Hello Sir,
Thanks for agreeing to have a meet with me. It will be a pleasure being part of your organization and I am looking forward for this great opportunity.
Internal audit will play an important role in these crucial inventiveness through assisting administration in understanding the risk profile related with the breach in PaySF application. Further through internal audit assistance will be provided by suggesting proper risk reducing policies for assessing and reporting risk alleviation activities during the significant phases of the inventiveness. It could be a crucial partner with the business in assisting to make sure that implementation of cloud-based technologies is an achievement. While updating or moving application or IT infrastructure of the company for issues relating to security of PaySF application through internal company will be able to execute budget and programme overruns, comprehensiveness of obligations or designs and project resourcing in appropriate manner.
Internal audit will assist company is ascertaining appropriate resolution for PaySF breach security issue through following activities:
Supervising significant procedures and controls
Senior executives often concentrate on daily operations of companies, thus they should place adequate emphasis on supervising significant procedures and controls. Thus, internal audit could help supervising and mitigating errors as well as deception. With the help of adequate focus on important process the company can reduce the risk involved in app security.
Concentrating on likely IT security concerns
Internal auditors convey an organized, disciplined approach to administer the security breach issues relating to PaySF application through recognising, reducing and paying attention to threats which can influence the long term objective of corporations.
Separation of Responsibilities
The main problem which is generally seen in organizations is to segregate of responsibilities among workers. In comparison to big companies the risk of fraud is high in small companies wherein incompatible functions are controlled by diverse individuals. The same can be minimised by segregating the duties between personnel. Further, internal auditors could recognise where fraud risks occurs and make suggestions in order to minimise risks.
The occurrence of legal risk is due to breach of or non-conformance with regulation, set of laws or imposed practices, when the legal rights and responsibilities of parties to a transaction are not well recognized. Legal electronic money risk occurs from ambiguity about the validity of some agreements formed through electronic media. Thus, the financial impact of assessed breach of security is that company might be obliged for heavy penalties due to non-compliance with law and provisions.
Operational risk takes place with regard to the controls over access to an application or software and risk administration systems, details which it communes with other parties and at the time of electronic funds transfer, calculates the bank uses to dissuade and detect bogus. Due to expanded computer abilities, geographical dispersion of access points as well as because of different uses of communication path comprising public networks for example internet, controlling access of an application or software. In addition to this, it is significant to consider that with electronic transfer of funds, violation of security can leads to fraud produced liabilities of the bank. In other types of electronic banking, unofficial access can results in direct losses, added liabilities to consumers or other inconveniences.
Different kind of substantiation issues can take place, for instance, inappropriate controls can leads to a successful attack by hackers through which they can access, retrieve and use private consumer information. It is stated by Pratt and Peters (2017), when there are inappropriate controls, an external third party can access an organization’s computer system and insert a virus into it.
The shareholders and investors are important for the company. If they come to know that the data are loss or security breached by the company than the trust they have on the company will be loosed. Further, in such cases it is very difficult for the organisations to regain the trust of consumers. An organization will require putting additional efforts to regain the trust of its customers through satisfying them by providing appropriate service.
Along with external attacks on application and software as in present case PaySF are exposed to operational threat with regard to workers fraud; personnel who can secretly acquire substantiation information to access accounts of consumers or to steal value cards. Further, involuntary errors through workers might also conciliation organization systems. Direct concern to managerial authorities is the threat of criminals counterfeiting electronic money, which is delegating if organization not succeeds to integrate appropriate measures to identify and dissuade counterfeiting.
