Information management (IM) refers to the collection of information from more than one source managed and distributed to many audiences. Management of a particular company control their processing and planning structure with the help of information that are relevant for corporate functioning and evaluation of information. This information is required for meeting the demand of client and fulfils the objectives of the company. This information enables the clients to develop ideas regarding the company (Wurzler, 2013). The following project highlights details regarding information risk that is encountered by Apple Inc. related to could computing, which is the best method to revamp information technology infrastructures.
During 1970s, the information system generally referred to the files that are maintained manually with the help of file maintenance. This paper-based files and records were replaced by information technology. The adoption of the new technology brought about huge differences in the management of information. However, with the advent of new information technology, information management was no longer a simpler job to execute. Information management cannot be performed by every individual as it requires huge knowledge base regarding its usage. The understanding is developed through a number of theories, which provides relevant information pertaining to the system. With the advent of electronic means of information management, it became difficult for the individuals to manage it properly (Wurzler, 2013; Pironti, 2014). During the late 1990s, information was disseminated across the computer networks at a regular basis by the network managers, who later became the information managers. These mangers encountered huge difficulties in pursuing complex tasks pertaining to software and hardware. With the help of present tools and techniques, information management has become an important resource for every organisation. However, there are numerous risks associated with it and the cost of the information system is very high. The cost has limited many small companies to adopt the new information technology for their business purpose. From the above mentioned details regarding information management, it can be summarized that information management takes into account retrieving, organizing, securing, acquiring and maintenance of information (Pironti, 2014).
In the present business world, the paper files have been replaced by electronic files that are stored in the computers. This new trend of storing information has developed a new industry. The interesting part of this industry is that it has also encountered tremendous advancement with respect technological up gradation. This has encouraged the companies to manage huge source of data and secure them from vulnerable activities. The technological advancements have taken place very quickly which have changed the business paradigm of the 21st century. However, this advancement in information technology has given rise to risks. These risks can be defined as information risk (Wurzler, 2013; Lemieux, 2004). It can be defined as the probability that confidential electronical information can be accessed by unauthorised or exploited parties. It is not difficult to identify few companies that have encountered information risks. The news related to unauthorised access of sensitive data is the key factor that gives rise to information risk. It has become a growing problem for every sector worldwide.
The main elements of risks that are vulnerable to computer networks relates to unauthorized access of private data. This particular risk has grown in every sector where technology is utilized. Information risks are basically identified and managed by the risk managers of a company. However, due to its severity over the years, the risk managers find it difficult to overcome it properly. Thus, when the word information risk is uttered in conference room that has many risk managers, the environment becomes quite. The managers provide various reasons when they are questioned regarding the safety of the electronic information. They are quite unclear about the level of protection required for measuring the effectiveness of the electronic infraction and provide solutions. The records and information that are managed by a company for years are subject to threats that are arising due to the inability of the risk managers to protect them. The threats have the capacity to damage information and records that are managed by the company for years including private information. The risks are one of the main reasons behind system failures, such as systemic problems with information and records. During any extreme incident of risk, there can be heavy loss of data, which may also lead to corporate failures (Wurzler, 2013; Lemieux, 2004).
The figure provided below highlights few recent high profile cases pertaining to information risk. The figure identifies how the poor quality information and records are vulnerable for a company. Thus, the figure states that every company should concentrate in managing the information relate risks.
Figure 1: Consequences of failure in managing risk
(Source: Lemieux, 2004)
Despite the failure of managing different forms of risk in the information system, many companies do not view it as a vital issue. The risk in the information system is not concentrated as the main area of focus in the company and as a result, this information is subject to unauthorised access. It is observed that in most of the companies the line mangers deal with information risks. They address these risks on ad hoc basis throughout the business processes by employing internal audit, IT, legal and records management. The main approach of these mangers in addressing the risk is loss avoidance oriented (Lemieux, 2004).
According to Farahmand et al. (2003), risk management is divided into three major parts,
