Information system has two perspectives, which are functional and structural perspectives. The functional perspective defines that the information system is the technologically implemented or deployed medium to record, store and finally eliminate the linguistic expressions and support of inference making (Holtshouse, 2013). The structural perspective defines that the information system comprises of a set of processes, models, people and technology to form a cohesive structure and serving some of the organizational purposes or functions. This information system is the collection of interlinked elements, which eventually collect, distribute, process or manipulate information for the purpose of decision making and judgments within any company. Moreover, the coordination or control is also checked with the help of information system and thus the managers can easily analyze the several problems.
This essay will be explaining the information system security as well as risk management for the popular Australian software company, Altium Limited. This particular organization provides PC based electronics design software for the engineers, who can design PCB or printed circuit boards. The proper use of information system for the business operations will be given here with the general management and application controls of Altium Limited. The risk management techniques and audit plan or process will also be provided in this essay.
Altium Limited is the Australian public software organization that provides personal computerized electronics design software. The clients of this organization are those engineers, who are designing PCB or printed circuit board (Altium. 2018). The most significant products and services of this organization are Altium designer, Altium Live, Altium Vault, Autotrax and Easytrax, CircuitMaker, CircuitStudio, P CAD, NanoBoard, TASKING and PDN Analyzer. These are various software or design software tools that the clients get from this organization (Altium. 2018). Moreover, the FPGAs or field programmable gate arrays are utilized by them instead of the individual components in a PCB. For working within the organization, the staffs or employees get various services of information system.
The business operations of this organization are extremely unique and popular in respect to other organizations. The outcome of the business operations in Altium is the harvesting of asset values by the business. They have implemented information system within their business for enhancing the various business operations and thus is termed as one of the most important and significant organizations in Australia (Eason, 2014). The most significant use of information system for the business processes is for the marketing and sales. Since this is a software company, this particular business function is extremely important for their business. Hence, information system is required in Altium Limited. Moreover, the production, accounting and finance departments are also managed with the help of information system and thus these business operations are well executed by this organization. Apart from these the management support system, transaction processing system, executive information system and the decision support systems are the major parts of this information system. The higher level of competitiveness is another significant advantage of information system in the business of Altium Limited (Dahlstrom, Walker & Dziuban, 2013). The presence of the customer care service is the next benefit of information system for the business operations of this organization. Cost effectiveness is another significant benefit of IS in Altium’s business operations.
GMC or general management control can be defined as the management function that has aimed to achieve the several organizational goals in a scheduled time. This particular system helps in gathering and using the relevant and confidential information for the successful evaluation of the performance of various resources of organization such as financial and physical resources (Marchewka, 2014). The several strategies of organization are easily implemented with the help of GMC. The procedure for management controlling mainly included the proper performance is being compared with a planned performance. The second step in this process is the difference within the two is being measured before contribution to difference is recognized. Finally appropriate action is to be taken wither for minimization or elimination of the identified differences. There are two types of general management controls, which are preventive and detective controls. Detective management control is utilized to identify the several irregularities only when they occur. The second type is preventive management control (Lloyd, 2017). This type of general management control is utilized to discourage the errors. Hence, the errors are prevented even before they occur. The main objective of implementing GMCs is that it helps to control the overall management of the organization easily and promptly.
There are various general management controls that Altium Limited has implemented within their organization. Since, this is a software company; these general management controls are extremely important and significant for them. The GMCs of Altium Limited comprises of three distinct components, which are setting standards, measuring the overall performance and finally undertaking appropriate actions (Dahlstrom & Bichsel, 2014). The various changes or alterations are done with these controls and the assurance level is provided for protecting the various products and processes of Altium Limited. The GMCs of Alitum are given below:
i) Law and Compliance: The costs, obligations and operations of the organization are well maintained with the help of law and compliance. Hence, rules are maintained with excellence.
ii) Integrity as well as Competence: The integrity as well as competence is the other important GMCs of Altium Limited (Schwalbe, 2015). The competitive advantages are obtained with these GMCs.
iii) Safeguard: The data or other resources of the organization are protected with safeguards and thus is termed as one of the most vital GMC of Altium Limited.
AC or application control helps to maintain security or privacy for all the assets or resources. This security maintenance helps in providing reliability and confidentiality and thus the business operations of that particular organization is saved (Luftman et al., 2013). The data risks are reduced and the mitigation strategies can easily eradicate the risks. The most significant application controls or ACs of Altium Limited are as follows:
i) Completeness Checks: The first AC is completeness check. The processing of records are ensured properly.
ii) Validity Checks: Only valid and justified data or information is processed and this particular fact is ensured with validity checks.
iii) Identification: Unique identification of all the users is ensured by identification.
iv) Authentication: Authentication is another important application control of Altium Limited and thus is maintained by the organization (Brooks, 2016).
v) Authorization: Only authorized and approved users have the authority to access the confidential data or information.
vi) Input Control: The input is being controlled and hence all the unauthorized access is controlled (Tafti, Mithas & Krishnan, 2013). Moreover, data integrity and confidentiality are maintained with the input control.
vii) Forensic Control: The data is corrected on time and made appropriate and thus the forensic control is applied in Altium Limited.
