Professional Documents
Culture Documents
Plagiarism Declaration Form (T-DF)
Plagiarism Declaration Form (T-DF)
Instructions
Please complete and attach this Plagiarism Declaration Form to each Assignment that you
submit into the Online Assignment Submission (OAS) system for marking.
I declare that the attached work is entirely my own (or when submitted to meet the requirements
of an approved group assignment is the work of the group), except where materials cited, quoted
or paraphrased are acknowledged in the text. I also declare that this work / assignment has not
been submitted for assessment in any other course or university without due acknowledgement.
I understand that plagiarism, collusion, and copying are grave and serious offences.
I understand that disciplinary action (which may include deduction of marks in the Assignment) will be
taken against me if I am found to be an offender of Assignment plagiarism.
Full name and IC No: NUR HIDAYAH BT MOHD ABU BAKAR
Date: 6/12/2020
Assignment No: 3
Financial systems are the hub of any establishment, and with the pandemic crisis still
ongoing, most companies are facing multiple likelihood of threats that could adversely
impact them. Identify and explain TEN (10) controls that can be adopted to counter
marks)
II. Physical and remote access control " focusing on remote (Internet, dial-up and
(by log analysis and intrusion detection system), reconciliation, audit, and inventory
I. Log analysis " Access and activity log data are gathered and analysed
regularly (at least daily). These analyses may reveal attempts to access
applications and data files. Some log management applications provide rule-
based and text based mechanisms that alert security officers or auditors of
II. Intrusion detection systems (IDS) " Most IDSs operate follow one or the other
former case, the system records specific attack patterns (i.e., attack signatures)
and compares them with the traffic or activities recorded in log files.
3. Directive controls foster proper behaviour that supports the firm’s risk strategic
objectives. Examples are policies, access rights determination. Directive Controls are
actions taken to cause or encourage a desirable event to occur. They are broad in
nature and apply to all situations. Examples are organization structure, policies,
4. Corrective controls ensure improper actions are corrected. Examples are computer
measures taken to repair damage or restore resources and capabilities to their prior
individual applications to help ensure all transactions are valid, properly authorised,
and accurately processed. Firewalls and virus detection tools, user authentication and
6. Physical controls reinforce physical access and utilisation of PCs, workstations and
other assets. Common controls include door locks and security guards.
unauthorized access to physical areas, systems, or assets. This includes things like
fences, gates, guards, security badges and access cards, biometric access controls,
These can apply to employee hiring and termination, equipment and Internet usage,
Security awareness training for employees also falls under the umbrella of
administrative controls.
QUESTION 2
Explain FIVE (5) course of actions to mitigate risks in the financial sector during this
Five course of action to mitigate risks in the financial sector during this pandemic crisis is the
first action which is readiness assessments. A readiness assessment is a good place to start
when organizations don’t know what their business continuity program should comprise.
organization to evaluate their business continuity program against a best practice standard
and identify where gaps may exist. These readiness libraries break down standards and best
practices into actionable pieces so that organizations can track progress and adherence. As an
example, company can select just 10-25 questions from these standards and push out to all
managers’ enterprise wide or a subset of front line managers in sales, marketing, and service,
finance, HR and others in a risk management plan to learn their state of preparedness in risk
management on any topic. To evaluate your overall readiness in risk management, take this
assessment.
Second action is the risk management plan. All organizations should complete a risk
assessment on their core business processes to identify and prioritize any new risks or gaps in
their existing controls for new scenarios like pandemics, recession, and geopolitical
conditions risks. First-level managers on the front line when prompted with risks are in the
best position to be able to assess how these scenarios will impact their areas of responsibility.
As an example, a number of risk events could trigger the need to work offsite during
pandemic. These external risk factors should be assessed and prioritized. Ask participants to
list what could go wrong and what needs to happen. The idea of risk management planning is
that one readiness assessment can serve many different kinds of scenarios so an organization
Third action is the business impact analysis. Not all risks within processes or functions
within an organization should be treated the same way. A business impact analysis allows
organizations to identify which parts of the business are most critical to its operations. Use
the results to determine which parts of the organization to prioritize during a business
physical events and customer meetings into digital equivalents can achieve social distancing
Fourth action will be the policy management. As the pandemic evolves and new information
arises, policies will need to be revisited and updated and communicated. For example,
that revised policy is made with governance tracking for adoption across the organization. As
an example, a review of the activities that lead to sales will let you know if any of your sales
reps are struggling. These policy changes then need to be escalated to the right committee in
your organization and then pushed back out to all employees and resigned for people
operations compliance. Tying the context of how this requirement was surfaced and when the
policy was changed while providing evidence of acknowledgement by employees will save
and policy activities as well as to manage the exceptions, which are typically 20% of all
activities. As an example, this includes questions like needing equipment like a monitor,
keyboard or a headset to effectively work from home, getting manager approval, and figuring
out a way to make the equipment available. It is critical that these incident management
issues can be work flowed from the individual that reports it to the chain of who needs to take
action and that this tracking and follow-up is recorded and reported. These incident
resource and response management platform that ties back to each of the other five steps.
QUESTION 3
Illustrate the process work flows in an accounts receivable section of the Accounting
Department via a simple process flow diagram. It is compulsory to include all necessary
pertinent processes, process flows and corresponding labels in your diagram. (20 marks)
REFERENCE
I. https://conserve.com.au/risk-control-measures-in-workplace/
II. https://www.ashconversions.com/services/accounts-receivable-workflow-automation/
III. https://www.ukessays.com/essays/business/risks-and-threats-of-accounting-
information-system.php