Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Risk Management and IT Auditing at Telstra

Verified

Added on 2023/06/09

AI Summary

This paper discusses the significance of information security in the communication system and possible risks associated with the process. Proper risk management controls have been discussed in this context with respect to Telstra. The importance of IS auditing has also been discussed.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: RISK MANAGEMNT AND IT AUDITING AT TELSTRA
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
Table of Contents
Introduction......................................................................................................................................2
Discussion........................................................................................................................................2
General Management Control System of Telstra:.......................................................................3
Application Control and its usage in Telstra:..............................................................................5
Comparison between general management control and application control:..............................6
Risk management technique used in Telstra:..............................................................................6
Importance of auditing Information System:...............................................................................8
Audit planning:............................................................................................................................8
Audit process:..............................................................................................................................8
Recommendations........................................................................................................................9
Conclusion.......................................................................................................................................9
References......................................................................................................................................11

2References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
Introduction
Telstra Corporation Limited is the largest company in Australia which provides
telecommunication and mobile network service throughout Australia. Telstra has long history of
providing the service in the field of telecommunication and mobile network (Van Dijk, Morneau
& Duane,2017). In order to maintain the good will of the service, Telstra is concerned about
providing better information system security to the users of their service. The main objective of
this paper is to understand the significance of the information security in the communication
system and possible risks associated with the process. Proper risk management controls have
been discussed in this context. In order to gather the relevant information regarding this subject,
the discussion is done in the context of Telstra. The identification of risks has been done on the
basis of the operation of Telstra (Keogh, Gordon & Marinovic,2018). The discussion about
general management control and application control has been discussed as the tools for the
identification of the risks. The risk management techniques adopted by Telstra has been
discussed along with its significance and effectiveness in the real business situation. The
recommendations for the modification and improvisation of the existing system have been
developed on the basis of the discussion.
Discussion
Telstra is one of the largest organizations in Australia providing the telecommunication
services to the users. Currently Telstra is providing 17.6 million retail mobile services, and 3.5
million fixed broadband services. Telstra is spread over 20 countries. The main aim of Telstra is
to provide good network connection to the users through digital connection as well as
maintaining the standard of digital content. Currently Telstra is providing different kinds of

3References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
network services for the different fields like overseas telecommunication, nationalized banks,
private sectors and customer services.
The need of using communication network is growing and it is used in almost every
sectors of working. The kind of services Telstra is providing mainly based on maintaining the
good communication service for the organizations, companies and individuals. The data sharing
through the communication are confidential and sensitive. It can be said that the information and
the system security are important to be maintained as the security of the transmitted data is
concerned. In this context, maintain the system that will help the users to communicate over the
mobile or communication network in a safe and secured way is important for Telstra.
General Management Control System of Telstra:
The general management control system of any company uses the information related to
the company in order to evaluate the performance of the company. Telstra is a
telecommunication service providing company whose aim is to provide effective digital service
to the users in a secured way.
The general management control system for the companies like Telstra has four
objectives. The proper management control plan will help to achieve these four adjective in
order to improvise the business of the organization.
The four objectives for the proper running of the business for a telecommunication
organization:
 Continuity in the resource.
 Managing the energy used in the company in an efficient way.
 Managing of the internal risks.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
 Managing the system
The main objective of the management control system is to manage the internal operational
functions along with mitigation of the threats from the possible risks.
In case of Telstra, the management control and risk mitigation techniques of the organization
can be discussed with respect to these four objectives.
Continuity in managing the resource: The business of Telstra is in good shape. Currently the
organization is using the latest technology and tools for providing the telecommunication
service. Research and development is being conducted by the company so that in future it can
adopt more advanced technology for giving the service (Slocombe, 2017). The company is doing
well and thus running in profit. It can be said that the company has enough financial resources to
carry out the research for the advancement of the service. Apart from that the employees in the
organization are well versed and knowledgeable about different practices in the
telecommunication industry. It can be said that the Telstra has both financial resource and human
resource for the expansion and development of the business.
Managing of the energy: The conservation of the energy in different ways are current trend
for various business sectors. The conservation of the energy will help the organization to use
and manage the resource energy in a proper way. Telstra is aware about this trend and is
developing the technology which will provide better service to the consumers along with the
conservation of the energy.
Managing internal risk: The management of the internal risks in proper way will help to
mitigate certain threats. Some of the internal risks those can be face by Telstra are- risks from the
damaging of equipments, bad service, lack of managerial decisions (Cherry & Bendick,2018).

