Modern scientific issue Essay Example | Topics and Well Written Essays - 500 words

Modern scientific issue - Essay Example What fascinates me most is where to draw the line between good technology that helps people and bad technology that harms people. One example of situations where cloning can help is when scientists take cells from an organ in the lab and grow tissue to help someone recover from damage to one of their organs. If tissue from their own body can be cloned, and then replaced in the body, then there is less likelihood of rejection. Genes can be cloned too, so that patients who are lacking particular genes or segments of genetic code could in some cases be helped with cloned genes. I do not see any moral problem with this kind of medical cloning. An example of where cloning could be a bad technology is where human embryo cells are used for experiments and then just simply destroyed. This does not show much respect for human life, and many people believe very strongly that experimentation on human embryos, even when they are only a few cells in size, is fundamentally wrong. Some scientists are happy to work with embryos created purely with the intention of providing cells to help another person, but other scientists think this is taking science a step too far, and acting like God, and they refuse to get involved in this type of work. There is also the fact that when scientists work on clones, there is a huge failure rate and many of the eggs are destined to die just as a normal part of the process, and this helps nobody. There is also a larger than usual amount of problems in later life with cloned organisms, and no one really knows how safe or unsafe it would be to have artificially cloned human beings. Identical twins are natural clones, which means they have exactly the same genes and chromosomes, and they appear to be quite normal but so far there has never been an artificially cloned human being, as far as anyone can tell. I believe that one day someone somewhere will do this, partly to prove it can be done, and partly to see what the resulting

Commercial Property Insurance Essay Example for Free

Commercial Property Insurance Essay When starting up a new business, one of the most important factors for a business owner to decide on is the location of that business. With a white-water rafting business there are several important factors that a company must look at before they can proceed. First item is the legal aspects of acquiring, holding, and disposing of both real and personal properties. This aspect is more important because it is the first steps that the client needs to make to get their business up and running. The next item is to analyze the business for insurance purposes. White water rafting can be a dangerous sport, and therefore it is essential that the business is protected from injury lawsuits. The final item that any business needs to be aware of is the environmental issues and other regulations that come with the location. In order to determine the best location for the client’s white water rafting business should be located, we will look at three locations in Florida, Ohio, and Texas to compare which location will be the best fit for this business. Evaluate the Legal Aspects of Acquiring, Holding, and Disposing of Real Property In the U.S. the River-Rafting business is considered to be real property, this due to riverbeds and banks being owned by the state. If a river is physically navigable, then is considered to be pubic property. According to Cheeseman (2007), â€Å"Real property is immovable or attached to immovable land or buildings, whereas personal property is movable† (p. 755). Real property has a major role in the United States economy of property and ownership rights. Real property deals with the legal rights of property rather than physical attributes of tangible land. When acquiring real property it is important to understand the concepts the property and how to transfer rights of the property so that the execution of the property can take place. There are normally two classifications of property, personal and real. Most commonly real property takes the place of land. Landowners purchase surface rights to the land which gives them the  right to occupy the land. This allows the owner the right to enjoy, develop, and use the property as needed, however can be subject to applicable government regulations. In the State of Florida the legal aspects surrounding the acquirement, holding, and disposal of real property are that the buyer must record all deeds with the public records office of the specific county courthouse. This recording suggests that the property has been sold and any subsequent purchases should be careful. The title of the property holds the rights and ownership to the said property and is considered documentary ownership. The company is also given a warranty deed which provides protection to the purchaser. This is proof that the purchaser is the legal owner of the purchased property with no outstanding mortgages, liens, or other holds against the property. The State of Ohio works in a similar way to Florida by requiring a deed, mortgage, lease, or another similar document that spells out who the ownership is being transferred too and contains a detailed description of what the property is that is signed by the grantor and then notarized. The buyer is then also given a warranty deed that verifies and protects the property. Texas also requires a deed, mortgage, lease, or other form of verification of property ownership once it is purchased. Land is also considered real property so if our client wants to purchase the land to put his mobile home on, the purchase will most likely be funded by a community bank or rural land lenders that are familiar with the lending of land. If after time our client would rather construct their building for business, they can write off the interest on the construction of the property if it will also be his residence (East Texas Land, 2014). In the state of Texas, if an entity wants to sell their real property, they need to get a letter by the potential buyer of the property making an offer for either the purchase or lease of the property. The current owner of the property has to disclose all current and existing appraisal reports to ensure that the owner’s opinion of the value of the property is backed up. Taxes will also have to be paid to the state of Texas for any real property that is purchased in the state. Evaluate the Legal Aspects of Acquiring, Holding, and Disposing of Personal Property The U.S. economic system is formed by the private ownership of personal property. According to Cheesman (2007), â€Å"Personal property is tangible  property such as automobiles, furniture, and equipment, and intangible property such as securities, patents, and copyrights† (p. 739). Personal property consists of a person’s rights related to possession and ownership of property, including land, structures, or buildings on land and the materials beneath land. In the state of Florida all tangible personal property is taxed at the local level and varies from county. As of 2007, Florida no longer taxes on intangible personal property. Fee Simple Deeds are the most commonly used form of ownership for property in Florida. Fee Simple Deeds gives the owner the rights to sell, posses, and use as security, improve land/buildings, and pass on to beneficiaries. For Ohio, personal property rights vary by the type of personal property. When buying personal property make sure to check into specific laws for different items, but know that most have some type of transferable clause in them if anything would happen to the owner. The state of Texas has the authority to tax any and all tangible personal property purchased in the state. Intangible personal property is only taxed if the property is owned by a resident of the state, or if the personal property is located in the state and is used for business purposes (Tax Code). For our client, he will be taxed for all equipment purchased and used for his river-rafting business. The current tax rate will be used at the time of purchase. Analyze the Business of Insurance for Various Risks There are a several forms of insurance that will need to be acquired to minimize the risk of performing a River-Rafting business. Injuries are the main risks a River-Rafting company face. They need to be concerned with injuries that could potentially happen to both the clients and employees. Other risks would be the damage that could occur to the rafts and other equipment used for rafting as well as the flooding of the mobile home office. In addition to the insurance need for performing the business, there are also several types of insurance that minimize monetary loss and professional  liability. The professional liability insurances include workman’s compensation insurance, property insurance, and business interruption insurance. The property insurance will provide compensation to the company in the event that a flood occurs and business interruption insurance covers lost revenue that occurs due to a disaster. The two forms of liability insurance that would need to be acquired are on-water and floater liability. These policies provide compensation to the clients in the event an injury occurs while rafting. The insurance also covers any physical damages that may have occurred to the raft or other equipment. Florida’s insurance premiums are fairly low due to their enhanced tort reforms. Florida has fairly low caps on punitive and non-economic damages, which lower the total damages provided by the insurer to the plaintiff in the event of a claim. This in turn increases the insurer’s profitability and lowers premiums. The state of Texas would also require the same type of insurance as the other states. Along with employee and customer protection, a business would also need to protect their property from damage. There are three different types of commercial property policies in Texas that our client can choose from which are basic form policies, broad form policies, and special form polices. These policies will provide either replacement cost coverage, actual cash value coverage, or a combination of both. Depending on where the client chooses to open their business and operate, an insurance company in Texas may exclude windstorm and hail coverage so our client may have to purchase additional policies if they want to be covered (Commercial Property Insurance, 2014). Identify Environmental Issues and Regulations Related to the Site The land that we are suggesting to purchase is a piece of land in Volusia County Florida close to Gemini Springs County Park. This piece of land is used by rafters often and would be a great location to start up a rafting business. If you choose to purchase this piece of land, your company needs  to cautious about any environmental hazards you could be held liable for. We suggest that an evaluation of the land be done to ensure these hazards do not exist. Your company also needs to keep in mind that the land must be purchased in the parts of the county that rafting is allowed by the local government. Keep in mind that any hazardous emissions, contaminations, or underground oil leaks could fall under the liability of the company as the new land owner. Any changes to the land purchased need to be permitted by local, state, and federal regulations. The location in Ohio that we suggest is a spot down the Great Miami River. This location is located near the Cincinnati area that is currently home to several white water rafting sites. This particular location is less crowded and therefore less prone to direct competition from other rafting locations (Whitewater). Since there hasn’t been a lot of rain in Texas in the last few years, most of the Texas rivers and lakes are very low. The place that we would recommend for our clients business is along the Guadalupe River. Customers can experience a nice scenic view with a variety of trees, cliffs crowned with mesquite, and rocky bluffs and rolling hills. Our client needs to make sure that they do not disrupt natures order and comply with all environmental laws. Our client needs to make sure that the water level of the river is adequate for rafting and that depending on the water level of cfs, different rules may apply. Best decision for our client Most of the property laws are the same among Florida, Ohio, and Texas so when deciding where to start a new river-rafting business for our client, we believe that Texas would be their best option. Texas has many rivers that our client can choose from and may be able to choose a place where windstorm damage is covered under their insurance policy. Some parts of the state do have low water levels but with the great size of Texas, there are still plenty of options to choose from. References Commercial Property Insurance. (2014). Retrieved from http://www.tdi.texas.gov/pubs/consumer/cb021.html East Texas Land. (2014). Retrieved from http://www.easttexasland.com/faq/ Part VIII: Property Law. (n.d.): n. pag. Ohio State Bar Association. Web. . Tax Code. Retrieved from http://www.statutes.legis.state.tx.us/Docs/TX/htm/TX.11.htm Whitewater Paddling Rivers in Ohio. Ohio White Water Rivers and Paddling Spots. N.p., n.d. Web. . State of Florida.com. (2014). Retrieved from http://www.stateofflorida.com/Portal/DesktopDefault.aspx?tabid=29 Cheesman, H. R. (2007). Business Law: Legal Environment, Online Commerce, Business Ethics, and International Issues, 6e. Prentice Hall, Inc. A Pearson Education Company.

Native American Voices Know the Definition of Native American Essay ex

Many school children celebrate a clichà © Thanksgiving tradition in class where they play Indians and Pilgrims, and some children engage in the play of Cowboys vs. Indians. It is known that some died when colonization occurred, that some fought the United States government, and that they can be boiled down to just another school mascot. This is what many people understand of the original inhabitants of America. Historical knowledge of these people has been shallow and stereotyped. The past 150 years has given birth to a literate people now able to record their past, present, and future. Native American literature, as it evolves, defines the Native American culture and its status in the world, as an evolving people, more so than any historical account can. Before colonization, the Native Americans used oral traditions to teach, remember, entertain, and pray. Much of this knowledge was lost because of various reasons. After translation became an option some of these were written down. This is the beginning of Native American literature, the becoming of sound into word. A major pattern of distrust for the white man’s words are evident in this beginning of their literature. Cochise, an Apache leader, made a speech in 1872, loosely entitled [I am Alone] that addressed Americans. This was translated by a white man. It is not known how accurate it is, however, it conveys a strong message. Cochise is a proud man, who is always truthful. â€Å"I hereby pledge my word, a word that has never been broken† (1463). He has his doubts about the truthfulness of the Whites whom he watched come in small numbers and had welcomed in friendship. Cochise was confused to their behavior, â€Å"At last your soldiers did me a very great wrong†(1463). When they ... ...can literature you find the accounts of things such as the slaughtering of buffalo and leaving them to rot on the ground, and the United States government forbidding Indians to practice their religious rites and beliefs (Momaday 2507). The history books do not tell these things. History is written by those who write, and often enough by the ones that find themselves in power by gift or coercion. History has dealt the indigenous cultures of America a hard blow. The culture-shock faced by these people, who have dwindled down in number from the vast and populous tribes, is one that is still being felt today. Fortunately more and more Native American literature is being written and discovered. From these accounts, verse, and prose and insight can be gained into these proud people who are living in another man's world, once theirs, and have paid to do so ever since.

