This report covers all the services that are provided by the organisation and some of the general management control and application controls that are used for maintain the security are discussed.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
IS Security and Risk Management
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IS Security and Risk Management1 Table of Contents Introduction...........................................................................................................................................1 Services offered by the organisation......................................................................................................1 Business operations that support the organisation.................................................................................1 GMCs- General management control....................................................................................................1 Telstra application control strategies.....................................................................................................2 Difference between general management control with application control for IS.................................2 Risk management techniques................................................................................................................3 Importance of safeguarding data quality and auditing IS.......................................................................3 Conclusion.............................................................................................................................................5 References.............................................................................................................................................6
IS Security and Risk Management2 Introduction One of the largest telecommunication networks is of Telstra, it is an Australian organisation that is a fully privatised company that focus on customer service by adapting to the changes. This report covers all the services that are provided by the organisation and some of the general management control and application controls that are used for maintain the security are discussed. Services offered by the organisation Telstra offers services like internet access, mobile marketing and other services. It is one of the largest telecommunication organisations in Australia. The organisation offer service to many private sectors that increases the information services by offering better network installation and maintenance of all services. Telstra in Australia improved the capacity of channels by securing the data packets and channels so that data transmission takes place securely(DeAngelo & Stulz, 2015). This organisation offers internet services to the corporate clients as well as to personal users with the help of IS providers. The customer services are improved due to wireless methods offered by the organisation. Business operations that support the organisation The business operations are undertaken by an organisation by making sure that security is maintained. The security tools can be used to secure all the operations. Telstra offers electronic security solution that support business in securing their network and operations(Berry, Broadbent & Otley, 2016). They secure the data packet using intellectual solutions by preventing the data to get breached. The products are secured from all the threats by detecting them so that they do not penetrate in the system(Parsons, Calic, Pattinson,
IS Security and Risk Management3 Butavicius, McCormac & Zwaans, 2017). They make use internet protection services like firewalls, virus detectors and security endpoints so that security is not breeched. IS providers make sure that no vulnerabilities hit the system, thus for this security architecture is deployed so that proper assessment could be undertaken(Berry, Broadbent & Otley, 2016). GMCs- General management control General management controls are listed by every organisation so that they can work in an organised way. General management controls are set of activities and actions that assure that asserts and resources are used in an effective way(Vaidyanathan, Sampath & Azar, 2015). Similarly, Telstra have designed some general management controls so that relationship between the staff and can be built strongly and responsibilities can be structured is a particular manners so that overall performance is enhanced. The general management control in an organisation covers the cost accounting system and basic management control that helps in achieving the objective. General management control helps in assigning role to every employee so that they can work towards the goals. They are used to make decisions and implement in the organisation so that employees follow them. They also include control measures so that culture conflicts in an organisation could be resolved(Udagepola, Xiang, Afzal, Ali & Robinson, 2015). The general management control looks at all the measure either technical or non-technical. The main aim of GMCs is to enhance the profit margin. The employees working in an organisation has entirely different perception and views thus GMCs help in managing the environment of workplace(Peltier, 2016). The general management controls make sure that all the operational goals are achieved smoothly without any conflicts. The general management control design strategies by offering rewards and so that performance could be improved and they met high standards (Senarathna, Wilkin, Warren, Yeoh & Salzman, 2018). General management control also
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IS Security and Risk Management4 measures the current performance of every individual so that action plans could be designed accordingly. GMC removes all the differences at the workplace and support Telstra to work on future goals. Telstra application control strategies The application control measures differ from the general management control. General management controls are used for the entire organisation whereas application control measures are used for a particular application or process(Lueg & Radlach, 2016). The different type of application controls are: Audit controls- This is control measure that is used to monitor all the actions and the network. It helps in finding out the bugs that exist in any software. The solutions are defined after identifying the errors so that they do not penetrate in the system. Output Controls- The expected output is compared with the output received. If there is a change in both the output values then it could be easily figured out that there exist some errors(Keogh, Gordon & Marinovic, 2018). Input Controls- The information that is entered in the system should be integrity and secure so that business operations can be completed easily(Keogh, Gordon & Marinovic, 2018). Processing Controls- The operations that are processed should be accurate, clear and complete. The processing controls are also used to check that all the operations are done by authorised users. If information is being processed by unauthorised user there are chances of leakage. Application controls are very important for every organisation as these control measures adapt to changes automatically whenever there is a change in software or database(Jia, Munro & Buckby, 2016). Thus, every organisation can completely rely for security
