4 pages

English

Systems Audit Final - Take Home Portion

Thioj - Eric

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

4 pages

English

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

“Stop that implementation!” Eric Smith Systems Audit 7244 Take-home Question for Final Exam May 8, 2003 Introduction The CEO has “ordered the IT department to begin implementing a full-scale retail website which will be integrated with the company’s backend databases.” The additional business generated by this website may be excellent, but there are certain procedures, known as a “systems development life cycle,” that should be followed in developing and implementing a system such as the one described. The Systems Development Life Cycle Systems development should go through stages of planning, analysis, design, implementation, and support or maintenance. The CEO has skipped the planning, analysis, and design steps to move directly to implementation. To understand the risks that this causes, let’s discuss what happens in planning, analysis and design. Planning The goal of the planning stage of systems development is to align the system being developed to the strategic goals of the firm. If a system does not help a company to meet its goals, then it may be a waste of valuable resources, and may even cause a company to fail to meet its goals. In order to ensure that planning is organized and well controlled, most firms establish a steering committee. The steering committee is typically composed of senior management, IT management, an internal auditor, and occasionally external auditors. Copyright © 2003 Eric Smith Involvement of ...

Sujets

management

Informations

Publié par	Thioj
Nombre de lectures	11
Langue	English

Extrait

Eric Smith

Systems Audit 7244

Take-home Question for Final Exam

May 8, 2003

Introduction

The CEO has “ordered the IT department to begin implementing a full-scale retail

website which will be integrated with the company’s backend databases.” The additional

business generated by this website may be excellent, but there are certain procedures,

known as a “systems development life cycle,” that should be followed in developing and

implementing a system such as the one described.

The Systems Development Life Cycle

Systems development should go through stages of planning, analysis, design,

implementation, and support or maintenance. The CEO has skipped the planning,

analysis, and design steps to move directly to implementation. To understand the risks

that this causes, let’s discuss what happens in planning, analysis and design.

Planning

The goal of the planning stage of systems development is to align the system

being developed to the strategic goals of the firm. If a system does not help a company to

meet its goals, then it may be a waste of valuable resources, and may even cause a

company to fail to meet its goals.

In order to ensure that planning is organized and well controlled, most firms

establish a steering committee. The steering committee is typically composed of senior

management, IT management, an internal auditor, and occasionally external auditors.

“Stop that

implementation!”

Involvement of management that will be using the system is crucial to successful

planning because management will often be using the system, or supervising those

employees who use the system. If the system does not serve their purposes then they will

not be able to work well with it. The CEO in the problem has bypassed all of the users of

the system, and even gone

outside of the organization

to hire programmers. These

programmers may be familiar with the technical aspects of building a system, but they

are unfamiliar with the business processes and goals of the firm.

Analysis

Systems analysis is a process of evaluating the current system, and evaluating the

user’s needs. By evaluating users needs, it’s possible to determine what will be required

of a new system. It is important to consider the shortcomings of the current system to

make sure that the same shortcomings do not become a problem in the new system. It is

also important to consider what functions the old system performs that need to be

included in the new system. Often the old system can simply be modified to provide new

functionality. Analysis of an old system can also be thought of as a process of gathering

information. For example, determining from where the system will get information, who

the users will be, the processes that will be carried out, controls, and other information

can be very important things to consider before simply implementing a new system.

Design

During systems analysis, the requirements of a new system are determined. The

next step is to design a system that meets those requirements. Typically, several

alternative systems are designed, and evaluated by the users. Before a particular system is

chosen, it is important to evaluate which alternative will be most user-friendly, and then

determine if that system is feasible.

The design stage can actually be broken into two stages: design, and system

selection and evaluation. A system once it has been conceptually designed, must go

through a feasibility study and a cost-benefit analysis. If either the feasibility study, or the

cost benefit analysis show that the system will not be practical, it goes back to the

drawing board and a new system must be designed.

A feasibility study helps to determine if a particular system is feasible given

constraints of available technology, legal requirements, operational requirements, and

time frame requirements. Our CEO has, without apparent necessity, imposed a six-week

time frame for implementation. This may, or may not be reasonable, but this should be

decided in the design stage of systems development, not just arbitrarily assigned.

Another important consideration is a cost-benefit analysis. If the benefits a system

provides are outweighed by its cost, it will not be beneficial to implement it. The costs

cannot be determined until the system has been designed; unfortunately our CEO has

skipped that step in the system development process. She cannot expect to have an

accurate idea of what the system will cost, or whether those costs will be worth the

benefit.

Implementation

Only after there has been adequate planning, analysis, and design can the new

system be implemented. The system implementation stage is often the most costly

because it involves the purchase of all necessary equipment (hardware, software, servers,

lease of dedicated data lines, and so forth). Interestingly enough, our CEO has apparently

chosen to leave implementation up to two programmers. It is obvious that our CEO has

not considered all the risks involved with implementing the new system.

Summary of Risk

There are risks that are addressed at each stage of the system development

process. By skipping the planning, analysis, and design stages, many risks will not be

addressed. Some of these risks include:

•

Failure to support business goals and objectives

•

Failure to adequately serve the needs of users

•

Excess wasted capacity

•

Not compatible with existing databases

•

Not user friendly

•

Not feasible

•

Cost exceeds benefit

•

Management does not support the project

•

Users may not know how to use the implemented system

•

The system may introduce new security vulnerabilities

Obviously, there are problems with the project, and risks that the CEO has not

considered. I feel that it would be unethical to allow the project to continue as ordered

without stating these concerns.

Univers
Ebooks
Livres audio
Presse
Podcasts
BD
Documents

Systems Audit Final - Take Home Portion

management

YouScribe

Le catalogue

Le service

Les conditions