965 resultados para IT-risks
Resumo:
Työn tavoitteena on tunnistaa toiminnallisia riskitekijöitä rahoituspalveluita tarjoavan yrityksen IT-organisaatiossa sekä löytää arkipäiväisiä keinoja hallita näitä riskejä. Työssä riskejä on myös tarkasteltu mahdollisen ulkoistuksen yhteydessä. Fuusiot ovat yleisiä rahoitusalan yrityksissä. Yhteenliittymien tuloksena yritysten IT-arkkitehtuuri voi olla monimutkainen ja kulttuurierot yrityksessä suuria. Synergia- ja mittakaavaetuja saadakseen yritys keskittää toimintojaan ja IT-ratkaisujaan. Riskien tunnistaminen on riskienhallintaprosessin tärkein vaihe. Tässä tutkimuksessa riskit ja riskitekijät tunnistettiin itsearvioinnin avulla kysymyssarjoja hyväksikäyttäen. Monet riskitekijät liittyivät sisäisen valvonnan ja seurannan puutteisiin. Myöhemmin näille riskeille pohdittiin työryhmässä käytännönläheisiä hallintakeinoja. Yritys voi siirtää tai jakaa IT -riskejä ulkoistamalla. Ulkoistaminen voi kuitenkin tuoda mukaan myös uusia riskitekijöitä. Ennen ulkoistamispäätöstä yrityksen sisäisten prosessien ja organisaation on oltava järjestyksessä, jotta sopimuksen kannattavuutta voidaan verrata luotettavasti saman palvelun tuottamiseen sisäisesti.
Resumo:
State compliance with EU Law is crucial to the very existence of the Union. Traditionally, it has been secured through a combination of strong "private" and of weak "centralized" enforcement. However, this arrangement is no longer perceived to be sufficient. By endowing the Union with new tools vis-à-vis its Member States - penalties, conditionality, and the like - current reforms try to complement symbolic sanctioning with real "consequences". The goal is to reinforce the authority of EU Law. In this article, we question whether the new toolbox is fit for the purpose, or whether it risks to produce adverse effects which might even go as far as upsetting the Union's constitutional template.
Resumo:
Mediayhtiöt miettivät keinoja joilla saataisiin lukijat maksamaan myös verkkopalveluihin julkaistavista sisällöistä. Tässä tutkimuksessa selvitettiin tilaajapohjaisen maksullisen verkkopalvelu-mallin soveltuvuutta Talentum Media Oy:lle sekä kehitettiin yritykselle maksavia asiakkaita houkuttelevan sisältötuotteen konsepti. Tutkimuksessa ei ilmennyt syitä, joiden takia yrityksen olisi syytä lykätä maksullisen verkkopalvelun kehittämistä. Perinteistä lehteä ja sen verkkopalvelua ei kannata nähdä toistensa kilpailijoina. Käyttäjät ovat yhä valmiimpia maksamaan sisällöstä verkossa, kun se on järjestelty houkutteleviksi kokonaisuuksiksi ja paketoitu oikein, sekä kun he säästävät aikaa tai vaivaa verkkopalvelun käytöllä. Verkkopalvelun muuntaminen maksulliseksi on kuitenkin suunniteltava erittäin tarkkaan, muuten käyttäjät saattavat siirtyä ilmaisiin palveluihin. Talentumin verkkopalveluiden käyttäjille tehdyn kyselytutkimuksen mukaan yrityksen verkkopalveluiden käyttäjät maksaisivat mieluiten verkkokoulutuksista, erityisraporteista ja tutkivasta journalismista, ammattikirjojen tiivistelmistä, opastavista tietopaketeista, pörssi- ja yritystiedosta sekä näköislehdistä. Tutkimuksessa kehitettiin maksullisen verkkopalvelun konsepti, joka tarjoaa lukijoille itsensä kehittämisen välineitä sekä informaatiota nopeasti ja vaivattomasti heidän haluamaansa aikaan ja valitsemallaan päätelaitteella. Konseptia seuraavan tuotekehityshankkeen tuloksena syntyvästä verkkopalvelusta odotetaan saatavan merkittävää lisäliikevaihtoa yrityksen online-toiminnoille.
