Implementing Sarbanes-Oxley - Free Essay Example

Sample details Pages: 16 Words: 4948 Downloads: 2 Date added: 2017/06/26 Category Finance Essay Type Argumentative essay Level High school Did you like this example? Implementing Sarbanes-Oxley within an Environment: Understanding the controls used to implement Sarbanes-Oxley within an environment Recent high-profile corporate scandals (Enron, WorldCom, Tyco and Arthur Andersen etc.) have shattered the trust, of shareholders, legislators and authorities, in major publicly traded companies and have raised concerns for the state of corporate governance, not only in the United States, but also in other countries of the world. The United Kingdom is not immune to the wave of business fraud, corporate scandals, legislation changes and corporate environment restrictions. With the filing of bankruptcies, the US government had taken immediate action to prevent fraud in the future by enacting the Sarbanes-Oxley Act of 2002 (SOX), administered by the Securities and Exchange Commission (SEC). Similar restrictions and legislations have also been adopted in the UK, in an attempt to curb fraudulent acts from proliferating to the other side of the Atlantic through multinational public companies trading in the UK. SOX is a legislation designed to eliminate financial fraud and misstatements by greedy executives, unethical corporate practices and non-transparent business transactions. While SOX has redefined the roles, responsibilities and expectations of the board of directors, internal and external auditors, it has also reformed the practices within organizations. At the heart of the enactment of SOX is the implementation of control to oversee senior management, to secure accurate financial reporting information. Two major requirements of SOX are disclosure of material events and contingent liabilities (Rasch 2005). For this purpose, the role of information technology security has become enhanced, as it is expected to ensure transparency in decision-making, reliability and integrity in the system of disclosure. Yet IT experts are of the view that IT has a vague role in making SOX effective. IT security in SOX context is limited to the extent of enhancing reliability and integrity in reporting, and it does not contribute towards prevention of fraud or unethical corporate behaviours. It cannot prevent senior management from engaging in financial misstatements; neither can it curb executives from over-arching organizational controls and processes. The questions that arise then are à ¢Ã¢â€š ¬Ã‹Å"what is the role of IT under SOX? What are the scope, narrative and control matrix for IT professionals within SOX environment? Are the frameworks for SOX implementation effective in achieving SOX objectives?à ¢Ã¢â€š ¬Ã¢â€ž ¢ Before the researcher attempts to answer these questions, a brief background to the emergence of SOX, and why it is needed, must be explored. The turn of the century saw a series of corporate scandals of companies such as Enron, WorldCom and Tyco etc. Their executives had been involved in unethical corporate practices that affected shareholders and stakeholders, alike. Enron and W orldCom filed for bankruptcies (which were followed suit by others) as a result of fraudulent accounting practices and executives greed. Not long before the issues surrounding Enron and WorldCom were resolved, Arthur Andersen, the auditing firm, was charged for malpractice, especially in non-disclosure of fraudulent financial transactions and reportage. At the time, not only the morals of corporate executives had come under scrutiny, but the gatekeepers of the same companies, namely the auditors, had also been questioned of their ethical conduct. The environment of corporate America had become scandalized. The public had become concerned and demanded immediate reforms for curbing more firms from engaging in similar practices. The demand for vigilant corporate governance, in the form of policies, as well as law, increased. The collusion of financial reporting fraud and audit fraud had led to the need for provisions that would keep tight control over accounting and auditing activities , and to mandate compliance procedures that require executive certification, independent audit, and provisions for binding organizations to securities regulations (Romano 2005). The onset of the election, as well as the anxious public, pressured Congress to pass a legislation to indict companies for fraud and to restate the status of the American economy. The result had been the enactment of the Sarbanes-Oxley Act of 2002. The Act, according to Rasch (2005), imposes significant accounting and control requirements on U.S. publicly owned companies (and probably on foreign companies which are either traded on U.S. exchanges or which make up a significant part of a U.S. companys financial reporting). SOX addresses the Enron scandal by establishing controls that would require the need for paper trails of audit activities; it mandates auditor independence; it enhances corporate responsibility; it requires executive accountability; and, more importantly, it establishes control systems b y setting a series of compliance policies (Rasch 2005). Control refers to processes, in business or IT environment, whereby, internal controls over financial information generation, access, collection, storage, processes, transmission and usage are governed by a set of guidance. To formalize, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) provides guidelines for financial reporting processes and financial information recording, storage and access. Similarly, for IT auditors relevant guidelines, COBIT (Control Objectives for Information and Related Technologies), had been formed to provide an open standard established by the IT Governance Institute (ITGI), and the Information Systems Audit and Control Association. In the UK, this type of internal controls have been taken up by the IT Infrastructure Library (ITIL), published by the Office of Government Commerce (Rasch 2005). The basic premise for adopting the SOX standard (in the UK or otherwise) for internal controls over IT infrastructure, is to ensure no repetition of the American dilemma, should it occur among UK corporations. After the American scandals, the government and securities commission realize there is a great need for internal controls to emphasize disclosure, both in terms of material events and contingent liabilities, to prevent bottom-line impact. Moreover, SOX is primarily enacted for the purpose of setting standards for accurate financial reporting information. Since, in modern organizations, there is a great reliance on information technology for transfer, store, access and process information, this means IT and its systems have to be reliable and dependable, in order to gear for transparent transaction, certification and compliance. However, before one can fully establish IT responsible for effective SOX compliance, one needs to understand that accurate financial reporting entails processes and elements that do not necessarily have direct link to financ ial reportage. For example, decisions of board of directors, top company officials, as well as internal and external auditors, securities exchange authorities and so on (Tighter Sarbanes-Oxley Called For 2007), may not necessarily link with IT. Similarly, processes of risk assessment, control activities, monitoring, information and communications form the basis for accurate financial reportage. IT facilitates these activities, but may not be contingent for its accuracy. For these reasons, SOX has established sets of compliance and controls for companies to follow (Caterpillar and Internal Controls 2007). Although, the details of these compliances do not identify IT responsible for controlling fraud per se, nevertheless, it does enhance the role of IT departments and professionals within companies as gatekeepers. For example, Section 404 requires checking of internal controls, which means the implementation of COSO Framework is necessary. In Chans (2004) work, the author outlines tha t the Public Company Accounting Oversight Board (PCAOB), which sets auditing standards under SOX, refers to IT as affecting companys internal control over financial reporting. She writes: Because systems process and system-generated entries are an integral part of financial reporting, general IT and application controls should be documented and evaluated based on a disclosure and management assessment framework that is compatible with business-process mapping, to enhance consistency and quality. By the same token, the IT environment must be reviewed, along with the overall control environment, for the organization. Simply put, IT governance is an essential component and contributor to financial governance. (Chan 2004). In this context, IT becomes the processing environment that holds many key controls critical for SOX compliance. However, before one can qualify an organization as SOX compliant, its IT control activities need to meet specific criteria. Chan (2004), for example, po ints to the following assessment criteria: a. IT dependent business environment b. IT processes significant to business activities c. deficiency in IT solutions d. high risk due to computer operations e. organization processes, especially financial reports, dependent on computer processing. f. business based on enterprise-wide systems g. financial application systems used for transactions, interaction and recording of accounts h. dependence on IT processes for enterprise business end-to-end processes i. IT processes managed by third party outsource Apart from the above, the ITGI considers management of IT risks critical for IT governance and compliance. Risk, according to its report, exposes organizations to IT failures. IT related risks impact on business by exposing the business to operational crash, security breach or failed project. Technical complexity, dependence on service providers, limitation of reliable risk-monitoring information systems resu lt in improper governance and risks. Implementation of frameworks, such as COSO, develop readily usable enterprise risk management programmes. Moreover, they provides guidance and direction for overcoming risks, and implement corporate governance, new legislations, regulations and standards (ITGI 2005). Chan (2004) further notes that SOX compliance means reporting rise from the transaction level all the way to its final destination in the financial statements. Processes involved in dissemination of information related to it, depend on the manual and automated controls of the IT framework. For this reason, IT control weaknesses often result in poor compliance and accountability. IT controls, therefore, must be business-driven. More importantly, it must follow a standardized framework that separates common information from sensitive ones, to minimize risks, as well as promote harmonization, of IT, internal auditing, finance and business units. SOX does not require organizations to simply implement standard controls, but rather encourages organizations to assess and evaluate internal controls to devise efficient and least intrusive control information documentation, policies and methodologies (Chan 2004). Having said that, experts (Kendall 2007; Carter 2007; Roth 2007) are of the view that SOX compliance is still at its rudimentary stage as organizations in America and in other parts of the world are still grasping its compliance mandates. Kendall (2007), for example, cites organizations as still uncertain of an effective system of control over financial reporting. Provisions within SOX do not provide guidance for successful implementation of controls based on SOX mandates. As a result, companies are relying on their internal controls assessments and testing, to achieve control