Free Samples
ISSC363 IS Security And Risk Management
.cms-body-content table{width:100%!important;} #subhidecontent{ position: relative;
overflow-x: auto;
width: 100%;}
ISSC363 IS Security And Risk Management
0 Download12 Pages / 2,961 Words
Course Code: ISSC363
University: American Public University System
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United States
Question:
Applied project Reporting a relating security audits and controls, and risk management techniques. The report will include risk analysis of the identified risks and threats and the impact of human factors on security and risk management.
Students are required to select an organization that uses information systems to perform daily business operations. They have to identify some assets of the organizations and discuss how and why they are vulnerable to destruction, error, abuse, and system quality problems. The students have to describe and evaluate the risk management techniques adopted by the selected organization to ensure the reliability, confidentiality, availability, integrity and security of digital business processes. Evaluation of the risk management must include risk identification, risk assessment and risk control related to the selected organization. Identification and illustration on the types of general management controls and application controls related to the selected organization must to be analysed. The students have also to discuss audit plan and processes used by the organization and investigate the impact of human factors on security and risk management..
Answer:
Introduction
The information system can be defined as the structured structure that helps to assemble, systematize, accumulate and correspond with the confidential data (Laudon & Laudon, 2016). It is the amalgamation of various complementary networks, which organizations and people utilize for the major purposes of collection, filtering, processing, creating as well as distributing the data. The information system is the major component that helps to interact for the successful production of information (Bajdor & Grabara, 2014). Various software, hardware, business procedures, functionalities and data that could be utilized for increasing the efficiency and management of any particular organization are present within the information system. This information system is completely automatic and hence could be used without any type of manual working procedure. It comprises of a computerized database and has restricted sensors that help in easy information storage. The various operations, decision making and management of the confidential data are much easier with the presence of information system (Demir & Krajewski, 2013). Moreover, information system has the interrelation with the data systems and could easily complete the activities in lesser time.
The following report provides a brief discussion on the risk and security management on the popular and significant organization of telecommunications within Australia, namely, Telstra Corporation Ltd. This organization provides various telecommunication and broadband services for its customers and information system services for the employees. The report even explains the proper ideology of general management controls and application controls with several techniques of risk management, used by them.
Telstra Corporation Limited or Telstra is considered as the largest telecommunications organization within Australia that could easily build as well as operate the networks of telecommunications and the mobile services, internet access, broadband services, pay television, market voices and several other products or services (Telstra., 2018). This particular organization was founded 43 years ago and it has its headquarters in Melbourne, Australia. Since, this is an important and popular organization, Telstra has numerous customers worldwide. This particular organization is following several unique strategies within the business. A complete range of the communication services is provided by this organization and hence they are competing in each and every telecommunication market. In Australia, they are providing retail mobile services to 17.7 million customers, retail fixed broadband services to 3.6 million clients as well as fixed voice services to 4.9 million clients (Telstra., 2018). They have kept customers’ choices on top priority and this is another important strategy of this organization.
Due to the business processes of the Telstra Corporation Ltd are extremely unique in respect to the other telecommunication organization (Telstra., 2018). Thus, the result of the business procedures is bringing several asset values within the business. A brilliant connected future is the ultimate goal of this company. The services of broadband and Internet are improvised with the help of this system. The marketing department of this organization is doing their work perfectly and hence they have implemented information system and thus the departments could easily be connected with one another (Kushniruk et al., 2013). The transaction processing system is the major requirement in the organization of Telstra Corporation Limited. The accounting and production departments are perfectly controlled by taking the help of IS within this organization. Moreover, the services of this organization are extremely cost effective and hence could be easily afforded.
General Management Controls of Telstra Corporation
The GMCs is defined as the total managerial functions that comprise of the major objectives of achieving several goals of the organization in the given time (Alonso et al., 2013). These general management controls are responsible for helping to gather and use the sensitive and the most relevant data and information with the major purpose of evaluating the complete performances of all the organizational resources such as finance related and even the physical resources. The several strategies of the company could be subsequently deployed or implemented within the business processes with the general management control (Tarhini, Arachchilage & Abbasi, 2015). The entire procedure of managing the business eventually includes the best performance getting compared with the performances, as per planned. The second factor of implementing general management control is that it is different from the other controls in the aspect that it could be measured even before the contributions. The respective final step in the entire procedure is that the identified differences are easily measured for the perfect minimization of these dissimilarities. There are two distinct kinds of errors in the GMCs, which would be preventive control as well as detective control (Brooks, 2016). These preventive controls help in prevention of the errors and these controls could cease the errors. The respective detective controls could be utilized to perfectly identify the irregularities within the processes.
Telstra Corporation Ltd has implemented the GMCs in their business. Since, it is a telecommunications company, these types of controls are mandatory for them. The three important factors, which could easily enhance general management controls of the company, are regularized standard sets, evaluation of complete performance and finally undertaking the right actions (Al-Sakran, 2015). The most prominent general management controls of the organization of Telstra are listed below:
i) Presence of Legal Laws: Several legalized laws and rules are being implemented within the organization for ceasing any type of illegal activity.
ii) Data Integrity: There is integrity within the data and hence data is never lost in Telstra (Dahlstrom, Walker & Dziuban, 2013).
iii) Presence of Safe Guards: The resources are kept secured with the help of various types of safe guards in the organization and thus Telstra is extremely safe and secured.
Application Controls of Telstra Corporation
The second type of control is the application control. This particular type of control is responsible to maintain the security as well as privacy of all the assets within the business (Eason, 2014). This type of security maintenance helps in providing reliability and confidentiality in the business and hence information could be easily protected. The data risks are also reduced to a higher level. The application controls of Telstra Corporation Ltd are listed below:
i) Complete Checking: The organization is able to check each and every records and applications of the business.
ii) Validity Checking: This particular AC is responsible for justifying the fact that only valid data is being processed by the information system (Bilbao-Osorio, Dutta & Lanvin, 2013).
iii) Presence of Authentication: The authenticated information is only processed within the organization.
iv) Input Control: Telstra also controls the inputs and hence the data is kept secured easily.
v) Presence of Authentication: Telstra makes sure that only authorized people could access the confidential data (Marchewka, 2014).
vi) Easy Identification: These authorized people could be easily identified by taking the help of this particular application control within Telstra Corporation Ltd.
Comparison of ACs and GMCs for Information System
The proper comparison amongst the GMCs as well as ACs in the specific information system of Telstra Corporation Ltd is being listed below:
i) The general management controls within the company are linked with the application controls and hence each and every functionality could be easily supported by this type of link (Holtshouse, 2013). The general management controls could easily manage the end user, main frame and server.
ii) These application controls could easily control the security and even the privacy of this information system by simply controlling or managing the software or transactions. There are some of the major factors that are completely dependent on the application controls like complete checking, validity checking, input controls, authentication, authorization and various others (Bloom et al., 2014). The several organizational resources could be easily and promptly managed or controlled by the general management control and hence these controls are absolutely dependent on the standardized sets, evaluation of the complete performances and undertaking the appropriate actions.
Evaluation of Few Techniques for Risk Management
a) Reliability, Confidentiality, Availability, Integrity and Security
Risk management is the proper identification, evaluation as well as prioritization of various risks and threats that is followed by the economical and coordinated applications of several resources for the minimization, management and control of the impact and probability of any type of unfortunate events (Lloyd, 2017). The opportunities are highly maximized with the help of this risk management.
Telstra Corporation Ltd has implemented various new techniques to manage the risks in their business. Hence, they have become successful with these techniques of risk management. The destruction of this organizational resources or confidential data is properly stopped by the proper implementation and deployment of risk management techniques (Schwalbe, 2015). There are five specific factors and these could be measured by the two techniques of risk management. These five factors would be integrity, confidentiality, reliability, security and finally availability. Following are the given two popular and mportant techniques for managing the threats and maintaining the above-mentioned five specific factors in this organization of Telstra Corporation Ltd.
i) Deterrence of Loss of Data: It is termed as the most vital and significant tool and technique to manage risk. The sensitive information are always susceptible to the several types of risks (Luftman et al., 2013). This specific technique makes sure that these losses can be easily prevented as well as the data could be stored properly in this information system.
ii) Avoidance of the Risks: The second important and significant technique for the proper management of the risks is the respective risk avoidance (Oztaysi, 2014). This specific type of avoidance could be highly advantageous for the privacy of the confidential data or information present within the information system.
