Thank you for allowing me to assist you with your inquiries regarding ___. I am pleased to present you the following summary to explain ___.
By effectively implementing these procedures / resolving these issues, ___ can help ensure the reliability of the financial reporting procedures and prevent ____.
I hope my explanation clears your question regarding ___. Should you have any concerns or questions as you review __ in detail, please do not hesistate to contact me at any time.
JIT
Definition
Just-in-time, or JIT, is developed to reduce the lag time between inventory arrival and inventory use. JIT reduces the need of manufacturers to carry large inventories, but requires considerable degree of coordination between manufacturer and supplier.
Compared to the traditional Ford system (Push systems), JIT is based on the "Demand Pull Systems". That is, rather than relying on sales projections or estimates, JIT is provided with raw materials from suppliers only as much as needed based on customer orders. Thus, manufacturers using the JIT system maintain a few reliable suppliers who inspect goods and make frequent deliveries. Another characteristic of the JIT system is its use of back-flush costing.
Advantages
- Inventory carrying costs: JIT achieves efficiency by reducing the level of inventory required to store raw materials or supplies. Maintaining high inventory levels exposes the business to potential waste of resources, such as impairment and theft. As JIT eliminates redundant inventory, this issue can be effectively resolved. Increased
- inventory turnover: By eliminating waste, inefficiencies, and bottlenecks in the production and supply chain processes, JIT ensures timely procurement, manufacturing, and delivery to customers. This enhances the inventory turnover ratio and possibly shortens the cash collection cycle.
- Decreased defects: JIT has a "line stop" system, where the production manager stops the line to fix the problem whenever a defect occurs. This enhances the quality of the products delivered to customers, which increases customer satisfaction.
- Cost savings: Lower costs of materials made possible through streamlined supply chain procedures help the business reduce costs.
- Greater employee efficiencies: Does not require specialized employees
Disadvantages
- Increased stockout costs: If orders exceed capacity, the company may not be able to keep up with purchase orders from customers. As JIT systems tend to work with a few reliable suppliers, a sudden increase in orders could cause delays. In other words, customers would need to wait longer to receive their products, potentially damaging the company's reputation and brand image. Customer satisfaction may weaken as well.
- Supplier: As described earlier, JIT systems prefer to partner with a small number of quality suppliers. There are pros and cons to this approach. For instance, quality suppliers enable timely delivery of quality raw materials. However, there is a chance they may fail to meet deadlines or quality standards. If such a scenario occurs, significant lag time can result, as finding alternative suppliers can be challenging for manufacturers. Additionally, having a small number of suppliers may increase the bargaining power of suppliers, leading to potential cost increases.
- Economies of scale: In contrast to Ford's "Push systems," where economies of scale are realized through mass production, JIT systems do not enjoy the same scale of economies. This can contribute to cost increases.
Implications
- Disaster Recovery & EDI: JIT systems aim to maintain agile inventory supplies and minimize production and delivery times to customers. Such systems cannot tolerate prolonged downtime. Thus, a comprehensive business continuity plan should be developed to ensure seamless operations.
In many cases, JIT systems employ "Electronic Data Interchange (EDI)." In short, through EDI systems, suppliers are directly connected to the manufacturer's inventory system. This allows for automatic purchase orders to be sent to suppliers, contributing to timely procurement and reduced inventory carrying costs. However, downtime caused by a disaster could disrupt timely procurement, diminishing the advantages of JIT systems.
In the context of the modern electronic business or e-commerce environment, the availability and reliability of the user interface system are more important than ever. Similarly, downtime would diminish the advantages of JIT systems. Therefore, companies employing JIT systems should prepare a business continuity plan as follows: First, they should aim for a recovery time objective (RTO) of zero. For instance, they can deploy a mirrored site that is an exact replica of the data set used for mission-critical systems.
Tariff 의 implication on importers, how to mitigate?
정의
- Government may levy tariffs on imported goods, in a way to protect its national industry from the dumping commited by the foreign companies
implication
- increases the prices of the imported goods in the domestic market.
- This reduces the competitve advantage of the company as it increases the costs of sourcing or manufacturing
대책
- Optimize the sourcing strategies:
- By implemeting effective transfer pricing, the importing company can mitigate the impacts of the tariffs
예시
- A국에서 10% tariff, subsidiary ABC가 A국에서 raw material 가공 중.
