OPS500 - Assignment # 2

Due Date: August 5, 2009 - Total Mark 100 (NO LATE Assignment PLEASE - 40% of Final Grade)

Company Background

You provide services through a Consulting Practice, and specialize in the IBM mid-range system AS/400.  You receive a call from the new management at a company called ABM System Services.  This company has experienced high employee turnover rates, decreasing productivity, and failing sales, the Board of Directors decided to completely replace the organizations top management group.

The new leadership has a mandate to clean house and turn the operation around.  They know they have an uphill battle to pull this off, but they are confident it can be done. They have adopted a strategy of common sense, to streamline processes and increase efficiency.  As a result, departments are in the process of being restructured, and people are changing duties and assignments.

They have instigated regular meetings with all employees, to gather information, and keep everyone informed on what is happening and why.  Communications have improved, and morale is slowly rising. Throughout this process, they have identified serious problems in terms of security for the organization and especially for the computer system.

The IT Manager left for another position, and an intermediate level programmer has been trying to fill the gap.  However, this individual lacks the time and expertise required to identify the security gaps. This is why the company has called upon your services.  They require a thorough review of systems security, AND recommendations as to what should be done, and why.

You agree to take the contract, and take a preliminary look at the environment.  There is no documentation, users and systems staffs are unsure of their roles, and no one knows why or how the present environment developed.  There has been NO standardization at all.  The systems operating system has been maintained to the most recent supported level, but that's about the only good thing you find.

This report is expected to be thorough.  It should cover all the elements of AS/400 system security for the current situation, and recommendations for maintaining good security habits.

Don't simply list recommendations explain why you are making these particular suggestions?

NOTE:

Currently, there are no external communications dealing with the AS/400, treat it as a stand alone unit.  The only TCP/IP server that is on is TEL NET to allow connectivity via 5250 emulation.

The company does hope to include external communications in the AS/400 platform within the next two years, provided everything has stabilized.

Information Technology Department:

  • I/T Manager                            (Recruitment for this position is underway)
  • Intermediate Programmer
  • Computer Operator
  • Tech Support works mostly on Windows server &  P.C.s, but is a back-up to AS/400 Computer Operations
  • 2 Consultants (Programmers) developing a new Order entry & Order tracking application

Applications on the AS/400 include:

Accounting:

  • General Ledger
  • Accounts Receivable
  • Accounts Payable
  • Statements and Reports on Company Earnings
  • Customer Account Records

Customer Orders:

  • Order Entry
  • Order Tracking
  • Customer Info
  • Order Records
  • Invoicing

Purchasing:

  • Purchase Orders
  • Inventory Tracking
  • Supplier Accounts Records

Production/Warehousing:

  • Inventory Tracking
  • Shipping & Receiving
  • Materials
  • Requirements Planning Package

Sales/Marketing:

  • Customer Records
  • Supplier Records
  • Sales Quotes
  • Sales Figures
  • Marketing
  • Research and Development (R&D)

NOTES:

1. Minimum of 10 pages.  Maximum 15. (Don't include title page in page count).

2. Be clear.  Follow a logical planning sequence.

3. Look at the IBM AS/400 Security Manuals online as well as the topics in the text.

4. NO LATE ASSIGNMENTS will be accepted.  Total 40% of Final Grade.

Last Updated: July 7, 2009