Threats to Accounting Information Systems

Threats to accounting information systems can come from a variety of sources. If these threats are ignored, they can destroy the relevance and reliability of financial information, leading to poor decisions by various stakeholders.

At the point where data is collected, it is very important to establish security controls that ensure that transaction or event data are valid, complete, and free from material errors. Hacker activities that can occur at the data collection level include pretending to be an authorized user (masquerading) and tapping into telecommunications lines (piggybacking).

Threats to accounting information systems can also occur during the data processing phase. This can include creating illegal programs, accessing or deleting files, destroying or corrupting a program’s logic through viruses, or altering a program’s logic to cause the application to process data incorrectly all represent threats.

Threats to database management might also include unauthorized access that allows altering, deleting, corrupting, destroying, or stealing data. The failure to maintain backup files or other retrieval techniques represents a potentially devastating loss of data. Threats to the information generation and reporting phase must also be considered. For example, the theft, misdirection, or misuse of computer output could damage the competitiveness or reputation of the company.

Advances in information technology and increased use of the Internet require that management, accountants, auditors, and professors become more knowledgeable and conversant in the design, operation, and control of accounting information systems.