Chapter 10

Computer Controls for Organizations and Accounting Information Systems

INTRODUCTION

ENTERPRISE LEVEL CONTROLS

Risk Assessment and Security Policies

Integrated Security for the Organization

GENERAL CONTROLS FOR INFORMATION TECHNOLOGY

Access to Data, Hardware, and Software

Protection of Systems and Data with Personnel Policies

Protection of Systems and Data with Technology and Facilities

APPLICATION CONTROLS FOR TRANSACTION PROCESSING

Input Controls

Processing Controls

Output Controls

AIS AT WORK—BIOMETRICS USED TO PREVENT FRAUD

SUMMARY

KEY TERMS YOU SHOULD KNOW

TEST YOURSELF

DISCUSSION QUESTIONS

PROBLEMS

CASE ANALYSES

The Big Corporation (Controls in Large, Integrated Systems)

MailMed Inc. (Control Weaknesses and a Disaster Recovery Plan)

Bad Bad Benny: A True Story (Identifying Controls for a System)

READINGS AND OTHER RESOURCES

ANSWERS TO TEST YOURSELF

After reading this chapter, you will:

1.  Be familiar with control objectives related to IT and understand how these objectives are achieved.

2.  Be able to identify enterprise-level controls for an organization and understand why they are essential for corporate governance.

3.  Understand general controls for IT and why these should be considered when designing and implementing accounting information systems.

4.  Be familiar with IT general security and control issues for wireless technology, networked systems, and personal computers.

5.  Know what input controls, processing controls, and output controls are and ...

Get Core Concepts of Accounting Information Systems, 12th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial