Question

Floor Candy is a small firm that manufactures high-quality rugs and carpets. Using special software, the company can translate a customer sketch into an attractive custom design. Three years ago, the IT staff developed a Web-based order system. The system has performed well, and most maintenance has involved correcting minor errors. Now the company would like to add more features, including menu-driven design tools, and a more customer-friendly interface.

 Tasks

 1. What types of maintenance has the IT staff performed? What types of maintenance will they perform if new features are added?

 2. If new features are added, what methodology should the IT staff use to add the functions and enhancements?

 3. What IT security measures should the firm adopt? Prepare a security checklist, and be sure to consider all six security levels.

 4. Even though the new system is only three years old, the marketplace changes constantly. In three more years, should Floor Candy consider replacing the new system? What factors and information should guide that decision?

Answer 1

1. At this point, Floor Candy’s IT staff is performing corrective maintenance to the system. Adding new features will involve adaptive maintenance. To improve performance, the IT staff will perform perfective maintenance
2. Floor Candy should use a maintenance release methodology to add new functions and

enhancements. Using this approach, all noncritical changes will be held until they can be

implemented at the same time in the package called a maintenance release.

1. Answers will vary. Instructors can refer to the list of issues. In addition, the

following is a checklist that a company might use to assess security and prepare for future

security threats and problems:

Physical Security

- Survey the security of the computer room at various times and days of the week, and

attempt to enter the computer room security perimeter.

- Assure that each entrance is equipped with a suitable security device.

- Determine whether all access doors have internal hinges and electromagnetic locks

equipped with a battery backup system.

- Test biometric security devices, if any.

- Test video cameras and motion sensors, if any.

- Check each server and desktop computer case to determine whether it has a locking

device.

- Try to identify any server or computer case that would permit the installation of a

keystroke logging device.

- Determine whether tamper-evident cases are, or could be, used.

- Find out whether monitor screensavers are being used on any server or workstation

that is left unattended. See if BIOS-level passwords, boot-level passwords, or power-

on passwords are in use.

- Examine notebook computers to assure that each has been marked or engraved with

the company name and address, or a tamper-proof asset ID tag.

4) If the features and up[dations are not good in implementing in that software definitely without any doubt it will be replaced by the other software so there must be very carefull keen observation regarding the devoleping and consistency in maintainance of the software.