Professional Documents
Culture Documents
Coursework Assessment
202110
Instructions to Students
1. This assessment has maximum of 12 pages including the cover page, references and annexures.
2. Each student is required to submit the project deliverables individually onto Blackboard.
• Students are required to refrain from all forms of academic dishonesty as defined and explained in HCT procedures and
directions from HCT personnel.
• A student found guilty of having committed acts of academic dishonesty may be subject to one or more of the
disciplinary measures as outlined in Article 33 of the Student and Academic Regulations.
إفادة األمانة األكاديمية
والتوجيهات، كما هو مبيّن وموضح في السياسات واإلجراءات الخاصة بكليات التقنية العليا،• يُطلب من الطلبة االمتناع عن كافة أشكال سوء األمانة األكاديمية
.الصادرة من موظفي الكليات
من33 • في حالة ارتكاب الطالب أي شكل من أشكال سوء األمانة األكاديمية سوف يتعرض الى واحد أو أكثر من التدابير التأديبية على النحو المبين في المادة
.األنظمة األكاديمية
Table of Contents
PART 1.......................................................................................................................................................3
INTRODUCTION...................................................................................................................................3
COMPANY’S BACKGROUND.................................................................................................................3
Location...............................................................................................................................................3
Business vision.....................................................................................................................................3
Mission................................................................................................................................................3
Business objectives..............................................................................................................................3
Application Profile...............................................................................................................................4
Section 1.1:..........................................................................................................................................4
Possible alternative.............................................................................................................................7
PART 2......................................................................................................................................................10
TOGAF................................................................................................................................................10
ITIL.....................................................................................................................................................10
COBIT.................................................................................................................................................11
NIST...................................................................................................................................................11
ISO 27000..........................................................................................................................................11
Conclusion.................................................................................................................................................18
References.................................................................................................................................................18
PART 1
COMPANY’S BACKGROUND
Emirates is the national carrier of the UAE, which was founded in October 1985. Emirates is the
world's biggest airline and one of the world's fastest in growth, with a network that spans the
globe. The airline has a widebody fleet and is the world's Biggest operator of the A380 Airbus
aircrafts t. Emirates operates a vast network of services throughout the Middle East, as well as to
Africa, Asia, North America, the South Pacific, South America and Europe, from its hub at
DXB Airport. Emirates SkyCargo is Emirates' air freight subsidiary, which serves more than 50
locations. (Emirates,2021)
Location
Dubai, United Arab Emirates, serves as Emirates headquarters and major hub. For both local
and international flights, Dubai Airport serves as the city’s starting point. The airport is
considered the busiest airport in the world, which implies it’s not only one of the greatest
airports in the middle east it also has a big financial impact on Dubai.
Business vision
Maintain international recognition, become one of the world's leading aviation and security
service companies, and set a benchmark in the industry.
Mission
Emirates maintains its international reputation as one of the world's aviation giantssets the
standard in the industry. Emirates strives to increase mobility and connecting people all over the
world.
• Commit to ensuring the safety of all customers, employees, and assets by conducting regular
reviews, training, and education.
• Commit to ensuring the safety of all customers, employees, and assets by conducting regular
reviews, training, and education.
• The first step in achieving organizational commitment is to hire a devoted team and provide
them with tools and training.
• Respect and care for people of all backgrounds and cultures while promoting Emirates Airlines
values and hospitality.
• To continue delivering excellent customer service, the company must preserve its financial
stability while quickly expanding.
Business objectives
Emirates Airways' business goals are as follows:
Application Profile
Applications produced Emirates as part of their electronic smartphone application series are used
by the airline. With these apps, customers may simply follow up with the airline while still
having access to their service needs.
The second application is email. e-mail is utilized extensively by both consumers and airline
personnel in this circumstance. In addition, Emirates offers a choice of technologies for
communication through smart phones.
Section 1.1:
IT SWOT Analysis
SWOT analysis of Emirates will help us maximize strengths, minimize weaknesses, take
advantage of new market possibilities, and avoid overlooking dangers.
Strengths
Customized service will continue.
Weakness
Ineffectiveness
There is a lack of preparedness in the event of a crisis
IT staff must fulfil their responsibilities even though there is inconsistency in their
knowledge.