objectives relevant to SOX requirements, such as examination of risks, create IT risk inventory, reducing controls, consolidating controls, standardizing processes, monitoring change s and streamlining processes. Carter (2007) notes that CSA (control self-assessment) techniques are useful in identifying opportunities for improvement. The technique involves bringing together individuals from different business units of the organization, to gather information on company processes. The session encourages evaluation and redesigning of processes to provide accurate and timely documentation, financial and otherwise. Roth (2007) notes that the ERM (enterprise risk management) technique implies that SOX compliance does not necessarily result in prevention of fraud in the IT context. In fact, other frameworks are more effective in identifying, monitoring and assessing risks associated with IT systems and processes. As mentioned earlier, SOX does not really specify any framework for implementing internal controls. It merely mentions Internal Control and Integrated Framework. Internal control is just as ambiguous, as it means different things for different people. It is likely that miscommunication may occur as a result of different expectations and perceptions of internal control for SOX compliance. For example, internal control, according to COSO, can be defined as, a process, effected by an entitys board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives (COSO 2004). However, for different organizations, the composition of these elements and processes may differ. Furthermore, according to Damianides (2005), SOX legislation has created a great need for business to have IT internal control in place, to ensure data reliability and maintenance of ethical activities. It requires processes to be aligned with the Acts Section 302 and 404. Section 302 entrusts the responsibility of financial statements certification and disclosures to CEOs (chief executive officers) and CFOs (chief financial officers), while Section 404 requires internal controls of financial reportage witho ut actually outlining guidance or procedures for implementing them. Indeed, it has been the ITGI that has come up with the COSO international control framework for financial reporting. The COSO framework is based on the following objectives: Effectiveness and efficiency of operations Reliability of financial reporting Compliance with applicable laws and regulations Thus, internal control is a process, affected by people and expected to provide reasonable assurance and achievement of objectives of one or more overlapping categories (Damianides 2005). The COSO framework follows the Public Company Accounting Oversight Board (PCAOB) and addresses issues related to: * Segregating accounting duties. * Developing effective boards and audit committees. * Managing with wider spans of control. * Implementing sound information technology controls. * Documenting the design and operation of controls. (Rittenberg, Martens and Landes 2007). The COSO framework ou tlines principles and components for effective risk management processes as well, which is why it is often confused with the ERM (enterprise risk management). The implementation process of COSO involves identification, assessment, response and controls set up and aligned with its strategic plans. The framework emphasizes on enterprise risk management responsibilities and activities that would result in achieving organizational objectives. To ensure that management processes are in place and function according to SOX compliance, an integrated framework can be set up based on COSO guidance. It encourages identification of risk, assessment of companys strategies, and ways to invest in setting up an internal control framework such as investment in effective ERM, establishing effective technology controls and relate it with financial reporting. COSO implementation differs from other internal control framework, as it is broader and incorporates concepts from various risk management strate gies, set up and techniques. It requires external and internal control for financial reportage for SOX Section 404 compliance. As a result, not only the board of directors, but management executives, along with CFO and CIO, become part of the disciplines and procedures for establishing internal control framework (COSO 2004). On the other hand, non-compliance of COSO implementation may result adversely in terms of non-systematic approach for controls or incomplete controls set up, weak and inefficient control environment, which may result in inadequate processes and reportage (ITGI 2006). According to COSO (2004), ERM integrated framework significantly reduces risks for all types of industries, as this framework recognizes effective enterprise risk management processes and applies it in the context of strategic development. According to Ramos (2004), the COSO framework divides IT controls into computer controls and application specific controls. On the other hand, the ERM framework r equires ongoing feedback of information from throughout the company (COSO 2005) to support risk assessment. Similarly, the ITGI also developed COBIT (Control Objectives for Information and related Technology) to address the need for frameworks that address IT issues and provide guidance for IT professionals. COBIT involves provisions of information for achieving organizational objectives, IT processes and resources management. The framework provides a standardized guidance resource for structuring IT controls to comply with Section 404 of SOX (Damianides 2005). Thus, COBIT represents a collection of documents that provide guidance for IT governance, control and assurance. According to the ITGI (2006) report on COBIT, it is a framework for comparing with other frameworks, and provide guidance for process compliance and improvement. The role of IT is magnified under this framework as it addresses issues related to IT by mapping its activities to business drivers, and outlining risk s of non-compliance such as: à ¢Ã¢â€š ¬Ã‚ ¢ Misaligned IT services, divergence à ¢Ã¢â€š ¬Ã‚ ¢ Weak support of business goals due to misalignment à ¢Ã¢â€š ¬Ã‚ ¢ Wasted opportunities due to misalignment à ¢Ã¢â€š ¬Ã‚ ¢ Persistence of the perception of IT as a black box à ¢Ã¢â€š ¬Ã‚ ¢ Shortfall between managementà ¢Ã¢â€š ¬Ã¢â€ž ¢s measurements and expectations à ¢Ã¢â€š ¬Ã‚ ¢ Know-how tied to key individuals, not to the organisation à ¢Ã¢â€š ¬Ã‚ ¢ Excessive IT cost and overhead à ¢Ã¢â€š ¬Ã‚ ¢ Erroneous investment decisions and projections à ¢Ã¢â€š ¬Ã‚ ¢ Dissatisfaction of business users with IT services supplied (ITGI 2006). Under the COBIT framework, organizations must satisfy the quality and security requirements of their information systems for all assessments. The management has the principle role in optimizing IT resources through applications, infrastructure and personnel usage. The process involves entrusting responsibilities and objective a chievements throughout the organization, through an enterprise wide IT architecture. Unlike the COSO framework, COBIT provides guidance for good practice for domain processes within the framework, including specifying activities and executing processes. However, its main focus is on internal control, rather than merely on execution, as COBIT identifies control objectives for planning and organization; acquisition and implementation; delivery and support; and monitoring and evaluation to be integrated within the IT infrastructure. This ensures the internal control system is in place within the IT environment (ITGI 2006). In line with the above, ISO 17799 has also been established to measure security controls within an IT environment. ISO 17799 emerged as Information Security Code of Practice from the UKs Department of Trade and Industry and revised by the British Standards Institute in 1995. It underwent many changes before it adopted its present status. The document outlines a se t of standards that covers organizational security, asset classification and control, personnel security, physical and environmental security, access control, system development and maintenance, business continuity management and compliance (ISO 27002 Central 2007). In addition to ISO 17799, a revised version BS7799-2 / ISO27001 in 2002 has been published to add specification for Information Security Management System (ISMS). This part takes into account of measure, monitor and control of security management (ISO 27002 Central 2007). ISO 17799 implementation involves organization of different areas of the business within its framework. For example, setting up of objectives to ensure business activities and processes are not disrupted by developing system access control of information, unauthorized access, network security, unauthorized computer access and ensure information security is in place for mobile computing. Furthermore, ISO 17799 also have provisions for system development and maintenance that ensure operational systems, data application systems, confidentiality and integrity frameworks. Under the ISO 17799 framework, controls are defined through legal and business requirements, cost of implementation and potential impact of security breach (ITGI 2006). The ISO 17799 framework not only ensures compliance through security, but also extends external controls to avoid criminal or civil law, statutory, regulatory and contractual activities (ISO 27002 Central 2007). Overall, it is the organizations security, which is the main objective of ISO 17799. However, in terms of SOX compliance, this framework is limited as it focuses on IT control implementation exclusively (ISO 17799 and Computer Security News 2007). Even though it does not relate to SOX entirely, non-compliance exposes companies to risk of information disclosure, such as loss of confidence and trust; incomplete risk assessment; lack of security awareness within the organization, third party inter action and interference in the organization; and flawed procedures (ITGI 2006). The ITIL is another framework based on a series of publications of eight books that outline best practice for IT service management. It has been established by the Central Computer and Telecommunication Agency (CCTA) (or British Office of Government Commerce) (ITGI 2006). ITIL defines service processes, quality, objective and implementation of control for IT organization. The books are guides for addressing effective IT function through operation and maintenance of existing systems; development of new systems, and adjustment of service delivery for evolving requirements of the business. The key concepts that ITIL addresses are holistic IT service management and customer orientation. The processes involve incident, problem, configuration, change, and release management, apart from best practices, such as service level management, financial management for IT services, capacity management, business conti nuity and availability management Non-compliance results error-prone support processes (ITGI 2006). Despite the presence of these frameworks (and many others), there are no guarantees for financial reportage exposure to data risks. According to Brown and Nasuti (2005), these frameworks do not necessarily mean SOX compliance, as they are dependent on the companys ability to identify, choose and implement particular framework(s). They are of the view that the frameworks adopted contribute towards strategy, architecture and planning of IT processes and enables executives to manage, anticipate and assemble technologies and methodologies for continuously improving IT environment, but they do not help prevent fraud. SOX provisions are applicable not only in publicly traded companies, but also in internal control environment of private companies, though their processes may differ from firm to firm. The