Potential Risks Of Computerized Information System Essay

Questions:

1.What is the Potential Impact of Each Risk to Fruito?
2.Recommend Which Internal Controls should be implemented by Fruito.How do these Controls Mitigate the risks you have Identified?
3.Prepare a Summary of your Findings for the CFO.

Answers:

Introduction

The report has been made for Frutio for understanding the concept of computerized information system for the accounting operations of the company. The report would highlight the risks faced while using the information system, their impact on the business structure and provide mitigation strategies for managing the information system of the company.

1. Potential Risks of computerized information system

The potential risks of the computerized information system for accounting operations of Frutio are intentional and non intentional entry of wrong data, accidental loss of data and information, unauthorized access, natural disaster, computer viruses, theft of data, and interception of process (Schneider et al., 2014). They have been explained below:

Intentional and non intentional entry of wrong data: The primary issue made by person involved for entering the data about the stock ordered or delivered in the organization (Willcocks, 2013). The wrong data entered by the person in charge of the information system can be accidental and deliberate too.


Accidental Deletion of data and information: The data and information of the fruits and vegetable can be lost due to the some technical issues (Li, 2014). It is possible that the file containing the data gets corrupted and deleted during the operations of the organization.

Unauthorized access: The information system runs on virtual security system and it can be accessed using right means of the technology (Schneider et al., 2014). The system is prone to get hacked into for infiltrating information like name of suppliers and customers of the company.

Natural disaster: The natural disaster is the most uncalled system failure that can happen any time without any consent (Willcocks, 2013). The natural disaster includes data lost by fire or any breakage. It happens without anyone’s initiation.

Computer viruses: The computer viruses, malware, and Trojans are responsible for malfunctioning of the computerized systems (Li, 2014). It would hinder the processing of the information system for the stock information input.

Theft of data: The theft of data is an external issue and it is caused by any way extracting information from the system. The rivals and competitors can extract the data from the information system using methods of hacking and phishing.

Interception of process: The process of the information inputting into the system can be intercepted from outside and the result of the process would be halting of the process of data storage.

Potential Impact of risks

The impact of the risk factors like intentional and non intentional entry of wrong data, accidental loss of data and information, unauthorized access, natural disaster, computer viruses, theft of data, and interception of process have been explained below in the table:

Risk Factors

Potential Impact on the company

Intentional And Non Intentional Entry Of Wrong Data

Wrong data is entered

Overall calculation of stock is miscalculated

Accidental Deletion Of Data And Information

No information for stock inventory is present

Final Balance and accounts book cannot be prepared

Unauthorized Access

Data and information can be modified

Extraction of the data from the database would result in violation of privacy (Covello & Merkhoher, 2013)

Natural Disaster

Loss of important data and information

Re-entering of the data set

Computer Viruses

Slowing the processing of the system

Malfunctioning of the computer system

Theft Of Data

Misuse of the data by rival competitors

Loss of customer’s contact information

Interception Of Process

Not being able to complete the data processing

Growth in customer’s dissatisfaction due to issues in service (Joyce et al., 2016)

Table 1: Risk Assessment Factors

(Source: Goble & Bier, 2013, pp-1950)

2.. Recommended Internal Controls and their mitigation on risks

Each of the risk factors mentioned in the report have to be dealt for making sure that the information system processing for the accounting data can be done successfully (Mehta et al., 2014). The risk mitigation strategies and their operations on the risks are given below:


Risk factor

Risk Mitigation Control

Function of the risk mitigation control

Intentional And Non Intentional Entry Of Wrong Data

Double Checking the data entered

Wrong entered value would be detected and corrected

Employing a supervisor for cross checking the data entered by the employee

Wrong entered value would be detected and corrected, the employee should be dealt with