- B국에서 20% tariff, subsidiary DEF가 B국에서 ABC로부터 WIP를 수입해와서 제조 후 판매
- A국의 높은 tariff 때문에, WO effective TP 인 경우, DEF의 market competitveness가 떨어짐 (높은 원재료비)
- 따라서 market price which includes tariff로 원재료를 수입하지 말고, arm's length 범위 내에서 transfer pricing을 정한다. 이를 통해 원재료/반제품을 수입해 올 때의 tariff의 impact를 줄일 수 있다
- 또한 global value chain을 rearrange할 필요가 있다. 이를 통해 tariff가 높은 곳에서 주로 intercompany의 비용이 많이 발생하는 transaction을 처리하고, free trade zone이나 낮은 세율을 허용하는 국가에서 revenue를 발생시키는 방향으로 사업을 재정비할 필요가 있다.
Hedge
일반적인 내용
Exchange rate risks
- Transaction exposure: economic gain(loss) upon settlement of transactions by fluctuations in the exchange rates.
- Econimic exposure: PV of CF affected by fluctuations in exchange rates that do not require currency conversion
- Translation exposure: A/L/E or income of consolidated org that includes foreign subsidiaries will change as a result of changes in exchange rate
- 예) AR 보유, domestic currency가 appreciate 되면 PV of CF 감소 (Economic exposure), Loss (transaction exposure)
Exchange Risk에 대한 Hedge 방법
- Transaction exposure
- Measure NET transaction exposure (import export net)
- Future hedge: buy/sell currency units on a stated date (small transactions)
- Forwward hedge: for large transactions
- Money market hege: (AP) use domestic currency to buy a FC at current spot rates and invest them in securities that mature at the same time as related payables. (AR) Factor AR with foreign bank loans. Borrow FC
- Currency Option hedge: (AP) buy Call, (AR) buy Put
- Currency Swaps (for long-term transactions)
- Economic exposure & Translation exposure
- Restructure the sources of income & expense to the consolidated entity
- FC의 depreciation이 두려운 경우 (sub의 sales가 잘 나와도 실적 죽음), reduce foreign sales to preserve CFs.
- FC의 depreciation이 두려운 경우 (비용 감소!), take advantage of paying for raw materials in FC
Disaster Recovery Plan
시스템은 HW, SW의 failure, Power outage, political & natural disaster로부터 안전해야 한다
이러한 재난이 발생하면 System downtime이 발생하는데 이는 critical business operation에 영향을 줄 수 있으므로 사전에 Business continuity와 Disaster recovery plan을 잘 방비해두어야 한다
BCP와 DRP는 critical business operation 및 application에 대한 영향을 최소화 하는 목적을 갖고 있다. BCP는 비즈니스 충격을 약화시키기 위한 전사적인 전략으로 직원/건물/커뮤니케이션 채널/인프라 등을 포괄한다. BCP가 좀 더 conclusive한 개념으로서, BIA를 하는 과정도 포함한다. 전반적인 prevention, recovery 방법으로서 다음과 같은 방법을 강구한다: train employees so they understand, follow, and effectively implement the desginated policies and procedures; perform regular preventive controls; install an interruptable power supply which keeps computers operating for a limited time after a power failture.
DRP는 information technology의 회사에 vital한 HW, SW, applications, data의 smooth recovery를 목표로 한다. HW 측면에서는 MTD (maximum tolerable downtime)을 최소화 하는 것을 목적으로 하며, 회사의 재정적 상황과 목표에 따라 full-mirrored hot site, hot site, warm site, cold site를 추구할 수 있다. 회사는 minimum operational capability를 recover할 수 있는 RPO(point)에 따라 RTO를 세우며, full functional operation까지 recover되는데 걸리는 시간인 WRT (Work recovery time)을 고려해 Tolerable Down Time을 최소화하는 계획을 세운다.
HW 뿐만 아니라 SW 측면에서는 Backup에 대한 계획도 강구해야 한다. Backup은 회사의 데이터 프로세싱 방식에 따라 두가지 방식을 고려 할 수 있다. 먼저, GFS 방식은 batch processing을 채택하는 회사에서 고려할 수 있는 방법으로, computer operator가 3개의 recovery cycle를 통해 master file을 업데이트 한다. Rollback은 online real-time processing에서 쓸 수 있는 방법으로, checkpoint 때마다 master file에 data를 dump하는 방식으로 업데이트 한다.
