Chapter 11 Group: Anju, Ashok, Justin, Joe and Christina Suppose your college or organization is considering a new project that would involve developing an information system that would allow all employees and students/customers to access and maintain their own human resources-related information, such as address, marital status, tax information, and so on. Identify positive and negative risks and strategies for addressing each risk. Negative Risk: Environmental threats such as a bursting pipe can quickly flood a computer room and cause damage to an organization’s IT assets and resources. Solution: Protect IT assets from fire damage (e.g., requirements and procedures for the use of fire extinguishers, tarpaulins, dry sprinkler systems, halon fire suppression system) Provide emergency power source (e.g., requirements for uninterruptible power supplies, on-site power generators) Positive Risk: Any sort of information is easily available on a single click via the various forms and built in software applications. Negative Risk: Not all stakeholders might be interested in managing their information. So, the new system might loose some potential data. Positive Risk: Users will feel more secure because they themselves can update their private information. Negative Risk: When a person is allowed to provide their information, it is not necessary they will provide there real information. Solution: Some sort of authentication procedure should be implemented. Positive Risk: Most of the information are always updated. Negative Risks: One negative risk would be in people posing as others in order to obtain or alter their information, either in specific cases or on a much wider scale. Solution: One method of tackling such a risk would be in establishing a method of authentication that can ensure people are who they say they are. Positive Risk: One positive risk would be that information would be the most accurate and up to date with people having control over it, yet this can be a problem if many individuals either choose or forget to maintain this information. Solution: As a solution, the company can notify people in a rigorous effort to keep their information current and up to date along with why it is important to do so. Negative Risks: All data for each individual in the organization would be kept in one central location and, if maliciously accessed, could destroy internal processes and hinder work flow. Solution: Create several security barriers and properly encrypt data. Create secure platform for users to access and add data. Positive Risk: All data would be kept in one location and easily accessible by the HR staff. Data would also be more updated and allow HR staff to concentrate on other areas of operation. THANK YOU