Scribd
Upload
62 views3 pages

IT Department Risk Observations Report

The IT department faces several risks including infrastructure failure, user risks, external risks, and people risks. Infrastructure risks include the potential for fire, theft, or system breakdown impacting important data and systems. User risks stem from lack of computer experience, use of easy passwords, and lack of privacy awareness among employees. External risks involve electricity outages and internet provider failures. People risks center around disrespect between the IT department and risk officer during meetings. To address these, contingency backup plans are needed for infrastructure, user training is required, backup generators should be implemented, and improved communication and cooperation between departments is necessary.

Uploaded by

Han Htun Oo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
62 views3 pages

IT Department Risk Observations Report

The IT department faces several risks including infrastructure failure, user risks, external risks, and people risks. Infrastructure risks include the potential for fire, theft, or system breakdown impacting important data and systems. User risks stem from lack of computer experience, use of easy passwords, and lack of privacy awareness among employees. External risks involve electricity outages and internet provider failures. People risks center around disrespect between the IT department and risk officer during meetings. To address these, contingency backup plans are needed for infrastructure, user training is required, backup generators should be implemented, and improved communication and cooperation between departments is necessary.

Uploaded by

Han Htun Oo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Risk Observation: IT Department Risks

Observation 1
IT Risk (Infrastructure, system or devices Risk)
Risk Description
Infrastructures such as data server, Synology devices, Branches Internet and Computer devices
and Important data are at risk of fire, theft, system breakdown, and tempering by internal or
external staffs.

Risk Approach
Risk Officer talked with IT department to understand the IT related risks.

Potential Outcomes
Systems and Devices failure could lead to risk ranging from Operation to Fraud Risks. ( CCTV
tempering by internal Staffs at Kyone Pyaw)

Risk Strategy and Action Plan:


By Mitigate and Control,
To prevent from system and infrastructure failure, IT need to have contingency backup plan to
replace damaged infrastructure and perform the corrective actions in timely and effective
manners.

Observation 2
IT Risk (Users Risk)
Risk Description
Users’ risks are described below;

• Un-trust worthy Employees


• Lack of Computer Experience And
• Non-Sense of using Technology
• Unfriendly with Computers
• Personal Computer Usages
• Using Easy password, Default User Password And
• Set Remember Password Setting automatically
• Have No Privacy Awareness
• Share Office Related Confidential
Risk Approach
Discussed with IT department about Users’ risks

Potential Outcomes
Because of users’ risks described above, MFI could be at risk of data breach, system(computer)
breakdown or ineffective and low productivity by employees at branches

Risk Strategy and Action Plan:


By Mitigate and Control,
IT department should teach users training on how to use computers, Microsoft
application(Word,Excel), how to use Musoni and other necessary basic IT related skills.

Observation 3
IT Risk (Infrastructure, system or devices Risk)
Risk Description
External Risks
• Electricity breakdown
• Failure Of MPT, TELENOR, OOREEDOO, MYTEL
• No Backup Plan To Access Internet
• Google Breakdown
• Government Internet Restriction

Risk Approach
Risk Officer talked with IT department to understand the IT and external related risks.

Potential Outcomes
-Electricity breakdown will impact branches CCTVs, Computer and other electrical devices non-
functioning which will impact branch operations severely.
-Internet Breakdown will impact users to unable to process gmail(communication) and Musoni
,other operational related risks

Risk Strategy and Action Plan:


By Mitigate and Control,
To prevent from electricity black out, Admin need to have contingency plan to have backup
generators to continue functioning of the branches even when there is electricity blackout for a
few weeks to months in case of disaster.
Observation 4
IT Risk (People risk)
Risk Description
Head of IT and IT team members are lack of respect and make fun of everything risk officer say.
During procurement meeting, they do not participate in decision making with other department
cases and they make fun of other members also during the risk officer joining meeting.

Risk Approach
Risk Officer talked with IT department to understand the IT related risks.

Potential Outcomes
Lack of co-operative communication and respect for each other will cause loss of productivity and
ineffectiveness.

Risk Strategy and Action Plan:


By Mitigate and Control,
Management should be aware of the current head office condition and improve departmental
communication and cooperation.

You might also like