-
Fred Zajac posted a new activity comment 8 years, 2 months ago
There were several issues with the video that are common in many SMB’s around the world. There seems to be a stigma that the IT department is responsible for stopping technology threats, but everyone should realize they are a big piece to IT security.
Issues with video:
1. Password protection – Passwords should be unique to the ind…[Read more] -
Fred Zajac posted a new activity comment 8 years, 2 months ago
What is the purpose of all auditors having some understanding of technology?
The purpose of all auditors having some understanding of technology is because most business operations are conducted using some sort of technology. It could be a computer, tablet / smart phone, or even traditional hard-set phones (Working on VoIP).
When we look…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
How does the control environment affect IT?
The control environment affects every aspect of Information technology, including
1. Hardware – What type of equipment should be used and the preferred vendors
2. Software – What operating systems are used, How each department is utilizing and accessing the software
3. Data – Where is it store…[Read more] -
Fred Zajac posted a new activity comment 8 years, 2 months ago
Magaly,
Great McDonalds example. The most difficult thing in economics is to put a cost on the impact of a policy. For example, how do you put a price on carbon dioxide put into the atmosphere? The risks of burning coal are known but putting a value on it and selling it to an emerging country is a difficult thing because all they see is…[Read more]
-
Fred Zajac commented on the post, Week 2: Questions, on the site 8 years, 2 months ago
Deepali,
Your example of compliance vs. profitability controls was a great way to sum up both controls in one industry. The banking industry must maintain compliance controls set by the federal reserve, this restricts the real profit of the bank but also protects the consumer from profitability controls prior to the compliance controls.
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Liang,
I believe a technology board should be created. It could be call Company XYZ technology council. The council could be created of seasoned employees who may be looking for a promotion or capable of handling the added responsibility. Once the board is generated, the team will structure company specific technology strategies to advance…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Paul,
It is funny you mention this article because I was going to post the same incident. I can’t seem to find the episode, but I remember watching Bill Mahar last season and he was talking about Hillary’s private server and how other high level officials are using similar private systems for government business. The reason was mentioned by…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Information security is a technical problem and a business problem everyone individual must be involved with the solution.
The technical problem lies with the equipment and network infrastructure. The proper system configurations, authentications, policies and security must be checked and tested on a regular basis to ensure proper…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Jianhui,
You make an interesting reference with Xinhua and Dangdang.com. I am not familiar with the reference.
When you say, “Low effectiveness to response to the market” because of “corruption and bureaucratese”, do you mean management’s hands are tied when making business decisions because of the threats or bribes from outside parties? I…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Sean,
I agree with you and most of the replies. SOX puts management responsible for the reporting and actions of the company. You mention common sense and others have mentioned fraud still existing with strict SOX regulations, that burden small businesses.
In my opinion, common sense isn’t the standard when business leaders are responsible…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Forgive me but I am not quite sure how to address you, so if Brou is wrong, please don’t feel bad about correcting me.
Brou,
I agree that IT is the “center” of most organizations. I refer to IT as the “central nervous system” of an organization. It is used to communicate to each department and is pivotal in the daily function of most…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Mansi,
I came up with the same conclusion. The employees in the video are much too lax about an controlled environment. This seems to be the case with several clients we on-board.
When we interview employees on how they utilize certain technological system, there are always a few who will roll their eyes when it comes to internal controls.…[Read more]
-
Fred Zajac commented on the post, Week 1 Questions, on the site 8 years, 2 months ago
As a managed IT support services company, we have seen many different system-related risks at many different organizations, requiring our company to bring the client’s system up to a healthy state. This includes an audit of the entire system to identify hardware, software, and data storage.
One system-related risk we recently seen at o…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Priya,
You list great examples in your post and immediately though of the co-location (data center) my organization uses. We are housed in two separate data centers. One in Philadelphia (Equinix) and one in Newark, DE (HostMySite). Both are managed independently and have multiple levels of redundancy, but the one thing that impressed me was…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
Annamarie,
I am familiar with the business process you have experienced. The one thing I would like to mention is how a net 30 vs. immediate payment makes the business process much harder for the internal staff. Finding a solution to assist the cumbersome business processes, or “Working Smarter, not Harder” makes the added burden more…[Read more]
-
Fred Zajac posted a new activity comment 8 years, 2 months ago
My role as a business development executive gave me exposure to the business process of “generating revenue” for the company. The Revenue Generation Cycle moves through multiple business functions and involves, “A series of logically related activities… to produce a… result.” (class powerpoint).
The cycle begins with the research and develop…[Read more]