University of Phoenix week 5 Budgetting Benefits Discussion
Part IWeek 5In light of the following comments, discuss the questions listed below:Budgeting time is an exciting time in every organization. Managers meet to come up with an estimate of needs for the areas and functions they supervise, and on the basis of the means available, new initiatives and projects are prioritized as to their perceived promise in adding to the growth of the organization.What is the relationship between strategic IS planning and the yearly budgeting and prioritization process? What is the objective of each? Do you think that general and functional managers should be involved in decisions about funding IS assets and services? Justify your opinion. Who should be developing and presenting the business case for a new IS? Why? How would the new and existing ISs be funded and who would fund them? Propose three funding methods, and discuss the advantages and disadvantages of each.Risks are associated with every new project that an organization considers to undertake. In the budgeting process, organizations often think of diversification of their new efforts and initiatives in order to minimize the risk of failure. What are the principal drivers and risks associated with implementing a new IS project? What are the principal drivers and risks associated with IS outsourcing? Why should an organization evaluate the aggregate risk of its portfolio of projects? What should an organization do if the current level of portfolio risk is not aligned with the degree of risk deemed appropriate according to the strategic IS plan? Justify your answers using relevant examples.PART IIThe Information Systems Security Impact PhaseThis week, you will evaluate the status of the security and its infrastructure for your case study from the perspective of professional and industry best practices, for example, CERT, SANS, (ISC)2, and existing national security and privacy acts, such as: the Health Insurance Portability and Accountability Act (HIPAA), the Computer Fraud and Abuse Act, the Electronic Communications Privacy Act (ECPA), the PATRIOT Act, the Gramm-Leach-Bliley Act (GLBA), the Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI-DSS), or the Family Educational Rights and Privacy Act (FERPA). Depending on your case study some of the above regulations may or may not directly apply.Research security and privacy acts that are pertinent to your case study in the South University Online Library and on the Internet by using the following keywords:Health Insurance Portability and Accountability ActComputer Fraud and Abuse ActElectronic Communications Privacy ActUSA PATRIOT ActUSA PATRIOT Improvement and Reauthorization Act of 2005Public Law 107-56Gramm-Leach-Bliley ActSarbanes-Oxley ActPayment Card Industry Data Security StandardFamily Educational Rights and Privacy Act (FERPA)On the basis of your research, discuss the impacts of your case study analysis from the previous weeks on the security and privacy acts such as the ones listed above.Your report should include:A suggested plan for improving your organization’s operations securityThe information systems security impact of the constructed ISOn the basis of the system that you've developed so far, devise an annual budget to operate the following:Points of entry into the system where customers, or generally end users, are identified, authenticated, and authorized to access resourcesPoints of entry for assets (material or digital) obtained from suppliersSupport systems that track events, based on the system you've proposedSupport systems that track the traffic of information, based on the system you've proposedState the assumptions made on the operations of these systems. These assumptions may include the number of staff required, the pay rate, and the number of hours the different elements of the system operate per day.Your report should be written using the APA format, and it should include a copy of all the references used. Be sure your report contains the following:A logical flow and transition in the content.Complete report should include a title, abstract, summary, reference, and bibliography.Report should be an appropriate deliverable to senior management.Report should reflect depth, breadth, and implications related to the theories and constructs studied in this course.Conclusions and recommendations practical and actionable, not merely theoretical with no basis for the organization officers to take specific actions or steps to improve.Submission Details:Submit your plan in a 10–15 page Microsoft Word document, using APA style.