Drew's Blog: April 2012

Monday, April 30, 2012

CHAPTER 4 CASE STUDY

Discussion Questions

1. What type of security breaches of medical record are commonly today?

There are many types of security breaches, but the most common ones are viruses and worms that are usually acquired by carelessness of data handling.

2. What measures are being taken by the government and private industry to safeguard EHR's?

The government has the Health Insurance Portability and Accountability Act (HIPAA), which is an act to protect the confidentiality of the healthcare user and data.

3. How do you think the implementation of ARRA will affect the privacy of our healthcare and personal data? What breaches do you foresee? How can they be forestalled?

In my opinion the ARRA has some issues regarding the privacy of the user’s health care and data. The security of the user’s data should always be considered.

Discussion Questions

1. How does Google's business model use personal data?

I guess the most common here is the Google advertisement.

2. What do you think are the major privacy concerns raised by Google's business model and applications?

I think the major privacy concern is the personal information of individual personal that uses a Google accounts.

3. Do you think Google has taken adequate measures to protect its user's privacy? Explain your answer.

Google: Trust, Choice, and Privacy

By: Gus Meuli, Caitlin Finn

“Trust is hard to earn, easy to loose, and nearly impossible to win back.”

This statement seems to ring true in the constantly changing world of business. In a time where technology is developing faster than ever before, it is very difficult to regulate information privacy. Consumers have chosen to trust many companies with their private information in exchange for services that are used on a daily basis. Google is in the middle of the debate about information privacy with its internet based services that collect and store enormous amounts of data about its users. Through a detailed privacy policy, a consumer’s ability to choose between internet services and a trustworthy reputation Google has convinced consumers to use their products despite collecting and storing enormous amounts of personal information. To certain degree information gathering can be ethical and very useful; however, Google has stepped over the boundary of ethics because of the amount of information they are gathering through their various products and their loose privacy policy that allows for third party exposure. This behavior is unethical because it does not “most dutifully respect the rights of all affected”

CHAPTER 3 CASE STUDY

QUESTIONS TO CONSIDER

1. Peter Gumble, European editor for Fortune magazine, comments, "Kerviel is a stunning example of a trader breaking the rules, but he's by no means alone. One of the dirty little secrets of trading floors around the world is that every so often, somebody is caught concealing a position and is quickly - and quietly - dismissed... [This] might be shocking for people unfamiliar with the macho, high-risk, high-reward culture of most trading floors, but consider this: the only way banks can tell who will turn into a good trader and who even the most junior traders to take aggressive positions. This leeway is supposed to be matched by careful controls, but clearly they aren't foolproof." What is your reaction to this statement by Mr. Gumble?

- Trading in different fields is full of opinions about the right way to trade. Trading should abound. If trading is as much about self-development as it is about having a proper profit and loss statement, then as a trader you need to rely more on your individual perspective than on collective opinion. "The rules of conduct are just an outer show of devotion and loyalty - quite confusing to the heart." To be impeccably loyal to a trading system like the issue being said by Peter Gumble, it tells confusing to your heart and your individuality. And when men rely on these rules for guidance, there comes a time of ignorance abounds.

link: http://tradereducatoronline.com/2011/09/20/the-taoist-trader-breaking-the-rules/

2. What explanation can there be for the failure of SocGen's internal control system to detect Kerviel's transactions while Eurex detected many suspicious transactions?

- As I searched over the net...., When the heads of SocGen discovered this, they could not believe this one man had managed to do so much, so surreptitiously. A person familiar with SocGen's board says: " Everyone is stupefied to this affair. SocGen had an image as the best French banking. What is striking here is the contrast between the mediocrity of the trader and the scale of the catastrophe." Jean-Pierre Mustier, the head of SocGen's investment banking division, spent hours interrupting Mr. Kerviel in the aftermath of his Icarus-like plunge that ended up costing the bank €4.9bn.

link: http://www.ft.com/cms/s/0/927fe998-d5b2-11dc-8b56-0000779fd2ac.html#axzz1tgZ0NaYx

Discussion Questions

1. Do you think that Mike Lynn acted in a responsible manner? Why or why not?

Yes, it is because Mike Lynn wants a pair and square in their jobs.

2. Do you think that Cisco and ISS were right to pull the plug on Lynn's presentation at the Black Hat conference? Why or why not?

I guess what Cisco and ISS did to Mike Lynn is an unprofessionalism work. Cisco and ISS have to face the issues and problems and be true to the others.

