil the requirement of the agency, I have developed a database in Microsoft Access 2007. As mentioned in the (previous) assignment, the agency has the following requirements: i. A database to be developed in Microsoft Access that is able to store, retrieve and update the information regarding customers, jobs and track contacts between customers. ii. The agency should be able to add new customers, jobs and their information or details in the database through a form (separate for each) of MS database Access. iii. The agency wants several reports to be produced from the database; however, they specified only three reports that include the customer list; jobs list grouped by job type and the report showing contacts and track follow up. iv. The database tables should be populated with data of at-least 20 customers, 10 jobs and 20 contacts. To fulfil the requirements of the agency, I have developed a database in MS Access 2007 that has four tables, which include tblCustomer, tbljobs, tblContact, and tblJobType. The agency can store all the relevant information in these tables (requirement “i" fulfilled). I have developed three forms to add/update new customers and jobs along with their details (requirement “ii" fulfilled). I have developed three specified reports that show the customer list, jobs list and contact group by the customer (requirement “iii" fulfilled). I have populated the database with required data in the respective table (requirement “iv" fulfilled). Features of a Smart Database The developed database should also be evaluated in terms of the characteristics of a high quality database as given below: Accuracy The database is considered accurate if the values stored in the fields of the database are correct. After developing, the database for the agency presumes that the information that is input into a database is faultless as well as accurate. Completeness The end user (agency) of the database has to be aware of the information to be provided to the developer(s) for the development of the database, as if they provide less or inaccurate information, the developed database would definitely be useless and inaccurate. In our case, the information of the customer has to be complete in every aspect, for example the customer profile, education and experience etc. is missing in the developed database, which has not been asked by the agency. Consistency The consistency is as important as the accuracy and completeness of a database. As in our case, the database is considered to be consistent as we have stored the information/data of one item in a single field only. Uniqueness The data in one field must represent one and only one real world entity. For example, a customer name Shawn Michel Johnson may not be stored in any other field in the database as S. M. Johnson or any other way. Timeliness Updated and current data have always been important for any organization; therefore, the stored data has to be updated and current with respect to the requirements of the recruiting agency. Theories Learnt in the Unit There are several theories that we have learned in the unit these include managing e-Business, Managing Information Security, End User Computing, Business Applications of IS. The details of these theories include System Development life Cycle, Project Management and Enterprise wide Information System. The document contains a discussion of two theories related to Information Technology Information Systems for Business that include Information Security and Business Applications of Information System, their description and discussion on how these theories have influenced my work of development. Information Security The term ‘information security’ has been explained by Schneider in 2009, as, protecting the information and information systems from unauthorized access, use, disruption, or destruction. The information security is an obligation on a company that deals with perceptive information of customers (job applicants) that include, but not limited to a social security number (National Identification Information), date of birth, sexual preference, and income. In this regard, the recruitment agency becomes a desirable target for sensitive information breach. It is pertinent to mention here that I have not implemented any security measures for the developed database. The CIA triad is an eminent model for development of information security policy and used to identify problem areas in terms of Confidentiality, Integrity and Availability of digital information. The confidentiality ensures that certain information is accessible to the relevant and authorized employees of the agency only. For example, in the agency no more than the finance department and the higher management of the agency should have access to the customer’s financial information. The data integrity is one of the features of a high-quality database, and it is a process to avoid information tampering/tailoring from its existing original form by unauthorized people. The availability refers to make the information usable and approachable 24/7 for authorized employees and job applicants of the agency. For example, if the employees/customers want to verify information of their account or status of the job applied it has to be ensured that the database has to be fault tolerant and accessible at any time (Perrin, 2008). Business Applications of Information Systems A business application of an information system involves a database, application programs, manual and automated procedures, computer systems that process the functions of a business efficiently and accurately. It is pertinent to consider a case study of successful implementation of Enterprise Resource Planning (ERP) in Rolls-Royce deals with turbine engines. The Rolls-Royce is a large business organisation with a complex business processes; therefore, it caused administrative difficulties in implementing ERP. The case study showed that there are certain causes for successful and unsuccessful implementation of ERP; the authors mentioned that one of the key causes for failure is inappropriate implementation process management. The authors explained benefits of implementing ERP, situations before and after implementation of ERP in the Rolls-Royce organization. The authors identified several issues of ERP implementation in the organisation that include cultural problems, business problems and technical problems (accuracy of data). Overall, the main factor for not fully achieving the benefits of the ERP implementation was poor management with human resources having inappropriate skill sets. The other problems include: a lack of strategic needs understanding, vague requirements for the implementation of ERP and lack of vision for the post-implementation execution (Yusuf, Gunasekaran, Abthorpe, 2004). Influences of the Theories on my Future Work The document is produced to evaluate the developed database; therefore, keeping in view the topic, I have not only compared the database with requirements of the agency as well as best practices and features of high-quality database. I have also given theories, examples and a case study regarding implementation of Information Technology project in Rolls-Royce, and learnt a lot from this discussion. The results showed that the database is useless if the features of high-quality database are not incorporated during its design. As per the details and examples given in this document regarding Information Security, it can be said that where there is information, it needs to be secure for its proper utilization and usefulness. In my future, I will consider the security aspects of the database while development of the database and apply certain rules/policies especially the CIA triad to ensure the security of the database. In order to develop an IT project and apply information security standards, there is a requirement of managing the project efficiently with the human resources having an appropriate set of skills. The concept or idea has been extracted from the case study mentioned in this document, and it has been learnt that the project management is one of the critical factors in success of the project. However, in contrast, I have neither used any project management technique nor considered information security and certain features while developing the database project. In future, I will definitely develop the project following project management guidelines and information security for IT Projects. Reference List Bolton, D., 2006. Definition of Database. [online] Available at: [Accessed 03 August 2012] Perrin, C., 2008. The CIA Triad. [online] Available at: [Accessed 05 August 2012] Schneider, L., 2009. Information Security. [online] Available at: [Accessed 04 August 2012] Yusuf, Y., Gunasekaran, A. & Abthorpe, M., 2004. "Enterprise Information Systems Project Implementation: A Case Study of ERP in Rolls-Royce," International Journal of Production Economics. Read More