This week your rotation assignment takes you to the Office of the Chief Financial Officer (CFO).
An external audit of the company’s financial operations has just been completed. Last week, an “early look” copy of the audit was sent to the CFO with a request for a formal written response for each of the findings. Some of the problem areas were known to the CFO’s staff and they were already working on the required responses. But, there is one set of findings that came as a complete surprise — Shadow IT — the unauthorized / unapproved use of cashless payment technologies by certain locations and offices within the company. These technologies included:
1. Micro payments using a payment card issued by guest services to hotel guests and via unattended vending machines to visitors. These payment cards are loaded with a cash value deposited to the card’s account via a credit card charge. Guest services also credits some of these payment card accounts with “reward dollars” for guests who belong to the hotel’s affinity program. The payment cards are used at service locations which do not have a cashier station. e.g. game arcade, self-service laundry or sales kiosk, etc. The payments are processed by a third party service provider which then uses an electronic funds transfer to pay the hotel its share of the income.
2. Mobile Payments for services booked through the concierge desk with an authorized but independent provider (not a hotel employee). These services include: private lessons with a tennis or golf pro, childcare, tours and tour guides, interpreters, etc. These payments are made by cell phone either as a mobile payment using a contactless payment system such as Apple Pay or by swiping a credit card through a magnetic stripe reader connected to the provider’s cell phone. The payment accounts which receive the guests’ payments are connected to the hotel’s merchant card accounts. The hotel pays the providers monthly via electronic deposit and issues an IRS Form 1099 to record the income.
The CFO must make a presentation to the IT Governance board about these payment systems as a first step towards either getting approval for continued use or issuing a “cease and desist” directive to force the rogue offices and locations to stop using the unapproved payment systems. The presentation must include information about known or suspected compliance issues for PCI-DSS. The IT Governance board has previously asked project sponsors for information about potential privacy and security issues.
Due to the size and complexity of the problem, the CFO has split the available staff into two teams. Team #1 will focus on the micro payment cards. Team #2 will focus on the mobile payment systems. You have been asked to join one of these two teams and assist with their research. (Note: you *must* pick one and only one of the two technologies to focus on for your discussion paper this week.)
Your team leader has asked you to read the provided background information (see the Week 7 readings) and then put together a 2 page summary of the important points from your readings. You have also been asked to help identify and describe / explain 5 or more privacy and security issues that could arise in conjunction with the use of the technology being studied by your team. Remember to keep your focus on the financial aspects of the technology implementation since you are contributing to the CFO’s effort. (Financial aspects include how payments are made, what types of information are exchanged and with whom, how that information is protected, etc.)
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more