Information Validating the IS security measures is also important

systems have contributed to the success of many businesses today, but improper
use of such systems has also created issues for organisations and their
employees. In today’s digital world, businesses rely more and more on information
and with this comes a need to protect and safeguard this information from the
various threats that exist. A business needs to address any security and
ethical concerns identified to ensure it maintains quality stakeholder
relationships (Polonia & de Sa-Soares, 2013).

(Polonia & de Sa-Soares, 2013) have identified four
main issues regarding IS security because of interviewing Information Systems
Managers. Firstly, a business needs to ensure that information systems and data
can be recovered easily and in a way that disrupts the business only minimally,
if at all. Secondly, a business needs the tools to detect information systems
security anomalies such as data breaches etc. In today’s digital world, the
ability to detect IS security issues using people and technical devices is
vitally important. The third important issue identified in the research is
getting executives and management to show commitment in direction and resource
allocation to IS security programs. Support for such initiatives needs to come
from the top in the way of budgets, their awareness and involvement. The fourth
issue is validating the effectiveness of the implemented systems security
measures to ensure that the IS security controls in place are functioning in
the way intended. Validating the IS security measures is also important in
showing management and the Board that IS security controls are efficient and
enable business operations.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

It is important
for BMT to implement procedures and processes that address such issues as above
to placate stakeholder concerns around security and ethical issues that can
arise with the implementation of new information systems.

It is also
important for BMT to have an Information Communication Technology (ICT) policy
in place. An ICT policy is a set of guidelines outlining how employees within
an organisation should use information technology and information systems
responsibly (Guru, 2017).
The contents on the policy should include:

Rules around the purchase, usage and
safe disposal of IT equipment,
Acceptable use of Information
Technology and Information systems,
Rules on password creation,
complexity and changing passwords,
Use of only licenced software and
ensuring that it is up to date for security reasons,
Rules around privacy
Training for all users.

Having a policy in
place, and being able to access the policy in one location such as the
intranet, will give BMT employees, volunteers and other concerned parties, a
centralised place to access information that is vitally important to ensuring
that the highest security and ethical standards are maintained and any risks
identified are mitigated. Conducting regular training on security, fraud and
ethics is also an important way to effectively communicate ICT policies and
practices for BMT. Training can be conducted online and through the intranet,
meaning employees and volunteers can access the training from anywhere. This is
convenient for those who work away from the main site and for volunteers who
may work on an intermittent basis.

& Recommendations


A good website
that is user friendly and enables patrons and suppliers to log into an account
using their email address. Patrons can make an online donation using a credit
card so BMT will need to have access to a PCI compliant payment gateway such as
eWay to ensure credit card data is secure. 
Website should have links to social media sites.

Management of BMT
should ideally have a social media presence on platforms like Facebook and
Twitter etc., as a way to reach a wider audience as well as for somewhere for
volunteers to connect, inform the community of events, and as another channel
through which to receive donations.

A CRM system
suited to a small not for profit business like BMT should be implemented. There
are many CRMS catering to not for profits, and features include sign up options
for patrons and new customers, customer and sales reports, and dashboards for
managers and executives. Wizehive and Growthzone are two cost effective and
user friendly CRMs that would fulfil BMT’s needs. 

As BMT has grown
rapidly in recent times, in terms of patrons, customers and employees, it is
important to have an MIS and DSS in place so management and the Board can make
decisions that align with the strategies of the business, which will in turn
enhance BMT’s competitive edge. BMT should also procure a web based accounting
software package that includes payroll and automated inventory management, and
enables the production of quality financial reports for the board and other
executives. This should interface with the CRM. System can be accessed remotely
if needed so when users are travelling or away from office, they can log in and
keep abreast of business operations.

To ensure that the
implementation of new information systems runs smoothly, it is recommended that
BMT follow the guidelines for Critical Success Factors for Information Systems
Projects. It is also recommended that BMT create an ICT Framework and put IT
and IS policies and procedures in place, making all stakeholders aware of these
documents through the intranet and other digital means.













Al-Mamary, Y. H. S., Shamsuddin, A. & Nor
Aziati, A. H., 2014. The Role of Different Types of Information Systems In
Business Organisations: A Review. International Journal of Research (IJR),
1(7), pp. 1281-1282.
Bredmar, K., Ask, U. & Frisk, E., 2014. Accounting Information
Systems Implementation and Management Accounting Change. Business Systems
Research, 5(2), pp. 125-138.
Carboni, J. L. & Maxwell, S. P., 2015. Effective Social Media
Engagement for Nonprofits: What Matters?. Journal of Public and Nonprofit
Affairs, 1(1), pp. 18-28.
Guru, 9., 2017. Guru 99. Online
Available at:
Accessed 28 December 2017.
Karaman, E. & Ghaffarzadeh, M., 2014. Decison making based on
Management Information System and Decison Support System. Bulletin of
Enivronment, Pharmacology and Life Sciences, Volume 3, pp. 126-135.
Linton, I., 2017. Bizfluent. Online
Available at:
Accessed 4 January 2018.
Mohamad, S. H. et al., 2014. The Impact of Customer Relationship
Management in Small and Medium Enterprises. Journal of Technology
Management and Technopreneurship, 2(2), pp. 11-18.
Moussa, M., 2016. Internet, Intranets and Extranets in Organizations: An
Intergrative Literature Review. SIU Journal of Management, 6(1).
Polonia, F. & de Sa-Soares, F., 2013. Key Issues in Information
Systems Security Management. Milan, Thirty Fourth International
Conference on Information Systems.
Saxton, G. D. & Wang, L., 2014. The Social Network Effect: The
Determinants of Giving thruogh Social Media. Nonprofit and Voluntary
Sector Quarterly, Volume 43, pp. 850-868.
Warner, T., Abel, A. & Hachtmann, F., 2014. Empowered and Engaged:
Exploring social media best practices for nonprofits. Journal of Digital
& Social Media Marketing, 1(4), pp. 2-12.
Ziemba, E. & Oblak, I., 2015. Change Management in Information
Systems Projects for Public Organizations in Poland. Interdisciplinary
Journal of Information, Knowledge, and Management, Volume 10, pp. 47-62.