...Administrative Controls Paper Ericka Kelly SEC 578 Professor Costantini Introduction Administrative controls are very important to a company. They are formalized standards, rules, procedures, and control disciplines to ensure that the organization’s general and application controls are properly executed and enforced (Laudon, K p308). Administrative controls demonstrate due care and have an impact on corporate liability. These controls influence the choice of Technical and Physical controls and will affect projects in the IT department if missing. All of these areas will be addressed further in this paper. Administrative Controls & Due Care To understand if administrative controls demonstrate due care, there has to be an understanding of what due care is. Due care is a standard in which one must act in good faith and in a prudent manner. The goal is to avoid negligence. Without administrative controls it would be very difficult to demonstrate due care. For example, a company working with personal information such as a client’s social security or bank account number, it would be wise to have administrative controls in place. This will reduce the chances of corporate officers and any other employee being liable for failing to exercise due care. This brings us to the next section on corporate liability. Corporate Liability Many companies have to go through an audit. The audit will determine if the company...
Words: 638 - Pages: 3
...Key Stakeholders 2 Sponsorship/Champion 2 III. ACTUAL PERFORMANCE VS. DESIRED PERFORMANCE 4 a. Document Management 4 b. Administrative tasks 4 IV. PROPOSED SOLUTION 4 a. Document Management/ Collaboration 4 Key Benefits 5 b. Workforce Management 5 Key Benefits 6 V. Conclusion 6 VI. References 6 I. EXECUTIVE SUMMARY Based upon the two major challenge detailed in the Simple Getaways’ RFP, both challenges appear to steam from the current decentralized structure of the organization. Each office is acting as its own entity, with its own document management and workforce management. By implementing Huddle for document management and Oracle’s workforce management solution it will be possible to centralize both document management and workforce management across the entire organization. Greatly improving the sharing/ collaboration of documents as well as improving controls around workforce management. II. BACKGROUND This document is in response to the RFP created by Simple Getaways, Inc., requesting solutions for a new information processing system. a. Current Issues There are a number of challenges with Simple Getaways’ current system: * Little to no version control of documents, multiple versions of documents exist in multiple locations. * Decentralized storage of files. * Administrative tasks are paper based and are handled at the office level, resulting in delays in processing. * Decentralized tracking of workforce management...
Words: 1609 - Pages: 7
...Administrative Controls Paper 1. How do Administrative Controls demonstrate "due care?" Administrative controls demonstrate “due care” because they are controls that meet a standard considered reasonable by most organizations that share similar backgrounds or work environments. Administrative controls that meet the standard of “due care” generally are easily achievable for an acceptable cost and reinforce the security policy of the organization. They must include controls that contribute to individual accountability, auditability, and separation of duties. Administrative controls define the human factors of security and involve all levels of personnel within an organization. They determine which users have access to what organizational resources and data. Administrative controls can be broken down into two categories: preventive administrative controls and detective administrative controls. Preventive administrative controls are techniques designed to control personnel’s behavior to assure the confidentiality, integrity, and availability of organizational information. Some examples of preventive administrative controls are: security awareness and technical training, separation of duties, disaster preparedness and recovery plans, terminating and recruiting procedures, and user registration for computer access. 2. How does the absence of Administrative Controls impact corporate liability? The absence of administrative controls will have a negative impact on corporate liability...
Words: 902 - Pages: 4
...has been implemented in many countries, and the terms have been widely used. However, the same word is often used to describe different things. Interpretations vary, and have led to different conceptual frameworks, programs, implementation and implications. Such differences have invited debates and discussion. This document lists definitions of decentralization, deconcentration, devolution and other related terms used in papers presented at the Interlaken Workshop on Decentralization, 27-30 April 2004, Interlaken, Switzerland. As this is a work in progress, there may be many parts needing improvement/changes. We look forward to receiving your comments and suggestions (L.yuliani@cgiar.org). Decentralization Definitions and descriptions of decentralization used in the papers include: • “Decentralisation is usually referred to as the transfer of powers from central government to lower levels in a political-administrative and territorial hierarchy (Crook and Manor 1998, Agrawal and Ribot 1999). This official power transfer can take two main forms. Administrative decentralisation, also known as deconcentration, refers to a transfer to lower-level central government authorities, or to other local authorities who are upwardly accountable to the central government (Ribot 2002). In contrast, political, or democratic, decentralisation refers to the transfer of authority to representative and downwardly accountable actors, such as elected local governments” (Larson). • “The term decentralisation...
