SRI BALAJI SOCIETY

PGDM – FOURTH SEMESTER EXAMINATION

BATCH: 2018 – 2020
MANAGING INFORMATION TECHNOLOGY

Marks: 100

Instructions to the Students:

 Kindly answer all questions/case studies in the assignment.

 All Questions/case studies carry Equal Marks

 Online Assignment would have to be completed and submitted within the mention date
and time back to the Examination Department via the online application Microsoft team.

 Format in which the assignment is to be submitted is as follow:

A. Use MS word /MS EXCEL

B. FONT - TIME NEW ROMAN, FONT SIZE 12

C. Kindly number each page

D. Please do not copy the questions.

 The cover page of the assignment must be in the below format.
 Roll no-
 Name of institute-
 Batch-
 Specialization-
 Semester-
 Subject Name -
 Submitted by-
 Submitted on date-
 Total no of pages written-

 Answer for each questions/cases including sub question should have minimum 4 pages and
max 5 pages.

1
1. A small cooperative bank had migrated to IT platform recently. This was accomplis hed
using software solution that was being used by many banks. The migration was accomplished with
in house IT team supported by contract staff from an external organization specializing in such
migrations. The main concern of the top management was to keep front end investment low. Often
the hardware specifications were scaled down to fit into the budget without considering the load
handling power. The staff training on new software was achieved through evening two hours extra
time spent by staff and the faculty being contract staff from an external organization. The contract
staff had learnt by “on-the-job” training. Over a long week-end the migration took place
successfully and the bank started using the new software.

A month down the line, the central server crashed in spite of having UPS. UPS tripped because of
overload as its specifications were drastically reduced to meet the budget. The operations of the
bank suffered. The bank had to call consultants from the software maker to set things right. It took
one full working day. Mandatory requirements about root cause of crash and approach to recovery
had to be sent. The entire responsibility was fixed on head of Internal IT team. He was already
upset about scaling down specifications in everything. He was so upset that he quit the job.

The bank had to hire a professional CIO by giving a salary that was more than double of what the
bank was paying the earlier person. The Professional CIO, within a span of two weeks of joining
submitted a list of items that needed immediate attention. This involved enhancing the
specifications of existing equipment or replacing some equipment, adding some equipment as
redundant fall back and most important, a high investment in remote mirroring equipment as
essential disaster recovery plan. Some of the suggestions were marked as “to conform to industry
standard” or “to conform to statutory requirements”

The top management of the bank called the senior management of software solution vendor who
had given the solution. They shared the list given by the new CIO. The software solution vendor
executive was surprised as to how these items were compromised in the first place. The executive
insisted that the list of items that really needed immediate attention.

The director in charge of computerization now has to approach the board of directors for their
approval.

Questions
a) The entire responsibility for the failure was fixed on head of Internal IT team. This person
had grown in the bank and was not professionally qualified for implementing banking
software solution. It is proper to assign entire responsibility of failure on this person?
Justify your views.
b) Do you feel reduction in cost was given too much importance, especially in the absence of
a professional knowledgeable about it? What could have been done to avoid this situatio n?
Justify your views.
c) In order to ensure that such glitches and surprises do not hit the bank and proper care is
taken to avoid tampering with the system for frauds, what needs to be addressed? Justify
your views.
d) Is it recommended that with the help of software solution vendor some key personnel
should undergo formal training on the system (software, hardware, environment etc.) and

2
 a qualifying test made mandatory for those responsible for day-to-day operations? Justify
your views.
2. Once upon a time, (in the last but one decade of the previous century) a large Public limited
company was utilizing a PDP 11/23 computer for their financial accounting application among
other commercial applications. The storage capacity of the PDP 11/23 computer was limited and
large transaction volumes had to be maintained on external storage. The company had acquired a
magnetic tape spool recorder and reader machine that was compatible with PDP 11/23. PDP 11/23
was nearing end of life scenario. The magnetic tape spool recorder and reader machine was not
manufactured by manufacturer of PDP 1/23 but by some other small company. The
company needed time to generate funds to replace this computer system. There was an agency run
by ex-employee of the company making PDP 11/23 who had acquired discarded PDP 11/23
machines scrapped by others. By using parts from these machine he said he can maintain PDP
11/23 for three years, till the company has enough funds to buy new hardware. However similar
arrangements were not possible for the magnetic tape spool recorder and reader machine. THE
EDP manager, therefore prepared a requisition for a machine with large hard disk capacities to
store the transaction data. However the cost of this disk bank was perceived by top manageme nt
to be very high. The requisition was turned down. According to statutory requirements, Income
Tax department asked for transaction data to be submitted for some previous financial year. This
data was sitting on magnetic tape spool recorder and reader machine and that machine was not
working. They could not give this as a reason to Government Department. They had to search for
a working magnetic tape spool recorder and reader machine and send the tape spools with the EDP
manager to that location and get the data on hard disk for submission.

In this case company had to spend more than the earlier estimate but could get only limited data
converted. Still question mark remained about other spooled data.

