Current Information Technology Issues Norbert Mika NJ Mika Consulting Inc.

Agenda Current hot issues Current hot issues SOX SOX ISO-TS ISO-TS “IT Doesn’t Matter”, Nicholas Carr “IT Doesn’t Matter”, Nicholas Carr Security Security Types of breaches Types of breaches What can be done? What can be done? Current Technologies Current Technologies

Role of IT To provide the systems and technological infrastructure to support improvements in operational efficiency and responsiveness To provide the systems and technological infrastructure to support improvements in operational efficiency and responsiveness

IT Should be Engaged In… Process and Product Design Process and Product Design Analysis and Design Tools Analysis and Design Tools Knowledge Management Knowledge Management Production Systems Production Systems Equipment controls Equipment controls Scheduling Scheduling Simulators Simulators Infrastructure Infrastructure Data Communications Networks Data Communications Networks Database Systems Database Systems Intranet, Intranet and Extranet, EDI Intranet, Intranet and Extranet, EDI Disaster Recovery Disaster Recovery Administration and Management Administration and Management Productivity tools Productivity tools Supply Chain Management Supply Chain Management Decision Support Systems Decision Support Systems IT Focused Education IT Focused Education

Challenges IT Department Resources Shifting Priorities Competition Customer Demands Production drivers (tactical vs. strategic) Regulations

Sarbanes-Oxley Act of 2002 Public Company Accounting Reform and Investor Protection Act Affects publicly traded companies in the US Affects publicly traded companies in the US Resulting from cases of corporate fraud Resulting from cases of corporate fraud Monitors auditors and company executives Monitors auditors and company executives Adds controls to keep statements of assets and revenues honest Adds controls to keep statements of assets and revenues honest Designed to bolster the confidence of the investing public Designed to bolster the confidence of the investing public On March 30, 2004, the Canadian Securities Commission regulations were in force in most provinces. This covers best practices in corporate governance, annual reports and continuous disclosure. On March 30, 2004, the Canadian Securities Commission regulations were in force in most provinces. This covers best practices in corporate governance, annual reports and continuous disclosure.

IT and SOX 2/3 of IT managers believe they only need to update their documentation to be compliant 1 2/3 of IT managers believe they only need to update their documentation to be compliant 1 45% said changes will be in contract management and supply-chain systems 45% said changes will be in contract management and supply-chain systems 35% said changes will be in improving spending analysis and invoice reconciliation processes 35% said changes will be in improving spending analysis and invoice reconciliation processes None of those surveyed were going to spend money on IT None of those surveyed were going to spend money on IT Other surveys 2 showed that most agree IT must play an integral role in meeting SOX regulations by providing the systems and support necessary Other surveys 2 showed that most agree IT must play an integral role in meeting SOX regulations by providing the systems and support necessary 1 Aberdeen Group 2 Hackett Group and Gartner Financial Services

ISO-TS ISO Technical Specification aligns American, German, French and Italian automotive quality systems ISO Technical Specification aligns American, German, French and Italian automotive quality systems Specifies quality requirements for design/development, production, installation and servicing of automotive related products Specifies quality requirements for design/development, production, installation and servicing of automotive related products Includes component of maintaining good customer service Includes component of maintaining good customer service Focuses on continuous improvement Focuses on continuous improvement Put together by International Automotive Task Force (IATF) and various national trade associations Put together by International Automotive Task Force (IATF) and various national trade associations

What does SOX and TS have in common? Adds accountability Adds accountability Adds fiscal challenges Adds fiscal challenges Requires good IT Infrastructure Requires good IT Infrastructure Examples of how external pressures are creating challenges to the IT departments Examples of how external pressures are creating challenges to the IT departments

IT Doesn’t Matter “IT has become a commodity. Affordable and accessible to everyone, it no longer offers strategic value to anyone.” Nicholas Carr, Harvard Business Review

IT Doesn’t Matter Carr suggests: Carr suggests: Spend less Spend less Follow, don’t lead Follow, don’t lead Focus on risks, not opportunities Focus on risks, not opportunities Needless to say, Carr spurred much debate with his paper Needless to say, Carr spurred much debate with his paper

Security Backup Backup Disaster Recovery Disaster Recovery Authentication Authentication Authorization Authorization Computer Crime Computer Crime

Examples of Computer Crime Theft Theft Illegal software Illegal software Viruses Viruses Denial of Service Denial of Service Network Eavesdropping Network Eavesdropping Scanners Scanners Password Crackers Password Crackers Sniffers Sniffers Spoofing Spoofing Backdoors Backdoors Internal Internal

Preventing Computer Crime Identify and protect assets Identify and protect assets Implement appropriate physical security Implement appropriate physical security Implement user security Implement user security Deter programmers Deter programmers Review logs Review logs Protect network communications Protect network communications Prosecute criminals Prosecute criminals

Advances in IT Business intelligence/knowledge Business intelligence/knowledge Wireless world Wireless world Convergence Convergence Portal Portal Virtual meetings Virtual meetings