essay on information resource management n.
Skip this Video
Loading SlideShow in 5 Seconds..
Essay Writing of Information Resource Management- Tutors India PowerPoint Presentation
Download Presentation
Essay Writing of Information Resource Management- Tutors India

Loading in 2 Seconds...

play fullscreen
1 / 11

Essay Writing of Information Resource Management- Tutors India - PowerPoint PPT Presentation

  • Uploaded on

Our essay writers have experience in research methodology, specific domain experience, and educational degrees from international and top-ranked universities from India, the US, and the UK. You can have one-on-one coaching with a writer, statistician, research methodologist and editor.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Essay Writing of Information Resource Management- Tutors India

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
essay on information resource management

Essay on Information Resource Management

This Sample Work has been completed by ‘Tutors India’

Copyright © Tutors India. All rights reserved.

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 1 of 11

executive summary

Executive Summary

The present study attempts to analyze and helps to understand how the use/and misuse of knowledge is

critical to the organization’s success and further the case study provides better insight on how to prevent

and manage such problem in the organization. Neo-institutional theory was used as a basis for creating

theoretical framework for the present study. The case study was based on the report provided Adapa

Srinivasa from ICFAI Centre for Management Research (Reference No 908-022-1). From the report it

showed that organizations are finding it difficult to understand the problem and they are resisting in

changing the structure of organization. Moreover, most of the organizations are not aware about the

importance of information security at all levels of the company among their employees. Organizations

react only if there is any such threat that occurs to other company and that too by changing the entire

policy and structure of organization, which will in turn affect the morale and security of employees. In

order to prevent and manage such threats, organizations, must realize the consequences of such threats

before it happens and security measures such protecting the data, secured server, password protection,

disabled USB device CPU, bringing the policy that do not affect the employee morale.

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 2 of 11

table of contents

Table of Contents

Executive Summary ....................................................................................................................................... 2

Introduction .................................................................................................................................................. 4

Review of Literature ...................................................................................................................................... 6

Hypothesis: ................................................................................................................................................... 6

Methodology ................................................................................................................................................. 6

Discussion and Analysis................................................................................................................................. 7

Conclusion ................................................................................................................................................... 10

Bibliography ................................................................................................................................................ 11

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 3 of 11



The significant advancement in technologies related to networking, which are characterized by internet

growth have increased the vulnerability and the complexity of networks used by both individuals and

organizations all over the globe. However, this recent advancement in science and technology brings both

convenience and new challenges. The connectivity with high levels, sophisticated hacking tools

availability, electronic commerce growth, advancement in technological aspects that has created

opportunities for the darker side of the technology which has pose greater challenge to organizations. The

challenge in terms of warning issue to organizations with reference to use modern IT devices was first

brought in the year 2004 The Gartner Report (‘Will Sturgeon”, 2006). According to a report by Burton,

around 35 percent of the adults would own a ‘lifestyle’ IT devices such as PDAs, iPods, smart phones and

PDAs in the mid-2000s. The report, further highlighted the issues of new threats, which faced by the

companies and government in the form of ‘Pod-Slurring’, which refers to stealing of confidential

information with the help of technologies. The principle information technologies involved in such threats

are iPods, MP3 players, PDAs, digital cameras and smart phones which can hold large quantities of data

at the same time, the speed that data could be transferred would pose another important challenge. Most

of the MP3 players, till the mid-2000 do not contain any wireless system but mid 2007 more

sophisticated wireless devices like infra-red, Bluetooth, and Wi-Fi have been boasted. This has become

easier to download the data from computers and moreover data downloading doesn’t require the physical

contact. Today, files could be exchanged easily, by using Wi-Fi enabled iphones. In addition PDA also

has wireless technologies like Bluetooth and data could be stolen from bluesnarfing.

Apart from these technologies, data threat was also performed through emails and pen drives. The Gartner

report further inspired the Usher, who developed Slurp.exe, software, which can search and copy the large

corporation data, when loaded in iPod with 60GB hard drive. In addition, over 6GB files could be

downloaded from a PC using the firewall connected media players in less than two minutes time.

Utilizing USB ports and Bluetooth’s, connections, with no specialized software’s data could be easily

downloaded through company’s network. In two minutes time, latest MP3 players connected with USB

ports with a capacity of 20GB could copy huge amount of data. IBM’s ISS X-Force, report highlighted

that network and web based security events have been increased to 30 percent in the past 120 days and

worldwide, the total number increased from 1.8 million to 2.5 billion (“insiders pose new”, 2008). In

addition, pop-security messages that contains rogue anti-virus software or scareware such as Trojans or

key loggers (which records password and other sensitive data) but actually contains virus could harm the

computer (JKF, 2009).

