There are many companies that can be chosen such as At&t, capital one, twitter, Myspace, E-bay, target, Marriott hotel, Equifax, or Facebook. Please let me know which company would be the best to chose from.
Case Study 3 – Due 10/20 Question 1 Research a company that experienced a well-documented data breach in the past. You can use the website below in identifying such a company: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Write a one page single spaced report addressing the following points: · Provide a brief description of the company which includes the company history, type of business, stakeholders, type of data breach experienced etc. · Identify any business processes utilized by the chosen company in completing normal business transactions. · Explain in detail the data breach experienced by the company (e.g. external/internal threats). · Identify the main stakeholders of the company as well as the stakeholders affected by the data breach. · Identify the type information compromised by the data breach and the type of information systems used by the company. · Identify whether the company had any internal controls in place to protect sensitive information. · What weaknesses in the organizations control structure must have existed to permit this data breach? · How did the company respond to the data breach? Did the company provide any solutions to the affected individuals/stakeholders etc.? · What specific control techniques and procedures could have helped prevent and detect this data breach? Question 2 Protecting Privacy of Tax Returns The department of taxation in your state is developing a new computer system for processing individual and corporate income-tax returns. The new system features direct data input and inquiry capabilities. Taxpayers are identified by social security number (for individuals) and federal tax identification number (for corporations). The new system should be fully implemented in time for the next tax season. The new system will serve three primary purposes: 1. Tax return data will automatically input into the system either directly (if the taxpayer files electronically) or by a clerk at central headquarters scanning a paper return received in the mail. 2. The returns will be processed using the main computer facilities at central headquarters. Processing will include four steps: a. Verifying mathematical accuracy b. Auditing the reasonableness of deductions, tax due, and so on, through the use of edit routines, which also include a comparison of current and prior years’ data c. Identifying returns that should be considered for audit by department revenue agents d. Issuing refund checks to taxpayers 3. Inquiry services. A taxpayer will be allowed to determine the status of his or her return or get information from the last 3 years’ returns by calling or visiting one of the department’s regional offices or by accessing the department’s website and entering his or her social security number. The state commissioner of taxation and the state attorney general are concerned about protecting the privacy of personal information submitted by taxpayers. They want to have potential problems identified before the system is fully developed and implemented so that the proper controls can be incorporated into the new system. (Explain your answers in detail. Your answer to each question should be at least 100 words.) Describe the potential privacy problems that could arise in each of the following three areas of processing, and recommend the corrective action(s) to solve each problem identified: a. Data input b. Processing of returns c. Data inquiry (CMA examination, adapted) Page 1 of 2 ACCT 4020 Case Study Guidelines 1. Your full name and case study number should appear on the first page (refer to case study exemplar posted on eCourseware). 2. Your typed answer sheet do not need to include the scenarios. 3. Number your answers correctly so your instructor can refer to them. 4. Type your answers single-spaced, with margins of standard width (usually 1 inch on the sides and bottom and 1 1/2 inch on the top). Use Times New Roman font size 12. 5. You must acknowledge the sources of all your information and any ideas or interpretations you have taken from other works. These references are usually placed into notes, with a bibliography at the end of the paper that lists all works used. 6. Plagiarism. This serious academic offense can take many forms, including using another writer’s phrase without putting it into quotation marks, not giving the source for a quotation, taking information from other works without acknowledgment, presenting other people’s ideas as if they were your own, or submitting content that you did not write. 7. You may not use content you wrote for one course to fill an assignment in another class. 8. Submit your case studies to the submission dropbox on eCourseware. You will be submitting the assignment to “OriginalityCheck” in order to check for plagiarism. “OriginalityCheck” will generate a report identifying the extent to which your paper matches with other sources. Some level of matching is inevitable, due to references, etc. If your paper matches other sources in excess of 30%, I will review the report and determine if plagiarism is present. If 50% matches and I find that no plagiarism has occurred, i.e., 50% of the paper is based on properly cited quotes, I will nonetheless reduce the grade on the premise that the majority of the thoughts represented in the paper are based on someone else’s work.