User Account

All Pages

Problem 1segregation of duties in the personal computing

Assignment Help Management Information Sys
Reference no: EM13346562

Problem 1

Segregation of duties in the personal computing environment:

What role should the HR organization play in this space? Also, what about the culture of the organization and its role in ensuring compliance?

Problem 2

Provide examples (include citations) of how control activities (access control, segregation of duties, transaction authority, supervision, accounting records, for example) have been implemented along with how they have helped or failed to mitigate risks within an organization.

Problem 3

Look at the specifics in the changes made between SAS 70 and SSAE 16. Select a specific change and share your thoughts on whether the change makes an improvement or not. Support your assertion.

Problem 4

Reply to the reading below:

• What is the purpose behind segregation of duties in the personal computing environment?

Special considerations should be taken when auditing the personal computer environment. The challenge arises from the mobility or fluidity attributed to personal computing and the lack of internal control features usually found in larger, enterprise-wide systems. In this context, the general purpose behind segregation of duties (SoD) is to prevent unauthorized access or modification to the operating system(s), applications, or data found in a multi-user computer system by a single individual or party. For example, management can employ different techniques to prevent unauthorized access to a specific resource including the use of hidden files or secret file names, and employing passwords and cryptography (Gupta, 2005). In particular, these controls can be specifically divided into preventive, detective, and corrective. As aforementioned, preventive controls include aspects such as usernames (IDs) and passwords used by all modern operating systems prior to granting access to a particular user. Additional preventive controls may inhibit the same individual from being in charge of developing, maintaining, and running a specific financial software. Detective controls can be achieved by restricting access via physical security measures as well as logical approaches such as detecting inaccurate data being uploaded to a financial application. Corrective controls can be achieved via audit trails and exception reports. If any control weaknesses are found in the SoD process, direct supervision and work reviews should be enforced to counteract the deficiencies.

• Why is inadequate segregation of duties a problem in the personal computing environment?

Without proper SoD, unauthorized access to data and applications can occur in a variety of ways. For example, there is an inherent risk in having a single individual in charge of data processing also possess the ability to change program files. This increases the chances of errors going undetected or, in the worst cases, the potential for concealment and fraud. An employee may also have access to multiple applications that process incompatible transactions. For example, a single individual may be responsible for entering all transaction data, including sales orders, cash receipts, invoices, and disbursements. This degree of authority would be similar, in a manual system, to assigning accounts receivable, accounts payable, cash receipts, cash disbursement, and general ledger responsibility to the same person (Hall, 2011).

Problems 5

Reply to the reading below:

What is the purpose behind segregation of duties in the personal computing environment?

The personal computer (PC) is intended to be used by a single user. The user has individual applications, files, and access to the computer. However, a company could have general PCs available to all employees with applications that store and manipulate customer data, keep inventory, handle accounting functions, access on-line applications, and surf the internet. Separation of duties is a key internal control concept. (Hall, 2011) The purpose of segregation of duties is to minimize incompatible functions. No single person should have control over an entire transaction. For example, the secretary should not have access to accounting information. The accountant shouldn't have access to inventory and customer information. The duties of authorization, custody of assets and record-keeping should be the responsibility of three different people - each trained in that particular duty. Duties are considered to be incompatible if one person can get into the system and hide irregularities while performing day-to-day activities without detection.

Why is inadequate segregation of duties a problem in the personal computing environment?

Many small companies may have access to multiple applications that perform incompatible tasks. For example, one person may be in charge of entering employee and customer information, invoices, payments, and other such transactions. If all of these transactions are performed on a general company PC, the other employees could access the applications and manipulate the data. Also, other employees that are not trained in the applications could inadvertently change information and data on the PC. Without individualized password protection on the PC itself and each application, there is no way to tell who is responsible for any errors that occur.

Reference no: EM13346562

Questions Cloud

Tese 14 questions covers java class array link list : these 14 questions covers java class array link list generic class please read carfullynbspnbsp1. suppose we have a
Operations management problem relating to an organisation : operations management problem relating to an organisation with which you are familiar and undertake a critical review.
In one of your initial meetings with the ceo she asked you : in one of your initial meetings with the ceo she asked you to identify a number of the typical criteria used when
Task 1go to httppricespyconz httpwwwbuildtoorderpccom or : task 1go to httppricespy.co.nz httpwww.buildtoorderpc.com or any another source that identifies the cost of computer
Problem 1segregation of duties in the personal computing : problem 1segregation of duties in the personal computing environmentwhat role should the hr organization play in this
The epa estimates that the average motor vehicle in america : the epa estimates that the average motor vehicle in america is driven 12000 miles per year epa.gov. fuel efficiencies
1nbspnbspnbspnbspnbsp ernest inc has identified the : 1.nbspnbspnbspnbspnbsp ernest inc. has identified the following overhead costs and cost drivers for next
Overview in this assignment you are provided with an : overview in this assignment you are provided with an interface that contains a generic type.you are asked to create two
Assessment item 3 this is an individual assessment and : assessment item 3 this is an individual assessment and requires you to produce a timely assignment of high quality. you

Reviews

Write a Review

Management Information Sys Questions & Answers

  Plan for entire spectrum of products

ERP and GE - companies like Johnson and Johnson or General Electric can plan for their entire spectrum of products.

  Check five reasons why the lynx company''s functional system

Functional Systems: Examining the Lynx Company - Check five reasons why the Lynx Company's functional system has been successful (be sure to expand your discussion on each reason).

  Information technology - sdlc waterfall approach

Information Technology - SDLC Waterfall Approach - Why is an accurate and complete requirements definition

  Five-component model of information systems

It identifies the five components of an information system such such hardware, software, data, procedures, and people. It suggests on how these components are utilized to come up with a fully functional systems.

  Decentralized infrastructure and centralized infrastructure

Compare and contrast decentralized infrastructure and centralized infrastructure. When is each most appropriate?

  Pertinent information for successful implementation

What other data bases might you use to insure that management has all of the pertinent information necessary for the successful implementation

  Major database information system

Set up the new major database information system - Choose one and support your rationale for placing the main frame in the department.

  Multinational organization from a global organization

Transnational and Multinational Organizations - This solution explains how you would differentiate a transnational or multinational organization from a global organization.

  Provide an example of an organization

Businesses that use technology to change its level of learning and provide an example of an organization

  Private ownership of storage space

The answer to Business Logistics/Supply Chain Management and Compare and contrast private ownership of storage space to rented storage space

  Operations management - processes and supply chain

Identify processes that one can personally evaluate and impact within the relatively short duration of time, say about 6 weeks and Describe each process in terms.

  What is understand by the human factor

What is understand by "the human factor", and why is this important

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd