Internal Controls and Ransomware Prevention
VerifiedAdded on 2020/02/19
|9
|1623
|45
AI Summary
This assignment delves into the importance of internal controls in safeguarding companies against ransomware threats. It emphasizes the significance of implementing robust controls across key operational areas such as inventory management, shipping, and delivery. The document also stresses the need to strengthen information system security measures to prevent malware infections via spam emails and unauthorized websites. Finally, it underscores the value of updated software versions, anti-ransomware programs, and employee training in mitigating ransomware risks.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
RUNNING HEAD: RANSOMWARE ATTACK 2017
INTERNAL COTROL SYSTEM
OF THE COMPANY
INTERNAL COTROL SYSTEM
OF THE COMPANY
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
RANSOMWARE ATTACK 2017
Executive Summary
Motherboards and More Pty Ltd., an Australian company is engaged in the business of manufacturing and supplying
parts of computers to different manufacturers and repairers of computers in Australia. The increased volume of
sales orders from the customers has caused mismanagement of company’s operations due to weaknesses in the
system of company’s internal controls. Absence of strong controls in the areas such as inventory management,
shipment and delivery processes could impact the overall profitability of the company as these are the areas which
requires key focus of the management. If necessary concern is not given to strengthen the controls is given the
company may also encounter issues like ransonware attack. Company must strive to protect its system from the
external attacks which are affecting the entire country.
RANSOMWARE ATTACK 2017
Executive Summary
Motherboards and More Pty Ltd., an Australian company is engaged in the business of manufacturing and supplying
parts of computers to different manufacturers and repairers of computers in Australia. The increased volume of
sales orders from the customers has caused mismanagement of company’s operations due to weaknesses in the
system of company’s internal controls. Absence of strong controls in the areas such as inventory management,
shipment and delivery processes could impact the overall profitability of the company as these are the areas which
requires key focus of the management. If necessary concern is not given to strengthen the controls is given the
company may also encounter issues like ransonware attack. Company must strive to protect its system from the
external attacks which are affecting the entire country.
2
RANSOMWARE ATTACK 2017
Table of Contents
Executive Summary.........................................................................................................................................................1
Overview of Revenue Cycle.............................................................................................................................................3
Internal Control Weaknesses of Company......................................................................................................................3
Impact of Internal Control Weaknesses..........................................................................................................................3
Specific Controls to Mitigate the Risk..............................................................................................................................4
Ransomware Attack 2017................................................................................................................................................4
Controls to protect the company from Ransomware Attack...........................................................................................5
Conclusion....................................................................................................................................................................... 5
References...................................................................................................................................................................... 7
RANSOMWARE ATTACK 2017
Table of Contents
Executive Summary.........................................................................................................................................................1
Overview of Revenue Cycle.............................................................................................................................................3
Internal Control Weaknesses of Company......................................................................................................................3
Impact of Internal Control Weaknesses..........................................................................................................................3
Specific Controls to Mitigate the Risk..............................................................................................................................4
Ransomware Attack 2017................................................................................................................................................4
Controls to protect the company from Ransomware Attack...........................................................................................5
Conclusion....................................................................................................................................................................... 5
References...................................................................................................................................................................... 7
3
RANSOMWARE ATTACK 2017
Overview of Revenue Cycle
Revenue cycle of the Motherboards and More Pty Ltd involves four major stages where entry of sales order
is the first stage which includes receiving of orders from the customers through various sources after which
packaging and shipment of ordered goods is initiated by the company at the second stage. Once the shipment
process is completed, management of the company initiates with the billing process to issue invoices to the
customers with whom deals are closed. As all the sales are made on credit basis the final stages ends with
the ultimate collection of cash from the customers.
Internal Control Weaknesses of Company
Internal control weakness is the absence of strong and adequate controls in the areas of necessary operations
of an organisation. The areas where deficiencies in the internal controls are found are as follows:
Inventory management: The inventory maintained by the company is not physically verified on a periodic
basis and also there is no stock count taken by the management of the company since last two years.
