Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

IT Infrastructure Management Program

Verified

Added on 2023/06/05

AI Summary

This article discusses the reasons for the failure of the Queensland IT project and the success factors for IT implementation projects. It also provides an overview of IT risks and their effects, and risk management strategies to solve the problems. The article includes a checklist for IT risk management and concludes with the importance of being prepared for any IT incident or risk.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: IT INFRASTRUCTURE MANAGEMENT PROGRAM 1
IT Infrastructure Management program
Student’s name
Institution affiliation

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

IT INFRASTRUCTURE MANAGEMENT PROGRAM 2
IT Infrastructure Management program
Part A: The Queensland IT Project Failure Analysis
There are various reasons as to why the Queensland project failed and these include the
following; inherent complications in the social care and health sectors and the industry in
general, lack of top management support which led to poor project management (Mell, &
Grance, 2011). There was also the aspect of time limit and poor documentation which made the
IBM contractors unable to complete the project. Other reasons included the lack of proper
communication and training as well as a team structure that was poorly designed. There was also
a complex stakeholder; client and consultant relationship and failure to test the system.
From the look of things, the blame cannot be directed on one particular end. A project as
big as the Queensland’s IT upgrade, requires a high integrated stakeholder management. The
government, the contractor, the consultancy and the health management were all to blame since
they failed to play their part of the game (Redlich, & Nemzow, 2015). If all were responsible
enough in their roles issues could have been identified before hand and a solution sought in good
time.
The success factors for IT implementation projects includes simplified employment
agreements and awards that do away with the complexities that may affect the efficiency and
effectiveness of the payroll processes. There should be clear accountability lines, responsibilities
and roles for a governance structure that is end to end. System assessment and evaluation for
impact and readiness for change need to be done before going into live. There should be timely
identification of potential risks and risk management strategies put in place.
The Workbrain software had never been substantiated to a proper position to be utilized
in major projects as the Queensland. In this case, inherent risks related to the system were not

IT INFRASTRUCTURE MANAGEMENT PROGRAM 3
identified. The team should have run the system in one location before they scaled to the entire
health system or department. System testing was also the cause reason for poor use of Workbrain
software.
To fix the problem the various stakeholders including the government, the health facility
management, the consultant, the IBM contractors and any other should come after an audit report
has been done (Cardona, 2013). Base on the identified issues and problems they need to accept
responsibility and start the whole project again right from the beginning. Each of the
stakeholders is to cost share the loss depending on the magnitude of errors and problems related
to them.

IT INFRASTRUCTURE MANAGEMENT PROGRAM 4
Part B: Risk Management Strategies for IT
Abstract
IT (information technology) plays a key role in almost all the types of businesses. Thus,
businesses need to identify the risks that threaten their data and systems. They need to manage or
reduce the effect of these risks by developing a good plan of response in the event an IT crisis
presents itself in the business. Business owners possess some legal obligations when it comes to
privacy, staff training and electronic transactions towards the implementation of IT risk
management strategies (Xue, Ray, & Gu, 2011). The IT risks include software and hardware
failure, spam, malicious attacks, human error and viruses. They also include natural catastrophes
such as floods, cyclones and fires. One can manage risks related to IT by carrying out a risk
management assessment. The possession of a business recovery and continuity plan helps the
business recover from incidences of IT risks. The paper offers a guideline to help understand
risks under IT and contains information on ways of responding to such incidents.
Key words: IT (information technology), risk management, strategy, business, hardware
and software

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

IT INFRASTRUCTURE MANAGEMENT PROGRAM 5
Introduction
IT (information technology) risks include the whole range of potential threats that put the
entire business communication system under risk. They can interfere with the progress of a
business to an extent of putting it to a halt due to failure of the system. To the businesses that
rely on IT (information technology) systems like computers and related networks that help run
key business activities, they need to be wary of the nature and range of risks associated with such
systems (Subashini, & Kavitha, 2011). IT risks are normally classified as general IT threats,
criminal IT threats and natural disasters. The general IT threats that affect IT data and systems
include the software and hardware failure. This includes issues such as data corruption or power
loss. Malware includes malicious software that has been designed to cause disruption to the
computer operations. Viruses involve computerized codes that copy themselves and spread from
a computer to another as it disrupts their operations (Angeles, 2009). Scam, spam and phishing
include an unsolicited email intended to fool people so that they reveal their personal details or
they buy fraudulent items. Human error includes incorrect processing of data, careless disposal
of data or accidentally opening email attachments that are infected. Criminal threats in IT include
specific and targeted criminal threats to the IT data and systems and include the following
activities; hackers are the people doing illegal breaking into the systems of computers (Buyya,
Beloglazov, & Abawajy, 2010). Fraud is the use of computers to change or alter data for benefits
that are illegal. Denial of service is an online attack aimed at preventing the access to websites
for users who are authorized. Security breaches include the break-ins that are physical and may
also include online intrusion. Staff dishonesty is the theft of data or any information that is
sensitive including the details of a business customer. The natural disasters which are also risks
for IT systems include floods, cyclones or fires and affect the systems of IT, the infrastructure

