Management Audit of San Francisco\'s Information Technology (IT) Practices

Management Audit of San Francisco's IT Practices

San Francisco's IT Practices must generate strategic reports capable of setting targets and securing its IT infrastructure. The city must identify assets and determine their importance. The city of San Francisco's IT Practices entails valuable data, which is an asset necessary for production and delivery of services and goods. Such an asset is also relevant in the social and economic activity of the city and welfare of citizens. Assets refer to IT equipment, information, operations, and facilities.

The loss of such assets reduces the city's competitive advantage. This arises from the financial expenses incurred and the loss of a technological advantage or unique knowledge of information. It would be difficult to reproduce or replace such an advantage. The city must worry about the loss of its reputation. In order to characterize, identify, and evaluate a threat, it can obtain relevant data from news reports, the intelligence community, and analysts who can think like terrorists. Assessment of IT threats considers speculation and assumptions because information on threats could be incomplete, vague, or scant. After identifying potential threats and characterizing them, managers of the city can then estimate the chances of hackings against the city's IT infrastructure (Freire & Stren, 2011). In case there is hacking of its infrastructure, the attackers may have the opportunity of misusing the city's assets. The city must take into account the history of past attacks and the availability of the IT infrastructure as a target. This will determine whether the city should change its IT systems and activities to stop being attractive as a target.

The Management Audit of San Francisco's Information Technology Practices must establish ways of reducing the risks. This could be achieved in various ways: through risk reduction, by minimizing vulnerabilities, reducing the consequences or isolating IT infrastructure from major populations. For every possible countermeasure, the city must determine the benefit of risk reduction. IT infrastructures have more than one counter measure that might reduce risks for data. A Budget and Legislative Analyst must evaluate the feasibility of any countermeasure. This involves determining the costs of every countermeasure (Wagner, 2010). Costs tend to be multidimensional. They could be IT installation, training, and equipment. Long-term operation costs include repair and maintenance of IT infrastructure. If the city and country of San Francisco spends on IT protection, it can result in opportunity costs. This refers to costs pertaining to inability to invest IT resources in other areas.

Data infrastructure - The idea of utilizing IT data infrastructure in the management and access of information across the city and country of San Francisco is evolving and the city is at the implementation stage. However, city of San Francisco lacks a strategic framework to create and guide their IT policies. This demonstrates the difficulty of the Management Audit of San Francisco's Information Technology Practices to create a data framework within the city. This data framework must be organizationally sophisticated and encompass numerous stakeholders with different levels of information of the city's problem (Goldsmith, 2009).