End of Week 7 Reflection

Another short week this week, but with lots of material covered. The main topic of discussion this week for me was dealing with change in the workplace. I gave an example of a change that happened in the workplace at a previous job I had where a guy wasted so much time on a project that easily could have been done in 30 minutes if he would have been able to reach the proper documentation on a new script that is supposed to be run to fix the problem. The problem was migrating permissions from Novell to Windows and this guy decided to do it all manually which wasted many man hours. A good question came up in this discussion on whether or not it is as important to have proper documentation on changes in the workplace in a smaller company as opposed to a bigger company. My response to this question was "I can't say that it is AS important in a smaller company as there are less people and less work so for a situation like this to occur is more rare compared to within a bigger company. I do believe however that it is still a very important factor in a business to succeed. It goes back to documentation and previous examples I've put out there where many problems occurred just because the proper documentation was not available. Like I said above time is money and so much time is waste without proper documentation and I cannot stress it enough based on my past experiences." It'd be interesting to hear other people's opinions on this question.

End of Week 6 Reflection

This week was a short week as we did not have class on Wednesday. We met on Monday to go over CoBiT objectives like we did on last Wednesday. Then on Wednesday we didn't have class so my group members decided to meet to go over our EASy Security project ideas. We had good discussion throughout the meeting and decided on the two ideas we wanted by weeding out the bad ideas. We then posted on our wiki's about the Sears fiaso and a feature Facebook implemented that breached some user's security. We also read the chapters Software Acquisition and Application risks and controls in the book. The book explained how important risk analysis is in the business world and realizing how essential it is to understand your risks and applications. Risk identification is a key to a utilizing your applications effectively. If you can't identify the risks with the applications your company is using then they are more likely to fail.

End of Week 5 Reflection

This week the biggest discussions were based on project management and going about getting permission to implement new ideas in the workplace. It has been interesting this semester looking at the different plans that have been made for projects on websites. I did this and am continuing to do it for my Project Management class. Some of the plans are so elaborate, some would wonder if it was really that necessary to have such elaborate plans. But if you look at history and at projects that surpassed expectations vs projects that failed, the ones that failed lacked the planning needed. Even if you don't think it is important to note, you might as well note it just in case someone out there comes upon the project and is wondering that exact same thing. Once again, my whole documentation idea pertains to this week also as documentation on a project is key. If you don't have the documentation necessary and someone knew comes onto the project, then it is going to end up being troublesome for the new guy and waste manhours and possibly lead to misinformation being handed out.

End of Week 4 Reflection

This week had less discussion as we did speeches on many different kinds of topics and did not have a BID due. We read about strategies and standards in IT and planning and controlling the environment. Everybody did speeches on particular subjects brought up throughout the book and the presentations were much better than the last one. Every group targeted the IT field and focused mostly on how it affects us, as students, rather than just reading the powerpoint and not being informative. Our group went over the IT governance standards such as CoBiT and Information Technology Infrastructure Library (ITIL). These standards are focused on providing standards so that companies can be more efficient and effective in the workplace. Also this allows for auditors to go from company to company without having to deal with a huge amount of change.