My first day back at work after 3 weeks of absentia (as I
took an indefinite leave for medical reasons) seems to be going quite well as a
matter of fact. Walking back into the office, I felt the energy that welcomed
me here the first day I stepped in. My supervisor seems to be pleased with me
back at work and I seem to be content with being back at the office. It has
been a while.
It is not uncommon among students that undertake disciplines
that involve economic and management sciences to table the discussion of the
current economic climate and the cause of such. Most will concur with each other
this is a result of the chaos involved in the Auditing and Financial Accounting
disciplines, but a few may even point out that this is a result of an
information system that does address these issues within these disciplines.
Moreover, more and more arguments are simple connotations that suggest how I.T.
and Accounting disciplines should be aligned as to pre-empt, prevent or even
avoid the collapse of the world economy (once more).
I am currently undertaking a module in my course called
Accounting Information Systems that is trying to address these issues. I wondered
why on earth an I.T-related module would be introduced to students who study
Accounting, but the answer did not seem too farfetched. Basically businesses
are expanding by the day, more and more shares are bought and sold every day on
these virtual trading platforms, thus causing more shareholders to own stock in
these corporations. As an auditor or an accountant, financial information
should be readily available when needed by shareholders, and such concerns
would be addressed by an information system that will process, store and
publish all the necessary information needed.
However what if this financial information is accessed by
unauthorised users? What safeguards and controls do these information systems
have, that (not only) protect the information from intentional loss or theft of
the information but from the unintentional loss and theft of that information?
Can we truly say that these information systems are well secured and have safeguards
that will secure this relevant information?
Most controls put in place are basic accounting controls
which involve processing of the relevant transaction (not the storage of such) like
completeness of a transaction (transactions are only processed and stored if
completed), validity of a transaction (transactions are only processed if they
are valid and are processed by a person authorised to do so) or accuracy
(transactions should be processed as accurately as possible). These are nothing
but controls put in place by the accounting bodies in hopes of determining what
elements define “Useful Financial Information” and nothing more.
Is information technology (I.T.) so well developed that it
can contribute to the safeguarding financial information? Has I.T. provided
relevant safeguards and internal control procedures that address risks involved
with the processing, storage and production of financial information? Has I.T. responded
to the relevant calls for methods that do not corrupt nor put financial
information at risk (of fraudulent use and misappropriation by users of such
systems or potential hackers)? Has and will, I.T. heed to the call of (getting
methods to curb) fraudulent behaviour that allow for the users of an information
system to manipulate such systems?
Exploring these security controls and safe guards will be my
next post. I shall also look into the history of I.T. security in relation to
financial information and other related topics that involve the use of this
security and the development of hereon.