There is no school-wide information technology compliance organization that can aid
with policy enforcement.
There are no standard computer networks.
Opportunities
Virtualization and the use of the new product
Creating virtual servers from server systems
the establishment of committees to advise on devices and analyses
Web-based applications
The connecting of several electronic components.
Threats
A hostile environment for security
Rogue IT staff
On-demand or cloud computing
A large number of gadgets are available to assist with the use of internet services
Taking Responsibility for One's Own Behavior
IT Organization Profile:
Emirates has a very complex Information technology processes, as an example Emirates
application which allows you to manage your booking which includes booking new flights and
canceling flights.
IT SERVICE MANAGEMENT
To operate, control information and provide technology services to customers Emirates is having
a web application and mobile application through where a customer can book his/her ticket,
check status of the ticket, book hotel, rent a car and also, they provide online check-in for their
stakeholders.
IT GOVERNANCE
Under the governance of Alex alexander being the Group Chief Technology in Emirates,
to give the best services to their customers Emirates by controlling critical information
technology capabilities decisions is monitoring everything and following domains like delivery
of high quality, alignment of strategy, management of performance and management of
resources and risk.
ENTERPRISE ARCHITECTURE:
Emirates Cargo is committed to delivering their services in accordance with the division's
Quality Management System across their operations. To accomplish so, they ensure that all
safety and security rules are followed to the letter. They work hard to ensure that our products
and services meet and exceed international and industry quality standards. Emirates adhere to
their operational, commercial, and quality rules and processes with enthusiasm, and they strive
for continuous improvement to provide outstanding service to our customers and also employees.
As an ISO 9001:2015 accredited organization, Emirates is committed to implement Quality
Policies.
Section 3: Major IT & Business Gap Analysis
After conducting a SWOT analysis of Emirates, we concluded that in order to achieve its goals
and objectives, the company must address the technological gaps and weaknesses which are
listed below:
I. Ineffectiveness
IV. The lack of a school-wide information technology compliance organization that can assist
with policy enforcement, and the lack of standard computer networks.
Possible alternative
Developing new application
Customers may sign up at any time and from any location thanks to a streamlined registration
process. The department of enrolled clients and staff creates databases for customers, which
saves them time. It saves the amount of time spent inputting data, maximizes HR resources,
and so on.
Employees that are quick to adapt to new processes or ways of working will embrace digital change.
Rather of fighting the need to learn new skills, they are enthusiastic about the prospect of upskilling and
will actively seek out opportunities to apply their new skills.
Employees need to understand why their job is changing before they can commit to learning new skills,
therefore communication is often at the heart of a successful upskilling effort. So, convey the benefits of
new technological development, what's required of them, how their day-to-day work will be impacted,
and how you'll assist their upskilling to all employees clearly and on a frequent basis.
It's also critical to empower employees so that they feel appreciated. This will encourage them to give it
their all. Employees, after all, must understand their role in any new digital adoption, which can only be
accomplished in a culture that values trust, openness, and clear communication.
PART 2
TOGAF
Is Open Group Architecture Framework, which provides an approach for developing, planning,
implementing, and regulating an enterprise information technology architecture, is the most
widely used framework for enterprise architecture as of 2020. TOGAF is a high-level design
technique.
ITIL
The Information Technology Infrastructure Library is a collection of detailed practices for IT
tasks like IT service management and IT asset management, with a focus on aligning IT services
with business objectives.
COBIT
Control Objectives for Information and Related Technologies are defined. COBIT, or Control
Objectives for Information and Related Technologies, is a framework that intends to assist
organizations in developing, implementing, monitoring, and improving IT governance and
information management.
NIST
The NIST Cybersecurity Framework is a series of principles released by the US National
Institute of Standards and Technology for mitigating organizational cybersecurity risks. It is built
on existing standards, guidelines, and practices.
ISO 27000
ISO 27000 is a framework and an accreditation that can be used to certify that a business
satisfies a specific degree of information security maturity, similar to ISO's 9000 series, which
focuses on quality. The 27000 series is divided into six segments, each dealing with a distinct
aspect of an Information Security Management System (ISMS).
