The post For writing assignment #4, the report to the supervisor, the first section of your report will be a memo. This discussion topic is designed to prepare you for wri is a property of College Pal
College Pal writes Plagiarism Free Papers. Visit us at College Pal – Connecting to a pal for your paper
For writing assignment #4, the report to the supervisor, the first section of your report will be a memo. This discussion topic is designed to prepare you for writing the memo.
In the past, you might have been told that memos should be direct and to the point.
However, when delivering bad news, or when attempting to persuade an audience to take action when they don’t understand why it is necessary to take action, starting the memo with a gentler tone can be more effective.
In the learning resources for week 5, you watched a video from the Purdue OWL, “The Basic Memo.” At the 3:26 mark of that video, the narrator mentions that, when delivering bad news in a memo or when trying to be persuasive in a memo, building up the main point can be an effective rhetorical strategy.
Cynthia Meason, from Small Business Chronice, in her article “How to Present Bad News in a Business Memo,” makes the case that a bad news memo should start with a statement that reflects good will.
The University of Houston-Victoria (UHV), in its tips titled “Bad News Correspondence,” points out that bad news correspondence should begin with an expression of appreciation.
With this in mind, please post a draft of your memo to Mark Carmen. Apply these principles of using a gentle tone, perhaps expressing good will or appreciation.
Make sure you have the correct headings at the top of the memo, and keep your memo to no more than 150 words.
Make sure you understand the situation described in writing assignment #4 before writing your memo.
Please take look of the attach documents
-
ReporttoYourSupervisorofS4answer.docx
-
assignment_sample_WA4_instructions_Report_to_RSmith_sampletohelpdotheassignment1.pdf
-
WritingAssignment4_ReporttoSupervisor-WRTG3936363AdvancedTechnicalWritingProfessorcomment.pdf
2
Report to Your Supervisor
Student’s Name: Jeannese Armah
Institution Affiliation : UMGC
Date:8/14/2024
Report to Your Supervisor
Memo
To: Richard Smith, Owner, Forrest Lawn Services From: Manager for Customer Service Date: 8/14/2024 Subject: Urgent: Addressing IT Personnel Policies and Security Risks
Dear Richard,
I am writing to bring to your immediate attention the following critical issues regarding our IT personnel policies and associated risks at Forrest Lawn Services. Being a new team member, it is my observation that while the current IT setup works, it has huge vulnerabilities that can expose us to operational compromise and security threats against some sensitive data.
Our company has grown so rapidly, and now we have an overly complex IT infrastructure in which only a few have access to key systems and information. This concentration of responsibilities raises many risks—operational disruptions and an augmented risk related to cybersecurity. If some of the key persons become unavailable—for example, through long sickness or resignation—the current arrangement could leave us open. Moreover, such a high level of concentration at the control level over sensitive data and systems could provide ways for misuse or malicious activity in cases of misconduct, which would seriously impinge on the reliability of our business and customer trust.
This report will try to point out and explain those vulnerabilities, together with their possible consequences on our operations, before proceeding to give a set of actionable recommendations on how to mitigate these issues and further improve our IT security posture. This will involve segregation of duties, compulsory leave policies, job rotation, updating vendor agreements, and setting up IT confidentiality agreements. These strategies can decrease the identified risks, provide greater stability of operations, and protect sensitive information that our customers have committed to our care.
I look forward to discussing these recommendations with you and to our continued collaboration in the effective implementation of measures that will provide a strong IT infrastructure and help protect the interests of our company.
Best regards, Jeannese Armah
Executive Summary
Recently, Forrest Lawn Services has been growing tremendously since its incorporation in 2010, thereby resulting in a very complicated IT infrastructure that now critical vulnerabilities plague. Today, Forrest Lawn Services’ IT operations are run by a few individuals who have been maintaining exclusivity to very vital systems and data. This concentration of responsibility comes with several risks, such as operational disruption and cybersecurity threats. Major concerns here include inadequate measures of redundancy, backup provisions against certain possible misuse of sensitive information, and the general risks involved in IT functions that are heavily entrusted to individual employees.
