Dalis Consultants: ABW Strategy for Digital Presence Improvement
VerifiedAdded on 2021/06/16
|13
|3840
|143
Report
AI Summary
This report details Dalis Consultants' strategic shift towards Activity Based Working (ABW) to facilitate business expansion and manage resources effectively. The company, a Wellington-based multi-media consultancy, is implementing ABW to accommodate new staff and a recent contract win. The report outlines a cloud-based architecture leveraging SaaS for software delivery, VPNs for secure internet connectivity, and high-speed fiber optic transmission. It provides a high-level system description, network topology diagram, and explains the rationale behind the chosen cloud computing model and internet connectivity approach. Furthermore, the report includes a hardware procurement policy detailing the purpose, scope, guidelines, and a list of hardware to be acquired, along with roles and responsibilities. It also touches on the security strategy, encompassing administrative, logical, and physical security controls to ensure data protection and operational integrity. The report emphasizes the benefits of SaaS, such as scalability, cost-effectiveness, and rapid deployment, making it suitable for the company's dynamic needs and client requirements. Finally, the report addresses the roles and responsibilities for both hardware and software procurement, and the security measures implemented.
qwertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxc
vbnmqwertyuiopasdfghjklzxcvb
nmqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmrtyuiopasdfghjklzxcv
Dalis Consultants
Activity Based Working
5/16/2018
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxc
vbnmqwertyuiopasdfghjklzxcvb
nmqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmrtyuiopasdfghjklzxcv
Dalis Consultants
Activity Based Working
5/16/2018
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Dalis Consultants
Table of Contents
Introduction...........................................................................................................................................2
High-level System Description..............................................................................................................2
Logical Representation of the Major Systems.......................................................................................2
Network Topology Diagram..................................................................................................................3
Use of Cloud Computing.......................................................................................................................4
Approach to Internet Connectivity........................................................................................................5
Hardware Procurement Policy...............................................................................................................6
Purpose..............................................................................................................................................6
Scope.................................................................................................................................................6
Guidelines..........................................................................................................................................6
List of Hardware to be procured........................................................................................................7
Roles & Responsibilities....................................................................................................................8
Software Applications Policy................................................................................................................8
Purpose..............................................................................................................................................8
Scope.................................................................................................................................................8
Guidelines..........................................................................................................................................8
List of Software Applications to be purchased..................................................................................9
Roles & Responsibilities....................................................................................................................9
Security Strategy.................................................................................................................................10
Administrative Controls...................................................................................................................10
Logical or Technical Controls.........................................................................................................10
Physical Security Controls...............................................................................................................11
References...........................................................................................................................................12
1
Table of Contents
Introduction...........................................................................................................................................2
High-level System Description..............................................................................................................2
Logical Representation of the Major Systems.......................................................................................2
Network Topology Diagram..................................................................................................................3
Use of Cloud Computing.......................................................................................................................4
Approach to Internet Connectivity........................................................................................................5
Hardware Procurement Policy...............................................................................................................6
Purpose..............................................................................................................................................6
Scope.................................................................................................................................................6
Guidelines..........................................................................................................................................6
List of Hardware to be procured........................................................................................................7
Roles & Responsibilities....................................................................................................................8
Software Applications Policy................................................................................................................8
Purpose..............................................................................................................................................8
Scope.................................................................................................................................................8
Guidelines..........................................................................................................................................8
List of Software Applications to be purchased..................................................................................9
Roles & Responsibilities....................................................................................................................9
Security Strategy.................................................................................................................................10
Administrative Controls...................................................................................................................10
Logical or Technical Controls.........................................................................................................10
Physical Security Controls...............................................................................................................11
References...........................................................................................................................................12
1
Dalis Consultants
Introduction
Dalis Consultants is a Wellington based small multi-media consultancy and is owned by
Dave & Lisa Evans. The company was set up in the year 2010 to provide consultancy to the
small and medium scale companies for improvement in the online digital presence. With the
expansion of the business operations, it is now becoming difficult to manage the current
human and non-human resources. The company has recently won a contract with a major
tourism agency and there will be four new staff members required to be engaged for the
project. The company has therefore decided to move to the town and the company will meet
the new opportunities through Activity Based Working (ABW) strategy.