Martin Luther Kings Leadership :: MLK Leaders History Essays

Martin Luther King's Leadership One of the world’s best known advocates of non-violent social change strategies, Martin Luther King Jr. (MLK), synthesized ideals drawn from many different cultural traditions. Recent studies of him emphasize the extent to which his ideals were rooted in African-American religious traditions which were then shaped by his education. The image of a social activist and leader was the result of extensive formal education, strong personal values and licit ethics. This excellence in leadership can be traced to his character which is shaped by his moral values and personality. We look at MLK and these traits to reveal the rationalization of his rise to transracial leadership in our society. Through studying the life and example of Martin Luther King, Jr., we learn that his moral values of integrity, love, truth, fairness, caring, non-violence, achievement and peace were what motivated him. King is not great because he is well known, he is great because he served as the cause of peace and justice for all humans. King is remembered for his humanity, leadership and his love of his fellow man regardless of skin color. This presence of strong moral values developed King’s character which enabled him to become one of the most influential leaders of our time. Integrity is a central value in a leader’s character and it is through integrity that King had vision of the truth. The truth that one day this nation would live up to the creed, "all men are created equal". No man contributed more to the great progress of blacks during the 1950’s and 1960’s than Martin Luther King, Jr. He was brought up believing "one man can make a difference", and this is just what he did. Integrity has a large effect on what we think, say and do, it is through King’s thoughts and actions that enabled so many people to have trust and faith in him. Through King’s integrity he believed that America, the most powerful and richest nation in the world will lead the way to a revolution of values. This revolution will change the way society views itself, shifting from a "thing-orientated" society to a "person-orientated" society. When this occurs, King believed that racism will be capable of being conquered and this nation will be "Free at last." King’s unconditional love for all humans was another value that strongly influenced his character and allowed him to have such excellent leadership ability.

Luther’s Change of Mind Essay

This paper argues that Martin Luther (1483-1546) changed his mind about the Jews, shifting from a friendly to a hostile position, because of mental anxieties, his constant health problems, old age, and disappointment that Jews were not converting to Christianity. Luther was dissatisfied that Jews did not accept Jesus Christ, although his criticisms of the Jews were theological; not racial. The argument that a direct line can be drawn from Luther to Hitler and that Luther shares blame for the Holocaust, is rejected. This does not imply that Luther’s hostility towards Jews did not influence Hitler’s ideas and policies but rejects the attribution of Hitler’s â€Å"final solution† to Luther. In his first extended text on Jews, Luther wrote â€Å"If we really want to help† Jews, â€Å"we must be guided in our dealings with them not by papal law but by the law of Christian love†. Sources and Outline of Argument The primary sources for Luther’s views of Jews and of Judaism are his writing. He wrote â€Å"That Jesus was Born a Jew† in 1523, which represents his early, friendly attitude. He wrote his negative, hostile tract, â€Å"On the Jews and their Lies† in 1543. His last sermon, preached at Eisleben a few days before his death was â€Å"against the Jews†, and can be taken as representing his final position. These writings need to be placed in the context of Luther’s biography and of historical circumstance. In order to contextualize these primary sources, secondary sources are consulted. These include Heiko Augustinus Oberman’s Luther: Man between God and the Devil (1989) and Derek A Wilson’s Out of the Storm: The Life and Legacy of Martin Luther (2008). The essay begins with the content and context of Luther’s writing on Jews against the background of older Christian attitudes, against which Luther initially reacted. Luther’s initial position, his final position and the reason for his change of mind are identified. The essay then discusses the charge that Luther should have been tried alongside perpetrators of the Holocaust at the Nuremberg Trials, where defendant and former Nazi propagandist, Julius Streicher (1885-1946 ) said: Anti-Semitic publications have existed in Germany for centuries. A book I had, written by Dr. Martin Luther, was, for instance, confiscated. Dr. Martin Luther would very probably sit in my place in the defendants’ dock today, if this book had been taken into consideration by the Prosecution. In this book The Jews and Their Lies, Dr. Martin Luther writes that the Jews are a serpent’s brood and one should burn down their synagogues and destroy them†¦ The conclusion argues that although Luther’s position did change, the claim that he shares responsibility for the Holocaust fails. Hitler and his supporters manipulated Luther for their own purposes, while a fundamental difference separates him from them. Luther, it is true, supported the deportation of Jews and the destruction of Jewish property but not their extermination. Analysis of Luther’s Initial Position Luther led the Protestant Reformation when he posted his â€Å"95 Thesis† to the door of the Cathedral at Wittenberg, where he was an Augustinian priest and University teacher. Luther saw his Reformation as a breath of fresh air blowing through the Church, sweeping aside false doctrines and corrupt practices that obscured the real Christian gospel. Justification before God was by faith in Jesus Christ and was freely available, not a commodity that the Pope could sell. His translation of the Bible and the hymns he wrote for congregational singing were all intended to make Christianity directly accessible to ordinary believers, who did not have to depend on the mediation of priests any more. People could enjoy direct fellowship with God. Luther set out to challenge many commonly accepted notions about the Christian faith. Aware of a long history of Christian animosity toward Jews and Judaism, Luther reminded Christians that the own Bible had been written by Jews and that Jesus was himself Jewish, a fact often overlooked or even deliberately ignored in much Christian thought. In advocating kinder treatment of Jews, his hope was that this would result in their conversion. This distinguished Luther’s attitude toward Jews from what has been described as the traditional â€Å"teaching of contempt†, a term coined by Jules Isaac (1877-1963), a friend of Pope John XXIII. The teaching of contempt blamed Jews for murdering â€Å"God† (the charge of deicide), taught that having rejected and killed Jesus Jews’ were no longer God’s people but served the Devil, they were denied rights of citizenship, banned from most professions, banned from living wherever they wished to while travel restrictions and a dress code were also imposed on them. All of this consisted of papal decrees as well as national and city level legal codes. God had condemned the Jews to wonder the earth as a lesson to others of what happens when a people turn their back on God. Enforced conversions, deportation, pogroms were all justified by the teaching of contempt. Jews were accused of concealing the truth within their texts, so the Talmud was sometimes destroyed. Anti-Semitism, however, started before the birth of Christianity. Paul Johnson describes Greek animosity towards Jews and their religion, citing several sources. These include Appollinius Molon, Posidonius, Democritus and Plutarch all of whom wrote anti-Jewish polemic. The Jewish race had been cursed from the beginning of time. Jews sacrificed asses’ heads in their temple as well as secret human sacrifices, which explained why no outsider could enter the inner-most chambers. Jews were regarded as haters or despisers of the human race because they kept themselves apart, did not inter-marry and refused to recognize the Gods and goddesses of the ancient world. Although Rome extended certain exemptions to the Jews, the Romans increasingly regarded Jews as problematic as revolt followed revolt until eventually all exemptions were overturned and Jews were banned from residing in Palestine following the revolt of 132. Christian anti-Semitism picked up on many of the same polemic, accusing Jews of stealing Christian boys at Passover and sacrificing them, the â€Å"blood-libel† which surfaced first in England in 1144. Efforts were made to convert Jews and those who did convert were usually assimilated into the wider society, although some were accused of remaining secretly Jewish. In 1519, Luther opposed a â€Å"purge† by a former Jew, Johann Pfefferkorn (1469-1523) who wanted to burn Jewish books. Then, in his 1523 pamphlet, he advocated kindness and love toward Jews. What happened to harden Luther’s heart and to change his mind so that he later supported book-burning and other anti-Jewish measures? Luther’s Change of Mind and End Position Luther’s life has been described as a constant struggle between God and Satan. Jesus and God and the possibility of forgiveness for all people who turn in repentance to God were real to him but so was Satan and Satan’s opposition to God and to the Christian religion. â€Å"Chaos† he believed â€Å"resulted when Satan triumphed. † It was fear that social catastrophe would result from the Peasants’ Revolt of 1525. The Peasants had expected Luther to support them, since his Reformation had given ordinary Christians much more control over their own faith. However, Luther sided with the princes and denounced the rebellion as â€Å"an offence against God† and the work of Satan: â€Å"the fire of revolt was spreading, and if not checked would have widespread, disastrous results. † As Luther grew older and inc increasingly ill, he became more and more aware that the battle between good and evil, God and Satan was far from over. He began to see the Devil everywhere, says Poliakov. Luther wanted to reform the Church, not create a schism and grew increasingly annoyed that the pope refused to call a council to consider his proposals, saying in 1535 that he would attend a council even knowing that he might be â€Å"burned†. When a council was indefinitely postponed in 1539, Luther became somewhat embittered. Luther’s language could be intemparate, even crude. He was a man of fierce passion as well as of profound faith. The older he grew, the more willing he became to see Satan’s hand behind anything that hindered the Reformation’s progress. In 1536, as the possibility of a reforming council receded, the Elector of Saxony was preparing to expel all Jews from his realm. This had the sanction of the Church and was no â€Å"bolt out of the blue†. Thinking that an appeal to Luther for clemency might prevent this, the Jewish leader, Josel von Rosheim (1480-1554) approached him, supposing him to be a â€Å"friend of the Jews. † Not only did Luther refuse to intervene but reversed his earlier position, publishing On the Jews and their Lies. If he had power, he wrote, he would â€Å"set fire to† synagogues and â€Å"schools† then â€Å"bury with dirt whatever† did not burn. Jews were to be expelled unless they converted. Their â€Å"ill-gotten† gains should be confiscated. All this was to be done so that â€Å"God may see that we are Christian. † In his final sermon, he described Jews as â€Å"public enemies† yet he still expressed his love for them. His tactics towards them not his estimate of their worth in God’s sight had changed. He never supported murdering Jews. What he wrote drew heavily, too, on existing anti-Jewish polemic. He was deeply disappointed that Jews were not converting. Why Luther cannot be blamed for Hitler’s â€Å"final solution† Luther’s tracts were reprinted during the Third Reich. Hitler described Luther as a German Hero. In the wake of how the Third Reich used Luther to justify their crimes, the â€Å"whole world capitalized upon Luther, the fierce Jew-baiter. † However, no action Luther proposed was not already Church and state policy and what Luther advocated â€Å"was very far from being a final solution. † Oberman points out that German Jews were among the most assimilated community when Hitler rose to power, suggesting that this makes the idea that an â€Å"unbroken line† exists between Luther and Hitler implausible. Hitler recruited Luther’s legacy but manipulated this for his own purposes. It was no â€Å"coincidence† that Kristallacht took place on Luther’s birthday, November 11, 1938 but â€Å"this was sheer opportunism, backed by a perversion of scholarship. † Luther ended up supporting deportation but only of Jews who refused to convert: Hitler set out to exterminate a whole race, including Jews who were Christian. Luther did not hate the Jewish race. He wanted them to become Christians. There is, says Wilson, no â€Å"well beaten path that can be traveled from Wittenberg to Auschwitz. † He suggests that Luther would have opposed Hitler’s dictatorship. It is, however, true that no other pamphlet than â€Å"On the Jews and their Lies† has caused â€Å"more harm to Luther’s reputation†, says Wilson. Nonetheless, the view that Luther was an ally of the Nazis â€Å"in carrying out their Final Solution† does not withstand critical scrutiny of what Luther actually wrote. References Bennett, Clinton. In Search of Jesus (London & NY: Continuum, 2001). Hitler, Adolf. Mein Kampf. Translated by Ralph Manheim. (Boston: Houghton Mifflin, Sentry Edition, 1971) Goring, H. Trial of the major war criminals before the International Military Tribunal, Nuremberg, 14 November 1945-1 October 1946 ( Nuremberg, Germany: International Military Tribue, 1947).

Definition and Examples of Linguistic Americanization

Definition and Examples of Linguistic Americanization In linguistics, Americanization is the influence of the distinctive lexical and grammatical forms of American English on other varieties of the English language. Also called linguistic Americanization. As Leech and Smith* observe below, If the term Americanization is taken to imply direct influence of AmE on BrE, it should be treated with caution (2009).See Examples and Observations below. Examples and Observations Globalization in the current era is associated, for better or for worse, with Americanization. This is particularly true of its cultural dimension. For it is the United States, as the worlds hyper-power, that has the economic, military, and political power to projects its culture and values globally. Yet, as many commentators have noted, Americans appear parochial and unworldly, hardly the cosmopolitan sophisticates needed to proffer a truly global vision.The ambiguity of the United States representing globality is perhaps no more apparent than in the projection of its language globally. On the one hand, Americans are particularly notorious for their linguistic insularity, rarely exhibiting the foreign language proficiency so common elsewhere in the world. Yet, as well known, the American language, English, is a global import, inherited from an earlier global power, England. Hence American ownership of global English is more tenuous than its ownership of other global cultural icons, such as McDonalds or Disney.(Selma K. Sonntag, The Local Politics of Global English: Case Studies in Linguistic Globalization. Lexington Books, 2003) Grammatical and Lexical ChangesThe evidence provided by the Brown family of corporaespecially the comparison between the British corpora (1961, 1991) and the American corpora (1961, 1992)often shows AmE to be in the lead or to show a more extreme tendency, and BrE to be following in its wake. Thus, must, in our data, has declined more in AmE than in BrE, and has become much rarer than have to and (have) got to in AmE conversational speech. Users of British English are familiar with lexical changes due to American influence, such as increasing use of movie(s) and guy(s), but grammatical changes from the same source are less noticeable. . . . [A] finding that AmE is ahead of BrE in a given frequency change does not necessarily imply direct transatlantic influenceit could simply be an ongoing change in both varieties where AmE is more advanced. If the term Americanization is taken to imply direct influence of AmE on BrE, it should be treated with caution.(*Geoffrey Leech and Nicholas Sm ith, Change and Constancy in Linguistic Change: How Grammatical Usage in Written English Evolved in the Period 1931-1991. Corpus Linguistics: Refinements and Reassessments, ed. by Antoinette Renouf and Andrew Kehoe. Rodopi, 2009) Be going to[B]e going to was more than twice as frequent in the American corpus as in the Australian or British corpora, suggesting that Americanization may be a factor in its growing popularity. That colloquialization may be another relevant factor is suggested by the finding that be going to is greatly preferred in speech over writing (by a ratio of 9.9:1), further confirmation for the applicability of this suggestion to AmE and BrE being provided by Leechs (2003) finding that between 1961 and 1991/2 be going to enjoyed a strong increase in popularity in American writing (51.6%) and in British writing (18.5%).(Peter Collins, The English Modals and Semi-Modals: Regional and Stylistic Variation. The Dynamics of Linguistic Variation: Corpus Evidence on English Past and Present, ed. by Terttu Nevalainen. John Benjamins, 2008)The Americanization of EuropeBecause of the advent of linguistic Americanization, . . . one can no longer claim that Europes lingua franca is unequivocally a Briti sh commodity. English is emerging in Europe, not only as a universal language, but also as a potential norm-generating variety. . . .Basically, what we have is a traditional basis for ELT [English Language Teaching], one centered in BrE, on the teacher as model, on British and American social studies, and on the goal of mimicking the idealized native speaker, evolving into a platform for ELT which constitutes a radical departure from such beliefs and practices. Instead, linguistic Americanization, the mixing of BrE and AmE which suggests a kind of mid-Atlantic accent and a rich blend of lexical usage, the idea of a variety of Euro-English, the use of postcolonial texts in cultural studies modules, and the desire to develop cross-cultural communicative skills, is on the upswing, while BrE, prescriptivism, and traditionalist positioning are declining.(Marko Modiano, EIL, Native-Speakerism and the Failure of European ELT. English as an International Language: Perspectives and Pedagogic al Issues, ed. by Farzad Sharifian. Multilingual Matters, 2009) Yiddish and American English: A Two-Way ProcessThroughout Yekl [1896] and his early stories, [Abraham] Cahan translates the Yiddish of characters into correct (albeit ornate) English while leaving incorporated English words in their misspelled, italicized forms: feller (fellow), for example, or preticly (perhaps particular). Speech thus represents the cultural intermixture arising from contact between the immigrant and American society, an intermixture captured in remarkably hybrid sentencesDont you always say you like to dansh with me becush I am a good dansher? (Yekl, 41)and even in individual words like oyshgreen: A verb coined from the Yiddish oys, out, and the English green, and signifying to cease being green (95n).This narrative technique also represents a reversal of perspective, whereby English becomes the contaminating element within another language. The Americanization of Yiddish is given from a Yiddish perspective. English words are thrown backrulesh (rules), deshepoitn (disappoint), saresfied (satisfied)transformed and defamiliarized by their inclusion in another linguistic system. Just as Yiddish becomes Americanized in Yekl, American English becomes Yiddishized: transformative linguistic contact is shown as a two-way process.(Gavin Roger Jones, Strange Talk: The Politics of Dialect Literature in Gilded Age America. University of California Press, 1999) Alternate Spellings: Americanisation

European History Term Paper Topics

European History Term Paper Topics History term papers are very common these days. They represent students knowledge on the history subject and also show the ability of a student to study, find information, develop writing skills, and make him think on a specific aspect of history as well as express his own ideas and thoughts towards a specific history term paper topic. However, a history term paper topic involves a lot of effort and is very time consuming. Not every student can succeed in writing a history term paper.   Some students are better at math, and others are more proficient in writing papers. It’s just how the whole system is created. And some academic institutions are very strict about academic papers and history term papers, and require good history term papers from every student, which is basically unreasonable. If you are ordered to write a paper on European history term paper topics, and you are not proficient in writing papers – then you have a problem. CustomWritings.com offers assistance in writing papers on various European history term paper topics. If you feel that you lack creativity and writing skills to write a good paper for your history class – leave it to us, professionals. We will manage to write a sound paper on any European history term paper topic. Why not let a professional writer write a term paper for you, and make it seem as it was written by you? CustomWritings.com is a professional custom European history term paper writing service. We have gathered a great team of skilful writers, who will gladly help you with any European history term paper topic. If you still are in a desperate need of assistance, however wish to struggle for the grade yourself – you might find useful our European history term paper topic writing tips. We have gathered common and general information to give you an idea how to write a good European history term paper, and make sure you are on the right track. A history paper in general – is a paper, where you gather all information on the topic, and express your own thoughts towards this topic. SO basically, you must divide your paper into 2 equal parts. The first part is where you do the research on the topic and gather information on the things that have happened in the history of Europe, and the second part, where you express yourself, and show the reader how you feel about the events that have happened. In order to succeed in writing a European history term paper, you have to be able to pick a specific European history term paper topic, and address all issues in it. Make sure that the topic is not vague, as you have to fit the European history term paper into a limited amount of pages, and if you choose a vague European history term paper topic – you won’t be able to do that. If you are having a hard time coming up with a good European history term paper topic – try asking for advice your professor. He will tell you what to write about. But be careful, he might remember the European history term paper topic he gave you, and you will be forced to write a paper on a given topic. If he gives you a hard topic – you will be forced to write about it.

Free Essays on My Career

Scogin 1 My Career Often times growing up as a child, I wondered what I would be when I grew up. My mind would constantly wonder down the career paths of famous jobs. Would I be an astronaut? Maybe a professional basketball player? Perhaps the president of the United States! But as I grew older, my thoughts changed from â€Å"what will bring me the most fame† to â€Å"what am I best at and can make the most difference in†. As I pondered over this question throughout my years in high school, my choices became narrower and clearer. And as I geared up to embark upon the journey called life, I realized the career that could enable me to have the biggest impact on my surrounding world: being a high school history teacher and a coach. I chose teaching and coaching for several reasons. As a child growing up, I loved history. I would sit on my dad’s lap and constantly ask him questions, and he always patiently gave me an answer. When I attended elementary and junior high school, social studies quickly became my favorite subject. I often times got in trouble by my teachers for reading the social studies book instead of one from the library during personal reading time. I loved to watch the history channel for fun, and still do to this day. Scogin 2 throughout my schooling, I never received anything less than an A in social science courses. Another reason why I decided to become a teacher is the possibility to have a positive affect on children’s lives. Thousands of teenagers grow up without a positive role model in there lives (Edefelt 11). And for me, to serve as a positive role model by being a teacher would be an honor. The main reason I also decided to coach as well as teach was simple: I love to play sports. No matter what sport it is, I enjoy playing it. I am very competitive in everything I do. And when I realized that coaching was another avenue to be a positive influence on teenager’s lives (Field 3... Free Essays on My Career Free Essays on My Career Scogin 1 My Career Often times growing up as a child, I wondered what I would be when I grew up. My mind would constantly wonder down the career paths of famous jobs. Would I be an astronaut? Maybe a professional basketball player? Perhaps the president of the United States! But as I grew older, my thoughts changed from â€Å"what will bring me the most fame† to â€Å"what am I best at and can make the most difference in†. As I pondered over this question throughout my years in high school, my choices became narrower and clearer. And as I geared up to embark upon the journey called life, I realized the career that could enable me to have the biggest impact on my surrounding world: being a high school history teacher and a coach. I chose teaching and coaching for several reasons. As a child growing up, I loved history. I would sit on my dad’s lap and constantly ask him questions, and he always patiently gave me an answer. When I attended elementary and junior high school, social studies quickly became my favorite subject. I often times got in trouble by my teachers for reading the social studies book instead of one from the library during personal reading time. I loved to watch the history channel for fun, and still do to this day. Scogin 2 throughout my schooling, I never received anything less than an A in social science courses. Another reason why I decided to become a teacher is the possibility to have a positive affect on children’s lives. Thousands of teenagers grow up without a positive role model in there lives (Edefelt 11). And for me, to serve as a positive role model by being a teacher would be an honor. The main reason I also decided to coach as well as teach was simple: I love to play sports. No matter what sport it is, I enjoy playing it. I am very competitive in everything I do. And when I realized that coaching was another avenue to be a positive influence on teenager’s lives (Field 3...