5References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
However, Telstra is concerned about these chances of the risks. The equipments in the
organization are handled by the efficient employees. The management and the business team
takes proper decisions for making the next step in the business.
Managing the system: Currently Telstra can be regarded as the largest network service
provider Company all over Australia. It is currently operating over 20 other countries. These
factors indicate that the company is providing good service and maintaining goodwill in the
industry. This indicates that the system which is operated by the organization is operating in
proper way. However, there are chances for the improvisation and modification.
Application Control and its usage in Telstra:
Application control is defined by the control used for managing the access of the devices
and computers used in the organization. The implementation of the application control is
important as it helps to prevent the unauthorized access in the system (Mkoba &
Marnewick,2016). The application control in Telstra is effective as it is applicable to control the
access of different system (Sabillon, Cavaller & Cano,2016). The application control at Telstra is
implemented in payroll system, online learning system and other business oriented applications
(Li, 2014). Some of the functions of application control system include the checking of the
completeness of the system, checking the validity of the application and checking of
authentication.
There are various kinds of application control system. Some types of application control
systems are-
Input control: Input control checks the integrity of the data which has been entered into
the business application.

6References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
Processing control: The function of the processing control ensures that the process is
complete and accurate.
Output control: the main function of the output control is to compare the output result
with the expected output.
Management trial: This is also known as audit trail. The main function of management
trial is to check the effectiveness of the system and identify the existing errors in the system.
Comparison between general management control and application control:
Both general management control and application management control help the
organization in managing of the business. However, there are basic differences between these
two types of control. Application control is specifically focused on managing and controlling the
operation of different systems running in the organization (Calic et al.,2016). On the other hand
the general management system control is focused on managing overall operations of the
organization. In this context it can be said that general management control is super set of
application control. The function general management control includes the proper management
of application control.
Risk management technique used in Telstra:
Management of the risk starts with the identification of the risks, assessment of the risk
and control of the risks. The proper management of the risk helps to mitigate the possible threats
in the organization. In Telstra, the risk management plan has been developed in a proper way
which includes risk identification and risk assessment plan.
Identified risks: The risk management plan of Telstra has identified certain risks. Those
risks can be categorized into two different parts (Jia, Munro & Buckby, 2016). The internal risks

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
denotes the risks in the organization such as the damaging of the equipments, miscommunication
between the employees, lack of maintenance (Wilcox & Bhattacharya,2015). The internal risks
can damage the service provided by the Telstra. The external risks are classified as the risk
associated with business situation, market condition and political problems.
Risk assessment: The assessment of the risk can be presented through various techniques.
One of such technique is risk matrix. The risk management technique denotes the priority of the
risks. The significance or priority of different risks is classified based on the consequences of the
risks for the organizations. It can be said that the internal risks can be managed in a proper way
as it can be controlled by the organization management (Shu et al.,2018). On the other hand the
external risks cannot easily be managed by the organization. On that case, external risks are more
complicated.
Risk control: The controlling of the risk indicates the mitigation of impact of certain
threats in the organization (Byrnes et al.,2018). In this case, Telstra has taken certain steps to
mitigate the risks in the organization. The organization is providing proper training to its
employees so that they can handle the equipments and the systems in a proper way (Layton &
Watters, 2014). The application control has implemented so that the data breaching from the
organization can be prevented (Tanimoto et al.,2015). On the other hand Telstra is operating over
20 countries. Before entering into the business in a country, the legal team of the organization
evaluates the business rules and regulations of that country so that the external risks can be
mitigated.

8References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
Importance of auditing Information System:
The IT auditing ensures the integrity, confidentiality and security of the business process
in the organization (McShane, Gregory & Wilson, 2016). IT audit includes web services,
application software and client server network along with the security system. The main
objective of IT security is to ensure that there is no security threats in the system used in the
organization.
Telstra uses IS audit in order to ensure the integrity within the organization.
Audit planning:
The audit planning is the blueprint which indicates the plans those needed to be executed in
order complete the information system audit in a proper way. The planning of the audit plan of
Telstra includes-
 To meet with IT management team in order to focus on the concerned areas for auditing.
 To review the organizational chart of current information technology .
 To make the discussion with the data employees in order to review the operating system
and the software application used in the organization.
 After this review the evaluation of the policies and procedures are evaluated along with
the budget and planning of the policies in the organization.
 The recovery plan is made on the basis of the evaluation.
Audit process:
The audit process includes the execution of the tasks mentioned in the planning process. One
of the main tasks of Telstra IS auditing in this phase is establishment of the audit objectives. The
audit objectives includes-