Order shipments: The orders accepted from the customers were not shipped on the timely basis due to lack
of stock. Since the stock availability is not checked before accepting the order, the required inventories were
assumed to be lying in the stores where these actually were not available.
Erroneous deliveries: As the sales orders were increased it led to wrong deliveries of the goods to the
customers.
Impact of Internal Control Weaknesses
The weaknesses in internal controls can indirectly affect the company’s performance to a great extent as it
hinders the functioning of important business processes and the employees (Bedard & Graham, 2011).
Internal controls deficiencies can affect the company’s profitability due to reduction in the turnover level as
it will lose its customer base due to improper and erroneous delivery of the outputs. It may also degrade the
RANSOMWARE ATTACK 2017
Overview of Revenue Cycle
Revenue cycle of the Motherboards and More Pty Ltd involves four major stages where entry of sales order
is the first stage which includes receiving of orders from the customers through various sources after which
packaging and shipment of ordered goods is initiated by the company at the second stage. Once the shipment
process is completed, management of the company initiates with the billing process to issue invoices to the
customers with whom deals are closed. As all the sales are made on credit basis the final stages ends with
the ultimate collection of cash from the customers.
Internal Control Weaknesses of Company
Internal control weakness is the absence of strong and adequate controls in the areas of necessary operations
of an organisation. The areas where deficiencies in the internal controls are found are as follows:
Inventory management: The inventory maintained by the company is not physically verified on a periodic
basis and also there is no stock count taken by the management of the company since last two years.
Order shipments: The orders accepted from the customers were not shipped on the timely basis due to lack
of stock. Since the stock availability is not checked before accepting the order, the required inventories were
assumed to be lying in the stores where these actually were not available.
Erroneous deliveries: As the sales orders were increased it led to wrong deliveries of the goods to the
customers.
Impact of Internal Control Weaknesses
The weaknesses in internal controls can indirectly affect the company’s performance to a great extent as it
hinders the functioning of important business processes and the employees (Bedard & Graham, 2011).
Internal controls deficiencies can affect the company’s profitability due to reduction in the turnover level as
it will lose its customer base due to improper and erroneous delivery of the outputs. It may also degrade the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
RANSOMWARE ATTACK 2017
confidence level of company’s customers thereby affecting its goodwill adversely (Rice & Weber, 2012).
Moreover, the weakness in the internal controls will also influence the auditor’s report negatively as a result
of which the company will invite various interventions from government and other regulatory bodies (Kuhn
& Sutton, 2010).
Specific Controls to Mitigate the Risk
The inventories lying in the warehouses must be physically verified at reasonable intervals so as to avoid the
stock out position and to execute the customer’s order in time. If there occurs any deviation between the
inventory records maintained by the management and actual inventory counts, it needs to be checked and
corrected. The company must ensure the availability of stock before accepting the sales order. The internal
auditor must look at these matters carefully and should report to the management about the deficiencies in
the internal controls along with required recommendations (Lin et al., 2011). Also, the strong internal
controls must be implemented in the areas of shipment and the delivery of goods. There must be clarity of
responsibilities and duties among the management people about the task assigned to them so as to improve
the quality of services provided by the company to the customers through adequate and timely provision of
merchandise ordered by the customers.
The company must also hire more managerial personnel for its crucial functions so that the errors and faulty
deliveries could be reduced. The employees must be adequately trained to handle excessive demands from
customers and to keep an updated track of order processing so that the delayed execution of orders can be
avoided.
Ransomware Attack 2017
Ransomware was a malicious computer program which was attached to various spam mails that contained
files and documents which seemed to be important for the users. The malware entered the user’s computers
through the e-mail spam, encrypting the important files and other data kept thereon demanding ransom in
the form of digital currencies to be paid to restore the access to the files and to save the important data files
from getting leaked. The attack has hit huge number of computers across the world as the malware function
RANSOMWARE ATTACK 2017
confidence level of company’s customers thereby affecting its goodwill adversely (Rice & Weber, 2012).
