Outsourcing of Information Technology and Communication

Question: Discuss about the Outsourcing of Information Technology and Communication. Answer: Introduction From the perspective view of information technology, IT risk management is one of the most key use for a company's risk management. IT manages risks that are linked to the IT sector like network, desktop, mobile computing and other associated applications such as ICT, ERP, and KMS among others. Use of IT has greatly been employed in the financial service sector currently. Most of the organizations specifically bankers in the financial sector outsources IT functions like network, desktop, mobile computing and other associated applications to a third party vendor to make their procedures digital. Information technology is among the numerous valued systems that make businesses run their activities automatically. This report evaluates the risk management process concerning outsourcing of major IT functionalities within Aztek. The organization runs their operations fruitfully in the Australian financial services sector. Aztek has a portfolio of projects to for implementation with the view of automating the system within the firm's operational procedures (Pfleeger, 2003). The company has outsourced its key IT functionalities like desktop management, network and other application development from a third party vendor. Outsourcing of this functionalities will bring about a capital agreement to Aztek from the perspective of improving the flow of cash within the company. The outsourcers would be fully responsible for availing the system and service guarantee if Aztek outsourced the key IT functions from a third party. They will, however, benefit like admin of the outsourcing organization to come up with the right program by the company's specialist. The administrator will be tasked with making an individual login database in IDs for the personnel as well as perform a continuous system upgrade. Aztek will be able to have an overall information system in their surrounding through the key IT functions outsourcing project from a third party. Aztek as the outsourcer will be performing duties such as accessing, control and administration of security, installing information security software and maintaining the installed software. The company will also perform other tasks such as investigation and review of report violation, maintaining processes and policy of clients' information security, establish a relationship with its staff and customers, tactics and awareness building to use of information security system through training and others. Aztek will face the main issue of sharing data with the personnel of the outsourcer upon its implementation of outsourcing IT service project to a third party. It will be constituted by the fact that the company keeps client's information together with other several sensitive information that is related to their business such as target market, details of the bank, target customers and many other things. Financial service sector review The financial service industry is an attractive area that varies its organizational processes as time goes by. IT in financial service industry specifically in the operational procedures of Aztek have been witnessing great changes especially in the company's business process (Jin Du, 2014). The company has experienced tough competition in the financial industry which has resulted in declining in their clients' base. Moreover, the cost framework of Aztek which is uneconomic has been locked. Stiff competition has forced the company to establish extreme capacity in its organization processes and lower the profit margins. The best way of provocation to the company towards the establishment of a great risky portfolio and doing away with the margins is to embracing a marginal edge of risk thinking (Acquisti, 2008). Numerous barriers in the financial service sector restrict Aztek and make its condition worse than those of their rivals. Due to this, competition in the organizational procedu res, Aztek is operating at two medium levels as a result of slow technology development and other common factors. The financial service sector is likely to underperform in the current world with the use of IT systems in its business process. IT is one of the key critical technologies in the financial sector that makes the generation of processes automatic (Borek, 2014). There are some different types of IT system in Australian financial sector that aid in the provision of information, management of market inventory, and billing among others. Outsourcing critical IT functions will help Aztek establish a broad customer base. The company can be in a place to offer improved services to its clients through the fulfillment of their needs and attract more clients by the adoption of an information technology system in its business process (Coplan Masuda, 2011). Many business organizations within the financial service industry have outsourced their key IT functions to a third party and diversified their processes which have greatly contributed to the generation of high revenues as well as consolidation of their organization's operational processes. Realization of high-profit margins and information technology in the financial sector helps lower the complexity level and dependence on the accumulated interest. Consequently, some enterprises in the financial sector consolidate as a result of main regulation changes in their processes. The consolidation resulting from IT functionalities have led to increased assets associated with security like the use of antivirus, ant hacking technology, and others. The financia l service industry has been a great success in its business operations in the past few years due to putting these types of strategies in place (Dinsmore Cabanis-Brewin, 2011). However, not