choice for adopting particular framework, thus, depends on the efficacy of IT infrast ructure alignment with the business objectives, the challenges it poses to IT governance, systems development and competencies and change management initiatives. It also depends upon the implementation of risk management approaches and ways organizations identify success factors for implementation. SOX complexity does not end in the choice of framework or effects of non-compliance. SOX audit is an area that has raised major concerns among auditors. Auditors are responsible for bookkeeping, financial information systems, valuation services, investment services, legal services and actuarial services that are related to managerial functions and investment activities. Yet SOX provisions, according to Tackett, Wolf and Claypool (2006), prohibit consulting activities by independent auditors. The restriction includes management assessment and attestation on effectiveness. The basic premise for setting these restrictive provisions is to curb independent auditors from assisting management in establishing internal controls for management processes, delegation and responsibilities. SOX compliance, though, allows for corrective feedback, testing of activities, and assistance in approval of processes, it does not provide interference from independent auditors. As a result, SOX audit provisions mandate self-audit by non-audit consulting service providers. It also mandates auditors to provide one report on financial statements, and 3 relating to ICOFR (internal controls over financial reporting), so as to ensure reports are independent and may contain unqualified opinion over internal control of financial reportage. SOX enactment has demonstrated that there is a great need for improving corporate responsibility and restore investor confidence in the US public companies. The setbacks by corporate scandals have intensified the need to establish regulations that would apply strict rules for accountability, disclosure and reporting (ITGI 2004). The emphasis on Section 404 requires senior management and business owners to reconsider their present internal control structure. As compliance to SOX means redesign of internal control structure, where IT plays a critical role nowadays, for financial reporting processes, organizations are gradually appreciating the mandates outlined by SOX. However, for the majority, there is still a gap which SOX has not addressed: ITà ¢Ã¢â€š ¬Ã¢â€ž ¢s role in SOX. Since SOX has not clearly identify IT control as part of SOX compliance, nevertheless, IT has become an apparent vital internal control, as without IT systems, data and infrastructure components financial reporting would have been incomplete. This distinction leads the researcher to understand that IT has the critical role of laying the foundation for internal control for SOX compliance. This is inherent in the fact that modern organizations use information technology and their system for establishing control over financial reporting. IT internal control is syno nymous with gate keeping and, in essence, meets the requirements of SOX. Given the above rationale and background, the researcher proposes research in the following contexts: What are the scope, narrative and control matrix for IT professionals within SOX environment? Are the frameworks for SOX implementation effective in achieving SOX objectives? How can organizations identify, choose, create and implement a control matrix that is congruent with SOX compliance keeping ITs role in mind. And lastly, how can organizations enhance the role of IT internal control in SOX compliance? The researcher understands that there is a critical link between SOX compliance and IT, as it has been emphasized by the various frameworks recommended by SOX. Even though SOX does not specify which frameworks to choose, the researcher assumes that current frameworks established by ITGI, CCTA and ISO are the ones accepted by the law, organizations and professionals. The researcher also a ssumes that SOX compliance has become a mandate, rather than an option. In the research that ensues, the researcher shall assume that organizations that adopt SOX compliance have defined IT infrastructures and are keen on building upon IT internal control, conducive to transparent, accurate and reliable financial information. However, these assumptions place certain limitations in the research. They exclude organizations, which may not have adopted IT infrastructure for financial reporting, such as small private enterprises, which are not required by law to disclose financial information to the public. They also limit the study to organizations that are not affected by SOX, for example, foreign firms that do not rely on IT systems for financial reporting and are not affected by US laws. Nevertheless, the researcher is of the view that IT internal control is not only a SOX compliance mandate currently, but also a requirement for successful organizations. It is important for organi zations to have internal control in place, regardless of SOX compliance, in order to remain competitive in business. For these reasons, the researcher shall bypass the limitations and assume that organizations, whether large or small, require SOX internal control frameworks for compliance. The purpose of the research is to explore SOX in the context of IT internal control frameworks. As outlined in the above literature this is critical for SOX compliance as well as for laying the foundation for IT infrastructure building. Thus, the research shall be relevant to legislative officials and SOX compliant interpreters who need to understand the gap, if any, for compliance. Moreover, it is relevant for IT professionals who are involved in exploring, establishing and aligning IT control within the SOX context. They would find the study enumerative in understanding IT relevance under SOX as well as how they could better its objectives. For student researchers, the study may act as a plat form for furthering research in the areas of IT internal control matrix, frameworks creation and competitive advantage through SOX compliance, which shall be touched upon briefly. Academicians shall find the research enumerative as it explores various options for SOX internal control frameworks through a study of dimensions in implementation. The choice for research methodology largely depends upon the concepts being explored. The validity of the choice of research methodology also depends on the issues rationale adopted for discussing the topic. In the course of the research conducted for the proposal the researcher has found that understanding SOX compliance may require a theoretical exploration and at the same time measurement for its effectiveness and efficacy. In this context, the researcher may adopt a quantitative or qualitative approach. Quantitative approach refers to quantitative measures based on primary observations and empirical findings (Stenbacka 2001). On the othe r hand, a theoretical exploration requires a qualitative approach. Qualitative research involves extensive research based on concepts, theories and ideas studied by other experts before the researcher can reach to his/her own conclusions (Sykes 1991). This is not all; research approach choice also depends on reasoning. Critical thinking requires that one understands the rationale behind the results acquired. Rationale choice can be categorized into inductive or deductive. Deductive reasoning refers to a process of generalization before narrowing it down to the research problem or issue. Alternatively, inductive reasoning refers to inquiries that is based on specific problem or issue, and explore it to establish generalizations. Whichever the rationale approach adopted the researcher must determine it in the context of its relevance to the research problem (Hyde 2000). In the context of the above proposal, the researcher shall aim to adopt a combination approach of quantitative and qualitative methods so as to comprehensively test the validity of the questions proposed. The combination of deductive and inductive reasoning on the other hand shall enable the researcher to understand the problem issue of SOX compliance within the IT environment dynamically. References Author not available (2007) Caterpillar and Internal Controls Sarbanes-Oxley UK. Online accessed on 22 June 2007 from: https://www.sarbanesoxleyuk.co.uk/asarbanesoxleyuka366306.htm Author not available (2007) Tighter Sarbanes-Oxley Called For Sarbanes-Oxley UK. Online accessed on 22 June 2007 from: https://www.sarbanesoxleyuk.co.uk/asarbanesoxleyuka366211.htm Brown, W. and Nasuti, F. (2005) What ERP systems can tell us about Sarbanes-Oxley. Information Management Computer Security Vol. 13 No. 4, pp. 311-327 Carter, C. (2007) Compliance Through Self-assessment. The Internal Auditor 64 no. 2 pp. 69-72 Chan, S. (2004) Sarbanes-Oxley: the IT dimension: information technology can represent a key factor in auditors assessment of financial reporting controls. Internal Auditor, February Issue. COBIT Mapping: Overview of International IT Guidance, 2nd Edition ITGI 2006. COSO (2005), à ¢Ã¢â€š ¬Ã…“FAQs, for COSOà ¢Ã¢â€š ¬Ã¢â€ž ¢s enterprise risk management à ¢Ã¢â€š ¬Ã¢â‚¬Å" integrated frameworkà ¢Ã¢â€š ¬Ã‚ , COSO. Online accessed on 22 June 2007 available at: www.coso.org/Publications/ERM/erm_faq.htm Damianides, M. (2005) Sarbanes-Oxley and IT Governance on IT Control and Compliance. Information System Management 77 Winter Issue. Fletcher, M. (2006) Five Domains of Information Technology Governance for Consideration by Boards of Directors. Capstone Report. Hyde, K. F. (2000), Recognising deductive processes in qualitative research. Qualitative Market Research: An International Journal, Volume: 3 Issue: 2 pp. 82 90 ISO 27002 Central (2007) The A-Z Guide for BS7799 AND ISO17799. ISO 27002 Central. ITGI (2000) Aligning COBIT ®, ITI L ® and ISO 17799 for Business Benefit. A Management Briefing from ITGI and OGC. ITGI (2004) IT Control Objectives for Sarbanes-Oxley: The Importance of IT in the Design, Implementation and Sustainability of internal Control Over Disclosure and Financial Reporting. ITGI. ITGI (2005) Information Risks: Whose Business Are They? IT Governance Institute Report. Kendall, K. (2007) Streamlining Sarbanes-Oxley Compliance. The Internal Auditor 64 no.1 pp. 38-42, 44 Patterson, E. R. and Smith, J. R. (2007) The Effects of Sarbanes-Oxley on Auditing and Internal Control Strength. The Accounting Review Vol. 82, No. 2. pp. 427-455. Ramos, M. (2004), How to Comply with Sarbanes-Oxley Section 404, Wiley, Hoboken, NJ. Rasch, M. (May 3, 2005) Sarbanes Oxley for IT security? Security Focus. The Register. Online accessed on 22 June 2007 from : https://www.theregister.co.uk/2005/05/03/sarbanes_oxley_for_it_security/ Risk Associates (2007) ISO 17799 and Computer Security News . Risk Associates. Online accessed on 22 June 2007 available at: https://www.computersecuritynow.com/index.htm Rittenberg, L. E., Martens, F. and Landes, C. E. (2007) Internal Control Guidance. Journal of Accountancy 203 no.3 pp. 46-7, 49-50 Romano, R. (2005) The Sarbanes-Oxley Act and the Making of Quack Corporate Governance. Yale Law Journal. Vol. 114. Issue: 7 pp. 1521+ Roth, J. (2007) MYTH vs. REALITY: Sarbanes-Oxley and ERM. The Internal Auditor 64 no. 2 pp. 55-60 Stenbacka, C. (2001) Qualitative Research Requires Quality Concepts of Its Own. Management Decision 39/7 pp. 551 Sykes, W. (1991) Taking stock. Journal of the Market Research Society, Vol. 33, No. 1, pp. 3 Tackett, J. A., Wolf, F. and Claypool, G. A. (2006) Internal control under Sarbanes-Oxley: a critical examination. Managerial Auditing Journal, Volume 21 Number 3 pp. 317-323 Don’t waste time! Our writers will create an original "Implementing Sarbanes-Oxley" essay for you Create order

The Influence Of Martin Luther King Jr. - 1609 Words

Martin Luther King Jr. was an African-American civil rights activist who lived from 1929 to 1968. He was mostly known for his peaceful protest movements across America, and for his speech ‘I Have a Dream’. Martin Luther King Jr. was also known for his connection to Christianity, and how he used the influence of Jesus Christ throughout his life to lead the people of the activist movement through times of trial and revolution, while relating many of his teachings to the Bible. He made very significant contributions because of his belief, although he did encounter many difficulties. He was inspired by Jesus Christ from a very early age and continued to use that influence to do great and significant changes to the society of the middle 1900’s†¦show more content†¦Since being inspired by Christ, Jesus’ actions has influenced King as well. Martin Luther King Jr.’s faith in Jesus Christ influenced his actions, values, and beliefs in multiple ways including King leading peaceful protests, his belief of being kind and fair to everyone, and values including determination and persistence. King believed that peaceful protests were the ideal revolution, inspired by Mahatma Gandhi. While Gandhi was not a Christian, rather a Hindu, Martin Luther King Jr. believed that many of Gandhis principles related to Christianity, Gandhi was probably the first person in history to lift the love ethic of Jesus above mere interaction between individuals to a powerful and effective social force on a large scale. Christ furnished the spirit and motivation, and Gandhi furnished the method. (MLK). King concluded Christ was the basis of Mahatma Gandhi’s teachings and used his example in his actions. Martin Luther also believed that throughout all the chaos in the upheaval of traditions, you should always remain kind and fair towards those on your side, or the opponent. This belief was heavily influenced by Jesus Christ and his teachings to love your enemy and to be kind towards everyone, shown in multiple situations in the Bible, shown in Paragraph 4. King showed this example throughout his authoritative positions, communicating to his followers that Christ andShow MoreRelatedThe Influence of Martin Luther King Jr.3372 Words   |  14 PagesMartin had many influences throughout his life, many of which would shape his rhetoric, and the way he handled himself and those around him. Martin’s influences could be traced back to three things: his parents and home life, his education, and then his own personal experiences with racism. These three topics shaped Martin and his views on racism, and they were also what made him the most respected and the most admired Civil Rights Leader of his time. Martin’s Parents and Home Life MartinRead More Henry Thoreau’s Influence on Martin Luther King Jr. Essay898 Words   |  4 PagesHenry Thoreau’s Influence on Martin Luther King Jr. Henry David Thoreau was a great American writer, philosopher, and naturalist of the 1800’s who’s writings have influenced many famous leaders in the 20th century, as well as in his own lifetime. Henry David Thoreau was born in Concord, Massachusetts in 1817, where he was later educated at Harvard University. Thoreau was a transcendentalist writer, which means that he believed that intuition and the individual conscience â€Å"transcend† experienceRead MoreDr. Martin Luther King Jr. And His Influence On The American Civil Rights Movement765 Words   |  4 Pagesof Dr. Martin Luther King Jr. and his influences on the American civil rights movement. His famous speech – â€Å"I have a dream† is one of the most compelling in all times. The speech was powerful because it was simple and brought out a clear and focused theme. The audiences’ emotion was agitated instantly by his speech. And the reaction and impact were enormous. Of course, leadership is not only about powerful speeches, but involves the leaders’ characteristics and their abilities to influence othersRead MoreHenry David Thoreau: Great Influence to Dr. Martin Luther King, Jr.629 Words   |  3 Pagesgreatly influenced by the writer Ralph Waldo Emerson, (who introduced Thoreau to the ideas of transcendentalism) Martin Luther King, Jr.s thinking was greatly influenced by that of Thoreaus. He was most probably influenced more by Indias Mahatma Gandhi; however, Gandhis principles were mainly based on those of Thoreau. Though Thoreau lived more than 100 years before the time of King, his thinking remained an influential legacy. They each wrote based on contemporary events that had been going onRead MoreHow Did Religion Influence Martin Luther King, Jr as He Led the Civil Rights Movement2455 Words   |  10 PagesHow did Religion Influence Martin Luther King, Jr as he led the Civil Rights Movement What do you consider a leader? Is it someone who can lead a group of people with no trouble or is it simply someone with exquisite thinking skills? There is not an accurate definition explaining who or what a leader is because each is different. I feel that Martin Luther King Jr is a great example because he has the ability to inspire people, which led to a movement that forever changed America. This paper goesRead MoreComparison on Malcolm X and Martin Luther King Jr.: Who Had More Influence over the Civil Rights Movement1233 Words   |  5 PagesMalcolm X and Martin Luther King Jr., the latter had a more positive influence in the progress of the movement. Each of these two leaders had different views on how to go about gaining freedom. While King believed a peaceful means would allow the blacks to achieve equality with the white Americans, Malcolm X took a more pessimistic approach. He believed achieving equality was nearly impossible and preached a more separatist doctrine. The mens later beliefs were formed in their youth. King was raisedRead MoreWho knew the two most powerful African Americans that influence countless of people in history and700 Words   |  3 PagesWho knew the two most powerful African Americans that influence countless of people in history and wrote their one of many most inspirational work while locked up in jail? Martin Luther King Jr. was incarcerated because the city officials issued a court injunction to prohibit the civil rights marches in Birmingham. Whereas, Malcolm x was arrested for burglary while trying to pick up a stolen watch he had left for repairs at a jewelry shop. The fight for civil right was taken in the 1960s, whereRead MoreI Have A Dream Speech Analysis847 Words   |  4 Pagescountry. In the speech I Have a Dream, Dr. Martin Luther King Jr. was influencing people to go and protest to get their rights and in the speech A Eulogy for Dr. Martin Luther King Jr., Robert F. Kennedy influences people to change and do as Dr. Martin Luther King Jr. The last two peo ple were speaking to influence people. They made a change, they did something and hope something will change. First, the speech I Have a Dream By Dr. Martin Luther King Jr. He is a famous black rights leader. He toldRead MoreMartin Luther King’s Quest for Equality1340 Words   |  5 PagesEquality Martin Luther King Jr. had a substantial impact on how the United States views civil rights. During his lifetime, Martin became highly educated and used his knowledge to help others in a positive way. King was not only an influential leader of the Civil Rights Movement, but also a catalyst and a leading figure of the 1960s. His leadership and practices still live on today, and the Civil Rights Movement wouldnt have been nearly as successful without his leadership and guidance. Dr. King pushedRead MoreTransactional Leaders : Transformational Leaders1140 Words   |  5 Pagesinspire, influence, move, and literally transform followers to achieve organizational goals beyond their self-interests (Burns, 1978), thus initiating and bringing about positive change (Weiss, 2011). In this paper, I will be discussing Martin Luther King and explain what style of leadership Martin Luther King, Jr. had, whether transformational or transactional, what type of leadership characteristics Martin Luth er King, Jr. demonstrates, and what aspects of servant leadership Martin Luther King, Jr

Bill Gates the Man Behind the Success of Microsoft Free Essays

William Henry â€Å"Bill† Gates III (born October 28, 1955) is an American business magnate, investor, philanthropist, and author. Gates is the former CEO and current chairman of Microsoft, the software company he founded with Paul Allen. He is consistently ranked among the world’s wealthiest people and was the wealthiest overall from 1995 to 2009, excluding 2008, when he was ranked third, in 2011 he was the wealthiest American and the second wealthiest person. We will write a custom essay sample on Bill Gates: the Man Behind the Success of Microsoft or any similar topic only for you Order Now During his career at Microsoft, Gates held the positions of CEO and chief software architect, and remains the largest individual shareholder, with 6. percent of the common stock. He has also authored or co-authored several books. Gates is one of the best-known entrepreneurs of the personal computer revolution. Gates has been criticized for his business tactics, which have been considered anti-competitive, an opinion which has in some cases been upheld by the courts. In the later stages of his career, Gates has pursued a number of philanthropic endeavors, donating large amounts of money to various charitable organizations and scientific research programs through the Bill Melinda Gates Foundation, established in 2000. Gates stepped down as chief executive officer of Microsoft in January 2000. He remained as chairman and created the position of chief software architect. In June 2006, Gates announced that he would be transitioning from full-time work at Microsoft to part-time work, and full-time work at the Bill Melinda Gates Foundation. He gradually transferred his duties to Ray Ozzie, chief software architect, and Craig Mundie, chief research and strategy officer. Gates’ last full-time day at Microsoft was June 27, 2008. He remains at Microsoft as non-executive chairman How to cite Bill Gates: the Man Behind the Success of Microsoft, Papers

