System Management of Bell Studios: Loopholes, Risks, and Expenditure Cycle Costs
VerifiedAdded on 2023/01/04
|14
|2435
|50
AI Summary
This report discusses the system management of Bell Studios, identifies loopholes and risks, and explores the expenditure cycle costs. It includes data flow diagrams, system flowcharts, and discusses internal weaknesses and potential risks.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: BELL STUDIO
BELL STUDIO
Name of student:
Name of university
Author’s note:
BELL STUDIO
Name of student:
Name of university
Author’s note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
BELL STUDIO
Table of Contents
Introduction....................................................................................................................3
Discussion......................................................................................................................3
Data flow diagram of purchase and cash disbursement system.................................3
Data flow diagram of payroll system.........................................................................4
System flowchart of purchase system........................................................................5
System flowchart of cash disbursement system.........................................................6
System flowchart of payroll system...........................................................................7
Risk connected with the internal control weaknesses identified....................................8
Organizational weakness............................................................................................8
Conclusion................................................................................................................11
Table of Contents
Introduction....................................................................................................................3
Discussion......................................................................................................................3
Data flow diagram of purchase and cash disbursement system.................................3
Data flow diagram of payroll system.........................................................................4
System flowchart of purchase system........................................................................5
System flowchart of cash disbursement system.........................................................6
System flowchart of payroll system...........................................................................7
Risk connected with the internal control weaknesses identified....................................8
Organizational weakness............................................................................................8
Conclusion................................................................................................................11
BELL STUDIO
Introduction
The objective of the report is to discuss system management of Bell Studios, identify
the loopholes, risks generated by them and expenditure cycle costs. In the report the data flow
diagram shows cash disbursement and purchase process. The data-flow diagram comes with
system flowcharts evaluation of the purchase system, payroll and disbursement of cash. The
report further discusses the internal weaknesses of the organization in the control system and
the various potential risks associated with the weaknesses.
Discussion
Data flow diagram of purchase and cash disbursement system
Introduction
The objective of the report is to discuss system management of Bell Studios, identify
the loopholes, risks generated by them and expenditure cycle costs. In the report the data flow
diagram shows cash disbursement and purchase process. The data-flow diagram comes with
system flowcharts evaluation of the purchase system, payroll and disbursement of cash. The
report further discusses the internal weaknesses of the organization in the control system and
the various potential risks associated with the weaknesses.
Discussion
Data flow diagram of purchase and cash disbursement system
BELL STUDIO
Data flow diagram of payroll system
Data flow diagram of payroll system
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
BELL STUDIO
System flowchart of purchase system
System flowchart of purchase system
BELL STUDIO
System flowchart of cash disbursement system
System flowchart of cash disbursement system
BELL STUDIO
System flowchart of payroll system
System flowchart of payroll system
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
BELL STUDIO
Risk connected with the internal control weaknesses identified
Organizational weakness
The organizations have numerous weaknesses in the payroll system, purchase system
and cash disbursement system. The weaknesses cannot be ignored as they can create potential
risks for the system of the company. The risks include improper functioning of the system of
the company and serious damage to company asset. The weaknesses are provided with
immediate attention to get the problem resolved at the earliest to control data and asset
damage. The major weaknesses connected with the system are mentioned below:
The changes made in cash disbursement and purchase process which in itself is a
complex and a critically important process, unfortunately the change could cause operational
disruptions as it depends on the implementation and deployment of the system.
Administrators of the organization might use delay updates or segmentation methods to
prevent process shutdown and downtime of the system. The systems which are lying outdated
are easily compromised and lagging behind significantly compared to the others. There are
patch works on the updated system which are not strong enough to promote complete
protection to the system. These gaps put the organization into risky situations and can stay
unidentified over several years. Such patches are solely enough to generate risks and danger
for the organization as a whole.
Weaknesses and software patches creates vulnerabilities for the system as these
vulnerabilities become easy spots for the entry of attackers. External threats become
inevitable for such cases and the risks of the attack cannot be denied. The organization stores
important and classified data in the computer system that runs the risk of being stolen or used
unethically. In cases like this, confidentiality of data is breached, leading to the loss of
valuable and sensitive information of the organization. Hackers easily discover soft spots in
Risk connected with the internal control weaknesses identified
Organizational weakness
The organizations have numerous weaknesses in the payroll system, purchase system
and cash disbursement system. The weaknesses cannot be ignored as they can create potential
risks for the system of the company. The risks include improper functioning of the system of
the company and serious damage to company asset. The weaknesses are provided with
immediate attention to get the problem resolved at the earliest to control data and asset
damage. The major weaknesses connected with the system are mentioned below:
The changes made in cash disbursement and purchase process which in itself is a
complex and a critically important process, unfortunately the change could cause operational
disruptions as it depends on the implementation and deployment of the system.
