Information engineering had leaped into the twelvemonth 2008 and its still traveling frontward dramatically with multiple technological promotions by the usage of computing machines ( Joe Bartling ) . This turning tendency through media attending has besides given birth to assorted menaces and multiple security steps that had to be put in topographic point to safeguard the information in the computing machine or instead the computing machine itself from being harmed ( James P. Anderson, 1980 ) . A series of instances affecting computing machine fraud ( Mike Savage, 2007 ) , computing machine imaging counterfeit ( Jessica Fridrich, David Soukal, and Jan Lukas, 2003 ) , harm to informations or plans ( Nicholas Weaver and Vern Paxson, 2004 ; Brent Kesler and Heather Drinan, 2006 ) and unauthorised entree or interception of protected information into the incorrect custodies, had been continuously reported to day of the month ( Craig S. Hannaford, 1995 ; Robert Richardson, 2007 ; Micheal Orey, 2008 ) .
There were many cardinal factors identified as menaces for computing machines ( Deborah Beard and H Joseph Wen, 2007 ) . These factors were highlighted as grounds for computing machine offenses that are go oning today ( Todd Walter ) . Harmonizing to the one-year study carried out by Computer Security Institute ( CSI ) in United States of America on early January 2007, indicated that “ consumer focused offenses ” were skyrocketing ( Robert Richardson, 2007 ) . Threats were identified and graded in coloring material coding viz. in ruddy, orange, xanthous, bluish and green to bespeak its criticalness from terrible to moo watchful system to ease their acknowledgment ( Deborah Beard and H Joseph Wen, 2007 ) . But how do we truly look at this and place the menaces to safe guard and procure the information from an comptroller ‘s position?
Diving deep into the deepness of the fiscal universe, it is really good known that computing machines are accepted as a really indispensable tool in concern and presently a major corporate informations Godhead ( Greg Glynn, Pearse Ryan, Dan Quealy and Andy Harbison, 2004 ) . Nowadays, everything is in an electronic format where computing machines are seen as the most the indispensable tool in corporate sector ( Maria M. Yip and Gina Masi, 2008 ) . Each and every fiscal information is created, retained and processed, utilizing a computing machine ( Arthur Cox, 2004 ) . Gone were the yearss where accounting fraud is committed on paper. Are fiscal establishments able to place and pull off the fraud committed on computing machines? The chief issue here is that, are they truly able to take security steps to battle computing machine fraud? The whole security mentality had shifted its class after the 9/11 incident in New York City ( Marcus Corbin, 2003 ) .
Identifying computing machine fraud is frequently a complex event. However, it all started with chiefly cognizing the hazards involved in it ( Carmina Hughes, 2006 ) . The footings “ No Risk, No Business ” ( James Allan, 2007 ) and “ Security is Everyone ‘s Business ” are really good known in the concern age today. These hazards continue to alter harmonizing to clip and it evolves into forms harmonizing to the engineering utilized ( Carmina Hughes, 2006 ) . Uncontrolled use of illumination electronic devices such as PDAs, USB sticks or even iPods produces hazards to the fiscal industry ( GFI Solutions, 2006 ; Robert Richardson, 2007 ) . Hazards are normally identified either both possible untechnical such as societal technology ( Collen Rhodes, 2007 ) where a user is tricked to execute actions and made to uncover sensitive information, and proficient such as malicious codifications of viruses, worms and Trojan Equus caballuss by about all security experts ( Mike Savage and Mario Fazekas, 2002 ) .
A batch of steps were taken to procure a company ‘s fiscal information therefore forestalling it from leaking out into the incorrect custodies or instead to incorrect intellectuals who are of all time willing to take advantage of it ( Qureshi, Anique A. and Siegel, Joel G. , 1997 ) . There are mountains of managerial issues being brought up everyday related to this. The chief inquiries are ever “ Have we budgeted plenty for security? ” ( Marcus Corbin, 2003 ) . Then another inquiry will originate, “ What are the cardinal factors in set uping a strong security for accounting? ” ( Gil Sadka, 2006 ) . Both of these inquiries were answered diligently and with an comprehensive attack of placing all the assorted key values which are required by comptrollers, hearers and directors ( Qureshi, Anique A. and Siegel, Joel G. , 1997 ; Deborah Beard and H Joseph Wen, 2007 ) .
