January 2013
Intermediate to advanced
688 pages
23h 33m
English
book
Accounting Information Systems: The Processes and Controls, 2nd Edition
by Leslie Turner, Andrea Weickgenannt
Content preview from Accounting Information Systems: The Processes and Controls, 2nd EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
RISKS AND CONTROLS IN COMPUTER-BASED MATCHING (STUDY OBJECTIVE 6, continued)
SECURITY AND CONFIDENTIALITY RISKS
Applying automated matching processes means that people do not perform the matching and authorizing functions, because these take place within the system. Therefore, unauthorized access to the system increases the danger of fraudulent or fictitious payments. Someone who gains unauthorized access to the system's ordering and matching functions can insert fictitious vendors and invoices, and thus receive fraudulent payment. This risk can be lessened by authenticating users and limiting the access of authorized users. Passwords and user IDs should be used for any employee accessing the system. If the dollar amounts involved are extremely large or the data are sensitive, the use of biometrics, security tokens, or smart cards might be necessary to improve the strength of user authentication. In addition, authority tables should be established to limit access of authorized users to those subsystems necessary to their jobs. For example, a user who logs in to enter invoices should not be allowed to order goods. Computer logs should be maintained in order to have a complete record of users and their histories of use. The computer log will allow monitoring and identification of unauthorized accesses or uses.
PROCESSING INTEGRITY RISKS
Since the system authorizes payment of invoices, it is critical to ensure that it is programmed to correctly accomplish this matching. Errors in ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.