Case Study 3 – Due 10/20
Question 1
Research a company that experienced a well-documented data
each in the past. You can use the website below in identifying such a company:
http:
www.informationisbeautiful.net/visualizations/worlds-biggest-data-
eaches-hacks
Write a one page single spaced report addressing the following points:
· Provide a
ief description of the company which includes the company history, type of business, stakeholders, type of data
each experienced etc.
· Identify any business processes utilized by the chosen company in completing normal business transactions.
· Explain in detail the data
each experienced by the company (e.g. external/internal threats).
· Identify the main stakeholders of the company as well as the stakeholders affected by the data
each.
· Identify the type information compromised by the data
each and the type of information systems used by the company.
· Identify whether the company had any internal controls in place to protect sensitive information.
· What weaknesses in the organizations control structure must have existed to permit this data
each?
· How did the company respond to the data
each? Did the company provide any solutions to the affected individuals/stakeholders etc.?
· What specific control techniques and procedures could have helped prevent and detect this data
each?
Question 2
Protecting Privacy of Tax Returns
The department of taxation in your state is developing a new computer system for processing individual and corporate income-tax returns. The new system features direct data input and inquiry capabilities. Taxpayers are identified by social security number (for individuals) and federal tax identification number (for corporations). The new system should be fully implemented in time for the next tax season.
The new system will serve three primary purposes:
1. Tax return data will automatically input into the system either directly (if the taxpayer files electronically) or by a clerk at central headquarters scanning a paper return received in the mail.
2. The returns will be processed using the main computer facilities at central headquarters. Processing will include four steps:
a. Verifying mathematical accuracy
. Auditing the reasonableness of deductions, tax due, and so on, through the use of edit routines, which also include a comparison of cu
ent and prior years’ data
c. Identifying returns that should be considered for audit by department revenue agents
d. Issuing refund checks to taxpayers
3. Inquiry services. A taxpayer will be allowed to determine the status of his or her return or get information from the last 3 years’ returns by calling or visiting one of the department’s regional offices or by accessing the department’s website and entering his or her social security number.
The state commissioner of taxation and the state attorney general are concerned about protecting the privacy of personal information submitted by taxpayers. They want to have potential problems identified before the system is fully developed and implemented so that the proper controls can be incorporated into the new system.
(Explain your answers in detail. Your answer to each question should be at least 100 words.)
Describe the potential privacy problems that could arise in each of the following three areas of processing, and recommend the co
ective action(s) to solve each problem identified:
a. Data input
. Processing of returns
c. Data inquiry
(CMA examination, adapted)
Page 1 of 2
ACCT 4020
Case Study Guidelines
1. Your full name and case study number should appear on the first page (refer to case study
exemplar posted on eCourseware).
2. Your typed answer sheet do not need to include the scenarios.
3. Number your answers co
ectly so your instructor can refer to them.
4. Type your answers single-spaced, with margins of standard width (usually 1 inch on the
sides and bottom and 1 1/2 inch on the top). Use Times New Roman font size 12.
5. You must acknowledge the sources of all your information and any ideas or
interpretations you have taken from other works. These references are usually placed into
notes, with a bibliography at the end of the paper that lists all works used.
6. Plagiarism. This serious academic offense can take many forms, including using another
writer’s phrase without putting it into quotation marks, not giving the source for a
quotation, taking information from other works without acknowledgment, presenting
other people’s ideas as if they were your own, or submitting content that you did not
write.
7. You may not use content you wrote for one course to fill an assignment in another class.
8. Submit your case studies to the submission dropbox on eCourseware. You will be
submitting the assignment to “OriginalityCheck” in order to check for plagiarism.
“OriginalityCheck” will generate a report identifying the extent to which your paper
matches with other sources. Some level of matching is inevitable, due to references, etc.
If your paper matches other sources in excess of 30%, I will review the report and
determine if plagiarism is present. If 50% matches and I find that no plagiarism has
occu
ed, i.e., 50% of the paper is based on properly cited quotes, I will nonetheless
educe the grade on the premise that the majority of the thoughts represented in the paper
are based on someone else’s work.