On the 26th July 2019, National Australia Bank (NAB) which is the 4th largest bank in Australia, contacted approximately 13,000 customers to advise that some personal information provided when their account was set up was uploaded, without authorisation, to the servers of two data service companies. NAB’s security teams have contacted the companies, who advise that all information provided to them is deleted within two hours. NAB Chief Data Officer, Glenda Crisp, said the compromised data included customer name, date of birth, contact details and in some cases, a government-issued identification number, such as a driver’s licence number. “We take the privacy and the protection of customer information extremely seriously and I sincerely apologise to affected customers. We take full responsibility,” she said. “The issue was human error and in breach of NAB’s data security policies.” Ms Crisp said it was not a cyber-security issue. No NAB log-in details or passwords have been compromised – and NAB’s systems remain secure. “Our number one priority is to support our customers. We are moving quickly to proactively contact every person affected.” NAB called, emailed or written to each impacted customer individually. A dedicated, specialist support team was in place, available to them 24/7. If government identification documents need to be reissued, NAB would cover the cost. NAB would also cover the cost of independent, enhanced fraud detection identification services for affected customers. Importantly there is no evidence to indicate that any of the information has been copied or further disclosed. NAB is advising impacted customers that they do not need to take any action with their account. “We have reviewed these customers’ accounts, over and above our rigorous normal checks, and have not identified any unusual activity. We will continue to monitor 24/7 to protect our customers’ accounts,” Ms Crisp said. NAB also notified and was working with industry regulators, including the Office of the Australian Information Commissioner. Ms Crisp said: “We take full responsibility. We can assure you that we understand how this happened and we are making changes to ensure this does not happen again.” On further development, NAB CEO admitted that it is difficult to invest huge amount of money in information security compared to the industry leaders like Microsoft, Google, Amazon. His opinion was to leverage on the infrastructure created by these companies i.e. through cloud computing. Based on the above case study, you have to prepare a report to answer the followings: – Objectify your audit focus and scope – Which business departments, functionalities of NAB, are you planning to audit? And how can you detect regularities, abnormalities in them? – What suggestions, recommendations do you want to provide to NAB based on your findings? – As an IT auditor, what rules and regulations are you planning to adhere to?

Found something interesting ?

• On-time delivery guarantee
• PhD-level professional writers
• Free Plagiarism Report

• 100% money-back guarantee
• Absolute Privacy & Confidentiality
• High Quality custom-written papers

Grab your Discount!

25% Coupon Code: SAVE25
get 25% !!