Administrators of the organization might use delay updates or segmentation methods to
prevent process shutdown and downtime of the system. The systems which are lying outdated
are easily compromised and lagging behind significantly compared to the others. There are
patch works on the updated system which are not strong enough to promote complete
protection to the system. These gaps put the organization into risky situations and can stay
unidentified over several years. Such patches are solely enough to generate risks and danger
for the organization as a whole.
Weaknesses and software patches creates vulnerabilities for the system as these
vulnerabilities become easy spots for the entry of attackers. External threats become
inevitable for such cases and the risks of the attack cannot be denied. The organization stores
important and classified data in the computer system that runs the risk of being stolen or used
unethically. In cases like this, confidentiality of data is breached, leading to the loss of
valuable and sensitive information of the organization. Hackers easily discover soft spots in
BELL STUDIO
the system software as that becomes their gateway to the system. The information or data
accessed illegally can be used in unethical ways to the attacker’s advantage. The company
stores both financial and professional reports of the enterprise which are managed in DB
(database) of the organization. The existing data security policies and system security law and
regulation needs to be polished and strengthen to avoid redundancy in the network system of
the organization.
Weaknesses when are noticed by external agents, they become the soft spots for entry
of the attacks. Cyber attackers will easily exploit the vulnerabilities in the system and use it to
harvest huge amount of data. Cyber attackers have become focused on what they are
attacking. The outdated system of the organization possesses major threat of cyber attack.
The attackers can easily gain control of the system of the organization and then access
confidential data. Data can be siphoned to use it against the organization. The unsecured IS of
the organization offers ability of siphoning data which is otherwise is hard to access.
Additional weakness of the organization is the culture and environment of the
organization. Negative culture helps in opening of more vulnerable points in the system
which leads to creation of additional threats and risks for the organization. The weaknesses
arise in the organization mostly when the employees do not adhere to the procedures and
policy of the organization.
Unauthorised access
One of the common risks in related to security in digital information system of an
organisation is illegal access to private informations. The hackers making use of the advance
technology are able to access the servers and corrupt them. The computer viruses invading
the systems are another source of risk. Being malicious software it intervenes the system
without the consent of the user and has the capability of deleting files, duplicating them or
the system software as that becomes their gateway to the system. The information or data
accessed illegally can be used in unethical ways to the attacker’s advantage. The company
stores both financial and professional reports of the enterprise which are managed in DB
(database) of the organization. The existing data security policies and system security law and
regulation needs to be polished and strengthen to avoid redundancy in the network system of
the organization.
Weaknesses when are noticed by external agents, they become the soft spots for entry
of the attacks. Cyber attackers will easily exploit the vulnerabilities in the system and use it to
harvest huge amount of data. Cyber attackers have become focused on what they are
attacking. The outdated system of the organization possesses major threat of cyber attack.
The attackers can easily gain control of the system of the organization and then access
confidential data. Data can be siphoned to use it against the organization. The unsecured IS of
the organization offers ability of siphoning data which is otherwise is hard to access.
Additional weakness of the organization is the culture and environment of the
organization. Negative culture helps in opening of more vulnerable points in the system
which leads to creation of additional threats and risks for the organization. The weaknesses
arise in the organization mostly when the employees do not adhere to the procedures and
policy of the organization.
Unauthorised access
One of the common risks in related to security in digital information system of an
organisation is illegal access to private informations. The hackers making use of the advance
technology are able to access the servers and corrupt them. The computer viruses invading
the systems are another source of risk. Being malicious software it intervenes the system
without the consent of the user and has the capability of deleting files, duplicating them or
BELL STUDIO
disrupting the whole system. There have been certain cases where lack in programming
makes a system vulnerable to virus attack. The disruptions in the information systems may be
accidental or intentional. The intentional attackers are detrimental to the health of any
organisation and the attackers usually get hold of the insiders’ knowledge and prove to be a
major hindrance to the company’s work by crippling the information systems. The mostly
effected parts of the organization could be deletion of software, changing the data, planting
viruses and worms and the framework and hardware. An individual’s deliberate intentions to
disrupt an organization’s information system may lead to heavy losses of data that cannot be
retrieved anymore. The threat associated with hacking is that the organisation cannot access
the system and its resources at that moment. The damage could be minor or major but it will
affect the database of the organisation significantly. Errors that are made by the employees of
an organisation add to the risk and can be considered as one of the major causes of the system
being disrupted. The errors made by the persons within the organization can be avoided by
the nature and attitude of the employees along with the work environment.