Accidental Deletion Of Data And Information

Keeping the data stored in a recovery platform

The data deleted can be recovered

Information system design should prompt permission before deleting any file

The deletion of data by mistake can be avoided

Unauthorized Access

Password for accessing into the system

No one can access the information system without the password

Limiting the users into the password

Chances of password being shared would become minimum

Natural Disaster

Data backup should be kept

Data would be stored in a separate platform

System should be made with auto recovery option

System would be able to retrieve data automatically

Computer Viruses

Antivirus should be used in the system

Detection and Deletion of virus and other Trojans

Untrusted sites and server should not be accessed

No scope for malware to inflict into the system

Theft Of Data

Data theft detection software must be used

Theft of data can be stopped and halted

Data should be encrypted

Even the theft data could not be misused

Interception Of Process

Troubleshooting for detecting any hindrance in the process

Interception can be dealt and process can be continued

Process Recovery options

The stopped process can be restarted with the system reboot

Table 2: Risk Mitigation Strategies

(Source: Prasannakumar, 2012, pp-212)

3. Summary of the report

The potential risks for the information system are intentional and non intentional entry of wrong data, accidental loss of data and information, unauthorized access, natural disaster, computer viruses, theft of data, and interception of process and they can affect the processes of the organization by slowing, hindering, halting, data theft and economically bringing loss to the organization. The use of risk mitigation techniques like backup and recovery, security system, troubleshooting option, and antivirus would be helpful for supporting the information system of the organization. The tabular representation of the findings of the report has been given below:

Findings

Description

Risk factors for Fruito

The risk factors for the information system of Fruito are intentional and non intentional entry of wrong data, accidental deletion of data and information, unauthorized access, natural disaster, computer viruses, theft of data, and interception of process

Impact of risk factors on the operations of Fruito

The impacts of the risk factors on the operations of Fruito are wrong calculation of stock, no information for stock inventory, extraction of the data, result in violation of privacy, loss of important data and information, slowing and malfunctioning of the computer system, misuse of the data, and loss of customer.

Risk Mitigation Strategies for Fruito

The risk mitigation strategies include employment of a supervisor for cross checking, password for accessing into the system, data backup and auto recovery option, use of antivirus, not assessment of non-trusted sites and server, encryption of data, and provision for troubleshooting.

Conclusion

It can be concluded from the report that the use of above mentioned risk mitigation methods are very useful for dealing with the issues of risk factors in the organization of Fruito. The methods shown in the report would help in forming the appropriate information system solution for the organization.

References

Covello, V. T., & Merkhoher, M. W. (2013). Risk assessment methods: approaches for assessing health and environmental risks. Springer Science & Business Media.

Goble, R., & Bier, V. M. (2013). Risk Assessment Can Be a Game?Changing Information Technology—But Too Often It Isn't. Risk Analysis, 33(11), 1942-1951.

Joyce, D. L., Li, Z., Edwards, L. B., Kobashigawa, J. A., & Daly, R. C. (2016). Predicting One-Year Cardiac Transplant Survival Using a Donor/Recipient Risk Assessment Tool. The Journal of Heart and Lung Transplantation, 35(4), S58-S59.

Li, W. (2014). Risk assessment of power systems: models, methods, and applications. John Wiley & Sons.

Mehta, H., Goedvalk, C., & Barber, R. (2014). INCIDENCE AND RISK FACTORS FOR CENTRAL VENOUS CATHETER RELATED THROMBOSIS IN PICU AND DEVELOPMENT OF A RISK ASSESSMENT TOOL. Pediatric Critical Care Medicine, 15(4_suppl), 125.

Prasannakumar, V., Vijith, H., Abinod, S., & Geetha, N. (2012). Estimation of soil erosion risk within a small mountainous sub-watershed in Kerala, India, using Revised Universal Soil Loss Equation (RUSLE) and geo-information technology. Geoscience Frontiers, 3(2), 209-215.

Schneider, E. C., Ridgely, M. S., Meeker, D., Hunter, L. E., Khodyakov, D., Rudin, R., ... & Harpel, J. (2014). Promoting patient safety through effective Health Information Technology risk management. Santa Monica, CA: RAND.

Willcocks, L. (2013). Information management: the evaluation of information systems investments. Springer

How to cite this essay: