The purpose of this proposal is to help American express to utilize the power of internet in gathering information of its customer's details and to acquire information on the customer's business status. Currently the company is using obsolete techniques in gathering the customer's feedback. The company is sending a card to the customers with questionnaires on how they foresee their services. But in today's competitive market the company should adopt a more advance strategy in acquiring this feedbacks; by introducing a computerized customer feedback information system.
Aims and purpose of the Study
The main rational behind doing such research is to fulfill two primary objectives. One is to fulfill my assigned course which is a part of my academic curriculum. Another is to understand the process of management information system and its application on a business firm and how does it impact for the success of a business firm
American express is one of the leading credit card and travel insurance in the US. Customer satisfaction is of utmost importance to this company. In order to improve customer satisfaction and increase their market share the company can use a more competitive way of doing this.
A computerized customer feedback IS can do this; my team can help them to install software that will enable them to track their customers' activity online and at the same time gathering some customer feedback. Each customer can log on to their websites to check their past and recent transactions, and on the websites a pop-up window will appear that will ask the customer to give their feedbacks by simply ticking the appropriate boxes with questions like:
Did you find are site secured?
Is it convenient for you to use online transaction?
Did you find what you want?
These are just some of the example that can be asked from the customer in a fast, secure, and cost wise approach.
American Express is a worldwide travel related service company. American Express works with both consumers and business with their financial planning as well as offers numerous amounts of credit card products and travel assistance. They have many products and services that are used throughout the world by consumers and businesses. As American Express moves towards the future, like most credit card companies, they want to be competitive and responsive to the needs of the consumer.
American Express sends out customer service surveys to the card members that call in to the telephone service centre. The surveys are sent out randomly with a coding on the bottom of the survey so that the results and comments are given back to the correct employee. The employees are aware that any card member that they speak to could receive a survey. With this said, each employee goes through extensive training on the telephone behaviours that must be demonstrated while speaking to card members. The employees also go through extensive training on the policies and procedures that each card product and service has. This training is to ensure that each card member is handled with the most utmost professional behaviour and their issues are handled correctly.
Once the surveys are returned to the company, they are returned to the Customer Satisfaction Action Team. This team reviews the surveys, separates them by employee and then by the results. The results are separated by "Excellent" and "Very Good" and then "Fair" and "Poor" marks. The card members that score a "Fair" or "Poor" mark on the survey is called back by one of the team members and the issue is discussed further to find out why the survey was marked that way. The comments that the card members make on the surveys are returned to the employee's team leaders. The team leader gives the feedback to the employee and discusses with them their best practices or opportunities that need to be worked on.
This tool is an excellent way to get in touch with our card members and to see how they feel the company is doing and what they feel is going right and what needs to be worked on. By doing this the company can take this information and better the customer satisfaction by either up training of employees are reviewing and possibly changing the policies or procedures.
The cost of establishing a CEM data acquisition and management solution varies for every organization and according the available budget.
This will be the sample (. a) and (. b) diagram of the customer feedback system that will appear on their websites.
Customer Feedback Information System
In today's economic condition each of the big names in the global market has its own strategies in order to dominate the global economy. Some are investing in the information technology, others in marketing, but most of them are neglecting the importance of consumer or the customer satisfaction. My intention is to create a survey system based on the internet; this will include the information of the basic necessities of the consumers, giving them feedback if the consumers like their product or even if the buying public have any complain in their products. This survey system will include foods, drinks, etc. They can have real time information of what the consumer wants and what the consumer does not want. They can even use the systems for forecasting the demands of the consumers and for new product development.
The company research involves the use of qualitative data, such as interviews, documents, and participant observation data, to understand and explain social phenomena. Qualitative researchers can be found in many disciplines and fields, using a variety of approaches, methods and techniques. In Information Systems, there has been a general shift in IS research away from technological to managerial and organizational issues, hence an increasing interest in the application of qualitative research methods.