Sniffing and spoofing
The cyberpunk hide their identity by using fake mail ids and even steal others identity
to cripple the information systems of an organisation. Some web links redirect users to
different addresses that do not have any connection with the original web page and this is
termed as spoofing redirecting. Sniffer is a program that eavesdrops and stalks on the
information being transferred over a particular network. The sniffing tool being used
according to the laws and regulation can help in assisting individuals to find the trouble
making spots in a network and resolve the matter. It is difficult on the part of an organisation
to detect the sniffer program. The hackers are helped by the sniffer to steal the confidential
information from any place within the network system that encloses the financial reports of
the firm, email messages and essential files of the company. The Trojan has emerged as the
disrupting the whole system. There have been certain cases where lack in programming
makes a system vulnerable to virus attack. The disruptions in the information systems may be
accidental or intentional. The intentional attackers are detrimental to the health of any
organisation and the attackers usually get hold of the insiders’ knowledge and prove to be a
major hindrance to the company’s work by crippling the information systems. The mostly
effected parts of the organization could be deletion of software, changing the data, planting
viruses and worms and the framework and hardware. An individual’s deliberate intentions to
disrupt an organization’s information system may lead to heavy losses of data that cannot be
retrieved anymore. The threat associated with hacking is that the organisation cannot access
the system and its resources at that moment. The damage could be minor or major but it will
affect the database of the organisation significantly. Errors that are made by the employees of
an organisation add to the risk and can be considered as one of the major causes of the system
being disrupted. The errors made by the persons within the organization can be avoided by
the nature and attitude of the employees along with the work environment.
Sniffing and spoofing
The cyberpunk hide their identity by using fake mail ids and even steal others identity
to cripple the information systems of an organisation. Some web links redirect users to
different addresses that do not have any connection with the original web page and this is
termed as spoofing redirecting. Sniffer is a program that eavesdrops and stalks on the
information being transferred over a particular network. The sniffing tool being used
according to the laws and regulation can help in assisting individuals to find the trouble
making spots in a network and resolve the matter. It is difficult on the part of an organisation
to detect the sniffer program. The hackers are helped by the sniffer to steal the confidential
information from any place within the network system that encloses the financial reports of
the firm, email messages and essential files of the company. The Trojan has emerged as the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
BELL STUDIO
authority for accessing the computers and the Trojan horses may be utilized to execute the
attacks on the system that can prove to be detrimental to the organization. Trojan horses
being used for crippling the confidential data has been increasing in an alarming rate. The
Trojans that the firms generally face are developed to gather the data and transmit the same to
the owner. The keyboard data captured by the owner of any Trojan allows him to collect
important informations such as the passwords and outgoing messages. The cyberpunks use
this data to attack the information system of the organization and result in loss of essential
data. The payroll department faces the problem of data theft that includes creating copies of
files without any such physical damage. The software is stolen in this way or alterations are
made in the records. In situations when the confidential files are deleted or damaged then the
value of duplicate data increases automatically. The data could include the keys to activate
passwords for the software, sensitive correspondence, as well as all informations those have
been stored in the system of the victims. If the competitor of any organisation gets access to
the consumers list then the data can be used to target the customers and negatively affect the
organization. The result of these acts could mean the crash of the organizational structure and
the reputation of the firm could be at stake. The other risks that could be associated to the
weakness of the informations system is the deliberate damage made to the system by the
employees who are dissatisfied with the companies policies and want to take a revenge for
the same. However, the back doors of the information system used for positive purposes, the
backdoor of the organizational system could be used to test the program that may be made
used off for discarding the sabotage.
