Question

• In the global enterprise, firms are insistent that their accounting information systems (AIS) and other key systems are available 100% of the time, and that these systems are the highest in integrity. Evaluate how a firm manages the balance of high availability with high integrity in these days of tight budgets and additional oversight from regulators.
• As a student taking online classes or relying on online resources such as libraries and tech support, evaluate the benefits of the school providing you with 24 / 7 access to these resources in relation to the costs incurred by the school itself.

Answer 1

An information system is a formal process for collecting data, processing the data into information, and distributing that information to users. The purpose of an accounting information system (AIS) is to collect, store, and process financial and accounting data and produce informational reports that managers or other interested parties can use to make business decisions. Although an AIS can be a manual system, today most accounting information systems are computer-based.

Integrity

Integrity of information refers to protecting information from being modified by unauthorized parties.Information only has value if it is correct. Information that has been tampered with could prove costly. For example, if you were sending an online money transfer for $100, but the information was tampered in such a way that you actually sent $10,000, it could prove to be very costly for you.

As with data confidentiality, cryptography plays a very major role in ensuring data integrity. Commonly used methods to protect data integrity includes hashing the data you receive and comparing it with the hash of the original message. However, this means that the hash of the original data must be provided to you in a secure fashion. More convenient methods would be to use existing schemes such as GPG to digitally sign the data

Availability

Availability of information refers to ensuring that authorized parties are able to access the information when needed.

Information only has value if the right people can access it at the right times. Denying access to information has become a very common attack nowadays. Almost every week you can find news about high profile websites being taken down by DDoS attacks. The primary aim of DDoS attacks is to deny users of the website access to the resources of the website. Such downtime can be very costly. Other factors that could lead to lack of availability to important information may include accidents such as power outages or natural disasters such as floods.

How does one ensure data availability? Backup is key. Regularly doing off-site backups can limit the damage caused by damage to hard drives or natural disasters. For information services that is highly critical, redundancy might be appropriate. Having a off-site location ready to restore services in case anything happens to your primary data centers will heavily reduce the downtime in case of anything happens.

As a result of these problems controlling the security and integrity of computer systems has become an important issue.Most AIS managers indicate that control risks have increased in the last few years.