掃碼下載APP
及時接收考試資訊及
備考信息
ACCA P3考試:INFORMATION TECHNOLOGY
CONTROLS IN IT SYSTEMS
IT poses particular risks to organisations’ internal control and information systems. This can lead to their operations being severely disrupted and subsequently to lost sales, increased costs, incorrect decisions and reputational damage.
Risks include:
• Reliance on systems or programs that are inaccurately processing data, processing inaccurate data, reporting inaccurate, misleading results - or all three.
• Unauthorised access to data leading to destruction of data, improper changes to data, or inaccurate recording of transactions.
• Particular risks may arise where multiple users access a common database on which everyone in the organisation relies.
• The possibility of IT personnel gaining access privileges beyond those necessary to perform their assigned duties.
• Unauthorised changes to data in master files. For example, changing a selling price or credit limit.
• Unauthorised changes to systems or programs so that they no longer operate correctly and reliably.
• Failure to make necessary changes to systems or programs to keep them up-to-date and in line with legal and business requirements.
• Potential loss of data or inability to access data as required. This could prevent, for example, the processing of internet sales.
Controls in computer systems can be categorised as general controls and application controls.
GENERAL CONTROLS
These are policies and procedures that relate to the computer environment and which are therefore relevant to all applications. They support the effective functioning of application controls by helping to ensure the continued proper operation of information systems. General IT controls that maintain the integrity of information and security of data commonly include controls over the following:
• Data centre and network operations. A data centre is a central repository of data and it is important that controls there include back-up procedures, anti-virus software and firewalls to prevent hackers gaining access. Organisations should also have disaster recovery plans in place to minimise damage caused by events such as floods, fire and terrorist activities. Where IT is critical to an operation’s business these plans might include having a parallel system operating at a remote location that can be switched to immediately.
• System software acquisition, change and maintenance. System software refers to operating systems, such as Windows or Apple’s OS. These systems often undergo updates as problems and vulnerabilities are identified and it is important for updates to be implemented promptly.
• Access security. Physical access to file servers should be carefully controlled. This is where the company keeps it data and it is essential that this is safeguarded: data will usually endow companies with competitive advantage. Access to processing should also be restricted, typically through the use of log-on procedures and passwords.
• Application system acquisition, development, and maintenance. Applications systems are programs that carry out specific operations needed by the company – such as calculating wages and invoices and forecasting inventory usage. Just as much damage can be done by the incorrect operation of software as by inputting incorrect data. For example, think of the damage that could be done if sales analyses were incorrectly calculated and presented. Management could be led to withdraw products that are in fact very popular. All software amendments must be carefully specified and tested before implementation.
Copyright © 2000 - www.electedteal.com All Rights Reserved. 北京正保會計科技有限公司 版權所有
京B2-20200959 京ICP備20012371號-7 出版物經營許可證 京公網安備 11010802044457號
套餐D大額券
¥
去使用 主站蜘蛛池模板: 青青草综合在线 | 午夜免费av| 日韩欧美精品一区二区 | 小草av| 久久久久久国产精品美女 | 91精品国产综合久久精品图片 | 深夜视频一区二区 | 国产综合自拍 | 国产一区二区三区四区 | 亚洲精品久久久酒店 | 91视频在线观看网 | 日韩欧美自拍偷拍 | 久久成人精品视频 | 国产精品久久一区二区三区, | 色综合av在线 | 久久国产精品-国产精品 | 欧美午夜激情视频 | 久久久久国产一区二区三区 | 欧美日韩一区二区三区 | 久久一二区 | 国产一区二区三区欧美 | 欧美日韩精品一区二区 | 亚洲高清在线视频 | 国产精品一区二区久久久久 | 久久99色| 精品久久久久久久久久久久久久久 | 国产精品美女久久久免费 | 精品国产欧美一区二区三区成人 | 人妖欧美一区二区三区 | 九九人人 | 中文字幕理论片 | 黄色的网站在线观看 | 一区二区三区av在线 | 成人一区二区在线 | 91精品国产乱码久久久 | 欧美日韩1区2区3区 麻豆视频观看 | 久久久蜜桃一区二区人 | 国产在线二区 | 国产精品第100页 | 日韩欧美一区二区在线 | 麻豆视频在线免费观看 |