IS Report On Verizon Wireless Organization - Risks And Audit Plan

Make an IS report on the entire case study of the Verizon Wireless organization of the United States.

Information system is the particular organized system that helps to collect, organize, store as well as communicate and operate all types of data or information. It can also be defined as the group of elements or components that help any organization to execute any type of data operation and thus making it absolutely safe and secured (Laudon and Laudon 2016). It is the specific type of computerized database which is run by the organization. There are some of the most dangerous risks present in any information system. The following audit report outlines a brief discussion on the risks of information system in the case study of Verizon Wireless organization.

Verizon Wireless organization is the most popular and recognized company, which mainly operates in the United States of America. It was founded in the year of 2000. It serves all kinds of wireless products or services to its customers (Fox News. 2018). It is the subsidiary of the Verizon Communications that has around 149 million subsidiaries. The organization has its headquarters in Basking Ridge, New Jersey. This organization mainly operates the national 4G LTE network and thus covering around 98percent of the total wireless service provider.

The most significant and important services of Verizon Wireless organization mainly include LTE Internet connectivity and the extremely high speed Internet service with restricted broadband options and the connectivity is up to 20 Wi-Fi enabled devices (Fox News. 2018). Apart from these, television and telephone services are also provided by this particular organization of Verizon Wireless.

The most reason for the exclusive growth and development of the Verizon Wireless organization is their information systems. The data or the information of this organization is stored in the information systems and thus they have the ability to retrieve their data from the databases easily and promptly. The important advantage that Verizon Wireless enjoys from their information system is the easy operation of all the data and information (Laudon and Laudon 2015). Moreover, they can easily manage and control all the activities of their employees. However, these information systems are often prone to various types of threats and vulnerabilities and have the high chance of getting the data or information exposed to the world. Although, there are few mitigation techniques for controlling all the risks of the information systems.

IS Risks

In July 2017, the information system of Verizon Wireless was leaked and all the necessary data were leaked. The information mainly comprised of the account details of 14 million customers. It also consisted of personal details of the customers, such as the name, contact details and addresses (Fox News. 2018). The entire world was shaken with this data breach. They were leaked on the cloud. The non configuration of the cloud based repository file was the major reason of this data breach. NICE Systems was the owner of that cloud based software. The information was accessed through S3 bucket of AWS (See Appendix A).

NICE Systems was the third party vendor of the telecommunication organization, Verizon. Since, the cloud repository file was not configured; the information system was breached (Demir and Krajewski 2013). These risks were extremely vulnerable for the information systems of the organization as they were not able to identify them in the beginning so that they would be able to mitigate or stop them on time.

The main problem that Verizon Wireless faced during the security breach was the lack of data mitigation strategies. There were several important risks in the case study of Verizon Wireless (Von Solms and Van Niekerk 2013). The most significant risks of this particular organization with their level of security as well as the implications are given below:

The audit plan of the organization of Verizon Wireless is as follows:

Identification of Audit Engagement

Defining Report Requirement

Conflict in the Interest Assessment (Sou, Sandberg and Johansson 2013).

Assessing the Risks

Accessing the Database, Vital Records and Documents.

The specific process for maintaining the audit within the organization of Verizon Wireless is given below:

Notification to all Employees.

Discussing the Scope as well as Objectives

Gathering Information on Vital Processes (Wells et al. 2014).

Evaluating the Existing Controls

Executing the Audit Plan

The objectives and procedures of audit in this organization are as follows:

The various audit questions and documents in this case study are given below:

Do the employees follow cyber security policy?

Are all the procedures and specifications controlled?

Can employee identify which documents cover audit or inspection?

Do employees know what the most current revision of the document is?

Is the database perfect for the organization?

Is the data or information encrypted or not?

What are the measures taken for controlling cyber security?

How to monitor as well as track the activities of the employees?

Conclusion

Therefore, from the above discussion it can be concluded that information system can be defined as the specific organized system, which is responsible to help in collecting, organizing, storing, communicating as well as operating any type of information or data. It can also be defined as the set of components or elements, which help all organizations or company in executing all types of operation in data and hence making it absolutely safe and secured. It is the specific type of computerized database which is run by the organization. There are some of the most significant threats and risks present in all the information systems. The above audit report has outlined a detailed discussion on the threats or risks of information system in the case study of Verizon Wireless organization. The audit plan, objectives or procedures are also given here.

References

Demir, I. and Krajewski, W.F., 2013. Towards an integrated flood information system: centralized data access, analysis, and visualization. Environmental Modelling & Software, 50, pp.77-84.

Elmaghraby, A.S. and Losavio, M.M., 2014. Cyber security challenges in Smart Cities: Safety, security and privacy. Journal of advanced research, 5(4), pp.491-497.

Fox News. 2018. Verizon data breach: 14 million customers reportedly exposed. [online] Available at: https://www.foxnews.com/tech/2017/07/12/verizon-data-breach-14-million-customers-reportedly-exposed.html [Accessed 11 Apr. 2018].

Hahn, A., Ashok, A., Sridhar, S. and Govindarasu, M., 2013. Cyber-physical security testbeds: Architecture, application, and evaluation for smart grid. IEEE Transactions on Smart Grid, 4(2), pp.847-855.

Jouini, M., Rabai, L.B.A. and Aissa, A.B., 2014. Classification of security threats in information systems. Procedia Computer Science, 32, pp.489-496.

Laudon, K.C. and Laudon, J.P., 2015. Management Information Systems: Managing the Digital Firm Plus MyMISLab with Pearson eText--Access Card Package. Prentice Hall Press.

Laudon, K.C. and Laudon, J.P., 2016. Management information system. Pearson Education India.

Razzaq, A., Hur, A., Ahmad, H.F. and Masood, M., 2013, March. Cyber security: Threats, reasons, challenges, methodologies and state of the art solutions for industrial applications. In Autonomous Decentralized Systems (ISADS), 2013 IEEE Eleventh International Symposium on (pp. 1-6). IEEE.

Sou, K.C., Sandberg, H. and Johansson, K.H., 2013. On the exact solution to a smart grid cyber-security analysis problem. IEEE Transactions on Smart Grid, 4(2), pp.856-865.

Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber security. computers & security, 38, pp.97-102.

Wang, W. and Lu, Z., 2013. Cyber security in the smart grid: Survey and challenges. Computer Networks, 57(5), pp.1344-1371.

Wells, L.J., Camelio, J.A., Williams, C.B. and White, J., 2014. Cyber-physical security challenges in manufacturing systems. Manufacturing Letters, 2(2), pp.74-77