all are successful because of diversification of revenue results to a mix between interest and non-interest income. This is among the negative sides of IT systems because the third party vendor from whom Aztek outsourced their key IT functionalities acted negatively. Most bankers changed their product value from negative to positive in the financial services sector since the outsourcing of IT functions from a third party. Adoption of an IT system also saw the banking sector increase its value of products from savings to fixed deposits as well as improve the annual products value to premium products. The IT system also makes it possible for banking companies in rigid products flexibility, increase the level of advice from high to a level of having extended service and creating a new customer base and increased marketing. Provision of excellent services such as e-payments in the financial service industry provided by IT systems makes the companies in the sector make them achieve high customer retention and attracting new clients. Insurance businesses in the area have been able to shift their services from cultural products to a service culture with the help of IT systems. The financial service sector has also contributed to the improvement of the quality of service through implementation of a method that uses IT and uses IT functionalities from a third party (Schiesser, 2010). Organizations have been able to achieve fast service delivery in areas such as documentation products like billing, information, etc. through the implementation of a computer system that does not keep customers waiting for long. IT makes it possible to better the handling processes associated with claims and advice via telephone. However, the information technology within these organizations in the financial service sector faces some challenges like standardization of products because of the specialized high system, high chance of possible loss of data or hacking of the information from the system server. Introduction of the IT system in the industry has brought the business world greatly (Shah Clarke, 2009). Information technology works to ensure that business process run smoothly and the organizations reap a broad variety of benefits. Use of IT system in the financial service industry has led to a development of an automatic process involving a high range of security. Thus, IT is very key in the removal of organization's local barriers in the financial service sector as well as in any other industry. Implementation of IT system makes it possible to change the view for the organization from the perspective view of the global market. Within the IT market, some companies give hardware and software packages services for operational processes of the financial industry (Schwalbe, 2014). IT help complex organi zations achieve the value for service management in the financial sector. To create products or value in the business of financial service industry, IT has a great impact on the marginal cost that reacts directly with the revenue. Implementation of the outsourcing of key IT functions will be of great importance to operational processes of Aztek (Bellini, 2009). These include service development, process development, integration of stakeholder, improving the cost-effectiveness and globalization among other benefits. Current Practices and security posture review Outsourcing of key IT functionalities in the business process of Aztec can cause the culmination of making sense for the company which is one of the most important procedure to organizations in the financial service industry. Making sense makes it possible for organizations to scan the entire surroundings and interpret it according to with each other. The interpretation made facilitates action taking (Xu, 2013). In the view of this, outsourcing key IT functions from a third party at Aztek is an important method for maintaining security and the right operational process (Tibble, 2012). Outsourcing key IT functionalities from a third party vendor at Aztec can help in the network development and an adaptive communication process within the workplace that will allow the monitoring of the work performance of personnel (Better et al., 2008). Information technology networks like the knowledge management system or the ERP make it possible for organizations to integrate with the other with ea se. Aztek will have a lot of issues in recovering the financial resources employed in the project which is not the only the affected but also the company growth rate too. Outsourcing will present the business with a good chance of search for the right resource like appropriate vendors, competent staff, shareholders, suppliers, etc. which can drive it towards success and increased growth (Caldwell, 2008). If Aztek outsources basic IT functionalities from a third party, they will establish a wide network area incorporating staff, shareholders, suppliers as well as the connection of management to each other. This will help create the right resources to improve their employees work performance and increase its growth. According to Roper (2011), outsourcing of key IT functionalities within an organization process scanned the company's environment thus culminating it business operations. It is this view that outsourcing of major IT functions from a third party has been termed effective in the business process of the financial service industry. Implementing the outsourcing project at Aztec process will greatly address the current pressure that the company faces. This makes the outsourcing IT functions from a third party vendor is the most effective way to increase the firm's profits together with the productivity (Dogra, Khara Verma, 2007). The availed services by the third party will greatly reduce the operational costs of Aztek and hike its productivity. The outsourcing will