Competitive Forces, The Five, That Shape Strategy, Harvard
Michael E. Porter's article How Competitive Forces Shape [Business] Strategy was first published by Harvard Review in 1979 and the economist and associate professor's article revolutionized the strategy field. The article explains how the five main competitive forces which include: Customers, suppliers, entrants, established competitors/rivals and substitute offerings/products. While aligning IT with the Business Strategy, some of the forces can take advantage due to IT vulnerabilities and can bring risks to the business. However, the risks can be translated to a competitive advantage (Porter, 2008).
Such risks when they materialize aim at compromising the information security of a company. They come in the following ways: virus attacks e.g. luv bug and Melissa viruses; attach by black hat hackers who are usually malicious and crack your IT system hoping to gain something out of the information; fraudulent emails and websites. These threats can cause fraudulent transactions. The staff also misuses organizations emails and web. Organizations bandwidth can also be misused by Staff who performs peer-to-peer file transfer and sharing. Failure to update or configure the organization's software usually brings about these types of threats.
[...] Competitive Forces, The Five, That Shape Strategy - Harvard Review Relationship between IT and a company's competitive advantage Michael E. Porter's article Competitive Forces Shape [Business] Strategy” was first published by Harvard Review in 1979 and the economist and associate professor's article revolutionized the strategy field. The article explains how the five main competitive forces which include: Customers, suppliers, entrants, established competitors/rivals and substitute offerings/products. While aligning IT with the Business Strategy, some of the forces can take advantage due to IT vulnerabilities and can bring risks to the business. [...]
[...] After getting the probability of the risk attached to the system, the company can put the necessary amount of effort in ensuring that the system is secure e.g. by hiring a system analyst. They will be analyzing the system and monitoring so that any outliers can be detected. How it would improve the company's competitive advantage This will greatly improve customer satisfaction and incidences of the system being hacked are reduced and the organization gains reputation and a more customers increasing its profit and hence competitive advantage. Reference Porter, M. E. (2008). Competitive Forces, The Five, That Shape Strategy. Harvard Business Review . [...]
[...] Identifying risks and policies The organization needs to identify the risks which are a likely and their probabilities. It should also identify the policies which can be utilized in managing risks. The starting point is identifying the operational policy controls which are usually under the company's IT Governance and risk compliance (GTC) program. The operational controls standards used to protect an organization's sensitive information should be checked and ascertained that it works properly. The failure of a risk control can be calculated by getting its impact on the occurrence and also the probability that it will happen. [...]
[...] In the process, the UPS and back-up generator failed to function, and all its operations were disrupted. Steps to reduce the risk: A redundant back-up generator can be provided to reduce the risk. Also, time a mitigation plan like putting a team in place to be deployed as soon as the outage occurs, this can be enhance by having a system which monitors in real-time the power supply in the organization. Optimizing mitigation How it would occur Optimizing mitigation can occur when the management decides to get a risk score for their online-funds transfer system. [...]
[...] Companies also have tools which track the assets even by the person who uses it and can even happen in real time, but the most important thing is arranging the assets in groupings which are organized e.g. as a business unit, data center product line. It can be put in any grouping which allows the analysts to do their job without too much consultation or up and down movements. A manager may want to view analysis reports or an auditor may want to view compliance reports. [...]
using our reader.