-
Joshua Tarlow posted a new activity comment 8 years ago
I’ve actually thought about this before when using my credit card at a restaurant. The transaction is approved before the tip is added, which must then be applied to the credit card. The last step doesn’t require any verification from the customer as when the first time the card was run. The receipt that is given does not account for the final…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years ago
I hadn’t considered fraud from this perspective before. I’ve definitely witnessed interns incorrectly recording times. I also agree that they most likely did not perceive it as theft or fraud. Although I think that some did not try and rationalize it, it may just have been easy or not considered that big of a deal. At my internship we were…[Read more]
-
Joshua Tarlow commented on the post, Week 3 Questions, on the site 8 years ago
I definitely agree that accuracy is the most important of the three if one had to be chosen. Without the accuracy, the other dimensions would most likely not be correct. It is especially difficult to have a correct summary without accuracy because the summary itself would not be correct. It would be difficult to record accurate valuation with…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years ago
I have only been a victim of fraud when my credit card or debit has been stolen and used to make fraudulent transactions. Credit card fraud is common now so my experience is definitely not unique. But there have been multiple occasions when either the bank caught the activity, I noticed suspicious transactions on my account, or I’ve been sent a…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
I’ve read that it is more difficult for developers to release apps on iOS than Google Play which can be both frustrating but also beneficial from a security perspective. Google approves apps much faster than Apple, but they are more prone to security risks.
Security is one of the main reasons why I have kept my iPhone. Not that there aren’t…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
Comparing ITIL and COBIT: list some key similarities and difference based on your understanding
ITIL and COBIT both address compliance and security. . Each provide framework to manage IT services and assets for enterprises. COBIT is more expansive than ITIL and provides guidance for IT governance and management across the entire enterprise.…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
“A new hacker money-making strategy: Betting against insecure companies on Wall Street”
The article discusses a cyber security research firm named MedSec that found a flaw in a medical device from St. Judes Medical and then partnered with a financial firm to release the results publicly. MedSec received a portion of the profits from short…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
What are the 3 types of risk mitigating controls? Which is the most important? Why is it the most important?
Three types of risk mitigation controls are preventative, detective, and corrective. Preventative risk controls can be passwords, encryption, firewalls, access restrictions, and other procedure or policy that reduces the probability that…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
Why do we need control framework to guide IT auditing?
Control framework provides a resource for IT auditors for accepted practices. Well known frameworks also provide a common language and set of practices. The initial goal was for public companies to self regulate and reduce government regulation. Companies can use existing frameworks, and…[Read more]
-
Joshua Tarlow's profile was updated 8 years, 1 month ago
-
Joshua Tarlow changed their profile picture 8 years, 1 month ago
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
Cyber Threat Grows for Bitcoin Exchanges
The article describes a recent hack of a bitcoin exchange of $70 million and the risks of bitcoin exchanges. The hack is the largest since a 2014 when hackers stole $350 million from a Tokyo bitcoin exchange. According to the article, between 2009 and 2013 approximately 33% of bitcoin exchanges have been…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
Describe a real life example of a company’s profitability-driven controls. What are the differences between a compliance-driven vs. a profitability driven control?
A compliance driven control is focused on legal and regulatory requirements, while profitability driven controls concerned with revenue and expenses, and not mandated. Companies u…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
I agree that HIPAA is a compliance control for a hospital because it does protect health data and is a legal requirement. It might also be possible to consider HIPAA with profits. If a hospital suffers a data breach because HIPAA requirements were ignored, then reputation and financial losses could be significant. Reputation is one of the most…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
It is true that SOX places more burden on corporations, it was a necessary reaction to the corporate scandals. While most companies are not defrauding their investors, it only takes on large enough company to collapse to reverberate through the economy. If a company the size of Met Life or AIG were to fail, the global economy could fall into a…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
I definitely agree that purchasing the cheapest software is not always the best decision. Price should always be considered when comparing competing products, but should not be the sole determining factor. I have only used Adobe Acrobat so I can’t comment on the difference between them other than price. But in my experience having the right…[Read more]
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
ITACS students and Temple University both represent information security vulnerabilities to each other. Temple University stores Personally Identifiable Information (PII) of each student, which include grades, and financial information, and in some instances health-care information. A data breach to Temple University could target student’s social…[Read more]
-
Joshua Tarlow commented on the post, Progress Report for Week Ending, February 16, on the site 8 years, 1 month ago
When I was in the military I remember all flash drives and removable storage were banned from DOD computers. Most computers contained reminders not to use a flash drive, in addition to the background on some computers. I think the primary concern was malware or a virus, data was definitely a concern for networks with access to sensitive information.
-
Joshua Tarlow posted a new activity comment 8 years, 1 month ago
What is the purpose of all auditors having some understanding of technology?
If auditors are not familiar with technology then it will not be possible to adequately audit the organization. Understanding technology used in an organization allows an auditor to identify risks and inadequate security protocols. For example, sensitive data maybe…[Read more]
-
Joshua Tarlow changed their profile picture 8 years, 1 month ago
- Load More