Contact Us
Sign In / Sign Up for FREE
Go to advanced search...

MBA Information Technology Preventing and Detecting Operational Risk Caused by Employees - Essay Example

Comments (0) Cite this document
Answer. IT security and internal fraud therein has gained tremendous relevance in recent decades and lack of it has caused unfathomable losses to the organisations. The following four major components in IT security against operational risk from employees can have direct bearing on the various frauds committed by the employees intentionally or unintentionally:
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER98.8% of users find it useful
MBA Information Technology Preventing and Detecting Operational Risk Caused by Employees
Read TextPreview

Extract of sample "MBA Information Technology Preventing and Detecting Operational Risk Caused by Employees"

Download file to see previous pages It has become imperative for the senior management to forcefully implement the appropriate measures to detect and prevent operational risk from employees in their organisations. Most of the measures, including security, need to be followed top down. An employee who sees an upright senior is less likely to engage in fraudulent behaviour.
Security Policies and Training. The next step is to develop security policies and provide training to ensure that everyone is aware of, understands them and also follows them in right spirit. The greater the understanding of how security issues directly impact production levels, customer and supplier relationships, revenue streams, and management's liability, the more security will be incorporated into business projects and proposals.
Most critical is an Acceptable Use policy (AUP) that informs users of their responsibilities. An AUP serves two main purposes: (1) It helps to prevent misuse of information and computer resources and (2) it reduces exposure to legal liability.
Security Procedures and Enforcement. The next step is to implement procedures, training, and enforcement of the AUP. Businesses cannot afford to ignore security risks nor can they afford the infinite cost of perfect security.
Security Tools: Hardware and Software. ...
Keep in mind that security is an ongoing, multilayered process and not a problem that can be solved with hardware or software tools. Hardware and software security defenses cannot protect against irresponsible business practices.
2. What events triggered the strong measures to prevent and detect internal fraud Name three laws that have antifraud measures.
Answer. Fraud Prevention and Detection. Internal audits and internal controls (cover later in the chapter) are critical to the prevention and detection of occupational frauds. Some high-profile examples of occupational fraud that were executed because of the lack of internal audits and controls leading to implementation of strong measures to prevent and detect internal fraud include:
NEC. In 2006, NEC had to restate its earnings for five prior years after discovering that a 50-year-old manager/engineer had been fabricating business deals. The bogus deals inflated sales by 36.3 billion yen ($311 million). The false transactions enabled the manager to embezzle tens of millions of yen, which he spent on entertainment.
Adelphia. A year after the public learned of the $600 million Enron scandal, the Rigases made Enron's fraud look like penny-change. The SEC uncovered the misappropriation and theft of tens of billions of dollars. In addition to the $2.3 billion the family stole from the company for their personal use, they caused losses investors of more than $60 billion.
Global Crossing. Corporate insiders knowingly sold more than $1.5 billion of artificially inflated company stock. In April 2005, the SEC filed a settled action for civil penalties against Global Crossing's former CEO, CFO, and VP of Finance for aiding and abetting the fraud. Each executive agreed to pay a $100,000 ...Download file to see next pagesRead More
Cite this document
  • APA
  • MLA
(“MBA Information Technology Preventing and Detecting Operational Risk Essay”, n.d.)
Retrieved from
(MBA Information Technology Preventing and Detecting Operational Risk Essay)
“MBA Information Technology Preventing and Detecting Operational Risk Essay”, n.d.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF MBA Information Technology Preventing and Detecting Operational Risk Caused by Employees

Operational Risk management

... and what do we do, Journal of Management information systems 15 (1) pp 9 -51 Teneyuca, D. (2001). Organizational Leader's use of Risk Management for Information Technology. Information Security Technical Report. 6 (3), pp. 54-59. Ward, P. (1998) The Evolution of structured analysis: Part I-The Early years. American Programmer, pp 4-16 Wharton, F.,(2001) Risk management: Basic concepts and general principles, Wiley, Chichester. Yourdon, E. (2003). Modern Structured analysis. Prenctice Hall International. Yourdon, E and Constantine, L. (2005) Structured Design, Yourdon Press, New York....
8 Pages(2000 words)Essay

Operational Risk

(Dictionary of Accounting, 1999).
Most of the prior studies on operational risk have focused on estimating operational risk in a financial institution. Frachot et al. (2001) explored the Loss Distribution Approach (LDA) for computing the capital charge of a bank for operational risk where LDA refers to statistical/actuarial methods for modelling the loss distribution. In this framework, the capital charge is calculated using a Value-at-Risk measure. Frachot et al. (2001) show how to compute the aggregate loss distribution by compounding the loss severity distribution and the loss frequency distribution, how to compute the total Capital-at-Risk using copulas, how to control the upper tail of the loss severity distribution with...
7 Pages(1750 words)Essay

