Controls: The Case of iPremier 代写 ACC/ACF 2400

  • 100%原创包过,高质量代写&免费提供Turnitin报告--24小时客服QQ&微信:273427
  • Controls: The Case of iPremier 代写 ACC/ACF 2400

    Edward Tello
    Chief Examiner ACC ACF 2400 s2 2017  1
    ACC/ACF 2400
    Assignment 2
    Cybercrime and Information Systems
    Controls: The Case of iPremier
    Semester 2, 2017
    Overview of the Assignment Task
    A lot of experts argue that cybersecurity is a must for businesses. In fact, data loss and
    breaches can cost businesses plenty in terms of lost productivity, lost revenue, damage to the
    brand, and expensive recovery efforts. Problems inherent to computer security will likely
    persist so security issues are increasingly relevant to general managers, whether they like it
    or not.
    iPremier is a successful high-end web-based retailer. This company was shut down by a
    Distributed Denial of Service (DDoS) attack in 2009. The case presents a series of events before,
    during, and after the cyberattack (few minutes after it ended). Although the case does not
    describe actual events and iPremier is not a real company, everything that happens in the case
    has happened to real companies.
    You are required to write a report about cybercrime and information systems controls. Your
    report should be guided by the specific questions documented in the section below titled
    ‘Requirements for the Report.’

    Controls: The Case of iPremier 代写 ACC/ACF 2400
    Information available to your team
    Details of the business case can be accessed here:
    https://cb.hbsp.harvard.edu/cbmp/pl/65679173/65812602/ce74e24db3a61b856
    949919bbf23c311
    Please note, hard copies of the case can be printed for use, one copy per the assignment
    team member. Ensure the copyright statement is not removed when printing material.
    Learning objectives and outcomes expected to be achieved by this assignment
    This business case is aimed to illustrate a number of critical points about cybersecurity,
    internal controls and the COBIT framework. Specific objectives addressed by this assignment
    include:
    Edward Tello
    Chief Examiner ACC ACF 2400 s2 2017  2
    Objective 1: Examine the role of business processes and the use of accounting information
    systems in capturing and managing information that support the needs of
    stakeholders.
    Objective 2: Analyse and evaluate the design of business processes and accounting
    information systems.
    Objective 3: Explain the importance of internal controls and recommend internal controls
    that cover key business processes and support the achievement of goals.
    Objective 4: Apply critical thinking, problem solving and communication skills to analyse,
    evaluate and interpret business processes and the accounting data that is
    generated.
    General Requirements
    1. The report should not exceed 2500 words (EXCLUDING introduction, conclusion,
    reference list, table of contents, and appendix) (alternative word count applies to
    groups with less than 4 members – discuss with your tutor). It should be written using
    a word processing software such as Microsoft Word. Please use Times New Roman and
    a 12 point font.
    2. The report should have appropriate headings and subheadings and include an
    INTRODUCTION and CONCLUSION.
    3. The report must include at least 10 references out of which at least 3 of them must be
    peer-reviewed journal articles (EXCLUDING the textbook – Romney et al. (2013)).
    4. You  must  follow  Harvard  system  for  citation  and  referencing  (see:
    http://guides.lib.monash.edu/citing-referencing/harvard).
    5. Review the resources on the Student Q Manual for report writing skills including
    information  on  plagiarism  (http://business.monash.edu/students/study-
    resources/related/components/qmanual.pdf).
    6. In terms of the report, each group is responsible for assessing its level of plagiarism.
    Although you can submit the report to Turnitin as many times as you like before the
    due date, ONLY the final submission will count to Turnitin. Remember that you need
    to wait at least 24 hours to try a new submission. This report is marked as a group.
    7. Review the marking rubric so that you understand how you will receive feedback.
    Submission Date/Time & Procedure
    Submission Date/Time: Sunday 15 October, 11:55pm (Week 11), penalties apply for late
    submission)
    Only one team member needs to submit the Report (this document is to be submitted to
    Turnitin and Assignment Submission Dropbox in Moodle)
    Only one team member needs to submit the video link (in the same Assignment
    Submission Dropbox as the aforementioned parts of the assignment)
    Each team member needs to complete a CATME Peer Evaluation (details about this
    software and instructions on how to complete will be communicated shortly).
    Edward Tello
    Chief Examiner ACC ACF 2400 s2 2017  3
    Marks
    This assignment is a team assignment and is worth 20% of the total mark for this unit. Marks
    for individual contributions to the team effort will be allocated using the CATME Team Self-
    Assessment tool (the information about software for conducting self-assessment as well as
    the detailed instructions about the software will be communicated shortly).