Conclusion
The conclusion can be drawn about Bell Studio is that the organization has numerous
weaknesses and flaws in the system. These weaknesses run the risk of being exploited by
attackers to gain access and control of the system. The access to confidential data of the
authority for accessing the computers and the Trojan horses may be utilized to execute the
attacks on the system that can prove to be detrimental to the organization. Trojan horses
being used for crippling the confidential data has been increasing in an alarming rate. The
Trojans that the firms generally face are developed to gather the data and transmit the same to
the owner. The keyboard data captured by the owner of any Trojan allows him to collect
important informations such as the passwords and outgoing messages. The cyberpunks use
this data to attack the information system of the organization and result in loss of essential
data. The payroll department faces the problem of data theft that includes creating copies of
files without any such physical damage. The software is stolen in this way or alterations are
made in the records. In situations when the confidential files are deleted or damaged then the
value of duplicate data increases automatically. The data could include the keys to activate
passwords for the software, sensitive correspondence, as well as all informations those have
been stored in the system of the victims. If the competitor of any organisation gets access to
the consumers list then the data can be used to target the customers and negatively affect the
organization. The result of these acts could mean the crash of the organizational structure and
the reputation of the firm could be at stake. The other risks that could be associated to the
weakness of the informations system is the deliberate damage made to the system by the
employees who are dissatisfied with the companies policies and want to take a revenge for
the same. However, the back doors of the information system used for positive purposes, the
backdoor of the organizational system could be used to test the program that may be made
used off for discarding the sabotage.
Conclusion
The conclusion can be drawn about Bell Studio is that the organization has numerous
weaknesses and flaws in the system. These weaknesses run the risk of being exploited by
attackers to gain access and control of the system. The access to confidential data of the
BELL STUDIO
organization can lead the organization to face severe damage in both assets and brand value.
The weaknesses have the potential to disrupt the operations of the organization and expose to
external threats. Data used and generated by the organization when becomes easy to acquire
can be used against the organization in an unethical way. Loss of critical and confidential
data makes the organization vulnerable to the competitors present in the market. The
vulnerabilities become the entry points for viruses and other malware that can completely
bring down the system and damage assets.
BIBLIOGRAPHY
Bécsi, T., Aradi, S. and Gáspár, P., 2015, June. Security issues and vulnerabilities in connected car systems.
In 2015 International Conference on Models and Technologies for Intelligent Transportation Systems (MT-
ITS) (pp. 477-482). IEEE.
Boss, S., Galletta, D., Lowry, P.B., Moody, G.D. and Polak, P., 2015. What do systems users have to fear?
Using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Quarterly
(MISQ), 39(4), pp.837-864.
organization can lead the organization to face severe damage in both assets and brand value.
The weaknesses have the potential to disrupt the operations of the organization and expose to
external threats. Data used and generated by the organization when becomes easy to acquire
can be used against the organization in an unethical way. Loss of critical and confidential
data makes the organization vulnerable to the competitors present in the market. The
vulnerabilities become the entry points for viruses and other malware that can completely
bring down the system and damage assets.
BIBLIOGRAPHY
Bécsi, T., Aradi, S. and Gáspár, P., 2015, June. Security issues and vulnerabilities in connected car systems.
In 2015 International Conference on Models and Technologies for Intelligent Transportation Systems (MT-
ITS) (pp. 477-482). IEEE.
Boss, S., Galletta, D., Lowry, P.B., Moody, G.D. and Polak, P., 2015. What do systems users have to fear?
Using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Quarterly
(MISQ), 39(4), pp.837-864.
BELL STUDIO
Cavelty, M.D. and Mauer, V., 2016. Power and security in the information age: Investigating
the role of the state in cyberspace. Routledge.
Djajadikerta, H.G., Roni, S.M. and Trireksani, T., 2015. Dysfunctional information system
behaviors are not all created the same: Challenges to the generalizability of security-based
research. Information & Management, 52(8), pp.1012-1024.
Fransen, F., Smulders, A. and Kerkdijk, R., 2015. Cyber security information exchange to
gain insight into the effects of cyber threats and incidents. e & i Elektrotechnik und
Informationstechnik, 132(2), pp.106-112.
Hoffmann, R., Kiedrowicz, M. and Stanik, J., 2016. Risk management system as the basic
paradigm of the information security management system in an organization. In MATEC Web
of Conferences (Vol. 76, p. 04010). EDP Sciences.
Kim, S.H., Yang, K.H. and Park, S., 2014. An integrative behavioral model of information
security policy compliance. The Scientific World Journal, 2014.
Laszka, A., Felegyhazi, M. and Buttyan, L., 2015. A survey of interdependent information
security games. ACM Computing Surveys (CSUR), 47(2), p.23.
Nazareth, D.L. and Choi, J., 2015. A system dynamics model for information security
management. Information & Management, 52(1), pp.123-134.
Safa, N.S. and Von Solms, R., 2016. An information security knowledge sharing model in
organizations. Computers in Human Behavior, 57, pp.442-451.
