Scribd Logo
Upload

Welcome to Scribd!

  • 59 views

    Security of Accounting Information Systems

    Uploaded by

    ScribdTranslations
    The document deals with the security of accounting information systems. It defines security as the protection of valuable assets such as information recorded, processed, stored and transmitted electronically. Explains that security applies to all information and seeks to protect it against loss, damage and unauthorized access. In addition, it highlights the importance of the security of accounting systems because the survival of organizations depends on confidentiality, accuracy, integrity.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd

    Security of Accounting Information Systems

    Uploaded by

    ScribdTranslations
    59 views2 pages
    The document deals with the security of accounting information systems. It defines security as the protection of valuable assets such as information recorded, processed, stored and transmitted electronically. Explains that security applies to all information and seeks to protect it against loss, damage and unauthorized access. In addition, it highlights the importance of the security of accounting systems because the survival of organizations depends on confidentiality, accuracy, integrity.

    Original Description:

    The document deals with the security of accounting information systems. It defines security as the protection of valuable assets such as information recorded, processed, stored and transmitted electronically. Explains that security applies to all information and seeks to protect it against loss, damage and unauthorized access. In addition, it highlights the importance of the security of accounting systems because the survival of organizations depends on confidentiality, accuracy, integrity.

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document deals with the security of accounting information systems. It defines security as the protection of valuable assets such as information recorded, processed, stored and transmitted electronically. Explains that security applies to all information and seeks to protect it against loss, damage and unauthorized access. In addition, it highlights the importance of the security of accounting systems because the survival of organizations depends on confidentiality, accuracy, integrity.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    59 views2 pages

    Security of Accounting Information Systems

    Uploaded by

    ScribdTranslations
    The document deals with the security of accounting information systems. It defines security as the protection of valuable assets such as information recorded, processed, stored and transmitted electronically. Explains that security applies to all information and seeks to protect it against loss, damage and unauthorized access. In addition, it highlights the importance of the security of accounting systems because the survival of organizations depends on confidentiality, accuracy, integrity.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    of 2

    Security of accounting information systems:

    "The concept of security applies to all types of information and refers to the protection of valuable
    assets and their safeguard against loss and damage." It should be clarified that in this definition the
    IFAC refers to the information recorded, processed, stored and transmitted by electronic means as
    "valuable assets", emphasizing the importance that the protection of the data they handle
    represents for the accounting area.

    The concept of security in computerized accounting systems applies to all types of information and
    refers to the protection of valuable assets and their safeguard against loss, damage and disclosures
    made by and for persons not authorized to access them.

    The importance of security in computer accounting systems

    Information security has become one of the most important issues in most organizations since their
    survival and success depends, to a large extent, on the confidentiality, accuracy, integrity and
    availability of the data they manage. . Recent surveys show that computer system security is ranked
    at the highest levels among critical success factors in most organizations." (Abu-Musa, 2002).
    International organizations have put their eyes on the issue due to the importance that information
    represents in commerce today, not only local but global. The Organization for Economic
    Cooperation and Development (OECD) in several studies it has carried out confirms the growing
    interest that organizations worldwide are giving to the topic of good information management.

    Objective of the security of computerized accounting systems


    The International Federation of Accountants (IFAC) has established the following as the main
    objective of computer security: "The protection of the interests that refer to the possession of
    information and its communication from any damage generated by the loss of availability,
    confidentiality or integrity thereof." According to the International Federation of Accountants,
    organizations achieve security objectives when: a- The information system is available at the time it
    is needed (availability). b- Data and information is revealed only to those people who have the right
    to know them (confidentiality). c- Data and information are protected against unauthorized
    modifications (integrity). "However, the relative priority and significance of the concepts of
    availability, confidentiality and integrity vary according to the data that the computer system handles
    and the business context in which they are used." (IFAC, 1998).
    Next we will analyze the main components of Physical Security and Data Security as the two main
    areas of the computer security system.
    Components of Physical Security and Data Security (Figure 1)
    Figure 1 represents the main components of physical and data security that an organization must
    have; below we refer to each of its elements.
    1. Physical Security: The security of information systems involves the protection of the information
    as well as the computer systems used to record, process and store the information. Also
    involved in this section is security, additional necessary equipment and the people designated to
    handle the information.

    1. Equipment: Organizations' equipment must be properly protected from physical factors that
    could damage them or reduce their work capacity. Equipment must be protected from damage
    caused by fire , excess humidity, theft, sabotage. The equipment, physically, is not limited to just
    computers and their peripherals , but also calculators, external data storage systems such as
    floppy disks, CDs, etc., cabling systems, and routers.
    2. Personnel: The safety of personnel can be approached from two points of view, the safety of
    personnel when working with computer systems, these must be in optimal conditions so that
    they do not cause harm to people, and the security of computer systems. regarding their misuse
    by employees. Both points of view must be considered when designing a security system.
    1. Data security: Data is the heart of computer systems, therefore they must be carefully cared for
    and managed. As we had seen in previous sections, the protection of their integrity, availability
    and confidentiality must be the main objective of any computer security system.

    1. Confidentiality: The confidentiality of computer systems basically refers to the accessibility of


    information; levels of accessibility must be established that maintain coherent relationships
    between the user, their role in the organization and the degree of depth to which they can reach
    when deploying information.
    2. Integrity: The concept of integrity refers to the protection of data from modifications and/or
    alterations. Only authorized persons may make changes to the stored data.
    3. Availability: This can be defined as the availability of information that authorized people have at
    the time of need. If the information that personnel require to perform a job is not available then
    said job cannot be performed or at least its completion will be delayed.
    4. Validity: Data is valid when it accurately, precisely and completely reflects the information it
    transmits. This concept is closely linked to that of integrity; if the integrity of a data is violated
    then its validity will also be violated.
    5. Authenticity: This concept refers to the fraudulent modification of information, for example, a
    transaction may be entered into a computerized accounting system by a person not authorized
    to do so, the data entered may meet the validity requirement but not the of authenticity since it
    was not entered by the authorized person.
    6. Privacy: "Normally the concepts of privacy, confidentiality and security are confused. Privacy
    refers to the particular and personal concept of the use of information. Confidentiality is a
    particular classification of the degree of data exposure . Security refers to the level of risk
    regarding the use of information." (Abu-Musa, 2002)
    7. Accuracy: This concept refers to the maintenance of a legitimate relationship between what data
    is and what it represents. For example, a piece of information that represents the amount of
    loans must exactly represent the amount lent, it cannot be greater or less, it must be the one
    that faithfully represents reality.

    You might also like