Resumo:
Tietojärjestelmät ovat kehittyneet kriittisiksi tekijöiksi yritysten liiketoiminnassa. Niitä on vaikea tai lähes mahdoton korvata. Toisaalta tietojärjestelmät ovat edesauttaneet yrityksiä tehostamaan toimintaansa. Yrityksen toimialalla tai koolla ei nykyään ole merkitystä erilaisten tietoteknisten järjestelmien ja sovellusten hyödyntämisessä. Riskienhallinnan avulla yritys pyrkii ennaltaehkäisemään tunnettuja riskejä. Liiketoiminnan jatkuvuudenhallinta pyrkii puolestaan varautumaan riskin aiheuttamaan liiketoiminnan häiriöön ja siitä toipumiseen. Tietojärjestelmien ollessa korvaamattomia tulee yrityksen kohdistaa resursseja ennaltaehkäiseviin toimiin, lisäksi sen on pyrittävä lyhentämään häiriöstä toipumisen aikaa. Tutkimuksen tarkoituksena oli tunnistaa kohdeyrityksen tietojärjestelmien merkittävimmät riskit, jotka uhkaavat oleellisesti liiketoiminnan jatkuvuutta. Liiketoiminnan jatkuvuuden tarkastelussa hyödynnettiin yrityksen käyttämää suorituskykymittaristoa (Balanced Score Card). Työllä tuetaan yrityksen laatujärjestelmän vaatimuksia liiketoiminnan turvaamisessa. Tutkielma toteutettiin pääasiassa teemahaastatteluiden muodossa, laadullista tutkimusmenetelmää hyödyntäen. Tutkimuksessa todettiin yrityksen tietojärjestelmien ja niiden ylläpidon olevan hyvällä tasolla. Muutamia kriittisiä vikaantumispisteitä kuitenkin havaittiin, joiden pohjalta laadittiin kehitysehdotuksia tietojärjestelmien vikasietoisuuden parantamiseksi liiketoiminnan jatkuvuudenhallinnan näkökannalta.
Resumo:
Nyky-yhteiskunta nojautuu vahvasti tietojärjestelmiin luoden laajemman arkkitehtuurisen kokonaisuuden, kybertoimintaympäristön. Liiketoimintaa tukevat tietojärjestelmät tukevat myös organisaatioiden prosesseja kokonaisvaltaisesti. Jotta näitä tärkeitä kyberympäristön tietojärjestelmä- sekä liiketoimintaympäristöresursseja pystytään käyttämään, tulee järjestelmien olla luotettavia ja sovellusten saatavilla vuorokauden ympäri tai aina tarvittaessa. Tilanteet, joissa järjestelmän käytettävyys vaarantuu, voivat eskaloitua yllättäen suuremmiksi, jos poikkeustilanteisiin ei ole varauduttu. Poikkeustilanteisiin varautumiseen tarvitaan jatkuvuudenhallintaa, joka on kiinteästi osa kattavampaa IT-strategiaa ja koko yhteiskunta-/yrityskulttuuria. Työ on toteutettu yhdistäen empiriaa ja teoriaa eli tavoitteena on teoreettisen tietämyksen ja käytännön kokemuksellisen oppimisen ja tietämyksen kautta luoda konstruktiivisella otteella toipumissuunnitelman testauksessa käytettävä simulaatiotestausmalli. Dynamics AX -toiminnanohjausjärjestelmän toipumissuunnitelman simulaatiotestausmallista rakentui selkeä ja kevyt työkalu asiakasyritysten toipumissuunnitelman simulaatiotestauksiin. Diplomityössä kuvatuilla keinotekoisilla järjestelmän häiriötilanteilla pystytään simuloimaan Dynamics AX:n toipumissuunnitelman testauksissa oikeita häiriötilanteita suhteellisen kattavalla tasolla.
