�� At 2:00 p.m. each day, all processed receipts (in the form of personal or corporate checks) are taken to the bank for deposit into the company's account. At the end of the day (4:30 p.m.), the clerks/managers place all un-deposited checks, which were not taken to the bank, on the top open shelf of their cubicles. Processing of these un-deposited receipts is completed the next day.

The primary risk associated with this situation is that cheques being kept in open cubicles can be lost or taken away by unauthorized people and misused as well. In other words, theft can take place. Further, since no processing has been done at the end of the day, there is no record about the receipt of cheques which will make further action regarding lost cheques really difficult and can even invite regulatory action from people whose cheques have been lost or misuse.

Thus, to mitigate this risk, first of all. adequate records should be maintained for all these cheques which remain undeposited at the end of day. In other words, as soon as the cheques are received, any entry for their receipt should be made immediately. Further, these cheques should not be left in open cubicles. These cheques should be kept safely in a secured locker or custody of authorized people.

�� The Company maintains a relatively open environment for its office support staff. Employees work in a large open area with their workspaces separated by four-foot high partitions. In one corner of this area is a small kitchen facility, with a sink, a refrigerator and a coffee machine. Employees are free to come and go to this area and are allowed to bring food and drink back to their workstations. Much work is done on personal computers attached to a LAN. Employees enter a variety of data into the computer, mostly of a financial nature. They are also encouraged to take work home and there are several laptop computers that employees can checkout for working at home or in a travel status. Because employees are often taking work home considerable data is transferred from the file server to 3.5" floppy disks, "Zip Drives" or "thumb drives", which the employees take home and use on the laptops. Most workstations have several floppy disks lying around on the desk.

The primary risk associated with this scenario is misuse and theft of confidential information about the company, not only by the outsiders but also by the company staff who are allowed to take company data home. To avoid such misuse and theft of company data, following steps are recommended:

1) Instructions should be provided to the employees that whenever they leave their workstations open, they should ensure that it is locked by password and no other person can access the system. It will ensure that the computer will not be accessed by unauthorized users in the absence of employees during breaks. Secondly, even the data transferred on the floppy disks should be password protected to prevent their misuse, even if a theft takes place. Further, used data on disks should be deleted immediately and employees should never keep disks with confidential data in the open. Also, whenever the disk is being taken home for work, employees should not leave any data on their personal computers after the work is being done and should transfer all data on the disks bring back to the office.

Although it will be a difficult job to check the laptops and disks taken by the employees to their homes, especially when company encourages such practice, random checks should be done to ensure that employees are not misusing the company data. There should be complete record of office equipments such as laptops which are being taken home by the employees and senior managers should authorize such issue of laptop every time.

�� Kudler's computer system at their main store is connected with underground cables to communications and power services. As the surrounding area is growing and undergoing construction for new building and other businesses, quite often the underground cables are severed during construction.

The primary risk is loss of money due to destruction of cables, loss of time to restore such cables and disruption in the business. To prevent such losses, company should focus more on wireless technologies available in the marketplace to connect their remote locations. Such wireless applications will remove the fear of cables being destroyed. Further, backup power systems should be in place at the store itself.