9References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
 Establishing the procedures and responsibilities which covers system and cross functional
training.
 The modification of the management process through implementation of IT.
 Minimizing the downtime and mitigate the loss of information from the system.
 Providing adequate physical security in order to prevent unauthorized access in the
systems of the organization.
The review is done on the basis of the collected data. The review covers equipments, policies
and procedures maintained in the organization and physical security for environmental control
used in Telstra.
Recommendations
The safety and security of the information in Telstra is better compared to other
telecommunication companies (Aqlan, 2016). However, the company is inventing new
technologies in order to improve the services. In that case, Telstra has to invent new security
policies in order to prevent information loss. The training about the implementation of the new
technologies is needed to be provided to the employees.
Conclusion
The discussion focuses on the risk management and security of Telstra company. In order
to discuss these different aspects of the risk management has been discussed. The identification
of the risks at Telstra and the assessment of the risks along with the management control have
been done in this context. The importance of the IS auditing has been discussed along with the
planning and the procedure of the auditing process at Telstra. Based on the discussion certain
recommendations have been made. In the conclusion it can be said that the proper

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
implementation of risk management planning and the auditing of the IS can make proper
improvement of operation of Telstra.

11References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
References
Aqlan, F. (2016). A software application for rapid risk assessment in integrated supply
chains. Expert Systems with Applications, 43, 109-116.
Byrnes, P. E., Al-Awadhi, A., Gullvist, B., Brown-Liburd, H., Teeter, R., Warren Jr, J. D., &
Vasarhelyi, M. (2018). Evolution of Auditing: From the Traditional Approach to the
Future Audit 1. In Continuous Auditing: Theory and Application (pp. 285-297). Emerald
Publishing Limited.
Calic, D., Pattinson, M. R., Parsons, K., Butavicius, M. A., & McCormac, A. (2016). Naïve and
Accidental Behaviours that Compromise Information Security: What the Experts Think.
In HAISA (pp. 12-21).
Cherry, F., & Bendick, M. (2018). Making It Count: Discrimination Auditing and the Activist
Scholar Tradition. In Audit Studies: Behind the Scenes with Theory, Method, and
Nuance (pp. 45-62). Springer, Cham.
Jia, J., Munro, L., & Buckby, S. (2016). A finer-grained approach to assessing the
“quality”(“quantity” and “richness”) of risk management disclosures. Managerial
Auditing Journal, 31(8/9), 770-803.
Keogh, K., Gordon, C., & Marinovic, P. (2018). Cyber security: Global developments in cyber
security law: is Australia keeping pace?. LSJ: Law Society of NSW Journal, (42), 82.
Layton, R., & Watters, P. A. (2014). A methodology for estimating the tangible cost of data
breaches. Journal of Information Security and Applications, 19(6), 321-330.

12References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
Li, W. (2014). Risk assessment of power systems: models, methods, and applications. John
Wiley & Sons.
McShane, I., Gregory, M., & Wilson, C. (2016). Practicing Safe Public Wi-Fi: Assessing and
Managing Data-Security Risks.
Mkoba, E., & Marnewick, C. (2016, September). IT project success: A conceptual framework for
IT project auditing assurance. In Proceedings of the Annual Conference of the South
African Institute of Computer Scientists and Information Technologists (p. 26). ACM.
Sabillon, R., Cavaller, V., & Cano, J. (2016). National Cyber Security Strategies: Global Trends
in Cyberspace. International Journal of Computer Science and Software
Engineering, 5(5), 67.
Shu, J., M. Rosenberg, J., Upadhyaya, S., & Rao, H. R. (2018). The Internet of Things and IT
Auditing. Internet of Things A to Z: Technologies and Applications, 275-292.
Slocombe, G. (2017). Defence's cyber security benefits from industry support. Asia-Pacific
Defence Reporter (2002), 43(6), 54.
Tanimoto, S., Ohata, K., Yoneda, S., Iwashita, M., Sato, H., Seki, Y., & Kanai, A. (2015, June).
Risk assessment of social-media utilization in an enterprise. In Software Engineering,
Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), 2015
16th IEEE/ACIS International Conference on (pp. 1-4). IEEE.
Van Dijk, M. E., Morneau, T. A., & Duane, W. M. (2017). U.S. Patent No. 9,774,446.
Washington, DC: U.S. Patent and Trademark Office.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13References
RISK MANAGEMNT AND IT AUDITING AT TELSTRA
Wilcox, H., & Bhattacharya, M. (2015). Countering social engineering through social media: an
enterprise security perspective. In Computational Collective Intelligence (pp. 54-64).
Springer, Cham.

1 out of 14

+13062052269

info@desklib.com

Risk Management and IT Auditing at Telstra

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

IS Security and Risk Management: Telstra Corporation Ltd

IS Security and Risk Management: Telstra Corporation

Business Information System: Telstra Organization

IS Security and Risk Management

ASX CGC Principles

Information System: Telstra Telecommunications