STRATEGIES

FOR AN
EFFECTIVE
INFORMATION
TECHNOLOGY
1. Aligning IT
Objectives
with Company
Objectives
Company
IT Objectives
Objectives
 Example: If you want to earn more by
reaching out more customers from
remote locations, then you may want
to try online selling and hiring third-
party food couriers

Online selling,
More profit, third-party
more customers food couriers
 Or if you want to speed up cashier
transactions, then you might want to
try acquiring a Point-of-Sale (POS)
System. Eto yung nakikita nyo na
gamit ng mga cashier sa supermarket.

Speed up cashier Point-of-Sale

transactions System
 Whatever the company
objective is, yung IT
objective dapat yung nag-
aadjust.

Hindi pwedeng baligtad.

Hindi pwedeng dahil uso
yung paggamit ng isang
technology ay makikigaya
ka na din
Do not fix something that is
not broken ☺
2. Establishing
IT Governance
Okay now you have lots of
IT projects to satisfy your
company objectives.

But is your fund and

manpower enough to finish
all your projects in time?
 IT governance is the
practice of capturing,
publishing, and regularly
reviewing all the IT
department’s project
requests with key company
managers.

It is about prioritizing
which IT projects should
come first.
3. Managing Electronic Risk
One high-risk issue that often surfaces is endpoint security. An
“endpoint” is a computer system on your network used by an
individual to interact with computer servers or applications.
 Endpoints can include:
PCs, laptops, smartphones, tablets, and
specialized components such as POS
terminals.
Endpoints are vulnerable because humans are vulnerable:
a. They will blindly click on a link in an email.
-Sabi nga ng parents natin: “Do not talk to strangers.” Do
not reply or entertain strangers that will chat or e-mail us.
They might even pose as a relative or a bank institution.
Beware of whatever they are sending us such as links. Those
links might lead us to a fake bank website than can phish our
confidential information such as usernames and passwords.
There are already reports about bank accounts and even
Facebook accounts that are hacked.
b. People will connect a laptop to an unfamiliar Wi-Fi network.
-Free Wi-Fi is great right? But be careful when connecting to
public Wi-Fis. These networks can hack and access our
personal and browsing information on our gadgets.
So wala kang pang-data and need mo talaga ng free Wi-Fi?
Follow these tips:
✓ Stick with HTTPS when browsing. Chrome will usually prompt
you when the site you are visiting uses an unencrypted HTTP
connection rather than an encrypted HTTPS encryption by
labeling HTTP "Not Secure."
✓ Do not give too much info such as e-mail address and phone
number. Stores and restaurants that do this want to be able to
recognize you across multiple Wi-Fi hotspots and tailor their
marketing accordingly
✓ Limit AirDrop and File Sharing
✓ Read the attached terms and conditions
✓ Use a VPN
All these innocent mistakes can lead to a loss or compromise of
sensitive data for an organization, and, therefore, might require a
public acknowledgment of breach by the company. As a part of
your security program, ensure your endpoint devices are well
protected.
Anti-virus is a must for most desktop and laptop systems.
Security patches are released monthly, or more frequently, and
should be applied quickly and in accordance with your
organization’s established framework and procedures.
Cloud Storage
Another high-risk security issue that should be evaluated is the
security of third parties responsible for storing, processing, or
transmitting data on your behalf such as Onedrive and Google
Drive. (Our MS Teams is using OneDrive)
These services offer convenience by integrating with endpoint
devices to seamlessly copy data from the computer’s hard drive
to a server somewhere on the Internet. In this way, the data is
now easily accessible by other devices such as a smartphone or
tablet.
These free services do not provide any guarantee of security over
the data stored on the service, and your organization cannot be
sure sensitive data pushed to one of these “cloud-based”
services won’t be seen by unauthorized individuals.
Therefore, your company should have a clearly defined policy
regarding how file-sharing services should be used and
employees should be trained accordingly.
Also, you should establish a vendor management process to
ensure all third parties who store, process or transmit data on
behalf of your organization have a contractual obligation to apply
an appropriate degree of security to your data and that they
periodically provide evidence (such as a Service Organization
Control report) confirming their controls are in place and
functioning.
4. Measuring IT
Performance
Metrics can play an important
role in achieving excellence as
they force the organization to
pay attention to their
performance and prompt
management to make
adjustments when goals are
not being achieved.
Critical Metrics for IT Success
1. Operational Metrics
-system performance
2. Organizational Metrics
-employee performance
3. Financial Metrics
-cost control performance
Operational Metrics
1. Online application performance -
The average time it takes to load a
screen or page.
2. Online application availability - The
percentage of time the application is
functioning properly.
3. Batch SLAs (Service Level Agreement)
met - The percentage of key batch
jobs that finish on time.
4. Production incidents - The number of
production problems by severity.
Organizational metrics
1. Attrition - The percentage of
employees who move to other jobs.
Exclude involuntary separations so
that managers will not retain poor
performers. Differentiate between
employees who leave the company
versus those that leave to take
another position within the company.
2. Performance reviews - The
percentage of employees with
current written reviews.
Financial metrics
1. Budget variance - Actual costs
compared to budgeted costs. This
should be done for both direct
expenses and inter-company
expenses since direct expenses are
more controllable.
2. Resource cost - The average cost of a
technology resource. This provides a
good view of how well managers are
controlling costs by using cheaper
outsourcing labor or higher priced
temporary labor and managing an
organization that is not top heavy
with expensive employees.