Becoming a U.S. Soldier

The United State Army was founded to defend our country, the United States of America, two hundred and thirty-three years ago. The U. S. soldiers had been in different battles; from the Revolutionary War to the global effort to combat terrorism, they have remained Army Strong, drawing their commitment to their values and beliefs.The U. S. Army has achieved and is continuing to achieve excellence both here and abroad. They have shown willingness to make sacrifices in order to build a better future for our country (â€Å"The 233rd United States Army Birthday†). The U.S. Army’s mission is to provide prompt and sustained land dominance over a full range of military operations in order to fight and win our country’s wars. They operate across a spectrum of conflict, supporting combatant commanders. Title 10 and Title 32 of the United States Code direct the U. S. Army to equip, organize and train forces in order to conduct sustained and prompt combat operations on land. The U. S. Army is tasked to accomplish missions that are assigned by the President of the United States, the Secretary of Defense, and combatant commanders.(â€Å"Mission†) A key component of the U. S. Armed Forces, the army is made up of the most dedicated, most respected, and best-trained soldiers in the world. They protect America’s freedom both home and abroad, secure our homeland, and defend democracy worldwide (â€Å"About the Army: Overview†). The army is one of the three components of the U. S. military. The other two are the navy and the air force. These three report to the Department of Defense. The U. S. Army has two major components of equal importance. They are the Active Duty and the Army Reserve (â€Å"Organization†).Those who work in the two distinct components of the army, the active and the reserve components, are enlisted soldiers, warrant officers, commissioned officers, and non-commissioned officers (â€Å"About the Army: Personnelà ¢â‚¬ ). In either component, the army conducts both institutional and operational missions. The operational army is consisted of numbered armies, divisions, corps, brigades and battalions, which conduct extensive operations around the world. On the other hand, the institutional army provides support for the operational army.They provide the necessary infrastructure to train, raise, deploy, equip, and ensure the readiness of the army forces. Military skills, as well as professional education, are provided by the training base to every soldier, together with members of allied forces. The institutional component of the army also allows the army to expand in a rapid manner during time of war. The army is provided with world-class logistics and equipment by the industrial base. Power-projection platforms are provided by the army installations.These are required to position land forces readily to provide support to combatant commanders. Once the forces are positioned, they are provided w ith needed logistics by the institutional army (â€Å"Organization†). The army is composed of a large number of soldiers. There is a necessity to organize the army into units because of its large number. Each unit has its own leader and reporting structure. Each unit was created in order to respond to any mission, regardless of complexity or size (â€Å"About the Army: Personnel†).According to the Soldiers Almanac, soldiers are grouped into units, each with specified numbers. A squad is composed of 9 to 10 soldiers; a platoon consists of 16 to 44 soldiers; a company has 62 to 190 soldiers, a battalion is composed of 300 to 1,000 soldiers; a brigade has 3,000 to 5,000 soldiers, a division consists of 10,000 to 15,000 soldier; and the corps is consisted of 20,000 to 45,000 soldiers (â€Å"About the Army: Personnel†). Becoming a soldier is both a challenging and a rewarding life. There are three primary steps on how to become a soldier. The first one is to work wit h a recruiter.The next step is to attend the Basic Combat Training after you have signed up and sworn in. After that the Basic Combat Training, a soldier will learn valuable skills by attending the Advanced Individual Training (â€Å"Soldier Life: Becoming a Soldier†). Basic Combat Training (BCT) is a training course that transforms civilians into Soldiers. Over the course of nine weeks these recruits learn about the Seven Core Army Values, how to work together as a team and what it takes to succeed as a Soldier in the U. S. Army. A civilian is transformed into a soldier by attending the Basic Combat Training.This is a nine-week training course where recruits are taught of the Seven Core Army Values, working together in a team, and succeeding in the U. S. Army (â€Å"Soldier Life: Basic Combat Training†). After soldiers complete the Basic Combat Training, they will attend the Advanced Individual Training to learn the necessary skills to perform their army job. They rec eive hands-on training, as well as field instructions, to make them experts in a specific career field. In this training, they gain discipline and work ethic (â€Å"Soldier Life: Advanced Individual Training).When the Congress passes the Defense Authorization Act each year, they indicate how many soldiers can be on active duty during that year. Congress also places a limit on what percentage of the whole active duty force can serve as warrant officers, how much percentage of the total active duty force can be posted as enlisted officers for the positions of sergeant and above. However, there are no statutory limits on positions of private, private first class, and corporals (Powers, n. d. ) For the positions of sergeant and above, there must be a vacancy in the next level in order for them to get promoted.However, soldier ranking private first class, and corporal are promoted through decentralized promotions. Decentralized promotion means that the unit is in-charge of promotions; h ence they are the promotion authority. The commander decides who should get promoted based on the promotion criteria set by the U. S. Army to preserve the promotion flow (Powers, n. d. ) There are 146,000 American troops in Iraq, including service and support personnel. The soldiers stationed in Iraq play various roles. Some of them are stationed as combat troops.Combat soldiers, according to the military, â€Å"those whose primary mission is to engage the enemy with lethal force. † However, these combat troops are scheduled to leave Iraq by June 30, 2009. This is in accordance with the agreement between Iraq and the United States, as stated in status-of-forces agreement (Bumiller, 2008). In spite of the agreement that combat troops will leave Iraqi cities, many military men are will be left behind as advisers and trainers. This new set of troops will be tasked to train and offer support to the Iraqi people so as not to risk the â€Å"fragile and relative Iraqi stabilityâ₠¬  (Bumiller, 2008).Truly, the United States Army have played and continuously playing a vital role in our society. They have assured us of our liberties and made an effort to assure the liberties as well of those who are offshore. The soldiers in the U. S. Army have dedicated themselves in the service of the American nation and there is no reason available for us not to be proud of them. References: â€Å"About the Army: Overview. † Army Strong. Retrieved 21 February 2009, from http://www. goarmy. com/about/index. jsp. â€Å"About the Army: Personnel. † Army Strong. Retrieved 21 February 2009, from http://www. goarmy. com/about/personnel. jsp.Bumiller, E. (2008). â€Å"Trying to redefine role of U. S. military in Iraq. † International Herald Tribune. Retrieved 21 February 2009, from http://www. iht. com/articles/2008/12/22/america/22combat. php. â€Å"Mission. † The Official Homepage of the United States Army. Retrieved 21 February 2009, from http://www . army. mil/info/organization/. â€Å"Organization. † The Official Homepage of the United States Army. Retrieved 21 February 2009, from http://www. army. mil/info/organization/. Powers, R. â€Å"Army Enlisted Promotion System. † Enlisted promotions made simple. Retrieved 21 February 2009, from file:///D:/httpusmilitary. about.com-cs-armypromotions-a-armypromotions. htm. â€Å"Soldier Life: Advanced Individual Training. † Army Strong. Retrieved 21 February 2009, from http://www. goarmy. com/life/advanced_individual_training. jsp. â€Å"Soldier Life: Basic Combat Training. † Army Strong. Retrieved 21 February 2009, from http://www. goarmy. com/life/basic/index. jsp. â€Å"Soldier Life: Becoming a Soldier. † Army Strong. Retrieved 21 February 2009, from http://www. goarmy. com/life/becoming_a_soldier. jsp. â€Å"The 233rd United States Army Birthday. † The Official Homepage of the United States Army. Retrieved 21 February 2009, from http://www. army. mil/birthday/233/.

Poetry and Worldly Wealth Essay

Andrew Lang describes the truth about money and what it meant to people in the 1800s and 1900s. He uses repetition to clearly explain his ideas. Lang believes that money could either be good or it could be evil, I guess it all depends in how you use it and appreciate it. The people in this poem are priests, soldiers, captains etc. The main idea is about how some and most people only do things for money. The â€Å"Ballad of Worldly Wealth,† is a depiction of how money can bring pride and corruption into our society. The form of this poem is a ballad. A ballad’s contents include 3 stanzas, at least 8 lines in each stanza, and a refrain (a repeated phrase at the end point of a poem) a refrain in example of the Ballad of Worldly Wealth is â€Å"Youth, and health, and Paradise† The author used artificial imagery to characterize money as both a staple in society, and as the icon of the world’s power and corruption. There is several rhetoric patterns found in the poem. The rhyme pattern is an End rhyme. Poems with end rhyme are those whose last word of every line ends with a word that rhymes, for example: â€Å"While the tides shall ebb and (flow); Money maketh Evil (show)† Flow and show are two separate words, however both have rhyming sounds. Also displayed is parallel construction, a sentence, idea or clause that is presented with an opposing idea. In this statement, â€Å"Money moves the merchants all, While the tides shall ebb and flow; Money maketh Evil show, Like the Good, and Truth like lies† it can be seen that the opposition is of that money is what makes the world go round. However money also creates greed, and makes the people see the money as a good thing, when really it’s all a lie.