Identify and Evaluate Marketing Opportunities

Question: Discuss about the Identify and Evaluate Marketing Opportunities. Answer: Introduction The report is presenting the opportunities of marketing plan to meet the organisational objectives of FitLife Health Club Strategic Marketing Plan 2015-2020. In this study, the marketing plan is analysed to determine whether the company is able to meet the organisational goals and objectives in future. Therefore, the market opportunities for the company as well as strategic issues are discussed to find out the solutions for these. In addition, the solutions for the issues are also recommended to improve the situation. Current Strategies of the Company In this report, a fitness company FitLife, which is situated in Sydney in Australia. The current strategies of the company are presenting the market situation. In current days, the company has expanded its business in almost eAustralia with 70 health clubs. It has now almost 182,000 active members who are associated with the organisation. It is an active health club providing the multi-purpose fitness venues across the country (Dubuisson, 2013). They are giving the facilities of swimming pools, squash courts, sport clubs and many more. Now the company is trying to concentrate on the new mission of the organisation. Along with the expansion of the company, the organisation is trying to improve their services. They are now introducing their new service such as, they are introducing new swimming pool of 50 metre outdoor pool and with this a 25 meter indoor pool, along with gymnastics hall, recreation hall, classes of yoga, cycle, full body lift, Pilates, fat burner etc (Czinkota Ronkai nen, 2013). According to the marketing plan report, the organisations mission is to communicate with the people with providing them a good and innovative program of fitness practices to be fit. They want to motivate the people irrespective of age differences for regular exercise. They are trying to motivate the people who do not practice exercise regularly and do not think that it is an essential for good health. Therefore, their main motto is to make the people believe and attract o their fitness training system. It will help the people to keep them fit as well as will spread the business of the company. Moreover, the companys current business strategy is to spread their business among the people with innovative style that it attracts them to come and work out for being fit. The main objectives of the company in recent times are following Develop a minimum of two innovative fitness and wellbeing programs within the next twelve months. Introduce the Health Bar in the most revenue generating and competitive health club within the next six months. Develop a system in the next nine months to provide health and wellbeing services to prospective clients whom demand offsite support. Open the physiotherapy facility in the next twelve months, having two physiotherapists ready to provide a dynamicm physiotherapy practice to all members and non-members. Market Opportunities The report is showing the strength, weakness, opportunity, threat of the company in the SWOT analysis. It is observed in the analysis that the company has more positive ends than the negatives. Therefore, it is clear that the company will get many opportunities on the market to spread their business worldwide. As the fitness organisations are in trend now therefore the company will get the opportunity of consumers need for the fitness club. Therefore, the organisation can get the opportunity of international expansion. The company can expand their business in worldwide. They can improve their quality of service by appointing recognised trainer and new training session. They have the opportunity to introduce the distance classes as well as online classes. Additionally, they can expand their business through the products. As they deal with the fitness services therefore, they can offer the people about new innovative products to become fit. The company has very less competitor in the m arket. Therefore, they have to marketing opportunity to use this and to expand their business. As the competitors have not reached the level in their business like the FitLife, the other companies cannot develop or expand their business in fitness. Therefore, it is the opportunity for the company that can be used to develop their profit as well as market. The4y can also take part in the Iron Man Loyalty card program to retain current customers. This is very important for any company to retain their existing customers. Therefore, they have to focus on the existing customers to retain them with new innovative procedures of providing fitness. They have the opportunity to attract the non-members with introducing innovative services for them. They can introduce the physiotherapy services for them to give the members safety regarding fitness training. It will increase their reputation that they are very careful about the health of their customers. As the location of the organisation is in the capital city of Australia, therefore it gets the opportunity to take part in the awareness programs of the nation. They have participated in the Australian Government public awareness programs on smoking, obesity and many other health illnesses have had significant impact on changing the culture of our people towards living a healthy lifestyle, which has stimulated publics willingness to exercise regularly and follow a balanced diet (Kotler et al. 2015). Strategic Issues of the Company Although the company has many opportunities to expand their business in the market but still they have some strategic drawbacks that is resisting them to expand its organisational objectives. One of the most important issues that the company is facing in recent times is the lack of direct distribution in the international markets. Therefore, the price of the products and services are increasing. It will decrease the population of the company among the customers, which will be not expected for the company. The club has used another wrong strategy that they have a lack of proper personal trainer to train the members. It has created a very bad impression to the new members. Generally, in the present days every organisation presents their business in the online website. However, FitLife has not updated their online business properly. It has led them towards losing their business before the new generation. Solution to the Strategic Issues As per the report, the company is facing many strategic issues regarding the marketing policies and business strategies. These strategies are resulting opposite for the company and they have to now solve the problems to improve their business. They have the lack of direct distribution in the international market therefore; they can implement the Low pricing strategy in business (Wilson Gilligan, 2012). Therefore, this strategy will help to decrease the price of their products and services to get the profit in business again. Another issue that the company is facing is the weak website. Therefore, the company is facing a communication gap with the new generation customers. This is hampering the overall business of the company. In this case, they can use the strategy of Online marketing strategy to implement new updated website. It will improve their promotion in the online platform properly, which will decrease the communication gap of the new generation. If the club will implement t hese strategies in their business then they can improve their market in future. Recommendation The report is showing that the company is facing some strategic issues, which is decreasing the value of the company before its customers and the company is losing its reputation. Therefore, here are some recommendations for the company to improve this situation, The company should implement new strategies to recover the situation. Therefore, the company should implement the new pricing strategy for their products and services. It will help to set the limit of the price levels of the companys products and services. They should implement the new online marketing strategy for updating their online business. It will help to promote their business as well as their services to the new generation. As a result, it will increase their number of customer. Conclusion While concluding it can be said that FitLife is pursuing the problems in their marketing strategies, which are restraining their business to flourish worldwide. Therefore, the study has focussed on the strategic issues that the company is facing. They have lack of direct distribution in the international market and having high price problem. This can be solved by implementing the low pricing strategy. There is another problem that has pointed out is the weak online promotion. Proper updating of the website can reduce this. Therefore, the report has analysed the marketing plan of the fitness club with recommending some solutions for these. References Dubuisson-Quellier, S. (2013). A market mediation strategy: How social movements seek to change firms practices by promoting new principles of product valuation.Organization Studies,34(5-6), 683-703. Wilson, R. M., Gilligan, C. (2012).Strategic marketing management. Routledge. Kotler, P., Keller, K. L., Manceau, D., Hmonnet-Goujot, A. (2015).Marketing management(Vol. 14). Englewood Cliffs, NJ: Prentice Hall. Czinkota, M. R., Ronkainen, I. A. (2013).International marketing. Cengage Learning.

The Theme of Humanity in the Poem Hawk Roosting Essay Example

The Theme of Humanity in the Poem Hawk Roosting Paper Hawk Roosting is one of Ted Hughes many poems which describes nature and animal savagery. In this particular work, Hughes details the characteristics of a regal hawk, ruling over its domain. Although it may seem to be a simple descriptive piece, Hawk Roosting actually maintains a duality throughout each verse. Not only is it a vivid description of a living being, the poem is Ted Hughes critique on humanity. Beneath its surface is a stark reminder of how our weaknesses are degrading us into common animals. The first verse paints a scene of a hawk resting on the treetops: I sit in the top of the wood, my eyes closed Inaction, no falsifying dream We will write a custom essay sample on The Theme of Humanity in the Poem Hawk Roosting specifically for you for only $16.38 $13.9/page Order now We will write a custom essay sample on The Theme of Humanity in the Poem Hawk Roosting specifically for you FOR ONLY $16.38 $13.9/page Hire Writer We will write a custom essay sample on The Theme of Humanity in the Poem Hawk Roosting specifically for you FOR ONLY $16.38 $13.9/page Hire Writer Between my hooked head and hooked feet: Or in sleep rehearse perfect kills and eat. Straight away the poem asserts the dominance of the bird. The words Top of the wood suggests the hawk is a predator, high up in the food chain. It is also an animal that lives for hunting as every day it will rehearse perfect kills and eat in its dreams. Similarities can be drawn which shows that we are just like the hawk. Humans dominate the world and we constantly invent new ways of simplifying our lives. At the most basic level, we kill and eat like all animals do. The writer uses this verse to establish the hawk as a symbol of all humanity. Therefore, when he further illustrates the hawk later on, he is actually pointing out our habits and tendencies. The allegory of the hawk symbolizing humanity continues into the second and third verses: The airs buoyancy and the suns ray Are of advantage to me; And the earths face upward for my inspection. It took the whole of Creation To produce my foot, my each feather: Now I hold Creation in my foot. These verses further develop the idea that the hawk is a supreme creature. It looks down on its realm and controls all the animals. Therefore, it is able to hold Creation in my foot. On the other hand, as the hawk actually represents us, the writer is also commenting on mankind. The airs buoyancy and the suns ray correspond to natural resources and how they are of advantage to us. Instead of letting the course of nature take over our lives, we control the Earth as it face upward for our inspection. The phrase It took the whole of Creation suggests that humans see themselves as the ultimate species. Overall these two verses emphasize the fact that we are the rulers of the Earth. The world is metaphorically our oyster, a small thing that is easily held in our grasp. As the poem progresses into the fourth verse, the hawk awakes from its stillness and takes flight: Or fly up, and revolve it all slowly I kill where I please because it is all mine. There is no sophistry in my body: My manners are tearing off heads - Firstly the writer projects an image of the hawk flying above with a birds-eye view as the world revolves. Interestingly, it is the hawk that is doing the revolving. All of its dominion merely orbit around it. The hawk also owns its territory so it can kill where I please. These first two lines is a link to the last verse which further underlines the hawks supremacy. Similarly, we exploit the Earth because we believe it belongs to us. Although we consider ourselves a civilised race, the writer points out that some of our methods are far from graceful. In fact, he describes our way of living as tearing off heads. For example, we factory-farm animals for profit and we invade other countries to quench our thirst for fuel. As we become the masters of our planet, we grow insensitive to the fact that our greed is causing us to regress back to savages. The poem turns even more chilling as it enters the fifth verse: The allotment of death. For the one path of my flight is direct Through the bones of the living. Here the hawk is a metaphorical grim reaper. Its job is the allotment of death. From this verse we also perceive an image of the hawk swooping down on its prey as it flies through the bones of the living. The writer describes this as the one path of my flight that is direct. He is implying that the only constant element in a hawks life is to kill. Just like the hawk, we can allocate death as well because the earth is our domain. During our lifetimes we sacrifice the lives of many other creatures to fulfil our desires. We kill animals for food and we hunt exotic species for commodities. We are not that different from the hawk, after all. The final verse stresses the permanence of the hawks reign: The sun is behind me. Nothing has changed since I began. My eye has permitted no change. I am going to keep things like this. The phrase the sun is behind me implies that even the sun is a supporter of the hawk. Here the writer conveys yet another image to us. The suns rays are chasing after the hawk as if following a great leader. Nothing can unseat it from power. On the other hand, this verse also criticises the human aversion to change. For example, people still pollute the planet even though they know it can cause climate change and natural disasters. The last three lines highlight this fact. We have not done anything in the past to amend our mistakes Nothing has changed since I began. We are unwilling act now My eye has permitted no change. We will not abandon our methods in the future I am going to keep things like this. This is the heart of Ted Hughes criticism. We humans, as the masters of this world, are continuously destroying our planet because we are reluctant to change our wicked ways. In the end, Hawk Roosting is fundamentally an illustration of a magnificent creature. Nevertheless, Hughes masterfully embedded his critique on humanity into the poem. Just like the hawk, we are predators. However, our prey is nature and its resources. We are no better than cruel savages. Hawk Roosting is Hughes attempt at making us aware of this fact. Ultimately, his wish is that we preserve a better world for future generations.

