Write an opinion/response/feedback on the posts mentioned in the word document. The responses should have references and also valid in-text citations (APA Format) (total 4 responses)
(These posts are posted by Professor and other students, so when you write the response please relate to their statements.
Post1
The world of information security is growing day by day, and there are many templates from where one can create a basic idea of how the security policies should be. However, there are many ways to develop an information security policy. First, we need to understand which domain the organization is in and which security policy do we need like the general, Network security, server security, or application security. www.sans.org is the best resource to provide with the information security policy templates.
The Two most important items that I would include in the policy are:
1.Access Control: For an organization, the data is so important, and while developing the security policies, we need to make sure that users only have the necessary permissions which they are allowed.
2.Disaster recovery: The other most important thing which needs to be included in the policy is the DR solution we may have the data which is safe and well protected, and it will be useless if we can’t get it on time by keeping environmental. The manual mistakes in mind we should always have a DR policy.
Post 2
According to Zhao, every organization needs to have security measures and policies in place to safe guard its data, and to protect employees, customers and business. An information security policies ties together all the technology, policies and procedures in one document. The first step that we should turn towards is internal existing policy standards and measures within the company, understanding the technology and data breach scenarios and the employment frame work held within the company . The author recommends that the National Institue of Standards and Technology offers a great outline for drafting a response plan for data breaches and other cyber security incidents.
According to me the two most important policies that I would include among many others are:
Data breach response policy as the company’s data is very important Security response plan policy: company’s response in case of security incident can be mitigated quickly with this policy. The key is that it helps different team to integrate and work with one another to resolve the issue quickly.
Post 3
1) a. Follow Brown’s directive and do nothing further:
This suggests to just follow Brown’s directive and not to do anything to inform external auditors. This action is unethical as it is important for Jackson, being a cost accountant to make the adjustments, discuss and report wrong accounting to external auditors. Jackson needs to follow ethical principles like Honesty, Fairness, Objectivity, and Responsibility.
b. Attempt to convince Brown to make the proper adjustments and to advice the external auditors of her actions:
This is the appropriate action. Through this Jackson could warn Brown to make proper adjustments, even then if she is not ready he could let the external auditors know about the issue. But the information should be kept confidential.
c. Informing the audit committee and submitting appropriate accounting data.
This is also appropriate action that can be taken when brown is not making any necessary adjustments even after warning her. This will help the committee to know about the problem occurred and what action to be taken to solve it.
2)Jackson should fully disclose all the information with accurate data and reports to the external auditors, if Brown fails to make the necessary adjustments even after multiple attempts.
Post 4
The first option is not the best. More so for a firm like Offset Press which is a company and should have employees just like any other. On the other hand, it is pretty bad to cover facts under the blanket because once the truth is known, the company will lose goodwill.
b). On the second option, because the firm is experiencing under absorption in the production overhead, it is likely that the manufacturing overhead will be zeroed bypassing the adjustment entry (Sokolov & Sungatullina, 2015). Besides, the under absorbed overheads are always expenses in the year’s balance sheet. Therefore, it is not right to take this issue to senior auditors because the information can leak and bring a lot of tension in the company.
c). If I were Jackson, I would suggest that the audit committee should be informed about the issue. He should consult broadly with senior management to reach the most appropriate solution and the best option that should be taken (Sokolov & Sungatullina, 2015). If there is any change then it should be a top decision.
Question 2
Jackson should open up and inform Brown about his intention of consulting senior management over the issue. This should give him reason enough to consult even the board of directors over the issue and reach an amicable solution. If any changes should be made, then it’s the board of directors and senior management to decide.