3. Outline a more reasonable approach toward communicating the flaw in the Cisco routers that would have a led to the problem being promptly addressed without stiring up animosity among the parties involved.

When Mike Lynn discovered that is was possible to create a network worm that could propagate itself as it attacked and took control of routers across the internet.

Monday, April 16, 2012

CHAPTER 2 CASE STUDY

Questions to Consider

1. What message is sent to IT workers by the actions of New York Law School and Colleges even if unrelated job-performance issues justified their actions in firing Gross and Perry?

Be a professional in doing your jobs and do not makes with joke actions. sent an email to New York faculty , staff , and students saying I'm saddened to report to you that I learned this afternoon that our colleague, professor Edward Samuel, was arrested on charges relating to possession of childhood pornographic images.and they were fired because of this incident.

2. Since the incident, a number of states have enacted laws that require workers to report immediately any child pornography found while servicing equipment. Most of the laws state that worker who reports such a discovery is immune from any criminal, civil or administrative liability. Failure to report the discovery can result to a fine, imprisonment or both, do you think such laws will encourage reporting? Why or why not?

Critics charge that this type of law unfairly transfers law enforcement duties to individuals who may not be qualified to handle evidence or determine what constitutes child pornography. Supporters say reporting mandates for photo labs have proven effective and that similar laws for IT workers will help combat child pornography on the Internet.

Discussion Questions

1. How to distinguish between a gift and a bribe? Provide an example of a "gift" that falls in the gray area between a gift and a bribe.

Bribe is any inducement given either in appreciation of a past favor or in anticipation of a future one.

Gift is an item given voluntarily to somebody out of love or compassion, without expecting the recipient to be in a position to reciprocate the gesture later or in future.

2. Discuss the following topic: law does not provide a complete guide to ethical behavior. An activity can be legal or not ethical.

There are scenarios like that; for Example Company’s has laws but sometimes do not provide a complete guide to ethical behavior. And some companies can be legal but no ethical, because there are legal doings that is against the laws and ethical values, if a company follows the ethical way and law regarding with ethics it is a formal and well processed company.

3. What is a professional malpractice? Can an IT worker ever be sued for professional malpractice? Why or why not?

Yes, IT worker can be sued for his or her professional malpractice, because for me professional malpractice is a failure to exercise an ordinary degree of professional skills, because for me companies lately chooses a professional IT worker to work for them and well lead them to the top to be the best companies worldwide.

4. Review the PMI member code of ethics in appendix E. for each point in the code, provide an example of a project manager action that would break the code.

5. What must IT professionals do to ensure that the project they lead meet the clients expectations and do not lead the charges of fraud, fraudulent misrepresentation, or breach of contact.

6. Should all IT professionals be either is licensed or certified? Why or why not?

On my own observation both licensed or certified are best for an IT professional because it depends on the skill and also it depends on the professionalism and ethical behavior or the person if he wants to be a licensed such as a licensed programmer or a way that he only wants to be a IT Professional only it depends on the persons' knowledge and skills.

7. What commonalities you find among the IT professionals codes of ethics discussed in this chapter? What differences are there? Do you think there are any important issues not addressed by these codes of ethics?

Discussion Questions

1. This incident illustrates some of the potential problems for small software developers working with giant software manufacturers to extend or enhance their products. Provide two good reasons why small developers should still consider working closely with large software firms?

To be able to advertise their software and check out the trends in the software business. So that they can gather information because large software firms has the connections.

2. What measures could Limit None have taken to better protect itself from Google's alleged actions? What measures could Google have taken to protect itself from this lawsuit?

* Limit None, they should have never give the detailed information of their product. They should have kept the confidential information to avoid copycats.

* Google, they should have give Limit None shares on their sales or bought the software itself.

3. Do research on the Web to find out how this case is proceeding in the courts. Write a short summary of your findings.

A large company like Google will not admit any accusations. I believe that is how they operate. To take advantage of small business firms for their own profits. I think this is a victory for Google.

Discussion Questions

1. What actions should WMI have taken to lessen the risk of this project and avoid these problems?

At first while there was no signing of contract happened yet, WMI should know better SAP if this company really had an ability to create a mature software. They investigate first to avoid this problem. Now, that the problem exist they must talked with open mind for them to understand each other.

2. What sort of losses has WMI incurred from the delay of this project? How has the lack of success on this project affected SAP?