IS Security and Risk Management5 measures on application control. Even Telstra rely on application control for performing their operations as it takes less time as compared to others. There are some of the security controls measures that are inherited in the application control that make sure that all the software are updated regularly. It also take care that information is accessed only by valid user this could be attained by maintain an access control list. It assures that data remains confidential and are accessed by valid users. Difference between general management control with application control for IS The general management control policies assures that all the IS operations are done effectively. They maintain and work on the security measures of all the data centres so that security of network is maintained. There is a difference between both these terms as, general management control deals with concerns of who can access the data and how integrity could be maintained(Senarathna, Yeoh, Warren & Salzman, 2016). On the other hand, application control deals with security of particular software. The threats of applications are found and then risk assessment is carried out for that particular application. Application control has some pre-defined rules and regulations that control the input and output information of the system. All the IS operations are observed using application control. The aim of theses controls is provide security to the organisation. The only difference is general management control works on meeting the primary objective related to the workplace environment (Kerzner & Kerzner, 2017). They also deal with the concern of storing data; access the controls and developing the acquisition. The application control checks that the inputs are valid and can be processed accurately without any error. While comparing both the controls, it was found in Telstra general management control are applied in all the areas wherein application control are applied in software were
IS Security and Risk Management6 data transaction is carried(Bedford, Malmi & Sandelin, 2016). Application controls are applied to specific area of an organisation and general management controls are designed for entire group. It ensures that operations carried in Telstra will match the integrity, confidentiality and availability concepts(Aven, 2016). Risk management techniques The risk management techniques that are used by Telstra make sure that confidentiality, availability, reliability and integrity of data is maintained. Security-Every organisation stores their sensitive data over the network, it is important to secure the data so that information is not breached(Bedford & Sandelin, 2015). Integrity-It is important to maintain integrity of data packets. This could be done by assuring that information is readable only by valid users. Availability-The services and operations that are offered by the organisation should remain available all the time for the valid users(Bedford & Sandelin, 2015). If information is not available at the right time it can have negative effect between the relation of customer and organisation. Confidentiality-It assures that information is accessed only by valid user and it is not made available to the unauthorised users. This can be attained by maintained an access control list so that privacy of information is not breached. Reliability-It makes sure that even in case of failure the network continues to work. t make sure that consistency of operations are maintained. Thus to make sure that security of organisation is not breached a risk control plan is developed. At first phase, all the bugs and errors are identified so that it they don’t penetrate
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IS Security and Risk Management7 in the system. The risk is accessed and the source of the risk is found so that control plan is developed for future security. Importance of safeguarding data quality and auditing IS The auditing controls are used by an organisation to maintain the quality. It additionally helps in shielding the information quality by relieving all the conceivable dangers related with the association. These reviews help in making the business tasks straightforward by observing all the activities. Information security helps in distinguishing the exercises so deliberate of data could be discovered(Tesfamicael, Liu, Foo & Caelli, 2017). The IS reviewing is essential as it guarantees that information secrecy, respectability and accessibility is kept up. It shields the information bundles from being revealed to unapproved parties. These designs look at all the conceivable threats that could breach the privacy, confidentiality and accessibility of information bundles. The audit plans is a pre- characterized and particular rule is taken after directing a review. It causes an association to get adequate confirmations and furthermore dodges the misinterpretation. The review procedure is utilized to limit the time taken by a task. It covers arranging a gathering, declaring the choices and after that taking up a development or an input of its effect.
IS Security and Risk Management8 Conclusion From this report, it can be summarised that security is important for every organisation as a lot of sensitive data is stored over the network. The general management control and application control that are undertaken by an organisation are discussed above. These control measures are used to maintain the security of the network. It is recommended that the audit plans that are developed for an organisation should be in a way that integrity, confidentiality and reliability is maintained. This can be attained by updating the software and keeping a backup plan so that system could be recovered in case of failure. The risk can also be managed by first identifying the threats, then assessing it by future developing an action plan.
IS Security and Risk Management9 References Aven, T. (2016). Risk assessment and risk management: Review of recent advances on their foundation.European Journal of Operational Research,253(1), 1-13. Bedford, D. S., & Sandelin, M. (2015). Investigating management control configurations using qualitative comparative analysis: an overview and guidelines for application.Journal of management control,26(1), 5-26. Bedford, D. S., Malmi, T., & Sandelin, M. (2016). Management control effectiveness and strategy: An empirical analysis of packages and systems.Accounting, Organizations and Society,51, 12-28. Berry, A. J., Broadbent, J., & Otley, D. T. (Eds.). (2016).Management control: theories, issues and practices. Macmillan International Higher Education. DeAngelo, H., & Stulz, R. M. (2015). Liquid-claim production, risk management, and bank capital structure: Why high leverage is optimal for banks.Journal of Financial Economics,116(2), 219-236. Jia, J., Munro, L., & Buckby, S. (2016). A finer-grained approach to assessing the “quality”(“quantity” and “richness”) of risk management disclosures.Managerial Auditing Journal,31(8/9), 770-803. Keogh, K., Gordon, C., & Marinovic, P. (2018). Cyber security: Global developments in cyber security law: is Australia keeping pace?.LSJ: Law Society of NSW Journal, (42), 82. Kerzner, H., & Kerzner, H. R. (2017).Project management: a systems approach to planning, scheduling, and controlling. John Wiley & Sons.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IS Security and Risk Management10 Lueg, R., & Radlach, R. (2016). Managing sustainable development with management control systems: A literature review.European Management Journal,34(2), 158-171. Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., & Zwaans, T. (2017). The human aspects of information security questionnaire (HAIS-Q): two further validation studies.Computers & Security,66, 40-51. Peltier, T. R. (2016).Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications. Senarathna, I., Wilkin, C., Warren, M., Yeoh, W., & Salzman, S. (2018). Factors That Influence Adoption of Cloud Computing: An Empirical Study of Australian SMEs.Australasian Journal of Information Systems,22. Senarathna, I., Yeoh, W., Warren, M., & Salzman, S. (2016). Security and privacy concerns for australian smes cloud adoption: empirical study of metropolitan vs regional smes.Australasian Journal of Information Systems,20. Tesfamicael, A. D., Liu, V., Foo, E., & Caelli, W. (2017, December). Modeling for performance and security balanced trading communication systems in the cloud. In2017 IEEE 36th International Performance Computing and Communications Conference (IPCCC)(pp. 1-7). IEEE. Udagepola, K., Xiang, L., Afzal, N., Ali, M., & Robinson, M. (2015). Case Study: Cloud Computing Consumer Protocol in Australia.J. Appl. Environ. Biol. Sci,5(9), 76-83. Vaidyanathan, S., Sampath, S., & Azar, A. T. (2015). Global chaos synchronisation of identical chaotic systems via novel sliding mode control method and its application to Zhu system.International Journal of Modelling, Identification and Control,23(1), 92-100.