    Mark breakdown per task
    Task  Marks
    A (report)  15
    B (oral presentation /
    video)
    5
    Total  20
    Submission format for different sections of the assignment
    •  Submission format of the Report: .doc, .docx, or .pdf file
    •  Online submission of the CATME Peer Evaluation Completion (team member
    assessment document): to be announced shortly
    •  Submission on a Word Document in which you provide the link to the video posted on
    YouTube: .doc, .docx
    A. Requirements for the Report
    After reading the iPremier case study, you need to write a report that will cover the issues of
    Cybercrime and Information Systems Controls. The report should answer the following
    questions:
    1a. Based on the information provided, critically evaluate the role of iPremier
    management in relation to information security [Hint: In your evaluation, use
    two (2) activities of Table 14.1 Romney et al. (2013 p. 423) which are related to
    COBIT security control objective DS 5.1].
    1b. Do you think that security was a priority for iPremier management? Justify your
    position.
    2a. Did the risk reduction measures put in place by iPremier work appropriately
    during the cyberattack? [Hint: Explain three (3) measures adopted and also
    whether they failed or not].
    2b. Assume iPremier wishes to insource their data centre. Under this new scenario,
    recommend three (3) internal controls that iPremier should implement to either
    prevent, detect or correct future cyber-attacks [Hint: Classify each control as
    either Preventive, Detective or Corrective, explain and justify its importance].
    Edward Tello
    Chief Examiner ACC ACF 2400 s2 2017  4
    3a. At some point during the crisis, Bob asks Joanne whether they have emergency
    procedures such as a Business Continuity Plan (BCP). Discuss three (3) benefits
    and three (3) challenges of BCPs.
    3b. Would you recommend iPremier adopting a Business Continuity Plan (BCP) or a
    Disaster Recovery Plan (DRP)? Justify your recommendation.
    4. The iPremier case was written in 2009. Investigate two (2) major data breaches
    within organisations over the last 3 years (since 2015). Explain what happened,
    what the cause was, what internal controls were absent or failed, and what the
    implications were.
    Report Structure and Presentation:
    • Title page that lists all the authors (Name, Surname, Student ID, tutorial times, and
    the name of the tutor),
    • Table of contents,
    • Introduction
    • Main body,
    • Conclusion
    • Reference List (all references listed must be cited somewhere in the text),
    • Appendices (in case if any supplementary information needs to be reported).
    *Note: The report must be attractive but don't go overboard: content is more
    important.
    ** More information on the style of business reporting is available in the Q Manual
    (http://business.monash.edu/students/study-resources/related/components/qmanual.pdf).
    B. Requirements for oral presentation, video recording and submission
    Task Description
    Step 1: Prepare
    your oral
    presentation
    •  Prepare a 5 min video presentation (alternative times apply to
    groups with less than 4 members – discuss with your tutor) in which
    you provide the main findings of your report. You might also want
    to provide a brief background about the case, but this is not
    required (remember the video should run for a maximum of 5
    minutes).
    •  Be creative! You decide how you want to present your findings. For
    example, some students might want to prepare some visual aids
    Edward Tello
    Chief Examiner ACC ACF 2400 s2 2017  5
    (e.g., PowerPoint / Keynote slides) to support their presentation
    [note: you do not have to submit separately the visual aids used in
    your presentation]. Other students, however, might want to do a
    role-play video presentation.
    •  All team members must appear on the video, but not everyone has
    to speak in front of the camera for the same length of time. Again,
    you decide how you want to present the information required. 
    Step 2: Record
    your oral
    presentation
    •  There are a vast number of ways that you can logistically record yourself
    delivering an oral presentation. If you have experience in this area and/or
    would like to develop this skill, feel free to develop your own method. For
    those of you who do not know where to start, the following videos
    demonstrate a simple and free process you can follow:
    o  Record your video - PC version
    o  Record your video - mac version
    Video editing is optional for this assignment. However, it is important to
    make sure your presentation recording looks polished and professional
    (e.g., plan what you will say beforehand, do a test recording to get the
    recording volume right, and film in a well-lit location, etc.). Refer to the full
    list of quality guidelines in the 'Presentation' section below.
    Step 3: Upload
    video to
    YouTube
    •  Very carefully follow the instructions for how to Upload your video to
    YouTube and then provide a link to your video via the assessment
    submission point (see below).
    •  Be aware that depending on your internet connection and file size, upload
    times can be significant. Please allow sufficient time before the due date
    for your video to upload to YouTube.
    Make sure you select the 'Unlisted' privacy setting when you upload your
    video to YouTube, as shown in the help guide above. If your video is left as
    'Private', your marker will be unable to access your submission and if this
    is the case, you may receive a zero on this assessment. So please double
    check this!
    Time Limit
    There is a strict time limit of 5 minutes for this assessment (alternative times apply to groups
    with less than 4 members – discuss with your tutor). Any information you include after the 6
    minute mark will not be assessed. The length of the presentation will be taken as the
    recording length. So edit out any fumbling around at the beginning / end of the recording if
    necessary to ensure your recording length is below the limit.