They losses enough time to make their work more faster.. Further more there is really no specific or big loss of WMI. Where as SAP, they losses so much trust and their company come to an ease that they are not as good as other. They will also loss their clients and their jobs.

3. Do research on the Web to find out the current status of the lawsuits between WMI and SAP. Write a brief report summarizing your findings?

As details of the lawsuit trickled out, it became apparent that the sales people had used a number of well known ‘industry tricks’ to entice Waste Management into buying what they saw as software unfit for their purpose and at a cost of more than $100 million. In this defense, SAP claimed:

Waste Management didn’t “timely and accurately define its business requirements” nor provide “sufficient, knowledgeable, decision-empowered users and managers” to work on the project. In April 2010, we settled the lawsuit, receiving a one-time cash payment, and all parties dismissed their claims with prejudice. So it’s not quite all over but you can be reasonably certain this one has been put to bed. The burning question is how much did SAP fork over? We may never know. SAP did not make an official announcement which would have been required if the amount in question was significant. More important, this is one more piece of SAP’s recent legacy past that it can put to bed in advance of its upcoming annual customer conference which starts May 16th. Much of SAP’s credibility going forward depends on how good a show co-CEO’s Jim Snabe and Bill McDermott put on, how convincing they are and whether the product roadmap looks sufficiently solid for buyers to continue SAP investments. Taking this problem off the table will be a relief and another example of the company clearing the decks

Discussion Questions

1. How can organizations and vendors change their certification programs to test for skills as well as core knowledge? What issues might this introduce?

The organization create a project management certification that give training to the employee and IT workers to gain the certificate needed for the job they are in. It gives chances to them to show not just the core knowledge but also to know how to use the knowledge.

2. What are the primary arguments against certifications, and how can certifying programs need to change in their programs to overcome these shortcomings?

They argued that testable IT knowledge does not necessarily translate into quality IT work. They said that the IT worker needs to have good communication skills and they suspected that the workers paid for their certificate. Later, they decided to build training for them to gain the said certificate and be able to use it in their work.

3. What are the benefits of certifications? How might certification program need to change in the future to better serve the needs of the IT community?

The benefits of these certificates are the employee can easily find a job and they are well recognized as an IT expert through this certificate. This certificate might be use to have a best IT workers and to create a best IT community.

Discussion Questions

1. What actions should WMI have taken to lessen the risk of this project and avoid these problems?

2. What sort of losses has WMI incurred from the delay of this project? How has the lack of success on this project affected SAP?

3. Do research on the Web to find out the current status of the lawsuits between WMI and SAP. Write a brief report summarizing your findings?
As details of the lawsuit trickled out, it became apparent that the sales people had used a number of well known ‘industry tricks’ to entice Waste Management into buying what they saw as software unfit for their purpose and at a cost of more than $100 million. In this defense, SAP claimed :
Waste Management didn’t “timely and accurately define its business requirements” nor provide “sufficient, knowledgeable, decision-empowered users and managers” to work on the project.
In April 2010, we settled the lawsuit, receiving a one-time cash payment, and all parties dismissed their claims with prejudice.
So it’s not quite all over but you can be reasonably certain this one has been put to bed. The burning question is how much did SAP fork over? We may never know. SAP did not make an official announcement which would have been required if the amount in question was significant. More important, this is one more piece of SAP’s recent legacy past that it can put to bed in advance of its upcoming annual customer conference which starts May 16th.
Much of SAP’s credibility going forward depends on how good a show co-CEO’s Jim Snabe and Bill McDermott put on, how convincing they are and whether the product roadmap looks sufficiently solid for buyers to continue SAP investments. Taking this problem off the table will be a relief and another example of the company clearing the decks

Discussion Questions

1. How can organizations and vendors change their certification programs to test for skills as well as core knowledge? What issues might this introduce?
The organization create a project management certification that give training to the employee and IT workers to gain the certificate needed for the job they are in. It gives chances to them to show not just the core knowledge but also to know how to use the knowledge.

2. What are the primary arguments against certifications, and how can certifying programs need to change in their programs to overcome these shortcomings?
They argued that testable IT knowledge does not necessarily translate into quality IT work. They said that the IT worker needs to have a good communication skills and they suspected that the workers paid for their certificate. Later, they decided to built a training for them to gain the said certificate and be able to use it in their work.

3. What are the benefits of certifications? How might certification program need to change in the future to better serve the needs of the IT community?
The benefits of this certificates are the employee can easily find a job and they are well recognized as an IT expert through this certificate. This certificate might be use to have a best IT workers and to create a best IT community.