Biology Field Study Essays

Biology Field Study Essays Biology Field Study Essay Biology Field Study Essay A general description of the area with reasons why the field study is being conducted. Geological overview Bicentennial Park which is located on the shoreline of Home bush Bay is a natural heritage site which features a vital wetland ecosystem and a large area of parkland colonized by a vast range flora and fauna. Within the park there are four communities of vegetation which are: Coastal Saltmarsh – a type of marsh that is intertidal between land and salty water, consisting of a group of salt-tolerant vegetation, grasses and other organisms. Historical Overview Gather information from first hand observations to construct food chains and food webs Explain trophic interactions between organisms in an ecosystem using food chains and food webs Describe the role of decomposers in ecosystems Measure a number of Abiotic factors to compare the mangrove and Saltmarsh environments Use quadrats to estimate the size of a population in an ecosystem Collect, analyse and present data to describe the distribution of species whose abundance has been estimated Consider the accuracy of population estimation strategies Identify factors determining the distribution of species whose abundance has been estimated Examine trends in population estimates for some plant and animal species in each environment Examine trends in population estimates for some plant and animal species within an ecosystem Justify the use of different sampling techniques to make population estimates when total counts cannot be performed Identify some adaptations of living things to factors in their environment Identify and describe in detail adaptation of a plant and an animal from the local ecosystem Analyse trends in a plant population using a transect Identify examples of allelopathy, parasitism, mutualism, and c ommensalism in an ecosystem and the role of organisms in each type of relationship Identify the impact of humans on the ecosystems studied {draw:frame} {draw:frame} {draw:frame} {draw:frame} Organisms specialisations for certain habitats In order for an organism to exist in this ecosystem, it must have certain characteristics which will allow it to tolerate the aforementioned conditions. This is referred to as an adaption. The majority of species have adapted to suit their individual habitats. The concept which is named ‘habitat requirement’ states that these specializations allow the organism to survive in one type of habitat but not necessarily in another. Changes in a habitat can be made by organisms that are free to move about such as animals, but these choices are made based upon the pros and cons of each place and the requirements of the organism. Aim: To determine the distribution of vegetation and changes in mangrove height along a transect. Location: {draw:rect} {draw:frame} {draw:frame} Food web {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} Food pyramid {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} Calculating abundance of organisms Results We can calculate the total number of crab holes in the area by using the formula shown above where; Average number in quadrat = 23. 9 {draw:g} {draw:g} {draw:frame} {draw:frame} *Adaptations of the grey mangrove *and the mangrove snail the grey mangrove (avicennia marina) _ {draw:frame} _The pneumataphors form an Ariel root system and act as a ‘snorkel’ to the mangrove, allowing the plant to ‘breath’ air and obtain the oxygen needed for respiration. They need to absorb air through tiny pores on their surface called lenticels due to the lack of air diffusion between sediment grains within the soil, and the oxygen supply is transferred to all the parts of the plants including the underground roots. draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} {draw:frame} Adaptations of the Mangrove Snail _ {draw:frame} _Small Size: The maximum size that a mangrove snail can reach is approximately 1cm3. This allows the organism to be able to hide from predators more easily in places such as under leaves or branches, and hence making it harder to see. Human impacts *o*n the mangrove Long term effects of Pollution: _ {draw:frame} _ The altered behavior of nocturnal organisms due to light pollution. E. g. Birds who use the moon and stars for navigation will be disrupted and misled if too much light is present. Excessive unnatural light may also affect some predator-prey relationships and the competitive interactions of the animals. {draw:frame} If there is excessive noise pollution, animals within the network which depend on hearing to locate their prey may have extreme difficulties. Because of this, the organism will struggle to locate its food source, or companion, causing a lower chance of survival. Also, excessive and ongoing noise pollution will cause communication issues between a certain species, therefore disrupting their natural breeding patterns. If noise is not maintained, it may cause some offspring to not be produced i. e. ecreasing reproduction rates which may eventually cause the extinction of species within the environment. Questions Was there possible ways human error may have occurred? Discuss. Did you select the most accurate equipment and measurements for the measurements you conducted? Suggest how your methods could be adjusted to increase accuracy. To increase the acc uracy of the quadrat sampling method when measuring the height of the pneumataphors, these steps could have been taken: Double check the measurements recorded incase of human error. Repetition of the method by different people is advised to eliminate previous errors made such as misreading measurements and miscounting the pneumataphors. Random pneumataphors must be chosen in order to decrease the chance of a biased result. Quadrats should be placed at a regular distance such as 5m to increase consistency. In order to increase the accuracy of the results when measuring the Abiotic factors these steps could have been taken: Repeat each method several times and find the average of the total results. This increased the accuracy of the results and eliminates human errors. Ensure that the instructions are precisely followed. Generally, care should be taken when measuring any feature of an ecosystem as any wrong data will lead to a misconception of the lifestyle and actions of certain organisms. By: Julie Assi

Human Relations - Conflict Resolution - Heitler Essay

Human Relations - Conflict Resolution - Heitler - Essay Example This book is primarily for therapists, who deal with different types of conflicts in human relations. The main idea of this book focuses on comprehensive and integrative perspective about human psychology. Heitler points out that emotional stress leads to conflict. So, the best possible way to resolve conflict is to identify the reason behind emotional stress and to take remedial measures to avoid it in future. The idea to analyze conflict between couples and strategies to assist them aims to resolve conflicts in family settings. Author makes an intangible distinction between concerns and solutions on conflict resolution. It deals with diverse theories on personality, psychotherapy, relationships and provides clear cut guidelines to tackle problems faced in therapeutic practice. It is important to note that this work deals with the integration of system perspectives, cognitive and behavioral methodologies and traditional views of personality and therapy. The author pays particular at tention to problem solving methods and strategies, which are really valuable in family settings and therapeutically effective. Another important topic is the five basic conflict strategies: fight, submit, freeze, flee, and problem solving which evaluates canine behavior, its human equivalent and its emotional results. It pays particular attention to conflict resolution and is really valuable for a therapist to diagnose the problem and to an individual to realize his/her self. The author observes the importance of conflict resolution between couples. It insists couples to focus on the reason behind conflict. For instance, if one focuses on conflict resolution, the reason behind it may be ignored. Most of the therapists and theorists concentrate on conflict resolution, not on its cause. Author points out this fault and concentrates on the emotional stress behind each conflict. The most useful strategy discussed is the

Biodiversity Essay Example | Topics and Well Written Essays - 750 words

Biodiversity - Essay Example The biological wealth has been threatened by the need for development leading to the interference with the ecosystem. The process of conservation takes the form of in situ and ex situ. The ex situ approach is the one in which the threatened species are conserved by being removed from their natural habitat. In situ approach entails saving the entire ecosystem to ensure all levels of biodiversity are protected (Andre?e 29). Special settings are established where special care is given. Biodiversity goes beyond political boundaries (Pearson 17). Therefore, nations are expected to cooperate in the biodiversity conservation. The operationalization of biodiversity by definition refers to the need to have the diversity of biodiversities (Pearson 17). Biodiversity is a humongous concept whose success is dependent on a pluralistic approach. Governments are turning to the use of technology to enhance agricultural productivity. Food production demands a conclusive commitment to biodiversity thro ugh addressing climatic change, genetically modified interventions and their impact and the role of bio-fuel in dealing with sustainability. Effective governance and research is expected to ensure soil and competencies of a farmer are properly utilized in the process. Biodiversity is vital for human survival and offers both direct and indirect benefits (Alkemade, Shrestha, and Trisurat 13). ... The diversity of biodiversities can be illustrated through the multiple endangered species in the aquatic habitat, land and even air. This demands cooperation among multiple stakeholders in conserving biodiversity and ensuring that effectiveness (Alkemade, Shrestha, and Trisurat 13). Conserving biodiversity calls for international commitment in terms of taxation, controlling poaching and sale of illegal animal products (Pearson 17). This can only happen through protection of some areas, regular environmental assessments and stakeholder participation. Biodiversity is related to global food production. The concept of food production is related to the weather patterns, global warming and its effect on ecosystem and biodiversity. Some of the inherent difficulties of dealing with biodiversity include the role played by international stakeholders in enhancing developmental prosperity. Biodiversity is eliminated when food production is low. Some of the solutions involve dealing with climati c changes which are affecting food production (Pearson 17). In order to ensure is adequate food production, there is an urgent need to have increased stewardship on the current natural resources. In includes protecting wetlands and cropping intensity (Alkemade, Shrestha, and Trisurat 13). The potential for food production is expected to growing in the developing countries that invest in political stability and economic growth. This includes agricultural research that shall lead to a better understanding of biodiversity ad productivity. Intense agricultural research is being cited as a major cause for consideration of genetically engineered organisms (Pearson 17). This can be referred to the artificial transfer of genetic material

Finicail management Essay Example | Topics and Well Written Essays - 750 words

Finicail management - Essay Example The proposed orthopedic unit will offer integrated and comprehensive services covering the entire gamut of orthopedic and spine injury treatment, and total joint replacement programs. The elements will include pre-surgical education, diagnosis, elective surgical and non-surgical treatment, post surgical care and rehabilitation, and assistance in ongoing management of the condition. This unit is being mooted as a unique center that will provide comprehensive treatment and services through the joint efforts of a team of competent medical and paramedical staff, in a manner that no other hospital in the area provides. The center will be recognized as one that provides a continuum of these services with a focus on safety, comfort, and predictable outcomes. Orthopedic and spine disease and injury treatments involve a number of initiatives that include pre-operative education, diagnosis, surgical and non-surgical treatment, post operative rehabilitation, and ongoing management of illnesses and injuries. Englewood Hospital and Medical Center has most of these elements, which at present are not integrated. Integrating these services and offering a comprehensive program will help patients receive comfortable, safe and complete care and treatment. Such integration will also help EHMC to offer total joint replacement programs. The proposed center – the joint center of excellence – will integrate therapies and introduce a new marketable program in the community that would provide unique advantages to those requiring orthopedic and spine disease treatments and joint replacement. With proper promotion, such a program is expected to generate substantial interest, and result in increase in volume of in-patient cases. The advantage to the patients will be the availability of a state-of-the-art center that will meet all their needs related to orthopedic treatment, and ensure maximum comfort and

