Hello Sir,
Thanks for agreeing to have a meet with me. It will be a pleasure being part of your organization and I am looking forward for this great opportunity.
Internal audit will play an important role in these crucial inventiveness through assisting administration in understanding the risk profile related with the breach in PaySF application. Further through internal audit assistance will be provided by suggesting proper risk reducing policies for assessing and reporting risk alleviation activities during the significant phases of the inventiveness. It could be a crucial partner with the business in assisting to make sure that implementation of cloud-based technologies is an achievement. While updating or moving application or IT infrastructure of the company for issues relating to security of PaySF application through internal company will be able to execute budget and programme overruns, comprehensiveness of obligations or designs and project resourcing in appropriate manner.
Internal audit will assist company is ascertaining appropriate resolution for PaySF breach security issue through following activities:
Supervising significant procedures and controls
Senior executives often concentrate on daily operations of companies, thus they should place adequate emphasis on supervising significant procedures and controls. Thus, internal audit could help supervising and mitigating errors as well as deception. With the help of adequate focus on important process the company can reduce the risk involved in app security.
Concentrating on likely IT security concerns
Internal auditors convey an organized, disciplined approach to administer the security breach issues relating to PaySF application through recognising, reducing and paying attention to threats which can influence the long term objective of corporations.
Separation of Responsibilities
The main problem which is generally seen in organizations is to segregate of responsibilities among workers. In comparison to big companies the risk of fraud is high in small companies wherein incompatible functions are controlled by diverse individuals. The same can be minimised by segregating the duties between personnel. Further, internal auditors could recognise where fraud risks occurs and make suggestions in order to minimise risks.
The occurrence of legal risk is due to breach of or non-conformance with regulation, set of laws or imposed practices, when the legal rights and responsibilities of parties to a transaction are not well recognized. Legal electronic money risk occurs from ambiguity about the validity of some agreements formed through electronic media. Thus, the financial impact of assessed breach of security is that company might be obliged for heavy penalties due to non-compliance with law and provisions.
Operational risk takes place with regard to the controls over access to an application or software and risk administration systems, details which it communes with other parties and at the time of electronic funds transfer, calculates the bank uses to dissuade and detect bogus. Due to expanded computer abilities, geographical dispersion of access points as well as because of different uses of communication path comprising public networks for example internet, controlling access of an application or software. In addition to this, it is significant to consider that with electronic transfer of funds, violation of security can leads to fraud produced liabilities of the bank. In other types of electronic banking, unofficial access can results in direct losses, added liabilities to consumers or other inconveniences.
Different kind of substantiation issues can take place, for instance, inappropriate controls can leads to a successful attack by hackers through which they can access, retrieve and use private consumer information. It is stated by Pratt and Peters (2017), when there are inappropriate controls, an external third party can access an organization’s computer system and insert a virus into it.
The shareholders and investors are important for the company. If they come to know that the data are loss or security breached by the company than the trust they have on the company will be loosed. Further, in such cases it is very difficult for the organisations to regain the trust of consumers. An organization will require putting additional efforts to regain the trust of its customers through satisfying them by providing appropriate service.
Along with external attacks on application and software as in present case PaySF are exposed to operational threat with regard to workers fraud; personnel who can secretly acquire substantiation information to access accounts of consumers or to steal value cards. Further, involuntary errors through workers might also conciliation organization systems. Direct concern to managerial authorities is the threat of criminals counterfeiting electronic money, which is delegating if organization not succeeds to integrate appropriate measures to identify and dissuade counterfeiting.
Table 1: Sanction Fines of four country in which PaySF is available
Sanction Fines |
Amount |
Italy |
£4.0m |
Sweden |
Kr 2m/£234600 |
UK |
£2.1m |
Germany |
£2.5m |
Total |
£10.5m |
As in Italy sanction fines are too high in comparison i.e. £ 4.0 million to other countries or just double of UK. Thus, the company required to reassess the security network updates of Italy in order to reduce the same to possible extent. Even though the average no. of transaction of Italy are less than other three countries but the sanction fines are too high. The reason for potential causes of cyber security breaches might be as follows:
Table 2: Relationship between cost and profit of PaySF
|
Germany (€) |
Italy (€) |
UK (€) |
Sweden (€) |
Revenue |
5340000 |
6256730 |
8550000 |
4122500 |
Cost of Sales |
(500000) |
(450000) |
(456000) |
(630500) |
Gross Profit |
4840000 |
5806730 |
8094100 |
3492000 |
Profit/ Loss for the year |
2172852 |
2631182 |
3999760 |
1477710 |
Notes
1.14€ =1£
1 Kr =0.097£
It can be assess from the above figures that cost of sales of UK is higher than that of other countries. At the same time expenses of Sweden is also more than other countries. The reason behind same could be ineffectiveness of cyber security relating to application. Thus, expenditure of Sweden and Germany are higher in comparison to others and through internal audit procedure reason relating to same could be ascertained. In order to control specified risk in future, following measures could be applied:
Open isolated access Susceptibility: This is utilised for providing security services and protocol to third-party. Further, it also can be utilised to enable somebody to log in to a system vaguely. It is considered that IT executives be mindful that any connection even if meant for a fruitful purpose, for example enabling the administration of a POS system isolatable can results in vulnerable networks.
Create a cyber violation response strategy: Creating the comprehensive breach preparedness plan allows workers as well as mangers to comprehend the likely damages that can take place. Furthermore, manger should be transparent regarding the scope of the violation. With the assistance of efficient response strategy, company can restrain lost productivity as well as can prevent unconstructive publicity.
The response plan must start with accurate assessment of what was mislaid and when. Subsequently, determine who is accountable whenever possible. Through taking fast, significant action, company can limit damages and reinstate the trust of employees along with consumers.
Encryption of data and procuring cyber insurance policy: In order to secure the information the companies should make sure the data store up in databases and on networks is encrypted. It is considered as the efficient means of preventing data against hackers achieving access to receptive information. In case a company faces a cyber breach, an efficient Cyber insurance policy will compensate the losses and expenses to refurbish the damage.
Country |
Average no. transactions per month per consumer (pre-incident) |
Average transaction value (pre-incident) |
Average no. transactions per month per consumers (post-incident) |
Average transaction (post-incident) |
Transaction Fees (% of value) |
|
Italy |
60 |
€43.12 |
35 |
€15.75 |
0.8% |
|
UK |
100 |
£31.45 |
60 |
£24.99 |
1.2% |
|
Sweden |
120 |
Kr371.38 |
75 |
Kr150.27 |
1% |
|
Germany |
78 |
€34.56 |
42 |
€28.85 |
0.5% |
As the transaction fees of UK are higher that is 1.2% in comparison to the other countries and the numbers of transaction are lower than that of Sweden. Therefore there is a need to implement the cyber security in efficient manner. The role of internal audit is to provided assurance to business in specified manner:
With the assistance of internal audit organization will be able to reconsider and test cyber security, business continuity and disaster-revival plans. Moreover the potential for reputational damage that poorly administered organisation disorders create is important, it is more efficient to find faults by deride exercises than in a reality. By having conversation to the board of members and senior executive the level of risk could be reduced and efforts to resolve such threats can be made.
Further operating collaborative with IT and other parties to create efficient defences and responses: Cyber risk is considered as a risk for business, not just an IT risk. It is exaggerated, altered and mystified through being supported exclusively by IT systems. Creation of strong, mutual connection among internal audit and IT leads to ensuring reducing efforts and responses are effectual.
Executives and management requires assessing the effectiveness of applied changes on the organization. Further, it is required to be assured that whether the risk of breach of security has been reduced or not. Monitoring the modified environment of IT department is necessarily to be done on continue basis in order to assess the manner in which same has been affecting other functions of organization. Further the effectiveness will be rated on following basis:
The ways to rate the administration department skills:
A violation of security can influence much more than that of short term incomes, thus management require to emphasize on same in continue manner. Important revenue loss as a result of a security violation is very general. Research depicts that 29% of business that face a data violation end up losing income. Of those lost income, 38% experienced a loss of 20% more. The same depicts that it is necessary that company should assess app security breach issues on a continue basis.
We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.
Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.
Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.
Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.
Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.
Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.
We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.
Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.
You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.
Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.
Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.
From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.
Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.
Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.
You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.
You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.
Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.
We create perfect papers according to the guidelines.
We seamlessly edit out errors from your papers.
We thoroughly read your final draft to identify errors.
Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!
Dedication. Quality. Commitment. Punctuality