24周年

財(cái)稅實(shí)務(wù) 高薪就業(yè) 學(xué)歷教育
APP下載
APP下載新用戶掃碼下載
立享專屬優(yōu)惠

安卓版本:8.7.30 蘋果版本:8.7.30

開發(fā)者:北京正保會(huì)計(jì)科技有限公司

應(yīng)用涉及權(quán)限:查看權(quán)限>

APP隱私政策:查看政策>

HD版本上線:點(diǎn)擊下載>

2016年ACCAP3知識(shí)點(diǎn):INFORMATION TECHNOLOGY(四)

來(lái)源: 正保會(huì)計(jì)網(wǎng)校 編輯: 2016/01/14 11:08:21 字體:

ACCA P3考試:INFORMATION TECHNOLOGY

CONTROLS IN IT SYSTEMS

IT poses particular risks to organisations’ internal control and information systems. This can lead to their operations being severely disrupted and subsequently to lost sales, increased costs, incorrect decisions and reputational damage.

Risks include:

• Reliance on systems or programs that are inaccurately processing data, processing inaccurate data, reporting inaccurate, misleading results - or all three.

• Unauthorised access to data leading to destruction of data, improper changes to data, or inaccurate recording of transactions.

• Particular risks may arise where multiple users access a common database on which everyone in the organisation relies.

• The possibility of IT personnel gaining access privileges beyond those necessary to perform their assigned duties.

• Unauthorised changes to data in master files. For example, changing a selling price or credit limit.

• Unauthorised changes to systems or programs so that they no longer operate correctly and reliably.

• Failure to make necessary changes to systems or programs to keep them up-to-date and in line with legal and business requirements.

• Potential loss of data or inability to access data as required. This could prevent, for example, the processing of internet sales.

Controls in computer systems can be categorised as general controls and application controls.

GENERAL CONTROLS

These are policies and procedures that relate to the computer environment and which are therefore relevant to all applications. They support the effective functioning of application controls by helping to ensure the continued proper operation of information systems. General IT controls that maintain the integrity of information and security of data commonly include controls over the following:

• Data centre and network operations. A data centre is a central repository of data and it is important that controls there include back-up procedures, anti-virus software and firewalls to prevent hackers gaining access. Organisations should also have disaster recovery plans in place to minimise damage caused by events such as floods, fire and terrorist activities. Where IT is critical to an operation’s business these plans might include having a parallel system operating at a remote location that can be switched to immediately.

• System software acquisition, change and maintenance. System software refers to operating systems, such as Windows or Apple’s OS. These systems often undergo updates as problems and vulnerabilities are identified and it is important for updates to be implemented promptly.

• Access security. Physical access to file servers should be carefully controlled. This is where the company keeps it data and it is essential that this is safeguarded: data will usually endow companies with competitive advantage. Access to processing should also be restricted, typically through the use of log-on procedures and passwords.

• Application system acquisition, development, and maintenance. Applications systems are programs that carry out specific operations needed by the company – such as calculating wages and invoices and forecasting inventory usage. Just as much damage can be done by the incorrect operation of software as by inputting incorrect data. For example, think of the damage that could be done if sales analyses were incorrectly calculated and presented. Management could be led to withdraw products that are in fact very popular. All software amendments must be carefully specified and tested before implementation.

我要糾錯(cuò)】 責(zé)任編輯:藍(lán)色天空

免費(fèi)試聽

限時(shí)免費(fèi)資料

  • 近10年A考匯總

    歷年樣卷

  • 最新官方考試大綱

    考試大綱

  • 各科目專業(yè)詞匯表

    詞匯表

  • ACCA考試報(bào)考指南

    報(bào)考指南

  • ACCA考官文章分享

    考官文章

  • 往年考前串講直播

    思維導(dǎo)圖

回到頂部
折疊
網(wǎng)站地圖

Copyright © 2000 - m.jnjuyue.cn All Rights Reserved. 北京正保會(huì)計(jì)科技有限公司 版權(quán)所有

京B2-20200959 京ICP備20012371號(hào)-7 出版物經(jīng)營(yíng)許可證 京公網(wǎng)安備 11010802044457號(hào)