Wednesday, May 6, 2020

Participation In Information Systems Risk â€Myassignmenthelp.Com

Question: Discuss About The Participation In Information Systems Security Risk? Answer: Introducation Revenue Cycle comprises various activities in a period of Sales, Trade Receivables, Working Capital, Stock and General Ledger. The functions performed in completing a cycle is procuring and write the orders of customers and note the cost of the goods sold. Management of the company has a good idea from this cycle is how to make revenue by performing these functions. Bad and Hasty decisions taken by the management: Internal controls of the company are made by the management of the company and when making the internal controls management has to identify the areas prone to the risk and identify its nature but in the case of Motherboards and More Pty Ltd made Internal controls in a hurried manner and it is not successfully implemented all over the company. Collaboration between the employees and staff: The employees and staff of the colluded against the policies of the company and it affects the internal controls system of the company. Inadequate performance of internal controls: The internal controls of the Motherboards and more are implemented in the company is very quick and because of that it is not implemented all over the company and the performance of internal control is really bad (Hammersley, et. al., 2008). Internal controls are made with the objective of analyzing the performance of an entity whether the functions performed by the management and employees are done with effectiveness and efficiency. Internal controls are made to check the compliance with necessary laws and regulations and they also work for the safeguarding of companys assets. The financial performance of the company affects when weakness presents in the internal control system of the company. And when the wrong information is provided the assumptions made by the company and policies framed by the company are also affected (Ashbaugh?Skaife, et. al., 2009). When Internal controls of the company are unable to find the problems in the organizations internal environment, then the conspiracy against the company increases, employees of the company made fraud against the company, the records of the company and financial information of the company is falsified. Conduct Detailed Fraud Risk Assessment: If the management of the company makes a detailed assessment of risk related to fraud then the chances of manipulation of records can be decreased. Appropriate Training to Employees: Give appropriate training to the employees and conduct various training programs and encourage the employees to take part in these programs which will help the entity in long run. C. Install Mechanical Devices: Mechanical Devices help the company in finding any suspicious activity conducted by the employees or management against the entity. These types of devices keep the members of staff in check and they work with the ethics (Spears Barki, 2010). Segregate Accounting Duties: Accounting work of the company will be segregated between the many persons and not give the entire accounting work to one person. Require Employees to take Vacation: Give necessary leaves to the employees and encourage them to go on vacation because of this they will feel motivated and not go against the company. Financial Statements checked by the Third Party: The financial statements made by the company will be reviewed by the third party outside the company like Audit team. Increase Oversight: various techniques and tools used by the management to increase the oversight of its employees like placing a camera in the workplaces. These Changes in Internal control will help the company in forgeable future and it also strengthens the internal control system and they will work with efficiency and effectiveness. The WannaCry Ransomware attack was happened in the year 2017 in the month of May by the Wannacry ransomware cryptoworm, WannaCry is Ransomware is made to advance quickly into the computers working on the same network and this worm encrypted the files in the computer by using a powerful encryption which is hard to crack and demand a huge amount in exchange of decrypting the encrypted files. It moves very quickly on the computers working under the Microsoft Windows operating system that does not have a required security patch. And it spread quickly on the computers which are not updated or they dont have the security patch (Luo Liao, 2007). They demand payment in the form of Bitcoin which is untraceable. It affects at least 100,000 organizations in 150 Countries. Internal controls which can be implemented by the management of the Motherboards and More Pty Ltd to protect the company from the threats of Potential ransomware attacks are as follows: Stay Updated: the management of the company has to remain up to date against the hacking threats posed by the hackers because if you have at least a piece of knowing what will happen from these attacks then there is a chance you might protect the data of the company. Conduct Regular data backups: The financial data of the company defines the financial performance of the company and regular backup of this data is made by the IT Department of the company and it should be stored offline (Brewer, 2016). Toughen up access control: The access control of the company should be changed time to time and passwords should not be easily guessed. Update Everything: Every system in the company remains up to date and all the software and firewall in the systems is to keep updated because hackers targeted that system first which is not updated and dont have required security patch (Mercaldo, et. al., 2016). Install Security Applications: various Security applications are available in the market to protect the data of the users and these types of applications should be installed in all the system which will make hard for the hackers to hack the systems of the company (Kharraz, et. al., 2015). Limit File Uploads: File uploading is a major concern because various threats come from the uploading the files to protect the data of the company limited files should be updated and firewall of the company should be updated. References Ashbaugh?Skaife, H., Collins, D. W., Lafond, R. (2009). The effect of SOX internal control deficiencies on firm risk and cost of equity.Journal of Accounting Research,47(1), 1-43. Brewer, R. (2016). Ransomware attacks: detection, prevention and cure.Network Security,2016(9), 5-9. Hammersley, J. S., Myers, L. A., Shakespeare, C. (2008). Market reactions to the disclosure of internal control weaknesses and to the characteristics of those weaknesses under Section 302 of the Sarbanes Oxley Act of 2002.Review of Accounting Studies,13(1), 141-165. Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., Kirda, E. (2015). Cutting the gordian knot: A look under the hood of ransomware attacks. InInternational Conference on Detection of Intrusions and Malware, and Vulnerability Assessment(pp. 3-24). Springer, Cham. Luo, X., Liao, Q. (2007). Awareness education as the key to ransomware prevention.Information Systems Security,16(4), 195-202. Mercaldo, F., Nardone, V., Santone, A., Visaggio, C. A. (2016, June). Ransomware steals your phone. formal methods rescue it. InInternational Conference on Formal Techniques for Distributed Objects, Components, and Systems(pp. 212-221). Springer, Cham. Spears, J. L., Barki, H. (2010). User participation in information systems security risk management.MIS quarterly, 503-522.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.