Mitigating Ransomware Attacks in Business

Verified

Added on 2020/03/23

AI Summary

This assignment focuses on mitigating the risks of ransomware attacks against a company's computerized systems. It emphasizes the importance of internal controls and operational strategies to manage both internal weaknesses and external threats. The goal is to ensure business continuity and achievement of corporate objectives despite potential cyberattacks.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Accounting Information System- Motherboards
and More Pty Ltd. A Case Study
1 | P a g e

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Executive Summary
The objective of my article is to provide different reports to the CFO of Motherboards and More
Pty Ltd related to the existing system of Revenue Cycle Management (RCM) of the company
along with highlighted weaknesses of the company followed by probable remedies for those
weaknesses of the company related to internal control system. This report will also highlight the
impact of attack by ransomware and practical remedies to mitigate the risks which may come out
from those ransomware attacks. This report will conclude with some recommendations to avert
the risk of weaknesses arises out of insufficient internal control and ransomware attack to the
company.
2 | P a g e

Table of Contents
Accounting Information System- Motherboards and More Pty Ltd. A Case Study.....................................1
Introduction.................................................................................................................................................4
Revenue Cycle.............................................................................................................................................4
Internal controls- weaknesses and respective remedies...............................................................................5
Ransomware Attack.....................................................................................................................................6
Effective internal control to avoid ransomware attacks...............................................................................6
Conclusion...................................................................................................................................................7
References:..................................................................................................................................................8
3 | P a g e

Introduction
The company is engaged in the business of manufacturing and selling of computer components
which includes motherboards, microchips and graphics card. Motherboards and More Pty Ltd are
one of the main suppliers to the manufacturers of computers and repairers all over Australia. This
organization is of eight years and insists on integrated ERP systems for their ICT solutions. This
organization has the administrative offices which are situated in the central city building and
performs the operations including manufacturing, shipment of the ordered goods while the
receiving department is situated on the outskirts of the town with the distance of 10 minutes. The
company has three different issues which are faced by the management lately- revenue cycle,
internal control and probable attack of ransomware in their ERP system. (Solutiondots, 2017)
Revenue Cycle
The revenue cycle of the company is originated through placement of order by the customers on
the company website, or by email or over phone. All the sales are done on credit payment basis
with terms of payment are fixed with the credit allowed period of 14 days. The company offers
2% discount to the customers who are paying their dues by three days from generation of
invoice. (CSU I. , 2017) The normal trend of payment of the regular customers is to pay their
invoices by 3 days from date of invoice. As a result of this practice of credit sales, the company
faces loss of revenue through demarcation of doubtful debts with the ultimate step to write off.
Around 18% of the total credits sales are to be considered as non-collectable due to big numbers
of online orders are being denied by the customers on the ground of not ordering the products or
receiving the merchandise ordered. The normal practice of the revenue cycle starts with picking
of orders followed by subsequent action of sending to the warehouse for order processing as per
customers’ name by alphabets. This warehouse is used for both receiving the incoming materials
and dispatching of goods against sales orders. The company is normally running with the trend
of receipt of ten to twenty incoming deliveries from different supply chain stakeholders. The
revenue cycle starts with receipt of order from customer, arranging the goods from the
inventories in the warehouse with subsequent shipment to the customers. The generation of
invoice happens once the shipment is done. The invoices then directly impact the receivables by
4 | P a g e

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

increasing the amount. The subsequent payments made for those invoices are processed either
through bank or through cash receipts to make the sales complete. (Donald E. Kieso, 2017)
Internal controls- weaknesses and respective remedies
As the business grows for Motherboards and More Pty Ltd, the erstwhile infrastructure and the
job style is failing the need of the organization. It is mostly found that the company has internal
weaknesses in the strategic area of credit policy (Times, 2017) and the execution policy of
dispatch system and inventory management (Tradegecko, 2017). Appended below the table of
weaknesses with their respective impacts and probable remedies to come out of these internal
weaknesses: (Kokemuller, 2017)
Weaknesses Impact Remedies
Credit
policy Direct impact on working capital To revise the existing credit policy by fixing
the criteria of being credit customers
Dispatch
system
Wrong dispatch of products
resulting to reduction of sales due
to non attentive attitude of the
warehouse staffs
Identification of ordered item and tagging
them with the specific order of customers
Impact on working capital by
reduction of receivables for
cancellation of orders for
improper dispatch of goods
Proper verification of goods before
dispatching
5 | P a g e

Inventory
management
Non derivation of inventories as
current assets in proper manner to
ascertain the balance sheet in true
and professional manner
A practice of quarterly inventory checking is
to be made with proper reconciliation of
products as per receipts and dispatches to
arrive at the physical closing stock
Ransomware Attack
The article on present ransomware attack as provided by CFO shows that this attack is damaging
the ICT system of the company through the loopholes created by the old version of windows.
After hacking the system through ransomware, the hackers start demanding money from the
affected. (CSU, 2017) Although there are security alert by some mysterious identity, the
provider, Microsoft had announced about their remedies related to such alerts to be covered.
Basic problem of the affected users of systems is that they are not upgrading their system as per
the latest version of Microsoft and thus the entire computer system is being affected by the said
Ransomware. This attack has no geographical limit as it has attacked almost all the countries
with its evil footfall. The victimised users may be affected through old version of Windows,
accessing fictitious softwares called as Malware (Rouse, 2017) or through spam mails alluring
the recipient of different unrealistic offers. (Brandom, 2017)
Effective internal control to avoid ransomware attacks
To ensure effective internal control to combat ransomware attack, Motherboards and More Pty
Ltd has to consider first the sources through which the attack may hit the system. The company
is working on ERP system which normally runs through different portals for different purposes.
6 | P a g e