It identifies such issues and recommends their reduction by implementing the best practices. Some of the measures that are put forward include segregation of duties, compulsory vacations, job rotation policies, revised agreements with vendors, and IT confidentiality agreements. All these steps will go a long way in ensuring an enhanced security posture, business continuity, and safeguarding sensitive customer information.
The Problem
Single Point of Failure
Such rapid growth has concentrated critical IT responsibilities at Forrest Lawn Services, resulting in several single points of failure that create enormous risks to the operation.
As of now, Jack Johnson represents the only individual who has access to the customer database which CloudCorps maintains. In effect, if Jack gets ill, resigns, or becomes unavailable for any other reason, then the company will also be without access to that very crucial data. Not having any backup plan to access the records of the customers can have serious operational disruptions including delays in service delivery and problems with customer support.
Moreover, Sandra Davidson is the only one who can modify and update the firm’s website, which is another very important aspect of our existence online, especially in terms of contacting clients. If Sandra does not go to work, the website remains the same, and therefore some opportunities may never arise, and there might be a reduction in the contacting of clients.
Marsha Nolton also has similar risks associated with the company’s blog, which she single-handedly managed. It is one of our most important marketing tools since we use it to give service updates, promotions, and other news. If Marsha isn’t available, nobody is updating the blog, and our marketing efforts suffer accordingly, plus the communication with clients.
Another critical person, whose permission was required to solely access payroll documents stored on the cloud, was Jared Stone. This therefore puts his absence at risk when it comes to processing payroll and eventually paying employees, which places financial operations at risk as well.
Cybersecurity Risks
This current IT setup not only has the risks of disrupting operations but also opens the company to very critical cybersecurity threats. With each employee having full control over sensitive information and systems, the possibility of data breaches and their misuse is highly likely.
For example, if Jack Johnson happens to turn disgruntled or maliciously inclined, he can have unfettered access to customer data and change or even compromise sensitive information of customers. This presents a severe threat to customer privacy and a company’s reputation.
Also, Sandra Davidson having single control of the website and Marsha Nolton managing the blog alone are vulnerabilities that can be exploited if either of them acts maliciously or negligently. Also, the fact that none of these critical functions has supervision or backup increases the potential for a security breach.
Operational Disruptions
This high concentration of IT responsibilities also creates a risk to our operational continuity. The absence of some of these key IT personnel in the company will cause many lapses and discontinuities in operations. For instance, in the absence of a customer database, the company cannot manage client relations or respond to service problems(Workman, 2021).
Moreover, the online visibility and engagement that the website and blog draw from the clients may be reduced if content is not regularly updated. This will finally affect our marketing efforts and the general performance of our business.
Suggested Solution
Separation of Duties
To address this identified risk, separation of duties has to be followed within the IT department. Distributing critical IT responsibilities among different employees would minimize dependence upon a single individual, thereby greatly decreasing the risk due to a single point of failure. This technique guarantees specific roles and responsibilities to various members of the team and ensures that no one member of this team has exclusive control over the critical systems and data.
For example, the customer database should be accessed by several people with differentiated levels of access to the same database, so if one is out of service, the others can go on with the flow of data management. Likewise, website management and update policies with blogs are to be distributed among some people so that at least someone can do the needful if another is out of commission.
Mandatory Vacations
Another best practice for designing out the current vulnerabilities would include mandatory vacations for every key IT personnel. Having a policy that mandates regular, scheduled vacations for staff ensures that the position of each worker is covered, so the incumbent is on vacation. This permits the discovery of any potential problems that might occur and allows other team members to know about these critical systems and processes.
Mandatory vacations also enable access controls and procedures to be reviewed for updating, and their effectiveness and security to be checked. This prevents some potential problems from going unnoticed and makes sure that, in case of the absence of key personnel, the company can continue to flow without a hitch.
Job Rotation Policies
Introduce job rotation policies in the IT department, which can further improve our security and operational continuity. Job rotation is a periodic change of roles and responsibilities of the employees to enable them to gain experience in another area of the IT function. This will ensure that more than one individual becomes familiar with different critical systems and processes, hence breaking dependency on any one person(Jones, 2020).