Moreover, the weakness in the internal controls will also influence the auditor’s report negatively as a result
of which the company will invite various interventions from government and other regulatory bodies (Kuhn
& Sutton, 2010).
Specific Controls to Mitigate the Risk
The inventories lying in the warehouses must be physically verified at reasonable intervals so as to avoid the
stock out position and to execute the customer’s order in time. If there occurs any deviation between the
inventory records maintained by the management and actual inventory counts, it needs to be checked and
corrected. The company must ensure the availability of stock before accepting the sales order. The internal
auditor must look at these matters carefully and should report to the management about the deficiencies in
the internal controls along with required recommendations (Lin et al., 2011). Also, the strong internal
controls must be implemented in the areas of shipment and the delivery of goods. There must be clarity of
responsibilities and duties among the management people about the task assigned to them so as to improve
the quality of services provided by the company to the customers through adequate and timely provision of
merchandise ordered by the customers.
The company must also hire more managerial personnel for its crucial functions so that the errors and faulty
deliveries could be reduced. The employees must be adequately trained to handle excessive demands from
customers and to keep an updated track of order processing so that the delayed execution of orders can be
avoided.
Ransomware Attack 2017
Ransomware was a malicious computer program which was attached to various spam mails that contained
files and documents which seemed to be important for the users. The malware entered the user’s computers
through the e-mail spam, encrypting the important files and other data kept thereon demanding ransom in
the form of digital currencies to be paid to restore the access to the files and to save the important data files
from getting leaked. The attack has hit huge number of computers across the world as the malware function
5
RANSOMWARE ATTACK 2017
targeted the computers which were using the old and the incompatible versions of Microsoft Windows
(Mohurle & Patil, 2017).
Controls to protect the company from Ransomware Attack
Data Back-up: The company must keep the data files backed up regularly at two or more storage
locations or devices such as pen drives, compact disk, hard-disks, on the cloud etc. (Lee, Moon &
Park, 2017).
Avoiding Spam mails: The important practice to protect the computers from ransomware attack is to
avoid opening the spam mails coming from suspicious and unauthorised senders. As the malware
functions enters the computer programs through the downloaded spam mails (Brewer, 2016).
Updated versions of MS Windows: Deploying the new and updated versions of Microsoft Windows
may help a company to prevent itself against the threat of ransomware attack.
Anti-ransonware programs: Company must invest in reliable security programs that are anti-
ransomware which can check for anything suspicious coming from outside in the computer. Also the
company must have an updated and secured anti-virus program installed in the computer system.
Restricted websites: Sometimes malware affects the computers through the web browsing of
unauthorised sites. So the company must provide proper training to the employees to avoid browsing
such malicious websites (Sittig & Singh, 2016).
Conclusion
It can easily be concluded that the proper implementation internal controls in place plays a vital role in the
overall performance of the company. These controls helps the company to closely monitor the functioning of
all the key operations and to improve them on a continuous basis. Strong internal controls not only enhances
the profitability of the company but also maintains a goodwill of the company which helps it in avoidance of
unnecessary governmental actions. Motherboard and more must ensure the application of necessary and
appropriate controls in the key areas such as inventory management, the management of shipment and the
RANSOMWARE ATTACK 2017
targeted the computers which were using the old and the incompatible versions of Microsoft Windows
(Mohurle & Patil, 2017).
Controls to protect the company from Ransomware Attack
Data Back-up: The company must keep the data files backed up regularly at two or more storage
locations or devices such as pen drives, compact disk, hard-disks, on the cloud etc. (Lee, Moon &
Park, 2017).
Avoiding Spam mails: The important practice to protect the computers from ransomware attack is to
avoid opening the spam mails coming from suspicious and unauthorised senders. As the malware
functions enters the computer programs through the downloaded spam mails (Brewer, 2016).
Updated versions of MS Windows: Deploying the new and updated versions of Microsoft Windows
may help a company to prevent itself against the threat of ransomware attack.
