Magaly Perez

Great analogy Daniel.
Like a body, using an operating system requires an understanding of how it works and how to use it.

Alex,

Yes. But you have a lot of work to do. Without an operating system using and enforcing a standard, systematic approach to running the computer, you’re put in the position of writing code that must tell the computer exactly what to do. Think of every single option or possibility your word processing program has. You’d have to write code…[Read more]

Great points; knowledge of the business and effective interpersonal skills are most definitely key competencies in the OTC Process. However, I would say sense of a strong analytical skills trumps the business knowledge.

To be an effective leader one must possess the tenacity of analytics and strong communication skills. These skills may be seen…[Read more]

Great example Said.

Here are a few other examples of frauds that could occur within the shipping process:

Manipulation of financial statements, commercial bribery and cash skimming. More specifically, the shipping and ports industry are susceptible to:

-Cargo theft and misappropriation of assets
-Revenue leakage
-Unsupported payments…[Read more]

Who in a company should be responsible for the controls of that company’s Order to Cash (OTC) Process? Why?

I believe that there are two individuals that are responsible for the controls of a company’s OTC Process: the Chief Financial Officer (CFO) and the Chief Operating Officer (COO). The CFO’s role in the OTC process is to provide the accou…[Read more]

Which portion of the Order to Cash (OTC) process do they see as the most vulnerable to theft, fraud or failure of some kind?

I believe the order fulfillment step in the OTC process is the most vulnerable to theft, fraud or failure. Inherently, there is the risk of human error, which at most times is not intentional whatsoever; however, it…[Read more]

As customers we experience various company’s order to cash process (OTC) whenever we buy something. Which company do you believe has a ‘great’ OTC process? Why?

I believe Amazon has the greatest OTC Process. As a prime member, I order from Amazon very frequent, probably more than I should. I think amazon has one of the easiest navigable site,…[Read more]

Question 2: List common control issues associated with operating systems and remediation strategy/plan.

Some common control issues associated with OS are as follows:
– File sharing
– Lack of malware protection
– Lack of firewall protection
– Weak or nonexistent drive encryption
– 3rd party software
– Weak authentication passwords

The…[Read more]

Question 1: Why is so important to protect operating systems?

The operating system is the software preinstalled on your computer. Computers have no ability to function without the operating system software. Not only does the operating system allow your computer to function, but it allows the user (you) the ability to effectively communication…[Read more]

Question 1: What are the security challenges in online banking?

Online banking has become prominently global due to, it’s ever so easy banking platform. The convenience of online banking, allows its internet users to manage their bank accounts from anywhere in the world, at any given time. Like the HDFC, many banks have been encouraged to p…[Read more]

http://www.technewsworld.com/story/83866.html

The article I read goes into detail about how the FBI has begun investigations into the cyberattacks on the electronic election infrastructures in Illinois and Arizona. The first attack in June led to the illegal download of personal information of 200,000 Illinois voters. However, this second…[Read more]

Great explanation Deepali and I completely agree with your suggestions. The data obtained through the risk identification process makes it possible to create a risk profile and then prioritize the various risks and profile categories. The profile exposes the gaps in a company’s ability to manage its risk across the spectrum of potential exposures…[Read more]

Great article Alex!

I just read it, and wow I am definitely going to be taking this into account when I download apps. You can reduce your risk of downloading an outright malicious app to almost zero by acquiring apps only from your operating system maker’s app store.

The term “acceptable information system security risk” means that the risk of information system security is not high importance for an organization to worry about. No organization is ever totally without risk, but there are steps that can be taken to establish an acceptable level of risk that can be properly mitigated.
Acceptable risk sho…[Read more]

The Database Firewalls have a set of predefined, customizable security audit policies and they can recognize database attacks based on past incidents or threat patterns called ‘signatures’.

However, all the attacks on the databases may not be familiar. So, Database Firewalls create white list of approved SQL commands. All the input com…[Read more]

Prof,

Thanks for the insight and the suggestion. I just researched the RDMS security features and learned the following:

The complex design of RDMS itself is a security feature. Its hierarchical storage allows metadata documentation to be inside the database and even when given access to the database it is impossible to hack this data. The…[Read more]

Through the data normalizing process. This process helps reduce redundancies of data in a database. It has guidelines that are used to optimally design a database to reduce redundant data.

Great point Alex, I completely agree. By having the added security within the tables and the ability to configure those tables into having more confidentiality is a great key advantage, but I do also, think having the ability to have easy accessibility to information from other users and the ability make updates to the data, decrease the risk of…[Read more]

Great point Paul!

I never thought to think about that aspect in the vendor selection. I decided to further research the kick-back scheme and stubbled upon how to investigate whether or not this is happening in your particular company.

The author explains, that there a number of ways to prevent it and detect it, but I really enjoyed her…[Read more]

Fred, I completely agree that the initial stage of the procurement process has many risk involved with fraudulently activity.

I’m shocked about this real life example but, would you mind elaborating on what “getting greased” means? I’ve never heard that term before and would like to understand how this was beneficial to the purchasing…[Read more]