Online Course Registration And Management System

Online Course Registration And Management System Currently the Microsoft IT Academy in Multimedia University Melaka using the website that hosted in MMU server to provide information regarding the course offered as well as the registration method to enroll on the specific course. As the course registration is still done manually, below is the summary of the problem on the manual method: User : It consumes time as user is not enabling to book the seat if they have not submitted the form manually together with official receipt to the instructor. The user can pay the registration trough many ways, such as Online Banking, but they still have to submit the official receipt taken from Multimedia University finance division. Administrator/Instructor : Administrators have to wait until the number of registrant fulfills the minimum requirement of the course to open class. All registration related must be done manually, as no online system available yet. Financial report must be also done manually in order to keep track of the financial progress of the courses. Project Objective The project objective will be focused on developing an online course registration to ensure the effectiveness of the flow of registration. Moreover the system will offer a complete management system that integrated with the online course registration to help the stakeholder for maintaining the flow process of the course. The registration process can be done online without the need of paperwork anymore. It is also help the student to get more information about the course process while they enrolled. The administrator will get easier way to determine the seat of the courses, keep track of the registration module, and generate report for the year to help them determine the development of the courses. The cores of objectives of the project are followings: To study existing course registration system in Microsoft IT academy of Multimedia University. Analyzing current course registration system, by interviewing the stakeholder of the system. To propose an online course registration and management system. To identify the user requirement for online course registration and management system. To develop an online course registration and management system. To evaluate the online course registration system that been develop. Project Scope The studies will develop an Online Course Registration, specifically for the Microsoft IT Academy in Multimedia University. With this system, it will affect the stakeholder of the Microsoft IT Academy Multimedia University Melaka Campus such as: Administrator /Instructor The Administrator for the system will be divided to several privileges on how they can use the system. Administrator for example, have all the privileges such as adding instructor, adding courses, update information, adding downloadable material, registration module, etc., but Instructor only have several privileges on what they can do and not do in the Online course registration and management system. Student/User Student will get a more accessible way in order to register and booked the seat for the courses. They also can get updates from administrator keep track on the progress of the course. Significance of Project This final year project for intelligence online course registration will not only provide basic feature to the user as well as administrator, but will be also completed with these features: Online Chat Helpdesk Support System The Helpdesk Support System will allow the user to interact with the administrator in case if they have certain question to be asked regarding the course or the registration flow. Security Security of the website is one of the main concerns to be improved as the registration is moving from traditional to online based. The reason is because user will send their confidential data to the system. Some user might use the same login ID or password, and without proper security, the data might be accessed by third party, or the user session is hijacked while sending the data. The security improvement will also provide log to the administrator in case there are some abnormality in the system after some user log in. As the security improved, we are giving the user a better understanding why they should trust our system. Limitation of Project In this project there are 2 objectives to achieve which are developing online course registration and management system for the Microsoft IT Academy Multimedia University Melaka. This project will focused on how to make the registration flow as simple as possible and also automated in the flow process. However there are limitations which is not be covered in this project. Even though the registration for the user will be done online, some flow of the process will be still done manually, such as submitting the official receipt of MMU to instructor. This is because of Multimedia University policy that not allows administrator to access the student financial report. Yet the system itself will allow user to upload the proof of payment trough online registration. Structure of Report This report consists of 5 main chapters. The first chapter, Chapter 1 which is Introduction presents overview of the project, the problem statement of the study state the problem occur on the current system, the project scope, objectives of the study that explain about the project main goals that need to be achieved, and structure of the report as well as the limitations of the project. Chapter 2 which is Literature Review state explains about materials used to study for the proposed system later, literature review also briefly explain some previously system that use same the technology in registration system. Chapter 3 is Methodology; and this chapter explains about the methods and tools that will be used to develop the system. It also gives some explanations why the methods and tools are chosen in the project. Chapter 4 which is the Proposed Solution and Implementation Plan or Design, this chapter presents the plans on how the system developed as well as the design of the system. This chapter mainly consists of diagrams to describe the design of the proposed system and some little explanation about the proposed system. Chapter 5 is conclusion; this chapter will summarize the conclusion of the objective stated. Chapter Summary In this Final year project the main objective is to propose and develop an online registration and management system that will facilitate the user as well as the administrator in order to keep the flow of registration more compact and efficient. This chapter explains the scope of the project which will affect the Microsoft IT Academy in Multimedia University Melaka stakeholder. Moreover in this chapter also describes about the problem that the current system where most of the flows still done manually. Chapter 2 Literature Review Online course registration and management system has become a necessity in order to create simple and accessible way to support today system. The internet has dramatically changed the role of Internet today (Cassidy 2002:1). Internet is the tool or vehicle for many applications, as well as to maintain registration for government, companies, and many events. This is happen as result of the simplicity of internet access in many part of the world. 2.1. Online Course Registration Johnson and Manning (2010) stated that the two biggest differences between registering online and mailing in your paperwork are time and technology. It can take time when users have to fill in the form, and then submit it in some other places. Instead of taking time, technology has helped us to make the registration procedure into the next level. You can find more information about the courses you want to take and in the same time fill up the form, pay the fees, etc. The staff that receives registration information most probably will process the information in same system, so by using online course registration and management system, we can save time. 2.1.1. Online Course Registration and Management System An Online course registration and Management System is systems that maintained the registration flow for the user and provide extensive capability for the administrator to maintain the content, report, and ability to add, update, or delete the content of a system. Currently there are many applications that have the ability to manage registration online. Some of them are very simple, and more complicated that use current technology. Almost all web based programming language support the capability to make online registration, such as PHP or .NET provide many option to build intelligence course registration and management system. A good system must be able to provide sufficient information and services needed by user as well as delivering extensive report to the administrator (Anggarwal.2003:233). 2.1.2. Existing Online Course Registration and Management System Most of the Online Course Registration and Management System are mostly used in educational institution and professional courses. This is to avoid time consuming of managing numerous users and prevent error from manual method. Based on that, people tend to use Online Course Registration and Management System. There is some Online Course Registration and management System that researched and improves, such as: Wylie Course Registration The C-Registration System will replace the existing mainframe course registration system at Wylie College. The new system will interface with the existing Billing System and Course Catalog Database System as shown in the context diagram below (see Figure 2.1). The C-Registration System will consist of a client component and server component as illustrated in Figure 2.2. The server component resides on the Wylie College UNIX Server. The server component must interface with the Billing and Course Catalog Database Systems on the College DEC VAX Main Frame. This interface is supported by an existing Open SQL Interface. The client component resides on a personal computer. The College PCs will be setup with the client component installed. Any non-college PCs must download the client software from the UNIX Server via the Internet. Once the client component is installed on the PC, the user may access the C-Registration System from the PC through the College LAN or Internet. A valid ID number and password must be entered in order for access to be granted. Figure 2.1 C-registration System Context Diagram Figure 2.2 C-Registration system overview The C-Registration system has many capabilities which will be explained the following table: Table 2.1 C-Registration capabilities Costumer benefit Supporting features Up-to-date course information The system accesses the Course Catalog Database for up-to-date information on all courses offered at Wylie College. For each course, the Students and Professors may review the course description, Prerequisites, assigned teachers, class locations, and class times. Up-to-date registration information All course registrations are immediately logged in the Registration Database to provide up-to-date information on full or cancelled courses. Easy and timely access to course grades Students can view their grades in any course simply by providing their user ID and password. Students may access the registration system from any College PC or from their home PC via the internet. Professors enter all student marks directly into the Registration Database from their PCs. Access from any College PC Students may access the registration system from any College PC or from their home PC via the internet. Installation of the client component of the C- Registration System on a PC is an easy to follow process using the internet Easy and convenient access from your PC at home Students may access the registration system from any College PC or from their home PC via the internet. Secure and confidential A valid user ID and password is required to gain access to the C-Registration System. Student report card information is protected from unauthorized access. Instant feedback on full or cancelled courses All course registrations are immediately logged in the Registration Database to provide up-to-date information on full or cancelled courses. Online Course Registration System for the Faculty of Engineering in University of Peradeniya In the system developed by the University of Peradeniva, there are some necessity in online registration course that should be included in the system, such as: Authentications and Authorizations of users; Administrators should be able to decide time period for the registration (before the start of the semester) and time period for the add/drop period (at the beginning of the semester); Administrators should be able to enter required data into the system such as courses, students, advisers and examination results; Advisers are allowed to view filled registration form of each student and accept/ reject the registration; Students should be able to view current courses and previous results, to register or add/drop new semester courses; Users should be able to change their passwords and personal information; and In the absence of a relevant adviser, the head of the department should be able to accept the online registration forms. All users have their own usernames and passwords to access the system and they have the ability to change their passwords. They will be given separate entry levels to access the system. Figure 2.2 depicts the use-case diagram of the system. Administrators are the staff officer at the Office who is responsible for course registration. They have the authority on deciding time durations, entering required details and finalizing registrations. Figure 2.3 use case of the online Registration in University peradeniya Advisors are all the department heads and lecturers who are assigned as advisers for students. They are capable of viewing courses, student details and results and accepting or rejecting registration forms. Student category contains everyone who has registered for a degree programme in the faculty. They are allowed to view available courses, their details and results, and to complete their registration forms and add/drop forms. The system that being used will be detailed explained in the table below: Table 2.2 system used in Online Course Registration of university peradinya Technology Usage Dream Weaver GUI Design CSS Additional Features in GUI Design ASP.net Programming Design Ajax Client Script Development SQL Server 2000 Database Design IIS Web Server to host the system Crystal Report 9.0 Generate reports. As the system works, it has not only reduced the burden of all parties involved in the course registration process, but also improved the process by reducing errors. Secure Online Application The real test of a secure Web Application occurs when it comes time for users to log in and access your site (Burnett,Mark.2004). Login screen is look simple. User just provide the username and password, the system will authenticate it to access the system. Authentication establishes a users identity. Once this identity is proved valid, the user is authorized (or nor authorized) to access various features of the Web application. 