IT INFRASTRUCTURE MANAGEMENT PROGRAM 6
and data (Dillon, Wu, & Chang, 2010). The damage to the computer hardware or the buildings
can cause losses or corruption of transactions and records of business customers.
Report question
 What are some of the IT risks and their effects?
 What are the IT risk management strategies that solve the problems?
Program design
The design of the report analysis involved the use of qualitative design technique to obtain
information related to risks and risk management strategies. This involves the use of peer
reviewed sources of data such as books, online journal articles and journals. Published sources
that contain secondary information were also useful in the report.
Discussion
To avoid the types of risks identified above, the business requires integrating risk
management strategy so that the business, systems, data and infrastructure remain protected
against the threats. The following is the risk management strategy and how to go about it
(Mitchell, 2010).
IT risk management
Managing the IT risks involves structured process that includes a series of tasks which
are designed to serve the following; identify the risks, assess the risks, mitigate the risks, develop
plans for response and finally to review the procedures involved in the risk management process
(Ramgovind, Eloff, & Smith, 2010). One such comprehensive approach by the Australian
emergency management agency towards risk management is based on the PPRR model i.e.
(prevention, preparedness, response and recovery). The following are the common IT risk
management strategies that help reduce the impact of these threats.

IT INFRASTRUCTURE MANAGEMENT PROGRAM 7
Risk management strategies
The risks and threats to IT systems, infrastructure and data have become an everyday
reality in most of the modern businesses. Such businesses, data and systems need to be protected
against hackers and theft by putting in place strict measures of security (Flyvbjerg, 2009). These
are the strategies to implement.
Practical steps that improve security for IT systems
 Securing computers wireless networks and servers
 Securing the system passwords
 Using anti-spyware and anti-virus protection as well as firewalls (Sotomayor,
Montero, Llorente, & Foster, 2009).
 Using data backups such as remote or off-site storage
 Regularly updating software to their latest version
 Training staff for IT procedures and policies
 Understanding the legal obligations towards online business
i. Creation of an online presence that is secure
If businesses have online presence, on needs to assess the website security, online
banking, email accounts as well as profiles for social media. For instance the SSL technology
(secure socket layer) is applied in encrypting transaction data and send card or customer details
for authorization by the acquiring bank (Durmuşoğlu, 2009). It is critical to ensure that any
solution that is considered for web hosting has the capability of supporting the protocol for the
SSL.
ii. IT and induction training on the staff

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

IT INFRASTRUCTURE MANAGEMENT PROGRAM 8
Existing and new staff need to be trained in the IT procedures, policies and conduct codes
as an important element of the IT risk management strategy. Staff training helps cover key
business policies and processes that include the following;
 Safe handling of any emails that are infected
 Protection of the privacy towards the details of the customers
 Priority tasks in case an event of security breach happens online
As the employer one needs to have legal obligations that help in the training of staff (Sobol, &
Klein, 2009). The provision of support as well as training for new or existing employees is an
essential aspect of staff training.
iii. Business insurance
It is very hard for businesses to avoid or prevent all threats and risks related to IT. This
makes the business insurance an element that is quite essential in the risk management and
planning of business recovery (Knahl, 2009). One needs to regularly review and update the
insurance especially for new or IT risks that are emerging such as the increased use of mobile
devices that are personal while running activities in the workplace.
iv. Response towards an IT incident
The business recovers depending on how the owner responds to the IT incident. In this
case the process influences the ideas of the customers and the business reliability. An incident of
IT can get confined to the components of IT in the business like the denial of service attacks that
target the business (De Bakker, Boonstra, & Wortmann, 2010). On the other side the incident can
also include the whole business crisis including the damage on its networks from natural
disasters. The risk management plan for IT risks and the continuity plan of the business need to
have the following elements.