Does Breaking a Law Makes a Criminal? Essay

To judge whether breaking a law makes a criminal, first we must define the terms law and crime. Every society makes and enforces laws that govern the conduct of the individuals. Without law we cannot live. Laws maximizes our individual right, facilitate the orders of our society, and it keeps peace in our civilization. The violation of those duties that he or she owes to society and for the breach of which the law provides is defined as a crime. Breaking the law does not always constitute criminality. Law is created within the ethical realm of human’s principles, therefore laws fluctuates as our perception changes. To answer our question whether breaking a law makes a criminal, we must examine further to see if the action committed is incriminating by the criminal intent. Most crimes require criminal intent. Two elements must exist before a person to be found guilty of an intent crime and be label as criminal. First, the person must have actually performed the criminal act. For example, killing of someone without legal justification is a criminal act. This is because the law forbids person from killing on another. Criminal act is not always an action people take. A person can be a criminal for not acting. For example, if a taxpayer who is under a legal duty to file income tax returns and pay income tax, failure to do so will result in a criminal act. Second, to be found guilty of an intent crime, the accused must be found to have possessed an evil intent to do harm. For instances, assault and battery are usually consider an evil intent because the perpetrator intends a specific result with the purpose of doing harm to another. To further complex criminality, we should also examine non-intent crimes. Sometimes non-intent crimes can also result in a criminal act. Non-intent crimes are often imposed for reckless or grossly negligent conduct that causes injury to another person. For example, the crime of involuntary manslaughter is a non-intent crime. If a person was driving 55 miles per hour while in a 35 miles per hour zone and the driver cannot stop his car at a red traffic light, enters the pedestrian crossing, and kills a pedestrian. He is guilty of the non-intent crime of involuntary manslaughter. Whether breaking a law makes a criminal, it all depends on one’s perception. These laws exist because it lays general rules that organize the society. The primary intent is to protect and forbids people from engaging in certain undesirable activities. And what is â€Å"correct† is based on morality and ethics. Law is discovered by humans through the use of reason and choosing between good and evil.

Integrated marketing strategy Essay Example | Topics and Well Written Essays - 1250 words

Integrated marketing strategy - Essay Example ecognize the proper media option in relation to communication objectives in order to facilitate customers with the actual information regarding the products and services (Percy, 2008) Contextually, the competitive market of automobile industry reveals that companies are currently facing various problems while launching new products in the market. In relation to this aspect Zamada Motor Company from Japan should consider certain strategies prior to the final launch of its products in Eastern region of Canada in relation to IMC. It is in this context that adequate significance towards the IMC approach shall enable Zamada in obtaining greater competitive advantages when introducing its â€Å"2.2† model car in Eastern Canada over its major rivals including Mini, Fiat, Ford and Toyota among others. With the intention to gain competitive advantages and better return from its diversity planning, i.e. the launch of â€Å"2.2† model car, Zamada has been targeting customers aged between 22 years to 34 years, irrespective of their gender based classification. However, for female customers, the age bar has been relaxed upto 45 years. Hence, it can be affirmed that Zamada has been primarily targeting towards the female group of customers belonging to the age group of 22 years to 45 years in order to gain competitive advantages over the available substitutes. Hereby, the sole intention of this particular marketing approach should be augmenting customer awareness regarding the brand and subsequently, increase their preferences towards Zamada through effective IMC strategies. It is worth mentioning in this context that IMC is a multidimensional approach which functions on the basis of various channels, such as direct selling, audio-visual communication channels, personal selling, and public relations among others. However, concerning the objectives of Zamada in launching a new car model as well as its targeted market segment, the channels that can be beneficial f or its IMC program are advertizing, public relation and interactive marketing (RD Marketing, 2011). With the help of the selected communication channels, Zamada shall be able to develop adequate awareness among the potential customers. Stating precisely, advertising through print, audio and audio-visual media is considered to reward better accessibility to the potential customers in the modern day context which certainly increases the chances of generating increasing sales through effective brand awareness. Similarly, effective concern towards public relation has often been regarded to be virtuous in yielding satisfactory customer loyalty towards the brand developing effective customer relationship. Nevertheless, interactive marketing assists in obtaining an in-depth understanding of the requirements and perceptions of the customers which further assists in

Employment Discrimination Assignment Example | Topics and Well Written Essays - 750 words

Employment Discrimination - Assignment Example Due to the fact that the termination was expressly concerned with the fact that his immediate supervisor felt he could not trust a homosexual in such a position, whatever shortcomings or missteps that Tom may have made in the past with regards to the his level of stereotypical manly talk, tough behavior, and/or flirting with female personnel within the organization. This is a likely approach that the organization will seek to put forward as a means of defense; however, it will not work due to the fact that the reason for termination was not stated to be any of these aspects; rather, it was determined to be due to the fact that the employer felt he could no longer trust Tom, he was ultimately terminated from his position. Accordingly, this represents a very clear cut and flagrant violation of EEOC and employment law that the court system should not have any difficulty adjudicating. As such, the final determination that can all but be assured is that the EEOC will rule in Tom’s favor and state that the employer has terminated an employee unlawfully; as such, Tom will have the possibility to either chose to continue his employment with back pay for time last or he can alternatively choose to pursue suit in the case (Marshall et al, 2011). 2. Robin has just graduated with an MS in elementary education. He sends his resume to a number of school boards and one writes back offering an interview for a kindergarten position. When Robin arrives at the interview it is obvious that the interviewers had expected a female. They ask a few general questions and conclude the interview. Two days later he gets a rejection letter. He later finds out that a female applicant with only a Bachelor’s degree was hired. He believes that he has been discriminated against due to sex and he files a complaint with the EEOC. The school district defends by saying that kindergarten teachers are traditionally female and that the parents' preference is for a female to conduct the cl ass. Is the school board justified in their actions and will their defense be effective? One of the difficulties in defining and discussing legality and ethics within the workplace decisions is the differentiation between unethical behavior and ultimate illegality. As such, the case in question illustrates both an unethical and illegal component. Whereas the employer is within its rights to make certain determinations, it is against the law to discriminate upon an individual based upon age, gender, race, sexual orientation, or religious affiliation. Although the school may think that their defense is rock solid due to the fact that they have included another group’s preferences into the decision making process, the fact of the matter is that this defense expressly admits that they had been discriminating upon sex as one of the primal determinants to fulfill the position in question. Moreover, the fact of tradition itself, or the preference of shareholders, has absolutely noth ing to do with the legality of whether or not the ultimate hiring authority had discriminated (McMahon & Hurley, 2008). The school district made a fundamental mistake in first choosing to discriminate based upon gender and a second fundamental mistake in admitting to the fact that they had discriminated; regardless of whatever weak excuse was employed to make up for such an action. As such, the cas

Summary Essay Example | Topics and Well Written Essays - 500 words - 77

Summary - Essay Example The target market of this corporation is the small businesses and the home PC users. It wishes to promote its product and services using local media such as local newspaper and radio. This is because at this developmental stage its main target market is local. It will also distribute fliers within the vicinity of the company to attract the local clientele. The manager will be the owner of the business whose responsibilities will be to oversee the daily operations. Originally the staff will consist of only three individual, the technicians, sales persons and the administrative staff. Since the organization will be dealing with an area that requires great technical knowledge, it s crucial that the integration of the necessary hardware be done with precision. The customers will choose the desired look they need o their customized computers and then the company technical expert will work with this. The company will minimize costs of production by ordering computer pats in large scale form the suppliers. Daily operations will involve consultations with the salesperson and technicians and sales. The employees will be expected to work 8 hours a day for five days. In case they are required to work extra hours, this will be paid different. IN all operations, efficiency and quality will be emphasized so as to retain and attract more customers through word of mouth. The first six months, the workers will be maintained at only three staff members and this will minimize the cost. After one year into operation, computer heavens will increase its staff depending on the requirement. It is believed that the company will have a larger customer base. The staff could be increased up to six members but this will highly depend on the business requirements of that time. At its third birthday, Computer Heavens will have proved its viability and should have an even larger staff and even have plans of expanding the business to other areas. The company plans to

Multi Protocol Label Switching Simulation Lab Report

Multi Protocol Label Switching Simulation - Lab Report Example Modem converts analog signal to digital signals & digital signal to analog signal. Today the internet seems to be an indispensable communication instrument, and everybody who is using the internet wants good services from internet service providers. Good service means, good downloading speed (means time related to opening, closing and downloading a file on the internet), good connectivity (Internet connection can be done easily on request), & transfer of data or file without interruption. Transfer of data or file without disturbance is a very critical factor on the internet, there are lots of internet connections providers, a lot of websites, a lot of data transfer, a lot of web server and lots of computer are accessing internet at the same time. Due to these usages, there is congestion on the internet, which results in delay in data transfer and also there is no surety that the data will be transferred completely. Today each and every organization wants to fulfill all the customers' needs. And the main agenda of most of the organization is Customer Satisfaction. Customer satisfaction is the key of success for any organization. Customer satisfaction can be achieved by providing good Quality of Service (QoS). Parameters for Quality of Service may vary from one organization to another. ... The performance of networking has complete dependence on the above four parameters. So if an organization wants to achieve customer satisfaction, they should have control on these parameters. For controlling these parameters, organizations use packet switching technology and Traffic Engineering. This technology depends on internet protocol addressing. Internet protocol addressing provides a unique number to a particular location. This unique numbers helps to find the location for transfer and minimize congestion. The internet protocol address is a twelve digit number. The Internet Engineering task force developed a technique known as Multi Protocol Label Switching (MPLS), to avoid congestion in networking, avoid delay in data transmission and keeping control on bandwidth. Multi Protocol Label Switching is based on internet protocol addressing. It involves packet data transfer. As the packet enters into Multi Protocol label switching, it receives a label. Depending upon the label Multi Protocol Label Switching defines the most suitable routing or path for data transfer. While defining the path Multi Protocol Label Switching analyze the load on the network & the type of traffic. Based on the analysis Multi Protocol Label Switching divides the traffic in a manner to minimize the network congestion. It also finds the shortest path for data transmission, which transmits the data from one location to other in the minimum time. Validation of MPLS Simulation: As we have come to know MPLS simulation is used to increase the efficiency of the network through minimizing congestion, now we have to validate that really this MPLS simulation is an effective tool for Internet service provider. There are various ways of proving or validating the MPLS