    Presentation
    Note that this part of the assignment is assessing your ability to deliver an oral presentation
    summarising a report, and NOT to create multimedia. So, do not be overly concerned about
    Edward Tello
    Chief Examiner ACC ACF 2400 s2 2017  6
    your video recording and/or editing skills. However, we do need to be able to clearly see and
    hear your presentation. This means:
    •  All team members must appear in the video (at least once). However, not everyone has
    to speak in front of the camera for the same length of time. For example, if you do a
    role-play video presentation, each member will have a different role and, consequently,
    will not necessarily speak on camera the same length of time.
    •  Film in a location that has appropriate lighting (no back lighting that casts your face into
    shadow)
    •  Film in a location with little to no background noise so your voice can be clearly heard
    •  Noise from recording equipment/computer should not interfere with the presentation
    •  Audio quality should be high and your microphone volume adjusted so your voice can be
    clearly heard
    •  If using slides, use an appropriate font size so any text on your slides is easily readable by
    a person watching the video of your presentation. In addition, they need to be fully in
    frame and clearly visible throughout the presentation.
    Essentially, we can only award marks for what we can perceive. So, you will lose marks if
    elements of your presentation cannot be seen or heard in the recording that is submitted for
    marking. Do a short test recording before filming your actual presentation to ensure all of
    the above points are addressed. Then check the quality of the video again after it has been
    uploaded to YouTube to ensure the quality is still appropriate.
    Format
    As per the instructions above, you will upload your video presentation file to YouTube and
    provide the weblink to your video for marking in a Word document.
    Names, Student IDs, Tutorial Times, and Roles of all Group Members (if applicable) should be
    presented on a slide for at least few seconds –either at the beginning or at the end of the
    video. For the sake of time, you do not have to voice (pronounce) this information.
    Make sure you acknowledge the source of all references, images, videos, etc., used in your
    presentation. For images and videos, report the weblink for the source at the point where it
    is presented. For scholarly sources, in text citations and a reference list should be supplied as
    per usual. The reference list should be displayed for at least a few seconds at the end of the
    video.
    C. Team Member Assessment Document
    The team assessment involves scoring each team member’s meeting attendance,
    contribution to ideas and planning, timeliness, whether an equitable amount of work was
    performed, and contribution to the overall success of the project. All group members must
    submit the CATME Peer Evaluation (penalties will be applied to those who fail to complete
    it). More details about this part of the assessment will be posted soon.
    Edward Tello
    Chief Examiner ACC ACF 2400 s2 2017  7
    Assignment 2 – Assessment Criteria
    Criteria Description  Marks
    earned
    Marks
    possible
    Statement of management procedures
    Management and security  •  Comprehensive and insightful assessment of management’s role in relation to information security.
    •  Fully developed and supported assertions.
    18 %
    Risk Measures and
    Internal Controls
    •  Comprehensive identification of all risks.
    •  Proposed internal controls to mitigate risks are of consistently high quality and well-justified.
    18 %
    Business Continuity
    Planning
    •  Outstanding supported analysis of benefits and challenges.
    •  Skilful identification & use of AIS & business concepts.
    •  Fully developed & supported assertions.
    18 %
    Data breaches - cases  •  Breaches covered are pertinent and significant.
    •  Cause, explanation, and implications are thoroughly presented and amalgamate research from various
    academic and credible sources.
    •  Analysis demonstrates a particularly in-depth reflection.
    •  Viewpoints and interpretations are insightful and well supported.
    18 %
    Presentation including
    Introduction and
    Conclusion
    •  Students presented information in an outstanding, logical, interesting, and entertaining structure which
    audience can follow. Excellent presentation.
    •  Introduces the topic in an insightful way.
    •  Strong, definitive conclusion.
    14 %
    Clarity, expression and
    referencing
    •  Little or no grammatical punctuation, spelling or capitalisation errors that do not impede meaning.
    •  Expression is consistently clear and concise.
    •  At least 10 sources using Harvard referencing style with few or no mistakes.
    •  The overall presentation of the report document confirms to the standards reported in the Q Manual
    (https://business.monash.edu/students/study-resources/related/components/qmanual.pdf)
    14 %
    Total

    Controls: The Case of iPremier 代写 ACC/ACF 2400
    100 %
    Edward Tello
    Chief Examiner ACC ACF 2400 s2 2017  8
    Oral presentation / video
    Focus and content  •  Main points are clear and well argued.
    •  Brings closure with action statement.
    •  All presenters are clearly identified.
    40 %
    Verbal style - clarity  •  Speaks clearly and distinctly. No mispronounced words.
    •  Language is appropriate to non-technical audience.
    20 %
    Visual style – creativity
    and visual aids
    •  Imaginative design with role-play scenarios or other creative approaches integrated into presentation.
    •  Visual aids, such as on-screen captions and signs, well-chosen & presented.
    30 %
    Length / time  •  Presentation within allotted time.
    10 %
    Total
    100 %
    Controls: The Case of iPremier 代写 ACC/ACF 2400