Year : 2009
Number of Pages : 41
leaves
Adviser : Prof. Glen A. Imbang
Executive Summary
Technology
managers are often faced with the dilemma of selecting a single most
appropriate technology from a range of competing options. The rapid development
of technologies, together with their increasing complexity and variety, has
made the task of technology selection difficult. Current approaches to the
technology selection decision have usually been narrowly focused on assessment
of the financial viability of technology options, or conventional investment
justification factors. In many cases, the selection processes are based on
generic decision support tools which are not fully adapted for technology
selection. In any business, it is important that the right technology decision
is made at the right time. Therefore in any event of technology acquisition, a
well established technology selection and evaluation process should already be
in place since these are the most critical phases of the process and if not
done diligently and on the right time would affect the overall business goals.
This paper focused on the actual experience of acquiring a Data Leak Prevention
(DLP) technology to support a major Business Process Outsourcing (BPO) company
initiative of acquiring Payment Card Industry (PCI) Data Security Standard
(DSS) certification across its enterprise. The technology acquisition framework
was used as baseline for the process gap analysis and the relevance tree
analysis was used as proof of concept. The relevance tree analysis focused on
detailing the technical criteria for selecting the right DLP technology to
support PCI DSS certification effort and at the end, revealed to be a very
useful tool in verifying the completeness of the actual technology
implementation, thus highlighting the project's areas for improvement.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.