Chronicling America Essay Example | Topics and Well Written Essays - 750 words

Chronicling America - Essay Example However, much that has been written is about the Indians and their social-economic life. For instance, the author has written that the work done by the Indians in Minnesota brings them about $50,000 -$60,000 annually (Hauke, 1915). Also, the reader learns that these Indians are 95% industrious. This is well understood when the example of the full-blooded Chippewa is given that gets $100 monthly by being a forester. This is an indication that the Indians at Minnesota were hard working. The aspect of the Red Lake Minnesota Indians as living in deplorable conditions is also well captured by the author. Notably, the Red Lake News was a newspaper that published articles that lived in the vicinity of the Red Lake and not the Indians only. Notably, despite the fact that they live in such conditions, the author has clearly indicated the cooperation among the members of this community whereby they ensured that they lived comfortably. Much of the Indians activities both at home and at school w ere exhibited at fair thus enlightening the people that attended on the lives of the Indians. Also, the Indians activities while at school were also on display such as their progress in games and their social cohesion. In my opinion, the editor is trying to communicate on the importance of social cohesion in the society and the economic advantages that come with that togetherness. This is seen when the editor gives the names of the people who taught the Indians as well as the managers of the schools (Hauke, 1915).

Describe adjustments of the Hmong to America and to biomedicine Case Study

Describe adjustments of the Hmong to America and to biomedicine - Case Study Example Adjustments of the Hmong to America and to biomedicine In the US, inequalities in the health care units caused many Hmong Americans to lack health care insurance; furthermore, they are usually served inappropriately. Restrains on welfare budgets have also contributed to the poor services offered to the Hmong Americans. Moreover, traditional curing strategies practiced by the Hmong and the American health practices are contributing factors to them being poorly served. The Western health providers never recognize the Hmong American culture. For example, a child with seizures among the Hmong immigrants was diagnosed with epilepsy at a Western hospital. They then sent her home with a complex and varying types of medicines, which the parents administered irregularly. The parents then thought the child was affected by evil spirits, and started treating the child with different remedies including offering animal sacrifices. Since the two cultures did not mingle, the child became brain dead due to a massive seizure, though her people kept caring for her. This shows the significance of cross-cultural medical system (Fadiman 18). When people move to a new place and they have to change their cultural systems, they can use their own cultural processes in understanding the new culture. This is made easier when there is participation on the site of the receiving culture. However, this assistance was not there for the Hmong. Every component of the American culture was very dissimilar to their culture. This entailed house styles and every other external appearance of American culture. They were not helped to understand their new environment apart from the only guidelines they had, which were of the Hmong culture, and this was not applicable to their new environment (Fadiman 19). The American biomedical field is different from those of the Hmong community because their beliefs are etical. Medical students and other medical experts are accustomed to the health care practices dur ing their trainings. For example, according to the American culture, the scientific concerns are the ones that are real and are of clinical significance. The Materialistic approach has influenced how the patients in the hospital are handled. The Biomedical view makes Americans to believe that, magic never exists and there exists no other substitutes apart from what they believe. This has made the American Medical professionals to think that their medical systems are superior globally. Their view is rigid and judgmental and has unpleasant effects when treating patients from the Hmong culture (Fadiman 19). The Hmong people have their beliefs concerning the symptoms and healing of illnesses. They do not depend on the germ hypothesis regarding the causes of diseases, unlike the Americans. To them, diseases are caused by control of spirits, soul loss, and infringement of taboo. Their healers make the identification of illnesses and prescribe the appropriate treatment, unlike the America biomedical system. The adjustments to the system were difficult for the Hmong. The barriers that contributed to the difficulties in getting medical care deliveries are the lack of English proficiency, qualified health interpreters, and lack of clinical terminologies in their language. The cultural obstacle that made their adaptation to American life difficult is lack of trust for the western medication. Furthermore, they lacked awareness of the medical systems. They had negative thoughts concerning the medications, because the health providers did not

Constructing an Argument from Multiple Sources Essay

Constructing an Argument from Multiple Sources - Essay Example The environment comprises of the settings and conditions where man, animals and plants operate. Because every person shares it, it is our obligation to ensure that it is safeguarded and maintained. Presently, the environment is threatened by human beings who live in it. Global warming is causing the polar ice caps to melt risking the existence of the habitation present there. This means that people have to willingly opt to embrace a new lifestyle so that the environment can be preserved. For instance, people can endeavor to employ less energy conserve resources that are nonrenewable as well as minimize the negative consequences that are already on earth. In his book dubbed, â€Å"life after a year of not using toilet paper† Colin Beavan supports this argument by revealing how he spent an entire year without having any impact on earth and living a life that is purely eco effective (Green para 10). A no impact transition meant any transportation that employed fossil fuel powers like taxis, elevators, and subways could not be used. The main consequence that burning fossil fuels has on the environment is the greenhouse effect or global warming. Beavan argues in his book dubbed,† no impact man†, that during the combustion of these fuels, carbon dioxide is released in the atmosphere resulting in a number of crises in the environment. For instance, the burnt fossil, releases poisonous gases like sulphuric and carbonic acids which in turn damage the environment. Consequently, this makes the environment produce acidic rain which damages the lives of both animals and life. These damaging carbon dioxide results block the proper release of the earth’s infrared radiation. Consequently, this leads to rapid heating and an increase in climate change (Beavan 73). Furthermore, the fuels emitted can erode the ozone layer that safeguards the earth from the deadly sun radiation. Fossil wastes are

Social And Natural Sciences Essay Example | Topics and Well Written Essays - 1250 words

Social And Natural Sciences - Essay Example A great contribution of positivism into philosophical and methodological explorative methods is considered further on the example of social and natural sciences. In sociology, positivism is the core paradigmatic methodology. Science and inquiry are two basic pillars of positivism. Still, it is very important to solve the major problem of social sciences, which concerns results finding on the basis of complex species research and study. The roots of Positivism can be traced in the French Enlightenment. The philosopher suggested combining natural sciences principles with social sciences. Comte claimed that religion was conquered by science. It was much important those times to refer to facts and laws, than to suppositions and considerations. Scientific knowledge is outlined by Comte in the following way: the stage of fictitious, metaphysical and scientific knowledge. The last stage of knowledge, scientific knowledge, is preferential for Comte. The development of all other stages, if su ccessfully implemented, would result in scientific knowledge emergence. These stages of knowledge can be also sought in Empiricism. This science is based on observable facts, claiming that logical and mathematical roots are in the background of the facts. The main principle of positivism should be also found in â€Å"positive† information, which can be obtained from a positive experience. A methodological paradigm of positivism consists of science and inquiry. An empirical exploration is of crucial importance for any science.  ... These stages of knowledge can be also sought in Empiricism. This science is based on observable facts, claiming that logical and mathematical roots are on the background of the facts. The main principle of positivism should be also found in â€Å"positive† information, which can be obtained from a positive experience. Therefore, a methodological paradigm of positivism consists of science and inquiry. An empirical exploration is of crucial importance for any science. Thus, from positivist perspective it can be claimed that social phenomena are not distributed in accordance with certain or specific types, where the members of these types are homogenous (Cassell, 2002). In other words, positivist vision or methodology implemented in social sciences is not relevant to the fullest extent. Sociological phenomena are of inhomogeneous nature. For example, a structure of any sociological object or phenomena cannot be considered in accordance with specific features or characteristics, w hich are relevant at all times. Moreover, social processes and generalizations cannot be characterized simultaneously in accordance with homogenous characteristics. For sociological sciences it is of crucial importance to formulate specific hypotheses focused on special sociological events or imagination. A development of sociological theory is one possible way to develop explanations concerning sociological events or objects. Therefore, positivism is often criticized as irrelevant methodology applied for social inquiry. Social science requires development of special approaches focused on â€Å"contingency, heterogeneity, path-dependence, and particularity corresponding to the plasticity of