Resumo:
The information technology - IT- benefits have been more perceived during the last decades. Both IT and business managers are dealing with subjects like governance, IT-Business alignment, information security and others on their top priorities. Talking about governance, specifically, managers are facing it with a technical approach, that gives emphasis on protection against invasions, antivirus systems, access controls and others technical issues. The IT risk management, commonly, is faced under this approach, that means, has its importance reduced and delegated to IT Departments. On the last two decades, a new IT risk management perspective raised, bringing an holistic view of IT risk to the organization. According to this new perspective, the strategies formulation process should take into account the IT risks. With the growing of IT dependence on most of organizations, the necessity of a better comprehension about the subject becomes more clear. This work shows a study in three public organizations of the Pernambuco State that investigates how those organizations manage their IT risks. Structured interviews were made with IT managers, and later, analyzed and compared with conceptual categories found in the literature. The results shows that the IT risks culture and IT governance are weakly understood and implemented on those organizations, where there are not such an IT risk methodology formally defined, neither executed. In addition, most of practices suggested in the literature were found, even without an alignment with an IT risks management process
Resumo:
What is ‘the’ EU internal market, as economists see it? The present BEER paper attempts to survey and help readers understand various ‘economic’ approaches to the internal market idea. The paper starts with a conceptual discussion of what ‘the’ internal market is (in an economic perspective). Six different economic meanings of the internal market are presented, with the sixth one being the economic benchmark in an ideal setting. Subsequently, the question is asked what the internal market (i.e. its proper functioning) is good for. Put differently, the internal market in the EU Treaty is a means, but a means to what? Beyond the typical economic growth objectives of the Rome Treaty (still valid today, with some qualifications), other Treaty objectives have emerged. Economists typically think in means-end relationships and the instrumental role of the internal market for Treaty objectives is far from clear. The ‘new’ Commission internal market strategy of 2007 proposes a more goal-oriented internal market policy. Such a vision is more selective in picking intermediate objectives to which ‘the’ internal market should be instrumental, but it risks to ignore the major deficits in today’s internal market: services and labour! The means-end relationships get even more problematic once one begins to scrutinise all the socio-economic objectives of the current (Amsterdam/Nice) Treaty or still other intermediate objectives. The internal market (explicitly including the relevant common regulation) then becomes a ‘jack of all trades’ for the environment, a high level of social protection, innovation or ‘Social Europe’. These means/ends relationships often are ill-specified. The final section considers the future of the internal market, by distinguishing three strategies: incremental strategies (including the new internal market strategy of November 2007); the internal market as the core of the Economic Union serving the ‘proper functioning of the monetary union’; and deepening and widening of the internal market as justified by the functional subsidiarity test. Even though the latter two would seem to be preferable from an economic point of view, they currently lack political legitimacy and are therefore unlikely to be pursued in the near future.
Resumo:
The upcoming 21-22 May Eastern Partnership (EaP) Riga Summit will take place against the backdrop of the new geopolitical reality in the EU’s Eastern neighbourhood, in the aftermath of Russia’s annexation of Crimea and ongoing war in Eastern Ukraine. Given the extremely complex geopolitical context, the importance of the Summit and the message it delivers to the partner countries – particularly to Ukraine, Georgia and Moldova, which have made European integration their foreign policy goal – cannot be underestimated. The Summit needs to send a strong, unambiguous signal reconfirming the EU’s commitment to the EaP, and offer a clear roadmap for the future. If the Summit turns out to be a non-event, with an empty declaration, it risks being perceived as rewarding the bullying policies of Russia.
Resumo:
Danish companies are especially prevalent in China where they have found opportunities to exploit their niche position in a number of specialised product areas. As a result, their operations are often well advanced in terms of the levels of technology transferred and the extent of transfer. Transferring technology brings with it risks as well as benefits. Its absorption and dissemination can, in the longer term, bring about new competitors unless measures are taken to prevent leakage of know-how or the technology supplier can stay ahead of the technological race. This paper draws on data from three Danish case companies that are transferring technology to China. The cases are examined within a framework that allows the identification of the companies’ motivations for transfer against their awareness of the techno-economic security issues. In this way it is possible to highlight the strategic and operational approaches that can be taken to obviate the risks involved.