High-level System Description
The high-level system will be based on the cloud architecture and network. There will be data
servers present on the cloud that will be synced with the virtual network. Gateway will be
used to connect to the on-premises network of Dalis Consultants which will comprise of the
virtual machines. Each of these virtual machines network will be connected to the router and
these routers will be connected with a switch. The switch and the gateways will connect and
communicate with each other to establish a connection between cloud and on-premises
network. The virtual machines present on the on-premises network will include the hardware
as Laptops, Computer Systems, Personal Digital Assistants (PDAs), and Printers.
The operating systems that will be deployed on the laptops and computer systems in Dalis
Consultants site will include Windows, Macintosh, Linus, and UNIX.
There will be business applications as development tools, design tools, testing tools, Big Data
tools, database engines, and implementation tools.
Logical Representation of the Major Systems
The database servers that will be used for the system will be Microsoft SQL Server, MySQL,
and NoSQL databases, such as MongoDB. Apple Filing Protocol (APF) and Network File
System (NFS) are the file servers that will be involved in the system. Microsoft Exchange
Server is the exchange mail server that will be utilised in this case. The firewalls that will be
used in this case will be packet filtering firewalls and application level gateways.
Networking peripherals, such as routers, switches, and gateways will be involved.
2
Introduction
Dalis Consultants is a Wellington based small multi-media consultancy and is owned by
Dave & Lisa Evans. The company was set up in the year 2010 to provide consultancy to the
small and medium scale companies for improvement in the online digital presence. With the
expansion of the business operations, it is now becoming difficult to manage the current
human and non-human resources. The company has recently won a contract with a major
tourism agency and there will be four new staff members required to be engaged for the
project. The company has therefore decided to move to the town and the company will meet
the new opportunities through Activity Based Working (ABW) strategy.
High-level System Description
The high-level system will be based on the cloud architecture and network. There will be data
servers present on the cloud that will be synced with the virtual network. Gateway will be
used to connect to the on-premises network of Dalis Consultants which will comprise of the
virtual machines. Each of these virtual machines network will be connected to the router and
these routers will be connected with a switch. The switch and the gateways will connect and
communicate with each other to establish a connection between cloud and on-premises
network. The virtual machines present on the on-premises network will include the hardware
as Laptops, Computer Systems, Personal Digital Assistants (PDAs), and Printers.
The operating systems that will be deployed on the laptops and computer systems in Dalis
Consultants site will include Windows, Macintosh, Linus, and UNIX.
There will be business applications as development tools, design tools, testing tools, Big Data
tools, database engines, and implementation tools.
Logical Representation of the Major Systems
The database servers that will be used for the system will be Microsoft SQL Server, MySQL,
and NoSQL databases, such as MongoDB. Apple Filing Protocol (APF) and Network File
System (NFS) are the file servers that will be involved in the system. Microsoft Exchange
Server is the exchange mail server that will be utilised in this case. The firewalls that will be
used in this case will be packet filtering firewalls and application level gateways.
Networking peripherals, such as routers, switches, and gateways will be involved.
2
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Dalis Consultants
Network Topology Diagram
The network architecture and diagram has been shown below. There are various cloud
models that have been developed, such as Software as a Service (SaaS), Platform as a Service
(PaaS), and Infrastructure as a Service (IaaS). The model that will be used in this case will be
Software as a Service (SaaS) (Kulkarni, 2012). There will be data servers present on the
cloud that will be synced with the virtual network. Gateway will be used to connect to the on-
premises network of Dalis Consultants which will comprise of the virtual machines. Each of
these virtual machines network will be connected to the router and these routers will be
connected with a switch. The switch and the gateways will connect and communicate with
each other to establish a connection between cloud and on-premises network. The virtual
machines present on the on-premises network will include the hardware as Laptops,
Computer Systems, Personal Digital Assistants (PDAs), and Printers.
