Assessment 3 Information
Your Task
Consider below information regarding the Capital One data breach. Read the case study carefully and using the resources listed, together with your own research, complete:
- · Part A (Industry Report) Individually by Monday 23: 55pm AEDT Week 12
- Part B (Application for data access presentation) submitted in Monday Week 13 at 23:55 AEST, as an individual video upload.
Assessment Description
Who is Capital One?
Capital One Financial Corporation is an American bank holding company specializing in credit cards, auto loans, banking, and savings accounts. The bank has 755 branches including 30 café style locations and 2,000 ATMs. It is ranked 97th on the Fortune 500, 17th on Fortune’s 100 Best Companies to Work For list, and conducts business in the United States, Canada, and the United Kingdom. The company helped pioneer the mass marketing of credit cards in the 1990s. In 2016, it was the 5th largest credit card issuer by purchase volume, after American Express, JPMorgan Chase, Bank of America, and Citigroup. The company’s three divisions are credit cards, consumer banking and commercial banking. In the fourth quarter of 2018, 75% of the company’s revenues were from credit cards, 14% were from consumer banking, and 11% were from commercial banking.
History
Capital One is the fifth largest consumer bank in the U.S. and eighth largest bank overall(Capital One, 2020), with approximately 50 thousand employees and 28 billion US dollars in revenue in 2018(Capital One, 2019).Capital One works in a highly regulated industry, and the company abides to existing regulations, as stated by them: “The Director Independence Standards are intended to comply with the New York Stock Exchange (“NYSE”) corporate governance rules, the Sarbanes-Oxley Act of 2002, the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, and the implementing rules of the Securities and Exchange Commission (SEC) thereunder (or any other legal or regulatory requirements, as applicable)”(Capital One, 2019). In addition, Capital One is a member of the Financial Services Sector Coordinating Council (FSSCC), the organization responsible for proposing improvements in the Cybersecurity framework.
Capital One is an organization that values the use of technology and it is a leading U.S. bank in terms of early adoption of cloud computing technologies. According to its 2018 annual investor report (Capital One, 2019), Capital One considers that “We’re Building a Technology Company that Does Banking”. Within this mindset, the company points out that “For years, we have been building a leading technology company (…). Today, 85% of our technology workforce are engineers. Capital One has embraced advanced technology strategies and modern data environments. We have adopted agile management practices, (…).We harness highly flexible APIs and use microservices to deliver and deploy software. We’ve been building APIs for years, and today we have thousands that serves as the backbone for billions of customer transactions every year.” In addition, the report highlights that “The vast majority of our operating and customer-facing applications operate in the cloud(…).”Capital One was one of the first banks in the world to invest in migrating their on-premise datacenters to a cloud computing environment, which was impacted by the data leak incident in 2019.
Indeed, Amazon lists Capital One migration to their cloud computing services as a renowned case study. Since 2014, Capital One has been expanding the use of cloud computing environments for key financial services and has set a roadmap to reduce its datacenter footprint. From 8 data centers in 2014, the last 3 are expected to be decommissioned by 2020, reducing or eliminating the cost of running on-premise datacenters and servers. In addition, Capital One worked closely with AWS to develop a security model to enable operating more securely. According to George Brady, executive vice president at Capital One,
“Before we moved a single workload, we engaged groups from across the company to build a risk framework for the cloud that met the same high bar for security and compliance that we meet in our on-premises environments.”
Source: https://web.mit.edu/smadnick/www/wp/2020-07.pdf
Assessment Instructions
Part A: Industry Report (1800 words, 25 marks)– Individual
Based on the readings provided in this outline, combined with your own independent research, you are required to evaluate the implications of legislation such as GDPR on the Capital One’s business model. The structure of your report should be as follows.
Your report needs to be structured in line with the Kaplan Business School Report Writing Guide and address the following areas:
· Data Usability
- Benefits and costs of the database to its stakeholders.
- Descriptive, predictive and prescriptive applications of the data available and the data analytics software tools this would require.
· Data Security and privacy
- Data security, privacy and accuracy issues associated with the database.
· Ethical Considerations
- The ethical considerations behind whether the user has the option to opt in or opt out of having their data stored.
- Other ethical issues of gathering, maintaining and using the data.
· Artificial Intelligence
- How developments in AI intersects with data security, privacy and ethics.
- Use the resources provided as well as your own research to assist with data collection and data privacy discussions.
Part B: Presentation (5 minutes, 15 marks)
Instructions: Students to prepare a presentation of 10 – 12 slides. Students can use MS Powerpoint to organize their slide deck but other tools will be accepted as well (e.g. Prezi).
Imagine that you are an analyst from the company you selected for Part A. You need to access user and transactional data generated by your chosen company in Part A for an analytics-based research project. Although it’s the company’s own data, regulators and legislators are becoming increasingly concerned about the way in which certain use cases for these types of projects can infringe on privacy, individual rights and potentially be in contravention of GDPR and other legislative prescriptions.
Create a presentation of approximately 5 minutes in which you discuss how your organization uses its data and the broad implications involved. Discuss the issues below, and imagine you are communicating this presentation to government (regulators and / or legislators) as your primary audience.
Consider:
- Why you want the data and the resulting benefits to the community;
- How the data can be sourced ethically and securely;
- How you will keep the data safe and de-identify individuals; and
- How you will present the results and add insights in an ethical way.
Important Study Information
Academic Integrity Policy
KBS values academic integrity. All students must understand the meaning and consequences of cheating, plagiarism and other academic offences under the Academic Integrity and Conduct Policy.