When you need to ask for opinions on a new product or get feedback on service received, take advantage of the speed and efficiency of the making a research. Research most commonly involves market research data companies managing a panel of participants, who have been contacted and pre-screened for eligibility, then sent questionnaires through from time to time. Well-managed panels do not get 'burned out' from constantly filling out surveys, and are carefully screened to ensure respondents are matched with the subjects under study.
The system is very simple we are going to gather the data that we need from the internet, especially from social networking sites such as face book, twitter, Friendster etc. After collecting the data we are now going to organize it or arrange it accordingly. The system will then hold the data and then constantly feeding it to the customer's website, so that they will have a real time feedback from customers' reaction or complain in the various everyday products, that they need in redesigning or even in generating new ideas to create new products that they can introduce in the global market.
This diagram explains how the company will interact with the customers. It shows the step by step of procedures from distributing the questionnaires to collection of answers.
DECISION SUPPORT SYSTEM
Computerized Decision Support System
The use of computerized decision support systems has been advocated to increase equity and reduce error variance in human services decisions. A widely used type of DSS works by matching characteristics of current cases to decision criteria established through statistical analysis of a large number of previous cases and the decisions made in them. The DSS is programmed with questions to elicit the characteristics of the current case from the workers and, after processing the entries, provides a normative decision based on the decisions made by others under the same conditions. The premise is that the normative decision is more equitable and less error prone than human judgment.
The essence of decision-aiding software is that it consists of various forms of microcomputer programming designed to enable users to process a set of goals to be achieved, alternatives available for achieving them, and relations between goals and alternatives in order to choose the best alternative, combination, allocation, or predictive decision-rule. Decision-aiding software should be distinguished from at least two other kinds of software that are relevant to making decisions, but do not process goals, alternatives, and relations in order to arrive at prescriptive conclusions.
TYPE OF COMPUTERIZED DECISION SUPPORT SYSTEM
1. One related type is information retrieval software. It can be very useful for determining such things as the amount of money spent on a certain expense item in a certain year, the court cases that are relevant to a given subject matter or any kind of information that might be contained in a statistical almanac, encyclopedia, or other compendium of information.
2. Another related type of software is office practice software, which can be useful for word processing reports, filing and retrieving in-house information, or doing bookkeeping relevant to financial matters. That kind of software is useful for better organizing the decision-making processes.
WHAT DOES IT DO?
1. One is that the questions posed by the computer may lead workers to consider in a structured manner all the relevant aspects of their cases and the available interventions and outcomes.
2. The other is that the dissonance created by non-normative decisions may lead workers to rethink their decisions, especially in cases where the system requires them to justify divergent decisions.
3. The improvement of professional reasoning.
WHO IS THE TYPICAL USER OF THE SYSTEM CURRENTLY?
1. Law firms
2. Government Agency
COMPARISON OF THE PRODUCT TO ITS DEFINITION
Computerization in the Prosecution Service in Scotland
In the late 1970s at a Council of Europe colloquy at The Hague, the then head of our department, the former crown agent, saw a computer system that he felt would greatly benefit the running of his Procurator Fiscal offices in Scotland. Further examination, study, and research confirmed this but it was not until 1983, following a competitive procurement exercise lasting over a year, that the actual purchase of computer hardware and application software for the first stage of implementation of the strategy was completed. The Glasgow Procurator Fiscal's Office, which was selected, serves one of the busiest courts in Europe and is the largest Procurator Fiscal Office in Scotland, handling in excess of 75,000 cases a year covering virtually the complete range of types of crime under Scots law. The system itself was a System minicomputer (DEC based) with 40 visual display units and 6 small printers spread throughout 5 separate locations in central Glasgow linked by telephone lines. The application software is Promis. At this point it is perhaps worth describing in more detail the main functions and facilities of the system.