Resumo:
The information technology - IT- benefits have been more perceived during the last decades. Both IT and business managers are dealing with subjects like governance, IT-Business alignment, information security and others on their top priorities. Talking about governance, specifically, managers are facing it with a technical approach, that gives emphasis on protection against invasions, antivirus systems, access controls and others technical issues. The IT risk management, commonly, is faced under this approach, that means, has its importance reduced and delegated to IT Departments. On the last two decades, a new IT risk management perspective raised, bringing an holistic view of IT risk to the organization. According to this new perspective, the strategies formulation process should take into account the IT risks. With the growing of IT dependence on most of organizations, the necessity of a better comprehension about the subject becomes more clear. This work shows a study in three public organizations of the Pernambuco State that investigates how those organizations manage their IT risks. Structured interviews were made with IT managers, and later, analyzed and compared with conceptual categories found in the literature. The results shows that the IT risks culture and IT governance are weakly understood and implemented on those organizations, where there are not such an IT risk methodology formally defined, neither executed. In addition, most of practices suggested in the literature were found, even without an alignment with an IT risks management process
Resumo:
The information technology - IT- benefits have been more perceived during the last decades. Both IT and business managers are dealing with subjects like governance, IT-Business alignment, information security and others on their top priorities. Talking about governance, specifically, managers are facing it with a technical approach, that gives emphasis on protection against invasions, antivirus systems, access controls and others technical issues. The IT risk management, commonly, is faced under this approach, that means, has its importance reduced and delegated to IT Departments. On the last two decades, a new IT risk management perspective raised, bringing an holistic view of IT risk to the organization. According to this new perspective, the strategies formulation process should take into account the IT risks. With the growing of IT dependence on most of organizations, the necessity of a better comprehension about the subject becomes more clear. This work shows a study in three public organizations of the Pernambuco State that investigates how those organizations manage their IT risks. Structured interviews were made with IT managers, and later, analyzed and compared with conceptual categories found in the literature. The results shows that the IT risks culture and IT governance are weakly understood and implemented on those organizations, where there are not such an IT risk methodology formally defined, neither executed. In addition, most of practices suggested in the literature were found, even without an alignment with an IT risks management process
Resumo:
Crushed stone mining is the third largest mining economy in Brazil, where almost half is produced in the Sao Paulo metropolitan region. The segment registers the highest number of accidents among the extractive industries, which justifies the concern with workers` health and safety, and the importance of controlling occupational hazards. Since 2002, the NR-22 Standard (NR-22: Occupational Health and Safety in Mining) makes compulsory the elaboration of a Risk Management Program that identifies risks and establishes control measures. Considering the crushed stone mining industry importance to the state, this paper evaluates and discusses the risks identified in unit operations during the production process of crushed stone in an open pit mine in order to propose control measures for the development of the Risk Management Program. Although this study refers to a specific quarry, it can be applied to other mines from the same sector since some considerations are made regarding differences in manufacturing processes. The research was based on the identification of the main risks associated with drilling, blasting, load & haulage, crushing and screening through field measurements of some hazardous agents, together with company reports. The results contributed to the choice of the appropriate control measures for the improvement Of workers` health and safety conditions.
Resumo:
The study of Information Technology (IT) outsourcing is relevant because companies are outsourcing their activities more than ever. An important IT outsourcing research area is the decision-making process. In other words, the comprehension of how companies decide about outsourcing their IT operations is relevant from research point of view. Therefore, the objective of this study is to understand the decision-making process used by Brazilian companies when outsourcing their IT operations. An analysis of the literature that refers to this subject showed that six aspects are usually considered by companies on the evaluation of IT outsourcing service alternatives. This research verified how these six aspects are considered by Brazilian companies on IT outsourcing decisions. The survey showed that Brazilian companies consider all the six aspects, but each of them has a different level of importance. The research also grouped the aspects according to their level of importance and interdependency, using factorial analysis to understand the logic behind IT outsourcing decision process. (C) 2009 Elsevier B.V. All rights reserved.
Resumo:
A mixture model for long-term survivors has been adopted in various fields such as biostatistics and criminology where some individuals may never experience the type of failure under study. It is directly applicable in situations where the only information available from follow-up on individuals who will never experience this type of failure is in the form of censored observations. In this paper, we consider a modification to the model so that it still applies in the case where during the follow-up period it becomes known that an individual will never experience failure from the cause of interest. Unless a model allows for this additional information, a consistent survival analysis will not be obtained. A partial maximum likelihood (ML) approach is proposed that preserves the simplicity of the long-term survival mixture model and provides consistent estimators of the quantities of interest. Some simulation experiments are performed to assess the efficiency of the partial ML approach relative to the full ML approach for survival in the presence of competing risks.
Resumo:
Risk equations have been developed to assist in determining fitness for work of people with diseases that may cause rapid loss of control. The four equations calculate the frequency of fatal injury to the person with the disease, the frequency of fatal injury to colleagues in the workplace, and the cost of fatal injury and property damage to the employer, it is suggested that the additional risk of fatal injury to the person with the disease should not exceed the fatal injury rate in high-risk industries such as forestry, fishing and mining. it is also suggested that the additional risk of fatal injury to each colleague should be no more than one-tenth of the fatal injury rate due to motor vehicle accidents in the community. Two hypothetical case examples are given, demonstrating the use of the equations. The equations highlight the need to examine the risks associated with individuals, their specific jobs and their workplaces. They also highlight significant uncertainties in the determination of fitness, which perhaps have been underestimated in the past. Wherever possible, redundant defences should be utilized to prevent accidents in the event of sudden incapacity.