Computer systems should be safeguarded against potential HW and SW failures, as well as natural and political disasters. For this reason, business continuity plan and disaster recovery plan should work together to prevent and mitigate the business impact, should a disaster occur.
Business continuity plans (BCPs) are company-wide strategic plans. These plans establish preventive and corrective procedures, taking into consideration people, buildings, infrastructure, and communication channels. Business impact analysis (BIA) is conducted as part of the BCP.
Business recovery plans (BRPs) are a subset of the BCPs. A BRP focuses on the prevention and recovery of its information technology resources and infrastructure, should a disaster event occurs. BRP aims to reduce the maximum tolerable downtime (MTD) by conducting the following procedures in advance: identify the mission-critical applications and hardware; consider a plan to mitigate risks for its mission-critical applications; assign responsibilitities to its personnel; and test the effectiveness of its DRPs.
I would like to go over how BCPs reduce its hardware and software related risks. There are four elements ranked as following: full-mirrored hot site, hot site, warm site and cold site. A full-mirrored hot site has a recovery time objective of zero, making it the most expensive of all. The cheapest option would be a cold site. Althought it is pre-wired, it doesn't have the equipments in place. Thus, cold site would require a few days for recovery.
BCPs also consider the data backup methods which include the grandfather-father-son method, and rollback and recovery method. Grandfather-father-son method is commonly used when a firm employs batch processing system. With this method, a computer operator creates three cycles to upload the data to its master file. The rollback and recovery method is used in the online real-time backup processing. This method typically creates a checkpoint where transaction data would be dumped into its master file on a real-time basis.
Variance
생산량은 줄었는데 Direct labor hour은 늘었음. 그 이유 뭔지?
- under-skilled workers
- worked too slowly or made poor-quality products that required reworking
- budgeted time standards were too tight
ST financing v LT financing
- ST debt을 refinancing할 때 LT debt 혹은 Equity로 할 때 impact
공통점
- Refinancing short-term debt with either long-term debt or equity enhances the working capital condition of the company
LT debt financing
- Long-term debt financing refers to debt with a maturity period of more than one year
- It requires fixed periodical interest payments, interest expense is reduced compared to interest expense arising from short-term financing
- It allows the interest tax-shield
- Less costly than equity financing
- During inflation, the firm can repay debt at cheaper price
- existing shareholders can retain control of the company
- excessive debt may lead to credit risks. The company should monitor whehter their financial ratios are in compliance with the debt covenants
Equity financing
- more costly than debt financing
- does not have maturity
- improved balance sheet
- existing share holders may lose controls over the firm as the shares get diluted
- EPS may lower due to increased outstanding shares, increased PE ratio
정의 및 종류 예시
- An entity's capital structure is the mix of debt (short-term and long-term) and equity (common and preferred).
- Short-term fiancing:
- generally classified as current and will mature within one year.
- Supposing normal yield curve, the interst rates associated with the short-term financing is lower than long-term rates.
- Short-term financing requires current assets to be sufficient to meet short-term obligations. (otherwise solvency problems)
- 장점
- Less costly - low interest rates
- Improved profits - rapid conversion of operating cycle of components (AR, Inv) into cash to meet short-term obligations
- 단점
- Higher interest rate risks for borrower - interest rates can abruptly change, and given shorter maturity, may require greater financing charges
- Long-term financing:
- generally classified as non-current and will mature after one year.
- Supposing normal yield curve, the interst rates associated with the long-term financing is higher than short-term rates. It is largely because of the interst risk associated with long-term finacing. With higher volatility resulting from extended maturity, more maturity risk premiums are expected in the market. This expectation hightens the market yield rates for the long-term financing.
- 장점
- Lower interest rate risks for BORROWER: LOCK IN an interest rate over a long period, reducing exposure to fluctuations in rates. <-> LENDER: increased interst rate risk. 따라서 high yield 요구
- 단점
- Increased financing costs resulting from high interest rate. Interst rate risk on the lender's perspectives is higher, requiring higher maturity risk premiums and higher yield rates.
- Thus, profitability is decreased
Risk versus Return
A higher-risk investment must offer correspondingly higher returns to offset the downside posed by its risks. Risk and return are functions of both market conditions and the risk preferences of the parties involved. For example, if Bond A has a higher chance of loss compared to Bond B, Bond A would raise its interest rates so that it can compete with Bond B. Consequently, the prices of Bond A would be lower than those of Bond B.
