Question

Questions in Accounting Information Systems

1- What is the relationship between authorization and information security

2- What is the relationship between Internal Control and fraud

3- What is the relationship between double entry system and IT

Answer 1

1. relationship between authorization and information security

In simple terms, authentication is the process of verifying who a user is, while authorization is the process of verifying what they have access to. Comparing these processes to a real-world example, when you go through security in an airport, you show your ID to authenticate your identity.

Authorization is the function of specifying access rights/privileges to resources, which is related to information security and computer security in general and to access control in particular. More formally, "to authorize" is to define an access policy.

Authorization is the process of giving someone permission to do or have something.Thus, authorization is sometimes seen as both the preliminary setting up of permissions by a system administrator and the actual checking of the permission values that have been set up when a user is getting access.

2. the relationship between Internal Control and fraud

The impact that strong internal controls has in deterring fraud and limiting exposure if fraud does occur is irrefutable; however, a strong system of internal controls is no absolute guarantee that all cases of fraud will be prevented.

Although government fared better than most industries, any type of fraud within government is taken seriously. The impact of fraud, waste, and abuse of taxpayer dollars is devastating to the indispensable trust and respect that the public has for government leaders. To preserve the trust and respect that the public has for the governing process, government agency leaders should take the necessary steps to minimize the risk of fraud, waste, and abuse occurring within their agency.

The establishment of a strong internal control environment where written policies and procedures are enforced, internal controls are appropriately implemented, and employees are educated about fraud and its consequences is one of the best deterrents and methods of curtailing fraud. For internal controls to be effective, they must be constantly evaluated for effectiveness and changed as business processes are changed or altered.

The responsibility for the implementation of internal controls rests with management of each agency. The impact that strong internal controls has in deterring fraud and limiting exposure if fraud does occur is irrefutable; however, a strong system of internal controls is no absolute guarantee that all cases of fraud will be prevented. Why? Because the best system of internal control can’t prevent collusion between two or more people who are in positions to circumvent the internal control mechanisms, or prevent managers or individuals in key leadership capacities from unduly influencing those responsible for the internal control activities. Therefore, it is important for state government employees to recognize fraud when it is occurring and report the fraudulent activities to the appropriate authority.

3.the relationship between double entry system and IT

Double entry system records the transactions by understanding them as a DEBIT ITEM or CREDIT ITEM. A debit entry in one account gives the opposite effect in another account by credit entry. This means that the sum of all Debit accounts must be equal to the sum of Credit accounts.

Double-entry bookkeeping was developed in the mercantile period of Europe to help rationalize commercial transactions and make trade more efficient. It also helped merchants and bankers understand their costs and profits. Some thinkers have argued that double-entry accounting was a key calculative technology responsible for the birth of capitalism.

An information system is a formal, sociotechnical, organizational system designed to collect, process, store, and distribute information. In a sociotechnical perspective, information systems are composed by four components: task, people, structure, and technology