Week 2: Aligning Risks, Threats, and Vulnerabilities to COBIT P09 Risk Management Controls Lab #2 Lab Report File: Risk Management – IS355 Sherry Best Nicole Goodyear January 23, 2018 Describe the primary goal of the COBIT v4.1 framework. Define COBIT. The purpose of COBIT is to provide management and business process owners with an information technology (IT) governance model that helps in delivering value from IT with understanding and managing the risks associated with IT. COBIT also bridges the gaps between control requirements, business risk, and technical issues. It is a control model to meet the needs of IT governance and ensure the integrity of information and information systems by developing good practices for IT control for organization.
The primary function of AIS is assigned the qualitative value of economic events. It is a computerized accounting of produce the financial statement named as Income Statement. Cash Flow Statement and Balance sheet. Accounting Information System can ensure the reliability of financial information processing and control and measures the economic information reliability. Managers Need AIS means to decide internal controls.
The Rand report R-609 was the document that began computer security, discussing policy considerations, intrusions, recommendations and physical security threads. 19- Who decides how and when data in an organization will be used and or controlled? Who is responsible for seeing these wishes are carried out? The Chief Information Officer (CIO) decided when and in what ways data will be controlled among an organization and the Vise President of Information Technology is responsible for seeing this wishes carried
Financial statements are useful tools in the evaluation of a company’s financial performance and position. It provides stakeholders with an understanding of the multiple factors driving the business. This includes strategic, financial and economic aspects which collectively portray a representation of the company which stakeholders can use to assist their decision-making. In order for financial statements to be useful in decision-making, it must incorporate the qualitative characteristics of relevance, reliability, comparability and understandability through the employment of the Generally Accepted Accounting Principles (GAAP). However in certain instances, entities don’t conform to the GAAP and fraudulently manipulate their financial reports
What are the responsibilities of internal auditors? (1) Possess the skills necessary to perform change management audits (2) Understand the technical and business environment, as well as factors that influence the change control effectiveness (3) Learn how to assess change management
The assumptions are quantified in order to check their criticality. It is then possible to put the financial results in a spreadsheet and link them together. The financial impacts will change for the various assumptions. CAP measures the criticality of an assumption as a change in the net present value of a venture (NPV). To calculate criticality each assumption is assigned a range of uncertainty: base case, best and worst case.
Business requirements of data warehouse helps in the further development of data warehouse. While gathering or defining business requirements for data warehouse, the main focus should be on information rather than technology. But, what type of business requirements or information are required in data warehouse for data analysing purpose. Suppose a business analyst user of a company wants to analyse sales of that company. So, what type of information is required for in-depth sales analysis purpose?
In reference to Marks and Spencer, it is essential for organisation before making use of best-in-class benchmarking to measure organisational performance by analysing internal as well as external competition. It can be an integral part for improvement of organisation, however it is a fact that Marks and Spencer could not able to employ all the relevant strategies patented by competitors. But it can help in making appropriate business decisions as management will be aware of all the advantages as well as difficulties that lies in incorporating specific changes. It depicts that role of best-in-class benchmarking data play efficient role in decision making process which is dependent on the business requirements of Marks and Spencer (Shao L. P.,
It plays a major role in competency/value measurement for its performance of different projects. It helps organization for evaluation of the project. IT also helps good governance planning by understanding the projects and business strategy. IT partner with the business for any new project and its deliverable will be based on business requirement. For example, IT has to develop a separate and secured environment for banking and Finance sectors project and IT has to manage and adhere all the prerequisites demand by client.
(A02) C. Analyses key research findings of the following to quantify and develop an integrated business plan: marketing, operations and financial plans. (AO3) D. Evaluates the viability of the business plan in order to support a case for funds, based on an assessment of: relevant financial ratios; pay-back periods;