It Audit and controls
Added on 2023-01-12
10 Pages2639 Words56 Views
IT AUDIT AND CONTROLS
TABLE OF CONTENTS
INTRODUCTION...........................................................................................................................3
MAIN BODY..................................................................................................................................3
Overview......................................................................................................................................3
Security Issues to be investigated................................................................................................4
NAB’s response to data breach....................................................................................................5
Information Security measures that NBA can adopt...................................................................6
Role of cloud computing in information security........................................................................7
CONCLUSION................................................................................................................................7
REFERENCES................................................................................................................................9
INTRODUCTION...........................................................................................................................3
MAIN BODY..................................................................................................................................3
Overview......................................................................................................................................3
Security Issues to be investigated................................................................................................4
NAB’s response to data breach....................................................................................................5
Information Security measures that NBA can adopt...................................................................6
Role of cloud computing in information security........................................................................7
CONCLUSION................................................................................................................................7
REFERENCES................................................................................................................................9
INTRODUCTION
IT Audit is basically audit of the robustness of the IT systems that are implemented in the
organisation (Pasquier and et.al., 2018). In the current report, the case study of National
Australian Bank has been evaluated. The report will highlight what are the different issues that
needs to be considered during audit and will also provide adequate recommendations that can be
adopted by NBA.
MAIN BODY
Overview
National Australian Bank is one of the most prominent bank in Australia coming at the 4th
position in the country. Recently, on July 26th, 2019, the company uploaded the personal data of
13000 customers on the servers of two data servicing companies. This was a major fraud which
was incurred by the bank which purported so much about its secured and protected systems and
the value that it gave to the privacy of the customers. It was further revealed by the Chief data
officer of NBA that the data was uploaded by a human error and was not a part of any cyber
security crime. They assured the customers that the data that had been erroneously leaked did not
contain any critical details such as log- in passwords etc. However, they still took the
responsibility stating that the name, contact numbers, birth detail and in some cases government
issued identification numbers were the only details that had been uploaded. They further stated
that all the data that had been uploaded due to human error had been positively taken down
within the two hours. Although, the bank too all the corrective actions immediately where they
contacted each customer whose data had been uploaded, they were ready to bear costs of re-
issuing of the government identification numbers or the cost incurred in the fraud detection
services should this be availed by any customer. They also developed a special team full of
experts who reviewed every detail critically and was working on this for 24/ 7 (Diamantopoulou,
Tsohou and Karyda, 2019).
Despite all the efforts, a major question was raised on the robustness of the systems used
by NBA where the bank was questioned that in the increasing trends of cyber crimes and frauds,
how credible or trustworthy is the system of the bank. The CEO himself agreed that the bank
finds it difficult to invest a larger portion of the money on development of better IT systems
similar to the companies such as Google or Microsoft because of the lack of adequate funds.
3
IT Audit is basically audit of the robustness of the IT systems that are implemented in the
organisation (Pasquier and et.al., 2018). In the current report, the case study of National
Australian Bank has been evaluated. The report will highlight what are the different issues that
needs to be considered during audit and will also provide adequate recommendations that can be
adopted by NBA.
MAIN BODY
Overview
National Australian Bank is one of the most prominent bank in Australia coming at the 4th
position in the country. Recently, on July 26th, 2019, the company uploaded the personal data of
13000 customers on the servers of two data servicing companies. This was a major fraud which
was incurred by the bank which purported so much about its secured and protected systems and
the value that it gave to the privacy of the customers. It was further revealed by the Chief data
officer of NBA that the data was uploaded by a human error and was not a part of any cyber
security crime. They assured the customers that the data that had been erroneously leaked did not
contain any critical details such as log- in passwords etc. However, they still took the
responsibility stating that the name, contact numbers, birth detail and in some cases government
issued identification numbers were the only details that had been uploaded. They further stated
that all the data that had been uploaded due to human error had been positively taken down
within the two hours. Although, the bank too all the corrective actions immediately where they
contacted each customer whose data had been uploaded, they were ready to bear costs of re-
issuing of the government identification numbers or the cost incurred in the fraud detection
services should this be availed by any customer. They also developed a special team full of
experts who reviewed every detail critically and was working on this for 24/ 7 (Diamantopoulou,
Tsohou and Karyda, 2019).
Despite all the efforts, a major question was raised on the robustness of the systems used
by NBA where the bank was questioned that in the increasing trends of cyber crimes and frauds,
how credible or trustworthy is the system of the bank. The CEO himself agreed that the bank
finds it difficult to invest a larger portion of the money on development of better IT systems
similar to the companies such as Google or Microsoft because of the lack of adequate funds.
3
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
NAB’s Response to Data Breachlg...
|12
|2692
|27
IT Audit and Controls | Case Study Reportlg...
|14
|2928
|25
SBM4302 It Audit And Controls Reportlg...
|11
|3025
|10
Data Security and Privacy at National Australian Banklg...
|10
|2580
|25
IT Audit and Controlslg...
|7
|1963
|24
Information Security Measures And Data Breach Studylg...
|10
|2424
|20