Job rotation is also a way to identify security vulnerabilities that might arise and provides opportunities for employees to gain a better understanding of the company’s IT structure. This helps in sharing knowledge among people and collaboration, thus making our security posture much stronger.
Agreements with Vendors
Agreements with CloudCorps and other vendors need to be updated so that the IT requirements are secure and effective. There should be provisions regarding secure access management, backup processes, and procedures or protocols for handling sensitive information in these agreements.
Such vendor agreements need to specify their roles and responsibilities regarding the management of access credentials and data security. Secondly, the vendor policy needs to be changed to make it according to our internal security requirements to save our systems and data from threats.
IT Confidentiality Agreements
For instance, the implementation of IT confidentiality agreements for all IT personnel will act to set clear protocols for sensibly dealing with sensitive information. These confidentiality agreements should spell out the inch-by-inch responsibilities of an employee in matters to do with data integrity and security; access management; handling of confidential information, and other relevant responsibilities(Coles-Kemp,& Theoharidou, 2010).
Nondisclosure agreements give the employees an understanding of how important sensitive data is, and they follow the procedures that were put in place for administering access and information security. An agreement of this kind presets the calendar of any likely breach or incident that must be addressed.
Conclusion
Forrest Lawn Services is a growing firm with a subsequent increase in its IT infrastructure, thereby raising several sensitive vulnerabilities. The current set-up elaborates on a large amount of risk that is posed to the operational continuity and the security of the firm. Following through the noted control suggestions of segregation of duties, compulsory vacations, job rotation, updated agreements with vendors, and IT confidentiality agreements, the company enhances its posture of security and ensures the continuation of business with the sensitive information of customers. Addressing such issues head-on will allow us to protect our operations and commitment to great customer service.
References
Coles-Kemp, L., & Theoharidou, M. (2010). Insider threat and information security management. Advances in Information Security, 45-71. https://doi.org/10.1007/978-1-4419-7133-3_3
Jones, B. A. (2020). Emergency management: Best practices. Encyclopedia of Security and Emergency Management, 1-6. https://doi.org/10.1007/978-3-319-69891-5_132-1
Workman, M. (2021). Information security management. Jones & Bartlett Learning.
image1.jpeg
,
Writing Assignment Report to Your Supervisor
Summary of the Assignment: • Task: In this assignment, you will write a short report to the owner of a company to which you
have just been hired.
• Length: 1500-2000 words.
• Graphics: You must integrate at least one graphic
• Sources: You will integrate at least three sources into the report.
The Situation and Your Role In It You have been hired for the position of Manager for Customer Service at Forrest Lawn Services, a
landscaping company.
Forrest Lawn maintains a robust business in landscaping both residential and business properties. The
company has many clients in the local DC-Maryland-Virginia (DMV) area.
The landscaping staff that services residential and business properties comprises 75 individuals. In
addition, the company has several staff working in its office in Landover, Maryland. Included among
these office staff members is the IT Department, which consists of 10 employees.
The growth of the company has led to some problems that concern you as a new employee.
The History of Forrest Lawn Services
Some history on the company will help to explain the problems Forrest Lawn has now.
Forrest Lawn started off in 2010 as a small outfit, owned and operated by Richard Smith. Richard grew
up in Prince George’s County, Maryland. He graduated from high school and took a few courses at a local
community college. He never graduated from the community college but instead, after completing 18
credits, decided to leave school to start a landscaping business.
Richard started off the business with one truck, three lawn mowers, and a few helpers. He operated the
business out of his house. Eventually, as the number of clients grew, so did the number of trucks, lawn
mowers, and pieces of equipment. He added new employees to assist with the landscaping.
Richard eventually leased office space in Landover in order to have a more professional and scalable base
from which to operate the company. In addition, as the company grew and its office staff grew, so did the
technology and IT needs.
For the IT needs of the company, Richard took several steps. He hired a web developer, Sandra Davidson,
to develop a website for Forrest Lawn. Sandra used WordPress as the platform. Richard later hired Jack
Johnson to develop and maintain a database of customers, past and present. The database includes
personal information on the customers, such as physical addresses, email addresses, and, for some, credit
card information.
