Suggested Steps to the General Systems Approach to Problem Solving Are As Follows

COM 590

Assignment 8

Analyze the policies, vulnerabilities, risks, and internal controls for a French bank (SocieteGenerale) that was a victim of a large scale fraud and recommend improvements to the company’s IT security policies. This assignment calls for a systematic analysis of an organization’s policies, vulnerabilities, risks, and internal controls. Many scientific, engineering, information, and accounting disciplines advocate general steps to problem solving utilizing a systems approach.

At this point in your academic career, you should be proficient at applying such a general approach to solving specific problems. Select and adapt such an approach with which you are most comfortable from your prior professional and academic experiences to apply to this assignment.

Suggested steps to the general systems approach to problem solving are as follows:

1. Define the problem
2. Identify evaluation criteria/measures of effectiveness
3. Identify alternatives/solutions
4. Evaluate/analyze alternatives utilizing analytical techniques consistent with step 2 criteria/measures
5. Select and display preferred alternative(s)/solution(s) consistent with the analysis in step 4
6. Implement and monitor step 5 solution(s)

Refer to the French bank SocieteGenerale in the following URLs:

Additionally, review specific readings regarding security controls, audits, inspections, risk assessment, and countermeasures. Utilizing an appropriate methodology for analysis (which may be adapted from the above 6 steps), identify a set of 8-10 recommendations toward solving the fraud issue of French bank SocieteGenerale.

There are three additional things to keep in mind:

Defining the problem or issue will require a data gathering stage.

1. Problem solving is not a once-through sequence of steps always performed in a specified order. It is full of iteration and feedback loops.
2. Finally, you will not be able to implement and monitor your recommendations in this assignment. Perhaps that means provisions for implementation and monitoring should be part of your evaluation criteria.

Your paper should include the following:

• Identification and discussion the policies, vulnerabilities, risks, and internal controls for the French bank;
• Evaluation of the weaknesses and impact on secure bank operations;
• Recommendation and discussion of8-10 security controls and countermeasures for mitigating problems in and improving the bank’s security posture;
• Discussion of the methods that organizations can use to effectively achieve the adoption and implementation of the security policies, controls and countermeasures.

Prepare your paper to the following format:

• A single Word Document 5 -7 pages (font size - Times New Roman 12)
• Single spaced with one-inch margins all around
• All citations and the reference list in the paper should be formatted in accordance with APA 6th edition (or later) guidelines
• References are NOT included in the page count

Grading Rubric

Criteria / Needs Improvement / Satisfactory / Excellent / Points
Content (80 pts)
Clarity and completeness of policies, vulnerabilities, risks, and internal controls / Inadequateaccounting and not clearly stated.
(0-7 points) / Adequately and clearly stated.
(8 points) / Very clear and comprehensive accounting of policies, vulnerabilities, risks, and internal controls.
(9-10 points) / __/10
Clarity, completeness of quality of analysis of policies, vulnerabilities, risks, and internal controls / Analyses neither adequately developed nor clearly stated.
(0-16 points) / Analyses adequately developed and clearly stated.
(17-18 points) / Analyses clear and systematic--adhering to generally accepted steps of decision making, problem solving, or risk assessment.
(19-20 points) / __/20
Quality of recommendationsof controls and countermeasures / Identification of fewer than 5 or mostly non-substantive description of controls and countermeasures not likely to be of significance in alleviating issues presented at the French bank.
(0-16 points) / Identification and mostly substantive description of 5-8 controls and countermeasures likely to improve security policies at the French bank.
(17-18 points) / Identification and substantive description of 10 or more controls and countermeasures well-reasoned to foster improved security policies at the French bank.
(19-20 points) / __/20
Quality of organizational methods / Methods organizations can use to encourage adoption and implementation of controls and countermeasures are not adequately discussed or logically presented.
(0-17 points) / Methods organizations can use to encourage adoption and implementation of controls and countermeasures are adequately discussed and logically presented.
(18 points) / Methods organizations can use to encourage adoption and implementation of controls and countermeasures are thoroughly discussed and logical presented.
(19-20 points) / __/20
Quality of documented support / The scope of the research presented in the paper is inadequate. Heavy reliance on reference material (e.g. Wikipedia, exam prep books, “Dummies” guides).
(0-6 points) / The discussion in the paper is based on an adequate review of the literature.
(7 points) / The discussion in the paper is based on a thorough review of the literature, which is not limited to news articles, but also includes scholarly resources such as studies or reports from agencies or organizations.
(8-10 points) / __/10
Form (20 pts)
Organization / The organization of the content is confusing without clear transitions among subtopics.
(0-6 points) / The content is generally well organized with some improvement possible in transitions among subtopics.
(7 points) / The content is well organized with clear transitions among major subtopics.
(8-10 points) / __/10
Writing style / Writing does not meet graduate standards. Unacceptable number of errors in spelling, punctuation, grammar and/or sentence structure.
(0-2 points) / Writing is acceptable, with a few errors in spelling, punctuation, grammar, and/or sentence structure.
(3 points) / Graduate-level writing is reflected throughout the paper, including accurate spelling, punctuation, grammar, and sentence structure.
(4-5 points) / _/5
Use of proper APA formatting / Unacceptable number of errors in citation identification and/or APA format.
(0-2 points) / Minor errors in citation identification and/or APA format.
(3 points) / In-text citations are in proper APA format and all sources are identified in the reference list and cited in proper APA format.
(4-5 points) / _/5
TOTAL POINTS / ___/100