Scenario Branson Ltd. is a public listed tour company that is based in Melbourne. One of its main operating businesses is to provide tourists with hot-air balloon flights over the city. As their current balloons are due to be retired, they must decide whether to replace them with a large or small model. New balloons have an expected life of 8 years, after which salvage values are $70,000 for the large balloons and $45,000 for the small balloons. Market research has estimated that there is a 60% probability that demand will be high throughout the useful life of the balloons, and a 40% probability that demand will be low throughout the useful life of the balloons. The large model is expected to cost $900,000, with an extra installation and shipping cost of $80,000. The small model is expected to cost $650,000, with an additional installation and shipping cost of $45,000. The company's accounting policy is to depreciate using the reducing balance approach of 20% per annum.1 There is also an initial increase in net working capital of $70,000 for the large model, and $40,000 for the small model. The net working capital is recoverable at the end of their useful life. In the event of high demand, the company expects a yearly operating revenue of $800,000 for the large model, and a yearly operating revenue of $330,000 for the small model. If the demand is low, yearly operating revenue is forecasted to be $700,000 for the large model and $280,000 for the small model. Annual variable and fixed costs associated with operating these balloons are expected to be $400,000 for the large model and $150,000 for the small model. In addition, if the large model is preferred over the small model, the company needs to rent an additional warehouse to store the large balloons. A new warehouse’s rental cost is expected to be $150,000 per year. At the end of year four, there is also an option to cease operation and thus sell the large balloons for $500,000 and the small balloons for $400,000 if the business is not profitable. The company requires you to calculate an appropriate discount rate using the company’s weighted average cost of capital. The company’s capital structure has remained fairly stable, with a debt-to-equity ratio of 1.2. The company has no plan to adjust its capital structure in the future. Given that the company is listed on the stock exchange, you are able to obtain the historical returns over the last 20 years for the company, the market portfolio and the risk-free asset as tabulated in Table 1. The company debentures have a face value of $1000 and a coupon rate of 10%. They mature in 10 years' time. Similar debentures are currently yielding 12%. The company tax rate is 30%. 1 As discussed in Week 5, ignore residual value in the calculation of yearly depreciation. Table 1 Year Branson Market Risk-free 1999 23.13% 13.81% 6.01% 2000 19.55% 12.77% 6.31% 2001 10.08% 7.65% 5.62% 2002 -19.35% -10.64% 5.84% 2003 25.01% 14.61% 5.37% 2004 29.21% 29.

1. Scenario
Branson Ltd. is a public listed tour company that is based in
Melbourne. One of its main operating businesses is to provide
tourists with hot-air balloon flights over the city. As their
current balloons are due to be retired, they must decide whether
to replace them with a large or small model. New balloons have
an expected life of 8 years, after which salvage values are
$70,000 for the large balloons and $45,000 for the small
balloons. Market research has estimated that there is a 60%
probability that demand will be high throughout the useful life
of the balloons, and a 40% probability that demand will be low
throughout the useful life of the balloons.
The large model is expected to cost $900,000, with an extra
installation and shipping cost of $80,000. The small model is
expected to cost $650,000, with an additional installation and
shipping cost of $45,000. The company's accounting policy is to
depreciate using the reducing balance approach of 20% per
annum.1 There is also an initial increase in net working capital
of $70,000 for the large model, and $40,000 for the small
model. The net working capital is recoverable at the end of their
useful life.
In the event of high demand, the company expects a yearly
operating revenue of $800,000 for the large model, and a yearly
operating revenue of $330,000 for the small model. If the
demand is low, yearly operating revenue is forecasted to be
$700,000 for the large model and $280,000 for the small model.
Annual variable and fixed costs associated with operating these
balloons are expected to be $400,000 for the large model and
$150,000 for the small model. In addition, if the large model is
preferred over the small model, the company needs to rent an
additional warehouse to store the large balloons. A new
warehouse’s rental cost is expected to be $150,000 per year. At
the end of year four, there is also an option to cease operation
and thus sell the large balloons for $500,000 and the small

2. balloons for $400,000 if the business is not profitable.
The company requires you to calculate an appropriate discount
rate using the company’s weighted average cost of capital. The
company’s capital structure has remained fairly stable, with a
debt-to-equity ratio of 1.2. The company has no plan to adjust
its capital structure in the future. Given that the company is
listed on the stock exchange, you are able to obtain the
historical returns over the last 20 years for the company, the
market portfolio and the risk-free asset as tabulated in Table 1.
The company debentures have a face value of $1000 and a
coupon rate of 10%. They mature in 10 years' time. Similar
debentures are currently yielding 12%. The company tax rate is
30%.
1 As discussed in Week 5, ignore residual value in the
calculation of yearly depreciation.
Table 1
Year
Branson
Market
Risk-free
1999
23.13%
13.81%
6.01%
2000
19.55%
12.77%
6.31%
2001