Eventually, Richard hired a few more IT employees, all of whom persuaded Richard to put the company’s
database on the cloud instead of purchasing an expensive server to maintain in the office. Richard agreed.
The company then contracted with CloudCorps, a local cloud company.
The IT Department grew as the company grew. Marsha Nolton was later hired. She maintains the
company blog, also on WordPress, but with a different account from that of the website. The blog is an
effective marketing tool. It provides weekly updates on services, deals, and other information on the
company. In addition, other functions began to involve IT. Jared Stone was hired to run payroll for
Forrest Lawn. With Jared’s input, the payroll information was put on the cloud. CloudCorps maintains all
payroll information on its servers.
Problems That Have Developed
Richard, in hiring the IT staff and organizing the department, was not privy to best practices in security in
the area of IT. As a result, some problems have developed.
For example, only Jack has access to the database of past and present clients. Jack logs into the system
with an ID and password that CloudCorps has provided him. This is not an ideal situation. If Jack were to
experience a medical emergency and become unavailable for a period of time, no one else at Forrest
Services would have access to the database. If Jack were to leave the company, no one else at Forrest
Services would be able to perform his duties. In addition, CloudCorps has a company policy that forbids
it to provide login or password information to anyone other than approved individuals. The only approved
individual now is Jack.
Moreover, Sandra maintains the website through WordPress. She uses her personal email and password to
log into the system. But she is the only individual in the office who has access to or is able to update
anything on the website. Again, if anything were to happen to Sandra, Forrest Lawn would be stuck. No
one else in the company can update its website.
Marsha manages the company’s blog, also on WordPress. The blog is an excellent marketing tool, with
weekly updates on services, deals, and other information on the company posted weekly. However,
Marsha is the sole maintainer of the blog. No one else at Forrest Glenn has access to the blog to update it.
Jared runs payroll. Like the others, he is the only individual with any access to the payroll records.
Because the records are also on CloudCorps, if something were to happen to Jack, no options are
available for anyone else in the company to access the payroll records.
Overall, Forrest Lawn grew at a rapid pace. Richard Smith applied excellent management skills in
growing the landscaping business. However, Richard needs help in establishing responsible IT personnel
policies for the company. Richard has no background in this area.
Richard is not aware of the problem the current arrangement poses.
Your Concern About the Situation
As a new hire at Forrest Lawn, you have observed this situation, and you are concerned. The current
arrangement leaves the company in a very vulnerable situation if one of these individuals experiences a
medical emergency or has to leave the company for any reason.
In addition, the current arrangement poses a cybersecurity danger to the company. Any one individual, if
he or she is dissatisfied with the company or becomes disgruntled for any reason, can take advantage of
Forrest Lawn and do great damage with the IT function the individual controls.
For example, personal data on customers resides with CloudCorps’ servers, which only Jack Johnson can
access. If Jack were to develop a toxic relationship with the company, Jack could use his sole access to
customer records and wreak havoc with them, possibly manipulating the company with his control or
simply compromising the privacy of the customers. Forrest Lawn, not Jack, would be liable in such a
situation.
As Manager for Customer Service, you realize that many of the potential problems that could arise at
Forrest Lawn will have an impact on your area. Customers will not have records updated, will not be
billed on time, will not receive blog updates, and will be impacted in other ways if any of the situations
described above occur.
Moreover, if customers’ records are compromised, you will have a customer service crisis on your hands.
Your Task You are to write a short report to Richard Smith, the owner, and point out the problem with the current
personnel policies at Forrest Lawn. You also want to suggest some basic steps the company take take to
address the situation before a problem arises.
Some concepts and strategies you might want to point out to Richard include the following:
• separation of duties
• mandatory vacations
• job rotation policies
• agreements with vendors, including password and other login information
• IT confidentiality agreements
Your report will
• be 1500-2000 words in length.
• incorporate at least three references.
o Integrate more than three references if you would like.
o Cite and list them in APA 7th edition style.
• include at least one graphic. The graphic should demonstrate either the current personnel arrangement
(and the problems it poses) or your proposed personnel arrangement (and how it addresses the current
problems) or both. Of course, if you would like to include more than one graphic, you may do so.
You will need to apply the following Golden Rules of Technical Communication:
• Rule #1: Paper is Permanent. Make sure your word forms are accurate and your grammar and mechanics
are correct. Others in the company in addition to Richard might see your memo. It is not only Richard who
might be judging your message based on the quality of your writing.
• Rule #2: Know your Audience.
o Keep in mind that you are writing to Richard Smith. He is your primary audience. He is not an IT
expert, nor is he a human resources professional. In addition, consider his education level and his
lack of acumen for IT-related matters.
o Note that Richard is your boss. You are writing to a superior about a problem that he does not
realize is a problem.
o Understand that, while Richard is your primary audience, other members of the IT team are
secondary audiences. They might see your memo eventually.
▪ Consider their level of education. Some of them have bachelor’s or master’s degrees.
▪ Don’t offend them. You don’t want to write anything that would cause a problem
between you and members of the IT Department if they see your memo.
• Rule #4: Break It Out. Instead of writing long, thick, dense paragraphs, you want to write readable text.
o Bullet information in places if necessary
o Write short, crisp sentences that are readable.
o Write short paragraphs rather than long ones, as you deem necessary.
Use your judgment about how to break out your text as you consider the rhetorical situation.
• Rule #7: Signpost. Use headings to help Richard navigate your document. Provide a table of contents to
help Richard see the different sections of your report and help him to find them easily.
• Rule #9: Contemplate Before You Illustrate. As you construct your graphic, make sure it adds to your
document and does not simply dress up the document. Consider how best to illustrate the current problem
or the possible solution with your graphic(s).
• Rule #10. Cut the Fluff. Richard is a busy business owner. He is not expecting your report. He has not
budgeted time in his schedule to read it. You will need to communicate the current problem and suggest an
alternative to it without getting wordy or including information that is not helpful to your purpose.
How the Report Should Be Organized
Your short report will have the following sections:
• Memo (written to Richard Smith) – no more than 150 words
• Executive Summary – no more than 300 words
• The Problem
• Suggested Solution
• Conclusion – no more than 200 words
• References
The bulk of the report will be The Problem and Suggested Solution. These two
sections together should compose half or more of the length of the report.
,
L_2024_rubric_WA4_Report_ Course: WRTG 393 6363 Advanced Technical Writing (2248)
Criteria Complete Incomplete Absent Criterion Score
length / 20
number of
graphics
/ 10
number of
Sources
/ 20
Scholarly or
Trade Journal
sources
/ 10
20 points
1500-2200 words
10 points
fewer than 1500
words
0 points
10 points
has at least two
graphics
0 points
has 1 graphic
0 points
has no graphics
20 points
has at least five
sources cited in
the problem
and/or solution
sections of the
report
10 points
has three to four
three sources
OR
has four sources,
but they don’t all
support the
problem or
solution of the
report.
0 points
has two or fewer
sources
10 points
has at least two
sources from a
scholarly or trade
journal
2 points
has a source listed
from a scholarly
or trade journal.
0 points
has no sources
from a scholarly
or trade journal
9/7/24, 12:40 AM Writing Assignment #4: Report to Supervisor – WRTG 393 6363 Advanced Technical Writing (2248) – UMGC Learning Management …
https://learn.umgc.edu/d2l/lms/dropbox/user/folder_submit_files.d2l?ou=1249229&isprv=0&db=1696189&cfql=1 1/7
Criteria Complete Incomplete Absent Criterion Score
Memo / 4
Executive
Summary
/ 8
4 points
The memo is
written to Mark
Carmen and alerts
her to the
problem and
solution.
2 points
The memo is not
written to Mark
Carmen.
OR
The memo does
not explain the
situation to Mark
Carman.
0 points
8 points
The executive
summary is no
longer than 300
words, and it
provides Mark
Carmen a clear
summary of the
problem and
solution. Mark
Carmen
understands the
whole scope of
your report by
reading the
executive
summary.
4 points
The executive
summary is longer
The post For writing assignment #4, the report to the supervisor, the first section of your report will be a memo. This discussion topic is designed to prepare you for wri appeared first on College Pal. Visit us at College Pal – Connecting to a pal for your paper