Discuss about the IS Security and Risk Management for Woolworths Limited.
This report depicts the impact of Information System security model in the nominated organization, named as Woolworths Limited. It is found that proper security will help the company to gain economic profit and competitive advantages. In order to process and run any business successfully, Information System plays active role. Information System can process both the operational and functional activities for mitigating the entrepreneurial issues (Fernie & Sparks, 2014). After identifying the current status of the company and its statistical data security recommendations are also illustrated in this report.
The IS model used in Woolworths Limited, is based on Supply chain management. The company has a SAP based ERP module that helps the company to gain effective business revenue and commercial success. The IS model its application, security standard and control system that should be incorporated to resolve the obstacles are illustrated in this report. Apart from this, a risk analysis and contingency plan for the organization analyzing the IS threats, vulnerabilities and tool including social engineering are also illustrated in this report.
The Information System Security model used by the business organization is SAP based ERP but currently they have invested huge amount for Supply chain management (SCM). The aim of the company is to provide quality products and service to the consumers belongs to Australia and New Zealand (Whyte, 2016). Besides this, Woolworths is also focused to improve their stock turn for optimizing the network efficiency and to ensure that they are serving in more than 800 stores in United Kingdom. With SCM, it can remove all negative perceptions and place its brand value at a top position. It has 205,000 employees who serve over 30 millions of customers in 3000 stores.
Woolworths Limited used to use manual Information management system to manage their financial and personnel data. However, it faced many issues while managing their data manually because manual data management system was all managed by human. Due to excessive rate of manmade errors, the company was wished to develop an Information system during selling products both offline and online (Stadtler, 2015). For managing large number of clients, financial data and personnel data of the employees, Woolworths has planned to implement Information System (SCM) to increase its operational security. Woolworths has as a whole ERP module but the SCM information System helps it to establish a bridge between its selling and buying details. After adopting the SCM, the benefits that the company has gained re as follows:
Comparison between the General Management Control (GCM) and Application Control (AC) for Information System of Woolworths Limited
Woolworths Limited has adopted Supply Chain Management Information System for their company to make them deal with all applications served. General Management Control is a set of procedure and policies related to all its application whereas; AC deals with only the IS applications (Brandenburg et al., 2014). The business functionalities and operation are supported accurately with the ACs. The mainframe of the business organization is controlled with ACs. The benefits can be gained from GCM are as follows:
The benefits of Application Control are as follows:
On the other hand, the features of General Control Management System of Woolworths are as follows:
Currently each SME is adopting Information Systems in terms of Supply Chain Management (SCM), ERP, and CRM etc. It helps the company to deal with its operational and functional activities for gaining commercial success in terms of economic profit (Dubey et al., 2017). The feature of ACs and GCM system implies that, in order to increase the managerial capabilities of the activities different organizations possess different management approaches. Each business has GCM but all companies do not possess proper ACs.
In the project initiation and requirement phase, all the security standard and system control approaches are needed to be incorporated by the project executives. It is observed that Woolworths follows best of the standard security approaches to keep their Information system secured from external attackers. Information Security is concerned with integrity, confidentiality, integrity of data (Jacobs, Chase & Lummus, 2014). The security standard used by the company is followed by ISO 17799:2005 which contains the following components:
Security policy: The security policy control of Woolworths addresses proper level of management support, commitment and path towards the accomplishment of Information Security objectives. The IS document or policy statement governing the security objectives of the company (Abunar & Zerban, 2016). Through assigning both ownership and review schedule the commitment of the company to its Information Security is established.
Asset management: This policy standard for asset management is also adopted to make sure that introduction, transfer, removal or even disposal of any asset will not be conducted without authentication.
Access control: Woolworths has enough server security features, due to the application of technical advances none of the unwanted user will be able to access the server without authorization or permission.
System development and maintenance control: This standard addresses the ability of Woolworths to make sure its information system security and maintenance (Martinez-Jurado & Moyano-Fuentes, 2014). Cryptography, system integrity are the application followed by the company to track, evaluate and verify system requirements.
Communication and operational management: It ensures the operations of the assets are conducting towards correct direction. This security and control policy deals with capacity planning, duty segregation, network management etc.
The organizational structure of Woolworths Limited contains board of director, management board, management committee members and employees and all the stakeholders are responsible to analyze the possible risks (Dubey et al., 2017). Based upon that IS related risk management and contingency planning should be developed by the company. For managing risks the practical applications on IS to be incorporated are as follows:
Reliability: In order to ensure the consistency of the information the IS used by Woolworths should have to be reliable.
Confidentiality: It restricts unauthenticated data access from the users end.