The comparison of AC and GMC in an information system for Altium Limited is as follows:
i) The AC can control the security and privacy of information system by controlling the software and transactions. There are various factors that depend on the application controls (Ullah & Lai, 2013). The GMCs however manage the entire organizational resources and depend on setting standards, measurement of performance and correct actions taking.
ii) The GMC of Altium is linked with the AC and hence the functionalities could be easily supported by this connection. GMC majorly controls the servers and end user environments or mainframes.
a) Reliability, confidentiality, availability, integrity and security
Risk management techniques are utilized for managing the various risks in an organization (Hills, 2018). The two risk management techniques of Altium Limited for reliability, confidentiality, integrity, availability and security are as follows:
i) Loss Prevention: This technique helps to prevent the losses caused by risks in IS.
ii) Risk Avoidance: This technique helps to avoid the threats and risks for securing the IS.
b) Risk identification, assessment and control
Identification of risk is required for proper prevention and precaution (Cui et al., 2015). The two risk management techniques of Altium Limited for identification, assessment and control are as follows:
i) Separation: This technique helps to detect the catastrophe types within the business processes.
ii) Reduction of Loss: This technique helps to reduce the total loss of the company caused for risks.
Audit can be defined as the official inspection of the accounts of an organization to check whether the official documents or resources are not being utilized properly. It is the most systematic as well as independent examination of accounts and records so that the management of the organization is assured of the integrity and confidentiality of their resources and data (Von Solms & Van Niekerk, 2013).
Audit planning is the most important part of audit that is being conducted at the start of the audit process and thus ensuring that proper attention is being given to all the identified problems and vital areas. This type of planning is the process of developing the general strategy and the detailed approach for audit extension and timing. The auditor is responsible for performing his or her audit in the most efficient and effective manner (Madon & Krishna, 2018). The several benefits of the audit plan mainly involve obtaining necessary evidence for several circumstances, keeping audit costs at the most reasonable level, avoiding misunderstandings with clients, ensuring that the problems are properly identified and knowing the scope of the audit program.
Altium Limited has made their own audit plan for the betterment of the business. The audit plan of this particular organization is as follows:
i) Identification of Audit Requirement: The first step in this process is the proper identification of audit requirement (Lloyd, 2017).
ii) Noting Report Requirements: The second step in the audit plan is noting and learning about the various report requirements. These requirements are important for understanding the various causes of audit.
iii) Conflicts in Interest Assessments: The conflicts in the interest assessments is the next significant step in audit planning.
iv) Risk Assessment: The risks are assessed in this step and hence audit is done easily (Schwalbe, 2015). This even helps to eradicate the dangerous risks.
v) Document and Record Assessment: The final step in this audit plan is the assessment of the document and records. This type of assessment often requires relevant details.
The audit process of Altium Limited is as follows:
i) Discussion of Scope and Objectives: The scope and objectives of the organization is well discussed and thus this is the first step in this process.
ii) Procedural Information Collection: The detailed procedural information is collected in this step and this helps to take necessary measures (Brooks, 2016).
iii) Evaluation of Various Controls: The existing controls are evaluated in this step and thus are considered as one of the most significant criteria in auditing.
iv) Plan Execution: Finally the plan is well executed and this is the final step.
Conclusion
Therefore, from this essay, conclusion can be drawn that information system utilizes the computer technology for performing all the intended tasks. This type of system could involve only software and personal computer. Apart from these, the information system can even include numerous computers of different sizes and the communication networks or databases. The most significant components of this information system are resources of people like IS specialists and system analysts, hardware like computer equipments and associate devices, software like processes and programs, data and networks like network supports and communication media. The activity orientation of the information system is also emphasized in this manner. Thus, the security of this information system is extremely important and is kept on top priority. Risk management abilities are the next important and significant requirements of this type of computer system. This essay has properly outlined the entire security and risk management of the most recognized and established software organization of Australia, namely, Altium Limited. The various details regarding application controls and general management controls are discussed here. Confidentiality, integrity and various other factors related to risks are explained in this essay with four risk management techniques for Altium Limited. The process and plan of auditing in Altium are provided in the above essay.
The recommendation for Altium Limited is to implement management information system within their business. This type of information system mainly emphasizes on the interconnection of various social elements and technologies hence their business processes would be easier.
References
Brooks, D. C. (2016). ECAR study of undergraduate students and information technology (Vol. 4, No. 3, p. 2). 2016.
Cui, T., Ye, H. J., Teo, H. H., & Li, J. (2015). Information technology and open innovation: A strategic alignment perspective. Information & Management, 52(3), 348-358.
Dahlstrom, E., & Bichsel, J. (2014). ECAR Study of Undergraduate Students and Information Technology, 2014. Educause.
Dahlstrom, E., Walker, J. D., & Dziuban, C. (2013). ECAR study of undergraduate students and information technology(p. 2013). 2013.
Eason, K. D. (2014). Information technology and organisational change. CRC Press.
Hills, J. (2018). Information technology and industrial policy. Routledge.
Holtshouse, D. K. (2013). Information technology for knowledge management. Springer Science & Business Media.
Lloyd, I. (2017). Information technology law. Oxford University Press.
Luftman, J., Zadeh, H. S., Derksen, B., Santana, M., Rigoni, E. H., & Huang, Z. D. (2013). Key information technology and management issues 2012–2013: an international study. Journal of Information Technology, 28(4), 354-366.
Madon, S., & Krishna, S. (2018). The Digital Challenge: Information Technology in the Development Context: Information Technology in the Development Context. Routledge.
Marchewka, J. T. (2014). Information technology project management. John Wiley & Sons.
PCB Design Software | Innovation For PCB Design | Altium. (2018). Retrieved from https://www.altium.com[Accessed on 09 Aug. 2018].
Schwalbe, K. (2015). Information technology project management. Cengage Learning.
Tafti, A., Mithas, S., & Krishnan, M. S. (2013). The effect of information technology–enabled flexibility on formation and market value of alliances. Management Science, 59(1), 207-225.
Ullah, A., & Lai, R. (2013). A systematic review of business and information technology alignment. ACM Transactions on Management Information Systems (TMIS), 4(1), 4.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. computers & security, 38, 97-102.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download