-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
2. List common control issues associated with operating systems and remediation strategy/plan.
The following control issues are associated with the operating systems:
• File and share permissions that give up everything to everyone
• Lack of malware protection
• Lack of personal firewall protection
• Weak or nonexistent drive encrypt…[Read more] -
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
1. Why is so important to protect operating systems?
It is important to protect OS from below factors:
• Protecting the Security of an OS provides the ability to protect it from unauthorized access. It helps in managing the integrity of an OS system and provides the ability to restrict which programs can enter states to exercise hardware i…[Read more]
-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
Very well quoted Binu.
Quotation or order entry is most vulnerable to human errors or frauds.
For this reason companies are using IT systems like Point of Sale so that such issues can be avoided.
Point of Sale system can help in:
A. POS Software features help you track return statistics.
B. POS software features enable you to print…[Read more] -
Deepali Kochhar commented on the post, Weekly Question #8: Complete by November 2, 2017, on the site 8 years, 1 month ago
Binu, I believe log management and analysis can track such kind of problems. It is important to maintain the logs of all kind of transactions so that issues such as someone changing the delivery or address details can be tracked. It is a good kind of detective control for such issues.
-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
Great explanation Priya. I would like to add an example to it.
Lets take the example of GBI. In order to assemble a cycle, we would need to take order of various required to make a cycle. Now if there is an error in sales order preparation in a way that it misses some parts of a cycle, it can ultimately lead to delay in assembling and hence…[Read more]
-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
I would like to add to your point.
OTC needs control of CFO and COO along with end to end process managers and staff in a way:
a.It is important to achieve real-time visibility into operational data across the chain from planning to return
b. Break down operational “silos” and provide visibility into the performance of key m…[Read more]
-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
1. As customers we experience various company’s order to cash process (OTC) whenever we buy something. Which company do you believe has a ‘great’ OTC process? Why?
Order to cash process includes following steps:
• Customer presence
• Order entry (creation of order/booking of order)
• Order fulfillment (physical & digital fulfillment…[Read more] -
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
Drone hacking Threat
Insurance giant Allianz has warned that the increasing volume of drones in the sky can lead to cyber security threat, potentially resulting in loss of life.
Unmanned aircraft system (UAS) are expanding rapidly from their original use in military and are set to become a part of multi billion dollar business.
The…[Read more]
-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
Right Magaly. Based on the ranking we can define the impact of the risk such that:
Catastrophic, Major, Moderate, Minor and negligible.
On the above identification we can make a decision on its safeguard procedures and mitigation plan.
-
Deepali Kochhar commented on the post, Week 3 Questions, on the site 8 years, 1 month ago
We need to manage the log as a detective measure for multiple user access so that in case any unwanted event occurs it can easily be traced with exact information such as who performed the transaction, when did it occurred and so on.
-
Deepali Kochhar commented on the post, Week 3 Questions, on the site 8 years, 1 month ago
Rightly pointed Said.
Confidentiality, Integrity and Availability is always at high risk.
-
Deepali Kochhar commented on the post, Week 3 Questions, on the site 8 years, 1 month ago
For this we need analysis of ROI. Will the data which is being moved from traditional to relational database give enough returns to overcome the cost of movement or not. Is that data needed in long term and on the basis of these parameter we need to make an analysis of the risk level. This will help in making analysis of ROI
-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
Good point Abhay,
I would like to put forward an example of data corruption:
A bank employee whose job requires the ability to change only account holder contact information may take advantage of excessive database privileges and increase the account balance of a colleague’s savings account.
Other can be, companies fail to update access p…[Read more] -
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
How would you go about creating an information risk profile for a small start-up business? Describe what the risk profile for the business would contain? How should the business use the risk profile?
Principles and directives to create risk profile:
An organization’s information risk profile should include principles aligned with both its s…[Read more]
-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
Very well explained Brou. I would like to add an example to this.
If a drug company does not properly test its new treatment through the proper channels, it may harm the public and lead to legal and monetary damages. Failing to minimize risk could also leave the company exposed to a falling stock price, lower revenues, a negative public image…[Read more]
-
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
Q 3. List risks associated with database management systems (DBMS)
Following are the risk associated with the database management systems(DBMS):
• Easily guessed passwords
• Missing Patches
• Misconfigurations
• Excessive Privileges
• Web application attacks (SQL-injection)
• Insider mistakes
• Weak or non-existent audit control…[Read more] -
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
Q 2. Key benefits of relational databases vs traditional file system?
• Data independence (e.g. n-tier application)
• Reduction of data redundancy (via Normalization)
• Maximize data consistency (primary key/ foreign key)
• Reducing maintenance cost through data sharing
• Security Feature
• Enforce Data integrity -
Deepali Kochhar posted a new activity comment 8 years, 1 month ago
1. What are key characters of relational database management systems?
The key characters of relational database management systems are:
• A relational database is a collection of data items organized as a set of formally described tables from which data can be accessed easily.
• It is created using the relational model
• The software used…[Read more] -
Deepali Kochhar commented on the post, Week 3 Questions, on the site 8 years, 1 month ago
Great example Paul. Standards and policies defined by an organisation form the basis of an audit and are a kind of assertions for the auditor. It helps the auditor in defining the scope of audit.
-
Deepali Kochhar commented on the post, Week 3 Questions, on the site 8 years, 1 month ago
Great point Sean. Segregation of duties can also help in performing log analysis so that if any fraud occurs it can easily be traced and actions can be taken to overcome it.
- Load More