Information is recorded on receipt of information from the reporting agency, normally the Police. At every stage of the case the computer records at the initial case set up, the system also indicates previous history, whether the accused person who is the subject of the new report is already on file, whether there are any cases outstanding against him or her, whether there are any warrants in existence for his or her arrest, whether he or she has had any previous warnings for similar types of cases. All this information assists the prosecutors in deciding to proceed or not to proceed with this new case.
As one can imagine, the system can provide a comprehensive array of statistics on the case loadings, types of offenses being committed, as well as management information to assist in the running of an efficient office. The system has already been used to provide information to assist in answering several parliamentary questions, for example, about prosecutions for particular types of crime.
At the same time as we were installing our first administrative Promis system in the offices of the Glasgow Procurator Fiscal, we purchased a multiuser Fortune 32:16 microcomputer system running the free text retrieval application software package Status for the use of our legal staff in the Crown Office for research purposes. We also used this hardware to access the commercial database until its discontinuation at the end of 1985. We were then faced with the question of whether to look for another commercial service or try to create our own. Nothing on the market really met our needs so we decided to continue to expand the use of our own system and eventually try and extend the use of the system to the Procurator Fiscal Service in general.
A great deal of effort by our legal staff has gone into the creation and development of the database over the past couple of years to the point now that we have a comprehensive collection of Scottish case law dating back to the early. It is now the intention of the Crown Office to distribute our database to all regional and some Upper Level Procurator Fiscal official. These offices will run the system on stand-alone IBM-compatible microcomputers situated.
For the near future our attentions will be turned to providing our headquarters with an integrated office automation system. At the moment we have several independent microcomputer systems covering High Court cases, finance, personnel, legal research, and so on, but our aim is to integrate these systems and create within Crown Office an information center. The types of functions we will be looking at include registry, electronic mail, word processing, text retrieval, and desk-top publishing. We are currently also considering different options as far as text and document recording systems are concerned.
Another area we are considering is the electronic linkup of a Procurator Fiscal's Office with the local police computer systems, thus providing a speedier method of reporting cases to the local prosecutor. A pilot project is currently under way, linking our Paisley Procurator Fiscal's Office with the Strathclyde police. This will be the forerunner to a national roll-out program.
A great deal of work still has to be done to allow us to look at all possible avenues of information system development within our department. Every encouragement is being given by senior management, which makes our task a pleasurable one indeed. The department is still very much in its infancy as far as information systems are concerned, but we will endeavor in years to come to capitalize and improve upon the good start we have made.
CASE STUDY 1
INFORMATION SYSTEM IN RESTAURANT
1. In the light of the system, describe the decisions to be made in the area of strategic planning, managerial control, and operational control? What information would you require to make such decision?
1. It can help in redesigning the interior of the restaurant and how the service is being delivered to the customer. It can help improve customer service, and can improve supply chain management. In the area of managerial control, it will help the managers to allocate the working schedules of the employees and will help minimize labor overheads. In the area of operational control it will improve customer satisfaction by delivering first class customer service. With this system the managers can have an inventory of the stocks in real time and the phasing of each food item.
2. What would make the system a more complete MIS rather than just doing transaction process?
The everyday transactions will feed the information needed for the top management to decide which food item needs improvements, sales forecast and the information needed to improve customer service.
3. Explain the probable effects that making the system more formal would have on the customer and the management.
On the customer side, it will improve customer satisfaction by improving the service, fast service means a happy customer, and that will lead to high sales profit.
On the managerial side, good profit means good and successful business. By this system the managers can still improve the service in a more effective approach, if this strategy helps improve the overall operation; they can introduce advance booking and food ordering over the internet, making the service a lot faster and more reliable.
CASE STUDY 2: SECURITY LOOPHOLES
WHAT SECURITY LOOPHOLES COME TO THE FORE IN THE SITUATION DESCRIBED? HOW CAN THESE BE PLUGGED?
