IT Risk Management
The literature review depicts the importance of adaptation of risk management approaches in different IT business organizations to mitigate the functional and operational excellences. In order to maintain the IT security the implementation of risk management approach is very much necessary. If an organization owns IT functionalities to develop their business operations, risk management techniques are needed to acquire by the business organizations. The literature review delivers the general IT risk management techniques. In order to illustrate this paper the risks in software estimation technique, different techniques of software estimation and the current options and the latest development processes are also illustrated in this report.
Information Technology and different risk management approaches are strictly associated to each other. In order to manage the risks and to avoid the rate of error occurrence initially the risks are required to be identified by the risk management authority of the business organization. Even for managing those data the project development team should develop certain response plans for reducing the risk and IT crisis. In relation to privacy, electronic transaction and the staff training IT risk management training are also required to be possessed by the management authority of the IT enterprises (Hou, 2015). The IT risks hold both the hardware and software failure. In order to recover the IT risk incidents risk management continuity plan is also required by the project development teams.
In an IT business organization different kinds of risks could occur such as software estimation techniques, lack of usage of digital advances, lack of trained IT developers, confidential data security etc (Johnson, 2015). This particular literature review covers the software estimation techniques risk and its impact in the business organizations.
In order to implement a successful software projects with appropriate estimation techniques, proper software development life cycle is required to be adapted by the IT organizations. The technique that is basically used to estimate the cost and time of a software project is known as software estimation technique. Estimation is nothing but an approximation (Belas et al., 2014). Though, this estimation is applicable to serve some of the values, not all the purposes could be served with the help of estimation approaches. The estimation process deals with the amount of resources, the total time required, the efforts that is going to be served by the project development team and the total cost needed to implement the project (Grant, et al., 2014). Due to different reasons the project risks might occur in the IT organizations. The reasons are as follows:
- If the project development team makes a premature estimation before analyzing the complete details of the requirement then risks will occur.
- Due to lack of historical data in the storage IT organizational risk might occur.
- If the project manager fails to update the software estimation then, again both operational and functional will occur.
- Lat but the least of the preliminary estimation does not match the actual estimation then again risk will occur.
Software Estimation Techniques
In order to develop the software estimation technique different IT firm use different techniques (Blos & Hoeflich, 2017). Such as the most widely used technique are work breakdown structure, Delphi technique, three point technique and functional point method.
Delphi model is referred to as one of the most widely used software estimation techniques, in the IT enterprises. The Delphi models are generally developed based upon different survey those are conducted by the project development teams. In order to gather different formal and informal information, the expert’s participants are interviewed by the top management authority (Boyens et al., 2014). In this estimation process the developer get advantages and confidence at the same time. With the combination of other techniques, this Delphi model can be implemented. Both the qualitative and quantitative resultants could be achieved by this Delphi software estimation technique.
In order to reduce the work load from the employees a big task is required to be divided in small segments. It will also decrease the pressure of works from the employees on the other hand; the schedule will also help to demonstrate the work among the employees efficiently (Puto et al., 2016). Due to the development of WBS, the project could be completed effectively within the estimated time period. Four major steps of the cost estimation process include the following:
- The Work Breakdown Structure forces the team for creating detailed steps.
- The Work Breakdown Structure helps to develop the existing schedule and budget as well
- The Work Breakdown Structure helps to develop accountability
- The Work Breakdown Structure creates breed commitment.
This is another software estimation technique where the estimation is done based upon the collected statistical data. The process is almost same as the Work Breakdown Structure (WBS). In the process also the work load is divided among different small segments to reduce the level of work load from the working employees. Three different sorts of estimation processes are generally used in case of organizational development approaches (Nechaev, Antipina & Prokopyeva, 2014). The operational approaches are optimistic estimation, most likely estimation and pessimistic estimation. The general formulae that is use to make the measurement is :
E= A + (4*M) + B / 6
Standard Deviation (SD) = = (B – A)/6, where, A= optimistic estimation and B = Pessimistic Estimate.
Basically from the point of view of the users the functional point is measured efficiently. It helps to develop the functional and operational both aspects effectively (McNeil, Frey & Embrechts, 2015). The process is completely free from the capability of computer languages, advanced technologies, development methodologies. The functional method can be executed based upon the documents those are availed from the software resource specification and designs.
Different Risks
For estimating the software that is required to be adapted by the IT organization for risk management and risk assessment different techniques are available. Considering the type of business and the type of the software the models those are generally used include software development model, software lifecycle management, COCOMO, COCOMO 1I and COPMO model (Wu, Chen & Olson, 2014).
In order to manage the organizational risks certain processes are required to be maintained by the project development team and by the IT business enterprises. The processes rather steps of risks management approaches are as follows:
Risk Identification: Thos is the initial process of risk management approach. In this phase based on the current issues those are hampering the commercial structure of the IT enterprises are identified (Kim & Vonortas, 2014). This is an important phase of risk management, because if the management fails to detect the actual reason behind the operational issues, then the entire system will be a failure.
Risk Analysis: In this phase the issues are analyzed appropriately. The impact and objectives of the risks are also detected in this phase (Marcelino-Sadaba et al., 2014). A risk register is prepared in this phase to determine the likelihood and consequences of the risks.
