Information Systems Risk Management

1125 Words Dec 5th, 2010 5 Pages
University Of Phoenix

CMGT/441 - INFORMATION SYSTEMS RISK MANAGEMENT

Week-4 assignment

Wonyie V. Zarwee

November 29, 2010

While it lessens the burden on organizations, reducing and shifting the cost and risk of its IT operation, security and management issues to an external service provider or vendor, outsourcing any portions of an organization's Information System has significant risks that can sometimes become detrimental to the outsourced organization. According to the Commission on Government Outsourcing, "when outsourcing an organization exposes itself to significant risks in terms of security, accuracy, and completeness of information (Holroyd City Council, 2008)". Comprised in the rest of this document is an exclusive
…show more content…
The theft or sharing of information could be intentional or unintentional. In any of these case, even if the outsourcing service provider keeps the outsourced information available, unchanged and accessible to the owners at all times, there are still risks of possible data confidentiality issues.
The use of an enterprise service provider for processing information systems applications such as payroll, human resources, or sales order taking is another excellent way for organizations to minimize cost while still experience the full benefit of an IT system. It is worth noting that while this is very cost effective and significantly reduces the load on an organization, outsourcing an organization's IT applications to an enterprise service provider for processing is a risky path to thread. Information privacy and integrity are at a very great risk here. An enterprise service provider or employers of the provider are capable of selling out the customers, employees and sales information of one organization to another. Employees of the Service providers could also include their name (create false employees) among the names of legitimate employees of the outsourced organization and masquerade as one of the real employees and receive pay every pay period. These and other privacy and integrity concern must be taken into serious consideration by organization outsourcing interested in outsourcing to an enterprise service…