Accounting Information Systems, 5th edition

James A. Hall

COPYRIGHT © 2007 Thomson South-Western, a part of The Thomson Corporation. Thomson, the Star logo,
and South-Western are trademarks used herein under license
 Threats to the operating system and
internal controls (IC) to minimize them
 Threats to database integrity and IC to
minimize them
 Risks associated with electronic commerce
and IC to reduce them
 Exposures associated with electronic data
interchange (EDI) and IC to reduce them
 Organizational Structure

Internet
& Intranet

Data Internet
Operating
Management
System & Intranet

Systems
Development

EDI Trading Systems Personal Computers

Partners Maintenance Applications

Computer Center Security

General Control Framework for CBIS Exposures

 Operating system performs three main tasks:
◦ Translates high-level languages into machine-level
language.
◦ Allocates computer resources to user applications.
◦ Manages tasks of job scheduling and
multiprogramming.
Linux

Windows
Unix
4
 It must
◦ protect itself from tampering from users
◦ be able to prevent users from tampering with
programs of other users
◦ be able to safeguard users’ applications from
accidental corruption
◦ be able to safeguard its own programs from
accidental corruption
◦ be able to protect itself from power failures or
other disasters

5
 Log-On Procedure
◦ first line of defense--user IDs and passwords
 Access Token
◦ contains key information about user
 Access Control List
◦ defines access privileges of users
 Discretionary Access Control
◦ allows User to grant access to another user

6
 Formalized procedures for software
acquisition
 Security clearances of prospective employees
 Formal acknowledgment by users of their
responsibilities to company
 Security group to monitor security violations
 Formal policy for taking disciplinary action
against security violators

7
 Browsing
◦ looking through memory for sensitive information
(e.g., in printer queue)
 Masquerading
◦ pretend to be authorized user by getting ID and
passwords – shoulder surfing
 The most common method to get your password is for
someone to look over your shoulder! Make sure your
password is a combination of upper/lower case letters,
numbers, special characters.
 Virus & Worms
◦ foreign programs that spread
through system
◦ virus must attach to another program,
worms are self-contained

8
 Trojan Horse
◦ foreign program that conceals itself
with another legitimately imported
program
 Logic Bomb
◦ foreign programs triggered by specific event
 Back Door
◦ alternative entry into system
 Intentional (programmers)
 Security hole

9
 Access Privileges
 Audit objectives: verify that access
privileges are consistent with separation
of incompatible functions and
organization policies
 Audit procedures: review or verify…
◦ policies for separating incompatible functions
◦ a sample of user privileges, especially access
to data and programs
◦ security clearance checks of privileged
employees
◦ formally acknowledgements to maintain
confidentiality of data
◦ users’ log-on times
 Password Control
 Audit objectives: ensure adequacy and
effectiveness password policies for
controlling access to operating system
 Audit procedures: review or verify…
◦ passwords required for all users
◦ password instructions for new users
◦ passwords changed regularly
◦ password file for weak passwords
◦ encryption of password file
◦ password standards
◦ account lockout policies
 Audit Trail Controls
 Audit objectives: whether used to (1)
detect unauthorized access, (2) facilitate
event reconstruction, and (3) promote
accountability
 Audit procedures: review or verify…
◦ how long audit trails have been in place
◦ archived log files for key indicators
◦ monitoring and reporting of security violations
 Organizational Structure

Internet
& Intranet

Operating Data Internet

System Management
& Intranet

Systems
Developmen
t

EDI Trading Systems Personal Computers

Partners Maintenance Applications

Computer Center Security

General Control Framework for CBIS Exposures

Two crucial database control issues:
Access controls
 Audit objectives: (1) those authorized to use
databases are limited to data needed to
perform their duties and (2) unauthorized
individuals are denied access to data
Backup controls
 Audit objectives: backup controls can
adequately recovery lost, destroyed, or
corrupted data
 User views - based on subschemas
 Database authorization table - allows specific
authority rules
 Data encryption - encoding algorithms
 Biometric devices - fingerprints, retina prints, or
signature characteristics

15
 User 1 works in
A/R Dept. Can
Read, Add, &
Delete data.

Resource Employee Shared Cash Receipts

User AR File File Printer Program

Read data
User 1 Change No Access Use No Access
Add
Delete
Read only Read code
User 2 No Access Use Modify
Delete

User 3 No Access Read only Use No Access

Audit procedures: verify…
◦ Who has responsibility for authority
tables & subschemas (user views)?
◦ Granting appropriate access authority
◦ Are biometric controls used?
◦ Encryption?
 Database backup – automatic periodic copy
of data
 Transaction log – list of transactions which
provides an audit trail
 Checkpoint features – suspends data during
system reconciliation
 Recovery module – restarts system after a
failure
 Grandparent-parent-child backup –the
number of generations to backup is up to
company policy
 Direct access file backup - back-up master-
file at pre-determined intervals
 Off-site storage - guard against
disasters and/or physical destruction

