Introduction
A small business can use many ways to protect its data. Some are complicated while others are quite simple. For example, a company may put in place physical security measures that are geared towards protecting physical stuff such as files. At the same time, a company may put in place complex measure such as use of highly technical computerized software. This measure is in line with the current developments in information technology. This means that most companies store their information and data in software form. They have, therefore developed complex systems that enable them to follow through with this crucial aspect in business. This paper looks at some of these ways to protect data, the reasons why companies should protect data and finally focuses heavily on the one largely used way of data protection. This is the design of a system, known as an Accounting information system that reliably enables companies to keep tons of information in their databases easily.
Conventional Ways of Data Protection and Security
As mentioned earlier, the most conventional way is to use physical security to ensure security. This does not only ensure security of staff, but also the security of assets. These assets include information stored in files in the company. It may not be in files, but it may be a in a computerized system. Intruders need not tamper with this system, which makes it a crucial affair to secure it. In addition, when information is stored in that computerized system, it is subject to external interferences through malpractices such as hacking. This means other technical ways are developed. The paper subsequently looks at accounting information system, which is the most widely used means of ensuring important information is secure.
Accounting Information System
Accounting information system is an interactive human interface that enables organizations to make decisions. Companies develop in form of software to help manage data. It generates information helpful in making critical decisions. These decisions include strategies, goals and cost saving procedures. The design of the software is in such a way that it accommodates each aspect of an organization that is paramount. These crucial aspects include people, procedure and processes, data, informational processing and outputs. The last thing derived from it is the ultimate advisory information that the accounting department offers to top management for efficient decision-making. The Accounting Information system follows the nineteenth century fundamental accounting principle of double entry. This principal is operational to date. This paper will look at accounting information system from a macro point of view and discuss the critical aspects it entails in detail (Carnal, 2007).
Crucial aspects of Accounting Information System
A basic Accounting information system has six parts that define it. This includes.
People
No system can work without the fundamental inclusion of operators. Therefore, when developing a system, it is of great importance that the ergonomic principle forms the central thinking area. In that sense, workers within an organization will be able to use the system to the benefit of the organization successfully. People must understand the system. It should not be too complicated for them to comprehend. A system that is hard to understand makes it extremely hard for the users to make any good use of it. Secondly, the system must make an accountants or users working experience fun. This is especially true in a world where job satisfaction is paramount to the success of organizations. Employees who find it hard to love their job experiences do little to the engineers of profits and constant revenues within an organization (Drever, Santon and McGoan, 2007).
Some of the devices used in an internal Accounting information system include the output, input and processing devices. Some of input devices include scanners, personal computers, fax machines. Process machines are software installed in the hardware. An employee uses these tools to engage the system to come up with meaning full data. If the whole process is frustrating, the output may not be conclusive enough which may make an organization have a problem with decision-making and strategy (Liyanarachchi, 2008).
Procedure
This is the manner in which to use the Accounting information system as a whole to help an organization through the top management make informative decisions. It covers a broad category of the fundamental accounting, which include keeping, and making records to complex organization strategic planning and management. The procedure can be categorized into three parts. This includes:
Financial reporting
In this category, all transactions that are part of the organization are captured.
For financial statements to give a true and fair view, they must possess the most important qualitative characteristics. The International Financial Reporting Standards (IFRSs) clearly gives the major characteristics that financial statements must possess for them to give a true and fair representation. It is important to note that an entity’s stakeholders include its customers, creditors, its owners, the government and investors. Content related characteristics and presentation related characteristics form the two major categories of qualitative characteristics. Relevance and reliability make up the content related characteristics. Relevance means that the given information shown on the financial statements should be good enough to influence a stakeholder’s decision. Relevance draws from the materiality principle. It also means that the people involved should find it important to them. This includes stakeholders, managers and the public who may have interests of investing in the company (Liyanarachchi, 2008).
Development
Developing an Accounting information system is an all-inclusive procedure that requires the input of every stakeholder in the company. It requires money and hence budgetary allocation and it requires every employee to have positive thinking. Positive welcome is important so that it is met with the manner required to be effective. It has five phases of development. I will outline each one of them here below:
Planning
Many Small and Medium sized enterprises plan before rolling out any Accounting information system. This is important to ascertain the amount that may be required to make it come to conclusion fully. It is also important because it helps a company to incorporate its structure and culture into the system wholly. This ensures that the company does not go through an overhaul in the name of adopting an Accounting information system. It also ensures that the company maintains its identity (Hooper et al. 2008).