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 4 of 11

further advancement and rapid proliferation

Further advancement and rapid proliferation in IT, such gadgets like iPods and other MP3 flash memory

music players would likely to increase in future and it was estimated that in the year 2009, this shipments

would increase to around 124 million units (“Employee theft”, 2006). Experts felt that, in the wired

environment, the security challenges posed by these devices were more difficult and serious. In the 21st

century, the biggest problem faced by number of companies and government sectors was related to data

security. In the next five years, the trend will be more pronounced due to globalization and increasingly

networked world economy. In order to protect the data from these memory sticks, in a note on Gartner

research “How to Tackle the Threat from Portable storage Devices” while Ruggero Contu pointed out for

this question is that “Unauthorized portable storage devices “ which are considered as potential carrier of

vehicles and malicious code for theft of data. “High data capacity and transfer rates, and broad platform

support mean that [these devices have] the capacity to quickly download much valuable information,

which can be easily leaded to outside world”, (John, 2004). These devices are used into companies

network to install software’s which are malicious like viruses and sometimes this would spoil entire vital

information and moreover, employees may not also be aware of the such viruses at the time of

unintentionally installing such software’s using their portable devices. In the wired technologies, it is

difficult to deal with the security challenge as said by the experts. The editor of Tim Wison says about

such technologies as “When all of your users and devices are attached to the network, you can do some

pretty amazing things with security policy. But when uses are picking up those devices and walk out of

the door, all bets are off”.

Company need to face, ‘vicarious liability’, a legal consequence due to these threats when the company’s

information which are considered as sensitive are made available the public due to copying of information

from their portable devices and this law moreover doesn’t care about the employee, but it certainly make

the company to liable condition due to improper transmission of data to the public. For example, From an

Ameriprise employee’s car in Massachusetts, USA, on December 25, 2005, a laptop was stolen which

contained the valuable and confidential information of the public such as name of the customers, and

social security number. This has been recovered, but for the recovery, enterprise needs to pay a

US$25,000 for the regulator in order to investigate this case. In order to get creditability among

stakeholders, companies kept quiet about these incidents when it happened to their company by firing the

employees, though huge amount of data has been lost. Due to technology advancement in jobs, work from

home policy, mobile jobs, all these prevented to the employers to put a law, on not to bring such devices

to the organization and moreover the concept of ‘fun at work’ which was posed by the employer itself

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 5 of 11

will be broken thus evolution of internet

will be broken. Thus, evolution of internet and World Wide Web has further exaggerated these threats

such as spyware technology, malicious software, etc.

Review of Literature

Soft system methodology has been used as a framework to analyze the critically ill structured situation,

such as in this case to assess the role of information technologies on data threat and ways to prevent and

to manage the data. It …”provides a general set of concepts and an intellectual framework for articulating

the search for images of reality which are relevant to taking purposeful action within some problem

situation” (Ledington 1992, p18.). Under soft system methodology, Checkland’s 7-stage model has been

used to critically analyze the situation from starting to finding the problem to taking further steps to

improve the situation. In order to analyze the present case study, we need to get better insight about this

model. In 1 and 2 stages of Check lands, the problem will be expressed by the participants in a picture

which is rich but it is unstructured. System thinking involves stage 3 and 4 and in these stages, conceptual

models and root definitions are developed with relevance to the system. While earlier stages are used to

develop only conceptual models and do not represent the real situations, but other coming stages are

developed based on the real world, where actual action takes place. In the stage 5, in order to perceive the

real world, the similarities and differences of conceptual model were assessed and in stage 6 is related to

culturally feasible are recommended and finally in stage 7, functional analyses and logic based stream of

inquiry of the problem identified would be undertaken. “Overall, the aim of SSM is to take seriously the

subjectivity which is the crucial characteristic of human affairs and to treat this subjectivity, if not exactly

scientifically, at least in a way characterized by intellectual rigor” [Checkland, Scholes 1990 p. 30].


The aim of the present study is to analyze on “how the use/and misuse of knowledge is critical to the

organization’s success”


For the present study, the question being asked was about “how the use/and misuse of knowledge is

critical to the organization’s success”, when such questions like “how” or “why” are being asked, thus

researchers do not have any control over it (Yin, 2003), thus, case study research design has been

considered more appropriate. The question posted in the case study was asked in natural setting, with no

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 6 of 11

previous experience on it benbasat et al 1987

previous experience on it (BenBasat et al., 1987; Dube and Pare, 2003). For analyzing the case study,

soft system methodology has provided a framework as it increased the awareness related to the all areas

of investigation and thus, provide holistic approach. Thus, for the present study, interview questions were

designed in semi-structured, open-ended follow questions interviewees were given enough opportunities

to answer the questions. This case study will help us to understand the how misuse of knowledge will

affect the organization success. If no prior information is available, case study will be performed and such

exploratory case studies will provide the theoretical framework.