also provide the organization with the benefit of having an IT expert who will be provided by the third party who will then train the company's staff on the technology. The company will also be fully responsible for maintaining the security of the implemented system by the third party. One of the hard parts to undertake the project will be budgetary constraint within the organizational process of Aztec. The company can achieve access to information in the financial industry and constraint the budgetary if it outsourced specific functions of IT assets (Bodea Dascalu, 2010). The process of outsourcing key IT functionalities with an enterprise in financial service sector can portray the transaction cost theory contradiction. The implementation of the outsourcing project can help the company monitor its costs in an improved way. The technology tactics also lower the product cost. Adoption of IT in the business process lower the labor needed to operate in the financial service sector which in turn reduces the operational costs. Involving a third party vendor tasks them with designing of an automatic information sharing within the network. IT resources can encourage the process of decision-making within a company and thus discourage the cost transaction theory (Jung, 2013). Outsourcing strategy will be key in the most business process of the company from the perspective view that encompasses the leveraging possibility. Thus, outsourcing the key, IT functions from a third party can lead to a strategic benefit at Aztec. The outsourcin g of IT functionalities presents Aztec with a key impact in restructuring its organizational process in the long-term return (Caron Salvatori, 2014). Third party vendor will also help the company I maintaining information security system because they are experienced in handling any time of issues that are likely to be present in the IT system. Therefore, implementation the IT functionality to outsource vendor will be of great advantage to Aztec (Nichols, 2014). Caron and Salvatori (2014) stated that outsourcing an organization's IT specializes in maintaining information security. The providers can aid in transforming the current information system for the company with the use of valuable assets to tighten the security. In this context, outsourcing key IT functions gives information for the development of the application at Aztec with the view of migrating or updating present in the application security. The critical process of outsourcing IT functionalities in the financial sector helps in saving the personnel for long-term evaluation process (Mehan, 2008). Pros and cons of outsourcing key IT functionality to a third party for many years now, Aztec has been opting to implement the project of outsourcing the key information technology functionality to the third party there are some advantage as well as disadvantage which has been associated with this these aspects are highlighted as follows. Pros Convenience: outsourcing on the key IT functionality leaves the business to focus to the other significant aspects to the business. The organization would focus to the other aspect of the business. The organization can gain more cost savings: with the outsourcing of the key IT functionality Aztec they would save the costs. The organization will only pay to the third party providers to per project or even the pay only for the hours rendered. There is no paying for any commission or even the full time salaries. Gain of more functionality from the project: The organization has the capability of gaining significantly from the functionality provided by the third parties. In most of the time the third parties usually have skills as well as technical knowhow on how to integrate the external functionalities, features along with the services which could be corporate to the organization (Dadios, 2012). Better support services for the outsourced functionality: The third parties providers could deliver extended services in regards to any upgrade or even troubleshooting functionality of an application to be able to keep the operations to run as smooth as possible. Cons Outsourcing of the key information technology functionality to the third party could seems to be a better proposition to the corporation, but before finalizing their decision to implement they need to look at the following drawbacks associated to outsourcing. Security and the privacy leakages: outsourcing entails you provide the organization with the access to the private as well as sensitive information of the organization. the organization will have less control to the access of the data. Cost: the convenience usually comes at a given price; the overall cost of utilizing the third party functionality is far much greater than if Aztec managed on their own functionality. Potential loss to reputation: The third party provider is responsible to the most vital functions within the organization. In the event they make a mistake this could be reflected directly to the business and the clients may not accept any passing of this shortcoming to the subcontractor the business outsourced (Dadios, 2012). Threats, vulnerabilities and consequences assessment As a result of developments and innovations in the area of technology, there have been huge effects on the process of interaction between banks and counterparties, customers, and also suppliers and how they do their daily activities (Dadios, 2012). Organizations in the financial sector are facing challenges and problems in responding, innovating and adapting to different chances presented by networks, technological solutions, as well as computer systems. IT presents banks with many opportunities and also helping them expand their services and products (Drummond, 2011). However, IT dynamic come with various risks. Security threats affect organizations in the financial service