Physical barriers consist of making sure that computer and terminals are locked up and only accessible to legitimate users. It is also important to make sure that disks and tapes are similarly protected. All disks from outside the organization should be regarded as potential sources of infection, and should be checked if necessary, disinfected, on a stand-alone dirty machine set aside for the purpose, before being loaded onto the organization's mission-critical networks and machines. The risks are real, and companies regularly go out of business within twelve months of a virus infection if vital files such as outstanding invoices or customer databases are lost. Networks are physical barriers difficult, because telephone wires cannot be completely protected physically. However, for extremely sensitive telecommunications links, such as those connecting military computer to missile-launching facilities, physical barriers are used. The cable is passed down a pipe containing a pressurized gas. If any attempt is made to break into the pipe, the pressure will detected and trigger an alarm. Software defenses usually depend on passwords and personal identification numbers (PINs) in conjunction with cards and cryptography. Passwords should be changed regularly. If you are ever responsible for systems, make sure users choose passwords which are not proper names or real words, preferably a random mixture of letters in upper and lower case, numbers and punctuation marks, to make difficult for hackers to guess. The danger then of course is the legitimate users will forget their numbers or, worse still, write them down in accessible places. Often a satisfactory compromise is to choose an easily remembered word or number, with one or two random characters introduced somewhere in the middle. Cards and PINs similar to those used with credit cards can be used, and cryptography can be employed to code transmissions across networks in such a way that only the intended user can decode the message. The growth in commercial use of the internet has led to the development of so called ‘firewalls', which are designed to protect a company's internal networks from infection or intrusion from external networks. Procedures should be place in to ensure that codes and passwords are changed regularly, and that audits of system performance are regularly carried out. The system should maintain files of all transactions, so that an audit train can be followed by an auditor to check that no irregular transactions have occurred.
There can never be a 100 percent secure system. If enough people are determined to break in, sooner or later someone will find a way. Part of the problem is that the more secure you make the system the less easy it is for bona fide users to use. There has to be a compromise, and the costs of the inevitable breaches must be budgeted for. For instance, a couple of years ago, the credit card organization Visa International, budgeted for a loss of more than £130 million in fraud. Computer security depends on a combination of physical barriers, software defenses and security procedures.
WHAT IS THE IMPORTANCE OF SECURITY BUDGET IN THE CONTEXT OF THE GIVEN SITUATION?
It is necessary for any organizations to have a security budget for their computers and programs. Because if they have enough budgets, they can employ an IT consultant who can install programs that will help to keep secure the information in the computer and anytime they want to install anti- virus for their computers.
Another reason is if they have security budget they can acquire different programs or applications that will help to upgrade their units. It will also be a viable reason to have this budget in case of unpredicted breakdown.
CASE STUDY 3: OVERHAULING THE INFORMATION SYSTEM ENVIRONMENT
1. Video conferencing can be useful for this organization it will help improve decision making of the senior executives. Conducting a conference between two or more participants at different sites by using computer networks to transmit audio and video data. For example, a point-to-point (two-person) video conferencing system works much like a video telephone. Each participant has a video camera, microphone, and speakers mounted on his or her computer. As the two participants speak to one another, their voices are carried over the network and delivered to the other's speakers, and whatever images appear in front of the video camera appear in a window on the other participant's monitor.
Multipoint videoconferencing allows three or more participants to sit in a virtual conference room and communicate as if they were sitting right next to each other. Until the mid 90s, the hardware costs made videoconferencing prohibitively expensive for most organizations, but that situation is changing rapidly. Many analysts believe that videoconferencing will be one of the fastest-growing segments of the computer industry in the latter half of the decade.
2. I will recommend just adding functionalities in the existing systems. CBIS is a good source of information that can be very useful for the senior executives in making difficult decisions. With the CIO in place he can review the information given by the CBIS and from there he can make a final report that will be submitted to the senior executives.