Risk may be defined as the chance of financial loss due to uncertainty and variability in the market. The types of risks include systematic risks (inherent risks in the economy, such as war, inflation, political events), unsystematic risks (firm or industry-specific risks, such as strikes or lawsuits), credit risk, default risk, and liquidity risk.
Return may be defined as the total gain or loss experienced by the owner of the asset. Computation of return takes into consideration maturity risk premium, inflation risk premium (or purchasing power premium), liquidity risk premium, and default risk premium.
It is important to note that while unsystematic risks can be reduced via diversification (i.e., portfolio investment), systematic risk cannot be mitigated through diversification. One way to control market risk is to invest in derivatives that provide gains to the investor to compensate for the losses.
For interest rate risk, an investor may invest in floating-rate debt securities to compensate for the risk. For example, derivatives such as forward rate contracts or interest swaps can also be used. To manage credit risks, ratio analysis should be conducted to improve its credit ratings. The higher the credit ratings, the lower the borrowing costs a firm may incur. In contrast, default risk for the investor can be mitigated by choosing to lend only to borrowers with a low risk of default.
ABC
정의 및 전통적 방법과 차이점
Activity-based costing is a method used by a firm to allocate its manufacuting overhead costs to products and services based on the actual consumption of resources. It differes from traditional costing methods that allocate costs based on single cost-driver such as labor hours or machine hours. ABC costing identifies multiple cost pools and cost-drivers based on multiple cause and effect relationships.
장점
- Accurate cost allocation: specific activities and resources that contribute to a product/service.
- Helps determine true cost of products/services.
- Better management decisions: More informed decisions thanks to the understanding of true costs.
- Resource optimization: Identify high-cost & low-value activities, focusing resources on activities that add value while eliminating non-value added activities.
단점
- Costs more to accumulate & analyze information: implementation of ERP system to accumulate costs, and takes more time to analyze the activities that match with resources. May not be feasible for a small-sized organization.
- Specialized knowledge
- Resistance to change
Not useful when
- small companies
- OHs small
- only one product, homogenous products
FIFO v LIFO v Weighted average
Cost flow assumptions (EI, CGS)
- First In, First Out (FIFO): first costs inventoried are the first costs transferred to cost of goods sold. ending inventory on the BS includes the most recent costs incrred and therefore approximates replacement costs. Both perpetual and periodic cost allocations can be used under FIFO.
- Last In, First Out (LIFO): last costs inventoried are the first costs transferred to cost of goods sold. ending inventory on the BS includes the oldest costs incurred. Both perpetual and periodic cost allocations can be used under LIFO.
- Weighted average: goods available for sale, including the beginning inventory + purchase, are divided by the total units of inventory. the average cost per item is used for both the ending inventory & cost of goods sold. Under moving average method the perpetual system can be used to allocate the costs, while periodic system is used under the weighted average method.
Inventory valuations
- First In, First Out (FIFO): Lower of costs and net realizable value is used. If the value of the inventory falls below the original costs, the inventory must be restated to its net realizable value.
- Last In, First Out (LIFO): Lower of costs and market value. The market value is the median of the firm's net realizable value, net realizable value less normal profit and replacement cost.
- Weighted average: Lower of costs and net realizable value is used. If the value of the inventory falls below the original costs, the inventory must be restated to its net realizable value.
Cost allocation: Periodic v Perpetual systems
- Perpetual system: inventory balance is updated for each purchase & sale. Cost of goods sold is determined and recorded each sale. It allows enhanced internal controls of inventories via monitoring as it helps detect and prevent defalcation on a timely basis. Also, it allows greater operation efficiency as economic and efficient purchase order can be made without recreating unnecessary redundancy. However the managing such system can be costly.
- Periodic system: physical inventory counts are performed at least annually. It is cost efficient, however, the cost of goods sold can be overstated as it may regard inventory impairment and theft as cost of goods sold.
Shared Service Center
정의
Shared services center (SSC) is a centralized unit within an organization that consolidats certain support functions such as finance accounting, human resources, IT department, to serve multiple departments and business units within the same organization. Here are the advanages and disadvantages of implementing shared service center:
장점
Cost reduction: one of the primary benefits of SSC is cost saving. By consolidating and streamlining processes, org can achieve economies of scale, reduce redundancies of effort and lower operational costs.
