Assessment Task — Case Study
You have been engaged as a MIS consultant for the following organization.
“Secure Asset Management” — often known as SAM – specialize in ultra-high secure data storage and digital asset management. Their clients are primarily in the banking and financial services industries — but not exclusively. SAM is not a bank or traditional financial institution. It does not store money in any form. However, it does store something even more important — sensitive corporate data.
Examples of such data include: internal accounts (as opposed to publicly disclosed accounts), auditing reports, staff and salary data, back-ups and archives of operational data. regulatory & legal data, corporate strategy data including market share, competitor analysis and take-over/merger & acquisition target data. Not the kind of stuff their clients want floating around on the internet.
Because of their main client base, they are headquartered in the City of London, where existing and prospective new clients can come in and meet the firm face-to-face. The staff here include all central services plus the CEO and senior management team.
Apart from the London HQ. the company also owns and operates two ultra-secure data centres — named DC1 and DC2 – where all the above client data is held. Security is obviously of utmost importance. For that reason, DC1 is located on an abandoned oil rig 100 miles out from Aberdeen. Scotland in the North Sea while DC2 is located in a de-commissioned nuclear bunker complex somewhere in remote Wales. For enhanced resilience, data is ‘mirrored’ (duplicated) at both centres. All data is managed locally ‘on-premise’.
When trying to win new business, most clients want to see high-quality video presentations of the data centre security and what services the company can offer. Sometimes the clients will come to the London HQ, other times they want to view the presentations at their own premises. All this audio-video data has to be stored, transferred and presented smoothly and securely in the conference room — potentially at any time.
Another lucrative part of the business is the installation of tamper-proof hard drives and other physical computer security devices to the actual client laptops and desktop computers. This cannot be done on client premises and so the company has a specialized facility on the outskirts of London where all such work is done by company technicians.
Unlike data itself, the laptops and desktops cannot be sent down a wire or transmitted over the air — they must be physically collected and delivered by company vehicles — known as Secure Transit Vehicles. Each has a unique number (STV1, STV2 etc.) There are currently ten such vehicles. This transit operation is a major security concern and so all vehicles — as well as being physically secure — must be tracked at all times. Each client device must also be uniquely trackable. The whole collection-delivery-fix-return lifecycle must be fully tracked and audited — just in case a device goes missing or there is an attempted robbery.
Clients have also expressed a desire to be able to track their devices in real-time.
More recently, the company has added a third type of service – over and above the traditional secure data centres and the enhancing of client devices at its factory. This involves the supply of a Personal Data Guard – like a bodyguard but for data rather than people. Many staff at blue-chip banking and financial clients have to regularly go overseas — often to hostile environments and they are naturally concerned about their own personal safety but also the safety of their computing devices and the sensitive data held on them. They want to feel safe. SAM satisfies this need by supplying — either on a regular, contract basis or an irregular ad-hoc basis — a dedicated individual (or even a whole team) who can protect the client, their computing devices and their data from unwanted attention. Such staff are almost exclusively drawn from the special forces who have the training to deliver this service.
At present, the company have several major concerns:
1. The safety and security of ‘on-premise’ data storage, backup and recovery and business continuity in the case of a catastrophic data loss at one of the sites — even allowing for the mirroring across both data centres.
2. The current weakness in using data more strategically to plan the f 4/9 o business. For example, the board would like to know which clients are lea_ . ofita, Which types of service and data are most common and which are most/least profitable? Ai, there any patterns or trends hidden in the vast amount of data they store?
3. The impact of the new GDPR data protection legislation coming into effect. The company are very sensitive to data leaks and reputational damage — probably more than most companies — for obvious reasons. Staff vetting, secure data storage and data transit are vital.
4. The lack of in-house IT skills and due to the central London location of the company HQ (where the small IT department is based) — they are worried about the cost of recruiting and retaining the required new IT skills in such a competitive IT recruitment market.
5. The company wants secure 24 x 7 off-site access to the London HQ systems by HQ staff — perhaps because they are working at home or away seeing a client. For security reasons, only the staff physically inside the London HQ can access the two data centres and so remote access to DC1 and DC2 is not needed.
The above is simply an outline of the company and you will need to make your own assumptions and interpret or even extend the scenario as you go. Use your imagination as you see fit, but you must clearly document all assumptions and extensions.
The specific tasks you need to satisfy are listed below This assessment is worth 100% of the total marks for the module. Task 1
For the specified case study, use the information provided, plus your own research into similar organizations, to list and describe the various functional business units that you deem necessary for it to carry out its business.
Take care to describe not only the primary purpose and function of each unit, but also the in-going and out-going types of data to that functional unit. To what end is that data used within each business unit?
It is recommended that you support your discussion with a fully annotated structure charm` one or more data flow diagrams to represent how these various business units relate other and how data flows in, out and around the organization.
Description
However this is the question related to the case study.
Task 1
For the specified case study, use the information provided, plus your own research into similar organizations, to list and describe the various functional business units that you deem necessary for it to carry out its business.
Take care to describe not only the primary purpose and function of each unit, but also the in-going and out-going types of data to that functional unit. To what end is that data used within each business unit?
It is recommended that you support your discussion with a fully annotated structure chart and one or more data flow diagrams to represent how these various business units relate to each other and how data flows in, out and around the organization.
Last Completed Projects
| topic title | academic level | Writer | delivered |
|---|