Data Analysis
The company must make a comprehensive data analysis outlook to ascertain the amount of data that it is handling. This will largely be the determiner of the size of the accounting information system. A company or a small medium enterprise that handles many data requires a comparatively large accounting information system than a small company. It also requires a huge budgetary allocation to ensure that it successfully adopts the automatic system (Carnal, 2007).
Decision Analysis
An accounting information system should incorporate other things apart from data analysis. An individual manager is responsible for a small docket for which daily decisions are made. This means that he has to have a system that supplements his decisions or the process of his decision-making. Therefore, before development, the project must incorporate each supervisors and managers capability to continue making critical unit decisions (Campbell, 1998).
Process Analysis
In most cases, organizational processes are captured for data that a company has. However, some processes need not be captured in data. This information must be catered for in the development of the accounting information system. This includes the value of the brand and the other not physically measurable additions to accounting.
Design
The design of the accounting information system must take into consideration many things as may have been discussed earlier. However, in most cases, all those parameters are not easily captured by the whole system. However, an accounting information system should supplement organizations operations and not stall them. The designing of the system should capture the overall accounting policy of an organization without perceived or real biasness emanating from employees. It should not be seen to relieve others of duty while taking more responsibility to others. Rather, it should act a motivational builder (Liyanarachchi, 2008).
The design of the whole system, subsequent implementation and usage should go through process and should capture relevance. Being a costly adventure means that it should be implemented in stages. Internal controls should be put in place to safeguard data. Data loss should not be an option and should be curtailed. It should also be the responsibility of management to have better ways and software to make this a success effectively (Elliot and Elliot, 2004).
Advantages of Accounting Information System
It automates most of the operations of the accounting department. This makes both data entry and retrieval an easy task. If w implemented, the system can act as protective shield against data losses. This may be frequent in manual organizations. This is because it may be easy target for sabotage, may be vulnerable to physical hazards such as fire and water which may permanently damage them. It is also a crucial cost saving procedure in the end if well implemented and installed (Campbell, 1998).
Disadvantages of Accounting Information System
It is a rather costly affair for small and medium sized enterprises. This is because it takes up a huge chunk of capital outlay, which may not be affordable by such organizations. It is also not consistent with growth of the organization especially if not futurist in nature. It means an organization may have to come up with a wholly new system when the organization grows further which means other costs. The employees in an organization may not take it up well, which may cause temporary halt in the usual operations of the organization. The company may also require some training fees for the operations of the whole system to the advantage of the company.
Importance of Safeguarding Information
Information is the central operating point of any organization. Without relevant information, a company is a shell. Employee’s records, stock records, supplier’s records and many other stakeholders’ information and raw data need to be captured to enable a company to make relevant decisions. Companies use information to develop strategies and goal. These are the decision points from which the organization can advance these strategies.
Just as big companies need to preserve information, it is also important to safeguard information in small business enterprises. It is unreasonable to live in a vacuum. That is, not to keep information means a company may not know where they are coming from or headed. For standardization and benchmarking purposes, it is crucial to store information that can help us to work out such benchmarks and standards effectively. Information gives company efficiency. This is especially if it well managed. This makes it easily accessible and retrievable. Making of decisions for example where upstream and downstream supply chain sides are involved, requires almost timely information. Supplier and customer evaluations also require much information processed over time to ascertain some key facts and aspects. This is not a reserve of the developed companies. It is a fundamental requirement of each company to have such storages.
A company like Toyota invests a lot of money in market research and overall research. This amounts to billions of dollars in a year. If information were not that important, it would make no sense at all to invest that much to acquire it.
The current world has an educated lot. These people are from the market for both blue chips and small companies. The global market is also sophisticated. Companies need to understand these markets now than ever before. This will increase the need to custom make products specifically designed to meet the needs of such markets. This is only possible if the company is willing to get out there to get information.