Table 1: Sanction Fines of four country in which PaySF is available
|
Sanction Fines |
Amount |
|
Italy |
£4.0m |
|
Sweden |
Kr 2m/£234600 |
|
UK |
£2.1m |
|
Germany |
£2.5m |
|
Total |
£10.5m |
As in Italy sanction fines are too high in comparison i.e. £ 4.0 million to other countries or just double of UK. Thus, the company required to reassess the security network updates of Italy in order to reduce the same to possible extent. Even though the average no. of transaction of Italy are less than other three countries but the sanction fines are too high. The reason for potential causes of cyber security breaches might be as follows:
Table 2: Relationship between cost and profit of PaySF
|
|
Germany (€) |
Italy (€) |
UK (€) |
Sweden (€) |
|
Revenue |
5340000 |
6256730 |
8550000 |
4122500 |
|
Cost of Sales |
(500000) |
(450000) |
(456000) |
(630500) |
|
Gross Profit |
4840000 |
5806730 |
8094100 |
3492000 |
|
Profit/ Loss for the year |
2172852 |
2631182 |
3999760 |
1477710 |
Notes
1.14€ =1£
1 Kr =0.097£
It can be assess from the above figures that cost of sales of UK is higher than that of other countries. At the same time expenses of Sweden is also more than other countries. The reason behind same could be ineffectiveness of cyber security relating to application. Thus, expenditure of Sweden and Germany are higher in comparison to others and through internal audit procedure reason relating to same could be ascertained. In order to control specified risk in future, following measures could be applied:
Open isolated access Susceptibility: This is utilised for providing security services and protocol to third-party. Further, it also can be utilised to enable somebody to log in to a system vaguely. It is considered that IT executives be mindful that any connection even if meant for a fruitful purpose, for example enabling the administration of a POS system isolatable can results in vulnerable networks.
Create a cyber violation response strategy: Creating the comprehensive breach preparedness plan allows workers as well as mangers to comprehend the likely damages that can take place. Furthermore, manger should be transparent regarding the scope of the violation. With the assistance of efficient response strategy, company can restrain lost productivity as well as can prevent unconstructive publicity.
The response plan must start with accurate assessment of what was mislaid and when. Subsequently, determine who is accountable whenever possible. Through taking fast, significant action, company can limit damages and reinstate the trust of employees along with consumers.
Encryption of data and procuring cyber insurance policy: In order to secure the information the companies should make sure the data store up in databases and on networks is encrypted. It is considered as the efficient means of preventing data against hackers achieving access to receptive information. In case a company faces a cyber breach, an efficient Cyber insurance policy will compensate the losses and expenses to refurbish the damage.
|
Country |
Average no. transactions per month per consumer (pre-incident) |
Average transaction value (pre-incident) |
Average no. transactions per month per consumers (post-incident) |
Average transaction (post-incident) |
Transaction Fees (% of value) |
|
|
Italy |
60 |
€43.12 |
35 |
€15.75 |
0.8% |
|
|
UK |
100 |
£31.45 |
60 |
£24.99 |
1.2% |
|
|
Sweden |
120 |
Kr371.38 |
75 |
Kr150.27 |
1% |
|
|
Germany |
78 |
€34.56 |
42 |
€28.85 |
0.5% |
As the transaction fees of UK are higher that is 1.2% in comparison to the other countries and the numbers of transaction are lower than that of Sweden. Therefore there is a need to implement the cyber security in efficient manner. The role of internal audit is to provided assurance to business in specified manner:
With the assistance of internal audit organization will be able to reconsider and test cyber security, business continuity and disaster-revival plans. Moreover the potential for reputational damage that poorly administered organisation disorders create is important, it is more efficient to find faults by deride exercises than in a reality. By having conversation to the board of members and senior executive the level of risk could be reduced and efforts to resolve such threats can be made.
Further operating collaborative with IT and other parties to create efficient defences and responses: Cyber risk is considered as a risk for business, not just an IT risk. It is exaggerated, altered and mystified through being supported exclusively by IT systems. Creation of strong, mutual connection among internal audit and IT leads to ensuring reducing efforts and responses are effectual.
Executives and management requires assessing the effectiveness of applied changes on the organization. Further, it is required to be assured that whether the risk of breach of security has been reduced or not. Monitoring the modified environment of IT department is necessarily to be done on continue basis in order to assess the manner in which same has been affecting other functions of organization. Further the effectiveness will be rated on following basis:
The ways to rate the administration department skills:
A violation of security can influence much more than that of short term incomes, thus management require to emphasize on same in continue manner. Important revenue loss as a result of a security violation is very general. Research depicts that 29% of business that face a data violation end up losing income. Of those lost income, 38% experienced a loss of 20% more. The same depicts that it is necessary that company should assess app security breach issues on a continue basis.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download