3. The chief information officer is needed to provide people leadership, managing budgets, business alignment, infrastructure refresh, security, compliance, resource management, managing customers, managing change and board politics.
Chief Information Officer (CIO) is a job title commonly given to the most senior executive in an enterprise responsible for the information technology and computer systems that support enterprise goals. As information technology and systems have become more important, the CIO has come to be viewed in many organizations as a key contributor in formulating strategic goals. Typically, the CIO in a large enterprise delegates technical decisions to employees more familiar with details. Usually, a CIO proposes the information technology an enterprise will need to achieve its goals and then works within a budget to implement the plan. Typically, a CIO is involved with analyzing and reworking existing business processes, with identifying and developing the capability to use new tools, with reshaping the enterprise's physical infrastructure and network access, and with identifying and exploiting the enterprise's knowledge resources. Many CIOs head the enterprise's efforts to integrate the Internet and the World Wide Web into both its long-term strategy and its immediate business plans.
CASE STUDY 4: SYSTEM FAILURE
1. Is it justified to say that digital systems are unreliable and carries enormous risk?
Yes, the digital system was introduced some 20 years ago to help simplify and improve all kinds of business processes. IBM was the first to introduce this system; this company was able to convince the people that this would help or changed how business is done. In every system that they were able to develop there has always been a drawback. It is very difficult for them to eliminate system malfunction. Why is this always happen? The answer is at the back of this system it is always the humans who always makes the mistake. Often it is human error that always makes the system defective and unreliable. Safety precautions are always neglected, and humans are prone to corruption that makes the digital system under enormous risk.
2. What countermeasures should be put in place to minimize damages due to failure of digital systems?
Programmers and developers should always be ahead in terms of technology against the hackers in order to prevent digital misdemeanor. Current security measures should always be back up by a system failure protocol. The government should also help in providing security measures to minimize the risk in the digital system.
INTERVIEW /REPORT GUIDE
1. Personal Information
a. Employee Name- Joy Estanislao
b. Employer Name- Bupa Cromwell Hospital
c. Workplace Address- Cromwell Road, London Sw5 OUT
d. Telephone Number- 0207 2785467
e. Job Title – IT Consultant
f. No. of years – 10 years in the IT career
2. What kind of computer system do you use?
a. Hardware- Advent 4211C notebook
b. Software – Windows XP
c. Printers – Canon MP140
A. What kind of training have you received in order to use the computer system effectively?
Basics of Using Computer
B. Do you find the IT Technical Staff in your firm to be helpful and easy to work with?
- I am working in the Bupa Cromwell Hospital for more than 10 years and I found that my colleagues in the IT department are very helpful. Every time I am having confusion to my work I ask my workmate and they are willing to help me. They are very supportive to everybody.
C. What businesses processes (operational) are supported by the IT system in your workplace?
- IT Department is the one who's responsible for the entire computer and programs that being installed in the Hospital. They are responsible in installing the networking within the Hospital. If the department needs a unit they will call the IT. They are also responsible for the hospital admission process,
The function of the information Management Team is to manage information in such away that it enables them to be ahead of their competitors. The information that was acquired by Cromwell Hospital helps them to make decisions on the design of service they want to provide. There is a very good level of Strategic Fit between the Information Management Team and Service design since achieving accurate, timely information helps the Hospital to shape their service accordingly. In the beginning stages Cromwell wasn't providing efficient service some problems were unmanageable volumes of paper, limited physical storage space and misfiled documents, which slowed customer service and resulted to inefficient workflow throughout the organization.
Since Cromwell Hospital is a decisive service provider these forms of inaccuracy within their operations would be unacceptable since they are dealing with the general health and care of their patients. The Information Management Team investigated 20 document management products before finding File Vision. Cromwell Hospital purchased this software for £10'000 it was chosen because it could meet their requirements while providing a universal portal application offering access to every item of incoming or outgoing information in the organisation. File vision acted as a secure and easily searchable archive. This software also provided the necessary training to the I.T staff, the benefits of this would be that the change wouldn't be as drastic as it is and it will help the operations to run smoothly by limiting staff errors. This software helped to improve the service and it also caused the company to gain a high return on their investment.