Words: 1676 - Pages: 7
...Administrative Controls •How do Administrative Controls demonstrate "due care?" Administrative Controls demonstrate “due care” by providing and following policies, procedures, and standards that allow a company to show that steps were taken to protect the network and or information that is hidden by a responsible parties. It is critical that the CIA (Confidentiality, Integrity and Availability) is vital in protecting data that companies have of its customers. Due care is defined by the Information Systems Audit and Control Association (ISACA) as: 2.1.1 The standard of “due care” is the level of diligence which a prudent and competent person would exercise under a given set of circumstances. “Due professional care” applies to an individual who professes to exercise a special skill such as information system auditing. Due professional care requires the individual to exercise that skill to a level commonly possessed by practitioners of that specialty. 2.1.2 Due professional care applies to the exercise or professional judgment in the conduct of work performed. Due care implies that the professional approaches matters requiring professional judgment with proper diligence. Despite the exercise of due professional care and professional judgment, situations may nonetheless arise where an incorrect conclusion may be drawn from a diligent review of the available facts and circumstances. Therefore, the subsequent discovery of incorrect conclusions does not, in and...
Words: 1085 - Pages: 5
...security controls. The three most common are: physical, technical, and administrative controls; however, many organizations break down administrative controls into two separate categories: procedural and legal controls. "Security controls are the means of enforcing security policies that reflect the organization's business requirements, " (Johnson). Security controls are implemented to guarantee the information security C-I-A triad. Furthermore, security controls fall into three types of control classifications, they are: preventive, detective and corrective. These classifications are used to specify when a security control applies. Physical Controls are exactly what they sound like, physical obstacles used to prevent or deter access to IS resources. Physical controls can be barriers such as locked doors, requiring some sort of authentication/authorization command to enter, like a cipher lock or keycard. Biometric scanners are also excellent controls to identify and allow access to authorized personnel. Video cameras and closed-circuit television are also examples of physical controls. For organizations requiring extreme security measures, perimeter barriers such as walls or electric fences are used; additionally, security guards fall into the physical controls category. Technical Controls are logical and/or software related controls designed to restrict access to the network infrastructure, components, and data. Controls such as discretionary, mandatory access controls, rule-...
Words: 470 - Pages: 2
...Policy Research Institute, Ministry of Finance, Japan, Public Policy Review, Vol.8, No.1, June 2012 45 Public Sector Accounting - An Interdisciplinary Field Involving Accounting, Economics, and Jurisprudence 1 Ryosuke Tao Research Fellow, Institute of Administrative Management Abstract Public sector accounting has recently been improved. Currently, there are requirements to disclose stock information in addition to the flow information presented in budget statements or accounts statements. Public sectors have prepared and disclosed their financial statements (including balance sheets and income statements) based on business accounting approaches. Moreover, as a matter of policy, the government tends to prepare and disclose cost information along with the financial statements for the individual ministries and governmental agencies. The objectives of clarifying the fiscal conditions in a state through the preparation and disclosure of financial statements are to fulfill the state’s accountability to its citizenry and market participants and to optimize and enhance the efficiency of its fiscal activities. Most importantly, the improved information should contribute to democratic decisions on public finance. A perspective different from the business accounting is that public sector accounting places more emphasis on inter-generational fairness. With respect to the inter-generational benefits and burdens, however, various factors must be considered, and the differences between...
