Risk Controls



A sustainable information risk management system is vital to any business’ survival in battling off the growing number of potential threats associated with the dynamically changing IT environment (Saluja & Idris, 2015). It is important for all companies to implement a framework such as COBIT 5 or the ISO 31000* standard in order to effectively respond to risk scenarios. A system like such would have been useful to a former workplace of mine where a manager left his unlocked phone in the back of an UBER. His phone was stolen, and the perpetrator was able to access the companies own Facebook account. Without a password on his phone, the perpetrators were able to tarnish the business’ reputation and caused a lot of negative publicity.

Cobit 5 highlights the firm’s processes, such as controls around strong passwords, as an enabler to achieve a sustainable risk appetite and overall end-to-end approach. It would be necessary for companies to implement a system which will safeguard themselves against physical loss of data, unauthorised individuals accessing private information and from the ugly wrath of cyber hackers (Mentzer & Manuj, 2008). Therefore, businesses should view managing said risks as a fundamental element to sustaining effective daily operations.



* ISO 30000 Standard
·       https://www.iso.org/iso-31000-risk-management.html






Report finds Australia to be lucrative market for cyber criminals: http://www.abc.net.au/news/2016-02-26/cyber-criminals-increasingly-targeting-australia/7203478 


References

Mentzer, J. T. & Manuj, I., 2008. Global Supply Chain Risk Management. Journal of Business Logistics, Volume 29.
Saluja, U. & Idris, D. N., 2015. Statistics bases on Information Security Risk Management Methodology. International Journal of Computer Science and Network Security, 15(10).


Comments

Post a Comment

Popular posts from this blog

The Fraud Triangle lives on

Image
Over the years there have been many comprehensive frameworks that relate to fraud such Differential Association theory and the General Strain theory. Despite the rapidly advancing culture of technology, Cressey’s Fraud Triangle continues to be a pivotal model used in many industries (Allbrecht, 2014). The model explains the three components that lead to fraud, bribery or corruption as pressure, opportunity and rationalisation . An example of these components was seen at my Dad’s old workplace. A few members were feeling mistreated by management and felt they were greatly underpaid for all their hard work and service.  They decided to begin stealing money from the cash registers over a period of time and were later caught and dealt with accordingly. The workers were able to rationalise as they thought they deserved to be paid more for all their hard work. They had the pressure of financial difficulties and the resentment towards management and lastly had the opportunity , mo
Read more

The Quantification of Damages role

Image
Damages are a monetary award that the law can impose for breach of duty or a tort (Tam, 2017) . It is imposed so that the plaintiff would still be in the same position if the original breach had not occurred. My friend, who undertook work experience for a forensic accounting, firm told me of a case he worked on involving an old JB Hi Fi. In this instance, JB Hi Fi had to close down a store because the council had built a bypass that blocked off and hid away the store. His role was to determine the resulting damages. Forensic accountants quantify this financial loss, work out a business valuation and calculate other damages resulting from an injury, to use in court proceedings. They deliver an expert unbiased business valuation report in court for disputes or civil action law suits (Giliberti, 2014) . Calculating the loss of profits is yet another measure of damages vital to the role of financial accountants  (Pfeiffenberger, 2016) . This loss is calculated if the business cont
Read more

Out with the old. In with the new!

Image
Whilst a good cop/bad cop has reaped good results over the years, of late a more humanitarian approach such as Motivation Interviewing or PEACE is proving to be more successful, particularly for first time fraudsters. Choosing the right technique can make a significant impact to investigating fraud. An example of the negatives of the good cop/ bad cop approach was felt when I went for an interview a couple of years ago at a clothing store. The interviewers took a good cop/bad cop approach to the interview and it made me feel very intimidated. In turn, I was unable to answer questions properly and found myself even lying in different parts due to the intimidation. This is similar to when good cop/ bad cop approach in legal interviews leads to a false confession.  If the interviewer had taken a more humanitarian approach by building relationship of trust and understanding, I would have felt more relaxed and would have most likely been able to properly and truthfully answer the ques
Read more