CHAPTER 1 CASE STUDY

Questions to Consider

1. Which issue is more disconcerting- the fact that a board member leaked confidential information about the firm or the tactics used to investigate the leak? defend your position.

The more disconcerting issue is the fact that a board member leaked confidential information because it's against the company regulations, even though they leak information the three hired detectives can easily trace the board member through their telephone records and social security numbers.

2. Can the use of pretexting to gain information ever be justified? is it consider legal under any circumstances.

Pretexting to gain information in a situation based on the vignette it is totally illegal because it is not your part to gain or collect information for the company you have to stick for the kind of task assigned to you to to pretext and do other things without permission.

Discussion Questions

1. There are many ethical issues about which people hold very strong opinions-abortions, gun control and the death penalty, to name a few. if you were a team member on a project with someone whom you knew held an opinion different from yours on one of these issues, would it affect your ability to work with this person? why or why not?

As a member of a team and given a project to those issues shown, it would not affect my ability to work effectively because as a member of a team we have to gather opinions and share ideas for each member of the team so that we'll accomplish it clearly without anguishing someone's opinion.

2. What do you think are the most important factors that helped you define your own personal code of ethics.

Important factors that helped me define my personal code of ethics are leadership and decision making,leadership you have to manage yourself on what you do and lead yourself,decision making because you have to decide what's right or wrong when making decisions on social works and core values.

3. Do you think that ethics in business is improving or getting worse ? defend your position.

On my observations, ethics in business is improving because business are important when it terms to ethics example of it is the terms and conditions of the business people cannot abide the company regulation it is very helpful because it helps to company to be more discipline and always on top.

4. The ethics resource center identified five characteristics of a successful ethics program suggest a sixth characteristic, and defend your choice.

Organizations contact millions of people worldwide through unsolicited e-mails as an extremely low-cost marketing approach.

5. Which incident has a higher negative impact on an organization-an unethical act performed by an hourly worker or the same act performed by a senior manager of the organization? explain your answer fully. should the hourly worker be treated differently than the senior manager who committed the unethical act? why or why not?

On my own opinion both unethical incident has both a higher impact on an organization, because for me even though they are not on the same position they both commit an unethical mistakes and it is against ethics. they both deserve to be treated fairly because they are the same worker of an organization.

6. It is a common and acceptable practice for managers to hold people accountable to meet "stretch" goals, quotas, and budgets.how can this be done in a way that does not encourage unethical behavior on the part of employees.

My observations some companies required this accountable for enable for them to compute the salaries of the employees based on the work done. for me the company or organization should explain clearly or to orient the employee's of their company or organization on how do they hold people's accountable to meet stretch.

7. Is every action that is legal also ethical? can you describe an action that is legal but ethically wrong? is every ethical action also legal? is the law, not ethics, the only guide that business managers need to consider? explain.

No, because there are sometimes an unethical part on every legal actions. sample of a legal but ethically wrong is you working on a private company and you are a programmer, your created programs are signed by the company and must be within the company only and that is legal. the ethically wrong doing is sharing your company s' programs to other company and that us against ethics and it is illegal. they both have to consider the law and ethics because for example company has laws, and ethics is barely needed to determine if the law is against ethics.

8. Do you think it is easier to establish an ethical work environment in a nonprofit organization? why or why not?

On my own opinion it depends on the worker of the company/organization if he or she accepts to a nonprofit organization as long as the worker establish the law of ethics or following the rules of ethics on the organization, it helps the work environment to be more confident on their work because they know the limitations and what is best for the company even though it is a nonprofit organization.

9. This chapter discusses the four approaches to dealing with moral issues. identify and briefly summarize each one. do you believe one perspective is better then others? if so, which one and why?

Most of us have developed a simple decisions-making model that includes these steps:

* developed a problem statement

* identify alternatives

* evaluate and choose an alternative

* implement the decisions

* evaluate the results

Discussion Questions

1. CA executives involved the accounting scandal were not accused of reporting bogus contracts or hiding major problems in business. the contracts that were backdated were real sales agreements. was this really a crime? should the individuals have been punished so harshly?
I think this is not a crime this is a business. There's no one to be punished.

2. In December 2004, CA appointed Patrick J. Gnazzo as a senior chief compliance officer to demonstrate to the government and shareholders that the firm would take measures to operate ethically, Gnazzo served in this role at United Technologies for 10 years and had been a member of the board directors of the ethics Offices Association .Gnazzo reported to a new executive vice president and a general counsel at CA as well as the board's Compliance committee. Outline some of the Actions Gnazzo might have been taken in his first six months on the job.

