1 / 14

6 - Outsourcing

6 - Outsourcing. Outsourcing. Outsourcing. Dealing with issues when a portion or all of the provision of technology services is performed outside of the entity’s normal service delivery envelope . Loss of control (Priority, timing, effort, changing deadlines, etc.)

raquel
Télécharger la présentation

6 - Outsourcing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 6 - Outsourcing Outsourcing

  2. Outsourcing Dealing with issues when a portion or all of the provision of technology services is performed outside of the entity’s normal service delivery envelope. • Loss of control (Priority, timing, effort, changing deadlines, etc.) • Additional security risks (Lack of understating of outsourcer’s security procedures, lack of knowledge of their consistent application) • Concern over the inadequacy of IT governance procedures (Within the organization and at the outsourcer) • Contract terms and service level agreements are not consistently met (Poor/inadequate contract management, lack of contract metrics and lack of timely reporting) • Re-outsourcing of services to another third party (Concern despite contractual agreements, use of cloud computing by outsourcer, etc.)

  3. Outsourcing Renaissance in USA Industrial manufacturing by 2015 2015-China only 10% to 15% Cheaper than the USA Manufacturing Costs 2010 – Caterpillar opening 600,000 sq-ft. manufacturing facility in Texas

  4. Outsourcing Emerging Economies Transportation Costs Source-Canwest Times Colonist- May 28, 2008

  5. Outsourcing Outsourcing Risks • UCSF outsourced the processing of its medical transcripts to a U.S.-based company that outsourced the records to yet another company in the U.S. • The second outsourcing company, in turn, sent the transcripts to a company in Pakistan for processing. • A Pakistani data entry clerk attempted to extort money from the University of California at San Francisco’s (UCSF) Medical Center. • The Pakistani clerk was having trouble getting paid for her work, so she directly contacted the University, attached some of the medical data she had as proof, and demanded payment, threatening that she would post all of the medical records on the Internet if she did not receive the money. • The UCSF Medical Center asserted it was not even awarethat sensitive medical records were processed offshore.

  6. 6 - Outsourcing Business Risks • Increasing labour rates in Asia • Increasing transportation rates between North America and Asia • Security concerns over intellectual property • Lack of ‘hands-on’ control • Language and cultural differences • Regulating laws • Cultural differences

  7. 6 - Outsourcing Outsourcing Risk Management • Implement more sophisticated automated manufacturing processes in North America • Reduce transportation volume between North America and Asia • Increase use of lockable/destructable software code vs. mechanical controls to protect intellectual property • Repatriate ‘hands-on’ control (Your people in their land) • Implement two way cultural training • Establish all laws to be in country exporting the work or technology

  8. 7 - Public Trust Public Trust

  9. 7 - Public Trust With warnings about viruses, worms, Trojan horses, phishing, identity theft, hackers, and an ever increasing prevalence of malware, users of Information Technology have expressed legitimate concerns. With the business need to reduce costs, technology provides an enticing opportunity for eBilling, payments, distribution of newsletters, product information, and any number of product support scenarios. Users want assurance that their information is safe and that they are dealing with a legitimate business • Technology Appears to Present a Threat to Society • Hackers, Security Breaches, Identity Theft, Viruses, Worms, etc. • Concerns Over Data Theft, Confidentiality of Personal Information • Concerns over Identity Management, Credit Card Fraud and Unauthorized Access or Sharing of Information

  10. Public Trust The Attacks Increase

  11. Public Trust The Attacks Increase 77 Million User Accounts

  12. Public Trust Canada Is Not In An Enviable Position

  13. Public Trust • Information security management was reported to be third on ISACA's 2011 Survey of Top Business/Technology Issues. • The survey attributed the finding to a combination of high profile breaches and the large investment in security technologies. • Most significant issue were the unknown security threats or those security threats that are not fully assessed. Other issues in order of ranking, that likely contribute to the a lack of public trust include: • Information security controls are not regularly assessed for performance and effectiveness. • Top management is not involved "in setting direction and objectives for information security ". • “Lack of enterprise-wide information security awareness and training ". • Perception that security is owned by Technology. • Lack of integration of information security into the culture of the organization.

  14. IT Governance Business Reaction 319% should be a wake up call to businesses and professionals Cyber risks must be taken seriously Increased senior management involvement is security and the security message Initiation of an enterprise-wide security program C-suite responsibility and direction for the security program Public Trust Risk Management Lack of enterprise wide training and awareness of The risks Lack of enterprise level ownership of the risk Lack of ownership, accountability and responsibility Lack of a security culture

More Related