Controls: The Case of iPremier 代写 ACC/ACF 2400
100%原创包过,高质代写&免费提供Turnitin报告--24小时客服QQ&微信:120591129
Controls: The Case of iPremier 代写 ACC/ACF 2400
Edward Tello
Chief Examiner ACC ACF 2400 s2 2017 1
ACC/ACF 2400
Assignment 2
Cybercrime and Information Systems
Controls: The Case of iPremier
Semester 2, 2017
Overview of the Assignment Task
A lot of experts argue that cybersecurity is a must for businesses. In fact, data loss and
breaches can cost businesses plenty in terms of lost productivity, lost revenue, damage to the
brand, and expensive recovery efforts. Problems inherent to computer security will likely
persist so security issues are increasingly relevant to general managers, whether they like it
or not.
iPremier is a successful high-end web-based retailer. This company was shut down by a
Distributed Denial of Service (DDoS) attack in 2009. The case presents a series of events before,
during, and after the cyberattack (few minutes after it ended). Although the case does not
describe actual events and iPremier is not a real company, everything that happens in the case
has happened to real companies.
You are required to write a report about cybercrime and information systems controls. Your
report should be guided by the specific questions documented in the section below titled
‘Requirements for the Report.’
Controls: The Case of iPremier 代写 ACC/ACF 2400
Information available to your team
Details of the business case can be accessed here:
https://cb.hbsp.harvard.edu/cbmp/pl/65679173/65812602/ce74e24db3a61b856
949919bbf23c311
Please note, hard copies of the case can be printed for use, one copy per the assignment
team member. Ensure the copyright statement is not removed when printing material.
Learning objectives and outcomes expected to be achieved by this assignment
This business case is aimed to illustrate a number of critical points about cybersecurity,
internal controls and the COBIT framework. Specific objectives addressed by this assignment
include:
Edward Tello
Chief Examiner ACC ACF 2400 s2 2017 2
Objective 1: Examine the role of business processes and the use of accounting information
systems in capturing and managing information that support the needs of
stakeholders.
Objective 2: Analyse and evaluate the design of business processes and accounting
information systems.
Objective 3: Explain the importance of internal controls and recommend internal controls
that cover key business processes and support the achievement of goals.
Objective 4: Apply critical thinking, problem solving and communication skills to analyse,
evaluate and interpret business processes and the accounting data that is
generated.
General Requirements
1. The report should not exceed 2500 words (EXCLUDING introduction, conclusion,
reference list, table of contents, and appendix) (alternative word count applies to
groups with less than 4 members – discuss with your tutor). It should be written using
a word processing software such as Microsoft Word. Please use Times New Roman and
a 12 point font.
2. The report should have appropriate headings and subheadings and include an
INTRODUCTION and CONCLUSION.
3. The report must include at least 10 references out of which at least 3 of them must be
peer-reviewed journal articles (EXCLUDING the textbook – Romney et al. (2013)).
4. You must follow Harvard system for citation and referencing (see:
http://guides.lib.monash.edu/citing-referencing/harvard).
5. Review the resources on the Student Q Manual for report writing skills including
information on plagiarism (http://business.monash.edu/students/study-
resources/related/components/qmanual.pdf).
6. In terms of the report, each group is responsible for assessing its level of plagiarism.
Although you can submit the report to Turnitin as many times as you like before the
due date, ONLY the final submission will count to Turnitin. Remember that you need
to wait at least 24 hours to try a new submission. This report is marked as a group.
7. Review the marking rubric so that you understand how you will receive feedback.
Submission Date/Time & Procedure
Submission Date/Time: Sunday 15 October, 11:55pm (Week 11), penalties apply for late
submission)
Only one team member needs to submit the Report (this document is to be submitted to
Turnitin and Assignment Submission Dropbox in Moodle)
Only one team member needs to submit the video link (in the same Assignment
Submission Dropbox as the aforementioned parts of the assignment)
Each team member needs to complete a CATME Peer Evaluation (details about this
software and instructions on how to complete will be communicated shortly).
Edward Tello
Chief Examiner ACC ACF 2400 s2 2017 3
Marks
This assignment is a team assignment and is worth 20% of the total mark for this unit. Marks
for individual contributions to the team effort will be allocated using the CATME Team Self-
Assessment tool (the information about software for conducting self-assessment as well as
the detailed instructions about the software will be communicated shortly).
