Question

Identify four risks associated with IT systems in accounting. For each of the four risks, identify whether they are mitigated by IT general controls or IT application controls. Identify a specific control that mitigates the risk (for each of the four IT risks identified) and explain how it mitigates the risk identified.

Answer 1

1. Physical Threats - These threats include physical damage to IT resources such as hardwares and softwares related to computers, servers mainframes etc. This threat results in theft or damage from access by unauthorized person to confidential data. ​​​​​​

How to Mitigate ; This threat can be mitigated by installing proper security system such as CCTV so that unauthorized person would not able to access confidential system.

2. Electronic Threats - Electronic threat is commonly of criminal nature which causes threats such as : IT system could be affected by computer virus, a hacker may access the website, fraudulent mails and websites etc.

How to Mitigate: A team of technicians can be hired to immediately rectify the error.

3. Technical Failure Threats = These threats includes such as software bugs or any component of computer not working. This threat may lead to serious problem in the case when the technical failure is catastrophic, which means data cannot be retrieved or no backup can be found.

How to Mitigate : A Backup System should be manitained for every important information at regular time interval.

4. Human Error - Human error is also considered to be a serious threat as sometimes employees may delete important data accidentally or not able to follow security process appropriately.

How To Mitigate : A Proper training to employees regarding security system should be provided so that comparatively less human error would occur.