Efficiency: SSC pursues the standardization of processes. Such attitude lead to faster and more consistent services delivered in the organization.
Focus on core activities: Increased productivity
단점
Initial implementation costs: investments in tech/HR can be expensive.
Resistnace to change: employees may fear job loss or disruption to their roles
Service flow disruption: consolidation to a single location can create waste in the transition, rework and duplication.
Failure depand: A task must be performed for a second time because it was incorrectly performed the first time.
SOD
Internal controls rely heavily on S o incompatible duties that could potentially allow an employee to process a transaction without any effective oversight. SoDs helps prevent fraud.
Generally speaking, transaction authorization should be segregated from transaction recordkeeping and underlying cusoty of assets.
IT 관련
Computer programmer - System programmer
- can override any system security and provide himself with unlimted access to application programs and data and would likely be able to hide such access.
- conflict of interest : CP는 test environment에서 application write, SP는 underlying infra 및 OS를 담당. They may be tempted to make changes that benefit one role at the expense of the other role, potentially leading to security vulnerabilities.
Computer programmer - Security Administrator
- CP는 test envrionment에서 application write, Security administrator는 authorization matrix에 따라 application에 대한 access를 grant, authorize하는 role. (role-based acces control)
- conflict of interest: tempted to make changes that benefit one role at the expense of the other role, leading to security vulnerabilities
- security bypass: steal organizatin information
Computer programmer - System analyst
- SA는 bridge between end user - programmer, design application program and HW
System
Liquidity
BSC (4가지 카테고리, 세부 성과지표 몇가지)
정의
The Balanced Scorecard (BSC) enables balanced performance measurement by considering non-financial indicators. It allows a business to stay strategy-focused. A certain set of key performance indicators can be emphasized more depending on a firm's strategy and objectives. For example, a startup company focusing on expanding its business would have learning and growth or internal business processes as its key performance indicators.
4가지 카테고리
There are following four critical success factors of the BSC:
- Financial perspective: Financial perspective measures how the company enhances its stakeholder's interests and increases the corporate value. The examples of key measurements include return on investment, residual value, economic value added.
- Customer perspective: Customer perspective measures how successful was the company in the market. The examples of key measurements include customer satisfaction, market share, and the rates of customer complaints.
- Internal business: The key examples include innovation process, operating process, post-sales services process
- Learning and growth: measures the improvement in its employees and information systems to assess the key process advancement
단점: Resistance to change, Complexity, Resource intensive
E-business 위험
1. Cybersecurity threats: E-businesses are vulnerable to various cybersecurity threats, including hacking, malware, and phishing attacks.
- invest in firewalls, antivirus software, intrusion detection systems, and encryption to protect against..
- regularly update SW to patch system vulnerabilities
- train employees to recognize phishing attempts and other social engineering tactics
2. Data privacy concerns: E-business often collect and store customer data. Mishandling/unauthorized access to this data can lead to breaches and loss of trust from customers.
- implement GDPR (general data protection regluation) to safeguard customer info
- Limit access to customer data only to authorized personnel. Authorization matrix
- Use secure storage
3. Payment fraud: Credit card fraud, identification ttheft.
- implement encryption and fraud prevention tools
- require multi-factor identification for high-value transactions
4. Website downtime: Lost sales
- mirrored-hot site
DBMS 장단점
정의
전통방식(file-oriented system)은 separate set of data files exist for each application programs, creating same data stored in multiple files. 이와달리 DBMS은 is a software that separates data from the related applications and faciliates creation, management, retrieval of data in structured way.
장점:
- Data centralization: centralizes data storage, making it easier to manage & access data from a single location
- Data standardiztion: reduces redundancy and ensures data consistency.
- Data integrity: integrity constraints such as primary keys, foreign keys, and data validation rules, ensuring that data is accurate and reliable.
- Data security: provides user authentication and authorization mechanism, allowing control over who can access and modify data.
- Data query and analysis: can use coplex queries and data analysis using Structured Query Language, making it easier to extract valuable insights from data
단점:
- Costly: Can be costly. includes SW, HW, training and onging maintenance expenses
- Complexity: Requires expertise in database design and admin
- Resource intensive: require substantial computational resources such as CPU, memory, and storage, depending on the size & complexity of the database.