Mark breakdown per task
Task Marks
A (report) 15
B (oral presentation /
video)
5
Total 20
Submission format for different sections of the assignment
• Submission format of the Report: .doc, .docx, or .pdf file
• Online submission of the CATME Peer Evaluation Completion (team member
assessment document): to be announced shortly
• Submission on a Word Document in which you provide the link to the video posted on
YouTube: .doc, .docx
A. Requirements for the Report
After reading the iPremier case study, you need to write a report that will cover the issues of
Cybercrime and Information Systems Controls. The report should answer the following
questions:
1a. Based on the information provided, critically evaluate the role of iPremier
management in relation to information security [Hint: In your evaluation, use
two (2) activities of Table 14.1 Romney et al. (2013 p. 423) which are related to
COBIT security control objective DS 5.1].
1b. Do you think that security was a priority for iPremier management? Justify your
position.
2a. Did the risk reduction measures put in place by iPremier work appropriately
during the cyberattack? [Hint: Explain three (3) measures adopted and also
whether they failed or not].
2b. Assume iPremier wishes to insource their data centre. Under this new scenario,
recommend three (3) internal controls that iPremier should implement to either
prevent, detect or correct future cyber-attacks [Hint: Classify each control as
either Preventive, Detective or Corrective, explain and justify its importance].
Edward Tello
Chief Examiner ACC ACF 2400 s2 2017 4
3a. At some point during the crisis, Bob asks Joanne whether they have emergency
procedures such as a Business Continuity Plan (BCP). Discuss three (3) benefits
and three (3) challenges of BCPs.
3b. Would you recommend iPremier adopting a Business Continuity Plan (BCP) or a
Disaster Recovery Plan (DRP)? Justify your recommendation.
4. The iPremier case was written in 2009. Investigate two (2) major data breaches
within organisations over the last 3 years (since 2015). Explain what happened,
what the cause was, what internal controls were absent or failed, and what the
implications were.
Report Structure and Presentation:
• Title page that lists all the authors (Name, Surname, Student ID, tutorial times, and
the name of the tutor),
• Table of contents,
• Introduction
• Main body,
• Conclusion
• Reference List (all references listed must be cited somewhere in the text),
• Appendices (in case if any supplementary information needs to be reported).
*Note: The report must be attractive but don't go overboard: content is more
important.
** More information on the style of business reporting is available in the Q Manual
(http://business.monash.edu/students/study-resources/related/components/qmanual.pdf).
B. Requirements for oral presentation, video recording and submission
Task Description
Step 1: Prepare
your oral
presentation
• Prepare a 5 min video presentation (alternative times apply to
groups with less than 4 members – discuss with your tutor) in which
you provide the main findings of your report. You might also want
to provide a brief background about the case, but this is not
required (remember the video should run for a maximum of 5
minutes).
• Be creative! You decide how you want to present your findings. For
example, some students might want to prepare some visual aids
Edward Tello
Chief Examiner ACC ACF 2400 s2 2017 5
(e.g., PowerPoint / Keynote slides) to support their presentation
[note: you do not have to submit separately the visual aids used in
your presentation]. Other students, however, might want to do a
role-play video presentation.
• All team members must appear on the video, but not everyone has
to speak in front of the camera for the same length of time. Again,
you decide how you want to present the information required.
Step 2: Record
your oral
presentation
• There are a vast number of ways that you can logistically record yourself
delivering an oral presentation. If you have experience in this area and/or
would like to develop this skill, feel free to develop your own method. For
those of you who do not know where to start, the following videos
demonstrate a simple and free process you can follow:
o Record your video - PC version
o Record your video - mac version
Video editing is optional for this assignment. However, it is important to
make sure your presentation recording looks polished and professional
(e.g., plan what you will say beforehand, do a test recording to get the
recording volume right, and film in a well-lit location, etc.). Refer to the full
list of quality guidelines in the 'Presentation' section below.
Step 3: Upload
video to
YouTube
• Very carefully follow the instructions for how to Upload your video to
YouTube and then provide a link to your video via the assessment
submission point (see below).
• Be aware that depending on your internet connection and file size, upload
times can be significant. Please allow sufficient time before the due date
for your video to upload to YouTube.
Make sure you select the 'Unlisted' privacy setting when you upload your
video to YouTube, as shown in the help guide above. If your video is left as
'Private', your marker will be unable to access your submission and if this
is the case, you may receive a zero on this assessment. So please double
check this!
Time Limit
There is a strict time limit of 5 minutes for this assessment (alternative times apply to groups
with less than 4 members – discuss with your tutor). Any information you include after the 6
minute mark will not be assessed. The length of the presentation will be taken as the
recording length. So edit out any fumbling around at the beginning / end of the recording if
necessary to ensure your recording length is below the limit.