However, to day of the month, a batch of research and surveies had been carried out and elaborated in the fiscal and managerial point of position. It is really indispensable to analyze on both the operational and the administration construction of a company to originate security development due to its complexness and diverseness and at the same clip actuating a healthy secured fiscal direction growing. An in deepness accounting attack is required to understand the true significance of fiscal accounting security through computing machine engineerings.
In this current doubtful universe, which shadows fraud, misrepresentation, greed and self-importance, a little hint of unethical behavior or malpractice may be classified or clustered as cheating. This is made worst by the debut and the domination of the ever-fast turning computing machine engineerings. Computer technologies had taken over the everyday fiscal accounting direction by the usage of criterion and customised package ( Deborah Beard, H. Joseph Wen, 2007 ) . A job of human interface fraud is by and large acknowledged and accepted but may non usually viewed upon really earnestly due to assorted grounds such as personal motivations or safe guarding an administration ‘s involvement on its fiscal position. Even the authorities Torahs and statute laws are taking the necessary stairss to forestall this kind of computing machine fraud due to development in computing machine engineering.
Through uninterrupted surveies and drawn-out research, it is known that when package is incorporated into the fiscal accounting, the chief intent was to heighten fiscal direction capablenesss ( Michael Russell, 2007 ) . The other intent was to enable faster, better informed determination devising ( Michael Orey, 2008 ) , doing information readily available to further employee coaction ( Ellen Zimiles, Michael Bowman, 2007 ) and to do it easy and simple for an comptroller or to an hearer ( Brent Kesler, Heather Drinan, 2006 ) .
A new attack is deemed necessary to place and put down the known factors in fiscal accounting, which subsequently related to computing machine engineering.
Aim OF THE RESEARCH
This research will look into the possibilities of fraud in fiscal direction, the maltreatment of fiscal package to perpetrate fraud and other unethical action, which could impede an honorable fiscal comptroller and hearer from executing his responsibility.
The primary aim of this research is to name down all the possibilities of computing machine fraud in relation to fiscal direction and accounting. Other aims are to place the key countries where this fraud could take topographic point in an administration and to foreground all necessary steps to forestall this computing machine fraud by agencies of computing machine security.
Scope OF THE STUDY
The range of this survey is based on several published diaries and articles, which are used as the footing for this research survey. Other mentions utilised are such as web sites, assorted newspapers and publications. The chief intent of this survey is to hold an overview of the rules involved in the fiscal information – direction accounting and its resources with computing machine engineering. The deduction of computing machine fraud in accounting is the chief range of this survey.
A study was conducted in a voluntary footing at Kuala Lumpur International Airport, Sepang, Malaysia, peculiarly in the Engineering and Management division of Malaysia Airlines Berhad. A group of executives who were straight involved in fiscal direction within their subdivisions were identified as samples.
The ground being is that due to the complexnesss of is fiscal direction and accounting systems integrating computing machines and mainframe server. This system is maintained by an outsource seller, IBM.
The subdivisions in the Engineering and Maintenance division of Malaysia Airlines were identified for this survey was:
Maintenance Control Centre ( MCC ) ,
Apron Servicing Unit ( ASU )
Apron Support Group ( ASG )
Land Services Equipment ( GSE ) and
Aircraft Maintenance Unit ( AMU )
This survey was conducted chiefly on fiscal and accounting direction where computing machines were the primary tools. With the known collected informations from a study conducted, an analysis is made on the findings. Each participant stand foring each subdivision is treated as a fiscal representative or fiscal hearers.
All the related diaries and published articles were reviewed comprehensively and related to the findings on study conducted.
One of the most of import duties of an comptroller of a company is to guarantee the security and quality of its IT-enabled activities ( Ellen Zimiles, Michael Bowman, 2007 ) . Security direction tools and policies are browsed through to guarantee truth, unity, and safety of the information system and resources of the company. Therefore, hearers today are confronting tremendous challenges from all waies. It may be from the auditing criterions, authorities statute laws, company policies and public ( Deborah Beard and H.Joseph Wen, 2007 ) .
