Page 278 - Using MIS
P. 278
246 Chapter 6 The Cloud
S3 product to provide scalable, elastic storage. When financial 6-15. Reread the SEC’s 2003 interpretation. In your own words,
institutions submit records to FinQloud for storage, FinQloud explain the difference between “integrated hardware and
processes the data in such a way that it cannot be updated, software control codes” and software applications that
encrypts the data, and transmits the processed, encrypted use “authentication and approval policies, passwords, or
data to AWS, where it is encrypted yet again and stored on S3 other extrinsic controls.” Give an example of each.
devices. Data is indexed on S3 and can be readily read by au- 6-16. Clearly, in the view of the SEC, the likelihood of compro-
thorized users. NASDAQ OMX then claimed that FinQloud’s mise of an integrated system of hardware and software is
processing and encryption is done is such a way that it meets considerably less than the likelihood of compromise of
the SEC requirement. a system of authentication, passwords, and procedures.
Of course, NASDAQ OMX knew that this statement would be Justify this view.
perceived as self-serving, so it hired two independent compa-
nies to verify that claim: Jordan & Jordan, a securities industry 6-17. Do you agree with the view in question 6-16? Why or
consulting company, and Cohasset Associates, a document- why not?
processing consulting company. According to The Wall Street 6-18. Investigate Jordan & Jordan (www.jandj.com) and
Journal, both organizations concluded that when properly con- Cohasset Associates (www.cohasset.com). If you were a
figured, FinQloud meets the requirements of the SEC’s rule consultant to a financial institution, to what extent would
(Rule 17a-3) as well as a similar rule set out by the Commodities you rely on the statements of these organizations?
Futures Trading Commission. 16 6-19. If you were a consultant to a financial institution, what
Consequently, NASDAQ OMX customers can use FinQloud, else might you do to verify that FinQloud complies with
and as long as they can demonstrate that they have properly the SEC ruling and its 2003 interpretation?
configured it, their auditors will find this system to be in com-
pliance with the SEC rulings. 6-20. Explain how the knowledge that you have gained so far
in this course helps you to understand the SEC’s 2003
interpretation. Summarize how your knowledge would
Questions
help you if you worked for a financial institution. Cast
6-14. In your own words, summarize the dealer-broker re- your answers to this question in a way that you could
cord retention requirements. use in a job interview.
MyMISLab ™
Go to mymislab.com for Auto-graded writing questions as well as the following
Assisted-graded writing questions:
6-21. Suppose that you work at AllRoad Parts and Kelly tells you that she doesn’t
believe that cheap, elastic provisioning of servers is possible. “There has to
be a catch somewhere,” she says. Write a one-page memo to her explaining
how the cloud works. In your memo, include the role of standards for cloud
processing.
6-22. Suppose you manage a sales department that uses the SaaS product
Salesforce.com. One of your key salespeople refuses to put his data into that
system. “I just don’t believe that the competition can’t steal my data, and I’m
not taking that risk.” How do you respond to him?
16 Greg MacSweeney, “Nasdaq OMX FinQloud R3 Meets SEC/CFTC Regulatory Requirements, Say Consultants,” April 15, 2013, www.wallstreetandtech
.com/data-management/nasdaq-omx-finqloud-r3-meets-seccftc-reg/240152909.