Auditing Essay Example for Free

Auditing Essay Course Texts: Prentice Hall – Auditing and Assurance Services – An Integrated Approach 15th edition. Arens/Elder/Beasley (Required) Please bring your textbook to each class session Class Hours: Monday / Wednesday 8:30 9:50 a.m. 119 Eppley Center Monday / Wednesday 10:20 11:40 a.m. 119 Eppley Center Monday / Wednesday 12:40 2:00 p.m. 119 Eppley Center Office Hours: Monday 2:30 – 4:00 p.m., N227 BCC Wednesday 2:30 – 4:00 p.m., N227 BCC Other hours available by appointment (please contact me to arrange an appointment.) During the week I check email constantly and am highly responsive. This is often times the best way to get a quick response. I can make individual appointments to meet with you during times when I am on campus if you want a one-on-one appointment to discuss grades and other more confidential matters. Our course consultant will be available on a regular basis for detailed material/grading questions. Course Consultant: John Kure ([emailprotected]) In addition to my office hours, John will be accessible to meet with you during the course. He will be available to answer your questions about grading as well as to provide advising and consultation regarding other  course-related matters at the following times: TBD Course Web Page: The course has a web page in Desire2Learn, and you should check it often. The course consultant and I will use this site to communicate with the class periodically during the semester. The page will also include a number of assignments and other relevant and important course materials. We plan to track your grades using the Gradebook feature on this site. POLICIES FOR CONDUCT OF THE COURSE 1. BROAD OBJECTIVES OF THE COURSE The overall objective of this course is to help each student obtain the skills, knowledge, and attitude to maximize the likelihood of practicing successfully after graduation. This overall objective is to: Aid in preparing you for the auditing section of the CPA exam. Develop technical and application auditing skills, including evidence accumulation and workpaper documentation. Practice communication skills in the context of auditing practice. Learn about a business approach to auditing which emphasizes relevance of general business and environmental knowledge awareness. Develop professional judgment in materiality and risk assessment, in ethical conduct, in the application of generally accepted auditing standards, and in the determination of sufficient competent evidential matter. 2.SPECIFIC OBJECTIVES This course is intended to be an introduction to the audit process and the role of auditing in organizations and in financial markets. It will not make you an auditor – that comes only with extensive experience – and it will not specifically prepare you for the auditing section of professional exams (e.g., CPA, CIA, etc.). However, the course should provide you with the basic knowledge so that, with additional self-study or by taking a review course, you will pass the auditing components of those exams. We will be studying the following topics, with the objective of gaining a sufficient understanding of each to enable you to apply, evaluate, and use them throughout your career: Demand for audits and attestations. Audit risk model. Concept of materiality. Assessing inherent risk. Assessing control risk. Audit evidence: a) planning. b) the role of sample evidence. c) evidence collection. d) evidence evaluation. Reporting requirements. Quality assurance of the audit process. Auditing environment: a) professionalism and self regulation. b) external regulation. 3.CLASS FORMAT Auditing is a challenging and demanding profession. To provide coverage of a significant amount of material and to allow for active learning, the class meetings will be held assuming you have read the assigned material prior to class and are prepared to contribute to class discussions every session. The textbook and readings should give you a fundamental understanding of the topic before we discuss it in class. Please feel free to raise any questions you have about the material before, during, or after class. Class meetings will consist of a combination of lecture, open discussion, and a number of active learning opportunities. Meeting time will allow for discussion of current topics and student questions and concerns. Additionally, time will be spent on active learning opportunities that  include, but are not limited to, homework problems, in-class group assignments, case studies, quizzes, and exams. 4.REQUIRED COURSE MATERIALS You will need to purchase the textbook as described above under Course Text. Previously used packages may not contain the required problems and/or worksheets. Case work will be provided in your book or by instructor. No purchase is necessary for case work. 5. GRADING Final grades will be based upon your points earned in relation to the total points available. Some of these points will be awarded based on your individual performance on exams. However, since auditing is a team effort in the real world, you will be organized into teams of 3 or 4 for some group assignments. Group members are expected to be conscientious and fully committed to sharing group work. Upon agreement of the other group members, and after meeting with me, a group member who is not adequately participating may be removed from the group. That person will then be required to complete the group assignments individually, and I will reserve the right to penalize project points equal to one letter grade. Total points will be distributed as follows: Grading Scale: The final grade for this course will be based upon a curve. (No particular accumulation of points constitutes a 4.0 or a 2.0 for example.) This is a competitive grading scale based course. QUIZZES You will be given 5 in-class quizzes during the semester. Each quiz is worth 10 points. The quizzes may consist of true/false questions, multiple-choice questions, and/or matching. Quizzes will begin promptly at the beginning of class. Latecomers will NOT be given extra time. Absentees will NOT be given make-ups, except in certain PRE-APPROVED, school-related instances. Quizzes cannot be made up after the fact for any circumstance. Your lowest quiz grade will be dropped at the end of the semester. WRITING ASSIGNMENTS You will be asked to complete 5 in-class writing assignments throughout the semester. Each writing assignment is worth 10 points. The writing assignments will be graded based on effort. These in-class writing assignments may be done at the beginning of class to lead us into discussion of a certain topic, or they may be done at the end of class to help me assess your understanding of material/case study that we have covered in class or they may take place during the class in groups to stimulate discussion. Your lowest in-class writing assignment grade will be dropped at the end of the semester. GROUP PROJECT You will work in groups of 4-5 to complete a group project. Details about the project assignment will be given mid-semester, and work on the project should be on-going throughout the remainder of the semester. The project will be worth a total of 40 points. EXAMS Three exams will be given during regular class time. Makeup exams will not be given unless extraordinary circumstances are involved. To the extent it is possible, you will be expected to notify me before the scheduled exam if an extraordinary circumstance exists. Exams will be composed of some combination of multiple-choice questions and short answer non-multiple-choice questions, patterned after the auditing portion of the CPA examination. The exams are designed and graded to evaluate your understanding of the auditing concepts and your ability to communicate the results of your analysis of the textbook, class projects, homework assignments, and any class discussion. Homework Although not assigned graded points, the suggested homework problems can be helpful to ensure your understanding of the material. You may visit the course consultant’s office hours to see solutions to these problems if you would like to tackle this extra work. 6.POINTS OF EMPHASIS Academic Honesty and Integrity You are responsible for adhering to the University guidelines on Academic Honesty and Integrity and to The Eli Broad College of Business Undergraduate Honor Code, available in its entirety at http://www.bus.msu.edu/information/news.cfm?newsid=767. According to the Code, it â€Å"applies to all undergraduate students enrolled in the College or  in any course sponsored by the College.† Thus, as a student in ACC 411, you are required to review, comprehend, and abide by the Code. The penalties for a violation of the University guidelines and/or the Code can be quite severe. Unless explicitly indicated otherwise, all graded assignments are expected to be the result of your original work. Academic dishonesty will be dealt with in the harshest manner available within the University or College guidelines. Should you have any questions about this policy, please see me immediately. Quality and Neatness of Work All work submitted in this class is subject to a penalty for sloppy presentation, poor writing, and other characteristics which detract from the professionalism expected from auditors. ACC 411 is an upper level course for accounting majors, and it is possible that it will be the only course you take related to auditing prior to starting your professional career. As such, I expect your work to reflect your preparation for professional careers. Participation and Other Classroom Considerations Participation and attendance are considered highly important in this class. I will not take attendance each day; however your attendance and participation will be noted and taken into account. I do expect that if you attend class you will be present for the entire class. I will consider tardiness, early departures and use of electronic devices when calculating your attendance, participation and professionalism score. If you will be late to the start of class or need to depart early, please let me know ahead of time as a courtesy. Religious Holidays I respect religious observances and have made allowances in the syllabus to  ensure that students are not penalized for missing some class days (i.e., I count the top 4 of 5 quizzes/writing assignments). However, please notify me at the beginning of the semester if you expect a conflict on exam days. Final Exam Per the University’s Final Exam Policy: A student absent from a final examination without a satisfactory explanation will receive a grade of 0.0 on the numerical system, NC on the CR-NC system, or N in the case of a course authorized for grading on the P-N system. Students unable to take a final examination because of illness or other reason over which they have no control should notify the associate deans of their colleges immediately. Social Media As members of a learning community, students are expected to respect the intellectual property of course instructors. All course materials presented to students are the copyrighted property of the course instructor and are subject to the following conditions of use: 1. Students may record lectures or any other classroom activities and use the recordings only for their own course-related purposes. 2. Students may not share the recordings with other students enrolled in the class. Sharing is limited to using the recordings only for their own course-related purposes. 3. Students may not post the recordings or other course materials online or distribute them to anyone not enrolled in the class without the advance written permission of the course instructor and, if applicable, any students whose voice or image is included in the recordings. 4. Any student violating the conditions described above may face academic disciplinary sanctions.

