Abstract
This research examines three types of information security and control procedures for organizations that are expected to be used within Accounting Information Systems (AIS): security and general control for organizations; security and general control for Information Technology (IT), and application controls for transaction processing. In practice, this study found that banks, to be able to protect themselves against computer fraud, formulate control procedures relate to input controls, processing controls, output controls, and physical security. Furthermore, banks and accountants in their practice adapted several methods for thwarting (mitigating) computer crimes, abuses, and fraud as follows: Enlist top-management support; Increase employee awareness and education1 ; Assess security measures and protects passwords2 ; Implement controls which based on the believe that most computer crimes and abuse succeed because of the absence of control rather than the failure of control. The study found that the solution to the computersecurity problems of most banks is straightforward: design and implement control. This means that accountants install control procedures to deter computer crimes, and managers enforce them, and both internal and external auditors test them. Furthermore, the study found that no bank Employ forensic accountants in the normal situation. Top managers in many banks explain that when a bank suspects an ongoing computer crime or fraud, it can hire forensic accountants to investigate its problems, document findings, and make recommendations. Accountants may use specialized software tools to help them perform their tasks3 . Good security for banks starts with a clear disaster recovery plan and a solid security policy which are not applied and many banks are not conducting a risk assessment procedure. Probably the best security investment in Jordanian banks is user training: training individual users on data recovery and ways to defeat social engineering
SHAMSI S. BAWANEH. (2014) Information Security for Organizations and Accounting Information Systems A Jordan Banking Sector Case, International Review of Management and Business Research, Volume 3, Issue 2.
-
Views
396 -
Downloads
36
Article Details
Volume
Issue
Type
Language
