Skip to main content

[TW] IT documents, audit and leaders

IT documents comes with different names such as the following: - Manual or handbook, - Policies and procedures, - Management systems, - Project plans. In the real world we have various names with unique descriptions and purposes when in fact they could be made to do a uniform direction for which actions are based for the entire IT initiatives, probably the longest in IT lifecycle is operation. The problem is our inclination on something else which is wrong. IT remains an IT area. Business remains a business area. The same problem is carried out when we conduct IT audit. Most audit are missing the gists in which IT is being used by businesses. We once said that an effective IT audit is conducted by IT people themselves but there is something wrong with that even. Business and accounting people have been doing it with a different bias and preconceived notions which doesn't make the cut for IT direction and audit respectively. Leaders play the same game and so the problem continues an

Deal security

Do not talk security attacks unless things, in the first place, have already been ironed out. This can be taken up but not as the primary issue yet. It goes to say, particularly if information infrastructure is still being laid out, that ICT strategies e.g. few to consider are usability, capacity and security, and in general, have to be dealt with first and foremost.

With all the tested technology specifically for security purposes, why organizations still cannot get rid of the attacks?

The following few might be one of the answers:

IPv4 is really not secure

There is two or more, if not a single straight way, to mitigate it. If it is done correctly organization can still be secure.

Plan IPv6 and turn it on now. Caveat: We still have to see how capable it is however the next generation Internet protocol has been addressed to have security integrated in the design.

Funding not enough to address security

Fund it or what many advised it never connect to the Internet.

Security not part of planning and design or had been overlooked and perceived not to be as important that time, just like when IPv4 was being developed

Good ICT programs would not only single out to address, like for instance, security. ICT presents so many opportunities and it needs to be planned and carried out very carefully. Whatever the outcome is, we know where we are moving towards, either we are doing good or bad business. Many organizations depends on IT to maximize delivery of services and inaccessible of information in the network, might derail the day with all concerned stakeholders and the overall operations so to speak. 

Comments

Popular posts from this blog

Expressed information is key

It must be a great deal, nowadays. Though, not easy to accomplish and as easy as we say it, not impossible to re/construct it considering all the resources being wasted and ruined unwittingly, as the most probable causes ever. Given that we always try hard to be understood every time. With the COVID19 onslaught, or in any manner of emergency cases, it is very important for people to know where to find authoritative information. Mostly, we go to our government and organization's websites, the almost permanent fixture of our public information. We tune in to press conference and telecommunications' alert messaging on behalf of, or directives from the government and, its customers. Sometimes, the news would find us. Governments, international organizations and multinational companies need to have a coordinated strategy how to dispatch information, which can be a guidance what needs to be done and anything special when it comes to the safety and welfare of everyone. Above all, cru

[TW] IT documents, audit and leaders

IT documents comes with different names such as the following: - Manual or handbook, - Policies and procedures, - Management systems, - Project plans. In the real world we have various names with unique descriptions and purposes when in fact they could be made to do a uniform direction for which actions are based for the entire IT initiatives, probably the longest in IT lifecycle is operation. The problem is our inclination on something else which is wrong. IT remains an IT area. Business remains a business area. The same problem is carried out when we conduct IT audit. Most audit are missing the gists in which IT is being used by businesses. We once said that an effective IT audit is conducted by IT people themselves but there is something wrong with that even. Business and accounting people have been doing it with a different bias and preconceived notions which doesn't make the cut for IT direction and audit respectively. Leaders play the same game and so the problem continues an