20
 Audit procedures: verify…
◦ that production databases are
copied at regular intervals
◦ backup copies of the database are
stored off site to support disaster
recovery
 Communications is a unique aspect of
the computer networks:
◦ different than processing (applications) or
data storage (databases)
 Network topologies – configurations of:
◦ communications lines (twisted-pair wires,
coaxial cable, microwaves, fiber optics)
◦ hardware components (modems, multiplexers,
servers, front-end processors)
◦ software (protocols, network control systems)
Internal and external subversive activities
Audit objectives:
1. prevent and detect illegal internal and Internet
network access
2. render useless any data captured by a
perpetrator (usually encryption)
3. preserve the integrity and physical security of
data connected to the network
Equipment failure
Audit objective: determine integrity of e-commerce
transactions: are controls in place to detect
and correct message loss due to equipment
failure
 Include:
◦ unauthorized interception of a
message
◦ gaining unauthorized access to an
organization’s network
◦ denial-of-service (DOS) attack from
remote location
 Firewalls provide security by channeling all
network connections through a control
gateway.
 Network level firewalls
◦ Low cost and low security access control
◦ Do not explicitly authenticate outside users
◦ Filter junk or improperly routed messages
◦ Experienced hackers can easily penetrate system
 Application level firewalls
◦ Customizable network security, but expensive
◦ Sophisticated functions such as logging or user
authentication
 Denial-of-service (DOS) attacks
◦ Security software searches for
connections which have been
half-open for period of time.
 Encryption
◦ Computer program transforms a
clear message into a coded
(cipher) text form using an
algorithm.
 Sender Receiver

Step 1: SYN messages

Step 2: SYN/ACK

Step 3: ACK packet code

In a DOS Attack, the sender sends hundreds of messages, receives the

SYN/ACK packet, but does not response with an ACK packet. This leaves the
receiver with clogged transmission ports, and legitimate messages cannot be
received.
 Key

Cleartext Encryption Communication

Program Ciphertext
Message System

Cleartext Encryption
Message Program Ciphertext Communication
System

Key
 Digital signature – electronic authentication
technique to ensure that…
◦ transmitted message originated with authorized
sender
◦ message was not tampered with after signature
was applied
 Digital certificate – like an electronic
identification card used with a public key
encryption system
◦ Verifies authenticity of message sender
 Message sequence numbering – sequence
number used to detect missing messages
 Message transaction log – listing of all
incoming and outgoing messages to
detect efforts of hackers
 Request-response technique – random
control messages are sent from sender to
ensure messages are received
 Call-back devices – receiver calls sender
back at a pre-authorized phone number
before transmission is completed
 Review firewall effectiveness in terms of
flexibility, proxy services, filtering,
segregation of systems, audit tools, and
probing for weaknesses.
 Review data encryption security procedures
 Verify encryption by testing
 Review message transaction logs
 Test procedures for preventing
unauthorized calls
 Line errors are data errors from
communications noise (static).
 Two techniques to detect and correct such
data errors:
◦ echo check - receiver returns message to sender
◦ parity checks - an extra bit is added onto each byte
of data, similar to check digits
 Usingsample of messages from
transaction log:
◦ examine them for garbled contents
caused by line noise (static)
◦ verify that all corrupted messages
were successfully retransmitted
 Electronic data interchange (EDI) uses
computer-to-computer communications
technologies to automate B2B
purchases.
 Audit objectives:
1. Transactions are authorized, validated, in
compliance with trading partner agreement.
2. No unauthorized organizations can gain
access to database
3. Authorized trading partners have access
only to approved data.
4. Adequate controls are in place to ensure
complete audit trail.
 Authorization
◦ automated and absence of human intervention
 Access
◦ need to access EDI partner’s files
 Audit trail
◦ paperless and transparent (automatic)
transactions
 Authorization
◦ use of passwords and value added networks
(VAN) to ensure valid partner
 Access
◦ software to specify what can be accessed and at
what level
 Audit trail
◦ control log records transaction’s flow through
each phase of transaction processing
 EDI System without Controls

Company A Company B (Vendor)

Application Purchases Sales Order Application
Software System System Software

EDI EDI
Translation Translation
Software Software
Direct Connection
Communications Communications
Software Software
 EDI System with Controls
Company A Company B (Vendor)
Application Purchases Audit trail of Sales Order Application
Software System transactions between System Software
trading partners

EDI EDI
Translation Translation
Software Software
Transaction Transaction
Log Log
Communications Communications
Software Software

Other
Software limits Mailbox
vendor’s Use of VAN to
(Company B) Company VAN Company enforce use of
access to A’s mailbox B’s mailbox
passwords and
company A’s valid partners
database Other
Mailbox
 Tests of Authorization and Validation Controls
◦ Review procedures for verifying trading partner
identification codes
◦ Review agreements with VAN
◦ Review trading partner files
 Tests of Access Controls
◦ Verify limited access to vendor and customer files
◦ Verify limited access of vendors to database
◦ Test EDI controls by simulation
 Tests of Audit Trail Controls
◦ Verify exists of transaction logs are key points
◦ Review a sample of transactions
41