These above two above mentioned techniques for risk management are important for maintaining integrity, confidentiality, reliability, security and finally availability.
b) Risk Identification, Assessment and Controls
Risk identification is absolutely vital for the proper recognition of the several risks that are present within the organizational information system. This also helps to assess and control these risks. Telstra Corporation Ltd has deployed two specific techniques for identifying, assessing as well as controlling the risks (Alwahaishi & Snásel, 2013). Following are the two techniques of risk management for managing risks and hence maintaining all the above-mentioned factors within Telstra Corporation Ltd.
i) Loss Reduction: This is the first technique that would be effective for the minimization of loss, which makes sure that all of these data losses that have been occurred by the several risks are minimized to a greater level.
ii) Separation: The several devastation risks are recognized easily with this specific risk management technique and thus Telstra Corporation Ltd gains competitive advantages (Bloom et al., 2014).
The above mentioned two techniques are extremely popular and significant for any type of risk management and thus the various risks are easily mitigated.
Audit Plan and Audit Process in Telstra Corporation
The audit is defined as an authorized assessment of all the accounts within any specific organization to properly verify whether each and every organizational resource is being used securely or not and even if these are used, whether only the authorized and authenticated users are using them or not (Dahlstrom, Walker & Dziuban, 2013). This type of systematic or independent testing of all the records as well as maintenance of the integrity and confidentiality of information is known as auditing.
Telstra Corporation Ltd has systematically and successfully audited the various resources by their excellent audit planning. This particular audit plan was responsible for helping them in achieving the success and advantages that they have achieved now (Tarhini, Arachchilage & Abbasi, 2015). Without this audit planning, it was not at possible for them to achieve success easily. The respective audit plan of Telstra Corporation is listed below:
i) Identification of Audit Requirements: At first the audit requirements are to be identified properly.
ii) Listing the Requirements of Report: The second factor in this audit plan is that the various requirements of the report are to be listed properly.
iii) Conflicts between the Interest Assessments: The third factor of this audit plan is that they try to resolve the conflicts between the interest assessments (Demir & Krajewski, 2013).
iv) Executing Perfect Risk Assessment: Another significant factor of the audit plan is that there is a proper execution plan of the perfect risk assessments. This helps in reducing the risks to a greater level.
v) Assessment of Resource and Record: The final factor of this audit plan is that there is a significant assessment of the resources as well as records (Laudon & Laudon, 2016).
The process of audit helps to determine the entire procedure of the audit execution.. This specific process of audit of the Telstra Corporation Ltd is listed below:
i) Discussion of Scopes and Objectives: The first step in this audit process is that they discuss the several scopes as well as objectives of the company.
ii) Proper Data Collection: The next step in this audit process is that they completes the data collection procedure properly.
iii) Evaluation of Various Internal Controls: The several significant internal controls are properly evaluated in this particular step of this audit process (Bajdor & Grabara, 2014).
iv) Execution of Plan: Finally, in the last step of this audit process, the specific plan is being executed properly.
These above mentioned steps help the organization of Telstra Corporation Ltd to achieve proper success in the business and even they could inspect or check the resources that are vital for the organization. Hence, data theft is easily and properly avoided.
Conclusion
Therefore, from this above provided report, it could be eventually concluded that an information system would be the basic collection of several pieces of equipment that are being included within the distribution of information. The most significant and important parts of this information system are hardware, software, computerized database, users of information system, connections as well as networks. All of these together constitute the successful information system. Various kinds of information systems are present for the organizations in the world. The most common kinds of the information systems are the operation support system like transaction processing system, management information systems, decision support system and executive support system. It is the necessary computer system; however it describes the telephone switching as well as environmental controlling system. It eve involves the shared resources and processed information with the people, who are managing this system. These people are then considered as the major parts of the system without these IT experts, the information systems could not operate properly. The several information systems completely depend on the requirement of designing to fill. The decision making process is easily executed by taking the exclusive help of an information system and thus is quite popular for all types of organizations, especially the software companies. This information system is the noteworthy subset of ICT or information and communications technology. The above has properly explained the importance of an information system for the famous telecommunication company, Telstra Corporation Ltd. Relevant details regarding the GMCs as well as ACs or the risk management techniques are properly described in this report. The final part of the report has stated the audit plan an audit process of Telstra.