sector like Aztec via some vulnerabilities. Outsourcing of one IT system cannot be enough to guard the entire Aztek system with a public network (Gottschalk, 2009). The organization can improve the effectiveness of the security of the IT system by establishing different testing, control and monitoring procedures that can help curb the impending risks that depend on different factors (Kim, 2012). Despite the use of IT services bringing numerous benefits to companies like Aztek, outsourcing of IT functions has posed threats to many organizations (Dey Kinch, 2008). Focusing from the time before when technology was not widely employed to the current time, various threats have been developed within the financial sector. The possible threats that the company is likely to face are: Customer protection-customer protection is very important in internet financial service. The organization should ensure that its customers are well protected, and allowance to access of sensitive customers' information should be well monitored (Mercuri Neumann, 2011). Aztek faces the threat of hacking that may expose its information and that of other stakeholders in danger. Data confidentiality this is the protection of confidential information from unintended parties and unauthorized access. Aztek faces a threat the ability to protect information via software and also data loss. Through outsourcing, the company will not be sure of the IT environment of the third party hence chances of external attacks. System availability- the system needed to maintain public confidence through an online framework is of high quality. The company is not sure of the quality of the resources hence a threat. System integrity-this is the reliability, completeness, and accuracy of information being processed, transmitted and stored between Aztek and customers (Parley, 2010). This faces flaws from the process of outsourcing hence a threat. Vulnerabilities of outsourcing IT services Financial service companies may be misled due to the security dangers exposures and danger of becoming a victim of a breach of security which might cause serious issues for the organizations and their customers (Peng et al., 2009). Aztek faces the current automatic system of managing vulnerability which is highly used for monitoring the information risks that have portrayed flaws which can't resolve the results. The effect can include wrong security vulnerabilities, possible exploitation as a result of cybercriminals, inefficient use of IT resources and outdated IT resources that cause high employee turnover. With the concern such as the increase in the computer crimes as well as the growing control of the government over the practices as well as the protection of the private information, the real focus should be whether or even not to outsource the information technology application is a viable option given the associated risks in the data security. Whether an organization is hiring the third party for the support of the desktop, security testing or even the monitoring of the network, the greater the number of the electronic assets the organization has the greater is the risk to management of the assets (Acquisti, 2008).. The potential for any loss increases given the endless amount of the data which has been stored to various computers. Most of the information technology consultants are trustworthy but also some are not. Seemingly some of the bad individuals are doing bad things especially when the applications have been outsourced (Acquisti, 2008). It is important to not before giving up the information technology reigns, there is need to consider a few things. The information technology related issues need to be viewed in terms of the perspective of the hacker. It means one should consider what could happen if ones confidential data gets into the wrong hands. Most of the outsourced information technology application entails someone somewhere have access to a portion. This could translate to the full access to the data of the corporate organization which is stored to the local drives or potentially, network which are shared. There are various risks that Aztec face in the project of outsourcing key IT functionalities. The company needs to come up with proper risk management process in place of outsourcing their key IT functions. To have an effective implementation process of the IT project, the company can follow the following risk management procedure; Risk identification Risk assessment Risk treatment Risk reporting and monitoring The security issues that the project faces from the third party include: Access of the outsourcer to the company's data- when Aztek outsources IT functionality, it will give the third party authority to access staff information. The outsourcer has no idea on what information is crucial to achieving high data security. Data destruction, backup, and retention- this is the main issue faced by financial service sector when an organization outsources IT functionality from a third party vendor (Prado, 2011). Most of the third parties do not mention on the data destruction, backup and retention during the agreement of implementing the project. Sharing resources of the computers with the outsourcer- as the outsourcer is the major player in the project within a firm, Aztek has to provide permission to access information to the outsourcer. Other security issues are: Determination of program and data ownership and audit rights of information security to the outsourcer Process of controlling outsourcing security issues To control the above security issues upon Aztek outsourcing information technology from a third party, the company need to maintain the following procedure: Controlling offshore operation: an organization within the service sector need to manage employment and physical security that equate to its organizational