Accounting Information Systems
11th Edition
ISBN: 9781337552127
Author: Ulric J. Gelinas, Richard B. Dull, Patrick Wheeler, Mary Callahan Hill
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 9DQ
Summary Introduction
“Preventing the unauthorized disclosure and loss of data has become almost impossible. Employees and others can use iPods, flash drives, cameras and PDA’s Product I to download data and remove it from an organization’s premises.”
To discuss: Whether you agree on the above statement and describe some controls that might reduce the risk of data disclosure and loss from these devices.
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why?
(c) A criminal remotely accessed a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters.
Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why?
(i)To facilitate working from home, an employee installed a modem on his office workstation. An attacker successfully penetrated the company’s system by dialing into that modem.
Controls over data management systems fall into two categories: access controls and backup controls. In the shared database environment, access control risks include corruption, theft, misuse, and destruction of data. These threats originate from both unauthorized intruders and authorized users who exceed their access privileges. Which of the following options is not part of controls over data management systems?
a. Employees that sharing the same computers need restriction for access to specific directories, programs, and data files by using multilevel password control.b. To recover data from disaster, organizations must implement policies and procedures and routinely provide backup copies of critical files.c. Database Administrator works closely with users and systems designers has primary responsibility for user view design and works closely with users and systems designers.d. Access to confidential data must be properly managed. Inference controls prevent users from inferring,…
Chapter 8 Solutions
Accounting Information Systems
Ch. 8 - What are the four major categories of pervasive...Ch. 8 - What are the differences among a pervasive control...Ch. 8 - Prob. 3RQCh. 8 - Describe some compensating controls that can be...Ch. 8 - What are policy controls plans? How do policies...Ch. 8 - Why should an organization conduct monitoring...Ch. 8 - Prob. 8RQCh. 8 - Prob. 10RQCh. 8 - What are the major elements of the strategic IT...Ch. 8 - Prob. 12RQ
Ch. 8 - Prob. 13RQCh. 8 - What are the four stages through which a program...Ch. 8 - What steps are commonly included in a business...Ch. 8 - Prob. 16RQCh. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 21RQCh. 8 - Prob. 22RQCh. 8 - Prob. 23RQCh. 8 - Prob. 24RQCh. 8 - Prob. 25RQCh. 8 - Prob. 26RQCh. 8 - Prob. 27RQCh. 8 - Prob. 28RQCh. 8 - Prob. 29RQCh. 8 - Prob. 30RQCh. 8 - Prob. 31RQCh. 8 - Prob. 1DQCh. 8 - Prob. 2DQCh. 8 - No matter how sophisticated a system of internal...Ch. 8 - Prob. 4DQCh. 8 - Prob. 5DQCh. 8 - Prob. 6DQCh. 8 - Prob. 7DQCh. 8 - Contracting for a hot site is too cost-prohibitive...Ch. 8 - Prob. 9DQCh. 8 - Prob. 10DQCh. 8 - Prob. 11DQCh. 8 - The following is a list of six control plans from...Ch. 8 - Prob. 2SPCh. 8 - Prob. 3SPCh. 8 - Prob. 2PCh. 8 - The following is a list of 13 control plans from...Ch. 8 - Prob. 4PCh. 8 - Prob. 5PCh. 8 - Prob. 6PCh. 8 - Examine the last column in Table 8.2 (p. 280) for...
Knowledge Booster
Similar questions
- Which of the following statements is NOT correct? a. EAMs capture transactions during processing without removing the application from service. b. EAMs support continuous monitoring of controls. c. EAMs have the potential to corrupt corporate databases d. EAMs decrease operational performance. e. All of the above are correct statements.arrow_forwardWhat is a good response to? A DoS attack is when legitimate users cannot access information systems or services because of the actions of a malicious actor who floods the targeted system with excessive traffic, rendering it unresponsive (CISA, 2021). These attacks are a danger to online retailers because they disrupt operations and lead to substantial financial and reputational damage (Crumbley & Fenton, 2021). For high-priority applications, revenue losses can reach upwards of $67,651 per hour during downtime. Employee productivity declines when critical business applications are offline, and remediation efforts incur extra costs, such as overtime pay and external consulting fees. Such disruptions can tarnish brand reputation, driving customers to competitors and causing long-term market share loss. Some attacks come with ransom demands, adding further financial strain (Sansone, 2024).arrow_forwardCommunication via the internet is fraught with major security problems. When it comes to Internet communications, which of these aspects poses the biggest security risk?arrow_forward
- Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (j) An attacker gained access to the company’s internal network by installing a wireless access point in a wiring closet located next to the elevators on the fourth floor of a high-rise office building that the company shared with other companies.arrow_forwardThe use of information technology raises significant ethical issues such as computer crime, data security, privacy and so on. Computer ethics is the analysis of the nature and social impact of computer technology, as well as formulation of appropriate policies for the ethical use of such technology. The following statements address computer ethics, except :A. The company restricts access to external websites.B. Company policy to prevent the use of portable storage devices on work computers.C. Keep dan maintain software licenses legal and up-to-date.D. Enforces policies for employees who share information about customers on social media. Explain why you choose your answer, and not the other (in max 200 words).arrow_forwardAs an added measure, a company has set up its network so that computers that currently log in through the central authentication system (CAS) can log in even if the network is unavailable (through a system of stored password information). This move would be most closely associated with which CIIA goals: Confidentiality and Integrity O Integrity and Availability Confidentiality and Accessibility O Confidentiality and Availabilityarrow_forward
- Internal controls are critical for any organization's risk of fraudulent activity. Additionally, new technology assists accountants in minimizing fraud. Demonstrate how an advanced technology transaction processing system may help any organization minimize fraudulent activity.arrow_forwardWhich preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (e)A company’s programming staff wrote custom code for the shopping cart feature on its website. The code contained a vulnerability that could be exploited when the customer typed in the ship-to address.arrow_forwardSTUDY QUESTIONS Why is human behavior considered one of the biggest potential threats to operating system integrity? What are the issues that need to be considered before implementing keystroke monitoring? Describe the three ways on how an audit trail can be used to support security objectives. Explain how poorly designed audit trail logs can actually be dysfunctional. Why would a systems programmer create a back door if he or she has access to the program in his or her day-to-day tasks? PROBLEMS Problem 1: Charles Hart, an accounts payable clerk, is an hourly employee. He never works a minute past 5 P.M. unless the overtime has been approved. Charles has recently found himself faced with some severe financial difficulties. He has been accessing the system from his home during the evening and setting up an embezzlement scheme. As his boss, what control technique(s) can be used to help detect this type of fraud? Problem 2: In 2002, Mr. Rollerball started Mighty Mouse,…arrow_forward
- How can an organisation use their information system to prevent employees from making inappropriate procurements or fraudulent purchases? Discuss and justify your answer with peer-reviewed supportarrow_forwardThe ABC Company is switching from its legacy centralizedsystem to a fully distributed system. Underthe new model, all employees will work from PCsconnected to a local area network. a. Outline a plan of action to ensure that the propercontrols over hardware, software, data, people,procedures, and documentation are in place.b. Discuss any risks the company may face if thedevised plan is not implemented.arrow_forward14. Explain how to prevent and detect computer fraud and abuse.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Pkg Acc Infor Systems MS VISIO CDFinanceISBN:9781133935940Author:Ulric J. GelinasPublisher:CENGAGE L
Accounting Information SystemsAccountingISBN:9781337619202Author:Hall, James A.Publisher:Cengage Learning,
Auditing: A Risk Based-Approach (MindTap Course L...AccountingISBN:9781337619455Author:Karla M Johnstone, Audrey A. Gramling, Larry E. RittenbergPublisher:Cengage LearningBusiness/Professional Ethics Directors/Executives...AccountingISBN:9781337485913Author:BROOKSPublisher:Cengage
Cornerstones of Financial AccountingAccountingISBN:9781337690881Author:Jay Rich, Jeff JonesPublisher:Cengage Learning
Pkg Acc Infor Systems MS VISIO CD
Finance
ISBN:9781133935940
Author:Ulric J. Gelinas
Publisher:CENGAGE L
Accounting Information Systems
Accounting
ISBN:9781337619202
Author:Hall, James A.
Publisher:Cengage Learning,
Auditing: A Risk Based-Approach (MindTap Course L...
Accounting
ISBN:9781337619455
Author:Karla M Johnstone, Audrey A. Gramling, Larry E. Rittenberg
Publisher:Cengage Learning
Business/Professional Ethics Directors/Executives...
Accounting
ISBN:9781337485913
Author:BROOKS
Publisher:Cengage
Cornerstones of Financial Accounting
Accounting
ISBN:9781337690881
Author:Jay Rich, Jeff Jones
Publisher:Cengage Learning