3
Network Topology Diagram
The network architecture and diagram has been shown below. There are various cloud
models that have been developed, such as Software as a Service (SaaS), Platform as a Service
(PaaS), and Infrastructure as a Service (IaaS). The model that will be used in this case will be
Software as a Service (SaaS) (Kulkarni, 2012). There will be data servers present on the
cloud that will be synced with the virtual network. Gateway will be used to connect to the on-
premises network of Dalis Consultants which will comprise of the virtual machines. Each of
these virtual machines network will be connected to the router and these routers will be
connected with a switch. The switch and the gateways will connect and communicate with
each other to establish a connection between cloud and on-premises network. The virtual
machines present on the on-premises network will include the hardware as Laptops,
Computer Systems, Personal Digital Assistants (PDAs), and Printers.
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Dalis Consultants
Use of Cloud Computing
The cloud computing model that will be used in the case of Dalis Consultants shall be
Software as a Service (SaaS). SaaS is defined as a model in which the software is owned and
delivered by the cloud vendor. The delivery of the software code and services is made on the
basis of common data definitions and codes. The pay per use or subscription pricing model is
used in this case of cloud model.
There are various reasons that are present behind the recommendation of SaaS as the cloud
model for Dalis Consultants. The approach that Dave and Lisa have decided to go for will be
Activity based Working. The requirements in this case will be dynamic and may change
rapidly (Tan, Liu, Sun & Spence, 2013). The company therefore will not be required to
purchase too many additional hardware tools and equipment as the applications and services
will be hosted by the cloud vendor and providers. The vendor will arrange for the Application
Programming Interface (APIs) to allow Dalis Consultants to carry out their activities. Pay per
Use model will be involved as a pricing model that will make sure that the overall model and
its associated services are cost-effective (Palos-Sanchez, Arenas-Marquez & Aguayo-
Camacho, 2017). The ready-to-use time involved in this case will be less. The tourism agency
that is the new client for the company will want the development, deployment, and
implementation activities to begin quickly. SaaS model will ensure that rapid demonstrations
4
Use of Cloud Computing
The cloud computing model that will be used in the case of Dalis Consultants shall be
Software as a Service (SaaS). SaaS is defined as a model in which the software is owned and
delivered by the cloud vendor. The delivery of the software code and services is made on the
basis of common data definitions and codes. The pay per use or subscription pricing model is
used in this case of cloud model.
There are various reasons that are present behind the recommendation of SaaS as the cloud
model for Dalis Consultants. The approach that Dave and Lisa have decided to go for will be
Activity based Working. The requirements in this case will be dynamic and may change
rapidly (Tan, Liu, Sun & Spence, 2013). The company therefore will not be required to
purchase too many additional hardware tools and equipment as the applications and services
will be hosted by the cloud vendor and providers. The vendor will arrange for the Application
Programming Interface (APIs) to allow Dalis Consultants to carry out their activities. Pay per
Use model will be involved as a pricing model that will make sure that the overall model and
its associated services are cost-effective (Palos-Sanchez, Arenas-Marquez & Aguayo-
Camacho, 2017). The ready-to-use time involved in this case will be less. The tourism agency
that is the new client for the company will want the development, deployment, and
implementation activities to begin quickly. SaaS model will ensure that rapid demonstrations
4
Dalis Consultants
and prototyping is quickly done. Technology is witnessing several changes with each passing
day. The dynamic needs of Dalis Consultants along with the requirement of technology will
be met by SaaS model as the updates and security patches will be released by the vendor at
regular intervals. The management of these upgrades and security will be the responsibility of
the vendor and any security occurrences will also be handled by the cloud provider. SaaS
models also have higher adoption rates and lower learning curves as compared to PaaS and
IaaS. Scalability is another primary reason and benefit that is associated with the SaaS model.
It may be necessary to keep the applications and services scaled up or down as per the
requirement (Garon, 2011).
Approach to Internet Connectivity
Virtual Private Networks (VPN) will be used for internet connectivity. It will provide long-
distance and secure connections to allow Dalis Consultants to establish a secure network
infrastructure. The primary reason behind the recommendation of VPN for the company is
the enhanced security that comes along with it (Sobh & Aly, 2011). There are various
security threats and attacks that are observed in associated with the cloud networks and
architectures. The use of VPNs will make sure that the data and information sets are
encrypted and are kept protected at all times. Remote access, monitoring, and control will be
possible for Dave, Lisa, and other senior resources in the company with the aid of a VPN. It
may also be required for the company to share files with the tourism agency and other clients
for longer periods of time. Such utility will be securely made possible through a VPN. These
networks will also provide enhanced performance and bandwidth along with anonymity that
may be required in certain scenarios. The maintenance cost that is associated with VPNs is
generally low as compared to the other network connections. In this case these networks will
be implemented and managed by a third-party and therefore surveillance and network setup
will not be an issue (Kim & Yang, 2010).