The best recommendation for Telstra is that they should implement decision support system within their business. The decision support system is responsible for taking proper and suitable decisions for the organization after considering the strengths and weaknesses of that particular organization.
References
Alonso, J., Bartlett, S. J., Rose, M., Aaronson, N. K., Chaplin, J. E., Efficace, F., … & Ravens-Sieberer, U. (2013). The case for an international patient-reported outcomes measurement information system (PROMIS®) initiative. Health and quality of life outcomes, 11(1), 210.
Al-Sakran, H. O. (2015). Intelligent traffic information system based on integration of Internet of Things and Agent technology. International Journal of Advanced Computer Science and Applications (IJACSA), 6(2), 37-43.
Alwahaishi, S., & Snásel, V. (2013). Acceptance and use of information and communications technology: a UTAUT and flow based theoretical model. Journal of technology management & innovation, 8(2), 61-73.
Bajdor, P., & Grabara, I. (2014). The Role of Information System Flows in Fulfilling Customers’ Individual Orders. Journal of Studies in Social Sciences, 7(2).
Bilbao-Osorio, B., Dutta, S., & Lanvin, B. (2013, April). The global information technology report 2013. In World Economic Forum (pp. 1-383).
Bloom, N., Garicano, L., Sadun, R., & Van Reenen, J. (2014). The distinct effects of information technology and communication technology on firm organization. Management Science, 60(12), 2859-2885.
Brooks, D. C. (2016). ECAR study of undergraduate students and information technology (Vol. 4, No. 3, p. 2). 2016.
Dahlstrom, E., Walker, J. D., & Dziuban, C. (2013). ECAR study of undergraduate students and information technology (p. 2013). 2013.
Demir, I., & Krajewski, W. F. (2013). Towards an integrated flood information system: centralized data access, analysis, and visualization. Environmental Modelling & Software, 50, 77-84.
Eason, K. D. (2014). Information technology and organisational change. CRC Press.
Holtshouse, D. K. (2013). Information technology for knowledge management. Springer Science & Business Media.
Kushniruk, A. W., Bates, D. W., Bainbridge, M., Househ, M. S., & Borycki, E. M. (2013). National efforts to improve health information system safety in Canada, the United States of America and England. International journal of medical informatics, 82(5), e149-e160.
Laudon, K. C., & Laudon, J. P. (2016). Management information system. Pearson Education India.
Lloyd, I. (2017). Information technology law. Oxford University Press.
Luftman, J., Zadeh, H. S., Derksen, B., Santana, M., Rigoni, E. H., & Huang, Z. D. (2013). Key information technology and management issues 2012–2013: an international study. Journal of Information Technology, 28(4), 354-366.
Marchewka, J. T. (2014). Information technology project management. John Wiley & Sons.
Oztaysi, B. (2014). A decision model for information technology selection using AHP integrated TOPSIS-Grey: The case of content management systems. Knowledge-Based Systems, 70, 44-54.
Schwalbe, K. (2015). Information technology project management. Cengage Learning.
Tarhini, A., Arachchilage, N. A. G., & Abbasi, M. S. (2015). A critical review of theories and models of technology adoption and acceptance in information system research. International Journal of Technology Diffusion (IJTD), 6(4), 58-77.
Telstra. (2018). Retrieved from https://www.telstra.com.au/aboutus/our-company [Accessed on 24 Sept. 2018].
Free Membership to World’s Largest Sample Bank
To View this & another 50000+ free samples. Please put
your valid email id.
Yes, alert me for offers and important updates
Submit
Download Sample Now
Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.
UploadUnique Document
DocumentUnder Evaluation
Get Moneyinto Your Wallet
Total 12 pages
PAY 8 USD TO DOWNLOAD
*The content must not be available online or in our existing Database to qualify as
unique.
Cite This Work
To export a reference to this article please select a referencing stye below:
APA
MLA
Harvard
OSCOLA
Vancouver
My Assignment Help. (2020). IS Security And Risk Management. Retrieved from https://myassignmenthelp.com/free-samples/issc363-is-security-and-risk-management/telstra-corporation-ltd.html.
