- Home
-
➟About
-
-
- Firewall Hardware
- Networking Hardware
- Printers
- Refurbished Desktop Computers
- Refurbished Laptop Computers
➟Hardware -
➟Security Software
-
- Office Products
- Operating Systems
- Accounting
- Event Management
- Fund Raising
- Graphics & Multimedia
- Photo Sharing
- Programming Software
- Server Softwares
- Training
- Virtualization
- Web Design
➟Software -
- Bytes of Learning
- Calxa
- Cisco
- Citrix
- D-link
- Flickr
- Giftworks
- Kaspersky
- Mailshell
- Microsoft
- My Booking Manager
- NetLeverage Discount
- NetLeverage Donations
- Refurbished computers
- SAP
- Slide Rocket
- Sophos
- Symantec Desktop
- Symantec Enterprise
- Telosa
➟By Partners -
- Microsoft Dynamics CRM 2011
- Microsoft Exchange Server 2010
- Microsoft Lync 2010
- Microsoft SharePoint 2010
- Microsoft Small Business Server 2011
- Microsoft SQL Server 2008
- Microsoft System Center
- Microsoft Windows Embedded Device Manager
- Microsoft Windows MultiPoint Server 2011
- Microsoft Windows Server 2008
➟Microsoft Product Ranges
➟Get Products -
-
-
- Microsoft
- Symantec Desktop
- Symantec Enterprise
- Cisco
- Giftworks
- Bytes of Learning
- Calxa
- Citrix
- Flickr
- Mailshell
- NetLeverage
- SAP
- Slide Rocket
➟Donor - Partners -
➟Discount Partners
➟Partners -
-
➟News
-
- Changing Details
- Eligibility
- General
- Learning Centre
- Ordering and Delivery
- Payments
- Planning and Research
- Products and Services
- Ask Ryan
➟Help and Support - Contact
Search Help pages(Does not search items or products)
Managing ICT risks
You may already consider risks in terms of financial management, health and safety or employment issues, but many risks relate to your ICT systems. Even minor problems can affect word processing documents, accounts, budgets, reports and confidential personnel records. Even minor problems can stop an organisation in its tracks.
As well as taking action to prevent security problems it is wise to assess the risks of failure to your ICT systems and prepare plans to deal with it, if or when it happens.
Technology that doesn’t work
Hardware or software could fail to meet the organisation’s operational needs.A newly
implemented network, database or finance package may not be up to the job, or equipment proves to
be unreliable.
You can manage these risks through good purchasing processes: drawing up appropriate requirements, carefully assessing suppliers, and properly managing implementation processes. You should also ensure that you have adequate and appropriate technical support for your technology.A volunteer may be fine for a small community group, but a team of ten people using a small network of computers may need help on a range of issues – no good if your volunteer is only available in the evenings.
Secure your assets
Think about the physical security of equipment and protecting the data held on computer
systems. Risks include computer system failures such as a network going down, or loss of data owing
to a flood or fire damage. Computers and hard drives can be stolen. Or someone could get
unauthorised access to information, either via the Internet or equipment left unsupervised in an
office.
Make sure you have an inventory of all your ICT equipment and keep it off-site in case of a fire. Get adequate insurance cover and secure your PCs and laptops physically. Use security marking and carefully manage who has permission to access documents or directories on a computer network.
Policies and procedures
Look at your current policies and procedures and make sure they include protective measures
to prevent problems and protect personal and/or confidential information on your organisation’s
computers.
Remember that having the procedures and policies in place is not enough.They need to be managed by a named individual, enforced, and regularly reviewed with the whole team.
Dealing with risks
Risk assessment helps you deal with problems before they happen
- Identify the risk
What can go wrong? e.g. accounting software crashes - Evaluate the risk
How likely is to occur? e.g. high, medium or low likelihood. - Analyse the risk
What would be the consequences? e.g. unable to manage finances - Manage the risk
What systems, policies and procedures will minimise the effects of the risk should it occur? e.g. daily back-ups
Stay safe and legal
Consider the relevant laws and regulations that apply to you and the risks that could arise from your use of technology, in the form of penalties and/or prosecution for lack of compliance. For example:
- Data ProtectionAct: e.g. failing to adequately protect personally identifiable information, or inappropriate marketing using personal information
- Charities Law and CompaniesAct: e.g. financial reporting requirements not met because of computer systems going down and failure to do adequate back-ups of financial information
- Disability DiscriminationAct: e.g. failure to provide suitable computer equipment to disabled employees, failure to make reasonable adjustments to your website to make it accessible
- Health and SafetyAct: e.g. failure to provide suitable display screen equipment or working arrangements that allow computer users to take adequate breaks
- Software licensing and copyright regulations: e.g. using unlicensed software, employees downloading music on to work machines, using copyrighted material on your organisation's website without the permission of the copyright owner, etc
- Breach of libel laws: e.g. inappropriate use of Internet/email by staff such as libellous or defamatory material sent by email or posted to Internet sites
More information can be found in Section 4 on policies and procedures.
Page Author: Sam Barnes http://www.ncvo-vol.org.uk/advice-support/ict