Questions
a) Do you feel there was error of judgement about the working life of magnetic tape spool
recorder and reader machine
b) Adequate search for working spool recorder and reader machine could have given an
opportunity to share idle time of that machine at fraction of cost?
c) Why replacement of PDP 11/23 with its peripherals delayed till the last minute instead of
planning well in advance especially when financial accounting and other commer cia l
systems are working on the machine and the equipment had already reached end of life
cycle. Do you feel it is a case of over-confidence? Justify your views
d) Do you feel there could have been other options that could be evaluated? Justify your
answer.
3. A manufacturing company extensively uses information and communication technology
for its operation It uses state of the art hardware, networking and software. In order to ensure that
data and information is always safe and cannot be stolen by anyone company has taken certain
security measures. Some of these security measures went unnoticed by most employees but some
measures attracted attention. For example, using pen-drives that was banned by physically
removing pen-drive ports from all hardware including laptops being used by CEO and CFO.
Another example was not providing free internet access to one and all but giving limited access to
people who need it to perform activities as part of their job. Access to Facebook, Twitter etc. was

3
stopped along with e-commerce sites. Employees could not access their personal mails. Initia lly
there was resistance from people who were used to ordering from ecommerce sites during office
hours. CEO saying that a pen-drive is more convenient to carry presentations than to use e-mail.
But CIO politely told CEO that at times he gives his laptop to some other person from where
critical data could be copied and if that person is not traced, the onus will be on CEO.

All employees were forced to change their password of company account once every week. If
password was not changed within a day after intimation the account would be locked to be opened
only after receiving e-mail to that effect from the employee’s immediate superior.

Initially, employees complained vehemently, their bosses tried to influence CIO and in some cases
the argument reached CEO as well. However CEO did not budge as the CIO had briefed him well
in advance.

Question
a) According to CIO the saving of internet bandwidth was not what mattered so much. What
mattered is the attitude that you cannot use Facebook while on the job. The discipline of
not having access to ecommerce sites at workplace is what was more important. What is
your opinion about the information security drive in the company?
b) Do you feel every company should have such practices? Justify your answer.
c) It is assumed that similar or even stronger information security measures are taken for
internet connectivity through firewall and other methods but the same are not covered here
to avoid information exposure. Do you agree? What are your views?
d) We are not discussing static situation. It is dynamic and would need to be reviewed. What
according to you is the right frequency?
4. A company is having a large IT Setup in all the three plants, branch offices as well as the
head office. Besides Enterprise Solutions, there are many special function application software
that are providing state of art solutions and the company has been known to exceed customer
satisfaction. The top management team attributed their success to prudent use of informa tio n
technology. Suddenly, the Manager in charge of IT put in his papers. He was resigning because he
was migrating to New Zealand. Naturally the company started looking for a new CIO. The CEO
entrusted the work of shortlisting candidates to HR. They were finding it difficult to locate the
candidate who had technical expertise as well as excellent business managerial skills and
leadership qualities. The time was short and the CEO had to quickly make a decision of getting a
candidate having excellent business managerial skills and leadership qualities even if informa tio n
technology skills were not excellent. The idea was to put a business strategist in place of CIO.
Wherever the technical capability limitation were concerned special executive coaching would be
used as a method to augment the capability. The incumbent knew his limitation on the technical
front and did not make drastic changes or decisions unless it was discussed thread-bare within the
in house IT team and discussion with experts was arranged.

Questions:
a) IT was difficult to get a person exactly as per the expectations. There were two options.
CEO took the first option to augment technical knowledge through executive coaching. Do
you feel the option selected was the right option? Justify your answer.

4
 b) The new CIO was mainly a business leader and a strategist. Naturally the bias towards
Information and Communication Technology (ICT) was not present. This was good for
making decisions pertaining to ICT. Do you agree with this statement? If so why, if no,
why not?
c) CEO had a meeting with in house IT team and openly asked if any one of them feels that
he/she fits the bill as CIO. After the answer was negative, CEO explained the situation and
requested full cooperation with the new boss. Do you feel it was a right action? Do you
agree with this approach? If so why, if no, why not?
d) What monitoring exercise would you recommend to check that decision about CIO was
right? At what frequency do you feel the exercise should be carried out?
5. A large public limited company has a very large base of Information Technology hardware
and software. As part of the statutory requirements, the company has to maintain Asset Register
and record the date of purchase, name of the vendor, bill number and date, value of purchase at
the time of acquiring the asset. The asset is verified and is located at a specific location for use.
This location is recorded in the asset register and throughout the lifecycle of the equipment, change
in location, substitution and withdrawal etc. is maintained in the register as well as end of financ ia l
year depreciated value. In fact, once a year the statutory auditor has to be taken to the physical
location and is to be shown the physical asset concerned. The company has an arrangement of
calling statutory auditor for a few days every quarter and cover 25% of the IT assets so that
workload at year end is reduced. It is always a hassle for the in house IT team. When they take the
auditor at location mentioned in the register, the equipment is missing. After making enquiries,
someone gives a clue about relocation or the IT team has to go through System Problem Reports
for that equipment to find out why it was moved and where it is currently available. It creates a
very bad impression on the auditors and at times the auditor has made an adverse remark about it
in the annual report.

To solve this problem, the company using in house resources created a software to maintain asset
register in RDBMS in development server area with restricted access. The System Problem
Reports system which was already computerized was linked to identify change of location or status
and raise an alarm. Any asset movement note is immediately posted in the asset register. The
system also provides for maintaining audit trail.

Questions

a) Do you feel the corrective action taken is adequate to avoid embarrassing situations in
presence of statutory auditors? If you agree, state why, if you think additional work is
required state the details of the work.
b) The in house team member just carries a lap top during asset verification and accesses the
database remotely saving big hassle of carrying physical registers. Do you feel it was a
right action? Do you agree with this approach? If so why, if no, why not?
c) The CIO can take up cases of unauthorized asset movement with respective authorities to
avoid such non conformances in future. Do you feel it will give better control over physical
asset locations?
d) Do you feel a simpler technology based application can dramatically change the process of
physical verification of IT assets. If so provide all pertinent details.

5
*Base: Syllabus dated 28.12.2019 to include systems & business analytics