BOLGATANGA TECHNICAL UNIVERSITY

DEPARTMENT OF ACCOUNTING AND FINANCE

BTECH IN COMPUTERIZED ACCOUNTING
BTCA 405 BUSINESS INFORMATION SYSTEMS AUDITING
CLASSROOM CASE STUDY DISCUSSIONS
Case Study 1
SecureTech company a mid-sized fintech company, recently embarked on a strategic

initiative to overhaul its IT governance, risk management practices, and cybersecurity

framework. The initiative was triggered by an increasing number of cyber threats in the

fintech industry, along with the need to comply with evolving regulatory requirements and to

ensure business continuity in the face of potential IT disruptions. SecureTech decided to

adopt COBIT for IT governance to align its IT operations with the business objectives and to

ensure regulatory compliance. The COBIT framework helped Secure Tech establish clear

policies for IT management, set objectives for IT performance, and implement a structured

approach to managing IT risks.

SecureTech conducted a comprehensive risk assessment to identify potential IT risks,

including cyber threats, data breaches, and system failures. The company then developed a

risk mitigation strategy that included the implementation of advanced cybersecurity

measures, regular IT audits, and employee training programs on IT security best practices.

Recognizing the importance of maintaining operations during and after a disaster,

SecureTech developed a robust business continuity plan (BCP) and disaster recovery (DR)

strategy. This included the establishment of an off-site data backup system, the

implementation of failover mechanisms, and regular BCP/DR drills.

i. Indicate in three (3) ways how the adoption of the COBIT framework benefit

Secure Tech company Limited

ii. Describe the key components of SecureTech’s risk mitigation strategy.

1
 iii. What measures did SecureTech take to ensure effective business continuity and

disaster recovery?

Case Study 2

FinTech Inc., renowned for its innovative financial technology solutions, faced a critical

challenge when it fell victim to a substantial data breach. This incident led to the

unauthorized disclosure of sensitive customer financial information, including bank account

details, credit card numbers, and personal identification data. The breach not only jeopardized

customer trust but also exposed the company to significant regulatory scrutiny.

The breach's origin was traced back to a sophisticated phishing attack targeting company

employees. The attackers crafted a highly convincing email, purportedly from the company’s

IT department, requesting employees to update their login credentials through a malicious

link. One employee, deceived by the email's authenticity, complied, thereby providing the

attackers with access credentials. Upon gaining entry into FinTech Inc.'s network, the

attackers encountered minimal resistance in navigating the company's digital infrastructure.

Key factors that facilitated the breach included:

Outdated Encryption Standards: The company's reliance on legacy encryption protocols

rendered its data transmissions vulnerable to interception and decryption by the attackers.

Ineffective Endpoint Protection: The endpoint security solutions deployed by FinTech Inc.

were not updated to detect or prevent the latest malware and intrusion tactics used by the

attackers.

Lack of Anomaly Detection: The absence of advanced anomaly detection tools meant that

unusual network activity, such as the unauthorized exfiltration of large volumes of data, went

unnoticed.

2
The breach remained undetected for two weeks, during which the attackers systematically

accessed and exfiltrated sensitive customer data. The delay in detection compounded the

breach's severity, allowing the attackers ample time to exploit the accessed information,

Required

As an Information System Auditor, assess the situation of FinTech Inc

CASE STUDY 1 SOLUTION

The adoption of the COBIT framework benefits SecureTech company Limited in the

following ways:

1. Alignment with Business Objectives: COBIT helps SecureTech align its IT

operations with business objectives, ensuring that IT investments and activities

directly contribute to the company's overall goals. This alignment enhances efficiency

and effectiveness in IT governance, enabling SecureTech to prioritize initiatives that

have the greatest impact on business success.

2. Regulatory Compliance: By adopting COBIT, SecureTech ensures compliance with

evolving regulatory requirements in the fintech industry. COBIT provides a

comprehensive framework for addressing regulatory mandates, thereby reducing the

risk of non-compliance and associated penalties. This proactive approach to

compliance strengthens SecureTech's reputation and trustworthiness in the eyes of

regulators, partners, and customers.

3. Structured Approach to Risk Management: COBIT facilitates a structured

approach to managing IT risks by providing a set of guidelines and best practices.

