Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Security Threats
Explain companies held liable losses sustained a successful attack made accounting information system sources. The paper APA style includes -text citations sources.
Liability for losses in successful attack made on their accounting information system
"One of the fastest-growing threats on the Internet is the theft of sensitive financial data" (Beard & Wen 2007). The greater the amount of sensitive financial data available online, the greater the risk for the organization. "Failure to include basic information security unwittingly creates significant business and professional risks...With the expansion of computer technology, traditional business processes have been restructured and unique internal control techniques are required to address exposure to many new dangers" (Beard & Wen 2007).
New laws have placed additional security burdens upon managers, regarding the handling of sensitive financial data. "Management's responsibilities include the documentation, testing, and assessment of internal controls, including relevant general IT controls...and appropriate application-level controls designed to ensure that financial information generated from an organization's information system can be reasonably relied upon" (Beard & Wen 2007). Common threats...
The Foreign Corrupt Practices Act of 1977 and the Sarbanes-Oxley Act of 2002 (SOX) demand that the organization ensure that records are maintained in an accurate fashion and in accordance with GAAP (generally accepted accounting principles) and that they prevent unauthorized use and disposal of records (Beard & Wen 2007). SOX does not create a mandatory, uniform system of compliance and documentation but the company by law must create a feasible system of internal controls to protect clients. Thus, organizations cannot simply buy accounting software on faith and use its failure as an excuse in light of a security breach, nor can it assume its accountants will find any errors or breaches. While "SOX prohibits auditors from offering information system design and implementation services to audit clients, SOX mandates that every independent audit report include an auditor attestation report relating to the internal control assessments made by management" (Beard & Wen 2007).
Until recently, the trend in…
References
Beard, Deborah & H. Joseph Wen. (2007). Reducing the threat levels for accounting information
Systems: Challenges for management, accountants, auditors, and academicians.
CPA Journal. Retrieved: http://www.nysscpa.org/cpajournal/2007/507/essentials/p34.htm
Clifford, Robert. (2002). Accountant's liability. Clifford Law Firm.
Retrieved: http://www.cliffordlaw.com/news/attorneys-articles/archive/accountants2019-liability
SECURITY and PRIVACY - the following security and privacy requirements apply: The Office does not accept responsibility for the privacy, confidentiality or security of data or information not generated by this office or transmitted from external sources into the system. The Office does not accept responsibility for loss, corruption, misdirection or delays in transmission of personal data through the system. Users are responsible for the integrity of all data and
To offer an information security awareness training curriculum framework to promote consistency across government (15). Security awareness is needed to ensure the overall security of the information infrastructure. Security awareness programs is the can help organizations communicate their security information policies, as well as tips for users, to help keep systems secure, and the practices the entire organization should be utilizing. However, as Kolb and Abdullah reiterate, "security awareness is not
This researcher rejects the existence of online communities because computer mediated group discussions cannot possibly meet this definition. Weinreich's view is that anyone with even a basic knowledge of sociology understands that information exchange in no way constitutes a community. For a cyber-place with an associated computer mediated group to be labeled as a virtual settlement it is necessary for it to meet a minimum set of conditions. These are:
Less satisfied knowledge dealing processes like keeping copies of old as well as unused spreadsheets which have several Social Security numbers instead of transmitting such data to long period and safe storage- persistently involve data at vulnerable stage. (Schuster 140-141) Security concerns are associated with primarily to the system security, information security and also to Encryption. Taking into consideration the system security, it is applicable that what is pertinent to
ERP and Information Security Introduction to ERP Even though the plans of information security include the prevention of outsiders to gain access of internal network still the risk from the outsiders still exists. The outsiders can also represent themselves as authorized users in order to cause damage to the transactions of the business systems. Therefore, strict prevention measures should be taken to avoid such situations. The threats of both the hackers have been
Protection for employees If employees adhere to the rules of the acceptable use policy, there are less liable to questionable issues. This also prevents them from engaging in hazardous internet issues, for instance, they are less likely to disclose their contacts to crackers using social engineering approaches. Moreover, ABBA should settle on using universal guidelines and principles with respect to network security, it risk assessment, risk analysis, and risk management. In