Professional Documents
Culture Documents
Accounting Information System Make Up Cat
Accounting Information System Make Up Cat
Accounting Information System Make Up Cat
MAKE UP CAT
C027-01-2058/2019
CAT I
A modern bank operates with huge amounts of information that require fast encryption “on the
fly” for their safety, which significantly increases the system requirements for computer
technology and cryptographic devices. In addition, banks need to ensure backup of large
amounts of data and secure storage of copies. Any security incident can be complicated by the
fact that information about the vulnerability, as well as software tools for using it, is instantly
distributed over the Internet, leading to large-scale exploitation of the vulnerability (Chaikovskyi
& Kovalchuk, 2019). Therefore, financial institutions need to pay special attention to the choice
of software or IT contractors, as well to in-time updates.
CAT II
Describe the threats and risks the organization is exposed to e.g hacking e.t.c, discuss past
experience of any when threat was actualized not a must.
- Intentional acts- Here we have had many people who attempt or manage to commit bank
robbery for example students who dug a tunnel at Thika and stole Kenya Shillings 30 million.
- Accident or innocent errors –e.g. in 24th February 2020 a matatu crashed into a bank, at least
7 people were left injured after a 14 -seater matatu crashed into an Equity Bank building in
Chuka.
- Software errors and equipment malfunction- Although minimal but equipment malfunction
happens that leads to one teller at the bank being un operational
- Increase in the number of clients and customers in the bank resulting to a rise in the number
of users required to use the to serve clients hence if not properly managed may lead to
hacking
- A rise in the amount of information being distributed to users in the bank system making it
harder to control as well as confidentiality
Controls and procedures (ICS) put in place to manage the risks- preventive, detective and
corrective measures
1. Preventive control
- Hiring highly qualified accounting personnel- The bank in many occurrences hire stuff who have
both a degree and masters in accounting hence reduce the risk of money laundry in the bank.
- Instilling a culture of integrity and honesty – This is seen in many banks as all stuff are required
to not share or see any client information without the clients permission.
- Appropriately segregating employee duties – The bank has stuffs who play different roles in the
organization ,be it the teller or the security guard each play a significant role in reducing risk that
may occur in the organization
- Effectively controlling access to assets, facilities and information – All the stuff are required to
enter at the same time ,like today when you go to a bank before 8Am the stuff are outside the
door and 10 minutes to 8Am they all enter
- IT controls e.g. passwords, firewalls- For example the Equity mobile banking to access it you
have to have your password hence increase the level of security
2. Detective Control
- Physical monitoring of employee activities – The manager walks into the offices of the teller to
check the progress of the employees
- Double checking calculations- The bank has Audit managers who come now and then to check
on the financial statements and hence double check all the values entered to ensure a honest
transaction that took place between the clients and the bank.
- Preparing Reconciliation Statements – The bank has many accountant professional who prepare
this king of statement which is real time
- Use of CCTV cameras- The bank has a lot of CCTV cameras which make it easier to see robbery
that can or is taking place in the bank
3. Corrective Control
- Maintaining back-up copies of key transactions and master files – All bank have back-up for all
data in the bank hence when the system crushes they can recover all the data when the system
is corrected
- Adherence to procedures for creating data entry errors-When you go to a bank all the questions
are the same they first start asking you questions from bringing your Id to what amount are you
withdrawing.
Weakness in ICS (procedures) put in place and potential solutions for each
- Destruction of assets i.e. physical assets and information-Like in the case given above the
Matatu that caused an accident in the bank made a lot of damages like glasses were broken and
chairs broken
- Theft of assets-This happens frequently as people take the small things like the pen given at the
bank
- Disruption of information system – For example an IT student from JKUAT was accused of
Hacking into a bank system he stole 24million and attempted to steal 190 million in the local
bank
- Corruption of information or information system – For a system to be hacked it must be
corrupted.
THE END.