Ontological Arguments About The Divine Command Theory Of Morality Essay

Ontological Arguments About The Divine Command Theory Of Morality - Essay Example Plato argues against every other theory that beats the logic of God in that God can only condemn something because it is wrong and something is condemned by the gods because it is wrong. Plato goes disowns the theory by bringing out a logical argument based on what he believes to the truth, especially on the concept of right and wrong and their relationship with the gods. On this topic, he brings up the issue of morality and immorality and the views of the gods on it based on why an action can be moral or immoral based on his argument with Euthyphro. In this case, he asks what if the gods considered what they asked to be done as the correct thing, despite being an immoral thing and one that inflicts pain and suffering amongst the people. In his objection against the theory, Plato argues the theory because it means that the gods that determine morality and human behavior by vouching for or criticizing it. For this reason, the foundation of morality in the case of the divine command th eory of morality, morality becomes an arbitrary issue (Austin). ... Logically, this does not make sense since Plato believes in a state of unambiguity, where such dilemmas do not come up; thus, there must be another form that guides morality. Another argument, by Plato against divine command theory of morality, is that if gods do not call the arbitral change in morality, then they must be mere spectators. This is to mean that they just act as beings with the ability to recognize right and wrong, and cannot direct ethics, which is based on the argument that the gods condemn something because it is wrong. To Plato, this is another absurd idea and basis of morality as it puts the gods at the same as a man; because man can also recognize right from wrong based on the law.

Describe the methods used to calculate value added. How does value Essay - 4

Describe the methods used to calculate value added. How does value added contribute towards understanding the connections betwee - Essay Example Value added concept of income measurement has been viewed as the increase in the wealth of an economic body. It is traditionally rooted to the evaluation of national income in macro economics, measured by national economy productive performance.2 This concept is referred to as National or Domestic product and represents a specific period’s national economy. This is a common use of this concept but it has also been applied in many other different areas of business operations and economics as a positive performance and economic gauge. This makes value added a measure and indicator of an economic entity’s performance and has a fairly long period of application in the field of economics.3 Value added represents a calculated value, and for this reason, it is well related to accounting. It is also contrasted from the traditional calculation of income in that, it can be and has been used in all the three accounting systems i.e. managerial accounting, financial accounting and t he national accounting system. It is also distinguishable from income computation whereby value added is constantly described internationally as a difference of expenses from revenues. It can be defined in two ways that will be discussed below and this gives value added concept another critical characteristic commonly known as the dichotomy of value added.4 Subtractive method is the first method of calculating the value added and it is defined as: Value Added (VA) = O – I. Where O = Output; I = Input. This means that when being compared to accounting income, it is perceived as the net figure. The value expressed is the value that an economic body, such as a person, an industry or a company adds to the products and services it purchased or received from other entities during its creative or own productive economic activities.5 In the second one, additive method, the value added is represented by the total sum of the distributed parts that constitute the created wealth. This is done with respect to the reality that all the created wealth is well distributed i.e. by being allocated in some way. When considering a company, value added calculation is defined as: VA (Value Added) = RE + RG + RCP + NAP. Where RE = Remuneration of employees; RG = Remuneration of government; RCP = Remuneration of capital providers; NAP = not appropriated income i.e. retained earnings.6 The two formulas above disclose the characteristic content that value added concept has. This concept can be divided into social aspect, represented by the additive method, and performance aspect which is articulated by the subtractive method. This shows that in addition to economic information given by this concept, value added also offers social information through identification of the part of the yield that goes to every contributor of the whole process in a company.7 Value added concept has evolved besides its historical principal function in national accounting to several other uses and appl ications in the three; financial, national and managerial accounting. The two sided feature of value added i.e. performance and social characteristic, is depicted clearly by the concrete and possible applications. Hence it has been argued as a way to estimate productivity of an economic body through their way of using productive factors.8 This makes the

The Story of Foreign Trade and Exchange case Essay

The Story of Foreign Trade and Exchange case - Essay Example Competitive advantage is acquired once a business diversifies its products and ensures that they are of higher quality, fair prices and is locally and internationally available compared to their competitors. This strategy suggested by the story of foreign exchange and which has been adopted by Nestle has made this company attain a competitive advantage in the consumer healthy foods market where there are many giants. Its diversification into not only beverages and snacks but also baby food and the availability of the products worldwide has made it gain more and dominate the market. Its absolute advantage is derived from its corporate social responsibility which is giving back to the community as much as possible for sustainability purposes. Nestle is one of the companies that formed World Cocoa Foundation whose aim is to integrate with cocoa farmers all over the world and assist them on increasing their productivity, supplying their products and even dealing with the adverse environmental effects. It has also invested more than $500 million to deal with health problems like diabetes and obesity among

Write a letter to your first-year roommate at Babson. Tell him or her Essay - 1

Write a letter to your first-year roommate at Babson. Tell him or her what it will be like to live with you, why you chose Babson, and what you are looking forward to the most in college - Essay Example I tend not to get worked up about things, and am fairly relaxed, so I would be surprised if much of what you did bothered me. I’m also fairly direct and honest, so if there is something that I think we need to talk about I’m just going to bring it up instead of letting it simmer or being passive aggressive – you never have to wonder if your pile of dirty gym clothes is bothering me – if it is I’ll come out and tell you right away, so if I say nothing you will know it’s not. I’m not especially neat nor especially messy, but a bit of a mess won’t bother me – if it will bother you ten I can definitely keep cleaner. So those are all the ways I’m pretty easy to live with. One of the reasons I might be a pain is my sleep schedule – I tend to alternately be a very early riser or a night owl, and I tend to work best early in the morning or late at night. So my schedule is pretty erratic and might shift significantly throughout the year. If you’re like me, then this won’t be a problem, but if it is I’m sure we can work something out! I decided to come to Babson for several reasons. One is definitely its spirit of entrepreneurship – I love the idea of starting your own business, of creating ideas and capitalizing on them, and competing with others to try to win market share, and, of course, profits. The school obviously has a very good reputation as one of the best business schools in the country, and this reputation is something that drew me to it as well. Location also played a part in my decision to come to Babson – I love the huge, beautiful campus (especially the globe!) and the small town feel you get there. But I also like that it is close to Boston and other big cities in New England, so you don’t feel like you’re stranded in the middle of nowhere – you can always find something to do. The thing I’m most excited about next year is meeting and making connections with new

Technology and Logistics Essay Example | Topics and Well Written Essays - 750 words

Technology and Logistics - Essay Example In the IT landscape of an organization, a TMS usually â€Å"sits† between the order processing system and the warehouse management system of an ERP. Ideally, TMS should include both the inbound as well as outbound orders. Load Consolidation: Organizations can reduce their transportation costs by consolidating on various considerations such as routing, delivery date, capacity, customer preferences etc. This will help in reduction of both billable as well as payable freight costs. Route Planning and Scheduling: This enables an organization to find out the most efficient and cost-effective route plan. Using this functionality, an organization can assign orders and customers to routes, move orders and customers between routes, rearrange route sequences, establish balanced zones and territories, and pool equipment and driver resources according to established business rules. Freight Audit and Payment: A TMS allows calculation of full bottom-line freight costs and evaluation of rating and service options. This enables a supply chain manager to improve its freight audit accuracy. Generally, a TMS is integrated with ERP and other Financial systems of the organization to give a complete picture throughout all the departments of the organization Freight Procurement: This feature of a TMS helps organizations to manage the various types of bidding processes such as incremental bidding, multi-round bidding and expressive bidding. It facilitates online bidding from 3PLs Multi-modal Transportation: A TMS also allows an organization to choose between various modes of transportation including ocean, rail, air, road, barrage and ferry etc. and arrive at the best combination of modes to increase efficiency. Shipment Tracking and Trace: This feature allows customers as well as managers to track their consignment online. The almost real time accurate tracking enables efficient sharing of relevant

Write a letter to your first-year roommate at Babson. Tell him or her Essay - 1

Write a letter to your first-year roommate at Babson. Tell him or her what it will be like to live with you, why you chose Babson, and what you are looking forward to the most in college - Essay Example I tend not to get worked up about things, and am fairly relaxed, so I would be surprised if much of what you did bothered me. I’m also fairly direct and honest, so if there is something that I think we need to talk about I’m just going to bring it up instead of letting it simmer or being passive aggressive – you never have to wonder if your pile of dirty gym clothes is bothering me – if it is I’ll come out and tell you right away, so if I say nothing you will know it’s not. I’m not especially neat nor especially messy, but a bit of a mess won’t bother me – if it will bother you ten I can definitely keep cleaner. So those are all the ways I’m pretty easy to live with. One of the reasons I might be a pain is my sleep schedule – I tend to alternately be a very early riser or a night owl, and I tend to work best early in the morning or late at night. So my schedule is pretty erratic and might shift significantly throughout the year. If you’re like me, then this won’t be a problem, but if it is I’m sure we can work something out! I decided to come to Babson for several reasons. One is definitely its spirit of entrepreneurship – I love the idea of starting your own business, of creating ideas and capitalizing on them, and competing with others to try to win market share, and, of course, profits. The school obviously has a very good reputation as one of the best business schools in the country, and this reputation is something that drew me to it as well. Location also played a part in my decision to come to Babson – I love the huge, beautiful campus (especially the globe!) and the small town feel you get there. But I also like that it is close to Boston and other big cities in New England, so you don’t feel like you’re stranded in the middle of nowhere – you can always find something to do. The thing I’m most excited about next year is meeting and making connections with new

Hospitality Organizations for Self-Service Technology Assignment

Hospitality Organizations for Self-Service Technology - Assignment Example Notably, the population of the study included 216 employees who work in three participating hospitality organizations during April 2006 (Lema, 2009). All the participants in the population were volunteers while the participating organizations offered diverse workforce in the food, beverage, entertainment, and lodging industry (Lema, 2009). Specifically, the sample participants included employees working in three participating hospitality organizations during April 2006. The sample participants included 71 supervisors, 141 non-supervisors, 111 females, and 101 males (Lema, 2009). The original sample size included 216 employees while the final sample size included the position, gender, and ethnicity of 212 participants (Lema, 2009). Ideally, the study clearly described the sampling method by selecting the demographic variables that define the study. Indeed, the sampling method defined the position, gender, and ethnicity of participating employees in the hospitality industry. The sampling method defined the period for the study and classified the participants into supervisors and non-supervisors (Lema, 2009). It also defined the proportion for gender into 48% males and 52% females (Lema, 2009). Ultimately, it classified the sample into ethnic groups including African American, American Indian, Asian, Caucasian, Hispanic, and Paciï ¬ c Islander (Lema, 2009). Ideally, the sampling method was adequate for this study in that it addressed all the demographic variables that influenced the results for the study. The researches study on the factors that inï ¬â€šuence employee readiness to engage in and support self-directed processes used various instruments, which included Oddi Continuing Learning Inventory (OCLI) and Generalized Self-Efï ¬ cacy Scale (GSE) (Lema, 2009). Most specifically, the GSE instrument sought to assess self-beliefs of personal capabilities of the employee while the OCLI instrument sought to assess employees’ levels of self-directed learning

Rhetorical Analysis Essay Example for Free

Rhetorical Analysis Essay Everyone else got to decide what would become of their lives, while she was now going to have everything decided for her. While Kim tells her story, she makes several statements that key on the readers’ emotions and get us to take her side. Kim uses good imagery when she tells about her village being burned down and her clothes scorched off. She says â€Å"I saw an airplane getting lower and then four bombs falling down. I saw fire everywhere around me. Then I saw fire over my body, especially on my left arm. My clothes had been burned off by the fire. Anyone who could imagine this happening to a nine year old wouldn’t be able to help feeling sorry for this person. To make matters for the little girl worse, she was then forced to become a poster child for the Vietnamese government to show the rest of the world. Kim’s freedom to become what she wanted was taken from her. While telling her story, she does a very good job using these rhetorical pathos to make the reader feel sorry for her and take her side. In the story, â€Å"Untold Stories of Kindness†, an American soldier tells about the brutal reality of war. He explains that even though you may not agree with the reason for the fight or even know the truth behind the war, if you are a soldier, you have to do your job and continue fighting. He hits on the point that people want to help each other even in times of war and despair. He says that if everyone will just accept people who are different, the world will be a more peaceful place. His idea that people always want to help each other is supported by an example of a time he remembers people helping each other during his campaign in the Iraq war. After one particular fire fight that lasted nearly eight hours, Iraqi civilians helped the American soldiers clear the streets of wounded men and try to aid their injuries. People would also care for children, rebuild hospitals and schools, and feed the poor. The author of this essay uses strong imagery to make the reader have emotion towards his story. He tells about the time when insurgents detonated several car bombs killing over a hundred people. The number of people killed in this incident helps to emphasize the reality of all the people who dying in this war. He says â€Å"Cars were covered in blood as if they’d been hit with a paint sprayer. † This makes the reader try to imagine what he had to see and tries to make the reader feel the same emotions he has toward the situation. The rhetorical pathos used here are very similar to the pathos used by Kim in her story. Both of these essays made good points support the logic behind the statements and opinions in their stories. They also used good details and imagery so the audience could picture some of the things they had to see. The imagery in these stories tried to make the readers feel emotional and take the authors’ sides.

Security Forensics and Risk Management

Security Forensics and Risk Management Acknowledgement Foremost I would like say thanks to god for all support in all my life and secondly University of Greenwich to give this my life aim to complete my masters. Next my supervisor Professor Kevin Parrott to the supports he gave because without his support I wouldnt be able to complete my project with this quality. Especially the suggestions and appreciation given my supervisor make me feel better and gave positive thinking. Finally need to thank my family and friends for unbelievable supports and encouragements. Abstract As we are in the information era the world is changing to use electronic means for day to day use. The paper documents is gone and most of them are paper free because of so many reasons such as pollution, easy, fast, etc At the same time this digital media has availability, scalability, confidentiality and integrity which are required behaviour for secure communication. The risk is increased with the increase of computer and digital means usage and the single security lack may cause huge losses. There are some surveys says most of the crimes are happening through electronic means and the target is computer or computer peripherals. If the attacker found a single security lack that is enough to start and break the whole system and the security lack could be configuration mistake, firewall issue and basically problems in the protection mechanism. Because of these reasons testing become very important and this process called as Auditing. There are so many types in the auditing and this auditing requires technical knowledge to make these tests perfect and to give an audit report including suggestions. The auditing falls into two main categories such as Automatic and manual. The test will be efficient if it is automated using testing tools which are called as automated or computerised test. Even though there are some tests cannot be automated and need to test manually. This auditing covers network security test, physical or environment security test, computer security test which includes software and hardware tests. The computerised test will carry on with some security tools and the manual will use questioner to minimise human made errors mainly forgetting.   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Security audit is the technical assessment of the application or system. The assessment may be manual or systematic or both. In most case the auditing process uses manual and systematic/ automatic methods because there are some tests cannot be automatic such as review of the security policy, asset management, etc   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  This auditing has different types such as internal or external. This type is depends on the company size and the resource availability. Usually big companies have their own security auditor so they will perform the audit internally and the small and medium size companies mostly hire auditor form outside. Both types got pros and cons in security and financial manor. Chapter 1 Introduction This chapter largely contains non-technical information to give the understanding of high level objectives. Also describe the techniques and technologies used in the project and research to accomplish the project Objective Audit The audit is a systematic or manual security assessment of the network, infrastructure, system, etc The complete audit should be the combination of manual and automatic assessment because in every test target there will be some test cannot be automatic. The audit has so many categories and the following paragraph will explain about the categories and the functions or techniques behind that. There are 3 controls in the auditing process which are Preventive control The preventive controls are controls may in the form of software or hardware or ant configuration to prevent the error or vulnerabilities. This is an active type control always monitor the interface for any vulnerabilities and block such vulnerabilities or errors before it enter into the system or infrastructure. This is most effective control mechanism because not allows the vulnerabilities. Detective control The detectives are in placed to monitor the vulnerabilities in the form of software or hardware but the different between preventive and detective is the preventive wont allow the vulnerabilities into the system where detective allows entering everything and correcting the vulnerabilities after enter. The best example is for this control is fire alarm because fire alarm wont prevent the fire before but if any fire it will work. Corrective controls The corrective controls are the controls to correct the error or issue before it make any harm. This is very important control for all places even if they have other controls because there are some issues or vulnerabilities cannot detect by the controls if they will come and attack so there should be some control to correct those before loss occur. Addition to that the controls should up to date such as latest firmware or latest definition. Type of auditors   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  There are two basic types of auditors in the information era the internal and external auditors. This selection of the auditor will be done by the management with the use of financial status of the organisation. Size of the organisation and the policies defined in the company. Internal auditors Internal auditors are auditors belong to that particular company which is going to perform the audit. That means the auditor is an employee of the company. So the auditor is always available to do the auditing and data or information will keep within the organisation. This is the main advantage of having the internal auditor and the same time and the employee purposely recruited for auditing then is cost a lot for the company. So it is only possible for the big level companies because they have huge investments and revenue. The disadvantage of the internal auditor is they may be up-to-date and dont have current market or audit status such as new techniques and tools. External auditors The auditor recruited from other auditing firm for the auditing so it is very hard to find professional auditor because of the availability and as the auditor recruited from outside the company information may go out. At the same time the auditor needs some time to get and understand the company process. But the advantage of recruiting the external auditor is their knowledge and it is suitable for middle and small level companies. Types of Audit: Traditional Audit It is just like a manual auditing. It is useful when working with a large amount of data in a large company. Here auditor took some sample data from different place then provide a report. Advantage: Easy Cheaper Disadvantage: Always do not provide correct information. In IT sector it is not useful. Software audit: Software audit is a wide popular for any educational institute or organization. It is just like a review of the software and the system that can find all information of the system such as operating system, application software, processor, drives, controllers, bus adapters, multimedia, virus protection, system model, main circuit board, memory models, local drive volumes, network drives, printers information etc.. There are so many auditing tools in the market such as Belarc Advisor, E-Z audit that are very power full. KW116 is the main Lab for school of computing and mathematical science in University of Greenwich. CMS installed lots of software for students to continue study or research. According to Copy right, Design and Patents Act 1988, all Software must have a valid licences to continue the process. As Lab uses large amount of software and different software expire on different time so it is very difficult for Lab administrator to keep up to date all licence by manually checks. Only auditing by software can possible to give details report to administrator to keep up safe the system. Advantages: Correct Information: Machine always provide the correct information so it has less chance to provide the incorrect information. Save time: Software very quickly provides a report of the system so it saves time. Details description: It provide a details description of system including any warning or licences issues etc Minimise the cost: By implementing the software audit two peoples work may possible with one people so it reduce the extra cost. Disadvantages: Investment Costly: Software is very expensive so university need extra money to buy this software. Risk: Auditor knows the details information of the system. Work flow: Auditor needs part of the lab to check the system. So it discontinues the student workflow. The approach The typical audit has different approach to collect the data. The single audit will use multiple techniques to gather full information and it is necessary to use different technique for different level of people. These are common techniques here. Interview This technique uses to collect the information from outside people or top level people and the number should be limited. During the interview the auditor or interviewer will ask questions from other people and collect the information. So the person will be well prepared for the interview. This is very robust method because it will allow people to express fully and the method also simple as it is talking which is natural way to communicate. Another advantage is this bi directional communication, means both parties allows to ask questions for clarification or gather information. Observation This method uses in the place where real time process monitoring or behavioural change is required. This is a powerful way of do the changes throughout the audit because other techniques exist in currently not possible to get real time information. Inspection The technique required to do some action with collected data to collect audit related information. This is the form of observation with advance criteria expected. This is extended version of observation because if the auditor apply any advance criteria to gather the data which is necessary to the auditing. After collecting the data the next step is to identify the weakness and process it. The identifying is the key work in the audit and after that categorising. The identifying uses some techniques to make that easy, preface and professional. The techniques used here are Root cause analysis General technique for analyse and get the better solution for the vulnerability or weakness. Because this technique drilldowns to the issue and finds the root and fix the weakness. The basic technique behind this is if the root is fixed automatically it will fix all other problems related to that. So simply close all related issues at once. As mention the easy and robust way to stop the issues exist and the issues may come in the future. After root cause analysis the next step is to get the solution for the root of the issue. The important thing here is choosing better and effective solution for the issue. The selection depends on some external and internal restrictions. Organisation policy Cost per benefit Legal restrictions Availability Compatibility Vendor and citification Advantage of having Auditing: Satisfaction: It brings the confidence of the Lab administrator of the University of Greenwich to continue the business process. Owner always thinks is there any lack that breaks down the continuity of the business. Detection and prevention of errors: Human can made error in any times .on one can say there is no error in there company. By auditing people can find the error and suggestion to recover the error. Detection and prevention of fraud: It also just likes errors. Sometimes user intentionally or unintentionally does this thing. So after audit we can find out the fraud. Verification of the Licences: KW116 Lab installs lots of software for student. Here some software for 1 year some software for more than one year and some software has limitation (No. Of user can use) for use. So auditor can find all kind of licence issues. Independent opinion: Audit always done by the independent people .so this report always accepted by everyone. Safety form exploitation: Health and safety always is a big issue for any organization. KW116 Lab got lots of equipment that are connected with electricity. So always chances for short circuit or exploitation. Audit identifies the all lack point and advice for prevention. Disadvantage of having Auditing: It is expensive Sometimes slow or stop the work flow External people know the company information. Encryption Encryption is the simple technique in the different for to send the date securely through shared place like internet. The form of encryption may vary from each other but they all commonly use digital certificate to encrypt and decrypt the data. Encryption use keys to make cipher text from actual message. The cipher text is not readable and it is the encrypted version of the massage using some algorithm. Security roles/user roles The security roles are very important technique to make network administration easy. This is basically creating some groups with different permissions according to the organisation operation or policy. A user or staff can have multiple security roles according to their need. This roles use to authorise the user permission. Security policy Security policy is a document which has all rules and regulations documented and approved by management and align with laws and legislation. This policy is used to define all activities and this is used to make some decision. Business Continuity: There are three things always we have to mind to continue the business Essential: to running the business any customer order cannot be delay more than seven days. Tolerate delay: some application may delay to continue the business such as management pay. It is a midterm i.e. one to four weeks. Discretionary: some application is useful for business but it is not affected to continue the business operation such as management report. It is a long term i.e. 3 to 6 months. Business continuity planning Business continuity planning (BCP) is the most important for any organization to continue the business. BCP engages with only different kind of risk to continue the business process that might occur in the organization and it also creates the policies, plan and procedures to reduce the risk. BCP can continue the business process in disaster situation as well. The main goal of the BCP is to combine together all policies, procedures and process so that any disruptive situation business process can continue or it may impact very little. Here main important function of BCP is Maintaining the business operation Continue the business in emergency situation Reduce the risk If any situation BCP cannot take over then Disaster recovery planning (DRP) takes over. British Auditing Standard BS7799: It is a British standard called as BS7799 that developed by British standard institution where describes the security policy and standard procedures.BS7799 become the ISO IEC 17799 after accepting the ISO IEC technical committee for international use. Now a days information is a valuable asset for organization .So it is very important to protect the information like other corporate asset. Here BS7799 introduces how to protect the information from threats and suggest the three points to secure the information such as Integrity: it is assurance the completeness and accuracy of the information. Confidentiality: Information can only access by the authorise people Availability: Authorise people can access the information when needed. Attacks and prevention for the attacks Errors and Omissions: Errors and Omission is one of the most common and toughest vulnerabilities .It is a human made error because human interact with programming, controlling and enter data for computer. There are no countermeasures to protect the errors and omission. Fraud and theft: It is a one kind of criminal activities that may occur in the KW116 Lab. It includes computer component such as mouse, keyboard, router, switch, cables, CPU box etc. It was observed that security person always not in the access point. So it is harm to secure the lab from fraud and theft. By protecting the access control we can reduce the fraud and theft. Both internal and external people are responsible for that kind of activities. Prevention of Fraud and theft: Regular auditing and monitoring program will help to identify all kind of fraud and theft. Deploy all of the access control. CCTV in proper place. Virus: Virus is a malicious code that has ability to reproduce his code itself and spread one system to another system via e-mail, downloading, storage devices (CD, DVD, memory stick, removal hard drive) and destroy the computer system. It was observed that removal memory stick all most every user are using and it is the most change to spread the virus in the Lab computer system and also observed user are using their own laptop and connected to the university wireless network. If user laptop effected with virus then it also change to spread the lab network that can affect the internal network and attack the server and crash the hard drive. Prevention: Install the latest antivirus software. Regular update the antivirus software. Follow the backup procedures regularly. Scan the device when transfer data. Installing the NIDS (Network Intrusion detection system) and firewall Minimise the download from internet. Download only repudiated site web site. Scan before the download. Care full to open unknown e-mail attach. Scan all incoming file from the remote site. Aware the user about danger of the virus. Trap-doors: It is an undocumented command that might user can create to speed up the work flow. Unfortunately sometimes student might leave these trap-doors. Prevention of Trap-doors: Use latest antivirus software. Give permission to develop the code only authorise people. Check properly all coding before use it. Logic bombs: It work s like time bombs and affect the system in a particular event or day such as program launch, website logon. It changes the data and deletes the data from the system. Here student are accessing the lots software to do the course work or project. So they are strong enough to build the logic bombs. It is normally happen in company if employee leaves the job. Prevention: Audit regularly and monitoring Always back up the necessary file Allow authorise people to develop the code Need record of all modification or changes Trojan Horses: It is a software programming that contains the malicious code. Normally students are interested to download the music, free software from internet. It is the most change to affect the lab computer and destroy the data stored on lab computer system. Prevention: Avoid unwanted software and music download from internet. Aware the user about Trojan Horses. Worm: Warm also is a malicious code that can spread itself without any human involvement from one system to another system .It works only computer network system and does not need any devices to transport. Prevention: Use firewall Use update antivirus software Spyware: It is an unwanted software interface that monitors the activity of the user and transfers the important information like log in details or account details to the remote system that monitor the user activities. Adware: It is also similar to spyware but it does not intent to transfer the user details to a remote system. It works like advertisements on the internet. Some adware monitor the searching behaviour of the user and then redirect the related websites. Prevention of Adware /Spyware: Close the pop up window. Aware about the spyware/adware. Click only reputed link. Social Engineering: Most of the users are getting unknown mail and they are also chatting with unknown people. Social engineering is one of the most popular techniques that attackers use to access the system by sending the mail or chatting with people to know the password. So it is a major risk to the security of the password. Prevention: Not response the unknown mail. Not chatting with unknown people. Dont give any one personal information or login id. Proper training or aware the new user about social engineering. Ping of death: we have only permission to send the largest packet (65,536 bytes) on the server. Attackers know this amount of bytes from ICMP specification. So they try to send the packets more than 65,536 bytes (at least 65,537). If the server does not check the size of the packet and try to process then it hung or crashed the operating system. Dumpster diving: Every day Lab user printing there necessary document but sometimes by mistake they are printing unnecessary document and end of the day through all document in the bin. Hacker is very intelligence. They always look at the bin and find the necessary document to access the network. Prevention: Destroy all documents before put in a bin Natural disasters: If anything happen that is not under control of human it is called natural dusters such as earthquakes, volcano, floods, fires, storms, hurricanes etc It may occur in any time but most risk is the fire for KW116 lab. It may cause from heater, power supply, over heating the power box, short circuit etc. Natural disaster is less chance for lab but it affect is more than any threat .It may destroy the part of the building, loses the all information. Prevention: Follow the health and safety procedures. Clear the fire exit. Aware the user about possible disaster. Man-Made Disasters: If anything happen intentionally to destroy the business process or destroy the part of the business and it is control of human then it is called the Man-Made Disaster such as Fire, Act of Terrorism, Bombings/Explosions, and Power Outages etc. Prevention: Check always ID card Allow only authorise people Use metal detector CCTV Equipment failure: Students are always busy with their course work and other course related work so equipment failure may loss the all data. Prevention: Use extra UPS Back up all data Auditing Stages/Steps Scope and Pre-Audit survey Planning Field work Analysis Reporting Scope and Pre-Auditing The first step or stage of the audit is to understand the purpose of the audit and the areas need to cover during the audit. Understanding the audit purpose is basically get the idea why this audit needs to perform; means any special risk assessment or annual audit. If it is special risk assessment audit this will be more specific and the scope will be narrow and deep otherwise if it is annual audit it will be the general audit to cover as much as possible area. Pre-Auditing survey is to verify the audit areas using risk management techniques and some general techniques such are reading previous audit report, web browsing, background reading, etc This will reduce the chance of failure by correcting the plan by lesson learned. Planning and Preparation In this stage the scope is going to break into small areas to make auditing easier and clear. So the clarity will be more and purpose will be easy to understand. Usually this stage will involve the work breakdown plan and risk control matrix. The risk control matrix is just a check list contains questions to carry out during the audit. Field work Actual auditing will perform during this stage by different techniques or methods. Simply it starts with interviewing staff or students using questioner or oral interview to system or network test by auditing software tools. The result of this stage will be the evidence of the audit to get a conclusion or submit to the management with audit report. So this will be the most important stage in the audit process. This step may use several testing software tools depend on the scope of the audit and the software selection is another key event of the audit process because there are so many fake software applications available in the market. Actually those are virus and the reason of making virus in the form of auditing tools. The reason of spreading the virus in the form of auditing or testing tool is very easy and hart to detect. Analysis Using the evidences or any results collected in the previous stage are the input of this stage. This stage is fully analysis and decision making so it needs a lots of time to investigation and assessment. The most sensitive area of the audit process is analysis because this is the place going to take the decision to submit to the board so that should be perfect otherwise the audit is useless and it will lead to make some wrong decision. Reporting The stage is to present all audit findings in the form of report. This is the document contains all evidences, analysis results, suggestions recommendations, conclusion, etc This document will pass to the management or the higher level people to review approve and take necessary action if necessary. The report should be clearly written and easy to understand because this document need for future also to give some information to start next auditing or to take some strategic decision. Problem Domain Because of the increased use of university of Greenwich KW116 lab the chances of threats or issues are high and this is the responsibility of the student and the staff to make the lab secure in all aspects. The reason of this project based on KW116 is that is the lab used by the students largely and usually network related or any other lab sessions and happening in this lab so if the lab got any security hole or lack that may affect the student and the staffs. Easiest way to ensure the security level of the lab is auditing. This auditing needs to cover all areas from physical security to network security. Then only this will the perfect audit and the audit can use some standard checklist to make more efficient and to eliminate human made errors such as forgotten, typing mistakes, etc There are so many ways to make sure the security level such as penetration testing and vulnerability testing. These are more specific with attacks and threats and for the general purpose security audit is the suitable one as it will cover all areas of the security. According the reasons given above the general security audit is the most suitable technique to verify the security level of the lab. So the auditing will cover most of the areas of the lab with the aid of standard checklist which is approved by British Standard Institute. Test behind the auditing Physical test Network test Software Test Security Policy test Hardware/Peripherals test Access control test Objectives To evaluate the actual level of security that exists at The University of Greenwich Maritime campus KW116 Lab. Activities plan and schedule the audit Auditing with software tools Analysis audit result Deliverable Detailed audit report with suggestions and recommendation This is the main objective of the project and this will carry on with several tools like packet sniffer, port scanner software, etc There are three different tests using these tools to identify internal and external vulnerabilities. To evaluate various methods of implementing the security policy, determine the security weaknesses and implement risk management for the existing security weaknesses. University lab security policy review Analysis Deliverable Detailed security policy analysis report with changes/suggestions/recommendation. The reason of this objective is to stop the holes from policy level because this is the easy way to implement. Learn Audit and Audit process and practice auditing and Research auditing products available in the market and select appropriate. This task is fully learning about audit and audit related stuffs. This objective is the key or starter of this project because if project start without proper knowledge that will mislead to somewhere else not to project aim. To draft a new security policy that addresses the existing weakness to the management. According to the analysis draft a security policy to fix or overcome all existing security holes. Deliverable Draft security policy How the objectives will be achieved Third and fourth objectives will be achieved with books and internet. This objective will give the idea about auditing the outcome of this objective will be a documentation which contains all requirements which need to cover in this project. The research will give the details about tools which requires to perform the auditing the methods/process for the auditing. Internet is the main and basic mean for this research as it is easy to access and with wide range of data. Tools which identified from the research will used to perform the security auditing and this audit result will monitor in real-time and document instantly. Mostly these tools will be freeware and from well-known vendor. The auditing will perform in three different views to make sure the area is secured fully. The views are inside computer local network, outside computer local network, outside computer different network. Audit Methodology This project uses two different methodologies to accomplish the task such as checklist and questioner. The check list is an aid for the auditor to perform the audit and it is a manual to the audit. So the checklist will contains all tests need to perform during the auditing where questioner is to get the opinion or feedback for the staffs and students (generally this will be feedback from stockholders). The analysis also will carry in two different way using questioner and the checklist and finally compare both and get the conclusion. The questioner and checklist covers most of the areas and those are grouped separately to make the auditors life easy and more understandable. The areas coved in the documents are Physical Security/ E Security Forensics and Risk Management Security Forensics and Risk Management Acknowledgement Foremost I would like say thanks to god for all support in all my life and secondly University of Greenwich to give this my life aim to complete my masters. Next my supervisor Professor Kevin Parrott to the supports he gave because without his support I wouldnt be able to complete my project with this quality. Especially the suggestions and appreciation given my supervisor make me feel better and gave positive thinking. Finally need to thank my family and friends for unbelievable supports and encouragements. Abstract As we are in the information era the world is changing to use electronic means for day to day use. The paper documents is gone and most of them are paper free because of so many reasons such as pollution, easy, fast, etc At the same time this digital media has availability, scalability, confidentiality and integrity which are required behaviour for secure communication. The risk is increased with the increase of computer and digital means usage and the single security lack may cause huge losses. There are some surveys says most of the crimes are happening through electronic means and the target is computer or computer peripherals. If the attacker found a single security lack that is enough to start and break the whole system and the security lack could be configuration mistake, firewall issue and basically problems in the protection mechanism. Because of these reasons testing become very important and this process called as Auditing. There are so many types in the auditing and this auditing requires technical knowledge to make these tests perfect and to give an audit report including suggestions. The auditing falls into two main categories such as Automatic and manual. The test will be efficient if it is automated using testing tools which are called as automated or computerised test. Even though there are some tests cannot be automated and need to test manually. This auditing covers network security test, physical or environment security test, computer security test which includes software and hardware tests. The computerised test will carry on with some security tools and the manual will use questioner to minimise human made errors mainly forgetting.   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Security audit is the technical assessment of the application or system. The assessment may be manual or systematic or both. In most case the auditing process uses manual and systematic/ automatic methods because there are some tests cannot be automatic such as review of the security policy, asset management, etc   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  This auditing has different types such as internal or external. This type is depends on the company size and the resource availability. Usually big companies have their own security auditor so they will perform the audit internally and the small and medium size companies mostly hire auditor form outside. Both types got pros and cons in security and financial manor. Chapter 1 Introduction This chapter largely contains non-technical information to give the understanding of high level objectives. Also describe the techniques and technologies used in the project and research to accomplish the project Objective Audit The audit is a systematic or manual security assessment of the network, infrastructure, system, etc The complete audit should be the combination of manual and automatic assessment because in every test target there will be some test cannot be automatic. The audit has so many categories and the following paragraph will explain about the categories and the functions or techniques behind that. There are 3 controls in the auditing process which are Preventive control The preventive controls are controls may in the form of software or hardware or ant configuration to prevent the error or vulnerabilities. This is an active type control always monitor the interface for any vulnerabilities and block such vulnerabilities or errors before it enter into the system or infrastructure. This is most effective control mechanism because not allows the vulnerabilities. Detective control The detectives are in placed to monitor the vulnerabilities in the form of software or hardware but the different between preventive and detective is the preventive wont allow the vulnerabilities into the system where detective allows entering everything and correcting the vulnerabilities after enter. The best example is for this control is fire alarm because fire alarm wont prevent the fire before but if any fire it will work. Corrective controls The corrective controls are the controls to correct the error or issue before it make any harm. This is very important control for all places even if they have other controls because there are some issues or vulnerabilities cannot detect by the controls if they will come and attack so there should be some control to correct those before loss occur. Addition to that the controls should up to date such as latest firmware or latest definition. Type of auditors   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  There are two basic types of auditors in the information era the internal and external auditors. This selection of the auditor will be done by the management with the use of financial status of the organisation. Size of the organisation and the policies defined in the company. Internal auditors Internal auditors are auditors belong to that particular company which is going to perform the audit. That means the auditor is an employee of the company. So the auditor is always available to do the auditing and data or information will keep within the organisation. This is the main advantage of having the internal auditor and the same time and the employee purposely recruited for auditing then is cost a lot for the company. So it is only possible for the big level companies because they have huge investments and revenue. The disadvantage of the internal auditor is they may be up-to-date and dont have current market or audit status such as new techniques and tools. External auditors The auditor recruited from other auditing firm for the auditing so it is very hard to find professional auditor because of the availability and as the auditor recruited from outside the company information may go out. At the same time the auditor needs some time to get and understand the company process. But the advantage of recruiting the external auditor is their knowledge and it is suitable for middle and small level companies. Types of Audit: Traditional Audit It is just like a manual auditing. It is useful when working with a large amount of data in a large company. Here auditor took some sample data from different place then provide a report. Advantage: Easy Cheaper Disadvantage: Always do not provide correct information. In IT sector it is not useful. Software audit: Software audit is a wide popular for any educational institute or organization. It is just like a review of the software and the system that can find all information of the system such as operating system, application software, processor, drives, controllers, bus adapters, multimedia, virus protection, system model, main circuit board, memory models, local drive volumes, network drives, printers information etc.. There are so many auditing tools in the market such as Belarc Advisor, E-Z audit that are very power full. KW116 is the main Lab for school of computing and mathematical science in University of Greenwich. CMS installed lots of software for students to continue study or research. According to Copy right, Design and Patents Act 1988, all Software must have a valid licences to continue the process. As Lab uses large amount of software and different software expire on different time so it is very difficult for Lab administrator to keep up to date all licence by manually checks. Only auditing by software can possible to give details report to administrator to keep up safe the system. Advantages: Correct Information: Machine always provide the correct information so it has less chance to provide the incorrect information. Save time: Software very quickly provides a report of the system so it saves time. Details description: It provide a details description of system including any warning or licences issues etc Minimise the cost: By implementing the software audit two peoples work may possible with one people so it reduce the extra cost. Disadvantages: Investment Costly: Software is very expensive so university need extra money to buy this software. Risk: Auditor knows the details information of the system. Work flow: Auditor needs part of the lab to check the system. So it discontinues the student workflow. The approach The typical audit has different approach to collect the data. The single audit will use multiple techniques to gather full information and it is necessary to use different technique for different level of people. These are common techniques here. Interview This technique uses to collect the information from outside people or top level people and the number should be limited. During the interview the auditor or interviewer will ask questions from other people and collect the information. So the person will be well prepared for the interview. This is very robust method because it will allow people to express fully and the method also simple as it is talking which is natural way to communicate. Another advantage is this bi directional communication, means both parties allows to ask questions for clarification or gather information. Observation This method uses in the place where real time process monitoring or behavioural change is required. This is a powerful way of do the changes throughout the audit because other techniques exist in currently not possible to get real time information. Inspection The technique required to do some