Sample Technology Questions on Technology


  1. 1. What types of costs are associated with organizational non-compliance and inadequate security?

Modern enterprises face a tough task in safeguarding its interests and that of their clients. This is mainly attributed to challenges associated with inadequate security and non-compliance with regulations, privacy and data laws. Non-compliance activities relates to failure by an enterprise to adopt and implement costly related activities to the functional and support unit of an organization.

Non-compliance costs can be classified into three categories. First, direct costs (a direct expense towards a project); indirect costs (other resources spent such as time, not cash) and opportunity costs (costs resulting that diminish company’s worthiness) (Ponemon Institute, 2011). Therefore, as a consequence to non-compliance a company can incur, first, business disruption. This is an economic loss arising from non-compliance with activities such as canceled contracts, new policies by regulators or complete shutdown of business (Ponemon Institute, 2011).

Second, the productivity loss is a result of an employee failing to yield an expected outcome in a certain framework (Ponemon Institute, 2011). Third, loss of revenue. Majorly due to failure to comply with privacy laws, thus losing loyalty in customers. Fourth, interrelated with inadequate securities includes fines, penalties and settlements mostly from legal and non-legal methods.

  1. Name and define an information systems control. Provide an example including how it might be used in an organization

An information system is a combination of components desired at the collection, distributing, storing and managing information. The component includes hardware, software, data, network and people (Tiwana, 2009). Thus an organization information system control an effort to deliberately influence the behavior people (employees) in order to realize objectives associated to designing, developing, operating, using, and managing information systems (Tiwana, 2009).

For example, an enterprise management, designing a system-development project intending to influence the behavior of staff by creating a systemized methodology requiring employees to complete assigned tasks and by providing a bonus to developers of error-free coding (Tiwana, 2009). In this instance, the enterprise is implementing an information system control to generate high-quality systems. In so doing, the organization adopts a system that is flexible, cost-effective and managed by qualified employees.



Ponemon Institute. (2011). The True Cost of Compliance: A Benchmark Study of MultinationalOrganizations.

Tiwana, A., & Keil, M. (2009). Control in internal and outsourced software projects. Journal of Management Information Systems, 26(3), 1-44