There are different ways of linking an organization’s business metrics to the IT department. One of the ways is by promoting open communication between the departments within the organization. The business metrics always dictate the underlying technology that is needed for support. Communication will allow IT to work with business in order to develop a common set of objectives and work towards attainment of the objectives. One major thing in this case is that the organization needs to identify and agree on the business-level metrics that IT needs to support.
This will allow IT to prioritize and focus on what matters for the business. This specifically applies to the evaluation and monitoring of transactions. One component of linking in this case is data driven visibility. The business segments within the organization should be able to see and understand the impact that IT will have on their operations. Some of the real time performance measures that can be used to reduce the IT and business gap include resources consumed, cost of downtime, lost revenue, end user performance and number of successful or failed transactions. These parameters should be measured to enable the business evaluate the costs of delivering IT services (Smith, McKeen & Street, 2004).
Use your promo and get a custom paper on
"Business Metrics".
The other way of linking the business metrics to the IT department is by aligning the IT functions to the organizational structure and culture. This also includes understanding the organization, the people, the business metrics and technology. In this regard, there is need for understanding the human, technology and business dimensions. There are instances when humans may sabotage technology implementation because they do not have a good understanding of the technology. Aligning these functions also helps in building trust.
The other way is to inform the business stakeholders what are really important to them. This requires that operational data are transferred into business information. The communication and language in this case should use an easy language that both the business and IT understands. The business and IT managers should have the right measurements in place.
The balanced scorecard is the approach to establishing a business measurement program in IT that would be used for the organization. The balanced scorecard is a performance management and measurement tool that can be used by an organization to track of execution of activities. Data collection in balanced scorecard is used to provide qualitative results and provide reports to managers that are important in effective decision making. The balanced scorecard approach has been chosen for the following reasons: it has an integration of financial and non-financial data items, it focuses on the strategic agenda of the organization and it focuses on small number of data items (Smith, McKeen & Street, 2004).
Due to the recent advancement of technology, there has been increased deployment of information technology in organizations. However, there are risks associated with the use of technology in organizations. One of the security risks within the child welfare organization that I worked for is weak security. Within this work environment, new gadgets were being purchased and deployed within the organization. However, there is little consideration for security. There are increased threats to malware since malware has increased avenues for execution like traditional computing and mobile devices. The job design allowed for work-at-home flexibility. This also increased the risk for malware attacks. The other risk is lack of encryption. The child welfare organization handles very sensitive data. Encryption is important to protect data and information within the systems and in transit (Shoemaker & Sigler, 2014).
The other security risk within the organization is outdated security software. It is important that security software be continuously updated in order to protect data and information within the systems. This when coupled with social engineering which attackers have focused on reliable and non-technical methods. Many organizations do not have security technology and software to monitor the activities and security within the network. The software is designed to send signals in the event of an intrusion attempt.
The other risk is lack of proper configuration. Security hardware and software tools come with the ability to be customized in order for them to fit the needs of the organization. However, there are instances when the organization neglected the need to properly configure the settings. This exposes the information systems of the organization to attacks. The other risk is password attacks. This happens through identity theft where one’s user credentials may be used to access the information systems.
The other risk is project backlog. Due to limited resources, some of the IT projects are not fully implemented and this results in large project backlogs. This is coupled with weak management oversight that makes it difficult for the projects to achieve their objectives.
While there are strategies that have been implemented to prevent and reduce these risks, there are some risks that have not been prevented. One of the strategies implemented was deployment of firewalls. Firewalls are for the purposes of preventing unauthorized access to the systems. The organization also upgraded the security software in order to protect against threats. However, there are some risks that have not been prevented. For example, the organization has not implemented an encryption system to protect the data within the information systems. In addition, there is an information systems policy that is designed to guide the manner in which employees interact with information systems. However, this policy is not comprehensive as it does not provide enough guidelines on passwords and identity theft. The issue of project backlog has not been solved due to the limited resources that the organization works with (Shoemaker & Sigler, 2014).