Success
More and more IT consulting firms are using ISO-20000, which is a standard for improving
security, dependability and high-quality services. Some well-known ISO 2000 recognized bodies
are listed below (27001-27002)
A-LIGN
NSF International
Russian Register
Coal fire
NSAI Inc
CEPREI
Components/Domains
Main components and controls of ISO 20000 are as follows:
• Information management rules and regulations
• The structure of computer security is outlined.
• The safeguarding of human capital
• The safeguarding of one's assets
• Monitoring of access
• Cryptography
• The protection of the physical and natural worlds
• Safety of operations
• Data protection through the Internet
• Purchasing, manufacturing, and maintaining systems
• Supplier-customer relations
• Management of information security incidents
• Defining the organization's stance on matters such as permissible usage and password
protection from the top down
• Employees are given job instructions outlining the processes they must follow so that they
may adhere to the company's regulations.
Further study of the ISMS mechanism is necessary for this stage. Clauses 4 and 5 of the ISO
27001 standards define the procedure for doing so.
Assessing your ISMS's complexity and its potential influence on your everyday operations are
critical steps in this approach.
Because of this, you must identify all aspects of the organization that are important to the ISMS.
Your project's success depends on its ability to spread.
The danger of disclosing critical information and risking your company's safety increases if you
restrict your reach. Your ISMS might become unmanageable if your scope is too broad.
Next, establish risk acceptability criteria that incorporate the threat's ability to do harm and its
probability of happening.
Managers also utilize a hazard matrix to rate risks, the higher the number, the bigger the danger.
To determine if a hazard should be handled, they would then devise criteria.
You have four options when faced with a risk:
• Share the burden of risk (with an insurance policy or via an agreement with other parties).
Organizations may complete a Statement of Applicability (SOA) explaining the controls they
have selected and omitted from ISO 27001, as well as why they did so.
In order to acquire an ISO 27001 audit after your ISMS has been implemented, you may wish to
pursue the credential.
The first step is to verify that the organization's Information Security Management System
(ISMS) meets the standards of the ISO 27001 standard. To determine if the audit was successful,
an in-depth review will be conducted.
Please continue if you are confident in your skills until you have received certification. There is a
penalty if you go forward even if you are doubtful about your abilities.
You must be a member of the National Forensic Associations if you want to use a typical
shooting range training facility that may be found around the country (International
Accreditation Body).
This assures that the evaluation of the security policy's efficacy meets the standards of the
Standard 27001, unlike recognized companies that generally make strong promises about
issuance independent of compliance methods.
If we assume the cost of the audit, it must not be the sole consideration when selecting an
approval body, thus the expenditure must be minimal. In contrast to SECMSs, ISMSs are An
inspector must thus be familiar with the requirements of the organization that created the IS in
order to conduct a proper inspection.
Conclusion
By doing this project we have concluded that how much it’s important to have effective technical staff,
how important it is for an organization to train their employees, how important it is for an organization
to put their employees on the right mindset and at the end how important it is for the organization to
choose and implement the right framework to obtain Its business goals and objectives. If an organization
will not be considering these things, then organization can face severe problems which will be witnessed
by both internal and external stakeholders.
References
Alsumairi, M., & Tsui, K. W. H. (2017). A case study: The impact of low-cost carriers on
inbound tourism of Saudi Arabia. Journal of Air Transport Management, 62, 129- 145.
Balakrishnan, M. S., Jayashree, P., & Michael, I. (2011). Etihad: contributing to the UAE vision
through Emiratisation. Emerald Emerging Markets Case Studies, 1(1), 1-7.
Khan, S., & Khan, S. (2016). A Study on the Transformation of Uae's Air Transport Industry
Focusing on Its Contribution to Uae's Economy. Researchers World, 7(4), 107.
Lohmann, G., & Spasojevic, B. (2018). Airline business strategy. The Routledge Companion
to Air Transport Management, 139.
McKechnie, D. S., Grant, J., & Katsioloudes, M. (2008). Positions and positioning: strategy
simply stated. Business strategy series, 9(5), 224-230.
Vespermann, J., Wald, A., & Gleich, R. (2008). Aviation growth in the Middle East–impacts
on incumbent players and potential strategic reactions. Journal of Transport
Geography, 16(6), 388-394.