Brou Marie Joelle Alexandra Adje

The article I read is about a massive atm attack in india which hit 3.2 million accounts from multiple banks and financial platform. Probably the biggest data breaches to date. The majority of the stolen debit card information are powered by VISA or Mastercard.
Hackers used malware to compromise the Payment Services platform, used to power…[Read more]

This makes me think about a company I worked for, we also had a spreadsheet with different account passwords that we commonly used on an everyday basis. The only difference Is that the spreadsheet was password protected. But still not the most secure thing to do. Why? For the simple reason that Excel passwords can easily be cracked (no matter…[Read more]

Indeed Joshua, strong passwords can be very cumbersome and when you think about it, how many account do we all have online? can you imagine create strong password like that for each of them? There is absolutely no way, even with only 10 accounts, you can create passwords that are strong, unique and memorable. Maybe the safe thing to do is having…[Read more]

Both software and networks present risks and have the potential for malicious hackers to gain access to sensitive information inside the network or inside software that have access to the network.

You mentioned that “whether they are big or small they should focus on network security.” that’s right. However I think that small businesses are…[Read more]

You’ve used various computer systems in your lifetime, career. System security is complex and often maligned as cumbersome, difficult, bureaucratic, etc. Have you seen these problems in your experience? Explain

The company I worked at forced us to change our password to access several online systems each month. Password had to be at least 8…[Read more]

Wow!I would be very annoyed with all these protocols. But when you think about it, security goes with complexity. However, I think at a certain level of complexity people will start disregarding the official policy entirely and make the system more vulnerable.
Thanks for sharing Sean

i definitely agree with you Sean about the fact that business focuses more on network security.And that is totally understandable because now more than ever, businesses depend on their network for their most important business operations, such as communication, inventory, and trading with partners. An insider fraud can be hidden but a network…[Read more]

2)What is the relevance of only being able to have one posting period open at a time for real time postings? What does this prevent from happening?

In a business usually only one current posting period is kept open for a financial year to enter transaction related to that month, all other posting periods being closed. ( in general, the…[Read more]

Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software

The article I read is about the fact that people when trying to protect themselves from virus , malware etc actually run the risk to use fake securing tool. Indeed, hackers use now fake versions of encryption tools in order to infect as many victims as…[Read more]

Wenlin , I like that you mention that companies should ” Pick a transparent vendor with proven risk management processes”. In fact, a way to eliminate some of the risk when hiring an outside IT provider is for a business to do their homework. Most IT provider will claim to ensure high quality, but where’s the proof? Organizations shouldn’t hes…[Read more]

Overall, I think due to the loss of control (real or perceived) when hiring an outsourced IT provider. It is important for businesses to put together an agreed-upon plan with their IT providers ( that the best way to mitigate outsourcing risk in my opinion). the plan can include :
Timelines for meetings
Updates and issues that the provider or…[Read more]

Definitely agree on service metrics.
I remember reading that many companies that outsourced parts of their own internal IT to a service provider a number of years ago and have since procured IT services externally, subsequently in many cases find themselves subjectively dissatisfied with the services they receive. Why? because no objective…[Read more]

Sean, you can also add to the list of benefit : risk sharing. In fact, outsourcing certain components of the business process helps the organization to shift certain responsibilities to the outsourced vendor. Since the outsourced vendor is a specialist, they can even plan the risk-mitigating factors better.

4. Outsourcing and SLA audit questions

Are management requirements and expectations clearly defined in the contract?
Do policies regarding purchased services, and, in particular, third party vendor relationships exist?
Were vendor selection processes followed?
Do contract reviews and approval processes exist and were they followed?
Were…[Read more]

Explain common SLA issues identified by auditors

Too Complex. These documents are not usually short and precise in defining the services the supplier provide and the level of service the supplier and their customers agree on.

No measurements. If you do not have the technology and tool sets to track and report the timed-service events by r…[Read more]

The risks of outsourcing
• Possible loss of control over a company’s business processes
• Problems related to quality and turnaround time
• Sluggish response times coupled with slow issue resolutions
• Issues pertaining to lingual accent variation

Mitigation plan associated with the above risks :
• Well planned milestones, immediate…[Read more]

1) What are the benefits and risks of out-sourcing?
Benefits of outsourcing
• Better revenue realization and enhanced returns on investment
• Lower labor cost and increased realization of economics of scale
• Opportunity for innovation
• Frees management time, enabling companies to focus on core competencies
• Increases speed and the quali…[Read more]

Food for thought :

IT personnel interact with business representatives including the accounting and finance department to determine the technologies required to align with the needs of the business. Hence, a clear understanding of how business users build, access, share and use data helps the IT department to design and implement solutions…[Read more]

4. How important is it for people responsible for general I/T controls (e.g. Network, workstation, Server and data base security) to know about how the ERP system works?  What is one (1) specific thing they should know?

 IT is driving business growth and it is now part of corporations. One of the main goal of ERP is to facilitate the flow of…[Read more]

Yulun, I am actually tempted to say the opposite. When I think about it, usually job description for auditor or accountant require knowledge of IT, but rare are the cases when I came across a job description for an IT position requiring finance of accounting knowledge.