process. High security will be a vital step for the approach of addressing these problems. Applying rigorous security policy will be the best procedures for Aztek on the implementation of the outsourcing IT functionalities to a third party. Access rights: when Aztek involves the third party in providing IT services, they will have to communicate properly about access rights for the outsourcers staff. Necessary equipment and the process will be the right security way for data security. Aztek has to come up with profiles for each person within their company as well as outsourcers staff. The company will agree and append signatures with the outsourcer for changing the passwords or access control in the case when the team change their roles or quit the job. The same procedure will be applied when a new person joins the organization. Password and User accounts: to establish proper security in the company, Aztek has to agree with their idea of outsourcer and create individual user accounts for the staff and clients. Customers information will be required to establish a program that requires a password. To make a standard password, the company need to conduct a review from getting a safe online group. A good password should be that composed of at least 10 characters length both letters and numbers. Authentication: authentication is a great issue in any industry that has information security system. The authentication should be maintained in a way that it protects customers data. Data backup: Aztek has to carry out an appropriate risk assessment of the data security in the impending threats. It can be enabled by use of an encryption method and a continuous review on the level of the encryption. Conclusion This report has provided detailed information regarding IT process if an organization in the financial sector outsources its key IT functionalities from a third party. The case study is an Australian firm operating in the financial industry. The report analyses all relevant information about IT functions in the financial service together with the legal framework. The report also compares the current practices at Aztek and the impact of the current project on its organizational process. The last section is composed of the threats, vulnerabilities, and consequences of assessment and data security in conclusion. IT plays a key role in businesses in the financial sector as well as any other sector. It, however, has possible risks that should be highly guarded to reap its benefits. References Acquisti, A. (2008).Digital privacy. New York: Auerbach Publications. Bellini, C. (2009). Mastering Information Management.Journal Of Global Information Technology Management,12(4), 79-81. Better, M., Glover, F., Kochenberger, G., Wang, H. (2008). Simulation optimization: applications in risk management.International Journal Of Information Technology Decision Making,07(04), 571-587. Bodea, C., Dascalu, M. (2010). IT Risk Evaluation Model Using Risk Maps and Fuzzy Inference.International Journal Of Information Technology Project Management,1(2), 79-97. Borek, A. (2014).Total information risk management. Waltham, MA: Morgan Kaufmann. Caldwell, F. (2008). Risk intelligence: applying KM to information risk management.VINE,38(2), 163-166. Caron, F., Salvatori, F. (2014). Managing Information for a Risk Based Approach to Stakeholder Management.International Journal Of Information Technology Project Management,5(2), 30-43. Coplan, S., Masuda, D. (2011).Project management for healthcare information technology. New York: McGraw-Hill. Dadios, E. (2012). Fuzzy-Neuro Model for Intelligent Credit Risk Management.Intelligent Information Management,02(25), 251-260. Dey, P., Kinch, J. (2008). Risk management in information technology projects.International Journal Of Risk Assessment And Management,9(3), 311. doi:10.1504/ijram.2008.019747 Dinsmore, P., Cabanis-Brewin, J. (2011).The AMA handbook of project management. New York: American Management Association. Dogra, B., Khara, N., Verma, R. (2007).Strategic outsourcing. New Delhi: Deep Deep Publications Pvt. Drummond, H. (2011). MIS and illusions of control: an analysis of the risks of risk management.J Inf Technol,26(4), 259-267. Gottschalk, P. (2009). Knowledge management technology for organized crime risk assessment.Inf Syst Front,12(3), 267-275. Jin, M., Du, Z. (2014).Management Innovation and Information Technology.SOUTHAMPTON: WIT Press. Jung, H. (2013).Future information communication technology and applications. Dordrecht: Springer. Kim, H. (2012).Advances in technology and management. Berlin: Springer. Mehan, J. (2008).CyberWar, CyberTerror, CyberCrime. Ely: IT Governance Pub. Mercuri, R., Neumann, P. (2011). Inside risks: system integrity revisited.Commun. ACM,44(1), 160. Nichols, A. (2014).A guide to effective internal management system audits. Ely, Cambridgeshire,UK: IT Governance Pub. Parley, F. (2010). What does vulnerability mean?.British Journal Of Learning Disabilities,39(4), 266-276. Peng, Y., Kou, G., Wang, G., Wang, H., Ko, F. (2009). Empirical evaluation of classifiers for software risk management.International Journal Of Information Technology Decision Making,08(04), 749-767. Pfleeger, C. (2003).Security in computing(3rd ed.). Upper Saddle River, NJ: Prentice Hall PTR. Prado, E. (2011). Risk analysis in outsourcing of information technology and communication.JISTEM,8(3), 605-618. Schiesser, R. (2010).IT systems management. Upper Saddle River, NJ: Prentice Hall. Schwalbe, K. (2014).Information technology project management. Boston, MA: Course Technology. Shah, M., Clarke, S. (2009).E-banking management. Hershey, PA: Information Science Reference. Tibble, I. (2012).Security de-engineering. Boca Raton, FL: CRC Press. Xu, B. (2013).2012 International Conference on Information Technology and Management Science (ICITMS 2012) proceedings. Berlin: Springer.