The conducted study was divided into 2 bomber subdivisions which were the designation of computing machine related challenges in accounting and finance direction and identifying and analyzing the current security steps and suggest betterment if required within the related field.
The initial portion of the study was to specify the consciousness of challenges of computing machine offenses in accounting activities. A series of questionnaires were prepared to estimate the consciousness and challenges faced when utilizing computing machine engineering for an comptroller or a fiscal personal.
In the 2nd portion, the findings on portion one was defined to seek the underlining security steps required to safe guard an comptrollers ‘ fiscal information and therefore suggesting a better security step if necessary, harmonizing to their demands.
With this accumulated information, a list of challenges and security steps were prepared. This list was so compared to the current published diaries and articles for theoretical support and cardinal demands.
DISCUSSION, ANALYSIS AND FINDINGS
Fraud may be classified as larceny, privacy, and transition to personal addition of another ‘s money, physical assets or information ( Craig S. Hannaford, 1995 ) . This may farther deduce into two sub classs. First is the embezzlement of assets, in other words, defalcation or internal larceny. Second is the misstatement of fiscal records such as net incomes direction or deceitful fiscal coverage ( Marshall B. Romney and Paul John Steinbart, 2003 ) .
When looking deeper into the nature of computing machine fraud there are two beginnings, either internal or external beginnings ( Jaikumar Vijayan, 2007 ) . For the internal point of position, the input use, plan use or end product use could be classified as computing machine fraud. On the external point of position, in most instances are conducted by person outside the company who had gained unauthorized entree to the computing machine ( Qureshi, Anique A and Siegel, Joel G. , 1997 ) .
There are considerable sum of attempts had been taken by many comptrollers to cut down the exposure to such event, its ne’er plenty. A weak computing machine security and deficient internal control will ensue in addition of menaces to an administration. ( Anique A. Qureshi and Joel G. Seigel, 1997 ) .
A few events that should be reviewed earnestly are:
Intercepted communicating lines ;
Illegal informations transportation or electronic information larceny ;
Unintentional information mistakes due to virus onslaughts ;
Carelessness and carelessness ;
Sabotage by dissatisfied employees or rivals ; and besides
We can ne’er run off from intelligence and publications sing computing machine related data mistakes, wrong fiscal information, larcenies and possibly sabotage. Questionnaires prepared for the selected topic for the portion one is as indicated below. Each and every voluntary were required to reply candidly and in item.
Do you hold sufficient computing machine security?
What are the failings of your system? What disciplinary action is required?
What are the strengths in the system?
Does your work process and policies documented enhance secured procedures?
Is confident or sensitive information stored in your computing machine?
Do you believe that your computing machine is vulnerable for computing machine offense onslaughts?
The findings for the first portion of the study were amazing. The findings for each inquiry were treated every bit confidential as possible. Table 1 shows the consequences from the portion one of the studies conducted in Malaysia Airlines – Technology and Maintenance Division in Kuala Lumpur International Airport.
Findingss are elaborated below
Findingss are elaborated below
Table 1: Consequences of Part 1 of the Conducted Survey on Accountants and Financial Executives
Question 1 ‘s determination was clearly reflects that 95 % of the users were contented with the current security characteristics in the system. A sum of 4 % were incognizant of the advanced built-in security characteristics in their package and 1 % were non happy with the current security degree within their subdivision of their work.
The findings on inquiry 2 on failings in the system were acceptable. By and large, the fright of losing of import informations, virus onslaughts, informations larcenies and induced mistakes were highlighted. As a disciplinary action, the findings were that both physical security and informations security is required and improved.
Physical security such as concern, equipment and forces were considered the chief defensive mechanism in protecting the computing machine ( Joel G. Siegel, 1997 ) . The important concern of informations security, truth, unity and privateness was labelled at a really high importance.
Question 3 ‘s findings were more related to the current available characteristics in the computing machine system such as watchword control, user designation, magnetic swipe card for private informations entree and clip logging characteristics that was inbuilt within the system.
