This Week Your Rotation Assignment Takes You To The Office O

This Week Your Rotation Assignment Takes You To The Office Of The Chie This week your rotation assignment takes you to the Office of the Chief Financial Officer (CFO). An external audit of the company's financial operations has just been completed. Last week, an "early look" copy of the audit was sent to the CFO with a request for a formal written response for each of the findings. Some of the problem areas were known to the CFO's staff and they were already working on the required responses. But, there is one set of findings that came as a complete surprise -- Shadow IT -- the unauthorized / unapproved use of cashless payment technologies by certain locations and offices within the company. These technologies included: 1. Micro payments using a payment card issued by guest services to hotel guests and via unattended vending machines to visitors. These payment cards are loaded with a cash value deposited to the card's account via a credit card charge. Guest services also credits some of these payment card accounts with "reward dollars" for guests who belong to the hotel's affinity program. The payment cards are used at service locations which do not have a cashier station, such as game arcades, self-service laundry, or sales kiosks. These payments are processed by a third-party service provider, which then uses electronic funds transfer to pay the hotel its share of the income. 2. Mobile Payments for services booked through the concierge desk with an authorized but independent provider (not a hotel employee). These services include private lessons with tennis or golf pros, childcare, tours, interpreters, etc. These payments are made via cell phones, either as a contactless payment system such as Apple Pay or by swiping a credit card through a magnetic stripe reader connected to the provider's phone. The payment accounts which receive these payments are connected to the hotel's merchant card accounts. The hotel pays the providers monthly via electronic deposit and issues an IRS Form 1099 to record the income. The CFO must present on these payment systems to the IT Governance board for approval or to enforce cessation of unapproved use. The presentation should include potential compliance issues related to PCI-DSS and privacy/security concerns. Due to the size and complexity of the problem, the CFO split the staff into two teams: Team #1 focusing on micro payment cards, and Team #2 on mobile payment systems. You are asked to join one team. You must choose either the micro payment card system or the mobile payment system to analyze, and prepare a two-page summary of key points from your readings, outlining at least five privacy and security issues relevant to the financial aspects such as payment processing, information exchange, and protection.