IT INFRASTRUCTURE MANAGEMENT PROGRAM 9
 The response plans for the IT incident
 Emergency plans of response
 Plans of recovery
a. The response plans for the IT incident
Response plans for IT risks are meant to identify the principal risks that threaten the IT
systems and highlights the steps the business owner needs to take towards mitigating the effects
of the damages (Yuriyama, & Kushida, 2010). These may involve the details of any key staff
needed to be notified after the incident, the plan of communication, the actions of priority,
contact list and an event log for making records.
b. Emergency response plan
Incidents that affect the IT systems may occur from a wider crisis that may include
bushfire, flood, cyclone or an explosion. In such emergency cases the members of safety and
staff of the public become the first priority (Wu, Ping, Ge, Wang, & Fu, 2010). Any incident for
IT response plan needs to integrate and be supportive of response plans for emergency cases.
c. Recovery plan for IT incident
These recovery plans need to help the business to respond in an effective manner on the
incidents or crises that affect the IT systems in the business. The plans of recovery can shorten
the times of recovery and reduce the extent of losses and these may include;
 The strategies that recover the business operations in the shortest time ever
 The objectives of the time recovery
 Descriptions of important resources, staff and the equipment that are needed in making
the business recovery (Sheppard, 2012).
A checklist for IT (information technology) risk management

IT INFRASTRUCTURE MANAGEMENT PROGRAM 10
To all the businesses that make use of IT technology systems, it is critical for the owners
to be aware of the key steps that can be taken towards the minimization of the IT risks or
incidents. The owners of the business need to come up with a checklist for IT risk management
that should help them to determine the precautions that are basic and the various steps to be
involved in the management of the IT risks in the business (Dikaiakos, Katsaros, Mehra, Pallis,
& Vakali, 2009). The checklist involves or takes care of all the various IT risks known to exist
and that have the potential of influencing the operations of the business. The checklist caters all
aspect for risks such as software and hardware damage, viruses, malicious attracts, spam, human
errors and natural disasters (Bhatt, Emdad, Roberts, & Grover, 2010). The checklist is a group
of items that are highlighted for the business in terms of questions regarding the risks and the
management risks that may affect the business IT systems and infrastructure and have a yes or no
response in the end. It helps tell the business owners how well they are prepared in terms of
managing and IT incident or risk that might occur (Kumar, & Van Hillegersberg, 2009). The
checklist helps the business owners to always be ready for any of the identified risks based on
the fact that these are issues that the business may not be able to tell when they happen. The idea
is to ensure in case they happen, the business is ready to wake up to the occasion and through the
management strategies, be able to recover its full operations and business continuity.
Conclusion
The IT risks include software and hardware failure, spam, malicious attacks, human error
and viruses. They also include natural catastrophes such as floods, cyclones and fires. One can
manage risks related to IT by carrying out a risk management assessment. The risk management
plan for IT risks and the continuity plan of the business need to have the response plans for the
IT incident, emergency plans of response and plans of recovery. The business also needs to have

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

IT INFRASTRUCTURE MANAGEMENT PROGRAM 11
a checklist. The checklist is a group of items that are highlighted for the business in terms of
questions regarding the risks and the management risks that may affect the business IT systems
and infrastructure and have a yes or no response in the end. The checklist caters all aspect for
risks. Staff training helps cover key business policies and processes that include safe handling of
any emails that are infected, protection of the privacy towards the details of the customers and
priority tasks in case an event of security breach happens online. Business need to ensure they
implement the following practical steps that improve security for IT systems; securing computers
wireless networks and servers, securing the system passwords, using anti-spyware and anti-virus
protection as well as firewalls, using data backups such as remote or off-site storage, regularly
updating software to their latest version, training staff for it procedures and policies and
understanding the legal obligations towards online business

