Surya yelamanchili
Policies:
Submissions made through a means other than the GeorgiaView (D2L) Dropbox
will be ignored and earn a 0.
Submissions without your name stated above earn a 0.
Submissions not in an rtf or pdf file or with the original questions and/or
formatting removed from the file earn a 0.
Submissions without adequate references or acknowledgements will earn a
discounted grade, potentially a 0.
Submissions that I can not open or require a password will earn a 0.
Second chances might be requested at any time through GeorgiaView email, and
are awarded at the sole discretion of the instructor.
Review, Evaluate and Adopt Approaches to Managing Risk and Conflict
Being successful in this course requires you to review, evaluate, adapt and adopt methods
for managing risks and conflicts that might be incorporated into your approach to
managing IT and pursuing a case study. This exercise intends to aid you in doing so.
Readings for this assignment:
Selected readings on the web for background on approaches to managing risk and
conflict in the course of the management of IT
Course Textbook [1] (Course Syllabus) Preface through Chapter 10
Actions/Deliverables for this assignment:
Read as per above
Research what you read
Respond to this assignment within the rtf file (leaving all questions and formatting
intact)
Deliverable: Upload your response (rtf or pdf) using the dropbox tool in
GeorgiaView
Deliverable: Make entries on the Module 5 Discussion
Note: IT6683-Research Track Complete Research Report and Presentation
Outline Instead of this Exercise
Describe your research report and presentation outline here. It is suggested that you use
PowerPoint slides for this, just putting the main points of your outline into the titles of
slides. Also list it as your entry on the discussion thread for Module 5. More detail is
better. Please describe in your report how you achieved the learning outcomes listed in
the syllabus, which are repeated here:
Upon successful completion of the course, each student will be able to:
1. Define and discuss major IT concepts and terms and link them to business.
2. Base the management of IT on the needs of the business
3. Identify and utilize best practices and methods for:
a. Working professionally both individually and on a team
b. Identifying business and information needs in the organization
c. Characterizing management structures of the organization
d. Managing the planning, control, operation and decision-making of IT in
the organization to support its business and information needs
4. Perform a business-case analysis focusing on IT
5. Perform independent research into the management of IT
You should choose an outline appropriate to your report needs. For example, if you will
be submitting it to a publication, use their required format and outline. If you dont know
what outline/format to use, here is a suggestion:
A title page with a meaningful title, your name, this course title, and an abstract.
An Introduction section, describing the issue or technique that you investigated.
A Method of Approach section, describing how you performed your investigation in
enough detail so that another IT professional could duplicate what you did.
A Findings section, describing what you found in your investigation with appropriate
citations to where you found it. If you have any doubt about citing references, over-cite
them.
A Recommendations section, describing what in light of your findings that you
recommend should be done to ensure quality management of IT in your area of research.
A Value section, describing the value, importance, and benefit of your findings and
recommendations for both
Your education
writing.) But, I will not tolerate plagiarism--meaning I will grade as a zero any
research report submission that I conclude involves plagiarism.
Note: IT6683 Textbook Track Complete the following seven questions:
Q1) From the textbooks [1] Figure 6.9 (Managing Infrastructure Risks: Consequences
and Probabilities), find at least one example of a risk in each of the four quadrants. If you
were Director of IT Security at a firm, which of the risks that you have just identified
would you address first? Which would you address last? Why? Does your ordering
match what the book recommends?
Ans) If I am a director at the firm, I would like to choose the High consequences High
probability first and then proceed with High consequences low probability, low
consequences High probability and last low consequences low probability.
As the for the business loss and profit matters and also I like to chose the highest
probability risk with high consequence hence avoiding this risk can mitigate the losses to
the firm.
Examples for each type of risk:
High consequences High probability : While programming for a certain
application. The code become tedious due to complexity in the application
features in this cases there is high probability of getting the mistakes in the coding
which gradually changes the features of the application that is going to be
developed which is a great loss to the application developer.
High consequences low probability : If there are no projects to the firm, then the
firm gets its revenue in losses and maintaining infrastructure and employees in
the firm become tedious to the firm management.
Low consequences High probability : If employees in the firm start quiting in
the firm, then firm should hire new employees which is a cost taking process and
also need to train them to adjust to the technology in the firm which takes time
and money of the firm.