Question 4 ‘s result was 80 % agrees with their current work policies and processs are security enhanced. 19 % of them were unaware of the stableness of the security system due to the complexness and the frequent ascents of the fiscal direction package. 1 % of them felt that the current policy does non safe guard their private informations from being accessed from elsewhere if one is managed to log in into the system.
The findings for inquiry 5 clearly indicate that 95 % of the computing machine utilised by both comptrollers and fiscal executives were hive awaying sensitive information. 6 % of which did non hold any sensitive informations stored in their computing machine system and 2 % were non cognizant about the sensitiveness informations stored in their computing machine or waiter.
Question 6 ‘s determination was a assorted consequence where merely 75 % of the comptrollers and fiscal executives agree that their computing machine is prone for virus onslaughts. 20 % from the remainder were confident on the current security characteristics installed. 5 % of the remainder were non willing to notice upon this inquiry due to the ever-growing computing machine engineering and frequent new virus onslaughts throughout the Earth.
The findings of this study in overall had opened an avenue for betterment within the administration. It had been observed that security of a networked administration is a major direction challenge. Many companies are still fighting to acquire to the full connected to the web, or even the Web and the Internet for e-commerce, and reengineering their current internal concern procedures with intranets, e-business package, and even connected to the clients.
This requires a assortment of security tools and defensive steps, and coordinated security direction programme. These defense mechanisms are really important such as encoding, firewalls, Denial of Service Defences, e-mail Monitoring and Virus Defences ( Craig S. Hannaford, 1995, Deborah Beard and H. Joseph Wen, 2008 ) .
Other security steps can besides be briefly looked into are both hardware and package tools such as mistake tolerant computing machines and security proctors, and security policies and processs like watchwords and backup files.
A fast turning country of computing machine security presents is biometric security. This type of security steps provided by computing machine devices detects and step physical traits that make each single unique such as dynamic signature confirmation, face geometry, finger scan, manus geometry, inactive flag scan, retina scan and voice print.
Other country that an administration should look upon is the instruction of consciousness of ethical duty in concern. The greater the computing machine security engineering, the greater the stableness of the user should be in manning it. Ethical motives and moral values are really indispensable in this facet.
The overview of information security rules were listed clearly into seven constituents ( Craig S. Hannaford, 1995 ) which are:
Administrative and organizational security
Physical and environmental security
The demands of policies in topographic point will supply a secure environment, forestalling and computing machine felon to transport out his unethical behavior ( Jaikumar Vijayan, 2007 ) .
Accountants require new advanced accomplishments to incorporate their ability into the computing machine engineering promotion in future ( Deborah Beard and H. Joseph Wen, 2008 )
It has been highlighted that the study was conducted merely in a little graduated table, carefully selected persons within the administration. A group of fiscal executives and comptrollers with the Engineering and Maintenance division of Malaysia Airlines were manus picked to volunteer and this does non warrant the agencies of force what so of all time.
Furthermore, this study was non unfastened to assorted computing machine systems and other package in the market for comparing. The study consequence were merely catered for the intent of survey within the administration and the result may be taken into consideration by the direction to heighten computing machine security and protect its sensitive, confidential information from being stolen or mishandled by its ain staff.
A really short timeframe was available to carry on the study. This is even hindered by the mid month date line issues which were brought up by the comptrollers and the fiscal executives due to their heavy work load. The computing machine system utilised within the administration could non be disclosed due to confidentiality.
Computer frauds and information engineering related offenses do go on and it is foreseen that the figure of these types of offenses will distribute wish mushroom as the complexness of the computing machine engineering grows. As an comptroller or a fiscal executive, one may be prone to indulge into fraud by the lecherousness for money, power or personal societal position. An Accountant should continue his believes and moral moralss to safe guard sensitive informations or information from falling into the incorrect custodies.
An administration must look into upgrading their security systems and should protect their informations unity the best manner they can afford. The major manner to contend computing machine fraud in fiscal direction will be through consciousness and moral or ethical instruction. Then, as the complexness of computing machines grows, an administration should put upon the substructure and skilled forces to keep the security up to the needed degree. This will non merely protect an administration but besides will halt fraud from go oning in future.