logo

Risk management: Citi Stores Website Development Project

   

Added on  2020-05-04

39 Pages5640 Words137 Views
Risk management: Citi Stores Website Development ProjectNameDate

Context of the Risk Management PlanThe website has today become a must for any business; it is a point for direct contact with the customer where they can make inquiries, make purchases, ask questions, and create their own content related to the organization through social media sites. There are several risks to developing a website starting from the using the right approach to manage the entire project, the languages used to develop the website, the kind of links created, the triple constraints or scope, time and cost, the possibility it may not serve its purpose,and security risks. Given the fact that the website will be a transaction website processing payments and the pervasive nature of cyber security threats, it is important that an effective risk management plan is developed (Molenaar, Anderson & Schexnayder, 2010). Task 1: Risk Management Frameworka)The AS/NZS ISO 3100: 2009 defines what a risk is in the context of information security; risk is defined as the effect that uncertainty has on project objectives. According to the standard, risk management must consider and continue using risk treatment options to eliminate, reduce, remove or avoid the uncertainties in meeting project objectives. According to the AS/NZS ISO 3100: 2009, there are 11 risk management principles that must be adhered to including creating and protecting value, risks should be integral to organizational processes, forms part of decision making, addresses uncertainty explicitly, is systematic , timely and structured, and based on best available information. Further, the standard states that risk management measures must be tailored, consider cultural and human factors, be inclusive and transparent, be iterative, systematic, and responsive to change, and enhance continuous organization improvement. The risk management framework to be developed in the context of the Citi Stores website development will follow the 11 AS/NZS ISO 3100: 2009 guidelines and are aimed at continuous improvement and adhering to relevant regulations and legislation on information security. The Citi Stores Risk management plan first defines identifies risks to the project and the context identified. A risk assessment is then undertaken andrisks identified and then analyzed. The risks are then evaluated by developing risk matrix and treatments applied to the risks; the outcomes monitored and risks re-assessed based on applied treatments. The process is undertaken by constant

communication and consultation with stakeholders and montoring and reviews undertaken; all in conformance with the AS/NZS ISO 3100: 2009b)The relevant legislation that the Citi Stores website construction must adhere to include the Australia Protective Security Policy Framework (PSPF) and the Australia Information Security manual that is aimed at ensuring information security. The company will capture, manage, and use private client information that must be managed according to the PSPF and the ISM. Further, there must be compliance with the Australian Privacy Act of 1988 that regulates the handling of personal information that the website will pick up. Under the PSPF mandatory requirements on Governance number 6, all organizations must develop a risk management approach that covers all areas pf protective security; the Citi Stores project adheres to this requirement. The ISM requires implementing security controls that form part of an elaborate process of risk management, that this document does and a risk management team has been formed, with alloted responsibilities as per the privacy Protections Act of 1998Task 2: Scope and Stakeholdersa)The risk management process will be confined to the development of a new website for Citi Stores and how the website shouldfunction and meet its design and functional objectives. The risks management process will particularly focus on customer data and its security given that it will have an e-commerce function and how Citi Stores can keep both internal data, such as transactions details and customer details safely. It will also focus on risks that will plague the project and stop the objectives from being attained. The risk management plan will be undertaken by identifying and analyzing the risks, developing a risk matrix for the identified and analyzed risks, and then giving risk treatment to the risks. This risk management plan will also monitor the risks and evaluate the effectiveness of the treatments given to the risks. The scope of the risk assessment will also extend to developing the documentation policy for the risk document and creating a report on the risk management process. b)Stakeholder Management Plan (See Appendix A)

Task 3: Strengths and Weaknessesa)PESTPoliticalRegulations relating to web data securityRules and legislation on cyber securityEconomicCost savings using a web portal to advertiseIncreased revenues from more customers obtained from web portal in addition to store customersSocialIncreased appetite to use the internet/ web to interact with products and manufacturersTechnologicalUsing cloud platforms to manage databases andclient informationModern development languagesAvailability and uptime for the website

(Aik, 2013)b)SWOTStrengthsNice and functional global bar for navigationWebsite that is easy to navigateAttractive and easy to use interfaceWeaknessesPoor optimization for mobile useLong transaction completion and co9nfirmationprocessDifficulty for some people to read text (those with vision challenges)Use of a single language (English)OpportunitiesFast loading websiteLinked with social mediaPoint of customer servicesEnhance functionality with an application (for mobile)ThreatsExclusive social media platforms engagementInimitable application function (Aik, 2013)c)Aims and Objectives, critical Success factors The aims and objectives of developing the Citi Stores website for marketing purposes to drive traffic, engage prospects and re-engage existing customers; help close sales by supporting communications for the sales team; provide customer support, make website and content updates easy, integrate with other IT systems while also meeting the performance, security, and scalability requirements as per the existing regulations and desired performance. Others are to reduce operation costs through automating and streamlining

workflows, increase the Citi Stores bottom-line, and enable recruitment of the best staff. The key success factors include meeting the marketing, sales, customer support, operations, IT, and webmaster goals and objectives, as well as having the project completed on time and within budget, with no errors in performance. The acceptance of the project by client and having it perform optimally nand securely even under heavy load (many requests) also comprise key success factorsd)A PMO (project management office) was set to coordinate project activities, including stakeholder management. By engaging and communicating with key stakeholders, including the project sponsor and executive sponsor, the PM was able to involve and secure thesupport of these key stakeholders, to whom progress was communicated and reported as per the stakeholder management plan, including risk management. The key stakeholders were made aware of risks to the project and how they would influence the project from the very beginning during planning, hence securing their support. Task 4a)To ensure the project scope and deliverables were met, the stakeholders, using the stakeholder management plan, were engaged in order to generate the project objectives and deliverables list. This was to ensure the project team was awareof what was required and the constraints, as a first step in knowing what risks can affect the project. A risk management plan was then made and communicated to the stakeholders, and a scope management plan used to get approvals for changes in order to manage risks such as scope creep. b)The risks were identified using a combination of the Delphi technique where experts were anonymously consulted with a list of information required for the project risk management and their responses compiled. The results were sent back to the experts for review until consensus was arrived on risks and how to manage them. During internal response

compilation, the brainstorming technique was used by the project team to isolate and define risks; this resulted in only relevant risks with a significant impact being considered and managed, after consensus with the anonymous experts The Delphi tool as used is shown in the image below;

c)Risk IdentificationRisk One: Being unprepared before starting the web development processRisk Two: Lack of support by the project sponsorRisk Three: Slow decision making process due to too many people/ stakeholdersRisk Four: Big requests for change at a late stage when the project is being done Five: Overshooting budgetTask 5: Risk Analysisa.Risk Evaluation (Criteria)IDRiskConsequencesMitigationRating of ConsequenceLikelihoodRisk levelMonitoringRisk Owner 1Being unprepared before starting the web development Delays, extensive scope changes, failure to meet Gather all possible and required information upfrontVHHVHInitial project meetingProject manager

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Assignment on Risk Management: Citi Store Online
|27
|4214
|106

The Risk Management Framework for Citi Stores Website Development
|29
|4866
|318

Purpose of Risk Management Standards and AS/NZS ISO 31000: 2009
|9
|2035
|64

Risk Management Assessment PDF
|16
|3802
|82

Manage Risk - Purpose, Standards, and Procedures
|18
|2954
|224

Risk Management in NatureCare Products
|39
|8971
|29