“IS Security And Risk Management.” My Assignment Help, 2020, https://myassignmenthelp.com/free-samples/issc363-is-security-and-risk-management/telstra-corporation-ltd.html.
My Assignment Help (2020) IS Security And Risk Management [Online]. Available from: https://myassignmenthelp.com/free-samples/issc363-is-security-and-risk-management/telstra-corporation-ltd.html[Accessed 18 December 2021].
My Assignment Help. ‘IS Security And Risk Management’ (My Assignment Help, 2020)
My Assignment Help. IS Security And Risk Management [Internet]. My Assignment Help. 2020 [cited 18 December 2021]. Available from: https://myassignmenthelp.com/free-samples/issc363-is-security-and-risk-management/telstra-corporation-ltd.html.
×
.close{position: absolute;right: 5px;z-index: 999;opacity: 1;color: #ff8b00;}
×
Thank you for your interest
The respective sample has been mail to your register email id
×
CONGRATS!
$20 Credited
successfully in your wallet.
* $5 to be used on order value more than $50. Valid for
only 1
month.
Account created successfully!
We have sent login details on your registered email.
User:
Password:
MyAssignmenthelp.com delivers impeccable economics assignment help to countless students of Aus. With more than 5000+ remarkable assignment writers, proofreaders, and editors, we make sure we deliver only genuine assignment help solutions to our customers. We make instant corrections, cite and reference each of your resources accurately, and remove the minute traces of plagiarism from your papers. These are the experts who also provide paper modification writing service and free editing tips on the go.
Latest Management Samples
div#loaddata .card img {max-width: 100%;
}
MPM755 Building Success In Commerce
Download :
0 | Pages :
9
Course Code: MPM755
University: Deakin University
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answers:
Introduction
The process of developing a successful business entity requires a multidimensional analysis of several factors that relate to the internal and external environment in commerce. The areas covered in this current unit are essential in transforming the business perspective regarding the key commerce factors such as ethics, technology, culture, entrepreneurship, leadership, culture, and globalization (Nzelibe, 1996; Barza, 2…
Read
More
SNM660 Evidence Based Practice
Download :
0 | Pages :
8
Course Code: SNM660
University: The University Of Sheffield
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answers:
Critical reflection on the objective, design, methodology and outcome of the research undertaken Assessment-I
Smoking and tobacco addiction is one of the few among the most basic general restorative issues, particularly to developed nations such as the UK. It has been represented that among all risk segments smoking is the fourth driving purpose behind infections and other several ailments like asthma, breathing and problems in the l…
Read
More
Tags:
Australia Maidstone Management Business management with marketing University of New South Wales Masters in Business Administration
BSBHRM513 Manage Workforce Planning
Download :
0 | Pages :
20
Course Code: BSBHRM513
University: Tafe NSW
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Task 1
1.0 Data on staff turnover and demographics
That includes the staffing information of JKL industries for the fiscal year of 2014-15, it can be said that the company is having problems related to employee turnover. For the role of Senior Manager in Sydney, the organization needs 4 managers; however, one manager is exiting. It will make one empty position which might hurt the decision making process. On the other hand, In Brisba…
Read
More
MKT2031 Issues In Small Business And Entrepreneurship
Download :
0 | Pages :
5
Course Code: MKT2031
University: University Of Northampton
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answer:
Entrepreneurial ventures
Entrepreneurship is the capacity and willingness to develop, manage, and put in order operations of any business venture with an intention to make profits despite the risks that may be involved in such venture. Small and large businesses have a vital role to play in the overall performance of the economy. It is, therefore, necessary to consider the difference between entrepreneurial ventures, individual, and c…
Read
More
Tags:
Turkey Istanbul Management University of Employee Masters in Business Administration
MN506 System Management
Download :
0 | Pages :
7
Course Code: MN506
University: Melbourne Institute Of Technology
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Introduction
An operating system (OS) is defined as a system software that is installed in the systems for the management of the hardware along with the other software resources. Every computer system and mobile device requires an operating system for functioning and execution of operations. There is a great use of mobile devices such as tablets and Smartphones that has increased. One of the widely used and implemented operating syste…
Read
More
Tags:
Australia Cheltenham Computer Science Litigation and Dispute Management University of New South Wales Information Technology
Next