Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
¶ … Finance and Accounting Application that provides finance and accounting operations require all the possible computer security measures to be adopted. In this case, two patterns call for an incident response plan:
The company's computer networks and systems are at a higher risk to threats like intrusions, computer viruses and exposures
Computers are widespread through the company; the company depends heavily on computers and cannot afford service denial
Therefore, the following security incidents will be an essential:
A computer virus might be copied to a LAN server; within seconds, thousands of other computers will be infected. This will require the efforts of different people and several days to achieve recovery.
Back-ups can be infected with viruses resulting in re-infection of other systems; recovery will require more expenses and time
System intruders could copy passwords and distribute them across large networks
Outbreaks of system or virus penetrations will cause embarrassment and possible loss of public confidence (Taylor, 2013).
These incidents can cause the company to confront unwanted expenses in productivity, damage to their reputation and significant damage to systems. Clearly, there is a pressing need to take action before suffering the impacts of a massive computer security problem. This necessitates the incident response plan to draw needed resources together in an organized manner to handle any adverse events related to the security and safety of the companies,...
The adverse events could be unauthorized access to the company's systems, a malicious code attack, hoaxes and denial of service attacks (Vacca & Rudolph, 2010).
Responding to an incident
In this case, there are six stages of response:
Preparation - An incident response team must know how to respond to an incident before it happens as this could save valuable effort and time
Identification -- it is important to identify whether the incident has occurred or not. In case it has occurred, then the response team must take appropriate actions
Containment -- it entails limiting the magnitude and scope of the incident. Because so many incidents involve malicious codes, they can spread rapidly. This could precipitate enormous loss and destruction of information. As soon as the response team recognizes an incident, it must immediately begin to work on containment (Vacca & Rudolph, 2010).
Eradication -- one of the most difficult processes is the removal of the cause of the incident. It involves conviction of perpetrators, virus removal, and dismissing employees
Recovery - it is essential to restore a system to its normal business operations. After the restoration, it will be important to verify that the restored operations are successful and the system is functioning as expected.
Follow-up -- some incidents demand substantial effort and time. After terminating an incident, there must be interest to devote more effort to the incident. However, conducting follow-up…
References
Taylor, L.P. (2013). FISMA compliance handbook. Burlington: Elsevier Science.
McCarthy, N.K. (2012). The computer incident response planning handbook: Executable plans for protecting information at risk. Boston: Addison-Wesley.
Vacca, J.R., & Rudolph, K. (2010). System forensics, investigation, and response. Sudbury, MA: Jones & Bartlett Learning.
Communications-Team
Accounting and Intrusion Detection In a report issued by Paladin Technologies, Inc., entitled: "Security Metrics: Providing Cost Justification for Security Projects," 273 organizations were surveyed on the topic of security. The report illustrates in quantifiable terms the depth and reach of intrusion detection on the financial viability of the organization. The combined reported losses from the firms surveyed totaled $265.6 million in 1999. The highest loss categories were reported as follows: Type
Application Development and Interface Customization for Accounting & Finance The core aspects of this area of analysis are supported for embedded SQL, support for standard and embedded interfaces, support for XML and Web integration technologies. Many enterprises program their own native SQL applications for analyzing and reporting their financial results. The use of embedded SQL in financial accounting and analysis has become commonplace as mobile-based platforms have become more commonplace throughout
In the event of a recall or price protection program on any product, given the rudimentary nature of how Kudler's is managing their systems, they would not be able to react quickly. Instead the reaction would be manual and very slow, and costly to complete. There are the systemic or basic threats the company would face. If the company chose to use SaaS-based applications there is the high dependency
Literally the work of a Payroll Administrator and the staff they are a member of can make the difference between people in the company having jobs or not, or if the decision is made to shift the jobs to outsourcers or offshore to lower priced countries. In small, rapidly growing companies the Payroll Administrator has an excellent chance for advancement as they are often requested to provide financial analysis
However, they have also changed the face of the accounting profession in a way that will affect the education and conduct of accountants in the future. In the future, the accountant will have to do more than to balance the books. In order to understand the potential educational requirements for accountants in the future, we will examine how they have changed historically and then apply the changes that have
Accounting Information System: Role of Relevance and Reliability in the Conceptual Framework The development any system, whether manual or automated, requires a conceptual framework that serves as the foundation for the establishment of requirements, policies, standards and procedures. From the conceptual framework, the various applications can be developed and when these proved to be effective and efficient, best practices are established and become the model for other systems to follow. Developing an