Operational Management of Risk

.../index.html> Other reference material on Risk Management: ‘FSR503 Operational Management Of Risk’, (v06.01), “Australian & New Zealand Institute Of Insurance And Finance”, 2006, [Provided for Reference in secured PDF format], Date Accessed: 13 February 2009. More Information: StoneBurner.G, et al, “Risk Management Guide…”, NIST Special Publication 800-30, National Institute of Standards and Technology Special Publication 800-30 Natl. Inst. Stand. Technol. Spec. Publ. 800-30, 54 pages (July 2002), [Internet], CODEN: NSPUE2, Date Accessed : 18 February 2009, Available At: Chew.T, MAS (Monetary Authority of Singapore), “Reports & Consultation...
16 Pages(4000 words)Essay

Detecting preventing or mitigating DoS or Distributed DoS attacks

...Techniques for Detecting, Preventing or Mitigating Distributed Denial of Service (DDoS) s s Introduction When using the internet, individuals and companies face a threat from attackers with the aim of depleting internet resource in their target network (Patrikakis, Masikos, & Zouraraki, n.d.). The weakness they utilize is the nodes from the interconnectedness of world computers in a worldwide web, which makes it possible for them to access resources on their target, exhaust them and launch a DDoS attack against them (Glen, 2013; Nagesh, Kordcal, & Sekaran, 2007). The resources targeted by the attacker are their target`s bandwidth, data structure of their operating system and computing power of the system (Patrikakis, Masikos, & Zouraraki...
8 Pages(2000 words)Research Paper

Operational Risk Management

The cornerstone of risk management is the Basel I concept that was established in 1988. This concept provided for the application of good practice for active banks, with the objective of ensuring that banks hold enough capital to cover for risks. This resulted in the issuance of Basel II by the Basel Committee on Banking Supervision (BCBS), which was set by the governors of the G10 countries. In the attempt of Basel II to increase the amount of capital held by banks, the concept of operational risk was introduced for the first time.
Following this move, the Capital Requirements Directive was introduced in the EU, and shortly after the ICAAP was developed. The provisions of Basel II included the setting of the minimum capital t...
8 Pages(2000 words)Assignment

Dental Veneers as a Breakthrough in Modern Dental Technology

In today’s fashion-conscious world, porcelain and composite veneers remain some of the most popular choices for people seeking to improve the esthetics of their teeth. Porcelain veneers have several advantages when compared to composite veneers including durability, resistance to staining, and amount of tooth structure removed during the procedure.
First and foremost, the porcelain veneers are very durable. They are also very thin – usually between 0.5 - 0.7 millimeters – and brittle, although once bonded to a healthy tooth structure they can become quite strong. The bonding process increases durability and veneers made of porcelain can last for many years, oftentimes between 10-15 years depending on how wel...
8 Pages(2000 words)Term Paper

Project Risk Assessment: Qualitative Versus Quantitative Approach

The risks may vary in terms of nature or scope according to the situation. So since the risk is so common in project management, a very important aspect of managing a project is analyzing all the possible risks that are associated with that particular project. It makes no sense of going on with a project and not giving a thought to the risks that could affect the success. Once these risks are analyzed, the project manager will have all the possible risks in front of him. He will know the degree of risk and also the benefits that the organization will get if the risk is taken. Therefore only after a risk analysis, the project manager is in a position to conclude whether or not it is worth taking the risk and going on with a certain...
6 Pages(1500 words)Assignment

The Relationship Between Security, Risk and Health in a Large Organisation

... when a firm’s strategic plan needs to be developed. When dealing with these issues, managers in modern organizations tend to use appropriately customized policies – in accordance with their firms’ needs and the resources (employees, funds, technology) available. Current paper focuses on the examination of the various aspects of security, risk, health and safety within large organizations; Particular emphasis is paid on the fact that the demands of each one of these factors may be differentiated under the pressure of the market conditions and the organizational priorities. The case of Shell in Nigeria has been used as an example in order to show the potential co-existence and interaction of these factors within a specific organizational...
9 Pages(2250 words)Coursework

Impact of Motivational Factors upon Employees at Bank AlFalah and Standard Chartered Pakistan

The impacts of these policies upon the employees of the banks will be studied with the help of the responses of the employees of both of the banks. The proposed research study will present the case studies of these two banks by employing a qualitative research approach. The data and information for the study will be collected through secondary and primary resources i.e. through literature review and in-depth interviews of the employees of both the banks. The study will help in the identification of the major strengths and weaknesses present in the motivational policies of these banks and will allow proposing the formulation of improved policies.