Words: 10883 - Pages: 44
...TermPaperWarehouse.com - Free Term Papers, Essays and Research Documents The Research Paper Factory JoinSearchBrowseSaved Papers Home Page » Business and Management Occupational Health and Safety In: Business and Management Occupational Health and Safety Questions 1. (15 marks) The TLV for carbon monoxide is 35ppm. Define the terms TLV and ppm and calculate them for the following example: Answer: TVL = Term for airborne concentration of a substance, below which all workers are believed to be protected while exposed to it day after day for 8-hour periods. PPM = Concentration by volume of one part of a gas, or by weight of a liquid or solid, per million parts of air or liquid. A mechanic in an automotive repair shop is exposed to the following carbon monoxide levels over an 8 hour shift. 1. 2 hours @ 34 ppm 2. 5 hours @ 40 ppm 3. 1 hour @ 20 ppm Is the worker over-exposed during the duration of the work-shift? Answer: Yes the worker is over-exposed during the duration of their 8 hour shift. What is the primary concept of hazard recognition and the hierarchy of hazard control? Answer: The primary goal of hazard recognition is “to reduce incidents, accidents, injuries and property damage.” The primary concept of the hierarchy of hazard control is “source-path-human intervention. Of which elimination is an option if a task it too dangerous.” The specific hierarchy outlined on slide 13 of the Instructor notes for week 7 is as...
Words: 357 - Pages: 2
...Paper 2 Submitted by: Courtnay Avery Keller Graduate School of Management SE578 3/20/11 Table of Contents How could administrative, technical, and physical controls introduce a false sense of security?...............3 What are the consequences of not having verification practices?..............................................................3 What can a firm do to bolster confidence in their defense-in-depth strategy?..........................................4 How do these activities relate to best practices? ……………………………………………………………………………………4 How can these activities be used to demonstrate regulatory compliance? …………………………….………………5 References …................................................................................................................................................6 How could administrative, technical, and physical controls introduce a false sense of security? Administrative, Technical, and Physical controls introduce a false sense of security by the indication of what we use to safeguard delicate data and protect individuals’ privacy. Any complex system is prone to inherit a false sense of security. Having a false sense of security is widespread among individuals who own and operate a personal computer within their homes. Nothing is ever really secured. It would be safe to say that something is secured within the terms of information security. [ (Nahn, 2008) ] The idea of purchasing a virus protection suggests that all personal information...
Words: 855 - Pages: 4
...Administration Physical and Operation Security Paper 1 Professor : Dr.Jude Lamour Submitted by: Otis McCall Contents Topic: 1. How do Administrative Controls demonstrate "due care?" 2 2. How does the absence of Administrative Controls impact corporate liability? 4 3. How do Administrative Controls influence the choice of Technical and Physical Controls? 6 4. How would the absence of Administrative Controls affect projects in the IT department? 7 1. How do Administrative Controls demonstrate "due care?" Administrative controls demonstrate due care by putting in place the necessary policies , procedures, and practices to reinforce policies of the organization. These controls are divided up into various elements from access list to control spaces, password and user identification for employees, separation of duties to ensure you mitigate the possibility of theft or take steps directed by management to limit incidents that can be perpetuated by employees. Thus, you cannot guard against collusion but you can have policies and procedures that limit the actual ability to carry out such incidents. The administrative controls that we will look at provide assurance...
Words: 1531 - Pages: 7
...Activities and Preparation Ethics Case Study Begin working on the Ethics Case Study due in Week Two. Learning Team Instructions Begin working on the Code of Ethics Paper due in Week Three. Review the Week One objectives and discuss additional insights and questions that may have arisen Individual Health Care Ethics Matching Exercise Complete the Health Care Ethics Matching Exercise, located on your student website. Match keywords commonly used in health care ethics to the definitions on the page. Discuss the exercise in class and turn in your answer sheet to your facilitator. 4/10/2014 15 Week Two: Application of Ethics Within Individual Organizations Details Due Points Objectives 2.1 Describe ethical principles used in health care organizations. 2.2 Explain the relationship between an organization’s culture and ethical decision-making. 2.3 Recognize the role and importance of ethical values within an organization. Readings Read Ch. 3 & 5 of Health Care Ethics. Read Ch. 8 of Medical Law and Ethics. Read this week’s Electronic Reserve Readings. Read the Week Two Read Me First. Participation Participate in class discussion. 4/17/2014 1 Discussion Questions Respond to weekly discussion questions. 4/17/2014 1 Learning Team Instructions Continue working on the Code of Ethics Paper due in Week Three. Review the Week Two objectives and discuss additional...