Computers Insiders Threat

Computers Insiders Threat While attacks on computers by outside intruders are more publicized, attacks perpetrated by insiders are very common and often more damaging. Insiders represent the greatest threat to computer security because they understand their organizations business and how their computer systems work. They have both the confidentiality and access to perform these attacks. An inside attacker will have a higher probability of successfully breaking into the system and extracting critical information. The insiders also represent the greatest challenge to securing the company network because they are authorized a level of access to the file system and granted a degree of trust. A system administrator angered by his diminished role in a thriving defense manufacturing firm whose computer network he alone had developed and managed, centralized the software that supported the companys manufacturing processes on a single server, and then intimidated a coworker into giving him the only backup tapes for that software. Following the system administrators termination for inappropriate and abusive treatment of his coworkers, a logic bomb previously planted by the insider detonated, deleting the only remaining copy of the critical software from the companys server. The company estimated the cost of damage in excess of $10 million, which led to the layoff of some 80 employees. An application developer, who lost his IT sector job as a result of company downsizing, expressed his displeasure at being laid off just prior to the Christmas holidays by launching a systematic attack on his former employers computer network. Three weeks following his termination, the insider used the username and password of one of his former coworkers to gain remote access to the network and modify several of the companys web pages, changing text and inserting pornographic images. He also sent each of the companys customers an email message advising that the website had been hacked. Each email message also contained that customers usernames and passwords for the website. An investigation was initiated, but it failed to identify the insider as the perpetrator. A month and a half later, he again remotely accessed the network, executed a script to reset all network passwords and changed 4,000 pricing records to reflect bogus information. This former employee ultimately was identified as the perpetrator and prosecuted. He was sentenced to serve five months in prison and two years on supervised probation, and ordered to pay $48,600 restitution to his former employer. A city government employee who was passed over for promotion to finance director retaliated by deleting files from his and a coworkers computers the day before the new finance director took office. An investigation identified the disgruntled employee as the perpetrator of the incident. City government officials disagreed with the primary police detective on the case as to whether all of the deleted files were recovered. No criminal charges were filed, and, under an agreement with city officials, the employee was allowed to resign. These incidents of sabotage were all committed by â€Å"insiders:† individuals who were, or previously had been, authorized to use the information systems they eventually employed to perpetrate harm. Insiders pose a substantial threat by virtue of their knowledge of, and access to, employer systems and/or databases. Keeney, M., et al (2005) The Nature of Security Threats The greatest threat to computer systems and information comes from humans, through actions that are either malicious or ignorant 3 . Attackers, trying to do harm, exploit vulnerabilities in a system or security policy employing various methods and tools to achieve their aims. Attackers usually have a motive to disrupt normal business operations or to steal information. The above diagram is depicts the types of security threats that exist. The diagram depicts the all threats to the computer systems but main emphasis will be on malicious â€Å"insiders†. The greatest threat of attacks against computer systems are from â€Å"insiders† who know the codes and security measures that are in place 45. With very specific objectives, an insider attack can affect all components of security. As employees with legitimate access to systems, they are familiar with an organizations computer systems and applications. They are likely to know what actions cause the most damage and how to get away with it undetected. Considered members of the family, they are often above suspicion and the last to be considered when systems malfunction or fail. Disgruntled employees create mischief and sabotage against systems. Organizational downsizing in both public and private sectors has created a group of individuals with significant knowledge and capabilities for ma licious activities 6 and revenge. Contract professionals and foreign nationals either brought into the U.S. on work visas to meet labor shortages or from offshore outsourcing projects are also included in this category of knowledgeable insiders. Common Insider Threat Common cases of computer-related employee sabotage include: changing data; deleting data; destroying data or programs with logic bombs; crashing systems; holding data hostage; destroying hardware or facilities; entering data incorrectly, exposing sensitive and embarrassing proprietary data to public view such as the salaries of top executives. Insiders can plant viruses, Trojan horses or worms, browse through file systems or program malicious code with little chance of detection and with almost total impunity. A 1998 FBI Survey 7 investigating computer crime found that of the 520 companies consulted, 64% had reported security breaches for a total quantifiable financial loss of $136 millions. (See chart) The survey also found that the largest number of breaches were by unauthorized insider access and concluded that these figures were very conservative as most companies were unaware of malicious activities or reluctant to report breaches for fear of negative press. The survey reported that the average cost of an attack by an outsider (hacker) at $56,000, while the average insider attack cost a company in excess $2.7 million. It found that hidden costs associated with the loss in staff hours, legal liability, loss of proprietary information, decrease in productivity and the potential loss of credibility were impossible to quantify accurately. Employees who have caused damage have used their knowledge and access to information resources for a range of motives, including greed, revenge for perceived grievances, ego gratification, resolution of personal or professional problems, to protect or advance their careers, to challenge their skill, express anger, impress others, or some combination of these concerns. Insider Characteristics The majority of the insiders were former employees. †¢ At the time of the incident, 59% of the insiders were former employees or contractors of the affected organizations and 41% were current employees or contractors. †¢ The former employees or contractors left their positions for a variety of reasons. These included the insiders being fired (48%), resigning (38%), and being laid off (7%). Most insiders were either previously or currently employed full-time in a technical position within the organization. †¢ Most of the insiders (77%) were full-time employees of the affected organizations, either before or during the incidents. Eight percent of the insiders worked part-time, and an additional 8% had been hired as contractors or consultants. Two (4%) of the insiders worked as temporary employees, and one (2%) was hired as a subcontractor. †¢ Eighty-six percent of the insiders were employed in technical positions, which included system administrators (38%), programmers (21%), engineers (14%), and IT specialists (14%). Of the insiders not holding technical positions, 10% were employed in a professional position, which included, among others, insiders employed as editors, managers, and auditors. An additional two insiders (4%) worked in service positions, both of whom worked as customer service representatives. Insiders were demographically varied with regard to age, racial and ethnic background, gender, and marital status. The insiders ranged in age from 17 to 60 years (mean age = 32 years)17 and represented a variety of racial and ethnic backgrounds. Ninety-six percent of the insiders were male. Forty-nine percent of the insiders were married at the time of the incident, while 45% were single, having never married, and 4% were divorced. Just under one-third of the insiders had an arrest history. Thirty percent of the insiders had been arrested previously, including arrests for violent offenses (18%), alcohol or drug related offenses (11%), and nonfinancial/ fraud related theft offenses (11%). Organization Characteristics The incidents affected organizations in the following critical infrastructure sectors: †¢ banking and finance (8%) †¢ continuity of government (16%) †¢ defense industrial base (2%) †¢ food (4%) †¢ information and telecommunications (63%) †¢ postal and shipping (2%) †¢ public health (4%) In all, 82% of the affected organizations were in private industry, while 16% were government entities. Sixty-three percent of the organizations engaged in domestic activity only, 2% engaged in international activity only, and 35% engaged in activity both domestically and internationally. What motivate insiders? Internal attackers attempt to break into computer networks for many reasons. The subject has been fruitfully studied and internal attackers are used to be motivated with the following reasons [BSB03]: †¢ Challenge Many internal attackers initially attempt to break into networks for the challenge. A challenge combines strategic and tactical thinking, patience, and mental strength. However, internal attackers motivated by the challenge of breaking into networks often do not often think about their actions as criminal. For example, an internal attack can be the challenge to break into the mail server in order to get access to different emails of any employee. †¢ Revenge Internal attackers motivated by revenge have often ill feelings toward employees of the same company. These attackers can be particularly dangerous, because they generally focus on a single target, and they generally have patience. In the case of revenge, attackers can also be former employees that feel that they have been wrongfully fired. For example, a former employee may be motivated to launch an attack to the company in order to cause financial losses. †¢ Espionage Internal attackers motivated by espionage, steal confidential information for a third party. In general, two types of espionage exists: Industrial espionage Industrial espionage means that a company may pay its own employees in order to break into the networks of its competitors or business partners. The company may also hire someone else to do this. International espionage International espionage means that attackers work for governments and steal confidential information for other governments. Definitions of insider threat 1) The definition of insider threat should encompass two main threat actor categories and five general categories of activities. The first actor category, the â€Å"true insider,† is defined as any entity (person, system, or code) authorized by command and control elements to access network, system, or data. The second actor category, the â€Å"pseudo-insider,† is someone who, by policy, is not authorized the accesses, roles, and/or permissions they currently have but may have gotten them inadvertently or through malicious activities. The activities of both fall into five general categories: exceeds given network, system or data permissions; conducts malicious activity against or across the network, system or data; provided unapproved access to the network, system or data; circumvents security controls or exploits security weaknesses to exceed authorized permitted activity or disguise identify; or non-maliciously or unintentionally damages resources (network, system or data) by destruction, corruption, denial of access, or disclosure. (Presented at the University of Louisville Cyber Securitys Day, October 2006) 2) Insiders — employees, contractors, consultants, and vendors — pose as great a threat to an organizations security posture as outsiders, including hackers. Few organizations have implemented the policies, procedures, tools, or strategies to effectively address their insider threats. An insider threat assessment is a recommended first step for many organizations, followed by policy review, and employee awareness training. (Insider Threat Management Presented by infoLock Technologies) 3)Employees are an organizations most important asset. Unfortunately, they also present the greatest security risks. Working and communicating remotely, storing sensitive data on portable devices such as laptops, PDAs, thumb drives, and even iPods employees have extended the security perimeter beyond safe limits. While convenient access to data is required for operational efficiency, the actions of trusted insiders not just employees, but consultants, contactors, vendors, and partners must be actively managed, audited, and monitored in order to protect sensitive data. (Presented by infoLock Technologies) 4) The diversity of cyber threat has grown over time from network-level attacks and password cracking to include newer classes such as insider attacks, email worms and social engineering, which are currently recognized as serious security problems. However, attack modeling and threat analysis tools have not evolved at the same rate. Known formal models such as attack graphs perform action-centric vulnerability modeling and analysis. All possible atomic user actions are represented as states, and sequences which lead to the violation of a specie safety property are extracted to indicate possible exploits. (Ramkumar Chinchani, Anusha Iyer, Hung Ngo, Shambhu Upadhyaya) 5) The Insider Threat Study, conducted by the U.S. Secret Service and Carnegie Mellon Universitys Software Engineering Institute CERT Program, analyzed insider cyber crimes across U.S. critical infrastructure sectors. The study indicates that management decisions related to organizational and employee performance sometimes yield unintended consequences magnifying risk of insider attack. Lack of tools for understanding insider threat, analyzing risk mitigation alternatives, and communicating results exacerbates the problem. (Dawn M. Cappelli, Akash G. Desai) 6) The insider threat or insider problem is cited as the most serious security problem in many studies. It is also considered the most difficult problem to deal with, because an insider has information and capabilities not known to other, external attackers. But the studies rarely define what the insider threat is, or define it nebulously. The difficulty in handling the insider threat is reasonable under those circumstances; if one cannot define a problem precisely, how can one approach a solution, let alone know when the problem is solved? (Matt Bishop 2005) Five common insider threat Exploiting information via remote access software A considerable amount of insider abuse is performed offsite via remote access software such as Terminal Services, Citrix and GoToMyPC. Simply put, users are less likely to be caught stealing sensitive information when they can it do offsite. Also, inadequately protected remote computers may turn up in the hands of a third-party if the computer is left unattended, lost or stolen. 