Low consequences Low probability: If the infrastructure in the firm gets
damaged and management needs to find a way to fix it.
Q2) Thinking about your own IT for SPSU, review the textbook [1] section on
Managing Incidents before They Occur. What steps do you take now? What steps
dont you take now? Why or why not? Of what value are these steps to you?
Ans) Managing Incidents before they occur is the concept of avoiding much losses
during the time of the crisis. If we consider IT for SPSU. I would like to take certain steps
to avoid any great losses.
Back up the data of students: The revenue of SPSU is from the students where
knowledge is provided and hence students play a customer role where the
customer needs to be satisfied without any losses. Hence the students information
should be taken back up when ever it is updated.
Infrastructure design: The infrastructure must be designed such that it tolerates
failures.
Established management procedures : The procedures followed to manage IT
must be well known so that most of the risks can be avoided.
I wont take the steps like introducing the new courses all at a time. Which increases the
students and faculty which becomes a tedious job to the IT to provide services to all of
them at a time.
Taking the precautionary steps helps to avoid the losses when the risk occurs for example
when the student information is lost and we have no back up data stored then it would be
a great loss to the students future and also to the reputation of the firm. Hence taking all
the steps required before any possible risk happen helps the firm to stay consistent during
the time of losses.
Q3) Have you ever had a major incident with your own IT? If so, describe it. State
whether you implemented any of the advice listed in the sections in the text [1] on
Managing during an Incident and Managing after an Incident and whether it helped
you. If you have not had a major IT incident, review and comment on the helpfulness of
the advice in these two sections.
Ans) No, I have not had a major IT incident. Managing during incident is the major tough
task to the managers. It brings the pressure to the manager mentally. Manager needs to
plan and take decision during the time of incident so that he/she can avoid losses in a
high scale or a wrong decision of the manager during the time of the incident results in
the much more losses than that is predicted. Hence, to avoid much losses, manager shuld
be mentally stable and muse through the incident and need to be taken a wise decision
and as it is stated in the textbook, manager should not take any action which can be
passed to the public or customers.
Managing after incident is just like rebuilt the new firm. Everything should be started
from the scratch. The documents which are taken as the back up must be used to rebuild
everything and also there should be necessary updated changes. The most important thing
is to reviewing the root cause of the incident and taking necessary precautions so that it
can be avoided in the future, As it is said precaution is better than cure.
Q4) From the textbook Chapter 8 [1], there is a statement at the beginning of the section,
Coordination and Location of IT Policy that claims The tension between IT staff and
business users can be managed by establishing clear policies that specify the user domain,
the IT domain, and senior managements role. Find a conflict in the prior two sections
and then assess whether a clear policy will resolve it. State why or why not. An example
conflict might be between the users desire to control their own destiny and the IT
organizations setting of standards.
Ans) Conflict between the two sections desire to control their own destiny and the IT
organizations setting of standards arises a the management of the IT resources.
According to the information from the textbook the efficiency of the centralized IT
structure is way profitable compared to the users control over the part of the business.
However, IT structure cannot be always made centralized as the business users may be
interested to be the part of the operations. In this scenario the method following the
common policy helps to avoid the conflict between the users and IT.
If a clear policies are followed by the users and IT then the operations can be carried out
by the firm in a smoother way as the user need and with the efficiency. It is the
responsibility of the senior management to establish these polices and separate the user
domain and IT domain and establish the common rules to the both of them. Both IT staff
and business users must work together to avoid any conflicts.
Q5) Thinking about SPSUs use of D2L, review the Chapter 9 [1] information on
outsourcing. According to this information, as a student user of GeorgiaView D2L, does
the decision to outsource D2L services to the University System of Georgia (USG) make
sense? Develop a table with three columns as below in your answer.
Factor
Flexibility
Cost
Quality
Performance
Depends on USG
Strategy
Communication
USG strategies
USG must understand the
wants of SPSU students.
Must contact USG for any
services needed
Services
Q6) Thinking of this course and its use of information technology as an IT project,
describe and assess the sources and levels of risk for things going wrong. Use the
terminology and methods presented in Chapter 10 of the text [1]. Summarize your
assessment in a table.
Ans)
Sources
Risk
Level of risk
Course duration
4 months
3 months
2 months
Low
Medium
High
Course material
None
Partially available
available
High
medium
Low
None
one time a course
High
Low