Information Technology Risk Management Operations of Business

Question: Describe about the Report for Information Technology Risk Management and Operations of Business. Answer: Introduction Twenty-first is the era of Information Technology, commonly known as IT technology, as almost every business is using this technology for various operations of the business. The use of IT services has been increasing day by day. One of the main purposes of IT is the security. IT services have been use for the purpose of security[1]. The IT engineers develop various security services for companies as per the requirement. This development process is called the Secretly System Development Life Cycle or SSDLC[2]. However, there are various risks and threat involves with the security system development process. Thus, there is a need of a contingency plan for those risks and threats. SSDLC There are various needs for information technology in an organization. Security System Development Life Cycle or SSDLC is the process of design and implementing a particular information system in an organization[3]. There are various stages involved in the process of implementation of an information system in an organization. They are investigation, analysis, logical design, physical design, implementation and the last step is maintenance and change[4]. Every step has its own importance in the implementation process. The first step includes the investigation of the organizational need of the IT software. In the next step, the needs of the organizations are analyzed and decision has been taken. The next two steps involve the logical and physical design of the software. Then the software has been implemented for the organizational need. Lastly, it is the time for maintenance and changes if required. Threats and Risks There are various kinds of risks involved in the security system development process. The risks come in form of theft, attack, vulnerability, threat agent, exploit and others. Some of the threats are discussed below: There are threats of software piracy. There are various duplicate software in the market. They are a big threat for the IT services. The program can corrupt due to the installations of pirated software. Another risk is the human error. There can be mistakes from the employees end that can affect the IT services. One of the greatest threats is the attack of viruses, malwares, worms, macros and others. They can affect the IT system in the possible worst way. The system can be totally crashed if there is not any effective security program to protect the system. The use of outdated technology is another threat. The companies must install updated software to cope up with the technological changes. The damage or destruction of the IT system is another important risk. The damage can be happened either by intentionally or by unintentionally like natural calamities and others. These are the risks and threats of information technology[5]. Contingency Plan As discussed earlier, there are a lot risks involved in the security software development process in various forms. Thus, it is very important to have a contingency plan to encounter these kinds of threats. For this purpose, the strategy of risk assessment and risk management is taken by the strategic managers. In the first part, the potential risks are analyzed along with the effect of those risks on the bossiness. This process helps to obtain a clear picture of the risks of the information technology. After that, the risk management approach is adopted. In this approach there are three aspects. They are managerial control, operational control and technical control. In the first process, the managers control the overall process of the security development system. In the second process, the operational mangers take care of the operational risks involves with the system. Lastly, in the third process, the technical managers control the technical risks of the IT system[6]. Over the years, the scenario of information technology has been changed drastically. One can say that the growing use of information technology is responsible for this change. Now-a-days almost every sector of business is using information system for their business operations. However, with the growing progress of information technology, the risks have also been increased. There are various kinds of risks which are discussed above. These risks are very much harmful for the business operations as they have the ability to damage the total IT operations of a business. Thus, it is necessary to have contingency plans as precautions against those risks. These plans will work as a shield to protect the company. A business with a proper contingency plan will be less exposed to the risks involves in information technology. Bibliography Ahimbisibwe, Arthur, Robert Y. Cavana and Urs Daellenbach, 'A Contingency Fit Model of Critical Success Factors for Software Development Projects: A Comparison of Agile and Traditional Plan-Based Methodologies' (2015) 28Journal of Enterprise Information Management7. Dong, Jun et al, 'Energyenvironmenteconomy Assessment of Waste Management Systems from a Life Cycle Perspective: Model Development and Case Study' (2014) 114Applied Energy400. Hassine, Jameleddine, 'Describing and Assessing Availability Requirements in the Early Stages of System Development' (2015) 14Software Systems Modeling1455. Klesch, Rachel,Information Technology Guide(, 2016) Liu, Jin Hang, Hong Xia Xia and Heng Bo Zhang, 'A Research into the UML Legend in the Waterfall Model Development' (2014) 519-520Applied Mechanics and Materials322. Nehari Talet, Amine and The Society of Digital Information and Wireless Communication, 'risk Management and Information Technology Projects' (2014) 4International Journal of Digital Information and Wireless Communications1.