2.) Sending out information via e-mail and instant messaging Sensitive information can simply be included in or attached to an e-mail or IM. Although this is a serious threat, its also one of the easiest to eliminate. 3.) Sharing sensitive files on P2P networks Whether or not you allow peer-to-peer file sharing software such as Kazaa or IM on your network, odds are its there and waiting to be abused. The inanimate software in and of itself is not the problem its how its used that causes trouble. All it takes is a simple misconfiguration to serve up your networks local and network drives to the world. 4.) Careless use of wireless networks Perhaps the most unintentional insider threat is that of insecure wireless network usage. Whether its at a coffee shop, airport or hotel, unsecured airwaves can easily put sensitive information in jeopardy. All it takes is a peek into e-mail communications or file transfers for valuable data to be stolen. Wi-Fi networks are most susceptible to these attacks, but dont overlook Bluetooth on smartphones and PDAs. Also, if you have WLANs inside your organization, employees could use it to exploit the network after hours. 5.) Posting information to discussion boards and blogs Quite often users post support requests, blogs or other work-related messages on the Internet. Whether intentional or not, this can include sensitive information and file attachments that put your organization at risk. Views of different authors about insider threat 1) Although insiders in this report tended to be former technical employees, there is no demographic â€Å"profile† of a malicious insider. Ages of perpetrators ranged from late teens to retirement. Both men and women were malicious insiders. Their positions included programmers, graphic artists, system and network administrators, managers, and executives. They were currently employed and recently terminated employees, contractors, and temporary employees. As such, security awareness training needs to encourage employees to identify malicious insiders by behavior, not by stereotypical characteristics. For example, behaviors that should be a source of concern include making threats against the organization, bragging about the damage one could do to the organization, or discussing plans to work against the organization. Also of concern are attempts to gain other employees passwords and to fraudulently obtain access through trickery or exploitation of a trusted relationship. Insiders can be stopped, but stopping them is a complex problem. Insider attacks can only be prevented through a layered defense strategy consisting of policies, procedures, and technical controls. Therefore, management must pay close attention to many aspects of its organization, including its business policies and procedures, organizational culture, and technical environment. Organizations must look beyond information technology to the organizations overall business processes and the interplay between those processes and the technologies used. (Michelle Keeney, J.D., Ph.D. atal 2005) 2) While attacks on computers by outside intruders are more publicized, attacks perpetrated by insiders are very common and often more damaging. Insiders represent the greatest threat to computer security because they understand their organizations business and how their computer systems work. They have both the confidentiality and access to perform these attacks. An inside attacker will have a higher probability of successfully breaking into the system and extracting critical information. The insiders also represent the greatest challenge to securing the company network because they are authorized a level of access to the file system and granted a degree of trust. (Nam Nguyen and Peter Reiher, Geoffrey H. Kuenning) 3) Geographically distributed information systems achieve high availability that is crucial to their usefulness by replicating their state. Providing instant access at time of need regardless of current network connectivity requires the state to be replicated in every geographical site so that it is locally available. As network environments become increasingly hostile, we have to assume that part of the distributed information system will be compromised at some point. The problem of maintaining a replicated state in such a system is magnified when insider (or Byzantine) attacks are taken into account. (Yair Amir Cristina Nita-Rotaru) 4) In 2006, over 60% of information security breaches were attributable to insider behavior, yet more than 80% of corporate IT security budgets were spent on securing perimeter defenses against outside attack. Protecting against insider threats means managing policy, process, technology, and most importantly, people. Protecting against insider threats means managing policy, process, technology, and most importantly, people.The Insider Threat Assessment security awareness training, infrastructure reconfiguration, or third party solutions, you can take comfort in knowing that you have made the right choice to improve your security posture, and you will achieve your expected Return on Security Investment. (Presented by infoLock Technologies) 5) The threat of attack from insiders is real and substantial. The 2004 ECrime Watch Survey TM conducted by the United States Secret Service, CERT  ® Coordination Center (CERT/CC), and CSO Magazine, 1 found that in cases where respondents could identify the perpetrator of an electronic crime, 29 percent were committed by insiders. The impact from insider attacks can be devastating. One complex case of financial fraud committed by an insider in a financial institution resulted in losses of over $600 million. 2 Another case involving a logic bomb written by a technical employee working for a defense contractor resulted in $10 million in losses and the layoff of 80 employees. (Dawn Cappelli, Andrew Moore, Timothy Shimeall,2005) 6) Insiders, by virtue of legitimate access to their organizations information, systems, and networks, pose a significant risk to employers. Employees experiencing financial problems have found it easy to use the systems they use at work everyday to commit fraud. Other employees, motivated by financial problems, greed, or the wish to impress a new employer, have stolen confidential data, proprietary information, or intellectual property from their employer. Lastly, technical employees, possibly the most dangerous because of their intimate knowledge of an organizations vulnerabilities, have used their technical ability to sabotage their employers system or network in revenge for some negative work-related event. (Dawn M. Cappelli, Akash G. Desai ,at al 2004) 7) The insider problem is considered the most difficult and critical problem in computer security. But studies that survey the seriousness of the problem, and research that analyzes the problem, rarely define the problem precisely. Implicit definitions vary in meaning. Different definitions imply different countermeasures, as well as different assumptions. (Matt Bishop 2005) Solution: User monitoring Insiders have two things that external attackers dont: privileged access and trust. This allows them to bypass preventative measures, access mission-critical assets, and conduct malicious acts all while flying under the radar unless a strong incident detection solution is in place. A number of variables motivate insiders, but the end result is that they can more easily perpetrate their crimes than an outsider who has limited access. Insiders can directly damage your business resulting in lost revenue, lost customers, reduced shareholder faith, a tarnished reputation, regulatory fines and legal fees. With such an expansive threat, organizations need an automated solution to help detect and analyze malicious insider activity. These are some points which could be helpful in monitoring and minimizing the insider threats: Detecting insider activity starts with an expanded log and event collection. Firewalls, routers and intrusion detection systems are important, but they are not enough. Organizations need to look deeper to include mission critical applications such as email applications, databases, operating systems, mainframes, access control solutions, physical security systems as well as identity and content management products. Correlation: identifying known types of suspicious and malicious behavior Anomaly detection: recognizing deviations from norms and baselines. Pattern discovery: uncovering seemingly unrelated events that show a pattern of suspicious activity From case management, event annotation and escalation to reporting, auditing and access to insider-relevant information, the technical solution must be in line with the organizations procedures. This will ensure that insiders are addressed consistently, efficiently and effectively regardless of who they are. Identify suspicious user activity patterns and identify anomalies. Visually track and create business-level reports on users activity. Automatically escalate the threat levels of suspicious and malicious individuals. Respond according to your specific and unique corporate governing guidelines. Early detection of insider activity based on early warning indicators of suspicious behavior, such as: Stale or terminated accounts Excessive file printing, unusual printing times and keywords printed Traffic to suspicious destinations Unauthorized peripheral device access Bypassing security controls Attempts to alter or delete system logs Installation of malicious software The Insider Threat Study? The global acceptance, business adoption and growth of the Internet, and of Internetworking technologies in general, in response to customer requests for online access to business information systems, has ushered in an extraordinary expansion of electronic business transactions. In moving from internal (closed) business systems to open systems, the risk of malicious attacks and fraudulent activity has increased enormously, thereby requiring high levels of information security. Prior to the requirement for online, open access, the information security budget of a typical company was less then their tea and coffee expenses. Securing cyberspace has become a national priority. In The National Strategy to Secure Cyberspace, the Presidents Critical Infrastructure Protection Board identified several critical infrastructure sectors10: banking and finance information and telecommunications transportation postal and shipping emergency services continuity of government public health Universities chemical industry, textile industry and hazardous materials agriculture defense industrial base The cases examined in the Insider Threat Study are incidents perpetrated by insiders (current or former employees or contractors) who intentionally exceeded or misused an authorized level of network, system, or data access in a manner that affected the security of the organizations data, systems, or daily business operations. Incidents included any compromise, manipulation of, unauthorized access to, exceeding authorized access to, tampering with, or disabling of any information system, network, or data. The cases examined also included any in which there was an unauthorized or illegal attempt to view, disclose, retrieve, delete, change, or add information. A completely secure, zero risk system is one which has zero functionality. Latest technology high-performance automated systems bring with them new risks in the shape of new attacks, new viruses and new software bugs, etc. IT Security, therefore, is an ongoing process. Proper risk management keeps the IT Security plans, policies and procedures up to date as per new requirements and changes in the computing environment. To implement controls to counter risks requires policies, and policy can only be implemented successfully if the top management is committed. And policys effective implementation is not possible without the training and awareness of staff. The State Bank of Pakistan recognizes that financial industry is built around the sanctity of the financial transactions. Owing to the critical role of financial institutions for a country and the extreme sensitivity of their information assets, the seriousness of IT Security and the ever-increasing threats it faces in todays open world cannot be overstated. As more and more of our Banking Operations and products services become technology driven and dependent, consequently our reliance on these technology assets increases, and so does the need to protect and safeguard these resources to ensure smooth functioning of the financial industry. Here are different area in which we can work and check insider threat, but I chose textile industry as in textile industry there is less awareness of the insider threat. If an insider attack in an industry then industrialist try to cover up this news as these types of news about an industry can damage the reputation of the industry. CHAPTER 2 REVIEW OF LITRATURE S, Axelsson. ,(2000) Anonymous 2001 Continuity of operations and correct functioning of information systems is important to most businesses. Threats to computerised information and process are threats to business quality and effectiveness. The objective of IT security is to put measures in place which eliminate or reduce significant threats to an acceptable level. Security and risk management are tightly coupled with quality management. Security measures should be implemented based on risk analysis and in harmony with Quality structures, processes and checklists. What needs to be protected, against whom and how? Security is the protection of information, systems and services against disasters, mistakes and manipulation so that the likelihood and impact of security incidents is minimised. IT security is comprised of: Confidentiality: Sensitive business objects (information processes) are disclosed only to authorised persons. ==> Controls are required to restrict access to objects. Integrity: The business need to control modification to objects (information and processes). ==> Controls are required to ensure objects are accurate and complete.

