Organisational System Security: Risk Management
Risk Management
Risk management is a methodological approach organisations take to eliminate potential failures from happening. By using different risk management procedures and techniques, risks can be mitigated and managed effectively.
Risk factors:
- Anything valuable to the business
- That affects business operation
- Physical assets
- Software assets
- Information assets
Potential loss
of service
When upgrading a system, there is a
potential loss of service. It may be that the system itself is down and
inaccessible while the system updates or because of the update it has made some
system functions corrupt delaying computer use time and costing the organization extra time and money. If there were server installations or upgrades; e.g.
installing a new operating system on the server then the whole network will be
completely down and any workstations linked to the network would also be
unavailable.
My evaluation on potential loss of service is that the technician support should make sure that their installations are completed at low risk times for installation to avoid clashes of working efficiency loss or corruption and systems or servers being down so nobody can use the system units. By applying low row installation times and other risk reduction measures such as planning and testing installations individually. The technician support will know how long the installation will take testing installation times and speed and if there’s going to be any counter problems after installations have been completed. If there was a problem with the installation and it consisted of hours of system downtime. Then the technician support would need to be prepared in advance to know how to plan convenience of the organizations computer system upgrades.
My evaluation on potential loss of service is that the technician support should make sure that their installations are completed at low risk times for installation to avoid clashes of working efficiency loss or corruption and systems or servers being down so nobody can use the system units. By applying low row installation times and other risk reduction measures such as planning and testing installations individually. The technician support will know how long the installation will take testing installation times and speed and if there’s going to be any counter problems after installations have been completed. If there was a problem with the installation and it consisted of hours of system downtime. Then the technician support would need to be prepared in advance to know how to plan convenience of the organizations computer system upgrades.
Incompatibility issues
When installing new software, there will be a lot of planning in advance, simply because there are many software’s required for specific resources e.g. CAD building, movie editing, music production. Which all have different software requirements to each other and perform differently, this requires the technician support to research in advance and to discuss which software is best to purchase across multiple to hundreds of workstations. The technician support should always buy the software once and test the software in terms of working correctly so there isn’t a disaster of software bought over multiple systems e.g. incompatibility issues, corrupted files, fake licenses.
If the technician support don't plan and then come across an incompatibility issue resulting in the software not working on the systems, then the organization will have wasted money and time investing and installing the new software which isn’t compatible, by researching to find the right software that suits the organizations needs and then testing software individually to check if there are any issues as the last thing the organization can afford to expense for is unused software, which would later then require system upgrades costing more
Risk reduction measures
By planning in advance for a computer
upgrade, the BITSS will have advantages over choosing appropriate times for
installing upgrades and backing up data. By completing risk assessments and
setting back up restore points.
Backups are used by technicians and should be used by the BITSS to ensure the safety of upgrading system units without losing any data. Backups can be created by setting up restore points, transferring data from drives, cloning hard drives, or using 3rd party online cloud backups.
Backups are used by technicians and should be used by the BITSS to ensure the safety of upgrading system units without losing any data. Backups can be created by setting up restore points, transferring data from drives, cloning hard drives, or using 3rd party online cloud backups.
My
evaluation on using backups and restore points before upgrading systems is
crucial if the BITSS didn’t want to be liable for any work loss. It’s important
to take risk reduction measures and clone hard the system drives or set restore
points in case the software contains a virus or malware, or is counterfeit. The
BITSS and Bolton College would then be faced with offences for using illegal
programs. I personally recommend that the BITSS should use a 3rd party
backup company that are in partnership with Bolton College or set frequent
restore points before upgrades. Cloned hard drives is becoming a more legacy
method of backing up data compared to the use of online cloud storage.
Choosing appropriate low risk time for installation such as out of classroom hours or at evening when Bolton college is shut. The BITSS can complete their installations without disturbances. This helps the BITSS complete their tasks in a faster efficient manner saving Bolton college time, money and hassle with employees or students losing their work.
Choosing appropriate low risk time for installation such as out of classroom hours or at evening when Bolton college is shut. The BITSS can complete their installations without disturbances. This helps the BITSS complete their tasks in a faster efficient manner saving Bolton college time, money and hassle with employees or students losing their work.
My
evaluation choosing appropriate times for installing or upgrading software is
that small upgrades should be completed when the classrooms are free for the
given time and large upgrades must be completed out of college hours.
Unfortunately, this procedure requires that the BITSS may have to work overtime
or through the night to apply major upgrades. This would be included in a
contractual agreement between the employee and the company but this is also the
most convenient time for the BITSS to get their work done without disturbances
and interruptions.
Also by applying network upgrades
as well as computer system upgrades out of hours, the BITSS would have time to
test the upgrades and check for errors without being held onto a time limit in
which maintenance would then affect students and employees working spaces.
Another advantage of working out of college hours is that the BITSS would not
be liable for the loss of student data whilst performing network upgrades or
installations which would make the whole networks offline, making it incapable
for the workstations to save or to access the college networks.