Anti-ransonware programs: Company must invest in reliable security programs that are anti-
ransomware which can check for anything suspicious coming from outside in the computer. Also the
company must have an updated and secured anti-virus program installed in the computer system.
Restricted websites: Sometimes malware affects the computers through the web browsing of
unauthorised sites. So the company must provide proper training to the employees to avoid browsing
such malicious websites (Sittig & Singh, 2016).
Conclusion
It can easily be concluded that the proper implementation internal controls in place plays a vital role in the
overall performance of the company. These controls helps the company to closely monitor the functioning of
all the key operations and to improve them on a continuous basis. Strong internal controls not only enhances
the profitability of the company but also maintains a goodwill of the company which helps it in avoidance of
unnecessary governmental actions. Motherboard and more must ensure the application of necessary and
appropriate controls in the key areas such as inventory management, the management of shipment and the
6
RANSOMWARE ATTACK 2017
delivery processes as these are the crucial functions for the company. Also to prevent itself from the external
risk factors such as ransomware attack, the company must strive to strengthen the internal controls in the
areas of information system management.
RANSOMWARE ATTACK 2017
delivery processes as these are the crucial functions for the company. Also to prevent itself from the external
risk factors such as ransomware attack, the company must strive to strengthen the internal controls in the
areas of information system management.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
RANSOMWARE ATTACK 2017
References:
Bedard, J. C., & Graham, L. (2011). Detection and severity classifications of Sarbanes-
Oxley Section 404 internal control deficiencies. The Accounting Review, 86(3),
825-855.
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network
Security, 2016(9), 5-9.
Kuhn Jr, J. R., & Sutton, S. G. (2010). Continuous auditing in ERP system
environments: The current state and future directions. Journal of Information
Systems, 24(1), 91-112.
Lee, J. K., Moon, S. Y., & Park, J. H. (2017). CloudRPS: a cloud analysis based
enhanced ransomware prevention system. The Journal of Supercomputing, 73(7),
3065-3084.
Lin, S., Pizzini, M., Vargus, M., & Bardhan, I. R. (2011). The role of the internal audit
function in the disclosure of material weaknesses. The Accounting Review, 86(1),
287-323.
Mohurle, S., & Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack
2017. International Journal, 8(5).
Rice, S. C., & Weber, D. P. (2012). How effective is internal control reporting under
SOX 404? Determinants of the (non‐) disclosure of existing material
weaknesses. Journal of Accounting Research, 50(3), 811-843.
Sittig, D. F., & Singh, H. (2016). A socio-technical approach to preventing, mitigating,
and recovering from ransomware attacks. Applied clinical informatics, 7(2), 624.
RANSOMWARE ATTACK 2017
References:
Bedard, J. C., & Graham, L. (2011). Detection and severity classifications of Sarbanes-
Oxley Section 404 internal control deficiencies. The Accounting Review, 86(3),
825-855.
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network
Security, 2016(9), 5-9.
Kuhn Jr, J. R., & Sutton, S. G. (2010). Continuous auditing in ERP system
environments: The current state and future directions. Journal of Information
Systems, 24(1), 91-112.
Lee, J. K., Moon, S. Y., & Park, J. H. (2017). CloudRPS: a cloud analysis based
enhanced ransomware prevention system. The Journal of Supercomputing, 73(7),
3065-3084.
Lin, S., Pizzini, M., Vargus, M., & Bardhan, I. R. (2011). The role of the internal audit
function in the disclosure of material weaknesses. The Accounting Review, 86(1),
287-323.
Mohurle, S., & Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack
2017. International Journal, 8(5).
Rice, S. C., & Weber, D. P. (2012). How effective is internal control reporting under
SOX 404? Determinants of the (non‐) disclosure of existing material
weaknesses. Journal of Accounting Research, 50(3), 811-843.
Sittig, D. F., & Singh, H. (2016). A socio-technical approach to preventing, mitigating,
and recovering from ransomware attacks. Applied clinical informatics, 7(2), 624.
8
RANSOMWARE ATTACK 2017
RANSOMWARE ATTACK 2017
1 out of 9
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.