Case Study Analysis Cost Of Capital At Ameritrade Finance Essay

Case Study Analysis Cost Of Capital At Ameritrade Finance Essay Capital Asset Pricing Model is a model that describes the relationship between risk and expected return  and  that is used in the pricing of risky securities. Description: Capital Asset Pricing Model (CAPM) The general idea behind CAPM is that investors need to be compensated in two ways: time value of money  and risk. The time value of money is represented by the risk-free(rf) rate  in the formula and compensates the investors for placing money in any investment over a period of time. The other half of the formula represents risk and calculates the amount of compensation the investor needs for taking on  additional risk. This is calculated by taking a risk measure (beta)  that compares the returns of the asset to the market over a period of time and to the market premium (Rm-rf). The CAPM says that the expected return of a security or a portfolio equals the rate on a risk-free security plus a risk premium. If this expected return does not meet or beat the required return, then the investment should not be undertaken. The security market line plots the results of the CAPM for all different risks (betas). Using the CAPM model  and the following assumptions, we can compute the expected return of a stock in this CAPM example: if the risk-free rate is  3%, the beta (risk measure) of the stock is 2 and the expected market return over the period is 10%, the stock is expected to return 17% (3%+2(10%-3%)). CAPM has a lot of important consequences. For one thing it turns finding the efficient frontier into a doable task, because you only have to calculate the co-variances of every pair of classes, instead of every pair of everything. Another consequence is that CAPM implies that investing in individual stocks is pointless, because you can duplicate the reward and risk characteristics of any security just by using the right mix of cash with the appropriate asset class. This is why followers of MPT avoid stocks, and instead build portfolios out of low cost index funds. Cap-M looks at risk and rates of return and compares them to the overall stock market. If you use CAPM you have to assume that most investors want to avoid risk, (risk averse), and those who do take risks, expect to be rewarded. It also assumes that investors are price takers who cant influence the price of assets or markets. With CAPM you assume that there are no transactional costs or taxation and assets and securities are divisible into small little packets. CAPM assumes that investors are not limited in their borrowing and lending under the risk free rate of interest. How to Calculate the Cost of Equity CAPM The cost of equity is the amount of compensation an investor requires to invest in an equity investment. The cost of equity is estimable is several ways, including the capital asset pricing model (CAPM). The formula for calculating the cost of equity using CAPM is the risk-free rate plus beta times the market risk premium. Beta compares the risk of the asset to the market, so it is a risk that, even with diversification, will not go away. As an example, a company has a beta of 0.9, the risk-free rate is 1 percent and the expected return on the equity investment is 4 percent. Instructions Determine the market risk premium. The market risk premium equals the expected return minus the risk-free rate. The risk-free rate of return is usually the United States three-month Treasury bill rate. In our example, 4 percent minus 1 percent equals 3 percent. Multiply the market risk premium by beta. In our example, 3 percent times 0.9 equals 0.027. Add the risk-free rate to the number calculated in Step 2 to determine the cost of equity. In our example, 0.027 plus 0.01 equals a cost of equity of 0.037 or 3.7 percent. . Combining the risk-free asset and the market portfolio gives the portfolio frontier. The risk of an individual asset is characterized by its co-variability with the market portfolio. The part of the risk that is correlated with the market portfolio, the systematic risk, cannot be diversified away. Bearing systematic risk needs to be rewarded. The part of an assets risk that is not correlated with the market portfolio, the non-systematic risk, can be diversified away by holding a frontier portfolio. Bearing non-systematic risk need not be rewarded. For any asset i: where We thus have an asset pricing model the CAPM. Example. Suppose that CAPM holds. The expected market return is 14% and T-bill rate is 5%. What should be the expected return on a stock with ÃŽÂ ² = 0? Answer: Same as the risk-free rate, 5%. à ¢Ã¢â€š ¬Ã‚ ¢ The stock may have significant uncertainty in its return. à ¢Ã¢â€š ¬Ã‚ ¢ This uncertainty is uncorrelated with the market return. What should be the expected return on a stock with ÃŽÂ ² = 1? Answer: The same as the market return, 14%. What should be the expected return on a portfolio made up of 50% T-bills and 50% market portfolio? Answer: the expected return should be  ¯r = (0.5)(0.05)+(0.5)(0.14) = 9.5%. Multifactor CAPM In CAPM, investors care about returns on their investments over the next short horizon they follow myopic investment strategies. In practice, however: à ¢Ã¢â€š ¬Ã‚ ¢ Investors do invest over long horizons à ¢Ã¢â€š ¬Ã‚ ¢ Investment opportunities do change over time. In equilibrium, an assets premium is given by a multi-factor CAPM : Limitations of CAPM Based on highly restrictive assumptions i.e. no tax, transaction costs etc Serious doubts about its testability. Market factor is not the sole factor influencing stock returns. Summary of CAPM CAPM is attractive: 1. It is simple and sensible: is built on modern portfolio theory distinguishes systematic risk and non-systematic risk provides a simple pricing model. 2. It is relatively easy to implement. CAPM is controversial: 1. It is difficult to test: difficult to identify the market portfolio difficult to estimate returns and betas. 2. Empirical evidence is mixed. 3. Alternative pricing models might do better. Multi-factor CAPM. Consumption CAPM (C-CAPM). APT. Other Methods for calculating cost of equity There are 3 methods which are mainly used for calculating Cost of equity other than CAPM Arbitrage Pricing theory 3 factor method Dividend Growth Method Arbitrage Pricing Theory APT assumes that returns on securities are generated by number of industry-wide and market-wide factors. Correlation between a pair of securities occurs when these securities are affected by the SAME factor or factors. Return on any stock traded in a financial market consists of two parts. R = Re + U Where, R = return on any stock Re = Expected or Normal return (depends on all of information shareholders have on the stock for next month.) U = Uncertain or Risky return (this comes from information revealed in the month) U = m +  Ã‚ ¥Ã¢â€š ¬Ã‚   Where, m = Systematic risk or market risk (it influences all assets of market)  Ã‚ ¥Ã¢â€š ¬Ã‚  Ã¢â€š ¬Ã‚  Ã¢â€š ¬Ã‚ ½ Unsystematic risk (it affects single asset or small group interrelated of assets, it is specific to company) The capital asset pricing theory begins with an analysis of how investors construct efficient portfolios. But in real life scenarios, it isnt necessary that every time portfolios will be efficient. It is developed by Stephen Ross. Moreover, the return is assumed to obey the following simple relationship: Where b1, b2 and b3 are sensitivities associated with factor 1, factor 2 and factor 3 which can be interest rate or other price factors. Noise =  Ã‚ ¥ is event unique to the company. APT states that the expected risk premium on a stock should depend on the expected risk premium associated with each factor and the stocks sensitivity to each of the factors. Thus, formula modifies to: Where, rf = risk free rate is subtracted from each return to give risk premium associated from each factor. Analysis of the formula: If we put value for b = 0, the expected risk premium will be zero. It will create a diversified portfolio which has zero sensitivity to macroeconomic factor which offers risk free rate of interest. Portfolio offered a higher return, investors could make a risk-free (or arbitrage) profit by borrowing to buy the portfolio. If it offered a lower return, you could make an arbitrage profit by running the strategy in reverse; in other words, you would sell the portfolio and invest the proceeds in U.S. Treasury bills. Consider portfolio A and B are sensitive to factor 1, A is twice sensitive to factor1 as then portfolio Therefore, if you divided your money equally between U.S. Treasury bills and portfolio A, combined portfolio would have exactly the same sensitivity to factor 1 as portfolio B and would offer the same risk premium. Steps of Arbitrage Pricing Theory The various steps during Arbitrage Pricing Theory can be stated as: Identify the macroeconomic factors: APT doesnt indicate which factors are to be considered. But there are 6 principle factors which are: Yield spread interest rate, exchange rate, GNP inflation portion of the market return Estimate the risk premium of each factor Estimate the factor sensitivity Net Return = risk free interest rate + expected risk premium 3 factor model It is a special case of APT It considers 3 major factors called as market factor size factor book to market factor. There is also evidence that these factors are related to company profitability and therefore may be picking up risk factors that are left out of the simple CAPM. The practical application of this model is to estimate the betas for the three factors and then use them to predict where returns should fall, much like the CAPM. It was researched by Fama and French. Dividend Growth Method Dividend Discount Model. It is useful when the growth rate of dividend is forecasted constantly. The present value of stocks is given as Where, r = discount rate, g = rate of growth, DIV = annual cash payment, This formula can be used when growth rate g When growth rate = rate of return, the present value becomes infinite. For perpetual growth, r > g. Growing perpetuity formula, Where,P0 in terms of next years expected dividend DIV g = the projected growth trend r = expected rate of return on other securities of comparable risk. We can estimate cost of equity from this formula by re-arranging. Lets understand by an example: Suppose that your company is expected to pay a dividend of $1.50 per share next year. There has been a steady growth in dividends of 5.1% per year and the market expects that to continue. The current price is $25. Then cost of equity r is given as: When the growth rate isnt constant but varies from year to year, then average can be calculated. Growth rate for current year is calculated using the formula: For example, Year Dividend (in Rs. Million) Percent change (g) 2000 1.23 2001 1.30 (1.30 1.23) / 1.23 = 5.7% 2002 1.36 (1.36 1.30) / 1.30 = 4.6% 2003 1.43 (1.43 1.36) / 1.36 = 5.1% 2004 1.50 (1.50 1.43) / 1.43 = 4.9% Growth rate is average of all percent changes and equals This model serves the major advantage of being easy to understand and use but has a major drawback total dependence on dividend and it cannot be used where company isnt paying any dividend. Also, it doesnot consider any risk and is highly sensitive to the change in growth rate. Estimating Beta Beta is an important term in Capital Asset Pricing Method. Beta is the non-diversified risk of holding a single stock. But it turns out that companies in similar markets have similar risks. Interpretation of beta Beta = 1,it matches market portfolio Beta > 1, higher risk. Beta Methods for calculation of beta It is calculated as: beta_{i} = frac {mathrm{Cov}(R_i,R_m)}{mathrm{Var}(R_m)} Where, Ri = rate of return of asset and Rm is rate of return of market. Thus, beta is dependent on regression analysis. Beta is found by statistical analysis of individual, daily share price returns, in comparison with the markets daily returns over precisely the same period. We need to gather a lengthy time-series of observations for the market return and the individual asset return. Then required co-variances and variances can be calculated. If coefficient of correlation P is known then The alternative method of calculating beta is (by rearranging terms from CAPM equation): In practice, an additional constant alpha is also added in the above equation which tells how much better (or worse) the funds did than what the CAPM predicted. Alpha is a risk-adjusted measure of the so-called active return on an investment. Here, E(Ri) Rf is estimated return on asset portfolios and E(Rm) Rf is estimated return on market index. In order to check that there are no serious violations of the linear regression model assumptions. The slope of the fitted line from the linear least-squares calculation is the estimated Beta. The vertical intercept of this curve is called as the alpha. For a portfolio of assets, we have the relation: Given that beta is a linear risk measure, the beta of a portfolio of assets as simply the weighted average of all the individual betas that comprise the portfolio. HANU Estimate of Risk Premium We dont have reliable estimate where stock market will move in future. So we are using long term historical spreadsheets for estimate large stock than small stocks because they are more closer to proper estimate of market We are considering all values after Second World War because after that laws became stable in U.S. Risk premium = Rm Rf U.S. government securities rate = 6.69% (20 years bond, Exhibit 3) Average annual return for Large company stocks = 14 % (Exhibit 3) So Risk premium for Ameritrade = 14 % 6.69 % =7.31 %

