Disclaimer: This is an example of a student written essay.
Click here for sample essays written by our professional writers.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UKEssays.com.

Security Audit for Botox Pharmaceutical Company

Paper Type: Free Essay Subject: Security
Wordcount: 1543 words Published: 18th May 2020

Reference this

Allergan is a pharmaceutical company which is the biggest provider of Botox.  Since becoming the biggest provider of this product, there are always ethical issues not only within the organization but outside of the organization, as well.  The majority of the ethical issues we face are the fact that the most prominent of these would be that, by taking Botox, you are injecting a toxin into your body; a toxin that can kill in very small amounts.  Botox injects can somewhat be compared to chemotherapy because you are hurting your body in a tiny amount.  This equates to legal and regulatory compliance rather than ensuring a higher quality of care.  This audit will be conducted to show Allergan is following all of the legal and regulatory compliance and policies worldwide.  Are all security parameters and measures in place to protect the privacy of the customers?  Are there adequate cybersecurity measures in place to avoid computer crimes from inside or outside of the organization?  Are all control measures in place to protect the organization’s intellectual property and licensing?  We will go over these control measures in this document. 

Legal and Regulatory Compliance

Allergan has a high-level of due diligence that must be demonstrated to provide it has ethically complied with the legal and regulatory standards of the industry.  In the case of legal compliance, it is in the organization’s best interest to enlist the aid of a proven information security practitioner that not only has proven expertise in ensuring legal compliance of chemical production data security processes but also has certifications assuring their abilities to access and deploy legally compliant information systems management processes.  Regulatory compliance can be assured through a similar method of entrusting the engineering of data management systems that are compliant-based on the industry standards.

Get Help With Your Essay

If you need assistance with writing your essay, our professional essay writing service is here to help!

Essay Writing Service

There is a recommended process for identifying compliance standards and adjusting business processes to fall within that identified requirements of legal and regulatory compliance standards.  First, thorough identification processes, indicating the legal and regulatory standards that apply must be completed.  Next, policies should be drafted to provide protocols which ensure compliance standards.  These policies should have a framework that ensures all business procedures, employee training, and process monitoring activities fall within the parameters of liability that are defined in legal and regulatory standards.  Metrics should be identified that will guide the compliance validation process.  The procedures designed to assure accountability should be free of redundant or competitive processes.

Computer Crime – Suzan

 As a pharmaceutic company, our industry highly depends on technology and this makes our system more vulnerable to computer crimes.  Computer crime is a kind of attack that aims to access confidential information and have control over the whole network of Allergan.  Computer crime has a catastrophic impact if conducted against an organization and can easily lead to the damage of confidential information.  Computer crime might be utilized to get access to physician information to be used to cover operations, prescriptions, or recipes.  Additionally, it grants hackers access to confidential data of their clients; this reduces the trust in the organization and costs millions of dollars to recover from the impacts. 

 To reduce the risks of computer crime, it is crucial to have a highly secured system.  This can be attained by implementing updated anti-virus and anti-malware software.  Also, there should be strong firewalls that block certain sites and limits the traffic on the network.  Moreover, only authorized personnel should have access to the system.  In addition to the security system, it is essential to have our staff educated on the impacts of computer crime and the strategies to avoid those attacks.  Employees should undergo regular training that includes, but is not limited to, security and privacy, spear phishing, and work ethics.  Regular training keeps employees alerted on the policies of the organization and held accountable for their actions.

Intellectual Property

 According to Reynolds (2015), “Intellectual property is any product of the mind that is owned by a group.  Intellectual property is traditionally comprised of four categories: patient, copyright, trademark, and trade secrets” (p. 220).  Trademarks, patents, trade secret laws, and copyrights can help protect Allergan’s unique business ideas and trade secrets.  Allergan needs to take appropriate steps to protect its trade secrets from other organizations.  Some of the steps Allergan can take to help protect their intellectual property is by developing a plan to reduce their risks.  Once a plan is built, Allergan should put mechanisms in place to cut the risk.  These include “nondisclosure agreements, developing agreements for outsourcing and consulting, providing adequate physical security, using methods to prevent computer hacking, and using employee agreements” (Intellectual Property Rights Applied,” 2019).  Another step Allergan can take to protect their intellectual property is by performing a needs assessment.  By conducting this assessment, Allergan can develop strategies to protect its assets.  Things to look at while conducting this assessment is any specific methods, processes, formulations, systems, or instruments Allergan uses to develop intellectual property.  Also, determining what advantages Allergan has over its competition allows for marketing strategies, product formulas, manufacturing processes and, most importantly, specialized pricing.


 If violations of pirated software licenses are found, the worst case scenario is Allergan may have to pay fines for the unlicensed software.  On that same note, Allergan would need to destroy their pirated software, which pirated software is potentially harmful and can lead to open gateways for malware via loopholes, as well as cause a concern for malpractice if the information is stolen by an unauthorized party.  Once the software is destroyed, Allergan would need to legally purchase licenses for all software that was illegally used.  This process can be time-consuming and cause production delays for the employees, as well as their clients.  The ethical reasoning for properly licensing software is to remain secure and keep the client healthcare data private, such as the case of the Health Insurance Portability and Account Act (HIPAA). 

Find Out How UKEssays.com Can Help You!

Our academic experts are ready and waiting to assist with any writing project you may have. From simple essay plans, through to full dissertations, you can guarantee we have a service perfectly matched to your needs.

View our services

 Aside from software piracy, there is also the issue of illegal drug trafficking due to the increased demand of consumers wanting to find medications online without obtaining a prescription from a doctor.  The ethical issue with purchasing unlicensed pharmaceuticals online is potentially killing the consumers by selling potent drugs, e.g. knock-off.  If a consumer is allergic to a medication the seller states it truly is, yet the seller sends a drug completely different, e.g. counterfeit, this reduces the quality of life to the consumer.  In addition, if the seller sends a higher potency of a drug to a consumer that, too, could reduce the quality of life for the consumer.  Globally, there is the issue of unlicensed medical practitioners giving consumers Botox injections.  There will always be ongoing global issues with unlicensed medical practitioners and drug trafficking because the Internet has made it easier for consumers to find the pharmaceuticals they want.


  • Cybercrime in the Pharmaceutical Industry: A Booming Business. (2012). Retrieved from https://www.pharmaceutical-technology.com/features/featurecybercrime-pharmaceutical-industry-biotech/
  • Intellectual Property Rights Applied in Business. (2019). Retrieved from https://www.universalclass.com/articles/business/intellectual-property-rights-applied-in-business.htm
  • International Narcotics Control Board. (2009). Guidelines for governments on preventing the illegal sale of internationally controlled substances through the Internet [PDF file]. Journal of the United Nations, 8, 56424. Retrieved from https://www.incb.org/documents/Narcotic-Drugs/Guidelines/internet/NAR_guide_Internet_guidelines_English.pdf
  • Reynolds, G. W. (2015). Ethics in information technology (5th ed.). Boston, MA: Cengage Learning.
  • Whitman, M. E., & Mattord, H. J. (2016). Principles of information security (5th ed.). Boston, MA: Cengage Learning.


Cite This Work

To export a reference to this article please select a referencing stye below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Related Services

View all

DMCA / Removal Request

If you are the original writer of this essay and no longer wish to have your work published on UKEssays.com then please: