Discussion 2

 

The United States v. Dioguardi

428 F.2d 1033, 1038 (C.A.N.Y. 1970).

At least, a minimum standard of trustworthiness must be established to eliminate the theory of accuracy, the integrity of computer used to generate evidence, and the admissibility of such records in court. The original contents of free and fair evidence are deep-rooted in writing panache, recording, and photograph required by court standards to ensure that court decisions are based on reliable, and authentic evidence. The advent of photocopiers, scanners, related technology that can be used to create identical acceptable duplicates in place of the original and in the market.  A genuine question on the authenticity of the original and accuracy of a photocopy could be unfair to accept in place of the original. Presenting a copy of digital evidence is usually more desirable because it eliminates the risk that the original copy being unintentionally altered.

A paper printout of a digital document may be considered equivalent to the original unless essential portions of the original are not visible in printed format. Hearsay Digital evidence cannot be admitted in court if the author of the evidence is not present to verify and authenticate the evidence’s integrity. Computers is an electronic device can be programed to store and output information with limited human intervention; hence, the computer system can initiate the hosting, emitting errors and uncertainty in various ways in any location and at any time. Digital evidence is generally a suggestive of human activities; for example, the system clock on a computer can be incorrect, and date-time stamps can be misinterpreted. Furthermore, the source internet protocol (IP) address on network traffic may be assigned to a proxy device rather than the actual originating computer.

Scenario:   A genuine question on the authenticity of the original and accuracy of the photocopy of an evidence could be unfair to admit in place of the original copy.  Furthermore, presenting a photocopy of digital evidence is usually more desirable because it eliminates the risk of original being unintentionally altered. As an organization lead forensic investigator, which of this conclusive evidence will you present in court:

  1. Provide a comprehensive narrative on the importance of the original copy of the evidence in court?
  2. Provide a comprehensive narrative on the incongruity of a photocopy of evidence in place of the original copy in court?

discussion (Managing in a Global Enviro)

 Topic :  International Monetary Fund (IMF)

See one week-1 folder for  research terms.  Topics will be selected on a first come first serve basis.  To claim a topic, go to this week’s discussion form (below) and check what topics remain available.  Select an available topic and start a new discussion thread by placing ONLY the topic in the Subject Line (do not put your name or anything else here).  Leave the body of the thread blank and save the post. In weeks when there are insufficient topics for everyone once all topics have been selected you may then start selecting from the entire list again.  But there should never be three posts on the same topic – if so the last one posted will receive no credit.         

Now research your selected term in the university’s electronic library from only academic (refereed) journals.  You will need at least three journal references and the textbook.  Start your research with the textbook so it always grounds your topic.   When your research is complete post it in the discussion form below.

Once you have completed your research return to your “initial post” and respond to it; actually past the paper’s body in the message section (for your peers to read) but attach the actual paper so the professor can review it for proper APA formatting.  In weeks when there are insufficient topics for everyone once all topics have been selected you may then start selecting from the entire list again.  But there should never be three posts on the same topic – if so, the last posted will receive no credit. New topics will be available each Saturday.

Peer Replies – post at least two substantive peer replies, of at least 200 words, in response to your classmates’ posts.   However, credit cannot be given for more than one peer reply per day. 

Contingency Planning

Contingency planning is a risk mitigation process for developing back-up plans in anticipation of events (scenarios) that might disrupt ‘business as usual’. Business continuity planning is an expanded version of contingency planning that typically encompasses a more comprehensive and extended response plan for getting back to ‘business as usual’. In a well-formatted, highly-detailed research paper, address the need to contingency planning, ensuring to address the following items:(1) Benefits of scenario events/planning.
(2) Questions to consider when implementing scenario planning.
(3) The common types of scenario planning.Your paper should meet these requirements:

  • Be approximately four to six pages in length, not including the required cover page and reference page.
  • Follow APA 7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
  • Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
  • Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Information Governance Final Research paper

You have recently been hired as a Chief Information Governance Officer (CIGO) at a large company (You may choose your industry). This is a newly created position and department within the organization that was founded on the need to coordinate all areas of the business and to provide governance of the information. You will need to hire for all positions within your new department.

The company has been in business for more than 50 years and in this time has collected vast amounts of data. Much of this data has been stored in hard copy format in filing cabinets at an offsite location but in recent times, collected business data is in electronic format stored in file shares. Customer data is being stored in a relational database, but the lack of administration has caused data integrity issues such as duplication. There are currently no policies in place to address the handling of data, business or customer. The company also desires to leverage the marketing power of social media, but has no knowledge of the types of policies or legal issues they would need to consider. You will also need to propose relevant metrics that should be collected to ensure that the information governance program is effective.

The CEO and Board of Directors have tasked you to develop a proposal (paper) that will give them the knowledge needed to make informed decisions on an enterprise-wide Information Governance program, addressing (at a minimum) all of these issues, for the company. 

Requirements:

The paper should include at a minimum of the following sections:

a. Title page

b. Executive Summary (Abstract)

c. Body

i. Introduction (including industry discussion – 1-2 pages)

ii. Annotated Bibliography (2-3 pages)

iii. Literature review (2-3 pages)

iv. Program and technology recommendations, including:

1. Metrics

2. Data that matters to the executives in that industry, the roles for those executives, and some methods for getting this data into their hands.

3. Regulatory, security, and privacy compliance expectations for your company

4. Email and social media strategy

5. Cloud Computing strategy

d. Conclusion

e. References

2. You must include at least two figures or tables. These must be of your own creation. Do not copy from other sources.

3. Must cite at least 10 references and 5 must be from peer reviewed scholarly journals (accessible from the UC Library).

4. This paper should be in proper APA format and avoid plagiarism when paraphrasing content. It should be a minimum of 8 pages in length (double-spaced), excluding the title page and references.

Response Required Discussion cloud

Please read the below discussion posts and provide response in 75 to 100 words

Post#1

 

Cloud computing offers a variety of service to its users and so is the audit of it multifunctional and multi-directional. The purpose of the audit can be many and based on that the audit report can reveal different information about the cloud computing audit. The scope of cloud computing audit in my the business will include the IT and its controls of the business as well as the administration, risk assessment, communication, monitoring several activities, system operation, logical as well as physical access and finally change management. “The importance  of  IT  auditing  and  especially  cloud  computing auditing  is  an  essential  effort to  ensure  the  proper  functioning processes  of  an  the organization’s  IT  systems,  management, operations, and  related  processes,  to  avoid  fraudulent,  in  order to  have  comprehensive  and  accurate financial view of their business” (Moghadasi, 2018).

The IT structure of the cloud computing of the business is the basic that needs to be understood to ensure that everything is in proper condition and place so as to enhance the overall business and the output and this is effectively understood by an audit of cloud computing structure. Another important area being targeted by the audit is risk assessment. With the advances in the cyber field, the types of risks to have advanced. Thus the business needs to have thorough knowledge about its cloud computing and related risk so as to take security measures against them. Cloud computing audit for risk assessment reveals information about qualitative and quantitative aspects of the risks and thus becomes crucial in securing the business from any future attack or breaches. “The outsourced data, however, in the cloud are not always trustworthy because of the inadequacy of physical control over the data for data owners” (Sookhak, 2017).

The activities being performed on the cloud can be monitored by the audit of it. It helps the business owner understand what employees are doing on the cloud and how fruitful an employee is towards the overall development and growth of the business. Any activity being performed which is not related to the work profile of the employee can thus be revealed in the audit so the business can take appropriate measures against such employees or clients. “Despite regulatory interest in the audit impact of new technologies, little empirical work has studied how auditors behave when clients introduce cloud platforms into their accounting information system” (Banker, 2020).

The organization systems operation is also an important scope of cloud computing audit. It investigates the working of several systems and informs what systems need to be upgraded or changed for better results. The communication happening on the cloud is a part of audit wherein the business owner gets to know who is communicating over the cloud and who is viewing the information stored overcloud. Any unauthorized access being taken by a third party to the cloud services will be revealed in the audit report thus helps in blocking such access and improving the accessibility features for the enhanced security of the business cloud computing (Moghadasi, 2018).

Post#2

 

Cloud computing auditing ensures the proper functioning of the IT system, the operations, the management, and the related processes. It helps to avoid fraudulently that provides a comprehensive and accurate financial view of the business. Nurhajati states that cloud computing audits are relevant towards protecting the data, identification and access management, risk technology, setting up rules and ensure better operations (Nurhajati, 2016). It is through cloud computing audits that points out the risk that is related to cloud computing that ensures business continuity.

The objectives that are required to be covered by cloud audit is to provide the stakeholders with having an internal security policy and towards having a successful control process of the cloud computing service. It also helps to evaluate the productiveness. The purpose of cloud audit is also to provide an interface between the service provider and the clients of the company. It helps to identify the definiteness and the inadequacies that can be found in internal control. It also provides the assessment criteria and generates the capabilities of reporting (Marks, 2015). Thus the stakeholders become much more confident in regards to the quality of the audit that also ensure better internal control.  The auditors are also required to consider the control access, the control framework, and the features of authorization, notification in regards to a data breach, latency in communication and also take into consideration international law. The cloud auditor is also required to consider the cloud support and the IT support functions and towards anticipating re-enforcing the business function.

The cloud auditors are required to understand the risk association, the ways to deal and towards developing the abilities towards auditing the plan and the strategy. As the architecture for cloud computing consists of different models different components and services, it is required for the cloud auditor towards considering if the application is compatible with that of the cloud environment (Moghadasi, Mousavi, & Fazekas, 2018). This is because most of the application depends on the internal network of the organization and not the internet. Further, the web applications are required to be accessed that would assure authentication, monitoring, and access control. The cloud auditors are also required to assess the appropriateness of the control access over the other resources. They are required to access the endpoints and ensure that there is sufficient security. This would help towards gaining legitimate access towards the cloud resources (Halpert, 2011). Moreover, the service level agreement is required to be considered all communication and correspondence between the different vendors.

The audit process encompasses various phrases which include the planning process. In the planning process, it is required to understand the nature of the business. In the planning process, it requires examination of the controls and the procedures, the structure of the organization, the terms and the reviews and also understanding the application and also the comprehensive control review (Halpert, 2011). The next stage is the control examination phrase where the auditor is required to access the quality and towards specifying the degree to rely on. They are also required to execute and examine the control and test the outcome.