Assignment 3: Applied project Due date: Week 13 Group/individual: Individual assignment Word count: 2500 Weighting: 50% Unit learning outcomes: [ULO1], [ULO2], [ULO3] [ULO4], [ULO5], [ULO6] [ULO7]...

Information systems – Case review and Risk Analysis
Running Header: Information systems – Case Review and Risk Analysis
Title: Information systems – Case review and Risk Analysis
Student ID and Name:
Course ID and Name
University Affiliation
Date: 23/09/2018
Author’s Note:
The current report is presented as part of the requirements for course completion.
INTRODUCTION
Information systems make up significant part of the any organizational infrastructure and hence consistency and operational security of the same is essential for the organizational business continuity and for safe functioning of the same. An organization can achieve its objectives only when the IT systems are working in better condition as well when they are intact from all aspects. It is mandatory of any organization to have a comprehensive risk assessment of its IT systems and implementing the appropriate risk control measures before relying on them for day to day functionality. Risk assessment process will typically work to evaluate each of the Information systems resources or element for the possible inherent defects in that and will work for elimination of the same. Risk assessment process will flag the appropriate risk in the system and will propose risk control measures in the system. Once risk control measures are placed in the system, they need to be monitored chronically for appropriateness as well for updating in light of new risks and new changes happening across the system functionality. There are variety of procedures and tools available for Information systems risk analysis. However selection of the right tools and the procedures will depend on the particular type of the resources there available in the organization and once the risk identification is done; there will be appropriate risk treatment strategy will be proposed. Based on the accepted risk treatment strategy, a risk treatment plan will be developed and implemented. Though it is beyond the scope of the risk assessment procedures, the actual risk control in the organization will depend more on the actual governance and system management prevailing in the organization. The attitude of the organizational management and the framework prevailing in the organization will decide the successful implementation of the risk control procedure in the organization. The following part of the discussion is focussed on to present case review of Information systems risk analysis in an organization. The organization selected for review in the current case is a manufacturing organization and it is involved in making engineering components for automobiles on large quantities. The organization is well matured and has all the facilities needed for world-class manufacturing requirements. There is well established TQM in the organization and well developed Quality control and quality assurance divisions are also there in the organization. As of now the organization is implemented with Enterprise resource planning (ERP) (Tian 2015) software for integrating diverse operational functionalities of the organization. This is done in line with the vision to expand in the domain of the functions as well as in the domain of the operations of the organization. The following part of the discussion is focussed on the Information systems risk assessment and control for the organization. The discussion proceeds to provide details of the risks identified in the organization along with that details of the risk treatment plans and risk control measures are also proposed to get included in the report. The details covers the system vulnerabilities as well discuss the impact of the human factors on the security and operational integrity of the organization (Alreemy et al. 2016).
Overview of the organization:
The current organization is established few decades ago with an intention to cater to the demands of the automobile industries in the country. Mostly the company used to supply automobile components which will be delivered based on the drawings provided by the clients. They will be quality controlled and checked and used by the clients in their main stream automobile parts. The components varied from engine parts, A/C parts, embedded systems components, AI components in the recent years etc. Since the company is highly recognized for quality production and affordable pricing, the company range of operations have increased tremendously in the recent years and thereafter there is considerable organizational renovation undertaken by the management. One of the significant changes in the organizational structural changes is the implementation of the autonomously operatable manufacturing systems in the production lines, They are flexible to take up the instructions from central organizational units and will work for the manufacturing. Further in the recent year inline with the increased demands of the production and the man power operations, the company scheduled ERP implementation in the organization. ERP is enterprise resources planning software, which is implemented in the total organization with a vision to integrate all the modules of the organization. The entire operational modules of the organizations are integrated with ERP and the expected outcomes and deliverables from ERP are customized to meet the demands and MIS requirements of the...