- Data dependency: stores data in particular format, which can create data dependnecy issues. If the format changes, it can affect teh application that uses the data, leading to additional development costs. (프로그램 구조가 데이터 구조에 영향을 받는 것을 data dependency라 함)
- Increased chance of breakdown: specialized data backup & procedures required
네트워크 구분
NW: a group of computers and other machines are interconnected using a series of NW devicies (i.e. routers, switches) so that one group of users may securely share resources.
- LAN (local area network): a network of interconnected devices within a limited geographic area, such as a home or office. This is controllec by software-defined networking (SDN) applications.
- WAN (wide-area network): provide network acces to a larger geophraic areas cities, regions or contries. WANs connect LANs togther to provide broad coverage.
- Software-defined wide-area networks (SD-WAN): Allows centralized control of WAN traffic using SW-based mgt. It enhances agility, performance and security by optimizing routing traffic accross WAN connections.
- Edge-enabled devices: edge-enabled devices are HW devices that equipeed with processing power to perform computing tasks at the endge of the network. This reduces latency and enhance the performance of applications like Internet of Things devices.
- VPNs (Virutal Private Networks): An encrypted private networks that run on a public network, namely the internet. User activity and IP addresses are hidden and third parties can no longer see individual user traffic
- Intranet: connects within a company. build internal sites, more secure than internet due to restricted access
- Extranet: permits suppliers, customers, partners have direct access to the company nw.
Client/Server 시스템 장단점
정의
Is an alterative to using a mainframe network. Is a NW architecture in which computing tasks are divided between client devices and server devices. Any computer on the network can pefrom the data processing, as the software applications reside on the client computer. The data is stored on the server so that all clients can simulataneously access the same data and information.
장점
- Less costly: compared to mainframe network, the upfront investment costs are less costly
- Efficiency: Reduction in bottleneck phenomenon as each workstation can process information and data, enhancing telecommubication speed
- Scalability: flexibility of distributing HW, SW, Data throughout the computer NW
단점
- Less control: Each workstation has different permissions and access profiles.
- Backup and recovery: Some client/server systems with multiple servers require multiple copies of files stored on each server. This makes recovery procedures more difficult
- Server is prone to denial of service (DOS) attacks
- Clients are prone to viruses
General Control 5가지
SDLC/Change management/SoD/Business resilence/Physical control
- System development life cycle (SDLC)
- Make sure the system is delivered on time, high quality and on budget
- Steering committee: System analyst, End user, Application programmer와 IT expertise의 조합
- Waterfall model (plan & feasibility test - analysis - design - development - test - implement)
- Prototype modeling (agile modeling)
- Change management
- Changes are duly authorized, examined and approved prior to being put into practice
- Adheres to best practies and keeps an exhaustive change log
- Segregation of Duties: Separation of duties that are not compatible. Its objective is to prevent one individual having an excessive responsilibity and control over the systems. A limited access restriction to production program & data is the example of the SoD.
- Many transactions and functions in an IT environment are actually performed by the application software. Therefore, segregation of duties normally revolves around granting and/or restricting access to production programs, production data, and execution activities. The following areas within the IT infrastructure need to have a proper segregation of duties: system programming; end user transaction/data entry; data custody and storage; and authorization responsibility and monitoring. The key is to avoid control failures, security breaches, infections from malware, and conflicts of interest. In a well-structured IT department, no user should be allowed to authorize a transaction, then record the transaction and receive physical custody of the assets. Authorization, recording, and custody are duties that must always be segregated.
- Computer operator and Computer programmer should be segregated
- Security admin and Computer operator (or Computer programmer) should be segregated
- Computer prgrammer and System programmer shold be segregated
- Business resilience:
- Maintain business continuity plan and data recovery plan to mitigate potential risks affecting the critical business operations. Busines impact analysis, HW backup, Data backup.
- Physical controls
- Control over IT facilities to safeguard equipments, programs and data from physical damage.
