InfoGov_Project

profiletinap
COMPANYDESCRIPTIONSTP.pdf
Home>Computer Science homework help>InfoGov_Project

UNIVERSITY OF THE CUMBERLANDS

ITS 833 – INFORMATION GOVERNANCE

SUMMER IG – BI-TERM 2018

SEMESTER PROJECT – PHASE III

COMPANY DESCRIPTION FOR SECURITY TRANSPORT PROFESSIONALS, INC.

Below is the same company description that you were given at the beginning of Phase I. It

has been reproduced herein below simply as a matter of convenience for you as you

complete Phases II and III.

Security Transport Professionals Incorporated (STP), has its home office located in Lexington,

Kentucky and in addition has more than 3,000 employees located in each of its branch offices

located in Houston, Texas and San Diego, California.

STP is primarily a nationwide freight hauler. Its customers are comprised of major market retailers

particularly in the medical and pharmaceutical industry, the federal government, and several state

governments. STP operates a fleet of trucks and private cargo planes that it uses to move “goods”

belonging to its customers from one destination to another across the continental United States. Its

fleet of truck carriers are located in Lexington, Kentucky with it planes located in Louisville,

Kentucky.

STP carries and transports highly controlled, narcotics and scheduled prescription drugs, toxic,

radioactive, nuclear, and top secret materials from one facility belonging to its customer to another.

The method of transport depends on the type of cargo being hauled. In addition to

hauling/forwarding its customer’s products/goods, STP is required from time to time to store its

customer’s goods for brief periods of time. Two years ago STP began contracting with a number

of subcontractors hereafter referred to as either “limited joint partners (LJPs)” or “independent

subcontractor alliances (ISAs)” for the purpose of expanding its freight forwarding, storage, and

delivery service. Due to the confidential nature of the freight that it transports, STP vets its

employees, as well as any subcontractors (LJPs and ISAs) that it engages.

STP’s business objectives and goals include the confidential, safe and secure movement of its

customer goods, from the customer/distributor to the customer/distributor’s own client or

purchaser, or from one of its customer’s locations to another of the customer’s locations in a timely

and efficient manner using cost-effective methods. Alternatively, STP may transfer this

responsibility to one of its limited joint partners (LJPs) or independent subcontractor alliances

(ISAs), if it is more cost-effective and the income differential is within acceptable limits. There

are 3 LJPs with which STP had entered into contracts.

LJPs are corporate organizations in the same industry that offer essentially the same services as

STP, and who are generally competitors of STP. However, when the job requires resources that

exceed those of STP or its competitor, the two will enter into an agreement to jointly undertake

the contract together, and will together provide the same full range of services, with both entering

into the same contract or joint venture with the customer.

Independent subcontractor alliances (ISAs) differ from Limited Joint Partners (LJPs) in that an

ISA is not a direct competitor of STP. Rather, the ISA is a company that offers a subset of services

to STP, or contracts with STP to provide it with necessary resources to perform the particular job

at hand. For example, an ISA may be a warehousing company that provides only storage facilities

for STP. Alternatively, an ISA may be a company that is engaged in service and repairs for STP’s

trucks and planes, and/or provide sterilization and cleaning services for STP’s trucks and planes

upon completion of a job, where STP had transported hazardous or toxic materials, requiring

specific types of sterilization or cleaning services for its transport vehicles. There are other types

of ISA that STP engages and contracts with. With regard to ISAs, STP is the only organization

that will contract with its customer or who will be identified to the customer. STP’s customer

should never be aware that STP has subcontracted some of its services from the ISA. There will

be no negotiations, contracts or agreements between STP’s customers and STP’s ISAs. STP will

then enter into its own separate subcontractor contract with its ISA, and the ISA is not identified

to STP’s customer. There is no definitive number of ISAs that contract with STP. The specific

ISAs used (if any) will vary depending on the geographic location or area of the country involved

and the availability and cost of the ISA available to service the area.

STP is also under pressure from several of its competitors in the industry. The competitive market

is driving STP to improve its routes, delivery methods, fleet vehicles, and other facets of its

business to increase profits (a strategic goal) and to reduce costs. The company realizes that its

information technology infrastructure has been neglected for some time and that many operating

locations are running on outdated hardware and software. On several occasions last year, STP

suffered no less than four network compromises through one of its LJP Internet sites that led to

the disclosure of sensitive and strategic information on contracts and mergers.

The chief information officer (CIO) made a strategic presentation to the board of directors and

executive management to first assess the aging infrastructure and then, develop a multi-year

phased approach to have all of STP’s own sites running the same hardware and software platforms.

Of course, STP has no control over the hardware or software platforms used by its LJPs and ISAs,

although they must be able to communicate with each other.

Information about the assessment indicates that the current state core infrastructure (switches,

routers, firewalls, servers, and so on) must be capable of withstanding 10-15% growth every year

for the next seven years with a three-to-four-year phased technology refresh cycle.

There is a hodgepodge of servers, switches, routers, and internal hardware firewalls. Nearly all of

the infrastructure is woefully out-of-date in terms of patches and upgrades. This operational

neglect has unduly increased the risk to the network, in terms of confidentiality, integrity, and

availability. Since this will be a multi-year technology upgrade project, something must be done

to reduce STP’s exposure to vulnerabilities to increase the overall security profile and reduce the

risk profile.

Now that the funding has been approved for the infrastructure assessment, the CIO has decided

that it might be a good idea to implement an Information Governance Program into the

organization, assuming he can sell the corporation on its benefits. To that end, the CIO has hired

you as IG Project Manager to assist in initial preparatory stages.

STP Job Roles: In addition to the CIO, below is a list of individuals at STP to whom you have

been introduced. The CIO has informed you that you can call upon any or all of the individuals

who hold these job roles/titles for assistance and may name any of them to be on your project team.

You may also call upon any of the heads of the various business units for assistance, as well as a

designated contact person for each of STP’s LJPs and ISAs.

-house Counsel

-house Financial Analyst and Risk Manager

l Manager (Houston, Florida)

* This individual is also a member of STP’s Board of Directors.