Network Security
This refers to safeguarding of information contained in systems that are computerized. In the current world of e business, almost every aspect of business is done electronically. This includes acquisition of raw materials (e ordering), sale of goods and products (e transactions) and more importantly e payments. This includes wire transfers of money from one point to another. This means that companies need to come up with better ways to safeguard this information flow (Carnal, 2007).
Cyber security is major investment are for almost all companies. Small companies are not left out because they also have gone high Tec to attract a wider market for their products. Hackers are everywhere. They attack even the most sophisticated or perceivably complex sites such as the Federal Bureau of Investigation and the Criminal Investigation departments of the government. With many more people embracing web technology even in third world countries, it has become paramount to safeguard information. Companies need to routinely update their software to make it up-to-date and capable to detect malpractice (Carnal, 2007). The concept of cyber security will be there and will continue been complicated and sophisticated as time goes by. Some companies have shifted from mortar companies to virtual companies. The systems are and will continue to integrate and merge. This will create a dependency that will trigger an even greater need to secure information. Competition has to be regulated to shield companies from unsavoury rivals who may be out there to sabotage another’s information (Liyanarachchi, 2008).
Business information is as sensitive as the business itself, as it is what essentially makes it in the first place. Critical information that defines the business as well as day to day operations are contained in specialized databases that are aimed at providing specific information needed by the various users of such information. This essentially points to the fact that these businesses have to have put in place information systems, which can be either manual or computerized. Whatever the case, there is dire need to ensure that information is secure to ensure that the business is not compromised in any way.
However, it is vital to note that most information for businesses today is computerized, and therefore this document seeks to address how to safeguard such information. Information systems that are the carriers of the entity’s information need to be under a specific person who with authority to manipulate the contents of the databases. This person is the system administrator, and is responsible to ensure that the information entrusted to him or she is as secure as possible.
There need to come up with a firewall and proxy that allows only authorized access to sensitive information within the system. The system administrator gives certain levels of privilege to various system users who have user identities and corresponding passwords. Depending on the level of user privilege, they are able to access information that would enable them perform specific operations as well as make alterations as may be required. This firewall may also provide for extra security measures that ensure tracking of system users such that the system administrator will have a record of the various users and what their activities were especially with regard to the business’ data and information.
Use of firewalls and proxy may not be effective where the system users can access passwords and thus putting the business’ information at risk. Encrypting sensitive business information therefore becomes critical, as it ensures that only persons with decrypting codes can access that particular information. Encryption ensures that information that is potentially damaging or costly should it fall in the wrong hands is meaningless to those persons should they find it. The information system may therefore be vulnerable, but the information therein secure. The nature of encryption mainly depends on the expertise of the programmer and the requirements of the business as vested on the system developers and administrators.
Use of the system’s information by different users may require use of the internet, and this exposes it to damage from such vices as worms, viruses and malware. It is therefore prudent for the business to procure credible antivirus software that would protect the information from damage. If the system were contained in a network, it would be necessary to ensure that the corresponding computers in the network have the specified company’s security requirements. Further network security is ensured by taking physical measures by ensuring the physical location of the network hardware and the information system. Intranet enabling also discourages access of information from the business by external parties. This enables the setting up of security cameras that also enhance monitoring the systems. A secure network ensures that the business is able to concentrate on its operations without worrying about the security of their information.
References
Brimson, J. A. (2010). Activity Accounting: An Activity-based Costing Approach. London: John Wiley and Sons.
Campbell, D. (1998). Organizations and Business Environment. Oxford: Legoprint.
Carnal, C. (2007). Managing Change in Organizations. Essex: Pearson Education.
Deegan, C. & Samkin, C. (2009). New Zealand Financial Accounting. Auckland: McGraw Hill.
Drever, M. Santon, P. & McGoan, S. (2007). Contemporary Issues In Accounting. Australia: John Wiley.
Elliot, B. & Elliot, J. (2004). Financial Accounting and Reporting. London: Prentice Hall.
Hooper, et al. (2008). Conceptual Issues in Accounting: A New Zealand Perspective. Melbourne: Cengage Learning.
Hooper, K. Davey, H. & Presscot, S. (2009). Conceptual Issues In Accounting:A New Zealand Perspective. Melbourne: Cengage Learning.
Liyanarachchi, G. (2008). Creative Accounting and Professional Development. Melbourne: Cengage Learning.