At the moment Cromwell is using the information that they have to provide the best possible service, and continuously gathering information about their competition on a local scale like the NHS or internationally, such as areas like the Middle East in which they want to have more impact. Their quality of service is very important to the survival of the hospital since they are privately owned and their survival is based on continual support from paying customers.
Because they are aware of the implications of poor service, each potential patient comes to the reception and explains their particular medical problems since in a hospital the severity of the patient may differ; more serious cases are treated as an emergency. However there is a number of staff on call as the number of patients at a time may differ, but the hospital make sure that the patients are not kept waiting for unnecessary long periods of time. Moreover while the person is waiting there are magazines in place to keep them entertained. They even introduced a video of the BUPA story at the reception.
This service design was based on the fact that the Information Management team is quite updated about the fact that hospital waiting times have caused many hospitals to loose their reputation where there was a death or a worsening of the patients' condition due to the wait. One thing that may harm their level of service in terms of taking on more staff and improving service is the economic climate known as the Credit crunch. Also regarding their international markets, there is still a level of instability in terms of keeping international clients, and gaining more clients since there is a high level of competition.
D. How does management use the IT system to support their activities?
- Information technology system supports the hospital with the programs they use in the hospital. Information Management affects the level of service the hospital provides, since information that is negative shows that they need to make improvements and positive information shows that they need to continue with certain methods.
Technology plays an important part in retrieving and communicating information. In fact technology is a vital tool to Cromwell Hospital.
Correct information management helps the company in organising the time in which each patient can be seen.
E. Is your system part of a network? If so, who is the network administrator? How often do you interact with the administrator? What kind of issues do you discuss with the administrator?
- Yes, our network administrator name is Mr. Aldario Lopez, he used to come to the hospital every two weeks. We used to discuss about the Internet, unauthorized access within the computers, password stealing, data diddling, viruses, and computer security.
F. Are your computer systems connected to your customers, suppliers or partners? If so, describe how the system is used to connect to these entities.
- Yes, through internet they can browse our web site and if they are authorized they can log in to see how the hospital is progressing.
G. As your career has progressed, what changes in IT have you noticed and how have these changes in IT contributed to your performance.
-Awareness frameworks help senior executives assess the potential impact of IT on their business, opportunity frameworks assist in the identification of strategic applications, and positioning frameworks indicate how the IS function should be managed.
The proliferation and popularity of these heuristic devices indicate how much build-up there was for advice and information on IT strategy amongst corporations in the 1980s. The problem which was identified was a lack of understanding and awareness of the potential of IT on the part of senior executives. The solution was rational analysis of the potential impact of IT on firms and their industries, the provision of analytical tools and techniques, and exemplars of the strategic use of information systems. In this regard, the approach was consistent with the discourse on corporate strategy from which much of the impetus for an IT-strategy discourse emanated. The assumptions underlying such discourse are that problems can be analyzed and broken down into their component parts, whereupon rational solutions are devised and imposed upon the organization through top-down executive decisions and imperatives.
H. Has using the computer system at work influenced your life outside of work? If so, in what way?
-Yes, I became aware of those people stealing PINs for credit card and debit card. Even in the passwords of my computer.
I. What advice would you give to a new employee about the IT supported workplace?
- Try to explore all the applications that the Company used to their application. Don't be shy to ask your colleagues if you're a bit confused about your work. For sure they will support you.
J. How does information system in your company helps the organization?
- An information system needed to co-ordinate and control the flow of information in an organization, like the nervous system of an animal. Paper work system used to be satisfactory but like the dinosaurs is becoming extinct because they too cumbersome to survive in today are world Emarket. For organizations of any size, a computer network is now virtually essential. Also the shape of the information system must reflect the chains of command and channels of communication shown on the organization.