Presentation
Note that this part of the assignment is assessing your ability to deliver an oral presentation
summarising a report, and NOT to create multimedia. So, do not be overly concerned about
Edward Tello
Chief Examiner ACC ACF 2400 s2 2017 6
your video recording and/or editing skills. However, we do need to be able to clearly see and
hear your presentation. This means:
• All team members must appear in the video (at least once). However, not everyone has
to speak in front of the camera for the same length of time. For example, if you do a
role-play video presentation, each member will have a different role and, consequently,
will not necessarily speak on camera the same length of time.
• Film in a location that has appropriate lighting (no back lighting that casts your face into
shadow)
• Film in a location with little to no background noise so your voice can be clearly heard
• Noise from recording equipment/computer should not interfere with the presentation
• Audio quality should be high and your microphone volume adjusted so your voice can be
clearly heard
• If using slides, use an appropriate font size so any text on your slides is easily readable by
a person watching the video of your presentation. In addition, they need to be fully in
frame and clearly visible throughout the presentation.
Essentially, we can only award marks for what we can perceive. So, you will lose marks if
elements of your presentation cannot be seen or heard in the recording that is submitted for
marking. Do a short test recording before filming your actual presentation to ensure all of
the above points are addressed. Then check the quality of the video again after it has been
uploaded to YouTube to ensure the quality is still appropriate.
Format
As per the instructions above, you will upload your video presentation file to YouTube and
provide the weblink to your video for marking in a Word document.
Names, Student IDs, Tutorial Times, and Roles of all Group Members (if applicable) should be
presented on a slide for at least few seconds –either at the beginning or at the end of the
video. For the sake of time, you do not have to voice (pronounce) this information.
Make sure you acknowledge the source of all references, images, videos, etc., used in your
presentation. For images and videos, report the weblink for the source at the point where it
is presented. For scholarly sources, in text citations and a reference list should be supplied as
per usual. The reference list should be displayed for at least a few seconds at the end of the
video.
C. Team Member Assessment Document
The team assessment involves scoring each team member’s meeting attendance,
contribution to ideas and planning, timeliness, whether an equitable amount of work was
performed, and contribution to the overall success of the project. All group members must
submit the CATME Peer Evaluation (penalties will be applied to those who fail to complete
it). More details about this part of the assessment will be posted soon.
Edward Tello
Chief Examiner ACC ACF 2400 s2 2017 7
Assignment 2 – Assessment Criteria
Criteria Description Marks
earned
Marks
possible
Statement of management procedures
Management and security • Comprehensive and insightful assessment of management’s role in relation to information security.
• Fully developed and supported assertions.
18 %
Risk Measures and
Internal Controls
• Comprehensive identification of all risks.
• Proposed internal controls to mitigate risks are of consistently high quality and well-justified.
18 %
Business Continuity
Planning
• Outstanding supported analysis of benefits and challenges.
• Skilful identification & use of AIS & business concepts.
• Fully developed & supported assertions.
18 %
Data breaches - cases • Breaches covered are pertinent and significant.
• Cause, explanation, and implications are thoroughly presented and amalgamate research from various
academic and credible sources.
• Analysis demonstrates a particularly in-depth reflection.
• Viewpoints and interpretations are insightful and well supported.
18 %
Presentation including
Introduction and
Conclusion
• Students presented information in an outstanding, logical, interesting, and entertaining structure which
audience can follow. Excellent presentation.
• Introduces the topic in an insightful way.
• Strong, definitive conclusion.
14 %
Clarity, expression and
referencing
• Little or no grammatical punctuation, spelling or capitalisation errors that do not impede meaning.
• Expression is consistently clear and concise.
• At least 10 sources using Harvard referencing style with few or no mistakes.
• The overall presentation of the report document confirms to the standards reported in the Q Manual
(https://business.monash.edu/students/study-resources/related/components/qmanual.pdf)
14 %
Total
Controls: The Case of iPremier 代写 ACC/ACF 2400
100 %
Edward Tello
Chief Examiner ACC ACF 2400 s2 2017 8
Oral presentation / video
Focus and content • Main points are clear and well argued.
• Brings closure with action statement.
• All presenters are clearly identified.
40 %
Verbal style - clarity • Speaks clearly and distinctly. No mispronounced words.
• Language is appropriate to non-technical audience.
20 %
Visual style – creativity
and visual aids
• Imaginative design with role-play scenarios or other creative approaches integrated into presentation.
• Visual aids, such as on-screen captions and signs, well-chosen & presented.
30 %
Length / time • Presentation within allotted time.
10 %
Total
100 %
Controls: The Case of iPremier 代写 ACC/ACF 2400