2.2.1 User authentication Threats The primary threats with user authentication are: Account hijacking This involves taking over the account of a legitimate user, sometimes denying the rightful user access to his or her account. Man-in-the-middle Intercepting Web traffic in such a way that the attacker is able to read and modify data in transit between two systems. Phishing A type of man-in-the-middle attack in which the attacker lures a legitimate user to enter a password through a fake e-mail or Web form designed to look like that of a legitimate Web site. Unauthorized access Gaining access to restricted content or data without the consent of the content owner. Information leakage Revealing or failing to protect information that an attacker can use to compromise a system. Privilege escalation Allowing an attacker to gain the access privileges of a higher-level account. Sniffing Using a network-monitoring utility to intercept passwords or other sensitive information that traverses a network. Because the login form plays such an important role in authenticating users, it is important to protect the form itself from flaws. A poorly written login form is vulnerable to password sniffing, information leakage, and phishing. Furthermore, the form itself may be vulnerable to flaws such as SQL injection and cross-site scripting. 2.2.2. Secure Authentication In ASP.NET the IIS provides four standard methods for authentication: Basic authentication Digest authentication Integrated Windows authentication Client certificate mapping Basic Authentication Basic authentication works by prompting a Web site visitor for a username and password. This method is widely used because most browsers and Web servers support it. The benefits are: It works through proxy servers. It is compatible with nearly every Internet browser. It allows users to access resources that are not located on the IIS server. Basic authentication also has some drawbacks: Information is sent over the network as cleartext. The information is encoded with base64 encoding, but it is sent in an unencrypted format. Any password sent using basic authentication can easily be decoded. By default, users must have the Log On Locally right to use basic authentication. Basic authentication is vulnerable to replay attacks. Because basic authentication does not encrypt user credentials, it is important that traffic always be sent over an encrypted SSL session. A user authenticating with basic authentication must provide a valid username and password. The user account can be a local account or a domain account. By default, the IIS server will look locally or in Active Directory for the user account. If the user account is in a domain other than the local domain, the user must specify the domain name during logon. The syntax for this process is domain nameusername, where domain name is the name of the users domain. Basic authentication can also be configured to use user principal names (UPNs) when you use accounts stored in Active Directory. To prevent exposing user credentials to others on the network, it is essential that you always use SSL with basic authentication. Note that basic authentication causes the browser to send user credentials to every page on the same site or within the same realm, not just the login page. If you dont use SSL on every page, user credentials will be visible on the network. One way to prevent these credentials from being sent on unprotected content is to use a unique realm for protected and unprotected content. Digest Authentication Digest authentication has many similarities to basic authentication, but it overcomes some of the problems. Digest authentication does not send usernames or passwords over the network. It is more secure than basic authentication, but it requires more planning to make it work. Some of the similarities with basic authentication are: Users must have the Log On Locally right. Both methods work through firewalls. Like all authentication methods, digest authentication does have some drawbacks: Users can only access resources on the IIS server. Their credentials cant be passed to another computer. The IIS server must be a member of a domain. All user accounts must store passwords using reversible encryption. The method works only with Internet Explorer 5.0 or higher. Digest authentication is vulnerable to replay attacks, to a limited extent. Digest authentication is secure due to the way it passes authentication information over the network. Usernames and passwords are never sent. Instead, IIS uses a message digest (or hash) to verify the users credentials. In order for digest authentication to work, all user accounts must be stored using reversible encryption in Active Directory, which may be a potential risk. After this setting is enabled for a user account, the users password must be changed to create the plaintext copy. Digest authentication does provide more security, but for most Web sites, the limitations of this method outweigh the benefits. One interesting peculiarity with IIS is that when you send authentication headers to a client, it will send the basic authentication header before the digest one. Many Internet browsers use the first header they encounter and therefore opt for the weaker basic authentication. Integrated Windows Authentication Integrated Windows authentication is also a secure solution because usernames and passwords arent transmitted across the network. This method is convenient because, if a user is already logged on to the domain and if the user has the correct permissions for the site, the user isnt prompted for his or her username and password. Instead, IIS attempts to use the users cached credentials for authentication. The cached credentials are hashed and sent to the IIS server for authentication. If the cached credentials do not have the correct permissions, the user is prompted to enter a different username and password. Depending on the client and server configuration, integrated Windows authentication uses either the Windows NT LAN Manager (NTLM) or Kerberos for authentication. You cannot directly choose which one is used; IIS will automatically choose a method based on the server and client configuration. The Web browser and the IIS server negotiate which one to use through the negotiate authentication header. Both Kerberos and NTLM have their own advantages and disadvantages. Kerberos is faster and more secure than NTLM. Unlike NTLM, which authenticates only the client, Kerberos authenticates both the client and the server. This helps prevent spoofing. Kerberos also allows users to access remote network resources not located on the IIS server. NTLM restricts users to the information located on the IIS server only. Kerberos is the preferred authentication method for an intranet Web server. However, the following requirements must be met for Kerberos to be used instead of NTLM: Both the client and server must be running Windows 2000 or later. The client must be using Internet Explorer 5 or later. The client and server must be in either the same domain as the IIS server or in a trusted domain. Integrated Windows authentication has a few limitations: It works only with Internet Explorer 3.01 or later. It does not work through a firewall. The client will use the firewalls IP address in the Integrated Windows hash, which will cause the authentication request to fail. Client Certificate Mapping Client certificate mapping is the process of mapping a certificate to a user account. Certificates can be mapped by Active Directory or by IIS. Both of these methods require Secure Sockets Layer (SSL). There are three types of certificate mappings: One-to-one mapping Many-to-one mapping UPN mapping Certificate mapping is the process of linking a certificate to a specific user account. Normally, if we wanted to give a user authenticated access to the intranet; we would either create a user account or allow the user to log in using his domain account. Creating duplicate accounts is time-consuming, yet if users use their domain accounts, there is the concern that their domain passwords could become compromised. To provide better security and reduce the administrative workload, we could choose to issue each user a certificate. Certificates can be used to verify a users integrity. It is actually more efficient to use a certificate than a user account because certificates can be examined without having to connect to a database. It is generally safer to distribute certificates than user accounts. Furthermore, it is much easier to guess or crack someones password than it is to forge a certificate. Chapter Summary This chapter discusses the material research as well as basic understanding of the online course registration and management system. The material provided is to help and understand the project, and how the system can improves the registration and management system. Chapter 3 Methodology 3.1. System Methodology It is important to understand that an information system has a life cycle, just as living system or a new product has. System analysis and design constitute the key stage of system development life cycle (ISRD Group, 2007). System Development Life Cycle has several phases which are planning, analysis, design, implementation, and maintenance. Figure 3.1 System Development Life Cycle 3.1.1. Planning Planning is the first phase in the System Development Life Cycle, in this phase the necessity of the system has to be identified (Hoffer, et al., 2005). The objective, scope and the main reason to develop the system has been explained in previous chapter. 3.1.2. Analysis The second phase is the analysis phase, which during this phase an analysis on the system requirement is being held (Hoffer, et al., 2005). The output of this phase is a description of the recommended solution by determining the problems and requirements. In this phase information regarding of the project is gathered, the information gathered then can be studied to help the understanding about the project. In this project analysis phase determine what method used to build the system later on. In this phase, we interview the stakeholder of Microsoft IT Academy Multimedia University (see appendix for detail) In analysis phase, we determine: Detailed evaluation of current system Data Collection User Requirement 3.1.2.1 Current System Evaluation Figure 3.2 System flow of the system Figure 3.2 show the current system flow of the MSITA. The flow show that some part still done manually, such as filling form and registration (student have to download form from website, pay the course fees to MMU finance, and submit the official receipt to the instructor). The website that being used now is using ASP.NET as programming language, but there is no online registration capabilities. The website is used for content management system only. All the registrant will be input manually by the instructor. 3.1.2.2. Data Collection To ensure that we understand the flow of the current system, we need to identify the stakeholder of the system, such as: Table 3.1 Stakeholder No Stakeholder Name Stakeholder type Roles 1 Instructor Instructor of Courses Provide Course material, provide place/lab for the course exercises , manage registration for user 2 MMU Finance division Registration Payment Submission Receive Payment from Costumer, Issue Official Receipt for registration 3 Student User/Costumer Register for the course, submit receipt for registration, participate in course as scheduled, take certification exam From the stakeholder above, we already identify that the most influence entity are the User and Instructor of the course. We will then identify the problem on the current website. Function of Microsoft IT Academy Website As main website for student for : Check latest/available course offered by MSITA team. Check schedule for the course Check registration procedure (Download Registration Form) Download notes/material for the course (only for registered user) Technical Detail of Microsoft IT Academy Website Technology Used : ASP.NET Other Items considered Course material is given trough the class Registration of the course still done manually (student have to download form from website, pay the course fees to MMU finance, and submit the official receipt to the instructor). The reason why the registration still done manually : Sometimes there are changes in registration procedure (e.g. minimum requirement for the number of the student to open the courses, some courses is added/removed). Need the proof of payment to confirm student registration. Figure 3.3 MSITA website details 3.1.2.3 User Requirement As the main concern of the development in MSITA website, we need to make the registration process and also maintenance of the website online; these are the requirement of the proposed solution: Table 3.2 User requirement User Side Administrator Side User can register in the MSITA website as website member as option before they register to the course Administrator panel Student registered as website member need to fill course to take in future/next trimester in order to keep track the estimated number of course offered. Add/Remove course Student can fill the registration form trough MSITA website. Automatic Email to all student registered Student can upload scanned proof of payment trough registration form Registration module for administrator Student can fill option to take exam after course registration in order to get exam voucher Financial Report of the year 3.1.3 Design Design Phase required us to determine the logical and physical design of the system. We need to determine the system features and all other necessary requirement for the system. Later on in the next phase of the project we will transform the logical design into fully working system. 3.1.4 Implementation The fourth phase is implementation. In this phase the physical design of the system will be programmed into a working system (Hoffer, et al., 2005). In implementation coding, testing, and installation will be included. In coding, the system will be programmed to a working system. After it programmed the system will be tested to find errors and bugs in the system. Lastly, during installation the system will be installed and ready to use. In the phase 1 of the project implementation of the system is not going to be built. The implementation phase will be held during the second phase of the p