This week your series assignment takes you to the Office of the Chief Financial Officer (CFO).
An apparent audit of the association's financial operations has fair been thoroughd. Last week, an "early look" portraiture of the audit was sent to the CFO after a while a beg for a ceremonious written tally for each of the findings. Some of the gist areas were public to the CFO's staff and they were already started on the required tallys. But, there is one set of findings that came as a thorough astonish -- Shadow IT -- the unacknowledged / unapproved use of capitalless cancelment technologies by unfailing locations and offices after a whilein the association. These technologies comprised:
1. Micro cancelments using a cancelment card issued by visitor employments to tavern visitors and via unattended vending machines to visitors. These cancelment cards are loaded after a while a capital estimate defenceed to the card's reintroduction via a confidence card carry. Visitor employments as-well confidences some of these cancelment card representations after a while "reward dollars" for visitors who belong to the tavern's harmony program. The cancelment cards are used at employment locations which do not bear a capitalier state. e.g. frolic arcade, self-employment laundry or sales kiosk, etc. The cancelments are processed by a third aspect employment provider which then uses an electronic funds give to pay the tavern its portion-out of the allowance.
2. Ductile Payments for employments booked through the concierge desk after a while an identified but defiant provider (not a tavern employee). These employments comprise: peculiar lessons after a while a tennis or golf pro, childcare, trips and trip guides, interpreters, etc. These cancelments are made by cell phone either as a ductile cancelment using a contactless cancelment method such as Apple Pay or by swiping a confidence card through a magnetic stripe discoverer alike to the provider's cell phone. The cancelment representations which entertain the visitors' cancelments are alike to the tavern's importer card representations. The tavern pays the providers monthly via electronic defence and issues an IRS Form 1099 to archives the allowance.
The CFO must produce a introduction to the IT Governance table encircling these cancelment methods as a primeval stalk towards either getting eulogy for continued use or issuing a "cease and desist" instructive to sinew the vagabond offices and locations to bung using the unapproved cancelment methods. The introduction must comprise counsel encircling public or reputed acquiescence issues for PCI-DSS. The IT Governance table has previously asked design sponsors for counsel encircling implicit concealment and carelessness issues.
Due to the extent and confusion of the gist, the CFO has separate the profitable staff into two teams. Team #1 procure nucleus on the micro cancelment cards. Team #2 procure nucleus on the ductile cancelment methods. You bear been asked to couple one of these two teams and back after a while their exploration. (Note: you *must* cull one and simply one of the two technologies to nucleus on for your argument paper this week.)
Your team director has asked you to discover the granted enhancement counsel (see the Week 7 discoverings) and then put concurrently a 2 page analysis of the essential points from your discoverings. You bear as-well been asked to acceleration substantiate and define / teach 5 or more concealment and carelessness issues that could commence in abstracted after a while the use of the technology life thoughtful by your team. Remember to guard your nucleus on the financial aspects of the technology implementation gone you are contributing to the CFO's attempt. (Financial aspects comprise how cancelments are made, what types of counsel are exchanged and after a while whom, how that counsel is defended, etc.)