3. John Swainson, a 26-year veteran of IBM, joined CA in November 2004 as CEO and President his first few months with the firm were rough- major customers threatened to dumb the firm some products were behind schedule and were of poor quality; executives had to be fired for breaking company rules; accountants continued to find past mistakes; and many newly hired executives had to be brought on board. what sort leadership could he have demonstrated to show that he was determined to avoid future scandals at CA?

4. CA has been hit with numerous scandals since the late 1990's. these scandals raise questions about how successful the firm might have been if not for the amount of time its executives had to spend on this distractions. compare the revenue growth and stock price of CA to that of some of its competitors over the period 2004-2008 (be sure to use CA's corrected figures!) can you detect any impact of these scandals on CA's performance? what else might explain the difference in performance?

Discussion Question

1. Identify at least two other companies that mange their suppliers in a manner similar to Dell computers. do these companies have anything in common with Dell?
ASUS is a leading company driven by innovation and commitment to quality for products that include notebooks, net books, laptops, motherboards, graphics cards and etc.
Acer Incorporated is a multinational information technology and electronics corporation headquartered in Xizhi, New Taipei City, Taiwan. Acer’s products include desktop and laptop PCs, tablet computers, servers, storage devices, displays, smartphone and peripherals. It also provides e-business services to businesses, governments and consumers.

2. Can you Identify any disadvantages for dell in taking the approach to managing suppliers?
One of the disadvantages is their payment system, and the way they pressure their suppliers.But I understand Dell why they pressure their suppliers for it is business you will not get the success if you are lazy (late deliveries). But they were so unfair to the suppliers in terms of deliveries they pressure their suppliers but in terms of payment to their suppliers they do not pressure their selves. But it is Dell Company it is a big company for them replacing new suppliers is very easy, because they were very confident.

3. Do you think that this approach to managing suppliers is unethical, or is it acceptable and ethical? explain your reasoning.
For me it is ethical or acceptable even though they were strict to their suppliers. That’s business, off course Dell don’t want to destroy their reputation because of the late deliveries to their customers.

4. Would you recommend any changes to the way Dell manages suppliers? Defend your position.
I understand Dell why they paid their suppliers so late for there are lots of things that need to be process. But 36 days is too long it takes 1 month before they can receive their salary. The suppliers also have their families that need to be supported financially. And also one thing I recommend to Dell they should be humble to their suppliers. Because the suppliers were one of the reason why their sales get higher and higher in short, the Dell Company only depend their products into their suppliers.

Discussion Question

1. Discuss how a CIO might handle Schrage's Scenarios using the suggested process for ethical decision making presented in this chapter.

The CIO must handle schrage's scenarios by showing or orienting them the right process of making a tough decision in a formal and ethical way, because if process are not followed formally, making their own decisions are not well good enough to meet the standards.

2. Discuss the possible short-term losses and long-term gains in implementing ethical solutions for each of Schrage's scenarios.

My own understanding short term losses fails to meet standard for their businesses the might loose something but a small amount or quantity, as a example their client might be disappointed on their jobs or projects because they are not doing it a right and formal way and ethical process are not formally followed, while if process is formally followed companies gains a lot when they are doing it in a right and ethical ways.

3. Must businesses choose between good ethics and financial benefits? explain your answer using Schrage's scenarios as example.

No, because if you gain a lot on your company or business in a way that is not ethical and it might be illegal or against the law of ethics, they can benefit something but it is not the right process of gaining financial benefits. ethics is more important because i believe if a company has ethics it financially benefits a lot.

Thursday, April 12, 2012

What takes to be an IT Professional?

Generation nowadays always involves automation machines and the world renoved world wide web (www). Most of the countries around the globe introduces IT knowledge to their universities and schools and to the corporate world. Most of the companies nowadays implement IT departments so that their company will have a better system for them to be more organized.

Being and IT Professional is not an easy thing to do. You have to be responsible on doing your task and always update every work you already have done. Being and IT Professional is not all about you are good in computers, but you also have a good manners, attitudes and values in life. you know what is right and wrong principles in doing things. Become an IT professional is to learn to manage your work and time. A great way of managing your work and time is to make lists of everything you need to do. If you know what you need to do, and have it written down, you can work out what your priorities are and how long it can take you to get things done.