Systems Documentation and Internal Controls Report for CFO, May 2017

Verified

Added on 2020/03/23

AI Summary

This report, prepared for the CFO of Motherboards and More Pty Ltd, addresses a recent ransomware outbreak and evaluates the company's revenue cycle. It begins with an executive summary and table of contents, followed by an introduction that sets the context of the ransomware attack. The report then details the company's revenue cycle, including how orders are processed and payments are handled. A key section identifies internal control weaknesses, such as the lack of physical inventory counts and the impact of allowing credit purchases. The report also provides an overview of the ransomware attack, describing its spread, impact, and the demand for ransom. It highlights the vulnerabilities exploited by the attack and the response from Microsoft. Finally, the report offers recommendations, focusing on improving warehouse security through the use of RFID tags for inventory tracking, and concludes with a summary of the findings.

0Running head: SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
Name of the Student
Name of the University
Author Note
0

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1References 1
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
Executive summary
This report deals with recent outbreak of the ransom ware attack. The report is for the CFO of
Motherboards and More Pty Ltd. He has also requested for completing a task with the
reviewing of the Revenue cycle and providing advice to management regarding the recent
‘Ransomware Outbreak’ in May 2017.The report has a detailed description of the revenue
cycle that the organization follows, identification of the threats which the current system has,
overview of the working of the ransom ware attack, and recommendation for the organization
on how to combat the drawbacks in their system.

2References 2
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
Table of Contents
Introduction................................................................................................................................3
Overview of the Revenue Cycle................................................................................................3
Identification of threats..............................................................................................................4
Overview of the Ransom ware attack........................................................................................6
Recommendations......................................................................................................................6
Conclusion..................................................................................................................................7
References..................................................................................................................................8

3References 3
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
Introduction
A recent outbreak of the ransomware attack The following report discusses about the
accounting system of the Motherboards and More Pty Ltd. The main emphasis of the report is
a detailed description of the revenue cycle that is mainly followed by the organizations with it
identification of the threads which is incorporated in the system which is followed by the
organization. The working of the threat of the ransom ware attack and with the attack the
recommendation for the company is put forward.
Overview of the Revenue Cycle
The system of revenue which is mainly followed by the company (Motherboards and
more Pvt Ltd) with the aspect that the company is a medium sized and the ownership is
private is precise. The main functionality of the company is the manufacture of motherboard,
card and microchips graphics repairs across the Australia in a central city and the departments
are located on the outskirts of the town (Wells &Bravender, 2016).
The payment is taken by the company on a credit card option by means of placing the
order for the goods through the online website of the company. The order is invoiced and the
main order is send to the ware house in order to the packing of the goods. This is mainly
incorporated by alphabetical manner of the customer (Harris & Kaplan, 2015). The source
number is usually twenty in number and the overall orders which are going out is mainly
more than that. When any item is lost the workers puts the process of logging in item in the
log book so the item can be received or updated in the record.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4References 4
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
Figure 1: Level 0 flow diagram
(Source: By Author)
Identification of threats
The following table discusses about the different threats which is being faced by
Motherboards and More Revenue Cycle:

5References 5
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
Internal Control Weaknesses There is no physical counting of the
inventory items.
Impact These Weaknesses If the items are not kept a track of then if
something gets lost then it will not be found
Specific Internal Controls Tagging the items in the inventory and then
keeping a track of the location the item was
last stored can help in the tracking of the
lost items. Also keeping an active
connective closed circuit camera would help
in looking after the warehouse floor (Sittig&
Singh, 2016).
There are many small internal weaknesses which is organization is facing in the due
source of time. The factor of allowing the customer to buy goods on credit basis was one of
the major factors concerned in the factor, this issue directly decreased the factor of profit. The
use of dock for the incoming and the outgoing delivery of the item can be indicated as the
second point of emphasis, this related to problem creation within the operation of the
organization. In any organization the database in order to keep the record of the customers
plays a vital role , the company lags behind in this field (Kharraz et al., 2015).
Impact of the weakness
The factors of the weakness have a varied impact on the organization. Putting
emphasis on the sales operation team, the policy of the company to provide goods to the
customer on a trail period of 30 days hampered the overall working of the team.

