• 80 likes • 487 Views
Accounting information systems and security. Learning objectives To be aware of the threats to computer accounting. To learn the controls for computer accounting. To understand the security requirements to be incorporated in system design. To learn about maintaining system integrity.
E N D
Accounting information systems and security Learning objectives To be aware of the threats to computer accounting. To learn the controls for computer accounting. To understand the security requirements to be incorporated in system design. To learn about maintaining system integrity.
access control audit trail check digit computer fraud computer hacking data validation echo checks embezzlement fraud hash total information system controls internal control lapping misappropriation parity checks risk sabotage virus worm key terms
Threats (or risks) to computer accounting • Fraudulent manipulation • (e.g. manipulation of input data, data theft) • Sabotage • Viruses and worms • Fraud • (e.g. transaction fraud) • Lapping • Computer fraud • (e.g. data entry fraud, program fraud, operations fraud, database management fraud) • Computer hacking
System security - internal controls in computer accounting • Accounting controls: • put in place to safeguard records of the organisation • Administrative controls: • policies and procedures for all personnel to enhance operational efficiency
System security - internal controls in computer accounting • Controls by function: • preventive controls • detective controls • corrective controls • Controls by scope: • general controls • application controls
Control activities • Administrative procedures management establishes to meet internal control objectives: • authorisation of transactions • segregation of duties • adequate documentation and recording • control of assets and records • checks on performance
Risk assessment • Risk assessments are necessary to form disaster recovery plans and mitigate the majority of risks • Steps in risk assessment: • identify potential risk and estimate potential losses • identify possible controls and their costs • determine the cost-benefit effectiveness
Security and integrity of information • Access to systems: • limited to authorised and responsible personnel • Security of data: • ensure software is properly safeguarded against unauthorised access • Security backups • Audit trail: • allowing any transaction to be traced from source to final destination