SecureTech can leverage COBIT's risk management framework to identify, assess,

3
 and mitigate IT risks effectively. By implementing COBIT's risk management

practices, SecureTech enhances its resilience to cyber threats, data breaches, and

system failures, thereby safeguarding its assets and maintaining business continuity.

ii. Key Components of SecureTech’s Risk Mitigation Strategy:

1. Advanced Cybersecurity Measures: SecureTech implements advanced

cybersecurity measures to protect its IT infrastructure, systems, and data from cyber

threats. These measures may include network firewalls, intrusion detection systems,

endpoint protection software, encryption technologies, and continuous monitoring for

suspicious activities. By deploying a multi-layered cybersecurity defense, SecureTech

reduces the likelihood and impact of cyber attacks.

2. Regular IT Audits: SecureTech conducts regular IT audits to assess the effectiveness

of its security controls, policies, and procedures. These audits help identify

vulnerabilities, compliance gaps, and areas for improvement in SecureTech's IT

environment. By addressing audit findings promptly, SecureTech enhances its

security posture and reduces the risk of security incidents.

3. Employee Training Programs: SecureTech invests in employee training programs to

educate its workforce on IT security best practices and raise awareness about potential

risks. These training programs cover topics such as phishing awareness, password

hygiene, data protection, and incident response procedures. By empowering

employees to recognize and respond to security threats effectively, SecureTech

strengthens its overall security culture and reduces the likelihood of human error-

related security incidents.

iii. Measures Taken by SecureTech for Effective Business Continuity and Disaster Recovery:

4
 1. Robust Business Continuity Plan (BCP): SecureTech develops a comprehensive

BCP to ensure the continued operation of critical business functions during and after a

disaster. The BCP outlines procedures, roles, and responsibilities for responding to

various types of disruptions, such as natural disasters, cyber attacks, or infrastructure

failures.

2. Disaster Recovery (DR) Strategy: SecureTech implements a disaster recovery

strategy to recover IT systems and data in the event of a disruption. This strategy

includes the establishment of off-site data backups, replication of critical systems, and

failover mechanisms to minimize downtime and data loss.

3. Regular BCP/DR Drills: SecureTech conducts regular drills and exercises to test the

effectiveness of its BCP and DR plans. These drills simulate various disaster

scenarios and allow SecureTech to identify weaknesses, refine procedures, and train

personnel on their roles and responsibilities during a crisis. By practicing BCP/DR

drills regularly, SecureTech ensures readiness to respond effectively to actual

emergencies, minimizing the impact on business operations and customer service.

CASE STUDY 2 SOLUTION

As an Information System Auditor, assessing the situation of FinTech Inc. reveals several

critical issues that contributed to the data breach and its severity:

1. Phishing Vulnerability: The data breach originated from a successful phishing attack

targeting company employees. This indicates a lack of robust email security measures

and employee training programs to recognize and report phishing attempts. FinTech

Inc. should implement comprehensive phishing awareness training for all employees

and enhance email security measures such as email authentication protocols and spam

filters.

5
2. Outdated Encryption Standards: FinTech Inc.'s reliance on legacy encryption

protocols exposed its data transmissions to interception and decryption by attackers.

This highlights a failure to keep pace with evolving cybersecurity best practices and

encryption standards. The company should prioritize upgrading its encryption

protocols to ensure the confidentiality and integrity of sensitive data in transit.

3. Ineffective Endpoint Protection: The endpoint security solutions deployed by

FinTech Inc. were not updated to detect or prevent the latest malware and intrusion

tactics used by attackers. This indicates a lack of proactive cybersecurity measures

and a failure to regularly update security software and patches. FinTech Inc. should

invest in advanced endpoint protection solutions capable of detecting and mitigating

emerging threats in real-time.

4. Lack of Anomaly Detection: The absence of advanced anomaly detection tools

meant that unusual network activity, such as unauthorized data exfiltration, went

unnoticed for two weeks. This highlights a deficiency in the company's network

monitoring and detection capabilities. FinTech Inc. should implement robust intrusion

detection and prevention systems (IDPS) capable of detecting suspicious activities

and anomalous behavior in real-time.

5. Delayed Detection: The breach remained undetected for two weeks, allowing

attackers ample time to access and exfiltrate sensitive customer data. This indicates a

failure in FinTech Inc.'s incident response and detection processes. The company

should establish proactive monitoring mechanisms, conduct regular security audits

and assessments, and implement incident response procedures to promptly detect and

respond to security incidents.

6
Overall, FinTech Inc. faces significant cybersecurity challenges stemming from

vulnerabilities in its email security, encryption standards, endpoint protection, network

monitoring, and incident response processes. Addressing these issues requires a holistic

approach to cybersecurity, encompassing technology upgrades, employee training, proactive

monitoring, and incident response preparedness.