-
Binu Anna Eapen commented on the post, Week 8: Questions, on the site 7 years, 12 months ago
Yeah I totally agree with you Alexandra. How safe is it to have a single password protecting software to protect all password?. If the attacker has just to break a single password to obtain every other detail of a person is it not risky? Obviously it is convenient, but can you imagine the amount of information that can be lost if this system was hacked.
-
Binu Anna Eapen commented on the post, Weekly Question #7: Complete by November 10, 2016, on the site 8 years ago
Well put Said. By closing the previous posting period you are forcing the people who are entering the data to be responsible for the data entry and also ensures that no changes can be made to the previous postings. This way even if there is any discrepancies, it will be easily identified and corrections can be made by the authorized person. This…[Read more]
-
Binu Anna Eapen posted a new activity comment 8 years ago
3. Consider the list of financial and accounting controls. Rank them. Which to you believe is the most important, the least. Why?
Some of the controls for financial accounting as mentioned below:
1. System and Authorization procedures should be in place to provide accounting control over revenue, expenses, assets/ liabilities. Only the…[Read more] -
Binu Anna Eapen posted a new activity comment 8 years ago
Nice post Andres.
RTO- ‘Recovery Time Objective is the targeted duration of time, a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.’
As per the ‘Homeland Security (2012) Federal Continuity Directive 1…[Read more]
-
Binu Anna Eapen posted a new activity comment 8 years ago
Nice post Vaibhav. Sometimes it is not possible to have a full operational BCP test as it can be expensive and also result in a loss of productive time.To conduct a full operational test , the organization should have tested the plan well on paper and locally before completely shutting down operations.
Other alternate methods are
1. Desk-based…[Read more] -
Binu Anna Eapen posted a new activity comment 8 years ago
How to recover from a disaster:
This article talks about the importance for recovery plan. Disaster Recovery(DR) is a part of Business continuity plan and can result in success and failure of an organization. As per the 2014 Disaster Recovery Preparedness Benchmarking survey 60% of the company’s didn’t have a documented DR strategy. 40% fel…[Read more]
-
Binu Anna Eapen commented on the post, Week 7 Questions, on the site 8 years ago
Nice post Fred. I like the way you have given the controls for each issue.
Having an approval process will mitigate the risks caused by single handling of a process. And by verifying the inventory values helps I reducing risks double entry, incompleteness, wrong entries etc.
-
Binu Anna Eapen posted a new activity comment 8 years ago
1. Are the terms Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) synonyms or are they different? If they are different, what are the differences?
Though Business Continuity Plan and Disaster Recovery plan are used interchangeably they have different meaning.
Business continuity plan is business centric and people centric and…[Read more] -
Binu Anna Eapen commented on the post, Week 7 Questions, on the site 8 years ago
Nice post Priya. Great point about the different currencies in different countries. The exchange rates vary daily and poses a great deal of understanding to have controls around it.
The government laws are different, cultural differences, the import/export policies all needs to be considered and so it becomes important to understand the…[Read more]
-
Binu Anna Eapen commented on the post, Week 7 Questions, on the site 8 years ago
I think if the question is only related to general IT controls related to Network, database or workstation then there is no need for IT personnel to understand ERP and its processes. Obviously knowledge about anything only adds value to the person and gives him a better understanding and gives a different viewpoint in finding solutions to…[Read more]
-
Binu Anna Eapen commented on the post, Week 7 Questions, on the site 8 years ago
I agree with you Yulun. Proper segregation of duties, defined access controls and educating the employees are great controls to avoid risks from a non financial business functions.
By properly assigning duties and giving accesses on need base requirement can mitigate most of the risks..
And if an access is given for particular account, proper…[Read more] -
Binu Anna Eapen commented on the post, Week 7 Questions, on the site 8 years ago
2. As we continue to learn about business processes and ERP systems we often discuss financial or account related terms and concepts. How much finance and accounting knowledge should IT personnel supporting business applications know and learn? Explain
An IT personnel who is supporting business application should have a general understanding…[Read more]
-
Binu Anna Eapen commented on the post, Week 7 Questions, on the site 8 years ago
4. How important is it for people responsible for general I/T controls (e.g. Network, workstation, Server and data base security to know about how the ERP system works? What is one (1) specific thing they should know?
I think it is necessary for people responsible general IT controls related to Network workstation, Server and database security…[Read more] -
Binu Anna Eapen posted a new activity comment 8 years ago
Turkey blocks Google, Microsoft and Dropbox to control the data leaks.
As a result of the release of 17GB worth of leaked government emails, Turkey blocked access to Google, Microsoft and Dropbox services to suppress mass email leaks. The nation-wide censorship attempt was launched on 8th October.
Analysis has revealed that Google drive…[Read more]
-
Binu Anna Eapen commented on the post, Week 6 Questions, on the site 8 years ago
I agree with you about not being able to deliver the product in time would infact be nerve racking for me tooI have worked for customer service and had to face customers when we were not able to deliver the service in time. It is difficult to explain as you know for a fact that it was your mistake.
Probably informing the user earlier of the…[Read more]
-
Binu Anna Eapen commented on the post, Week 6 Questions, on the site 8 years ago
I think the sales teams main goal would be to market and sell their products rather than maintaining the transaction records about the payment. I think accounting team should be responsible for that.
-
Binu Anna Eapen commented on the post, Week 6 Questions, on the site 8 years ago
I guess your motive for this would be ensure bad reputation for the company. I guess in competitive environment,the competitors try this type of attack to improve their sales and to defame the other company so that the customer base shifts to using their products.
-
Binu Anna Eapen commented on the post, Week 6 Questions, on the site 8 years ago
I agree that Finance team should be responsible for the collection process. But I feel that they may need to check with the Sales team to have all the facts right like the bills, if any discounts were given etc.
-
Binu Anna Eapen posted a new activity comment 8 years ago
To add
1. Tailgating can pose a risk.
Control: It can be mitigated by having a security person in place to just watch who comes and who goes out
2. Sometimes vendors or contractors are allowed inside the building without a badge accompanied by an employee.
Control: By having a physical registry keeping track of the people coming inside…[Read more]
-
Binu Anna Eapen posted a new activity comment 8 years ago
What are the sources of Electromagnet Pulse (EMP)? Why is it a physical security threat? How can an organization defend itself against EMP?
EMP, electro magnetic pulse is a short burst of electromagnetic energy. It can be due to natural occurrence like lightening or manmade.
EMP radiation can be caused by detonation of a nuclear bomb, a solar…[Read more] - Load More