Windows 2000 :: Free Essay Writer

Windows 2000 Windows NT Workstation 5.0 is now called Windows 2000 Professional Windows NT Server 5.0 is now Windows 2000 Server Windows NT Server Enterprise Edition becomes Windows 2000 Advanced Server Plus there is a new offering: Windows 2000 Datacenter Server Windows 2000 Professional will be limited to support only two processors. Windows 2000 Server will be able to support up to four processors. Windows 2000 Advanced Server will support up to eight processors. And Windows 2000 Datacenter Server will support up to 32 processors and additional clustering functions. It is recommended to have at least 64 MB RAM and 700- 900MB of disc space for Professional and even more for the other packages. For multi-processor configurations, 128MB of memory should be considered minimum. Adobe had helped develop a new font called OpenType. That font builds Type 1 and TrueType capabilities into the OS. The new â€Å"Find† command will allow the user to search for available printers on the network. You can specify search criteria to locate all the color printers on the network and then narrow the search by say, the tabloid-size color printer nearest you. Then, with a right click, the systen installs the printer driver, downloads a color management device profile automatically and you’re ready to print. It also has been revamped to now display graphical previews of found graphic images. It also offers a number of Internet-savvy features, uncluding live web links and Net searching. It has a new color management system developed by Linotype-Hell to produce system wide color management that will also extend to Internet Explorer, so that on-line purchases will result in the color the customer expects. Quark a former Mac-only product is now being ported for Windows. The most obvious new feature of Windows 2000 is it’s so-called â€Å"intelligent menus†, which remember a user’s most-used selections. Thus, Windows 2000 learns to hide commands you don’t use often, although these hidden items can be seen by simply pausing at the Start Menu destination for a few seconds. There is a brand new Device Manager that, combined with its plug and play hardware detection and large list of supported hardware, makes it a huge improvement over NT in overall hardware compatibility. New hardware supported it Windows 2000: Accelerated Graphics Port (AGP), DVD, FireWire (IEEE 1394), USB Devices, Advanced Configurable Power Interface (ACPI), Multiple monitors, etc. â€Å"IntelliMirror† feature: the ability to automatically restore uninstalled drivers, deleted DLL’s, and other user settings, even if the user’s machine is replaced with a different one.

The Woods Essay -- Descriptive Essay Examples, Observation

I am sitting in the passenger side as my dad is driving, and we are on our way to my grandpa's land which is located about 25 minutes east of Dubuque. First thing we do when we get there is to finish putting on our coats, and then to grab our bows out of the back, then I close my door softly. Walking through the open field I have dead weeds and tall grass crunching under my boots, and at the end of the field we reach a barbed wire fence that we crawl under. Then we cross under a bunch of pine trees and go about 30 yards into the woods to where my tree stand sits. Then my dad tells me good luck and he heads down into the gully where his stand is located. So I then climb the 12 foot ladder and sit on the seat and put on my safety belt and get my arrow ready on the bow string. I survey the land and look for any movement, so I look to the left where there is another set of pine trees, then I look in front of me into the first set of pine trees don't see anything yet. Then I hear a sound of crunching leaves and immediately look to my right and sure enough there is a big doe getting ready to cross the fence 15 yards away. Â   Being out in the woods is meaningful to me because, of the excitement I get out of observing deer in their habitat and the challenges that are presented by the sport of hunting. Once that deer is close enough that I can see it my adrenaline starts to pump and my heart starts to beat a little faster. The excitement that comes with seeing a deer is great, but it is even better if the deer is in shooting range. I have been bow hunting for two years and am already hooked on it because of the anticipation of getting a shot off at a big buck, but watching the deer and how they react in their own habitat is ne... ... shared experience to talk about and to enjoy helping each other with our techniques. Â   To a beginner in this sport it may not seem as relaxing as I said it is because, I know that when a person starts at something it may get frustrating. As a person goes along and gets better at these activities, it gets to be more fun and more relaxing. Two years ago when I first started I really was bored the first couple of days because I didn't see any deer, and didn't really talk to my dad a whole lot. Then as the next week came I saw my first deer, and it was out of my shooting range but it still got my heart pumping, and ever since then I have been hooked on it. That also gave me the chance to tell my dad what it was like, and he said the same thing happened to him when he first started out, and now we make the best out of that time and talk together. Â  

Capital Punishment Must be Abolished :: Argumentative Persuasive Essays

Capital Punishment Must be Abolished       Evidence suggests that the death penalty does not deter people from committing crimes. It is a cruel and cold blooded form of punishment and there have been instances where innocent people were sentenced to death.      Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚   The most common methods of execution are hanging and shooting. Countries like the U.S. use electrocution, gas chambers and lethal injections to dispose of the convicted. Some countries, like the U.S., have tried to minimise the pain of execution by introducing the electric chair. In some parts of the world, more pain is deliberately inflicted on the condemned, such as in the Islamic countries and Nigeria. In Nigeria the executions are done in public by a firing squad. The convicted are executed slowly, by firing bullets at intervals, starting at the ankles. In Islamic countries the condemned are stoned to death. But there are   special rules for these executions; (Amnesty International article1), "The Islamic Penal Code of Iran stipulates: "In the punishment of stoning to death, the stones should not be so large that the person dies on being hit by one or two of them."1 This is the kind of cruelty which is inflicted on the executed in those countries. Other methods of execution, like the electric chair and hanging, are also quite cruel to the convicted.   That is one of the reasons the death penalty should be abolished.      Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚   Does the death penalty really deter criminals?      Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚   There is very little valid evidence to suggest that capital punishment deters criminals. The most recent study of research findings on the relationship between the death penalty and homicide rates, conducted for the United Nations Committee on Crime Prevention and Control, in 1988, has concluded that:"this research has failed to provide scientific proof that executions have a greater deterrent effect than life imprisonment."1. Many murders are committed under the influence of alcohol and drugs, some murderers might be mentally ill. If one of these factors influenced a person, how could he/she control and asses what he/she is doing or be deterred from committing the crime? It would be impossible, and after the incident he/she might not remember it. A cover story in the "Time"3 presents a report about a man called Doug McCray, then 32. He had a reasonable education after dropping out of college one and a half years later to enlist in the army. He was given a medical discharge seventeen months later.He married and went back to college. But his marriage didn't last long and he dropped out of college again and turned to alcohol. Sometime between October 13