Page 338 -
P. 338
296 Chapter 10 • Global, Ethics, and Security Management
Summary
•Global and ethical issues are major areas to system as well as educating ERP users
assess when implementing or modifying an toward higher ethical standards.
ERP system. These areas are also forever •With Sarbanes–Oxley coming to our world
changing (i.e., the world is getting flatter; after the Enron crisis, companies have no
companies are competing and need to com- choice but to ensure their systems are com-
municate with other companies worldwide). pliant. In our fast-changing world, it is more
•Outsourcing is gaining a lot of interest in ERP common to think on a global level, and it’s
implementation because it is efficient, but very important also to think ethically.
unfortunately it is also steeped in controversy. •Protecting the asset, ERP system, is all a part
The details concerning what to outsource, to of an ERP implementation. Legal issues can
whom, where, and at what cost can be a very arise at any time before, during, and after the
challenging decision for even the most implementation. Addressing needs and
sophisticated companies; however, if handled performance in contracts provides a level of
strategically, outsourcing can provide tremen- protection against a major loss of assets and
dous benefits to the organization in terms of expenses.
cost, flexibility, and diversity. •An ERP system’s security is good only as
•Offshore outsourcing relationships must keep long as company employees are aware of
in mind language barriers, cultures, and inter- the importance of maintaining a secure
national rules and regulations. As a result of environment. Securing an ERP system is
this, our government continues to monitor complex and requires good technical skills
and regulate the ethics of ERP systems. as well as good communication and an over-
•Software as a Service (SaaS) is emerging as all awareness. A system’s security is only as
a viable model of outsourcing. With SaaS, good as its weakest link. In the case of
organizations do not have to worry about systems connected to the Internet, the weak-
installation, maintenance, and upgrades. est link may not even be the company’s
This allows them to focus on their core employee; rather, it could be someone else
business processes and scalability options. that has been given access to the system for
•Companies implementing ERP face several e-commerce purposes. System security
ethical challenges with such issues as data cannot be underestimated or overlooked in
privacy, accuracy, property rights, and access an ERP implementation. Like any system, a
rights of users to the system. With data security plan must be developed to address
mining on identity theft activities on the rise, all the issues related to access with an
organizations face considerable challenges implementation methodology employed to
in embedding best ethical practices in the ensure proper installation and testing.
Exercises
1. Research offshore outsourcing companies that that has discovered a breach in security;
specialize in ERP implementation and maintenance. describe the breach and how it affected the
Prepare a report for management ranking the business.
outsourcing companies with their strengths and 3. Find out how the major ERP vendors support SOX,
weaknesses and provide recommendation on how HIPPA, EU regulations, and other compliance
management should proceed with signing the modules. Prepare a report for management of a
outsourcing contract. large company with a matrix comparing the
2. Information technology security is essential to the features supported by each vendor with your
general health of an ERP. Research a company recommendation.
