Audit and Internal Control Essay Example | Topics and Well Written Essays - 1750 words

Audit and Internal Control - Essay ExampleA estimator system is at risk of been vexed illegally and data that is held there within put at risk.Given the sensitive nature of accounting data, the finance director has asked for an audit story detailing the security status of the system. entropy will be input in the computers from workstations, and there is risk of unauthorized access to this data at this point. Data from satellite stations will be transmitted through the internet, and there is the risk of this data getting accessed by unauthorized individuals either remotely or otherwise. The finance director has specifically asked for a description of the general controls that can be exercised to avert unauthorized access to the computer system from remote workstations. These whitethorn be the remote workstations of the companys staff or the remote workstation of a computer hacker. The director also asked for procedures that can be applied to avert unauthorized access to the compu ter through the service brookr. Controls to be employed in the purchases and payroll systems over retrieval of information, input of transaction data and updating of standing data files has also been requested.It has been noted that a large number of unauthorized access to a companys computer system is from within, rather than from without (Wilkinson 2009). What this means is that there are several(prenominal) members of the staff who are errant enough to access the computers of their employer without the relevant authorization. The reasons why they do this are varied. Some are interested in sabotaging the activities of the company musical composition others are just curious about the contents of the computer. There are several procedures that have been developed that ensure that this does not happen. Use of Password and drug user ID ControlPassword is the most common form of control that is used to ensure that there is no unauthorized access to a computer and the computer syste m (Nikoltos 2008). In this case, every user of the computer or system is given an identity, or ID. The ID might be his name or other such identifications. He accesses the system by using that ID, since it is the name that the system knows him with. A countersignature is then given to each and every of these ids. The user is supposed to provide the computer with his identity and the accompanying password for him to be allowed access to the system. Every password is specific to a particular ID. A wrong combination of the both will not allow the user to gain access to the system (Nikoltos 2008). When there is more than one user with identical names and information, a supererogatory ID called the User Specific ID is used (Marie 2007). Windows will utilize Security ID or SID for each and every of those accounts (Marie 2007). The best thing about this ID is that it is a very unique(p) key. When a user is creating an account, the security identity is generated, giving all his details (Wilkinson 2009). Passwords and user IDs have some strength that makes them effective in dealing with a remote unauthorized access. For starters, the computer system is set such that there is no access that can be permitted if the correct combination between ID and password is not made (Wilkinson 2009). This makes it possible for the computer system to alert the administrator when an unauthorized access had been attempted. It is also very hard for a password to be replicated. The user can create a very