Motivation basically refers to satisfying one’s needs through differe...
14 Pages(3500 words)Research Proposal

Info-Point: Marketing of New Touch Screen Information Technology

The development of the new Info-Point technology, a stand-alone information module designed to offer the public information on tourism, local shopping, weather, and transportation, has created the opportunity to successfully market these information technologies to different UK cities. The entire marketing concept is to establish self-service information centers that offer a wide variety of regional information, utilizing an easy-to-use touch screen methodology to cater to a broad mass market of consumers. 

Touch screen interface systems are becoming more and more common in the UK and abroad. During a pilot experiment using touch screen information technology, the automotive manufacturer Lexus piloted an informatio...
10 Pages(2500 words)Report

Information Security Management

Security is a group of activities that include the policies, measures, and actions which are utilized to stop unlawful access or alteration, theft, and physical damage to information or computer. Security can be supported by an assortment of techniques and tools to safeguard computer hardware, software communications networks, and data (Laudon & Laudon, 1999, p. 502). In the modern age of information technology, there are many threats happened for organizational information. We need a security model that has the ability to manage and secure our information reserves. Technical administrative safety /security measures like security plans, actions and techniques are the main practices for the organizational information security m...
10 Pages(2500 words)Research Paper

Information Security Policy of Organization

In the modern age of information technology, there are many threats created for organizational information. Organizations need a security model that has the capability to handle and secure our information reserves. Technical administrative safety /security measures like security plans, actions and procedures are the general practices for the organizational information security procedures. The attentiveness of producing actions is concerned by the organizations to an appreciably smaller level, on the other hand at the same time these are weighed up as being further efficient organizational actions than technical administrative ones. Information security encompasses organizational features, officially authorized aspects, institution...
6 Pages(1500 words)Research Paper

Organisations in the Engineering and Technology Environment: Singapore Airlines

In those days, just three flights per week, to Kuala Lumpur, Ipoh, and Penang, were all that the people in Singapore were privileged to. There were very fast developments in the situation in a span of two decades. During this period, Singapore’s Kallang Airport gained international exposure and started making huge additions to its fleet. Soon after the birth of the Federation of Malaysia on February 1963, the Malayan Airlines came to be known as the Malaysian Airlines, and in 1966, it was renamed the Malaysian-Singapore Airlines. But, in 1972, fifteen years from the day it was founded, Singapore Airlines split up with Malaysian Airlines and acquired a separate identity.
This split, however, helped the airlines to take i...
10 Pages(2500 words)Case Study

Business Information Systems

... for quantity It will increase the accuracy of place of operation Customer Information System The next main choice regarding the technology solution at Club IT will be customer information system. They need to implement this system for the business management, data handling and trisection management. This system will be business management (business information management) system. This system will have following inputs: Sales record of all transaction Record of all Store data Record of all employees Record daily expenses Record special events Record all discounts They will obtain following advantages from the system implementation: Calculating total daily revenue Calculating total expenses Calculating customer bills Calculating...
8 Pages(2000 words)Case Study

Global Employee Information and Consultation: Replicating the European Model

A significant step to enhancing the employees’ right to information and consultation is the establishment of the European Works Council (EWC). The EWC Directive (94/45/EC) aims to improve cooperation in transnational companies and to allow trade unions to influence, at least indirectly, the decision-making of corporations (Lockwood and Williams). It requires community-scale undertakings and community-scale groups of undertaking to create this mechanism for regular consultation of the workforce. A ‘community-scale undertaking’ is one with at least 1,000 employees within the Member States and at least 150 employees in each of at least two Member States (Lewis and Sargeant).

An EWC is a forum that would a...
9 Pages(2250 words)Coursework

Information Technology Security Risk

It is evidently clear from the discussion that threats can provide damage to the confidentiality, availability, and integrity of information present in the information systems. They explore opportunities for security breaches to cause confidential data invasion via unauthorized access, amendment of data, removal of information from information systems. Threats can hit the network from various sources. Threats are confidential on the parameters of different capabilities and approach including external approaches by cybercriminals, hackers, terrorists. For handling threats of different nature different risk mitigation and control methodologies are required in the context of protecting the prioritized infor...

13 Pages(3250 words)Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic MBA Information Technology Preventing and Detecting Operational Risk Caused by Employees for FREE!

Contact Us