High-speed fibre optic transmission will be used for transmitting the information. It will offer
the benefits as:
Extremely High Bandwidth: The other transmission mediums, such as coaxial cables
and twisted pair cables do not offer the bandwidth as high as the one offered with
fibre optics. Transmit per unit time that comes along with these cables is the best.
5
and prototyping is quickly done. Technology is witnessing several changes with each passing
day. The dynamic needs of Dalis Consultants along with the requirement of technology will
be met by SaaS model as the updates and security patches will be released by the vendor at
regular intervals. The management of these upgrades and security will be the responsibility of
the vendor and any security occurrences will also be handled by the cloud provider. SaaS
models also have higher adoption rates and lower learning curves as compared to PaaS and
IaaS. Scalability is another primary reason and benefit that is associated with the SaaS model.
It may be necessary to keep the applications and services scaled up or down as per the
requirement (Garon, 2011).
Approach to Internet Connectivity
Virtual Private Networks (VPN) will be used for internet connectivity. It will provide long-
distance and secure connections to allow Dalis Consultants to establish a secure network
infrastructure. The primary reason behind the recommendation of VPN for the company is
the enhanced security that comes along with it (Sobh & Aly, 2011). There are various
security threats and attacks that are observed in associated with the cloud networks and
architectures. The use of VPNs will make sure that the data and information sets are
encrypted and are kept protected at all times. Remote access, monitoring, and control will be
possible for Dave, Lisa, and other senior resources in the company with the aid of a VPN. It
may also be required for the company to share files with the tourism agency and other clients
for longer periods of time. Such utility will be securely made possible through a VPN. These
networks will also provide enhanced performance and bandwidth along with anonymity that
may be required in certain scenarios. The maintenance cost that is associated with VPNs is
generally low as compared to the other network connections. In this case these networks will
be implemented and managed by a third-party and therefore surveillance and network setup
will not be an issue (Kim & Yang, 2010).
High-speed fibre optic transmission will be used for transmitting the information. It will offer
the benefits as:
Extremely High Bandwidth: The other transmission mediums, such as coaxial cables
and twisted pair cables do not offer the bandwidth as high as the one offered with
fibre optics. Transmit per unit time that comes along with these cables is the best.
5
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Dalis Consultants
Longer Distance: There is low power loss that is associated with the fibre optics
which indicates that the long distance transmissions can be easily carried out.
Resistance to Electromagnetic Interference and virtually noise free.
Low Security Risk: There is a lot of concern regarding the data security risks and
attacks and the use of fibre optics will provide alternate mechanism which will lead to
the prevention and control of the data security risks as well.
Signal Transmission. There is a use of light in the transmission of data or signals
through fibre optics. As a result, the chances of data leakage or breaches are nullified
providing a highly secure infrastructure (Al-Lawati, 2015).
Small Size: These cables come with an extremely small diameter. The single
multimode fibre comes with a diameter of about 2mm which is way smaller as
compared to that of coaxial copper cable. This leads to enhanced space savings and
better utilization.
Cisco Wi-Fi router will be used for establishing the network connectivity and it will be
connected with the virtual machines as laptops, printers, computer systems, and other
network peripherals. It will provide enhanced mobility and connections along with the
improved responsiveness and better access to the information and data sets.
Hardware Procurement Policy
Purpose
The purpose of the procurement policy is to highlight the terms, conditions, and matters of
agreement that will be considered as legal guidelines during the purchase of hardware
necessary for new set-up of Dalis Consultants.
Scope
The scope of the policy is limited to the purchase of hardware tools and equipment necessary
for Dalis Consultants.
