Submitted by: Submitted by betty1444
Views: 159
Words: 4848
Pages: 20
Category: Business and Industry
Date Submitted: 01/05/2014 09:28 AM
Accounting Information Systems, 2013 Fall Accounting Information Systems, 2013 Fall
Chapter 7
Control and AIS
1 1
Learning Objectives Learning Objectives
Explain basic control concepts and explain why computer control and security are important. Compare and contrast the COBIT, COSO, and ERM control frameworks. Describe the major elements in the internal environment of a company Describe the four types of control objectives that companies need to set. Describe the events that affect uncertainty and the techniques used to identify them. Explain how to assess and respond to risk using the Enterprise Risk Management (ERM) model. Describe control activities commonly used in companies. Describe how to communicate information and monitor control processes in organizations.
2 2
7-2
Introduction Introduction
AIS threats are increasing, why?
More than 60 percent of organizations have recently experienced a major control failure for some of the following reasons:
Control risks have increased in the last few years because: There are computers and servers everywhere. Distributed computer networks make data available to many users. Wide area networks (WANs) are giving customers and suppliers access to each other’s systems and data. Inadequate Protection: Threats are underestimated, controls are not well understood. Productivity pressures, cost reduction pressures. Companies have not always understood the threats. Cost pressures mean that mgr.s skip time-consuming control proc.
3 3
3
Introduction Introduction
Control and security are important Companies are now recognizing the problems and taking positive steps to achieve better control, including: Devoting full-time staff to security and control concerns. Educating employees about control measures. Establishing and enforcing formal information security policies. Making controls a part of the applications development process. Moving sensitive data to more...