Question 1

The host company selected by me has a formal IT governance framework. It contains a Corporate Governance policy. This policy is introduced in order to benefit the employees, stakeholders (Tricker & Tricker, 2015). The policies introduced by the selected organization provides some responsibilities like evaluating the activities of Chief Executive Officer as well as taking necessary actions if needed, the actions include promotion or removal depending on his actions. The policy also includes various responsibilities for the higher levels through the delegated authority. I have gone through the findings of two of my classmates. Comparing their findings with mine, I notices that the Corporate Governance policy of large scale organizations differ from the small scale organizational behaviour. Small scale organizations do not have to handle as much responsibilities as the large scale organizations.

This finding has also evaluated some processes that ensured overall governance of an organization like efficiency, control and value of the organization. The processes include roles and responsibilities (Ueng, 2016). This factor is ensures that every member is provided with their individual roles and responsibilities. The second factor is purpose and strategy, this factor ensures that the purpose of the organization should be clear to the employees and a specific strategy should be utilized by the organization in order to achieve its aims and objectives. Risk management is also an important factor which includes the assessment of the risks faced by the organization and finding ways to mitigate them.

Question 2

Australian standard for the Corporate Governance of an Information and Communication Technology has been published in the year 2008. During my internship in an organization I have come across the fact that the usage of ICT is very common in the various business operations. It is also very vital for the well being of the organization (Badrick, Gay & McCaughey, 2017). The Australian Standard provides various principles such as acquiring the validity of the ICT task, planning ICT in order to support the organization, ensuring the efficiency of the ICT task whenever it is required and many more.

I have accounted one of the Australian Standards called plan ICT to best support the organization during my internship. We were provided with an ICT task and the members of our group performed the task individually. As a result, the most of the members had similarities in their solution. In this situation we faced the Australian Standard which depicts that the ICT has to be planned before performing the task (Michaels, Natraj & Van Reenen, 2014). Planning reduces the complexity of the task because activities are planned and members know what they need to do, members do not repeat the activities and time is saved due to this. A professional in the organization, explained us regarding the importance of planning and helped us in implementing it while we perform any ICT task.

Question 3

The legal compliance of ICT is integration between information management and business process management. Some important laws related to ICT are Basel II Accord, Anti-terrorism, security and crime Act 2001, EU Framework Decision on attacks in information system (Dawadi & Shakya, 2016). One situation that I might have to face during my internship where I would need to take account of Australian Legislation in fulfilling my ICT task is the EU Framework Decision on attacks against information system. This legislation would be useful when the information system of the organization is hacked or attacked by a cyber criminal. This situation might take place when the information system of the organization is secured properly and the employees are granted access to each and every data regarding the activities taking place in the organization. In this situation, the organization needs to adopt various measures that would be helpful in securing the information system. This part of legislation also provides guidance regarding various criminal offences that might take place in the organization, penalties that would be applicable as a result of those offenses, liability of the legislation people involved in the process, jurisdiction as well as exchange of data among the members (Lozano & Trillo-Lado, 2016). The attack to information system of an organization might take place due to various internal factors like mishandling of the data, not securing the data in an effective manner and many more similar issues. These activities would lead to numerous penalties to the members depending on the seriousness of the issue that has been created.

References

1. Badrick, T., Gay, S., McCaughey, E. J., & Georgiou, A. (2017). External Quality Assessment beyond the analytical phase: an Australian perspective. Biochemia medica: Biochemia medica, 27(1), 73-80.
2. Dawadi, B. R., & Shakya, S. (2016). ICT implementation and infrastructure deployment approach for rural Nepal. In Recent Advances in Information and Communication Technology 2016 (pp. 319-331). Springer, Cham.
3. Lozano, M., & Trillo-Lado, R. (2016, October). Consolidation of a professional approach experience on motivating Computer Network Engineering Students to the application of legal issues. In 2nd. International conference on higher education advances (HEAD'16) (pp. 295-301). Editorial Universitat Politècnica de València.
4. Michaels, G., Natraj, A., & Van Reenen, J. (2014). Has ICT polarized skill demand? Evidence from eleven countries over twenty-five years. Review of Economics and Statistics, 96(1), 60-77.
5. Tricker, R. B., & Tricker, R. I. (2015). Corporate governance: Principles, policies, and practices. Oxford University Press, USA.
6. Ueng, C. J. (2016). The analysis of corporate governance policy and corporate financial performance. Journal of Economics and Finance, 40(3), 514-523