IT Governance Framework Analysis, Standards, and Compliance Report

Verified

Added on 2020/05/28

AI Summary

This report provides an analysis of IT governance, Australian standards, and compliance within a company setting, drawing on an internship experience. The report begins by examining the Factor Analysis of Information Risk (FAIR) framework, used for quantifying information loss risk, and its impact on security, reliability, and decision-making. It then discusses the application of the Disability Discrimination Act 1992 in the context of an IT internship, highlighting a case of discrimination related to autism and the importance of adhering to Australian standards. Finally, the report details the steps involved in compliance management for project development, particularly in the context of a Natural Language Processing project, emphasizing the assessment of compliance risks, integrity, and sustainability. The report references several academic sources to support the presented information and provides a comprehensive overview of IT governance and compliance practices.

IT governance framework (Question 1)
My host company uses FAIR as an IT governance framework. FAIR which stands for
Factor Analysis of Information Risk is a framework model that is used to quantify the risk of
information loss. Information is vital to every company, and any chance of information loss can
lead the company to lose trust of its members. The focus of this model is the risk of losing
information through cybersecurity and also operation risk. Some of its structural components
include the scope and the input and analysis results. The range defines the extent to which the
analysis is conducted. The input contains the data variables to be analyzed while the analysis
results give the output of the investigation (Aven, 2012).
The company information technology administrator can decide to run a FAIR-U tool
which is a website application designed to analyze the risk of information loss through the
website. The IT governance framework is fundamental to this company because it enhances
security, reliability, and management of the information. Assessing risk helps the company
mitigate any forms of threats that may damage the reputation of the company. FAIR ensures that
the individuals who may have caused information loss are accountable and responsible for their
actions by identifying them as threats to the company. FAIR enhances decision-making process
in the company by exposing all the facts to the company board of governance on the best ways of
mitigating the cyber security issues (Peterson & Fabozzi, 2012).
References
Aven, T. (2012). Foundations of risk analysis. Hoboken, N.J: Wiley.
Peterson, D. P., & Fabozzi, F. J. (2012). Analysis of financial statements. Hoboken, N.J: Wiley.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Australian Standards (Question 2)
One of the Australian Standard I took account of when I was fulfilling my duty as an
intern is disability Discrimination Act 1992 (Burrows, 2000. When I was hired for an IT
internship, I told the hiring manager that I was suffering from autism syndrome. Autism disorder
is a syndrome where someone is not able to communicate and interact appropriately with others.
In my case, I had gone through several therapies and established that despite the fact that the
syndrome had affected the way I communicated with others, my judgments were based on
intelligence and experience (Benaron, 2009).
The IT manager did not recognize me as one of his interns and always gave me duties
that were not related to my field of expertise as a way to discriminate me. There were times I
would finish up my tasks earlier enough and request him to supervise me in one of the IT
projects just to gain confidence in him, but that could only fall on deaf ears. Due to my inability
to interact with others, my friends could not understand what I was going through and nobody
was concerned (Australian Building Codes Board, 2002).
One day, I decided to approach him. I didn’t want to report him to the administration for
discriminating me but I kept on suffering. One day, the hiring manager met me at the corridors
carrying a broom and asked me why I was not participating in a server installation that was
taking place at the finance department. The hiring manager helped me file a suit against the IT
manager because of discriminating me on the basis of autism.
References
Benaron, L. D. (2009). Autism. Westport, Conn: Greenwood Press.
Australian Building Codes Board. (2002). Disability standard on access to premises. Canberra: The
Board.

Compliance (Question 3)
As an intern, I was involved with a lot of project development, design, and
implementation. The projects were based on improving the operations of the company by
minimizing most of the manual work. Every project that was done in the organization followed
several steps before the company allocating fund to development of the project.
The most critical step in the project development is compliance management. In the
compliance management, the developers of the project have to ensure that the project complied
with the company policies. There are four steps through which the compliance officers analyze
the projects. I was in a team developing a project in Natural Language Processing based on
extracting entity information from a foreign language.
The first compliance step in this project was to understand the compliance risk
assessment of the project. In this case, the project is criticized by the compliance officers to
follow if developing it might bring any compliance issue to the company (Dalal-Clayton, 2014).
The second step was integrity and compliance performance assessment. In this case, the project
viability was assessed. Would the project development bring integrity issues to the company?
How would its performance help the company? The third step was the integrity and compliance
program implementation and improvement. The question to ask is if the implementation of the
project would jeopardize the integrity of the company (Australia Financial Center, 2009). The
last step is compliance sustainability and monitoring which seeks to understand if the company
has a way of sustaining and monitoring the project after implementation.
References
Dalal-Clayton, D. B. (2014). Sustainability appraisal: A sourcebook and reference guide to
international experience.
Australia Financial Centre. (2009). Qfinance: The ultimate resource.

1 out of 3

Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email