Guidelines
The head of IT will provide the list of the hardware that shall be procured and it
would be essential to attach an IT Procurement Authorization form with each tool or
equipment. The user’s line manager must sign and approve the same.
6
Longer Distance: There is low power loss that is associated with the fibre optics
which indicates that the long distance transmissions can be easily carried out.
Resistance to Electromagnetic Interference and virtually noise free.
Low Security Risk: There is a lot of concern regarding the data security risks and
attacks and the use of fibre optics will provide alternate mechanism which will lead to
the prevention and control of the data security risks as well.
Signal Transmission. There is a use of light in the transmission of data or signals
through fibre optics. As a result, the chances of data leakage or breaches are nullified
providing a highly secure infrastructure (Al-Lawati, 2015).
Small Size: These cables come with an extremely small diameter. The single
multimode fibre comes with a diameter of about 2mm which is way smaller as
compared to that of coaxial copper cable. This leads to enhanced space savings and
better utilization.
Cisco Wi-Fi router will be used for establishing the network connectivity and it will be
connected with the virtual machines as laptops, printers, computer systems, and other
network peripherals. It will provide enhanced mobility and connections along with the
improved responsiveness and better access to the information and data sets.
Hardware Procurement Policy
Purpose
The purpose of the procurement policy is to highlight the terms, conditions, and matters of
agreement that will be considered as legal guidelines during the purchase of hardware
necessary for new set-up of Dalis Consultants.
Scope
The scope of the policy is limited to the purchase of hardware tools and equipment necessary
for Dalis Consultants.
Guidelines
The head of IT will provide the list of the hardware that shall be procured and it
would be essential to attach an IT Procurement Authorization form with each tool or
equipment. The user’s line manager must sign and approve the same.
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Dalis Consultants
A receipt of the form will be shared with the IT department and an acknowledgement
of the same shall be shared followed by processing.
The decision on the rejections or approvals of the requirements will be with the Head
of IT.
The decision of either acceptance or denial of a request by the Head of IT shall come
along with a brief description and explanation behind the decision.
In case of the change in quantity or type of the equipment then the IT needs to provide
a confirmation on the changes to the suppliers.
The preferred list of the suppliers for each of the equipment shall be shared with the
procurement team. However, it must not be mandatory to go for the same set of
suppliers. A market study shall be done as well (Hofstra, 2015).
The equipment and tools procured shall be first sent to the IT department wherein it
shall be checked in terms of adherence to the ordered quantity and product
specifications. Any sorts of damage will also be verified in this stage and the
equipment will then be transferred to its designated unit.
The delivery of the equipment from the IT department to the designated unit will be
arranged by the IT department itself.
The installation of the equipment and notification to the management regarding the
completion of the delivery will be performed by the resources in the IT department.
The set procedure will be followed in the process of configuration and installation and
the security guidelines and protocols must also be followed during the process.
A third-party contractor shall also be present at the time of installation and shall assist
the IT staff in the process. The regulatory, security, and quality standards and
guidelines shall be followed.
List of Hardware to be procured
Gateway will be used to connect to the on-premises network of Dalis Consultants
which will comprise of the virtual machines.
Each of these virtual machines network will be connected to the router and these
routers will be connected with a switch.
The switch and the gateways will connect and communicate with each other to
establish a connection between cloud and on-premises network.
The virtual machines present on the on-premises network will include the hardware as
Laptops, Computer Systems, Personal Digital Assistants (PDAs), and Printers.
7
A receipt of the form will be shared with the IT department and an acknowledgement
of the same shall be shared followed by processing.
The decision on the rejections or approvals of the requirements will be with the Head
of IT.
The decision of either acceptance or denial of a request by the Head of IT shall come
along with a brief description and explanation behind the decision.
In case of the change in quantity or type of the equipment then the IT needs to provide
a confirmation on the changes to the suppliers.
The preferred list of the suppliers for each of the equipment shall be shared with the
procurement team. However, it must not be mandatory to go for the same set of
suppliers. A market study shall be done as well (Hofstra, 2015).
The equipment and tools procured shall be first sent to the IT department wherein it
shall be checked in terms of adherence to the ordered quantity and product
specifications. Any sorts of damage will also be verified in this stage and the
equipment will then be transferred to its designated unit.
