UP t2.csu.edu.au/webapps/assessment/take/take.jsp?course assessment_id=_36719 1&course id=_46904_1&content_id=3685204 1&question nu. G A large X c Solved x + Google Remaining Time: 1 hour, 47 minutes, 21 seconds QUESTION COMPLETION STATUS a. Why should an organisation use both authentication and authorisation in your answer, provide an example of each marks) b. For each of the following identified threats, recommend one (1) preventative control which could be implemented to best mitigate the identified threat. Explain why you have chosen each of these controls. (marks) Jane had worked in account payable and Lock 'Em Out Pty Ltd for eight (8 years and was quite familiar with the system. She had been there longer than her supervisor and he relied on her experience on a day to day basis. Jane often asked the supervisor to authorise transactions, as such Jane had an idea of his password. As the supervisor was particularly busy with end of month reporting, Jane did not want to bother him, so she tried entering his password and found it was correct. Julia received an email with some holiday pictures from someone she had travelled with overseas. When she opened the photos, her work laptop was infected with a keystroke logger 1. Alex was conducting some routine maintenance to the company's website and discovered an external actor had hacked into the company's website. He could not remember who he should contact to deal with this situation and consequently spent over 40 minutes placing phone calls to numerous personnel until he located the right person c. You are a practicing accountant with Young & Young Ply Ltd, a regional accounting firm offering a range of services to local clients. Your client Bear & Bull Pty Ltd (BB) are a real technology business selling hardware and software to individuals and businesses. B&B had an incident some years ago, where an employee was stealing mobile phones and selling them to his friends Henry, a director and owner of B&B, discovered this and promptly fired the employee. Consequently B&B have spent considerable time and money in developing, implementing and refining their internal control over several key accounting areas. Recently Henry discovered anomalies in accounts receivable and some pft cards were missing from inventory It looks to be potential case of fraud involving misappropriate by at least two start Henry was annoyed and indicated, "we spent considerable money four years ago updating internal controls to ensure ses like this did not occur. What's the point in going to all that expense, If employees get around it anyway?" How would you respond to Henry's concerns? Consider the following points in your response Why are internal controls important even though they do not always work (imark) 8. What are two (2) key area's BB should consider in strengthening the internal controls Why are these important? (2 marks) How could they improve the effectiveness of control over these key area's mentioned in mark) earch o e ENG 10:53 US 23-10-2020 UP t2.csu.edu.au/webapps/assessment/take/take.jsp?course assessment_id=_36719 1&course id=_46904_1&content_id=3685204 1&question nu. G A large X c Solved x + Google Remaining Time: 1 hour, 47 minutes, 21 seconds QUESTION COMPLETION STATUS a. Why should an organisation use both authentication and authorisation in your answer, provide an example of each marks) b. For each of the following identified threats, recommend one (1) preventative control which could be implemented to best mitigate the identified threat. Explain why you have chosen each of these controls. (marks) Jane had worked in account payable and Lock 'Em Out Pty Ltd for eight (8 years and was quite familiar with the system. She had been there longer than her supervisor and he relied on her experience on a day to day basis. Jane often asked the supervisor to authorise transactions, as such Jane had an idea of his password. As the supervisor was particularly busy with end of month reporting, Jane did not want to bother him, so she tried entering his password and found it was correct. Julia received an email with some holiday pictures from someone she had travelled with overseas. When she opened the photos, her work laptop was infected with a keystroke logger 1. Alex was conducting some routine maintenance to the company's website and discovered an external actor had hacked into the company's website. He could not remember who he should contact to deal with this situation and consequently spent over 40 minutes placing phone calls to numerous personnel until he located the right person c. You are a practicing accountant with Young & Young Ply Ltd, a regional accounting firm offering a range of services to local clients. Your client Bear & Bull Pty Ltd (BB) are a real technology business selling hardware and software to individuals and businesses. B&B had an incident some years ago, where an employee was stealing mobile phones and selling them to his friends Henry, a director and owner of B&B, discovered this and promptly fired the employee. Consequently B&B have spent considerable time and money in developing, implementing and refining their internal control over several key accounting areas. Recently Henry discovered anomalies in accounts receivable and some pft cards were missing from inventory It looks to be potential case of fraud involving misappropriate by at least two start Henry was annoyed and indicated, "we spent considerable money four years ago updating internal controls to ensure ses like this did not occur. What's the point in going to all that expense, If employees get around it anyway?" How would you respond to Henry's concerns? Consider the following points in your response Why are internal controls important even though they do not always work (imark) 8. What are two (2) key area's BB should consider in strengthening the internal controls Why are these important? (2 marks) How could they improve the effectiveness of control over these key area's mentioned in mark) earch o e ENG 10:53 US 23-10-2020