K. How important is the life cycle of the of an information system in your company?
- Information system should not be allowed to just grow as a natural outcome of conducting business. Such an approach always results in a complete mess of incompatible subsystems, with some functions duplicated and others missed out altogether. The only reliable way is to have the system designed and installed by a team of specialists who know about business and also about computers.
There are three main stages in an information system projects.
* First analyzing hoe the whole business is run
* Then designing on paper a suitable computer system
* Then, buying the hardware, installing and commissioning it.
L. Organizational issues in information system
The financial world and corporate community, in general, were rocked by the accounting scandals. These Scandals focused attention on the lack of ethical conduct on the part of a few individuals and the magnitude of the harm and financial ruin that can result. However, the technology field has been overtaken with other types of behavior that can affect anyone who uses technology. Computer virus and hacker attacks are intended to destroy data and software and disrupt computer services. In 2002, alone, more than 7,000 computer viruses were reported. Phishing attacks frequently target a specific group of people and are intended to secure personal information, usually financially related, from innocent and unsuspecting responders. Criminals are especially interested in acquiring social security numbers, bank account information, credit card numbers and other financially-related data that can help them to steal identities or money from unsuspecting customers. Bradford also reported that external hackers are the most significant risk to companies, but that a great amount of damage and threats to cyber security originates with insiders, especially disgruntled insiders. On the other hand, others contend that the most serious threats to computer security comes from individuals thought to be trusted insiders. Particular vulnerability comes from disgruntled and terminated employees. Although the two week notice for resignation or termination remains popular, terminating all network access upon notice of termination of employment is most effective. Paul Roberts in an eWeek article (2005) reports that, programs commonly referred to as “spyware” or “adware” have become very widespread. These programs monitor users' online behavior, threaten compliance efforts and intellectual property, and create problems for computer users and IT administrators, alike. It is reported by Webroot Software, Inc. that spyware is a £2 billion per year industry. It is also reported that a clean-up of spyware or adware will be an expensive challenge. Distribution of spyware is usually in bundles with such things as freeware and computer games. Some of the problems that prevail as a result of spyware include slow computer processing speeds and pop-ups taking over. Research attributed to Harvard Law School student, Ben Edelman indicates that adware and spyware bundling deals are lucrative, even for companies not in favor of inclusion. Some spyware companies will pay up to one dollar per install. Microsoft reports that approximately 33 percent of application crashes are caused by spyware. Remedies for spyware include installation of anti-spyware software and switching from the more vulnerable Microsoft programs (Roberts, 2005). Identity theft is the appropriation of someone else's identity to commit fraud or theft. One of the possibilities to help prevent identity theft in the future involves biometric technology such as fingerprints or voice scans used to verify the identity of credit applicants. The general sense at this time is that this may be a cure that is more costly than the problem to be solved. However, the consequences of identity theft are significant, and the financial impacts exceed billions of dollars each year. The victim is subject to loss of funds or other property, a tarnished credit history, a possible criminal record, difficulty in securing employment, and an inability to obtain goods and services. Identity theft is a problem that affects both individuals and organizations, and remedies must be developed. It became apparent after Y2K that security and privacy issues required attention. Viruses were very prevalent, operating system and application vulnerabilities were increasing and computer security breaches were increasing at an alarming rate. The organization's first line of defense, the firewall, was most likely installed because it was easy to install and maintain and didn't disrupt regular business applications. However, security from these early firewalls was absent. The cost of repairing damage from Internet attacks was staggering By 2003, there was a shift in attitudes toward security from perception as an expense side of the balance sheet to perception as an asset. In selecting firewalls, there was a notable increase in the evaluation of firewalls based on their ability to provide security. It remains imperative that firewalls, while being effective, must also be easy to manage.