- Preventinve: security personnel, electronic door locks, cameras and surveillance devices
- Detective: smoke detectors, fire alarm
Application Server Provider 장단점
정의
- org need IT resources beyond their internal IT infra can offer
- utilize third-party service providers
- range of services outsourced include application sw, virtual hardware, data storage, disaster recovery, NW mgt
- cloud computing is renting storage space, processing power, software, or a combination of the three
종류
- IaaS (infrastructure-as-a-service): a.k.a. Hardware-as-a-Service. (server, storage, network mgt)
- PaaS (platform-as-a-service): rent tools/services to build cloud based sw & programs (i.e. Force.com)
- SaaS (software-as-a-service): subscription-based software services through licensing
장점
- Enhanced focus on core business
- Scalability: Highly scalable, can grow with the org. Can contarct for expansion as needed
- Lower costs: economies of scale, reduced need for internal IT personnel, cost reductions
- expertise
단점
- risk of data loss
- cyber security vulnerabilities: data stored in community clouds may be vulnerable by other "tenants"
- less control over the design of the program
- data privacy: providers can access the sensitive info of the clients/firm
- IT support may not be immediate:
따라서
- deligence in vendor screening needed
Swap interest rate
정의
- investors mitigate interest risks by investing in floating rate debt securities OR
- invest in derivatives such as interest rate swaps
- investors pay fixed interest rate and receives a floating interest rate
예시)
- ABC company invested in $1,000,000 8% fixed rate bonds & expects the interest rate to rise in the future
- Enters into an interest swap contract with DEF company.
- ABC to provide 8% fixed rate interest payments to DEF on the principal amount of $1,000,000
- DEF to provide floating interest rate to DEF of SOFR+1% interest payments on the principal amount of $1,000,000
- On the first settlement date, SOFR was 8.5% (9.5%), ABC can settle net payment or exchange the payment
장점
- Risk management: reduce the interest rate risks which affects the price of the debt secruity investments
- Cost reduction: investors can enjoy higher return, while the borrowers can take advantage of low interest rates
- Flexibilitiy: customized to meet the needs of the parities (terms & conditions)
단점
- interest rate risks: interest rates may move against a party, requiring to make payments that exceed their expectations
- Couterparty risks (default risks): this can be mitigated by using credit limits / collateral requirements
ERM: Help evaluate opportunities
is the culture (core value -> shape descisions regarding risk), capabilties (competitive adv), practicies (applied to all levels of the entity) integrated with strategy-setting & performance, that organizations rely on to manage risks in creating, preserving and realizing value.
Effective ERM processes gives management a framework to evaluate risk as an opportunity to increase competitive positions and exploit certain market and operational conditions.
ERM is an integrated framework for holistically managing every risk confronting the enterprise to achieve organizational objectives and minimize unexpected earnings volatility. It challenges organizations to view risk as an opportunity. Since companies must hold capital to absorb the risk of loss — hedging, absorbing or transferring the risk — there is less capital to invest in other profit-producing activities. In effect, ERM helps companies determine the right amount they should direct toward risk.
Performance 에 대한 내용을 쓰면 될 듯
- Develop a holistic view:
- evaluate an entity-wide, portfolio of risk.
- risks deemed severe at operating level may be less of a concern at the entity level (bc well diversified)
- consider how risks affect performance and achievement on strategy. align with overall risk appetite
- Identify risks:
- that could affect the success of those opportunities. This includes assessing risks associated with market conditions, competition, regulatory changes, and internal factors
- Assess serverity of risks or events: assess risks and opportunities at multiple levels.
- risks deemed severe at operating level may be less of a concern at the entity level (diversified)
- Inherent risks (absence of mgt actions to alter the serverity), target residual risks (= degree to accept ; DOL, DFL), actual residual risks
- Prioritize risks based on risk appetites and business strategy
- Respond to risks
- Accept (self-insure): no change to the severity
- Avoid: when cannot mitigate risks
- Reduce: Hedge, action taken to reduce severity with target risk profile & risk appetite
- Transfer: outsourcing, insurance
- Pursue: amplify return (DOL, DFL)
IT controls for inventory system
1) Access control
- Role-based access control
- SoD
- Multi-modal user authentication
2) Data management
- Data encryption: ecrypted data in transit to prvent from unauthorized access
- Change management: track and authorize changes to the inventory system
- Backup & recovery: regular backup + develop & test DRP to minimize downtime in the event of failure
3) Physical security
- Preventive: keypad, biometrics, fire alarms
- Detective: Surveillance cameras, security personnel
COBIT FW
Lockbox system v Concentration banking
Lockbox system:
- customer remit their pmt directly to the bank
- bank credits these payments to company's account
- more readily available and larger cash balances can be invested to maximize interest income
Concentration banking:
- balances in the local banks are immediately consolidated into one bank/account
- increases the amount of idle cash that can be invested and maximizes interest income
- if) need to compensating balance? concentration banking is ideal