Singh, A.K., Dave, M. and Mohan, A., 2014. Wavelet based image watermarking: futuristic
concepts in information security. Proceedings of the National Academy of Sciences, India
Section A: Physical Sciences, 84(3), pp.345-359.
Cavelty, M.D. and Mauer, V., 2016. Power and security in the information age: Investigating
the role of the state in cyberspace. Routledge.
Djajadikerta, H.G., Roni, S.M. and Trireksani, T., 2015. Dysfunctional information system
behaviors are not all created the same: Challenges to the generalizability of security-based
research. Information & Management, 52(8), pp.1012-1024.
Fransen, F., Smulders, A. and Kerkdijk, R., 2015. Cyber security information exchange to
gain insight into the effects of cyber threats and incidents. e & i Elektrotechnik und
Informationstechnik, 132(2), pp.106-112.
Hoffmann, R., Kiedrowicz, M. and Stanik, J., 2016. Risk management system as the basic
paradigm of the information security management system in an organization. In MATEC Web
of Conferences (Vol. 76, p. 04010). EDP Sciences.
Kim, S.H., Yang, K.H. and Park, S., 2014. An integrative behavioral model of information
security policy compliance. The Scientific World Journal, 2014.
Laszka, A., Felegyhazi, M. and Buttyan, L., 2015. A survey of interdependent information
security games. ACM Computing Surveys (CSUR), 47(2), p.23.
Nazareth, D.L. and Choi, J., 2015. A system dynamics model for information security
management. Information & Management, 52(1), pp.123-134.
Safa, N.S. and Von Solms, R., 2016. An information security knowledge sharing model in
organizations. Computers in Human Behavior, 57, pp.442-451.
Singh, A.K., Dave, M. and Mohan, A., 2014. Wavelet based image watermarking: futuristic
concepts in information security. Proceedings of the National Academy of Sciences, India
Section A: Physical Sciences, 84(3), pp.345-359.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
BELL STUDIO
Snapp, S.R., Brentano, J., Dias, G., Goan, T.L., Heberlein, L.T., Ho, C.L. and Levitt, K.N.,
2017. DIDS (distributed intrusion detection system)-motivation, architecture, and an early
prototype.
Tamjidyamcholo, A., Baba, M.S.B., Shuib, N.L.M. and Rohani, V.A., 2014. Evaluation
model for knowledge sharing in information security professional virtual
community. Computers & Security, 43, pp.19-34.
Tsohou, A., Karyda, M. and Kokolakis, S., 2015. Analyzing the role of cognitive and cultural
biases in the internalization of information security policies: recommendations for
information security awareness programs. Computers & security, 52, pp.128-141.
Wu, Z., Kinnunen, T., Evans, N., Yamagishi, J., Hanilçi, C., Sahidullah, M. and Sizov, A.,
2015. ASVspoof 2015: the first automatic speaker verification spoofing and countermeasures
challenge. In Sixteenth Annual Conference of the International Speech Communication
Association.
Zhang, Z.K., Cho, M.C.Y., Wang, C.W., Hsu, C.W., Chen, C.K. and Shieh, S., 2014,
November. IoT security: ongoing challenges and research opportunities. In 2014 IEEE 7th
international conference on service-oriented computing and applications (pp. 230-234).
IEEE.
Snapp, S.R., Brentano, J., Dias, G., Goan, T.L., Heberlein, L.T., Ho, C.L. and Levitt, K.N.,
2017. DIDS (distributed intrusion detection system)-motivation, architecture, and an early
prototype.
Tamjidyamcholo, A., Baba, M.S.B., Shuib, N.L.M. and Rohani, V.A., 2014. Evaluation
model for knowledge sharing in information security professional virtual
community. Computers & Security, 43, pp.19-34.
Tsohou, A., Karyda, M. and Kokolakis, S., 2015. Analyzing the role of cognitive and cultural
biases in the internalization of information security policies: recommendations for
information security awareness programs. Computers & security, 52, pp.128-141.
Wu, Z., Kinnunen, T., Evans, N., Yamagishi, J., Hanilçi, C., Sahidullah, M. and Sizov, A.,
2015. ASVspoof 2015: the first automatic speaker verification spoofing and countermeasures
challenge. In Sixteenth Annual Conference of the International Speech Communication
Association.
Zhang, Z.K., Cho, M.C.Y., Wang, C.W., Hsu, C.W., Chen, C.K. and Shieh, S., 2014,
November. IoT security: ongoing challenges and research opportunities. In 2014 IEEE 7th
international conference on service-oriented computing and applications (pp. 230-234).
IEEE.
1 out of 14
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.