IT INFRASTRUCTURE MANAGEMENT PROGRAM 12
References
Angeles, R. (2009). Anticipated IT infrastructure and supply chain integration capabilities for
RFID and their associated deployment outcomes. International Journal of Information
Management, 29(3), 219-231.
Bhatt, G., Emdad, A., Roberts, N., & Grover, V. (2010). Building and leveraging information in
dynamic environments: The role of IT infrastructure flexibility as enabler of
organizational responsiveness and competitive advantage. Information &
Management, 47(7-8), 341-349.
Buyya, R., Beloglazov, A., & Abawajy, J. (2010). Energy-efficient management of data center
resources for cloud computing: a vision, architectural elements, and open
challenges. arXiv preprint arXiv:1006.0308.
Cardona, O. D. (2013). The need for rethinking the concepts of vulnerability and risk from a
holistic perspective: a necessary review and criticism for effective risk management.
In Mapping vulnerability (pp. 56-70). Routledge.
Dikaiakos, M. D., Katsaros, D., Mehra, P., Pallis, G., & Vakali, A. (2009). Cloud computing:
Distributed internet computing for IT and scientific research. IEEE Internet
computing, 13(5).
De Bakker, K., Boonstra, A., & Wortmann, H. (2010). Does risk management contribute to IT
project success? A meta-analysis of empirical evidence. International Journal of Project
Management, 28(5), 493-503.
Dillon, T., Wu, C., & Chang, E. (2010, April). Cloud computing: issues and challenges.
In Advanced Information Networking and Applications (AINA), 2010 24th IEEE
International Conference on (pp. 27-33). Ieee.

IT INFRASTRUCTURE MANAGEMENT PROGRAM 13
Durmuşoğlu, S. S. (2009). The role of top management team's information technology (IT)
infrastructure view on new product development: Conceptualizing IT infrastructure
capability as a mediator. European Journal of Innovation Management, 12(3), 364-385.
Flyvbjerg, B. (2009). Survival of the unfittest: why the worst infrastructure gets built—and what
we can do about it. Oxford review of economic policy, 25(3), 344-367.
Knahl, M. H. (2009). A Conceptual Framework for the Integration of IT Infrastructure
Management, IT Service Management and IT Governance. World Academy of Science,
Engineering and Technology, 52, 438-443.
Kumar, K., & Van Hillegersberg, J. (2009). Why an ERP for IT.
Mell, P., & Grance, T. (2011). The NIST definition of cloud computing.
Mitchell, E. (2010). Using cloud services for library IT infrastructure. Code4lib journal, 9, 3-22.
Ramgovind, S., Eloff, M. M., & Smith, E. (2010, August). The management of security in cloud
computing. In Information Security for South Africa (ISSA), 2010 (pp. 1-7). IEEE.
Redlich, R. M., & Nemzow, M. A. (2015). U.S. Patent No. 9,015,301. Washington, DC: U.S.
Patent and Trademark Office.
Sellers, R. E., Guillot, J., Carter, G. H., Atkins, N. W., Pausback, N. J., Engle, M. R., ... &
Ballard, W. H. (2014). U.S. Patent No. 8,725,853. Washington, DC: U.S. Patent and
Trademark Office.
Sheppard, R. F. (2012). U.S. Patent No. 8,285,578. Washington, DC: U.S. Patent and Trademark
Office.
Sobol, M. G., & Klein, G. (2009). Relation of CIO background, IT infrastructure, and economic
performance. Information & Management, 46(5), 271-278.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

IT INFRASTRUCTURE MANAGEMENT PROGRAM 14
Sotomayor, B., Montero, R. S., Llorente, I. M., & Foster, I. (2009). Virtual infrastructure
management in private and hybrid clouds. IEEE Internet computing, 13(5).
Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of
cloud computing. Journal of network and computer applications, 34(1), 1-11.
Wu, J., Ping, L., Ge, X., Wang, Y., & Fu, J. (2010, June). Cloud storage as the infrastructure of
cloud computing. In Intelligent Computing and Cognitive Informatics (ICICCI), 2010
International Conference on (pp. 380-383). IEEE.
Xue, L., Ray, G., & Gu, B. (2011). Environmental uncertainty and IT infrastructure governance:
A curvilinear relationship. Information Systems Research, 22(2), 389-399.
Yuriyama, M., & Kushida, T. (2010, September). Sensor-cloud infrastructure-physical sensor
management with virtualized sensors on cloud computing. In 2010 13th International
Conference on Network-Based Information Systems (pp. 1-8). IEEE.

1 out of 14

+13062052269

info@desklib.com

IT Infrastructure Management Program

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Case Study and IT Research: Key Reasons for IT Implementation Failure

Introduction to Enterprise Systems and Applications

Queensland Health Project Failure: A Case Study

Reasons for Failure of the Queensland Health Payroll Project

Projects Negotiation and Conflict Report for Queensland Health Payroll Program

IT Infrastructure Management TASK A3