3. 10.08%
7.65%
5.62%
2002
-19.35%
-10.64%
5.84%
2003
25.01%
14.61%
5.37%
2004
29.21%
29.48%
5.59%
2005
28.41%
23.83%
5.34%
2006
22.29%
20.93%
5.59%
2007
-5.68%
1.73%
5.99%
2008
-68.09%
-33.58%
5.82%
2009
48.21%
33.84%
5.04%
2010

4. 12.39%
8.03%
5.37%
2011
-6.54%
-6.43%
4.88%
2012
15.28%
18.56%
3.38%
2013
-1.12%
10.38%
3.70%
2014
17.98%
11.67%
3.66%
2015
-15.44%
-6.43%
2.71%
2016
26.23%
16.29%
2.34%
2017
0.20%
5.70%
2.72%
2018
10.53%
-3.40%
2.54%

5. You are to prepare a report to present to the CEO, showing the
various cash flows based on the different scenarios. Your
submission should include the following:
· The use of Excel to evaluate whether the company should
proceed with the purchase of large or small balloons, taking into
consideration the different scenarios presented earlier.
· A written report stating any assumptions made and outlining
your recommendation as to whether the company proceed with
the purchase of large or small balloons. Excel tables must be
included in the main body and/or appendix of the report.
· All workings in the appendix of the report.
HIPAA COMPLIANCE PROGRAM
Discuss the challenges IT divisions face in achieving regulatory
compliance
Challenges:
Accomplishing administrative consistency has turned into an
everyday center for money related establishments, everything
being equal. Even though satisfying these guidelines is
shockingly tricky, there is no other choice; the expense of
rebelliousness is excessively high. Regardless of whether it's
weakening fines or being named and disgraced, no organization
needs to be gotten out. In that capacity, firms need to
comprehend the most significant administrative difficulties
confronting the money related area and find a way to address
them.
Overseeing Risks
The size of administrative prerequisites isn't the main issue that
organizations need to consider; complex hazard computations
additionally request their consideration. Hazard the board is
probably going to represent a significant test for some
organizations, to a limited extent on account of the continuous
computations that are expected to follow guidelines, for

6. example, Basel III.
Ascertaining danger has, for some time, been a manual
procedure. All things considered, the foundation to adapt to new
requests for hazard the executives is primarily not set up. Firms
are just barely beginning to understand that some degree of
computerization is required to abstain from falling behind.
Understanding the client
The commercial segment must react to expanding worries about
tax evasion and fear-based oppressor financing. Regardless of
whether a bank launders cash accidentally, it will, in any case,
face enormous repercussions from controllers. Therefore,
realize your client forms, which see organizations completing
proper historical verifications for all customers, have turned
into a need for the business. In any case, this puts enormous
weight on the staff, preparing this data physically.
Mistakes can happen, and data dangers being blundered except
if representatives get the proper preparing and backing. Like
this, it's fundamental that staff are given the correct apparatuses
to record customer data precisely.
Policies and Standards
Recording data is crucial to administrative consistence. In any
case, the technique for recording required relies upon the nation
the business is working in. For universal banks, this implies
shifting the chronicle measures utilized crosswise over various
countries.
Because of these various norms, banks regularly end up getting
serious about work and putting a colossal measure of time in
meeting these necessities. Money related foundations managing
different announcing benchmarks must streamline every strategy
to merge every one of the information.
Managing the data in the organization
The legitimate ramifications of information stockpiling are
maybe one of the most downplayed difficulties of administrative
consistence. Contingent upon the situation, firms may need to
hold explicit customer data for quite a long while, which can
put a strain on the workers who need to give this information to

7. controllers, should it be mentioned.
Imperfect information the board can have significant
repercussions for firms; those with lacking information the
board strategies have been compelled to improve their record
handling abilities rapidly or hazard confronting lawful activity.
Assess how IT governance will improve the effectiveness of the
IT Division to attain regulatory compliance
There are a few procedures of the business and the IT
consistency factors which encourage an inclusive vision for the
IT consistence. Right off the bat, the association requires a
coordinated view.
At the end of the day, the association center should join its
administration and the consistency ways to deal with make
esteem adequately. It implies that GRC ought not to be
constrained by various capacities in the business. Therefore, the
holes in correspondence should be connected by joint
administration and a consistence plan. The different procedure
incorporates the exhibition linkage. Both the corporate and GRC
execution contains a 2-way association (Wu, Straub and Liang,
2015). An incredible GRC plan encourages towards a decent
presentation. A presentation result which is broke down and
conveyed in time helps in forming the IT consistence program.
In particular, a utilitarian culture which grasps IT projects is
probably going to reinforce the bond. All the more in this way,
there is a need to utilize a well-organized methodology in
making a successful Its consistency program. For example, an
organized method enables an association to convey
administration and a consistence plan. Be that as it may, it
targets boosting the flexibility of the business just as expressing
an exhibition that is honesty driven. Actually, all association
requires a far-reaching GRC working model which connects to
the crucial hierarchical destinations. The working model
effectively combines individuals and innovation capacities to
understand their objectives.