What is academic integrity and misconduct? What are the penalties for academic misconduct? What are the late penalties?
How can I appeal my grade?
Word Limits for Written Assessments
Submissions that exceed the word limit by more than 10% will cease to be marked from the point at which that limit is exceeded.
Study Assistance
Students may seek study assistance from their local Academic Learning Advisor or refer to the resources on the MyKBS Academic Success Centre page. Click here for this information.
Assessment Marking Guide
| Section | Criteria | NN (Fail) 0%-49% | P (Pass) 50%-64% | CR (Credit) 74%-65% | DN (Distinction) 75%-84% | HD (High Distinction) 85%-100% |
| Part A: Individual Report | Evaluate the data usability, security and ethics associated with creating a data repository for diverse stakeholders and consider software requirements | Failure to address data usability and security issues associated with the company database or failure to consider software requirements | Basic description of data usability and security issues associated with creating the system Limited consideration of software capabilities | Considered discussion of data usability and security issues associated with creating the system Adequate description of the feasibility of data usability given current software capabilities | Clear evaluation of key data usability and security issues associated with creating system Well-supported consideration of the feasibility of data usability given current software capabilities | Comprehensive evaluation of key data usability and security considerations associated with creating the system with a focus on various stakeholders Very high standard assessment of the feasibility of data usability given current software capabilities |
| Produce a report which is well-researched, correctly referenced, professionally presented, logical, well- structured and addresses the relevant issues | Report is not logical and fails to evaluate major issues Inadequate research conducted and sources incorrectly acknowledged | Partially referenced evaluation of issues, without a logical structure and acknowledgement of some sources from limited research | Referenced evaluation of some relevant issues with acknowledgement of most sources and evidence of reasonable research conducted into the topic | Referenced and congruent evaluation of relevant issues with acknowledgement of a wide range of sources and evidence of broad research conducted into the topic | Well-referenced, engaging and logical evaluation of relevant issues with correct acknowledgement of extensive sources and evidence of comprehensive research conducted into the topic | |
| See part B next page |
| Section | Criteria | NN (Fail) 0%-49% | P (Pass) 50%-64% | CR (Credit) 74%-65% | DN (Distinction) 75%-84% | HD (High Distinction) 85%-100% |
| Part B: | Construct a business | Failure to make an | A limited description of | A solid presentation | A high-quality | An effective business |
| Presentation | case outlining the | effective argument | the benefits of using | of the benefits of | business case for | case for using the data |
| benefits of using and | around using the data | the data for research | using the data for | using the data for | for research purposes | |
| storing the data, while | for research and no | purposes is made and | research purposes is | research purposes is | is made by | |
| addressing the | consideration of | very few of the ethical | made and some of | made by considering | convincingly | |
| relevant ethical and | drawbacks | and security draw- | the ethical and | its major benefits and | articulating the | |
| security issues and | backs are mentioned | security draw-backs | analysing the ethical | benefits this would | ||
| concerns | are discussed | and security draw- | provide for society, | |||
| backs | and expertly analysing | |||||
| the ethical and security | ||||||
| draw-backs | ||||||
| Effectively and clearly | Failure to effectively | Brief listing of how the | Solid description of | Clear communication | Effective | |
| communicate an | communicate key | data can be used for | the use of the data for | and justification of the | communication and | |
| argument to use the | messages and a lack of | research in a way that | research in a way that | use of the data for | convincing justification | |
| data for research | consideration for the | is understandable to | considers some of | research in a way that | of the use of the data | |
| purposes while | audience’s needs | most people | the target audience’s | sufficiently considers | for research in a way | |
| considering the | needs | the target audience’s | that persuades a target | |||
| audience and their | needs | audience | ||||
| motivations |
Assignment Submission
Part B to be submitted In class in week 12. Students must submit Part A via Turnitin on Monday of Week 12 at 23:55pm AEST.
This file must be submitted as a PDF document to avoid any technical issues that may occur from incorrect file format upload. Uploaded files with a virus will not be considered as a legitimate submission. Turnitin will notify you if there is any issue with the submitted file. In this case, you must contact your lecturer via email and provide a brief description of the issue and a screen shot of the Turnitin error message.
Students are also encouraged to submit their work well in advance of the time deadline to avoid any possible delay with Turnitin similarity report generation or any other technical difficulties.
Late assignment submission penalties
Penalties will be imposed on late assignment submissions in accordance with Kaplan Business School’s Assessment Policy.
| Number of days | Penalty |
| 1* – 9 days | 5% per day for each calendar day late deducted from the student’s total Marks. |
| 10 – 14 days | 50% deducted from the student’s total marks. |
| After 14 days | Assignments that are submitted more than 14 calendar days after the due date will not be accepted and the student will receive a mark of zero for the assignment(s). |
| Note | Notwithstanding the above penalty rules, assignments will also be given a mark of zero if they are submitted after assignments have been returned to students. |
*Assignments submitted at any stage within the first 24 hours after deadline will be considered to be one day late and therefore subject to the associated penalty.
If you are unable to complete this assessment by the due date/time, please refer to the Special Consideration Application Form, which is available at the end of the KBS Assessment Policy:
https://www.kbs.edu.au/wp-content/uploads/2016/07/KBS_FORM_Assessment-Policy_MAR2018_FA.pdf
Get expert help for Introduction to Business Analytics and many more. 24X7 help, plag free solution. Order online now!