6References 6
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
Overview of the Ransom ware attack
The main factor which caused the problem was a self-replicating software piece that
mainly took advantage of the different vulnerabilities with the main focus on older versions
of Microsoft windows. Finding an exposed target, it spreads from system to system. the
attack of the ransom ware resulted in demand of ransom which varied from an amount of
$US300 and it mainly accompanied increase in amount on an hourly basis. The security holes
where disclosed several weeks after by the shadow brokers, this group was a mysterious
group that mainly published different hacking tools which was used by the NSA (Collier,
2017). Right after the discloser the Microsoft company issued software’s which mainly
included the patches which was made for the loop holes. On the other hand, it can also be
stated that many companies did bot install the patches or used older versions of the operating
system which did not support the patches which was oriented to protect the system
(Mohurle&Patil, 2017).
The most disruptive kind of attack was targeted towards the clinics and the hospital
which were in Britain. The case forced to turn away patients after the access of the computer
system was not allowed due to the attack. There were many other countries which were
involved in the attack for example Spain, Russia, Portugal. Cyber extortionist mainly ticked
the victims in order to open malicious attachment which had the malware in order to spam
emails that mainly appear to be contained in job offers, invoices, warning which are related to
security and other files of legitimate.
Recommendations
From the above discussion it can be stated that the most important aspect that is
related to the problem is that is the company Motherboard and Pvt Ltd faces problem with the
tracking of the goods in their warehouse. The items have been tagged and kept in the shelf.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7References 7
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
The items should be tagged and number with the help of a radio frequency identification tags
(RFID). This would help in knowing the location of the product and if an unauthorized way
were taken up to take the item out of the warehouse then the tags would help in informing the
authorities about the item being taking out of the warehouse (Gupta &Tripathi, 2017).
Conclusion
It can be concluded from the report that the ransom ware attack on the organization
has faced many loss of data in aspect to the financial condition and related to the company.
The detailed study of the case study is mainly based on the drawback which is related to the
technical drawback related to the warehouse.

8References 8
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
References
Andronio, N., Zanero, S., & Maggi, F. (2015, November). Heldroid: Dissecting and detecting
mobile ransomware. In International Workshop on Recent Advances in Intrusion
Detection (pp. 382-404). Springer International Publishing.
Everett, C. (2016). Ransomware: to pay or not to pay? Computer Fraud & Security, 2016(4),
8-12.
Faruki, P., Laxmi, V., Gaur, M. S., & Vinod, P. (2012, October). Mining control flow graph
as API call-grams to detect portable executable malware. In Proceedings of the Fifth
International Conference on Security of Information and Networks (pp. 130-137).
ACM.
Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015, July). Cutting the
gordian knot: A look under the hood of ransomware attacks. In International
Conference on Detection of Intrusions and Malware, and Vulnerability
Assessment (pp. 3-24). Springer, Cham.
Mercaldo, F., Nardone, V., Santone, A., & Visaggio, C. A. (2016, June). Ransomware steals
your phone. formal methods rescue it. In International Conference on Formal
Techniques for Distributed Objects, Components, and Systems (pp. 212-221).
Springer, Cham.
O'Gorman, G., & McDonald, G. (2012). Ransomware: A growing menace. Symantec
Corporation.

9References 9
SYSTEMS DOCUMENTATION AND INTERNAL CONTROLS
Pathak, D. P., & Nanded, Y. M. (2016). A dangerous trend of cybercrime: ransomware
growing challenge. International Journal of Advanced Research in Computer
Engineering & Technology (IJARCET) Volume, 5.
Song, S., Kim, B., & Lee, S. (2016). The effective ransomware prevention technique using
process monitoring on android platform. Mobile Information Systems, 2016.