Chapter 9 - New Technology And Data Security Flashcards
Automation of accounting processes
Improved data integrity
More efficient approval - documents requiring approval automatically sent to the appropriate person
Greater internal data visibility
Quicker payment from customers - invoicing is quicker
Ai and machine learning
This is the concept of a computer being able to simulate the way that humans think and behave.
Machine learning is an application of ai that codes computers to learn from data. Machine learning bases its actions on past events to predict the probability of what will happen next.
Uses for AI and machine learning:
Coding of data - automatic coding of invoices, receipts and purchases
Audit of information - large amounts of data can be reviewed quickly
Forecasting future data - Ai could use its predicative capabilities to forecast future events
Analysing complex data - Developed Ai and machine learning can be used to carry out complex analysis
Blockchain
Blockchain is a digital ledger of transactions this is shared across the entire network of computers in the particular blockchain.
- A user raises a transaction
- A block is created to digitally represent the transaction
- A block is distributed to every computer in the network
- Every computer validates the transaction to prove it is authentic
- The now authenticated and complete block is added to the chain
Blockchains can protect against hacking, reduce costs, maintaining ledgers of accurate information.
Data analytics
This is the process of collecting, organising and analysing large amounts of data. The four types of data analytics are:
Descriptive - what has happened in the business in terms of reports and past performance
Diagnostic - why did it happen? An example would be why the sales of each product has changed month on month
Predictive - what is likely to happen next? This uses large volumes of data to make its predictions
Prescriptive - what action do we need to take now? This may use a combination of machine learning, algorithms and rules set by the business to make recommendations or for problem solving
Data analytics can speed up reporting processes so decision making will be quicker. Data analytics can also reduce fraud as it can identify anomalies in information as well as identifying trends so the business can decide which activities to focus on.
Using predictive and prescriptive data analytics can be expensive. This means a business needs to carefully consider the benefit before introducing them to the business.
Offshoring
Offshoring is the relocation of some of the organisations operations to another country. This is usually done with the intention to reduce costs by moving operations to a lesser developed country.
As technology improved offshoring has become much easier.
One advantage of offshoring can be higher visibility for the business in the overseas country and this could result in increased business in that country. However one disadvantage of offshoring could be cultural and language barriers which the business will need to overcome.
Cloud accounting
Cloud accounting is an accounting system this is accessed via the internet with information stored in remote, secure servers owned by the system provider.
Features of cloud accounting:
Remote access, remote data storage, shared access, multi user access, automation capabilities, interaction with stakeholders, real time data.
Benefits:
Lower IT costs - the business does not have the cost of buying and maintaining its own server
Improved sustainability - reduces use of paper
Better security - cloud accounting software companies will use a data centre with high levels of security
Drawbacks:
Reliance on internet access
Software requirements
Switching may be difficult
Electronic filing of documents
Benefits:
Instant access is available to any authorised users at any time
Frees up physical space
Better vision control as the business will have a full document history
Files are automatically backed up
Disadvantages:
Software will need to be kept up to date
Significant initial cost to set up the system
Risk of data breaches
Signing documents electronically
There are several ways in which documents can be signed electronically:
Simple electronic signatures - scanning a physical signature or using tick boxes with a declaration agreeing to terms
Advanced electronic signatures - This can be an application on their phone that they need to use in order to validate their signature on an electronic document
Qualified electronic signatures - Similar to an advanced electronic signature, it has the additional security validation by a third party trust service provider.
Outsourcing
This is when businesses uses a third party to carry out tasks.
Advantages:
Cost savings
Staff time freed up to carry out core operations
Disadvantages:
If core operations are outsourced then the business may lose expertise
Quality issues
Data Protection
The principles of data protection:
Lawfulness, fairness and transparency
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Integrity and confidentiality
Accountability
Breaches in data protection
Breaches may occur due to errors made by those handling the data, or by deliberate, criminal attacks.
If an organisation discovers a personal data breach it must report this breach to the relevant supervisory body within 72 hours becoming aware of it.
Maintaining information security
A business must protect data from physical risks and unauthorised access.
Businesses must implement certain controls listed below:
Accounting systems access levels - passwords that only allow authorised employees to access parts of the system.
Security controls - firewalls to protect access from outside the organisation. A firewall is a barrier that sits between a businesses internal network and the public internet.
Integrity controls - Data integrity is the accuracy and completeness of data that is held and processed by an organisation. Integrity controls are an internal part of computer applications. These are listed below:
Input controls - provides assurance that transactions are complete and authorised before they are processed by the system.
Processing controls - Data entered into the system is processed properly.
Output controls - ensures integrity of the data that is output from the system. This may be reconciling data in the system.
Cyber Attacks
Phishing - attacker sends a message to a person within the business which attempts to trick them into opening the email or attachment.
Malware - software that is often inserted into computers when attachments on pishing emails are opened or when links are clicked.
Ransomware - this is malware that locks a user out of their own information systems and then asks for a ransom to be paid to the attacker. Failure to make payment may lead to the attackers posting the business’s confidential data online.
DDoS - this overwhelms the organisations central server with huge numbers of data requests simultaneously. This causes the system to freeze up and holds the business hostage until the attackers needs are met.
Spyware - this allows the attacker to spy on its operations and gather information without beeing seen.
Keylogging - once this gets into the system it records every keystroke made by users. Hackers can then recreate these keystrokes to identify passwords and other sensitive information.
Cyber Security
Cyber Security Measures:
Firewalls
Antivirus software
Data encryption
