The COVID-19 pandemic and its associated lockdowns have heightened the use of the Internet for almost all business transaction processing systems (TPS) by most multinational companies around the world.
You should choose a single MNC or SME to research as the basis for your work in this whole assignment. This should be an enterprise which you know well and/or can easily obtain information about. It is subsequently referred to as MyEnterprise.
You are required to research your own MNC or SME and then tackle the four questions which follow. Wherever possible, you should illustrate your reply with reference to MyEnterprise.
- Explain the term transaction processing system (TPS).
- Why is a database a necessary component of a complete TPS?
- Critically discuss the risks, actual and potential, faced by MyEnterprise as they use the internet in their TPS and its three principal transaction cycles, their (a) online expenditure processing activities (b) online revenue cycle activities and (d) online conversion cycle activities.
- Suggest possible security measures and controls that can be used by the MNC or SME of your choice, or similar companies, in preventing cyber-criminals or internet fraudsters from attacking their network systems.
[50 marks] Part B
- You are required to describe and to model, using a dataflow diagram, one cycle only of the revenue, conversion or expenditure processing cycles of your chosen company. For the model, you should create a DataFlow Diagram DFD using software such as Diagrams.net in Google Drive. This should clearly relate to your chosen company – it is not sufficient to use a generally applicable model, nor should you reuse the work of others. [Reused work will be marked zero.]
- You are asked to identify and discuss internal control measures which could be put in place to prevent (a) employee fraud and (b) management fraud. How likely are they to be effective? Discuss and illustrate your answer with clear practical examples and applications from companies or firms (not necessarily MyEnterprise) that have been victims of employee and or management fraud as a result of internal failings.
Please note: Where possible, in all aspects of your answers, you should illustrate your discussion with appropriate and relevant examples using issues or example from the particular company of your choice together with issues or examples from other companies. Please remember to include appropriate references in your essay.
|Assessment criteria and weightings, out of 100%|
|A1. Explain the term transaction processing system (TPS).||10.00%|
|A2. Why is a database a necessary component of a complete TPS?||10.00%|
|A3. Actual and potential risks associated with the use of Internet based systems in each transaction cycle.||10.00%|
|A4 Security measures against external threats.||10.00%|
|B1a. Description of the chosen cycle within the chosen company.||10.00%|
|B1b. DFD model of the chosen cycle within the chosen company.||22.00%|
|B2. Explain and exemplify internal controls against employee and management fraud||10.00%|
|B7. Describe and discuss examples of companies that have been victims of employee and management fraud||10.00%|
|Overall quality of Writing and of referencing||2.00%|
|Overall Evidence for relevant reading, creativity and originality||1.50%|
|Overall Evidence for analytical thinking and for understanding of recent developments concerning accounting information systems||1.50%|
The specific criteria for a good DFD are:
- External entity / actor.
- Properly labelled dataflows.
- Appropriate datastores, more than one – “database” will not do!
- Each process should have at least one input and one output.
- Each data store should have at least one data flow in, and one data flow out.
- Data coming into or out of a system must go through a process.
- All processes in a DFD go to another process or a data store.
Coursework Assessment/marking Criteria
For the assessment of this assignment, the following general criteria will be used. The criteria are, however, only giving a general indication of the attributes which are normally expected of written work for it to be awarded marks. This is indicative only since an answer can have several attributes, strengths and weaknesses and the overall classification given to an assessed work will involve the judgement of the examiners about the inter-play of these attributes, strengths and weaknesses.
The answer should demonstrate excellent knowledge, application and critical analysis throughout with a logical and well-presented content showing clear evidence of recent research findings on the topic, evidence of additional readings, along with original thoughts and ideas. There should be comprehensive evidence of wide reading illustrated throughout the discussion, with relevant referencing to the appropriate authority.
The discussion is illustrated with appropriate and relevant examples and demonstrates both competence and understanding together with creativity and originality. The discussion also arrives at a considered and balanced conclusion. Several influential academic issues are explored with the overall debate providing both an analytical and critical exposition.
Your answer should demonstrate very good knowledge, application and very good analysis. Good comprehensive answer. Clear, logical, thorough with evidence of breadth and depth in reading. Understanding of inter-relationships between parts of the course and that of the subject. A competent analytical approach is taken in the debate, and important influences are explored within the context of a balanced and well-presented discussion. There is also relevant referencing to the appropriate authority, with the discussion containing no significant errors and/or omissions.
Your answer should demonstrate good knowledge, application and good analysis. Adequate for a good answer. Material limited to basic reading and lectures, competent understanding of individual topics with an only limited grasp of links between topics. Identified influences are accepted with little criticism, and little or no attempt is made to provide a critique of key procedures and controls. Although relevant developments are discussed, illustrating some understanding of main issues, the debate is lacking in analysis and coverage. Reading and research whilst balanced and thorough are nonetheless limited.
Incomplete answer where the material is sparse with inaccuracies and little evidence of even basic reading. Reliance on lecture material with an only limited indication of understanding. The discussion may provide adequate coverage of the major issues. However, the overall context is mainly descriptive and lacks any critical insight. Identified influences are accepted without comment. The essay is somewhat unstructured with no critical comment provided. There is little evidence of reading/research, and concluding comments are somewhat limited and inconclusive.
A deficient answer containing inaccuracies, omissions, errors in approach, little or no evidence of understanding, as well as little or no evidence of reading/research.
REFERENCES in this assignment description
Buil-Gil, David, Fernando Miró-Llinares, Asier Moneva, Steven Kemp, and Nacho Díaz-Castaño. 2021. ‘Cybercrime and Shifts in Opportunities during COVID-19: A Preliminary Analysis in the UK’. European Societies 23 (sup1): S47–59.
Naidoo, Rennie. 2020. ‘A Multi-Level Influence Model of COVID-19 Themed Cybercrime’. European Journal of Information Systems 29 (3): 306–21.