The delivery of the equipment from the IT department to the designated unit will be
arranged by the IT department itself.
The installation of the equipment and notification to the management regarding the
completion of the delivery will be performed by the resources in the IT department.
The set procedure will be followed in the process of configuration and installation and
the security guidelines and protocols must also be followed during the process.
A third-party contractor shall also be present at the time of installation and shall assist
the IT staff in the process. The regulatory, security, and quality standards and
guidelines shall be followed.
List of Hardware to be procured
Gateway will be used to connect to the on-premises network of Dalis Consultants
which will comprise of the virtual machines.
Each of these virtual machines network will be connected to the router and these
routers will be connected with a switch.
The switch and the gateways will connect and communicate with each other to
establish a connection between cloud and on-premises network.
The virtual machines present on the on-premises network will include the hardware as
Laptops, Computer Systems, Personal Digital Assistants (PDAs), and Printers.
7
Dalis Consultants
Roles & Responsibilities
Head of IT: Approval/Rejection of the purchase orders along with explanation of the
decision that is made.
IT Manager & Staff: Assistance in the configuration and installation process,
verification of the equipment received
User’s Line Manager: Assurance that the procurement processes adhere to the policy
and the standards specified.
Supplier’s Head: Negotiations with the suppliers and contractors
Market Analyst: Analysis of the market data and information on the hardware
equipment performing the best and suitable for the company
Software Applications Policy
Purpose
The purpose of the policy is to make sure that the software applications to be used and
implemented in the organization are adequately done.
Scope
The scope of the policy is to provide the guidelines on the configuration, purchasing,
licensing, and implementation of software applications.
Guidelines
The CIO will provide the list of the software that shall be purchased and it would be
essential to attach an Software Requirements Form along with the same.
A receipt of the form will be shared with the IT department and an acknowledgement
of the same shall be shared followed by processing.
The decision on the rejections or approvals of the requirements will be with the CIO.
The decision of either acceptance or denial of a request by the CIO shall come along
with a brief description and explanation behind the decision.
In case of the change in specifications or type of the software package then the IT
needs to provide a confirmation on the changes to the suppliers.
The preferred list of the suppliers for each of the software shall be shared with the
procurement team. However, it must not be mandatory to go for the same set of
suppliers. A market study shall be done as well.
8
Roles & Responsibilities
Head of IT: Approval/Rejection of the purchase orders along with explanation of the
decision that is made.
IT Manager & Staff: Assistance in the configuration and installation process,
verification of the equipment received
User’s Line Manager: Assurance that the procurement processes adhere to the policy
and the standards specified.
Supplier’s Head: Negotiations with the suppliers and contractors
Market Analyst: Analysis of the market data and information on the hardware
equipment performing the best and suitable for the company
Software Applications Policy
Purpose
The purpose of the policy is to make sure that the software applications to be used and
implemented in the organization are adequately done.
Scope
The scope of the policy is to provide the guidelines on the configuration, purchasing,
licensing, and implementation of software applications.
Guidelines
The CIO will provide the list of the software that shall be purchased and it would be
essential to attach an Software Requirements Form along with the same.
A receipt of the form will be shared with the IT department and an acknowledgement
of the same shall be shared followed by processing.
The decision on the rejections or approvals of the requirements will be with the CIO.
The decision of either acceptance or denial of a request by the CIO shall come along
with a brief description and explanation behind the decision.
In case of the change in specifications or type of the software package then the IT
needs to provide a confirmation on the changes to the suppliers.
The preferred list of the suppliers for each of the software shall be shared with the
procurement team. However, it must not be mandatory to go for the same set of
suppliers. A market study shall be done as well.
8
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Dalis Consultants
The software packages purchased shall be first sent to the IT department wherein it
shall be checked in terms of adherence to the ordered quantity and product
specifications. Any sorts of compatibility or technical issues shall be reported
immediately.
The configuration of the software package from the IT department to the designated
unit will be arranged by the IT department itself.
The installation of the software application and notification to the management
regarding the completion of the delivery will be performed by the resources in the IT
department.
The set procedure will be followed in the process of configuration and installation and
the security guidelines and protocols must also be followed during the process.