action with collected data to collect audit related information. This is the form of observation with advance criteria expected. This is extended version of observation because if the auditor apply any advance criteria to gather the data which is necessary to the auditing. After collecting the data the next step is to identify the weakness and process it. The identifying is the key work in the audit and after that categorising. The identifying uses some techniques to make that easy, preface and professional. The techniques used here are Root cause analysis General technique for analyse and get the better solution for the vulnerability or weakness. Because this technique drilldowns to the issue and finds the root and fix the weakness. The basic technique behind this is if the root is fixed automatically it will fix all other problems related to that. So simply close all related issues at once. As mention the easy and robust way to stop the issues exist and the issues may come in the future. After root cause analysis the next step is to get the solution for the root of the issue. The important thing here is choosing better and effective solution for the issue. The selection depends on some external and internal restrictions. Organisation policy Cost per benefit Legal restrictions Availability Compatibility Vendor and citification Advantage of having Auditing: Satisfaction: It brings the confidence of the Lab administrator of the University of Greenwich to continue the business process. Owner always thinks is there any lack that breaks down the continuity of the business. Detection and prevention of errors: Human can made error in any times .on one can say there is no error in there company. By auditing people can find the error and suggestion to recover the error. Detection and prevention of fraud: It also just likes errors. Sometimes user intentionally or unintentionally does this thing. So after audit we can find out the fraud. Verification of the Licences: KW116 Lab installs lots of software for student. Here some software for 1 year some software for more than one year and some software has limitation (No. Of user can use) for use. So auditor can find all kind of licence issues. Independent opinion: Audit always done by the independent people .so this report always accepted by everyone. Safety form exploitation: Health and safety always is a big issue for any organization. KW116 Lab got lots of equipment that are connected with electricity. So always chances for short circuit or exploitation. Audit identifies the all lack point and advice for prevention. Disadvantage of having Auditing: It is expensive Sometimes slow or stop the work flow External people know the company information. Encryption Encryption is the simple technique in the different for to send the date securely through shared place like internet. The form of encryption may vary from each other but they all commonly use digital certificate to encrypt and decrypt the data. Encryption use keys to make cipher text from actual message. The cipher text is not readable and it is the encrypted version of the massage using some algorithm. Security roles/user roles The security roles are very important technique to make network administration easy. This is basically creating some groups with different permissions according to the organisation operation or policy. A user or staff can have multiple security roles according to their need. This roles use to authorise the user permission. Security policy Security policy is a document which has all rules and regulations documented and approved by management and align with laws and legislation. This policy is used to define all activities and this is used to make some decision. Business Continuity: There are three things always we have to mind to continue the business Essential: to running the business any customer order cannot be delay more than seven days. Tolerate delay: some application may delay to continue the business such as management pay. It is a midterm i.e. one to four weeks. Discretionary: some application is useful for business but it is not affected to continue the business operation such as management report. It is a long term i.e. 3 to 6 months. Business continuity planning Business continuity planning (BCP) is the most important for any organization to continue the business. BCP engages with only different kind of risk to continue the business process that might occur in the organization and it also creates the policies, plan and procedures to reduce the risk. BCP can continue the business process in disaster situation as well. The main goal of the BCP is to combine together all policies, procedures and process so that any disruptive situation business process can continue or it may impact very little. Here main important function of BCP is Maintaining the business operation Continue the business in emergency situation Reduce the risk If any situation BCP cannot take over then Disaster recovery planning (DRP) takes over. British Auditing Standard BS7799: It is a British standard called as BS7799 that developed by British standard institution where describes the security policy and standard procedures.BS7799 become the ISO IEC 17799 after accepting the ISO IEC technical committee for international use. Now a days information is a valuable asset for organization .So it is very important to protect the information like other corporate asset. Here BS7799 introduces how to protect the information from threats and suggest the three points to secure the information such as Integrity: it is assurance the completeness and accuracy of the information. Confidentiality: Information can only access by the authorise people Availability: Authorise people can access the information when needed. Attacks and prevention for the attacks Errors and Omissions: Errors and Omission is one of the most common and toughest vulnerabilities .It is a human made error because human interact with programming, controlling and enter data for computer. There are no countermeasures to protect the errors and omission. Fraud and theft: It is a one kind of criminal activities that may occur in the KW116 Lab. It includes computer component such as mouse, keyboard, router, switch, cables, CPU box etc. It was observed that security person always not in the access point. So it is harm to secure the lab from fraud and theft. By protecting the access control we can reduce the fraud and theft. Both internal and external people are responsible for that kind of activities. Prevention of Fraud and theft: Regular auditing and monitoring program will help to identify all kind of fraud and theft. Deploy all of the access control. CCTV in proper place. Virus: Virus is a malicious code that has ability to reproduce his code itself and spread one system to another system via e-mail, downloading, storage devices (CD, DVD, memory stick, removal hard drive) and destroy the computer system. It was observed that removal memory stick all most every user are using and it is the most change to spread the virus in the Lab computer system and also observed user are using their own laptop and connected to the university wireless network. If user laptop effected with virus then it also change to spread the lab network that can affect the internal network and attack the server and crash the hard drive. Prevention: Install the latest antivirus software. Regular update the antivirus software. Follow the backup procedures regularly. Scan the device when transfer data. Installing the NIDS (Network Intrusion detection system) and firewall Minimise the download from internet. Download only repudiated site web site. Scan before the download. Care full to open unknown e-mail attach. Scan all incoming file from the remote site. Aware the user about danger of the virus. Trap-doors: It is an undocumented command that might user can create to speed up the work flow. Unfortunately sometimes student might leave these trap-doors. Prevention of Trap-doors: Use latest antivirus software. Give permission to develop the code only authorise people. Check properly all coding before use it. Logic bombs: It work s like time bombs and affect the system in a particular event or day such as program launch, website logon. It changes the data and deletes the data from the system. Here student are accessing the lots software to do the course work or project. So they are strong enough to build the logic bombs. It is normally happen in company if employee leaves the job. Prevention: Audit regularly and monitoring Always back up the necessary file Allow authorise people to develop the code Need record of all modification or changes Trojan Horses: It is a software programming that contains the malicious code. Normally students are interested to download the music, free software from internet. It is the most change to affect the lab computer and destroy the data stored on lab computer system. Prevention: Avoid unwanted software and music download from internet. Aware the user about Trojan Horses. Worm: Warm also is a malicious code that can spread itself without any human involvement from one system to another system .It works only computer network system and does not need any devices to transport. Prevention: Use firewall Use update antivirus software Spyware: It is an unwanted software interface that monitors the activity of the user and transfers the important information like log in details or account details to the remote system that monitor the user activities. Adware: It is also similar to spyware but it does not intent to transfer the user details to a remote system. It works like advertisements on the internet. Some adware monitor the searching behaviour of the user and then redirect the related websites. Prevention of Adware /Spyware: Close the pop up window. Aware about the spyware/adware. Click only reputed link. Social Engineering: Most of the users are getting unknown mail and they are also chatting with unknown people. Social engineering is one of the most popular techniques that attackers use to access the system by sending the mail or chatting with people to know the password. So it is a major risk to the security of the password. Prevention: Not response the unknown mail. Not chatting with unknown people. Dont give any one personal information or login id. Proper training or aware the new user about social engineering. Ping of death: we have only permission to send the largest packet (65,536 bytes) on the server. Attackers know this amount of bytes from ICMP specification. So they try to send the packets more than 65,536 bytes (at least 65,537). If the server does not check the size of the packet and try to process then it hung or crashed the operating system. Dumpster diving: Every day Lab user printing there necessary document but sometimes by mistake they are printing unnecessary document and end of the day through all document in the bin. Hacker is very intelligence. They always look at the bin and find the necessary document to access the network. Prevention: Destroy all documents before put in a bin Natural disasters: If anything happen that is not under control of human it is called natural dusters such as earthquakes, volcano, floods, fires, storms, hurricanes etc It may occur in any time but most risk is the fire for KW116 lab. It may cause from heater, power supply, over heating the power box, short circuit etc. Natural disaster is less chance for lab but it affect is more than any threat .It may destroy the part of the building, loses the all information. Prevention: Follow the health and safety procedures. Clear the fire exit. Aware the user about possible disaster. Man-Made Disasters: If anything happen intentionally to destroy the business process or destroy the part of the business and it is control of human then it is called the Man-Made Disaster such as Fire, Act of Terrorism, Bombings/Explosions, and Power Outages etc. Prevention: Check always ID card Allow only authorise people Use metal detector CCTV Equipment failure: Students are always busy with their course work and other course related work so equipment failure may loss the all data. Prevention: Use extra UPS Back up all data Auditing Stages/Steps Scope and Pre-Audit survey Planning Field work Analysis Reporting Scope and Pre-Auditing The first step or stage of the audit is to understand the purpose of the audit and the areas need to cover during the audit. Understanding the audit purpose is basically get the idea why this audit needs to perform; means any special risk assessment or annual audit. If it is special risk assessment audit this will be more specific and the scope will be narrow and deep otherwise if it is annual audit it will be the general audit to cover as much as possible area. Pre-Auditing survey is to verify the audit areas using risk management techniques and some general techniques such are reading previous audit report, web browsing, background reading, etc This will reduce the chance of failure by correcting the plan by lesson learned. Planning and Preparation In this stage the scope is going to break into small areas to make auditing easier and clear. So the clarity will be more and purpose will be easy to understand. Usually this stage will involve the work breakdown plan and risk control matrix. The risk control matrix is just a check list contains questions to carry out during the audit. Field work Actual auditing will perform during this stage by different techniques or methods. Simply it starts with interviewing staff or students using questioner or oral interview to system or network test by auditing software tools. The result of this stage will be the evidence of the audit to get a conclusion or submit to the management with audit report. So this will be the most important stage in the audit process. This step may use several testing software tools depend on the scope of the audit and the software selection is another key event of the audit process because there are so many fake software applications available in the market. Actually those are virus and the reason of making virus in the form of auditing tools. The reason of spreading the virus in the form of auditing or testing tool is very easy and hart to detect. Analysis Using the evidences or any results collected in the previous stage are the input of this stage. This stage is fully analysis and decision making so it needs a lots of time to investigation and assessment. The most sensitive area of the audit process is analysis because this is the place going to take the decision to submit to the board so that should be perfect otherwise the audit is useless and it will lead to make some wrong decision. Reporting The stage is to present all audit findings in the form of report. This is the document contains all evidences, analysis results, suggestions recommendations, conclusion, etc This document will pass to the management or the higher level people to review approve and take necessary action if necessary. The report should be clearly written and easy to understand because this document need for future also to give some information to start next auditing or to take some strategic decision. Problem Domain Because of the increased use of university of Greenwich KW116 lab the chances of threats or issues are high and this is the responsibility of the student and the staff to make the lab secure in all aspects. The reason of this project based on KW116 is that is the lab used by the students largely and usually network related or any other lab sessions and happening in this lab so if the lab got any security hole or lack that may affect the student and the staffs. Easiest way to ensure the security level of the lab is auditing. This auditing needs to cover all areas from physical security to network security. Then only this will the perfect audit and the audit can use some standard checklist to make more efficient and to eliminate human made errors such as forgotten, typing mistakes, etc There are so many ways to make sure the security level such as penetration testing and vulnerability testing. These are more specific with attacks and threats and for the general purpose security audit is the suitable one as it will cover all areas of the security. According the reasons given above the general security audit is the most suitable technique to verify the security level of the lab. So the auditing will cover most of the areas of the lab with the aid of standard checklist which is approved by British Standard Institute. Test behind the auditing Physical test Network test Software Test Security Policy test Hardware/Peripherals test Access control test Objectives To evaluate the actual level of security that exists at The University of Greenwich Maritime campus KW116 Lab. Activities plan and schedule the audit Auditing with software tools Analysis audit result Deliverable Detailed audit report with suggestions and recommendation This is the main objective of the project and this will carry on with several tools like packet sniffer, port scanner software, etc There are three different tests using these tools to identify internal and external vulnerabilities. To evaluate various methods of implementing the security policy, determine the security weaknesses and implement risk management for the existing security weaknesses. University lab security policy review Analysis Deliverable Detailed security policy analysis report with changes/suggestions/recommendation. The reason of this objective is to stop the holes from policy level because this is the easy way to implement. Learn Audit and Audit process and practice auditing and Research auditing products available in the market and select appropriate. This task is fully learning about audit and audit related stuffs. This objective is the key or starter of this project because if project start without proper knowledge that will mislead to somewhere else not to project aim. To draft a new security policy that addresses the existing weakness to the management. According to the analysis draft a security policy to fix or overcome all existing security holes. Deliverable Draft security policy How the objectives will be achieved Third and fourth objectives will be achieved with books and internet. This objective will give the idea about auditing the outcome of this objective will be a documentation which contains all requirements which need to cover in this project. The research will give the details about tools which requires to perform the auditing the methods/process for the auditing. Internet is the main and basic mean for this research as it is easy to access and with wide range of data. Tools which identified from the research will used to perform the security auditing and this audit result will monitor in real-time and document instantly. Mostly these tools will be freeware and from well-known vendor. The auditing will perform in three different views to make sure the area is secured fully. The views are inside computer local network, outside computer local network, outside computer different network. Audit Methodology This project uses two different methodologies to accomplish the task such as checklist and questioner. The check list is an aid for the auditor to perform the audit and it is a manual to the audit. So the checklist will contains all tests need to perform during the auditing where questioner is to get the opinion or feedback for the staffs and students (generally this will be feedback from stockholders). The analysis also will carry in two different way using questioner and the checklist and finally compare both and get the conclusion. The questioner and checklist covers most of the areas and those are grouped separately to make the auditors life easy and more understandable. The areas coved in the documents are Physical Security/ E