Identify risks for information systems that rely heavily on IT functions 1) Risk to Hardware data Terms Reliance on the

functioning capabilities of hardware and software. Explanation Without proper physical protection, hardware or software may not function or may function improperly. Therefore, it is critical to physically protect hardware, software and related data from physical damage that might result from inappropriate use, sabotage or environmental damage (such as fire, heat, humidity or water). Reduced human involvement

the traditional ability to compare output information with hard-copy data.

In many IT systems, employees who deal with the initial processing of transactions never see the final results. Therefore, they are less able identify processing misstatements. Even if they see the final output, it is often difficult to recognize misstatements because the results are often highly summarized

Lack of traditional authorization

Systematic versus random errors.

When organizations replace manual procedures with IT-based procedures, the risk of random errors from human involvement decreases. However, the risks of systematic errors increase because once procedures are programmed into computer software, the computer process information consistently for all transactions until the programmed procedures are changed. Without proper online restrictions such as passwords and user IDs, unauthorized access may result in improper changes in software programs and master files.

Advanced IT systems can often initiate types of transactions automatically, such as calculating interests on savings accounts and ordering inventory when pre-specified order levels are reached. Therefore proper authorization depends on software procedures and accurate master files used to make the authorization decision.

3) Need for IT experience and separation of IT duties

Reduced separation of duties

Computers do many duties that were traditionally segregated such as authorization and recordkeeping. Combining activities from different parts of the organization into one IT function centralizes responsibilities that were traditionally divided. IT personnel with access to software and master files may be able to steal assets unless key duties are segregated within the IT function

Unauthorized access

IT systems often allow online access to electronic data in master files, software and other records. Because online access can occur from remote access points (for e.g. through the Internet) there is potential for illegitimate access.

Need for experience

IT

Many companies create an entire IT function or outsource it from outside so that they can have access to IT personnel with knowledge and experience to install, maintain and use the system. The reliability of an IT system and the information it generates often depends on the ability of the organization to employ personnel or hire consultants with appropriate technology knowledge and experience

Loss of data.

Much of the data in an IT system are stored in centralized electronic files. This increase the risk of loss or destruction of entire data files that can potentially lead to misstated financial statements and serious interruptions of the organizations operations.

. 2) Reduced audit trail

Visibility of audit trail

Because of much of the information is entered directly into the computer, the use of IT often reduce or even eliminates source documents and records that allow the organization to trace accounting information. These documents and records are called the audit trail. Because of the loss of the audit trail, other controls must be put in place to replace