University HRIS: Risk Analysis, Strategies, and Mitigation Report

Verified

Added on 2023/03/17

AI Summary

This report conducts a comprehensive risk analysis of a Human Resource Information System (HRIS), identifying and evaluating five key potential risks. These include security vulnerabilities, unauthorized access to data, cost-related factors, the input of inaccurate data, and incomplete or poor system planning. The report categorizes these risks as either positive or negative, providing a detailed discussion of each. It outlines proposed strategies to mitigate each identified risk, such as implementing robust encryption for system security, strict access controls managed by the Database Administrator (DBA), regular server checks to prevent high traffic and unauthorized access, and employee training to ensure data accuracy. The report concludes that while cost is considered a positive risk factor, all other identified risks pose negative impacts on the organization, emphasizing the importance of proactive risk management in HRIS implementation.

Running head: RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
Table of Contents
1. Introduction............................................................................................................................2
2. Discussion..............................................................................................................................3
IDENTIFIED RISK...........................................................................................................4
i)Security of the system......................................................................................................4
ii)Unauthorized access.......................................................................................................4
iii) Cost factor risk.............................................................................................................5
iv) Input of inaccurate data................................................................................................5
Incomplete or poor planning of system..............................................................................5
Conclusion..................................................................................................................................6

2RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
1. Introduction
The information system of an organization is set of hardware and software network
which is capable of collecting, filtering, processing and distributing data of the people
connected to that organization (Rainer, Cegielski, Splettstoesser-Hogeterp & Sanchez-
Rodriguez, 2013). The information system which is required to allow all the employees,
students and customers of an organization to maintain their human resource information like
address, contact numbers and other personal information is called Human Resource
Information System (HRIS). The report will discuss the five potential risks of this HRIS and
the positive and negative risks of the system along with the proposal of strategies for
addressing each risk.

3RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
2. Discussion
Human Resource Information System (HRIS) is a set of hardware and software
system installed in the organization to allow employees, students or faculties of that
organization to access their data or information (Armstrong & Taylor, 2014). The
organization is developing an information system which will allow the employees of that
organization to access and maintain their human resource or personal information (Watters &
Keane, 2013). The errors due to human interference from the human resource department of
that organization would be reduced significantly due to the installation of this new system.
The employees of that organization would be responsible for the manipulation of theirdata
after the implementation of the HRIS.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM

5RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
IDENTIFIED
RISK
DESCRIPTION
OF THE RISK
PROPOSED
STRATEGIES
FOR THE RISK
POSITIVE RISK
OR NEGATIVE
RISK
i)Security of the
system
The Database
Administrator DBA
is responsible for
granting any kind of
permission to the
employees for
accessing the data in
HRIS. The
employees can
access only that part
of data which is
granted by the DBA
(O'neil, 2014). The
encryption of the
HRIS is also
essential; without
the encryption in the
software, the system
can be vulnerable to
malware attacks.
The risk of security
can be addressed by
providing proper
encryption to the
software of the
HRIS. The DBA has
to act more
responsibly in order
to avoid the risk
(Noe et al., 2017).
The database system
of the organization
should be made
more robust to
counter security
issues.
This risk is negative.
ii)Unauthorized
access
DBA is responsible
for tracking the
employees who
access the HRIS.
Sometimes DBA can
lose track of the
employees accessing
the system due to
high traffic in the
server. In this
situation, anyone can
access the system
without
authorization from
the DBA.
The risk of
unauthorized access
can be addressed by
DBA only. DBA has
to keep track of
every record of the
employees accessing
the HRIS. The
server of the system
should be checked
regularly in order to
avoid high traffic.
This risk is negative
iii) Cost factor risk A smaller
organization can
have a problem due
to the high
maintenance cost of
the HRIS. The HRIS
requires regular
maintenance of the
system by DBA,
The cost factor of
the HRIS is one time
investment, but the
maintenance of the
system needs
investment.
Implementation of a
new type of software
which would require
This risk is positive.

6RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
without which the
system becomes
vulnerable.
less maintenance can
neutralize this risk
factor of the system.
iv) The input of
inaccurate data
The employees who
enter their data in
the HRIS are
responsible for any
mistake. There is no
cross checking of
data asthe system
does not verify the
data given to the
system by the
employee.
The DBA of the
HRIS has to check
the data given by the
employee and the
employee have to be
more responsible
while entering their
data.
The risk is negative.
Incomplete or poor
planning of system
Incomplete HRIS
can increase the
chance of risk for
the system. Poorly
planned HRIS can
also lead to leakage
of data from the
system.
Each phase of the
HRIS should be
planned, and a
detailed plan should
be considered in
order to reduce the
risk of data leakage.
This risk is negative.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
Conclusion
From the above discussion, we can conclude that the risk of the Human Resource
Information System has been identified and are classified based on their description. The
identified risk factor of the Human Resource Information System is security risk of the
system, unauthorized access from an internal employee of the organization or anyone from
outside the organization, cost risk factor, the input of inaccurate data and incomplete or poor
planning of the system. The cost risk factor is the only positive risk factor and all the other
mentioned risk factors are a negative risk factor for the organization. There are many ways to
avoid the risk factor of HRIS in the organization.

8RISK ANALYSIS OF HUMAN RESOURCE INFORMATION SYSTEM
References
Armstrong, M., & Taylor, S. (2014). Armstrong's handbook of human resource management
practice. Kogan Page Publishers.
Noe, R. A., Hollenbeck, J. R., Gerhart, B., & Wright, P. M. (2017). Human resource
management: Gaining a competitive advantage. New York, NY: McGraw-Hill
Education.
O'neil, P. (2014). DATABASE: principles programming performance. Morgan Kaufmann.
Rainer, R. K., Cegielski, C. G., Splettstoesser-Hogeterp, I., & Sanchez-Rodriguez, C.
(2013). Introduction to information systems. John Wiley & Sons.
Watters, J. P., & Keane, M. (2013). U.S. Patent No. 8,438,644. Washington, DC: U.S. Patent
and Trademark Office.
Wiemer, D., Gustave, C., Chow, S. T., & Mcfarlane, B. K. (2013). U.S. Patent No.
8,438,643. Washington, DC: U.S. Patent and Trademark Office.