Discussion and Analysis

Step 1: The problem identification in unstructured way as expressed by the participants: In this case, As

stated by Abe Usher, a US security expert, 2006 said that “This pod slurring is a growing area of concern

and there’s not a lot of awareness about it And yet in 2 minutes, it’s possible to extract about 100MB of

word, Excel, PDF files.. basically anything which might contain business data… and with a 60 GB ipod,

you could probably have every business document in a medium size firm” and according to Rich Mogull,

Vice president, Gartner group research (2007), further expressed “It is a real threat, but I consider it

pretty minor in the overall scheme of things….We’re a little bit worried about it because people can put

sensitive content onto these devices and move it around, but we’re more worried about accidental loss of

the devices than people using them for malicious purposes”. Here a problem is the data theft from an

organization from an internal employee through the use of principal technologies such as iPod, digital

phones, MP3 players, mobiles, pen drives, email, PDA, and digital cameras. The problem occurs in all

areas and all organization such as hospitals, labs, government data, business companies etc. Step 2: The

conceptual model and the root definition was developed based on the reason for such theft, (mission of

the identified problem) as indicated in the case study, the motives for data theft may occurs some

unintentionally such as carrying the data to perform at home in order to increase the productivity but this

sometime unintentional installing some software will affect the data security or curiosity, or monetary

gain, or malicious intent. However these threats will affect the organization creditability mainly their data

are profitable in several ways such as patents formula details, future expansion plans, financial details,

medical records, tender details and these information would certainly yield monitory benefits to the other


Overall framework is employees stole the data or erase the data either intentional or unintentional way,

which will affect the entire organizational creditability and sometime bring the organization to face legal

problems at the same time their profit is lost significantly as the personal data of the company are shared

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 7 of 11

to their competitors by the employees who left

to their competitors by the employees who left the organization. In order to protect the data, several

protective systems has to be developed in term of various levels, from changing the HR policy, prevention

of brining such device to an office etc. Stage 5: While the earlier stage provides only the conceptual

framework for the problem but this does not work in real life situation as protecting the employees not to

bring the mobiles, will affect their morale and further bring the sense of insecurity. Even in today’s world,

the employees are also working from home, mobile works, all these made internet a necessary problem,

thus to prevent data threat, the company can bring policies on how to handle these devices , especially the

devices which are permissible such as pen drives (portable plug and play) during working hours rather

than restricting such devices. But certain devices like Music MP3 players’ digital cameras, PDAs and

personal laptops could be prevented from brining into the organization. Even framing the policies, certain

guidelines has to be bear in mind such as bringing fear of the mind of employees or feeling of entrust,

ranks disgruntlement.

Other measures would be encryption of data in the network, secret codes has to be provided with sensitive

codes, use of digital rights management technologies, protection through intellectual property, not

connecting the data through network, disabled USB ports computers, new security solution to access

control of data, usage of new technology to protect the data such as end point security solutions which

allows the building fool proof computer network are the measures could be taken in order to prevent the

data from hacking. In the final stage, the information collected i.e the recommendation made are pulled

together and provided to an organization, at various levels, such as HR managers to create policies and

procedures, Information Technology department to create unique user id for each employees, restriction

of USP portal and secured network with no network, should be worked out to prevent and manage such

data threats. Thus, this model is useful, to evaluate and analyze the problem and also helped to identify

the roles and responsibility of each staff in a practical way. In order to protect the data, several protective

systems has to be developed in term of various levels, from changing the HR policy, prevention of brining

such device to an office etc.

Due to data theft, IT companies, big corporate are not only affected but at the same time other firms like

hospitals and laboratory are also at great risk. According to the report in 2006 by Federal Bureau of

Investigation (FBI)36, this showed that fourth highest economic effect on organization was the theft of

intellectual property37. Information security system for business managers, act as a backburner, thus it

has brought increased interest over the researchers over the last decade. In order to manage secured

information, several studies have been published which provided guidelines in terms of prescriptive and

normative, and also in addition provides baselines for designing methodologies, implementing and

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 8 of 11

managing the information system securely

managing the information system securely ( Baskerville, 1998; Rees et al 2003; Straub and Welke, 1998).

Several theories have been framed in order to know the reason behind how the use / misuse of knowledge

are critical to the organization success. Functional paradigm which has emphasized the rules and

structures while alternative theories such as radical humanist, radical structuralism and interpretive

(Dhillon and Backhouse, 2001) are used based on the theoretical framework. This theory will bring the

socio-organizational framework and in addition for studying the IT related issues to security in an

organization, neo-institutions theories have been used widely. Moreover neo-institutional theory will help

us to know the various factors that influence the organization behavior, but institutional theory gives us

idea about the changes of the behavior. In this case, the problem is how the use/and misuse of knowledge

is critical to the organization’s success, thus, neo-institutional theory has been used in further discussion.

