Potential Risks of computerized information system

Questions: 1.What is the Potential Impact of Each Risk to Fruito? 2.Recommend Which Internal Controls should be implemented by Fruito.How do these Controls Mitigate the risks you have Identified? 3.Prepare a Summary of your Findings for the CFO. Answers: Introduction The report has been made for Frutio for understanding the concept of computerized information system for the accounting operations of the company. The report would highlight the risks faced while using the information system, their impact on the business structure and provide mitigation strategies for managing the information system of the company. 1. Potential Risks of computerized information system The potential risks of the computerized information system for accounting operations of Frutio are intentional and non intentional entry of wrong data, accidental loss of data and information, unauthorized access, natural disaster, computer viruses, theft of data, and interception of process (Schneider et al., 2014). They have been explained below: Intentional and non intentional entry of wrong data: The primary issue made by person involved for entering the data about the stock ordered or delivered in the organization (Willcocks, 2013). The wrong data entered by the person in charge of the information system can be accidental and deliberate too. Accidental Deletion of data and information: The data and information of the fruits and vegetable can be lost due to the some technical issues (Li, 2014). It is possible that the file containing the data gets corrupted and deleted during the operations of the organization. Unauthorized access: The information system runs on virtual security system and it can be accessed using right means of the technology (Schneider et al., 2014). The system is prone to get hacked into for infiltrating information like name of suppliers and customers of the company. Natural disaster: The natural disaster is the most uncalled system failure that can happen any time without any consent (Willcocks, 2013). The natural disaster includes data lost by fire or any breakage. It happens without anyones initiation. Computer viruses: The computer viruses, malware, and Trojans are responsible for malfunctioning of the computerized systems (Li, 2014). It would hinder the processing of the information system for the stock information input. Theft of data: The theft of data is an external issue and it is caused by any way extracting information from the system. The rivals and competitors can extract the data from the information system using methods of hacking and phishing. Interception of process: The process of the information inputting into the system can be intercepted from outside and the result of the process would be halting of the process of data storage. Potential Impact of risks The impact of the risk factors like intentional and non intentional entry of wrong data, accidental loss of data and information, unauthorized access, natural disaster, computer viruses, theft of data, and interception of process have been explained below in the table: Risk Factors Potential Impact on the company Intentional And Non Intentional Entry Of Wrong Data Wrong data is entered Overall calculation of stock is miscalculated Accidental Deletion Of Data And Information No information for stock inventory is present Final Balance and accounts book cannot be prepared Unauthorized Access Data and information can be modified Extraction of the data from the database would result in violation of privacy (Covello Merkhoher, 2013) Natural Disaster Loss of important data and information Re-entering of the data set Computer Viruses Slowing the processing of the system Malfunctioning of the computer system Theft Of Data Misuse of the data by rival competitors Loss of customers contact information Interception Of Process Not being able to complete the data processing Growth in customers dissatisfaction due to issues in service (Joyce et al., 2016) Table 1: Risk Assessment Factors (Source: Goble Bier, 2013, pp-1950) 2.. Recommended Internal Controls and their mitigation on risks Each of the risk factors mentioned in the report have to be dealt for making sure that the information system processing for the accounting data can be done successfully (Mehta et al., 2014). The risk mitigation strategies and their operations on the risks are given below: Risk factor Risk Mitigation Control Function of the risk mitigation control Intentional And Non Intentional Entry Of Wrong Data Double Checking the data entered Wrong entered value would be detected and corrected Employing a supervisor for cross checking the data entered by the employee Wrong entered value would be detected and corrected, the employee should be dealt with Accidental Deletion Of Data And Information Keeping the data stored in a recovery platform The data deleted can be recovered Information system design should prompt permission before deleting any file The deletion of data by mistake can be avoided Unauthorized Access Password for accessing into the system No one can access the information system without the password Limiting the users into the password Chances of password being shared would become minimum Natural Disaster Data backup should be kept Data would be stored in a separate platform System should be made with auto recovery option System would be able to retrieve data automatically Computer Viruses Antivirus should be used in the system Detection and Deletion of virus and other Trojans Untrusted sites and server should not be accessed No scope for malware to inflict into the system Theft Of Data Data theft detection software must be used Theft of data can be stopped and halted Data should be encrypted Even the theft data could not be misused Interception Of Process Troubleshooting for detecting any hindrance in the process Interception can be dealt and process can be continued Process Recovery options The stopped process can be restarted with the system reboot Table 2: Risk Mitigation Strategies (Source: Prasannakumar, 2012, pp-212) 3. Summary of the report The potential risks for the information system are intentional and non intentional entry of wrong data, accidental loss of data and information, unauthorized access, natural disaster, computer viruses, theft of data, and interception of process and they can affect the processes of the organization by slowing, hindering, halting, data theft and economically bringing loss to the organization. The use of risk mitigation techniques like backup and recovery, security system, troubleshooting option, and antivirus would be helpful for supporting the information system of the organization. The tabular representation of the findings of the report has been given below: Findings Description Risk factors for Fruito The risk factors for the information system of Fruito are intentional and non intentional entry of wrong data, accidental deletion of data and information, unauthorized access, natural disaster, computer viruses, theft of data, and interception of process Impact of risk factors on the operations of Fruito The impacts of the risk factors on the operations of Fruito are wrong calculation of stock, no information for stock inventory, extraction of the data, result in violation of privacy, loss of important data and information, slowing and malfunctioning of the computer system, misuse of the data, and loss of customer. Risk Mitigation Strategies for Fruito The risk mitigation strategies include employment of a supervisor for cross checking, password for accessing into the system, data backup and auto recovery option, use of antivirus, not assessment of non-trusted sites and server, encryption of data, and provision for troubleshooting. Conclusion It can be concluded from the report that the use of above mentioned risk mitigation methods are very useful for dealing with the issues of risk factors in the organization of Fruito. The methods shown in the report would help in forming the appropriate information system solution for the organization. References Covello, V. T., Merkhoher, M. W. (2013).Risk assessment methods: approaches for assessing health and environmental risks. Springer Science Business Media. Goble, R., Bier, V. M. (2013). Risk Assessment Can Be a Game?Changing Information TechnologyBut Too Often It Isn't.Risk Analysis,33(11), 1942-1951. Joyce, D. L., Li, Z., Edwards, L. B., Kobashigawa, J. A., Daly, R. C. (2016). Predicting One-Year Cardiac Transplant Survival Using a Donor/Recipient Risk Assessment Tool.The Journal of Heart and Lung Transplantation,35(4), S58-S59. Li, W. (2014).Risk assessment of power systems: models, methods, and applications. John Wiley Sons. Mehta, H., Goedvalk, C., Barber, R. (2014). INCIDENCE AND RISK FACTORS FOR CENTRAL VENOUS CATHETER RELATED THROMBOSIS IN PICU AND DEVELOPMENT OF A RISK ASSESSMENT TOOL.Pediatric Critical Care Medicine,15(4_suppl), 125. Prasannakumar, V., Vijith, H., Abinod, S., Geetha, N. (2012). Estimation of soil erosion risk within a small mountainous sub-watershed in Kerala, India, using Revised Universal Soil Loss Equation (RUSLE) and geo-information technology.Geoscience Frontiers,3(2), 209-215. Schneider, E. C., Ridgely, M. S., Meeker, D., Hunter, L. E., Khodyakov, D., Rudin, R., ... Harpel, J. (2014). Promoting patient safety through effective Health Information Technology risk management.Santa Monica, CA: RAND. Willcocks, L. (2013).Information management: the evaluation of information systems investments. Springer