Words: 751 - Pages: 4
...other constitutional organs are also envisioned in a constitution. Constitutional bodies in Bangladesh: There are some constitutional bodies in Bangladesh. Constitutional bodies are those offices or, persons their establishment, recruitment and retirement follow the rules of law of the constitution. The constitution of Bangladesh contains the provisions or articles defined the rules of establishment of those bodies and the recruitment & retirement of the officials. Some of the constitutional bodies are mentioned here with the recitation of the related articles of the constitution. Public Service Commission (PSC) Election Commission (EC) : Comptroller & Auditor General (CAG): Supreme Court : Attorney General: Administrative Tribunal: Ombudsman: President: Parliament: Prime Minister &...
Words: 4372 - Pages: 18
...& 5 of Health Care Ethics. Read Ch. 8 of Medical Law and Ethics. Read this week’s Electronic Reserve Readings.Read the Week Two Read Me First. | | | Participation | Participate in class discussion. | 4 of 7 days/wk | 1 | Discussion Questions | Respond to weekly discussion questions. | DQ 1: Day 2 (June 6, 2012) DQ 2: Day 4 (June 8, 2012) | 1 | Learning Team Instructions | Continue working on the Code of Ethics Paper due in Week Three. Review the Week Two objectives and discuss additional insights and questions that may have arisen. | | | Individual Ethics Case Study | Resource: Ethics Case Study Grading Criteria on your student website Read the case study in Ch. 4 of Medical Law and Ethics that begins, “Jerry McCall is Dr. William’s office assistant.” Prepare a 700- to 1050-word paper in which you answer the following questions: Does Jerry’s medical training qualify him to issue this refill order? Why or why not? * Would it make a difference if the medication requested were for control of high blood pressure that the patient critically needs on a daily basis? Why or why not?If Jerry calls in the refill and the patient has an adverse reaction while flying, is Jerry protected from a lawsuit under the doctrine of respondent superior? * What is your advice to Jerry? * Identify major legal and ethical issues that may affect Jerry’s decision. * What problem-solving methods might be helpful to assist...
Words: 1206 - Pages: 5
...this paper is to suggest a set of best organization structures for efficient supply chain management. For this, this paper derives organization types for supply chain management according to the formalization and centralization level of an independent department responsible for supply chain management (SCM) activities, and hierarchical relationship in organizational position and operational responsibility between the SCM department and existing other functional departments. And then, this paper identifies organizational characteristics, which have significant influences on SCM performance by investigating the difference in performance across the proposed organization types. From the results of empirical test, this paper finds that even though too excessive formalization and centralization of the SCM department within a firm may interrupt complete SC integration and performance improvement, a certain range of control by the SCM department is inevitable to build the fundamentals of integrated supply chain management, and thus the temporary pursuit of intensive control focused organization type such as integrated line organization may be considered depending on firm characteristics and environmental change. However, the empirical results further indicate that in the long run, intermediate organization types such as Functional and Process Staff organization that the SCM department maintains an adequate level of balance and harmony with other functional departments while it controls,...
Words: 13751 - Pages: 56
...Question 1 of the 2011 Examination Paper The success or failure of an entity depends on its system of controls both accounting and administrative. Identify and discuss some of the key factors of the internal control systems of an organization with which you are familiar. Internal Control is an integral process that is effected by an entity’s management and personnel and is designed to address risks and to provide reasonable assurance that in pursuit of the entity’s mission, the following general objectives are being achieved: * Executing orderly ethical, economical, efficient and effective operations - the operations have to be well organized, methodical, and consistent with the organizations’ missions; * Fulfilling accountability obligations – the organizations and the employees within them are held responsible for their decisions and actions, including their stewardship of public funds, fairness, and all aspects of performance; * Complying with applicable laws and regulations – the organizations are required to comply with the laws and regulations relating to internal control systems; and * Safeguarding resources against loss, misuse and damage – controls should be embedded in each of the activities related to managing the entity’s resources from acquisition to disposal. Resources in the Public Sector generally entail public money and their use in the public interest generally requires special care, the significance of safeguarding resources in...
Words: 682 - Pages: 3