A third-party contractor shall also be present at the time of installation and shall assist
the IT staff in the process. The regulatory, security, and quality standards and
guidelines shall be followed.
The licensing and warranty details shall be validated.
List of Software Applications to be purchased
Database Engines and Servers: Microsoft SQL Server, MySQL Database, and
MongoDB NoSQL Cloud Database.
Development & Design Tools: Microsoft Visual Studio, Adobe Dreamviewer,
Microsoft Visio.
Testing Tools: HP Quality Centre, Bugzilla, TestLink
Microsoft Project
Operating Systems: Windows, Macintosh, Linux, UNIX
Roles & Responsibilities
CIO: Approval/Rejection of the purchase orders along with explanation of the
decision that is made.
IT Department: Assistance in the configuration and installation process, verification
of the software package received
Supplier’s Head: Negotiations with the suppliers and contractors
Market Analyst: Analysis of the market data and information on the hardware
equipment performing the best and suitable for the company
Legal Representative: Verification on the licensing and warranty requirements
9
The software packages purchased shall be first sent to the IT department wherein it
shall be checked in terms of adherence to the ordered quantity and product
specifications. Any sorts of compatibility or technical issues shall be reported
immediately.
The configuration of the software package from the IT department to the designated
unit will be arranged by the IT department itself.
The installation of the software application and notification to the management
regarding the completion of the delivery will be performed by the resources in the IT
department.
The set procedure will be followed in the process of configuration and installation and
the security guidelines and protocols must also be followed during the process.
A third-party contractor shall also be present at the time of installation and shall assist
the IT staff in the process. The regulatory, security, and quality standards and
guidelines shall be followed.
The licensing and warranty details shall be validated.
List of Software Applications to be purchased
Database Engines and Servers: Microsoft SQL Server, MySQL Database, and
MongoDB NoSQL Cloud Database.
Development & Design Tools: Microsoft Visual Studio, Adobe Dreamviewer,
Microsoft Visio.
Testing Tools: HP Quality Centre, Bugzilla, TestLink
Microsoft Project
Operating Systems: Windows, Macintosh, Linux, UNIX
Roles & Responsibilities
CIO: Approval/Rejection of the purchase orders along with explanation of the
decision that is made.
IT Department: Assistance in the configuration and installation process, verification
of the software package received
Supplier’s Head: Negotiations with the suppliers and contractors
Market Analyst: Analysis of the market data and information on the hardware
equipment performing the best and suitable for the company
Legal Representative: Verification on the licensing and warranty requirements
9
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Dalis Consultants
Security Strategy
There are a number of security risks and attacks that may take place with the decision that has
been taken by Dave and Lisa. It is because the use and involvement of cloud architecture and
networks will lead to the presence of a number of access points. These access points may be
utilized by the malevolent entities to give shape to the security attacks.
The common attacks that may occur include malware attacks, eavesdropping attacks, data
breaches and leakage, exploitation of vulnerabilities, account hacking, man in the middle
attacks, spoofing attacks, SQL injection attacks, denial of service attacks, distributed denial
of service attacks, and phishing attacks (Rabai, Jouini, Aissa & Mili, 2013).
The security strategy that the organization shall follow and implement has been explained
using the three types of controls that shall be used.
Administrative Controls
These shall include the development of an Information Security Plan & Policy for the
company. This document shall list out all the possible types of security attacks that may take
place along with the control strategy that shall be used for dealing with the same.
The information on the security roles and responsibilities shall also be specified so that there
are no risks regarding the communication gaps and confusions among the resources. The
Chief Information Security officer, Security Manager and senior advisors shall also carry out
security audits and reviews. The adherence to the security protocols and standards shall be
verified in this process (Julisch & Hall, 2010).
Logical or Technical Controls
There are a number of logical and technical controls that may be used and must be
implemented to deal with the security risks and attacks.