Moreover the company has its own website which is the fascia of the company. Normally the
ERP system is supported by Windows. The company should use the legalised version of
Windows for professional use with multi user facility and upgrade the same from time to time as
per the updates available on the system provided by Microsoft. Moreover to control the access
over spam mails the company should use secured version of internet connection by adopting
Virtual Private Network (VPN) which can restrict the unwanted infiltrators in the system. It is
mostly found that personal mails are accessed while the users work on the company system. That
should be restricted with only option of using the company email facilities while they are in the
office. Moreover proper allocation of layer of authentication through multi level password for the
users can also be helpful for ensuring internal control over the ERP system of the company to
confirm the safeguard for the company software. (McCafferty, 2017)
Conclusion
It is observed for the case study of Motherboards and More Pty Ltd that the company is facing
problem in the operations of its sales due to improper infrastructure, which is unable to face the
problems generated through its enhanced operation. The company has faced problem in the area
of operations of sales, control of receivables, dispatch system and inventory management. The
company has also constant threat of ransomware attack which is the threat for global business
community. To mitigate those threat and weaknesses, the company has to rethink about the
present work strategy of the company so far its operations management is concerned. Particularly
the areas of credit policy, dispatch system and inventory management has to be refurbished in
order to make weaknesses of those areas as their areas of strength. To combat the threat of
ransomware attacks, the company has to fasten its belt so far its ICT solution is concerned. The
ERP system is to be more secured by implementation of available resources through which the
company can ensure mitigation of risks related to ransomware attack to the computerised
systems of the company. It is also to be understood that proper management can only be ensured
through application of justified and logical solutions to accomplish the organizational objectives.
The internal weaknesses can be well managed through proper implementation of operations
strategies while for external threat; internal controls are to be made tight to ensure that the
company can run business without problem to accomplish their corporate objectives.
7 | P a g e

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

References:
Brandom, R. (2017, 06 27). A new ransomware attack is infecting airlines, banks, and utilities across
Europe. Retrieved 09 24, 2017, from The Verge:
https://www.theverge.com/2017/6/27/15879480/petrwrap-virus-ukraine-ransomware-attack-
europe-wannacry
CSU. (2017). Retrieved 09 25, 2017, from Charles Stuart University:
https://interact2.csu.edu.au/webapps/blackboard/execute/content/file?
cmd=view&content_id=_1658545_1&course_id=_25885_1
CSU, I. (2017). Revenue Cycle. Retrieved 09 25, 2017, from Charles Stuart university:
https://interact2.csu.edu.au/webapps/blackboard/execute/content/file?
cmd=view&content_id=_1658546_1&course_id=_25885_1
Donald E. Kieso, e. a. (2017). Revenue Cycle. Retrieved 09 24, 2017, from AZCentral:
http://yourbusiness.azcentral.com/accounts-generally-included-revenue-cycle-company-
17373.html
Kokemuller, N. (2017). Examples of COmpnay Weaknesses. Retrieved 09 24, 2017, from Chron:
http://smallbusiness.chron.com/examples-company-weaknesses-69993.html
McCafferty, J. (2017, 05 23). Five Preventative Controls for Ransomware Attacks. Retrieved 09 24, 2017,
from MIS Training Institute: http://misti.com/internal-audit-insights/five-preventative-controls-
for-ransomware-attacks
Rouse, M. (2017). Malware. Retrieved 09 24, 2017, from Searchsecurity:
http://searchsecurity.techtarget.com/definition/malware
8 | P a g e

Solutiondots. (2017). ERP- Full for and meaning. Retrieved 09 24, 2017, from Solutiondots:
https://solutiondots.com/blog/what-is-erp-full-form.html
Times, F. (2017). ft.com/lexicon. Retrieved 09 24, 2017, from Financial Times:
http://lexicon.ft.com/Term?term=credit-policy
Tradegecko. (2017). Inventory Management. Retrieved 09 24, 2017, from Tradegecko:
https://www.tradegecko.com/learning-centre/what-is-inventory-management
9 | P a g e

1 out of 9

+13062052269

info@desklib.com

Mitigating Ransomware Attacks in Business

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Cybersecurity and Revenue Cycle Analysis

Strengthening Revenue Cycle Controls & Ransomware Protection

Cybersecurity and Data Backup for Businesses

Cybersecurity for Motherboards and More Pty Ltd

Effective Revenue Cycle Management for Motherboards and More Pty Ltd

Enhancing Operational Efficiency and Security at Motherboards and More Pty Ltd