Vu Do

  • Vu Do posted a new activity comment 1 day, 3 hours ago

    74

  • Vu Do posted a new activity comment 2 days, 5 hours ago

    72%

  • Vu Do posted a new activity comment 1 week, 5 days ago

    Quiz 70%

  • Vu Do posted a new activity comment 2 weeks, 1 day ago

    Domain 2 Quiz 2 – 66%

  • Vu Do posted a new activity comment 2 weeks, 3 days ago

    Quiz 3, 68%

  • Vu Do posted a new activity comment 2 weeks, 3 days ago

    Domain 2 Quiz 3 50 Questions 70%

  • Vu Do posted a new activity comment 3 months ago

    Technology is taking over everything in an organization now a day and will continue to be incorporated more into businesses everyday use. Employees are using it to gain access to buildings, remote access to the system from anywhere in the world and restaurants are using it to take our payments right there are the table. With that, I believe both…[Read more]

  • Vu Do posted a new activity comment 5 months, 2 weeks ago

    Annamarie, you raise a good point about unforeseeable controls that could arise later on after the design phase has been completed and production is in order. New controls would have to be put in place to deal with any new problems that arise and during the design phase you cannot predict that this problem would occur to deal with it. This is a…[Read more]

  • Vu Do posted a new activity comment 5 months, 2 weeks ago

    3. A person’s character is very crucial in the audit industry. How would you build your reputation and maintain a good ethical character in this industry?

    I would work hard and make sure everything I do has a paper trail to prove I did this and that. I would want to build my reputation up and make sure people know that I am dependable and my w…[Read more]

  • Vu Do posted a new activity comment 5 months, 2 weeks ago

    2. In the Real World Control Failures we’ve reviewed, describe the character of the leaders involved. Is it a root of the control failures?

    The leaders where not IT orientated and did not oversea the work as often as needed to be. They did not focus on controls in place and that is why it failed ultimately. They need to have some interest in t…[Read more]

  • Vu Do posted a new activity comment 5 months, 2 weeks ago

    1. How much of automated controls should be desired? Is it beneficial to consider controls at the initial design phase or controls are introduced as and when needs arise?

    A certain amount of automated controls should be implemented depending on the job procedure. They are important since they can get done more than humans and they eliminate…[Read more]

  • Vu Do posted a new activity comment 5 months, 3 weeks ago

    Kevin, thorough analysis and summary of the events of what lead to the breach, great work! I agree with the encryption was the biggest weakness in what lead to the breach of TJX. The fact that all it takes is a second of data can be taken by a hacker and that the hackers knew that there was no proper security policies is worrisome. You are right…[Read more]

  • Vu Do posted a new activity comment 5 months, 3 weeks ago

    Ruslan, great analysis and if the audit team kept a detailed log, TJX could have provided the court with valuable information regarding who and what file were modified at any given time. This could have led to the people who committed these crimes. Due to their data being unencrypted millions of credit cards were taken. If the audit team noticed…[Read more]

  • Vu Do posted a new activity comment 5 months, 3 weeks ago

    I completely agree with you Julien, the Auditors’ poor practices are what led to their security being breached. If the auditors complied with the 12 information security practices it could have prevented the wireless hack and prevented millions of credit cards being breached. Being able to access the Kiosk with an external USB is a huge mistake o…[Read more]

  • Vu Do posted a new activity comment 5 months, 3 weeks ago

    Very detailed analysis Sarush! Your points on how TJX had a lack of network monitoring was very thorough and made sense, TJX had so many entrance way to their system for hackers to access. The auditors miss that and during that audit and it was not caught till it was too late. The proposal you stated would definitely solve the problem and will let…[Read more]

  • Vu Do posted a new activity comment 5 months, 3 weeks ago

    Security Auditing of TJX passed the PCI DSS check-up which would assume that everything was in order but that was not the case. There were major issues present that the audit did not find and the extent of which could have identify the issues within the system. TJX systems has three major key problems identify in the article, “the absence of…[Read more]

  • real-world-control-failure

    Thank you,

    Vu Do

  • Vu Do posted a new activity comment 5 months, 3 weeks ago

    Nice List Ian, you hit all the right points on why control framework is needed to guide IT auditing. Everything you said is to ensure the controls in place for the organization are working properly and there are controls in place to mitigate risk. It all flows smoothly and sound, business value at the end ties it all together by having the control…[Read more]

  • Vu Do posted a new activity comment 5 months, 3 weeks ago

    Good analysis Tamer, a control framework is the basis for business to establish its internal controls around and also for the audit process and procedures like you mention. Everything the organization does will be center around the control framework to make sure that everything is running smoothly and everything being done will help mitigate risk.…[Read more]

  • Vu Do posted a new activity comment 5 months, 3 weeks ago

    Agreed Daniel, the control framework acts as a manual or guide for IT auditors to look to for comparison of controls when conducting an audit. It helps to make sure that everything is being done correctly. If there is an issue, then they can look to it to see if there are any issues and why those issues may have occurred.

  • Load More
Skip to toolbar