Availability: Ensure that all necessary data are available to the users (Martinez-Jurado & Moyano-Fuentes, 2014)
Integrity: It provides collective accuracy and consistency of stored information
Security: Uses application firewall and DMZ to prevent information theft
For gaining competitive advantages and commercial success in the market place, proper contingency planning phases are necessary to be acquired. In order to process the business operations, Woolworths put in place a Management Control (GMC) that helps it to assess the performance of all the available resources (physical and human). In order to keep the data safe from unauthenticated access the developed contingency plan for Woolworths should maintain the following steps:
Lack of advanced technology based operations and functionalities a company may face different Information Security threats or vulnerabilities such as:
Social engineering is referred to as another tool that helps organization to keep their data safe from the external assaults. Different available tolls those are expected as can minimize security threats are as follows:
Among all these above mentioned tools audit planning and processing are the two very important activities to be considered by Woolworths to gain commercial and competitive success (Jacobs, et al., 2014). After analyzing the basic requirements and resources the company should develop their audit plan. It is the responsibility of the project manager and finance manager to gone through a feasibility study to understand whether the business outcome will be beneficial or not. For achieving accurate finance report and business objectives, proper audit planning for each of the IS components are necessary and at the same time that must be processed properly (Abunar & Zerban, 2016). Standard audit plan will safeguard the data quality and also will reduce the total investment cost. Woolworths has a secured SCM system that
Conclusion
From the overall discussion it can be concluded that, with the help of Supply Chain Management Information System (IS), revolutionary changes have brought in Woolworths Limited. The company has also invested over 60% of their total investment to control the applications. Considering the business components of Woolworths, it has been found that Information System technology can eventually produce organizational substitute, capital and labor. Information system has the ability to automate the process of production with lesser amount of capital. The current technological era, defines that Information System is one of the most widely used advanced technological excellences that has turned Woolworths Limited’s business from manual to an automotive. The IS security model should follow standard control approaches. Different
References
Abunar, S.M. & Zerban, A.M., (2016). Enhancing Accounting Information Systems to Facilitate Supply Chain Management between Supermarkets/Suppliers: The case of Saudi Arabia. Journal of Accounting & Marketing, 5(2), pp.1-7.
Brandenburg, M., Govindan, K., Sarkis, J., & Seuring, S. (2014). Quantitative models for sustainable supply chain management: Developments and directions. European Journal of Operational Research, 233(2), 299-312.
Denolf, J.M., Trienekens, J.H., Wognum, P.N., van der Vorst, J.G. & Omta, S.O., (2015). Towards a framework of critical success factors for implementing supply chain information systems. Computers in Industry, 68, pp.16-26.
Dubey, R., Gunasekaran, A., Papadopoulos, T., Childe, S. J., Shibin, K. T., & Wamba, S. F. (2017). Sustainable supply chain management: framework and further research directions. Journal of Cleaner Production, 142, 1119-1130.
Fernie, J., & Sparks, L. (2014). Logistics and retail management: emerging issues and new challenges in the retail supply chain. Kogan page publishers.
Jacobs, F. R., Chase, R. B., & Lummus, R. R. (2014). Operations and supply chain management (pp. 533-535). New York, NY: McGraw-Hill/Irwin.
Laudon, K. C., & Laudon, J. P. (2016). Management information system. Pearson Education India.
Martinez-Jurado, P. J., & Moyano-Fuentes, J. (2014). Lean management, supply chain management and sustainability: a literature review. Journal of Cleaner Production, 85, 134-150.
Monczka, R. M., Handfield, R. B., Giunipero, L. C., & Patterson, J. L. (2015). Purchasing and supply chain management. Cengage Learning.
Qrunfleh, S., & Tarafdar, M. (2014). Supply chain information systems strategy: Impacts on supply chain performance and firm performance. International Journal of Production Economics, 147, 340-350.
Singhry, H. B. (2015). An extended model of sustainable development from sustainable sourcing to sustainable reverse logistics: a supply chain perspective. International Journal of Supply Chain Management, 4(4).
Snyder, L. V., Atan, Z., Peng, P., Rong, Y., Schmitt, A. J., & Sinsoysal, B. (2016). OR/MS models for supply chain disruptions: A review. IIE Transactions, 48(2), 89-109.
Stadtler, H. (2015). Supply chain management: An overview. In Supply chain management and advanced planning (pp. 3-28). Springer, Berlin, Heidelberg.
Whyte, G. B. (2016). The relationship between sustainable supply chains and economic success in the retail clothing industry in South Africa (Doctoral dissertation).
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download