8. There are essential components required in making an IT
consistence program. These components incorporate
understanding what an association needs to accomplish, a big
motivator for it, and how it is probably going to work. The
other significant business procedure includes approach
understanding the new view of the consistency — the new frame
of mind towards understanding spotlights on conforming to the
business laws. As per the examination, the first vision of the
consistency plan ought to suit different significant variables.
Such factors incorporate standards and guidelines, business
morals and numerous others. Additionally, the association is
required to address the four significant empowering influences
accurately. It ought to compute and quantify its presentation
through the right measurements and dashboard.
Develop a broad vision, an architecture, and a detailed plan of
action that follows a life cycle concept
This compliance solutions are very helpful were a very secure
line is implemented for all kind of secured transactions.
The Compliance Architecture consists of
· Configuration rules
· Management VPC
· Production VPC
· Storage
· Life cycle policies
· Network access control list and https to the endpoint
· Load balancing
· Relational database service
· Providing limited access to the users
· Manage the source files
· Integration

9. · Isolation of all the instances
· Creating security groups
· Planning on the deployment
· Troubleshooting
Your detailed plan should include the following phases: initiate,
plan, develop and implement.
Background:
Set up in 1996, the Health Insurance Portability and
Accountability Act (HIPAA) put forward necessities for the
U.S. Branch of Health and Human Services (HHS) to create
guidelines that ensure and secure wellbeing data. HIPAA was
defied up into two norms, the Standards for Privacy of
Individually Identifiable Health Information (Privacy Rule) and
the Security Standards for the Protection of Electronic Protected
Health Information (Security Rule).
Introduction or Initiation:
Any association working with a social insurance substance,
regardless of whether it's managing ensured human services
data or not, must be HIPAA consistent. In addition, every
worker must be HIPAA affirmed to guarantee they comprehend
how to manage this ensured data.
Below are some of the necessary steps taken to ensure a proper
initiation of the plan.
· Understand the standards: HIPPA guidelines join a couple of
various principles and acts — the Healthcare Insurance
Portability and Accountability Act (1996), the HIPAA Privacy
Rule (2000), the HIPAA Security Rule (2003), the Health
Information Technology for Economic and Clinical Health Act
(2009), and the Omnibus Final Rule (2013) — all of which have
various structures set up for verifying information and data.
· Know the results: One of the main motivations HIPAA turned

10. out to be such a major ordeal when it was first presented (and
why it's stayed one of the most significant security guidelines
out there) is a direct result of the punishments related with a
HIPAA infringement.
· Assign an interior group: As with any enormous activity,
HIPAA consistence procedure ought to have a reasonable
proprietor and group who knows the activities and information
on HIPAA.
· Update your protection strategies: Once HIPAA has
accomplished consistency and set up these new approaches, we
must caution those working with, to refresh new security
arrangements and dialects over all stages in all dialects.
· Have an arrangement set up for outsider connections: This
implies building a reasonable outsider hazard evaluation to
gauge the potential danger of any new sellers while additionally
reviewing every single current Ba to guarantee there are no
dangers related to any past connections.
· Establish an alternate course of action: Contingency plan is
important never to manage HIPAA infringement. We should
make a point to advice everybody around us to manage
infringement.
Plan and development:
Choose Privacy and Security Officials to direct HIPAA
Programs
• Privacy and Security Officers should address all HIPAA
hotline brings in a fitting and auspicious
way
• Privacy and Security Officers must track all protection and
security grievances, archive all
analytical advances were taken, and incorporate a case
document with all materials
• Privacy and Security Officers won't fight back against
workforce individuals for announcing a PHI break or
documenting a grumbling with the Department of Health and
Human Services Office for Civil
Implementation:

11. Organizations should create a viable HIPAA consistence plan
dependent on strategies and suggested approaches that
guarantee all shields are set up, and the association is prepared
to deal with and ensure all PHI properly.
The steps to successfully implement HIPAA
1. Choose a Privacy Officer: The privacy officer will be liable
for supervising the execution, improvement, upkeep of, and
adherence to protection arrangements and strategies concerning
the sheltered use and treatment of PHI and a Security Officer
who will be accountable for the continuous administration of
data security methods, approaches, and specialized frameworks.
2. Implement a security management process and Conduct a risk
assessment:
a. Review and report working environment tasks for potential
risks/vulnerabilities
b. Check all mobile devices, computers paper records and
storage of files, and additional security measures to ensure that
all PHI is being used, stored and distributed appropriately and
securely
c. Conduct chance evaluations after any break or theft of PHI
and after any significant change in equipment or programming
3. Implement and develop procedures and policies: Utilize
procedures and policies to mitigate and manage HIPAA risks.
Document all procedures and policies and make them accessible
to workforce members c. Review and update procedures and
policies regularly
4. Training workforce: Train workforce on HIPAA regulations
and the organization’s policies and compliance plan

12. REFERENCES
· Tait, E. (n.d.). Implementing an Effective HIPAA Compliance
Plan. Retrieved from https://www.complianceresource.com/wp-
content/uploads/2018/05/WMX-Article-HIPAA-Compliance-
Plan.FINAL_.pdf.