The primary set of tools include anti-malware and anti-denial tools to avoid and prevent the
attacks by viruses, ransomware, adware, and other forms of malware along with the
prevention against the denial of service attacks. There shall also be use of encryption
mechanisms as well on the data and information sets. The proposed architecture makes use of
Virtual Private Networks that will enhance the same. The use of encryption algorithms such
as advanced encryption algorithm, hashing algorithms, multi-path asymmetric encryption,
etc. shall be used. There are also multiple attacks that may take place due to network access
points. These shall be avoided, detected, and controlled with the use of network-based
10
Security Strategy
There are a number of security risks and attacks that may take place with the decision that has
been taken by Dave and Lisa. It is because the use and involvement of cloud architecture and
networks will lead to the presence of a number of access points. These access points may be
utilized by the malevolent entities to give shape to the security attacks.
The common attacks that may occur include malware attacks, eavesdropping attacks, data
breaches and leakage, exploitation of vulnerabilities, account hacking, man in the middle
attacks, spoofing attacks, SQL injection attacks, denial of service attacks, distributed denial
of service attacks, and phishing attacks (Rabai, Jouini, Aissa & Mili, 2013).
The security strategy that the organization shall follow and implement has been explained
using the three types of controls that shall be used.
Administrative Controls
These shall include the development of an Information Security Plan & Policy for the
company. This document shall list out all the possible types of security attacks that may take
place along with the control strategy that shall be used for dealing with the same.
The information on the security roles and responsibilities shall also be specified so that there
are no risks regarding the communication gaps and confusions among the resources. The
Chief Information Security officer, Security Manager and senior advisors shall also carry out
security audits and reviews. The adherence to the security protocols and standards shall be
verified in this process (Julisch & Hall, 2010).
Logical or Technical Controls
There are a number of logical and technical controls that may be used and must be
implemented to deal with the security risks and attacks.
The primary set of tools include anti-malware and anti-denial tools to avoid and prevent the
attacks by viruses, ransomware, adware, and other forms of malware along with the
prevention against the denial of service attacks. There shall also be use of encryption
mechanisms as well on the data and information sets. The proposed architecture makes use of
Virtual Private Networks that will enhance the same. The use of encryption algorithms such
as advanced encryption algorithm, hashing algorithms, multi-path asymmetric encryption,
etc. shall be used. There are also multiple attacks that may take place due to network access
points. These shall be avoided, detected, and controlled with the use of network-based
10
Dalis Consultants
intrusion detection and prevention systems, network logs, automated network monitors and
scanners (Srivastava & Kumar, 2015).
The use of multi-fold authentication and advanced access control measures will be extremely
essential. It is because the case of data breaches and leakages may occur because of the
violation of the authorization principles. There are newer forms of access control measures
such as role based and attribute based access control that shall be used along with the use of
Biometric recognition and single sign on and one time passwords for authentication.
There are scenarios that occur with the involvement of cloud computing that lead to the
violation of security principles. There shall be disaster recovery schemes and plans that must
be developed by the organization to be ready with the strategies for damage control and
recovery. There shall also be backup plans and schemes ready along with automated backup
of the data and information sets that are used.
Physical Security Controls
It is often seen that physical security is now disregarded with the advancement of technology.
However, Dalis Consultants must place security guards and personnel at the entry and exit
points to make sure physical security violation is not occurred.
There shall also be measures that must be taken for physical security of the devices that are
used along with the data centres and server rooms that will be set up in the new location.
11
intrusion detection and prevention systems, network logs, automated network monitors and
scanners (Srivastava & Kumar, 2015).
The use of multi-fold authentication and advanced access control measures will be extremely
essential. It is because the case of data breaches and leakages may occur because of the
violation of the authorization principles. There are newer forms of access control measures
such as role based and attribute based access control that shall be used along with the use of
Biometric recognition and single sign on and one time passwords for authentication.
There are scenarios that occur with the involvement of cloud computing that lead to the
violation of security principles. There shall be disaster recovery schemes and plans that must
be developed by the organization to be ready with the strategies for damage control and
recovery. There shall also be backup plans and schemes ready along with automated backup
of the data and information sets that are used.
Physical Security Controls
It is often seen that physical security is now disregarded with the advancement of technology.
However, Dalis Consultants must place security guards and personnel at the entry and exit
points to make sure physical security violation is not occurred.
There shall also be measures that must be taken for physical security of the devices that are
used along with the data centres and server rooms that will be set up in the new location.
11
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 13
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.