Group Research Assignment - (ISV401T)

Company TYX is a large international organization listed on the JSE and has an employee base of 100 000 employees.

Company TYX has recently experienced several challenges regarding its information technology objectives. After hearing about B.Tech (TUT) IT Audit Advisors, the organization approached the audit partner regarding its challenges.

Management of TYX explained the challenges to the audit partner of B.Tech (TUT) IT Audit Advisors and specifically sought advice on the following topics:

  1. Electronic Signatures and Document Processing
  2. Data Privacy Law in SA
  3. IT Outsourcing
  4. Copyrights in Computer Programs
  5. Website Legal Compliance
  6. Authentication Service Providers
  7. Email and Internet Policies
  8. Retention and Destruction Policies
  9. Source Code Loss
  10. Cloud Computing
  11. Internet Security Vulnerabilities
  12. Hacker Attacks
  13. IT Governance
  14. Improving Data Quality as a Key Issue for Risk Management
  15. Email and Internet usage
  16. User-Developed Applications
  17. Open Source Software
  18. XBRL
  19. Broadband

Management of TYX was concerned and asked B.Tech (TUT) IT Audit Advisors to conduct research on the following areas relating to the topics listed above:

a)Enterprise risk management

b)The risks that Company TYX will have to be aware of

You are one of the auditors employed by B.Tech (TUT) IT Audit Advisors and were selected to assist the audit team with the research as required by the management of TYX.

YOU ARE REQUIRED TO:

With reference to the information provided above:

  1. Conduct a research assignment in relation to the topics as listed above.

Your research assignment should meet all the professional criteria of an academic research paper.You should, at a minimum, cover the following in your research document:

a)Discuss the background of your group’s related research topic

b)Discuss the concept of enterprise risk management

c)Identify the inherent risks relating to your group’sresearch topic(Note: You are also required to assess/prioritize the risks based on your understanding in accordance with the significance of the risk (i.e., you must indicate whether the respective risks are high, medium or low)

d)Identify controls for the identified risks as identified in (c) above(Note: Record the risks and controls in a risk matrix format)

e)You must also discuss the role of the internal auditor in auditing IT related risks with reference to your group`s research topic.

(160 points)

  1. Prepare a 30 minutepresentation for the senior management team of Company TYX on PowerPoint. Your presentation should briefly explain what your topic is all about and should mainly highlight the risks and controls relating to your specific topic. You should also discuss the role of the internal auditor with reference to your topic.

(40 points)

Total: 200 points

Note:

Your completed assignments should be handed in on (Insert Date).

Remember to submit your typed assignments in a professional manner, including:

-Cover page

-A book format (ring-bound or stapled)

-A table of contents

-Use of headings

-No spelling mistakes

-Font size and format should be Arial, 11 pt.

-In-text references (citations) – Harvard method

-List of references – Harvard method

-Your research assignment should be between 20-25 pages, including your list of references.

Note: References to Wikipedia are notconsidered accredited literature.

On the day of your presentation, dress code should be professional. All groups must be present on both daysof the presentations. Groups that are not present on both days will be penalized.

The topics per group are allocated as follows:

Group 1: Electronic Signatures and Document Processing

Group 2:Data Privacy Law in SA

Group 3:IT Outsourcing

Group 4:Copyrights in Computer Programs

Group 5:Website Legal Compliance

Group 6:Authentication Service Providers

Group 7:Email and Internet Policies

Group 8:Retention and Destruction Policies

Group 9:Source Code Loss

Group 10:Cloud Computing

Group 11:Internet Security Vulnerabilities

Group 12:Hacker Attacks

Group 13:IT Governance

Group 14:Improving Data Quality as a Key Issue for Risk Management

Group 15:Email and Internet Usage

Group 16:User-Developed Applications

Group 17:Open Source Software

Group 18:XBRL

Group 19:Broadband

The group leaders will be provided with the following:

a)A scoring sheet, which can be used as a benchmark when completing your research assignment.

b)A presentation schedule which will indicate the date and time that your group will be required to present as well as a guideline that will indicate the criteria that will be evaluated on the day of the presentation.

1