Future Assignment 1: Security Risks, IT Governance Plan, and COBIT

Verified

Added on 2020/04/01

AI Summary

This assignment, titled "Future Assignment 1," addresses security and ethical risks associated with the introduction of an information system within Cougar Couriers. It identifies potential cybercrimes, including identity theft and ransomware attacks, and ethical harms such as deterioration of business processes. The assignment then proposes an IT governance plan based on the COBIT framework, focusing on four key codes: DS7 (Educate and train users), PO5 (Manage the IT investment), PO9 (Assess risks), and PO11 (Manage quality). The plan emphasizes user training, strategic IT investment, risk assessment, and quality management to mitigate risks and ensure the effective implementation of the IT system. The assignment references several academic sources to support its analysis and recommendations.

Running head: FUTURE ASSIGNMENT 1
Future assignment 1
Name of student
Name of University
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
FUTURE ASSIGNMENT 1
Contents
5. Security and ethical risks during the introduction of an Information system..............................3
6. COBIT IT governance plan by addressing four codes................................................................4
References........................................................................................................................................5

2
FUTURE ASSIGNMENT 1
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.
5. Security and ethical risks during the introduction of an Information system
There are several security related issues and ethical risks that have created complexities for
Cougar Couriers to introduce the information system within the organization. There could be
security risks like cyber crime consisting of major problems of identity theft, phishing,
infringement of copyrights, etc (Kayworth & Whitten, 2012). There could also be hacking
related issues that could not only result in disclosure of important data and information but might
even allow the hackers to gain access to the organisation’s database run by Anjal and Asmita.
Based on the case study, the security risks included the major ransom ware attacks that had
targeted the entire computer system and the operating system through encryption of data and
asking for ransom payments in the form of Bitcoin crypto currency. The ethical harms could be
deterioration of business processes, which would not only result in inappropriate services
delivery to the consumers but might also create huge amount of loss in business for Cougar
Couriers in Australia (Von Solms & Van Niekerk, 2013). Though Anjal somehow managed to
overcome from this critical security problem by performing incremental backup and even used
antivirus, firewall and malware detection software to ensure that these security related risks were
overcome, still a proper IT governance plan is required. This is possible with the help of
following the four major codes that are present in the COBIT, which is an effective IT
Governance approach for focusing on the various aspects of IT functions at Cougar Couriers.
O’Brien, J. and Marakas, G. (2017). Management information system. 10th ed. McGraw-
Hill/Irwin, pp.1-673.

3
FUTURE ASSIGNMENT 1
6. COBIT IT governance plan by addressing four codes
DS7 – Educate and train users
The users must be trained and provide knowledge to them regarding the ransomware attack risks
and how can they deal with them. The users must be provided with necessary skills and
knowledge about the strategic alignment of IT strategy and ensure that the strategy fulfill the
standards of the organization. They must know the IT governance policies, checklists and
governance standards properly and should be skilled in the field f technology and IT (Ali &
Green, 2012). They should have proper information and knowledge about using the hardware
components of IT such as firewall, encryption methods, Wi-Fi SSD, etc. that were required to
implement the IT system and ensure security as well.
PO5 – Manage the IT investment
The IT investments should be done for improving the security measures to reduce the chances of
risks and ethical issues of IT and furthermore apply portfolio management technique. It can act
as a systematic management approach for making investments, manage projects and various
activities of the IT department of Cougar Couriers (O’Brien and Marakas, 2017).
PO9 – Assess risks
The assessment of risks is done to ensure that the IT system functions properly and any
unauthorized access is prevented along with ransomware attacks. Enterprise risk management is
a governance responsibility that can use the combined code to develop an entrepreneurial
leadership within the organization and cerate effective controls for assessment and management
of IT related risks with ease.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
FUTURE ASSIGNMENT 1
PO11 – Manage quality
Management of quality is possible through Total Quality management or TQM approach. This
would set quality measures and standards for determining the needs of consumers and deliver
services accordingly, develop quality as a shared responsibility, align the quality measures with
the organizational objectives and identify risks prior to the implementation of IT system at
Cougar Couriers. This would create an effective IT system and ensure that any sort of harmful
activities are prevented and information is not leaked form the company. More customers would
be attracted and this would generate better profit level too.

5
FUTURE ASSIGNMENT 1
References
Ali, S., & Green, P. (2012). Effective information technology (IT) governance mechanisms: An
IT outsourcing perspective. Information Systems Frontiers, 14(2), 179-193.
Ali, S., & Green, P. (2012). Effective information technology (IT) governance mechanisms: An
IT outsourcing perspective. Information Systems Frontiers, 14(2), 179-193.
Kayworth, T., & Whitten, D. (2012). Effective information security requires a balance of social
and technology factors.
O’Brien, J. and Marakas, G. (2017). Management information system. 10th ed.
McGraw-Hill/Irwin, pp.1-673.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.