Traditional functionalist looks the organization with rules, structures and procedures in order to perform

efficiently the task while institutional theory considers organization as social construction, which is

adaptive to the situation. The neo-institutional theory was developed by the work of Meyer and Rowan

(1977), where this theory emphasizes the two important components which include institutionalization

process and the isomorphism process. According to the definition by Tolbert and Zucker (1983) defined

institutionalization “as the process through which components of formal structure become widely

accepted, as both appropriate and necessary, and serve to legitimate organizations”.

Through the interviews, this case study (data provided -attachment) provided two sources of influences

within the context of neo-institutional theory, the normative influences considering both internal and

external sources of threat and their effect on organizations. Internal sources identified are protection of

data, security access and external sources including the new technological devices such as ipods, MP3

players, digital cameras, digital phones etc. The data theft would pose many problems to the companies

such as loss of patents, financial information, tender data, and sometimes revealed by the companies due

to the fear about their stakeholders as they lose their creditability within their stakeholders and other

competitors. Companies also face legal consequences, when the public data are being shared publicly

such legal threat will spoil the image of the company. In the year 2004 (Burton, n.d), it was reported that

almost 94 percent of business has been lost due to IT security breach. For example, personal data of

nearly 145,000 from choice point in the year 2005 has been stolen. 24 According to the Richard Hunter,

Vice president and Research Director, Gartner Executive programs states that “Enterprise are watching

employees and employees are watching employers with increasing unease on both sides. In our global

economy with its fluid workforce, in which longstanding relationships of trust are difficult to establish

and maintain, the temptation for business is clear: monitor every employee, all the time… what top

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 9 of 11

managers of enterprises need to find is a balance

managers of enterprises need to find is a balance between security that can protect their business and

free communication that can stimulate growth (Richard, n.d).


Thus, to conclude that there are many technologies have arrived recently in order to protect the data so

did the data threat. However no major implications have been set by many organizations as the problem is

not understand by them. According to the expert from the information system, budget is not constraint for

most of the companies; it’s the problem that they could not understand, although many reports have been

published with relevance to that. Some organizations though problem have been recognized, they have

used the strategy to change the entire policy and procedures and such sudden change would affect the

morale of the employees and in addition it will also create the fear of insecurity. At Southwest Power

Pool, Tom Hofstetter, a security analyst said, “The most difficult and frustrating part is creating a sense in

users that there really is a problem, for which they are part of the solution, And that the problem is not

going go away if its ignored”.

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 10 of 11



Checkland, P., Scholes, J., Soft Systems Methodology in Action. John Wiley & Sons, 1990.

Tolbert, P.S., Zucker, L.G., 1983. Institutional sources of change in the formal structure of organizations:

the diffusion of civil service reform, 1880–1935. Admin

istrative Science Quarterly 28 (1), 22–39.

Meyer, J.W., Rowan, B., 1977. Institutionalized organizations: formal structure as myth and ceremony.

American Journal of Sociology 83 (2), 340–363.

Ledington, P., “Intervention and the management process: an action-based research study”, Systems

Practice,5(1), 1992, pp. 17-35.

Baskerville, R., 1988. Designing Information Systems Security. John Wiley & Sons, New York, NY.

Benbasat, I., Goldstein, D.K., Mead, M., 1987. The case research strategy in studies of information

systems. MIS Quarterly 11 (3), 369–386.

Dube´, L., Pare´, G., 2003. Rigor in information systems positivist case research: current practices, trends,

and recommendations. MIS Quarterly 27 (4), 597–635.

Rees, J., Bandyopadhyay, S., Spafford, E.H., 2003. PFIRES: a policy framework for information security.

Communications of the ACM 46 (7), 101–106.

Straub, D.W., Welke, R.J., 1998. Coping with systems risk: security planning models for management

decision making. MIS Quarterly 22 (4), 441–469.

Dhillon, G., Backhouse, J., 2001. Current direction in IS security research: towards socio-organizational

perspectives. Information Systems Journal 11, 127–153.

Will Sturgeon, “Beware the “Pod Slurping” Employees, “, February 15, 2006

Employee Theft –Pod Slurping, “, November 21, 2006

John K, Waters, “ipods and Like Devices Pose Enterprise security Threat, says Gartner”,, December 12, 2004

Wilson, T (Dec 4, 2008). Insiders pose new threats in down economy, Dark Reading. Viewed online at

JKF (December 23, 2009). FBI: Pop-Up Security Warnings Pose Threats. Viewed online at

Viewed online at

Yin, R.K., 2003. Case study research: design and methods, 3rd

© 2016-2017 All Rights Reserved, No part of this document should be modified/used without prior consent

Tutors India™ - Your trusted mentor since 2001 I UK # +44-1143520021,

Page 11 of 11