Scenario
Smart Choice is a software company with more than 100 staff based in Melbourne and a few other small offices in some countries in Asia. Recently, several big companies have been attacked by cybercriminals. Under the current serious cyber security threat, the CEO of Smart Choice is planning to apply some cyber security strategies including:
- Encrypting network, devices and other media that contains sensitive information,
- Only give users the minimum access and privileges needed to do their job. Users will need to fill in a form to gain additional privileges or access.
- Enforce password complexity, reuse, expiry at a more secure level
- Update some procedures to ensure security such as how and where to store important files and documents.
- Introduction of automated audit logs showing who and when users accessed which systems and data
- Monitor all staff internet and email usage from the company networks.
To implement the above strategy, it requires training sessions for all staff. There will be more security steps to access the company networks especially, from outside Australia. Also, staff will have to follow strict procedures to guarantee data safety. Some staff may have access permission to systems removed or reduced if it is not essential to complete their job. Staff will need to be informed of the increased security audit logs showing their activities. Their customers will be also limited in accessing some of the company resources that they currently have the access to.
While the CEO believes that this change will bring a sustainable development for the company in the long term, some staff have concerns that the limited access will cause a lot of problems in their work and be time consuming in task flow.
This change may affect the timeline of some major contracts that the company is processing. If this issue were to happen, the staff would be required to work overtime to complete and deploy the product to customers on time.
The CEO knows that this is not easy but considers it an important and urgent project; therefore, he has hired you as a change manager to develop a change plan ensuring the security strategy will be implemented smoothly in one month. Also, his staff’s productivity is maintained or improved, and all contracts are completed on time and in budget.
Assignment tasks:
The assignment includes 2 Tasks
Part A: Change Management Plan
You, as a change manager, have been asked by the CEO, Mr Reynolds, to develop a change management plan for the above scenario.
The detailed change management plan should be. You can make assumptions which are relevant and consistent with provided information in the scenario to support for your ideas, provided you clearly state the assumptions. You may argue the pros and cons for any recommendation that is made. If necessary, students are expected to find relevant information in the academic literature to justify their answers.
Part B: Peer Review
The peer reviews will be used to ensure all team members contribute equally. Normally marks will be allocated equally to all members but if it is identified one member contributes significantly less the marks may be adjusted according to student contribution.
Suggestion: Develop your team spirit and culture base on the criteria on the peer review. Keep a record of how tasks are allocated and who contributes what and when to the report.