Risk Ranking: Based on the impact of the risks on the operational and functional excellence of an IT enterprise the risks are ranked accordingly. Within the project risk registers the risk ranking are also added up.
Risk Treatment: In order to mitigate the risk proper risk treatment techniques are identified and adapted by the IT business enterprises (Nechaev, Antipina & Prokopyeva, 2014). By developing different risk mitigation strategies the risks are reduced.
After selection of current risk management techniques, the project should be divided into small sub tasks. In most of the cases for managing risks the general technique that is undertaken is work breakdown structure. A complex project is divided into modules and again the modules are divided into sub modules (McNeil, Frey & Embrechts, 2015). The tasks rather options those are undertaken by the risk management authority include the following:
|
Tasks for risk management |
Subtasks for risk management |
|
Analysis of the software requirement specification |
Investigation over the requirements Detail enquiry on the SRS |
|
Creation of test specification |
Designing test scenario Test cases development |
|
Execution of test cases |
Building the revised test cases Reviewing the test execution resultants |
|
Report on risks |
Analysis on the risks Identification of risks Evaluation or risk ranking Mitigation approach development Monitoring and reviewing the risk |
Conclusion
From the overall discussion it can be concluded that different advanced persistence threats are associated to IT enterprises and in order to mitigate the risks, the risks management process is required to be maintained by the It firms. It will help the business organizations to develop their risks management approaches but if the organization fails to determine the risks properly then the entire system will be a failure. The organizations need to increase its overall protection against the multi faceted persistent threats. These multi faceted persistent threats are also known as advanced targeted threats.
Software Estimation Technique and Project Development
Among different kinds of risk it is very much difficult to identify the most effective risks, In order to manage the software estimation techniques that is widely used by different business organizations in the software development life cycle period, is completely dependent upon the size of the software and its effectiveness in the business organizations. In order to develop the risk management approaches and for reducing the exiting issues certain recommendations are also provided below.
Proper identification risks: In order to mitigate risks from the business operations of an IT organization, the actual risks are required to be identified at the very initial phase.
Adaptation of advanced risk management approaches: Different risk management approaches are there however based on the type of software size and its operational excellence the risk management authority of the IT enterprises are needed to adapt appropriate risk management approaches.
Development of security concern: Security is one of the major concerns that is needed to be considered by the business development authority to keep the sensitive data confidential. Due to lack of security in most of the cases it has been found that the confidential data are getting hijacked by the external and unauthorized attackers.
References
Belas, J., Bartos, P., Habánik, J., & Novák, P. (2014). Significant attributes of the business environment in small and meduim-sized enterprises. Economics & Sociology, 7(3), 22.
Blos, M. F., & Hoeflich, S. L. (2017). Supply Chain Risk Management Framework for Virtual Enterprises: A Theoretical Approach. Unisanta Science and Technology, 5(3), 161-166.
Boyens, J., Paulsen, C., Moorthy, R., Bartol, N., & Shankles, S. A. (2014). Supply chain risk management practices for federal information systems and organizations. NIST Special Publication, 800(161), 1.
Grant, K., Edgar, D., Sukumar, A., & Meyer, M. (2014). ‘Risky business’: Perceptions of e-business risk by UK small and medium sized enterprises (SMEs). International Journal of Information Management, 34(2), 99-122.
Hou, L. (2015). Analysis of Defects in Financial Accounting Management of Construction Enterprises and Corresponding Strategies. Open Cybernetics & Systemics Journal, 9, 1218-1222.
Johnson, M. P. (2015). Sustainability Management and Small and Medium?Sized Enterprises: Managers’ Awareness and Implementation of Innovative Tools. Corporate Social Responsibility and Environmental Management, 22(5), 271-285.
Kim, Y., & Vonortas, N. S. (2014). Managing risk in the formative years: Evidence from young enterprises in Europe. Technovation, 34(8), 454-465.
Laporte, C. Y., Houde, R., & Marvin, J. (2014, July). 6.4. 2 Systems Engineering International Standards and Support Tools for Very Small Enterprises. In INCOSE International Symposium (Vol. 24, No. 1, pp. 551-569).
Marcelino-Sádaba, S., Pérez-Ezcurdia, A., Lazcano, A. M. E., & Villanueva, P. (2014). Project risk management methodology for small firms. International Journal of Project Management, 32(2), 327-340.
McNeil, A. J., Frey, R., & Embrechts, P. (2015). Quantitative risk management: Concepts, techniques and tools. Princeton university press.
Nechaev, A. S., Antipina, O. V., & Prokopyeva, A. V. (2014). The risks of innovation activities in enterprises. Life Science Journal, 11(11), 574-575.
Puto, A., Koscielniak, H., Bajdor, P., & Budzik-Nowodzinska, I. (2016). Trends Of Polish Enterprises In Risk Management. European Scientific Journal, ESJ, 12(10).
Wu, D. D., Chen, S. H., & Olson, D. L. (2014). Business intelligence in risk management: Some recent progresses. Information Sciences, 256, 1-7.
Zhao, X., Hwang, B. G., & Low, S. P. (2013). Developing fuzzy enterprise risk management maturity model for construction firms. Journal of Construction Engineering and Management, 139(9), 1179-1189.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
