Organisations are increasingly reliant on Information Services (IS) / Information Technology (IT) to support their business related activities. In fact many businesses may not exist without access to their electronically stored systems or information, or in some cases the business maybe unable to produce their services / products without the availability of the technology. Furthermore, and dependent on the structure of IT Services within an organisation, there are overlapping responsibilities for the management of IT applications between the business users, IT providers, and where applicable, the suppliers of any software.
The purpose of the IS / IT Health Check is to review, at a high level, ten crucial areas of IS / IT operations for the organisation and to establish if the lack of key controls, or use of IT equipment, is putting key business operations at risk. The areas reviewed would be:
- Security - Logical / Physical
- Housekeeping activity (backups / restores and data management)
- Computer virus protection / procedures
- IT Legal requirements
- Business continuity arrangements
- Change control / problem management
- System Performance and Monitoring
- Remote Support / Data Exchange
The absence of key IS / IT management controls in any of the above areas can put at risk vital business or customer data. Examples of such risks are:
- Unauthorised acess to data / information
- Unreliable backup processes
- Computer virus infection
- Breach of Law – some of which can leave individuals liable to prosecution
- Inability to recover from system failure / unavailability
- Failure to track problems / errors and resolve satisfactorily
- Systems do not work as expected / output incorrect
- Systems fail due to lack of space / management
- Documentation is not available to support use of systems
- Access to systems remotely undermines security or data transfers are insecure
This approach can also be adopted for key IT applications in use and therefore provides some assurance on the adequacy of controls for key business systems.
In addition to this FIT Business Solutions Limited provide the full range of IT review services for an organisation, from reviewing the procurement of systems / hardware through to comprehensive reviews of key IT operations such as testing, change management system and IS / IT strategies.