Abstract
Security review entails a few aspects to be successfully installed they are. Internal control also has five principles that govern it; they include control environment, risk assessment, control activities, information and communication, and monitoring. These factors determine how good the security measures of a corporation are going to work.
Keywords
Security review, process control, access controls, environmental controls, maintenance procedures, file security, hardware controls, recovery and restart and finally internal controls
Introduction
Security review is essential to be undertaken in every corporation. This ensures that at no point will the corporation’s strategies be compromised. Evaluating on the paper, we get to see how these security measures are undertaken by a bank to ensure that they offer quality service and safety to both their customers and employees.
Processing Controls
Working as an accountant at a bank in our region. I witnessed some processing controls put in place to ensure that one can only access the files they were authorized to do so. The bank clerk through the intellect information working stations recorded each transaction done. Each transaction has a workstation code. As well, it contains the name of the employee who did the transaction. This gives an account of each transaction made. Employees are restricted to access to other files other than their own. This ensures that one will not be able to access other employee’s data without permission.
Access Controls
All doors were highly secured. On could only have access to rooms using the employee’s card of which not all tickets can open all doors. This means that each employee is restricted to his or her area of expertise only. In case there is a visitor, they were required to indicate their visiting purpose and to whose office they were going to mention the time sign in and leave there identity card, which they will collect right after signing out. Information and operation center was only accessible to a few personnel. For one to access the room, one was required to put a fingerprint. This was a recommendable security measure.
Environment Controls
The bank has put in place policies that have indeed made an impact when it comes to the environmental controls. To eliminate fire incidences, there is a team of staff members who are responsible for checking the wiring and electrical circuits each day to ensure that everything is intact. There is also fire alarm that immediately goes off when there is a detection of any smoke. The power automatically goes off when the fire alarm is switched on; this prevents the fire from spreading and incurring too much loss. Portable fire extinguishers are also placed in every room and corner of the building. Most materials used in the bank are inflammable to reduce the chances of fire. Back up of all information is done; therefore all data can be retrieved when needed. Smoking is also not allowed on the premises.
Maintenance Procedures
Similar to what the electricians do to avoid fire hazards, technicians are also required to do a checkup twice a day to ensure that work goes on efficiently. In any case, there is a default then back up equipment reinstalled immediately. The equipment are frequently upgraded to provide that the bank’s technology is not outdated. Technology advancements are essential; it makes work even more accessible. The manager is required to check the reports of the technicians and engineers daily. These help the managers keep an account of how the other offices are running.
File Security
The files of the banks are stored in a room accessible by two librarians only. This includes employee’s confidential data records title deed and all other equipment possessed by the bank as well as the files that clients want to be kept safe by the bank. The passwords are regularly changed to ensure there will be no access to the room by anyone else. The place is also designed in a way that is fire resistant. At no point can fire be able to destroy the room. There are minimal electrical activities taking place in that room to avoid any fire hazards. The records of the bank are filed daily.
Hardware Controls
The hardware controls that were put in place controls both the online and offline services. The can be switched at any time in case of failure of equipment and still work efficiently. All other marginal apparatus can also be used. This ensures that there is no time lost. As well, no information is omitted during the technical hitch. The secondary equipment included drives,
Recovery and Restart
In case of an abrupt shutdown of material due to power out or anything else, then a backup generator immediately powers on when this happens. There is communication passed to the operating room to restart and recover both saved and unsaved files instantly. The library releases all the records requires to the respective recipients. The manager, however, has to allow this transfer to occur and ensure that only data needed are released. If there were any file destroyed, its recovery would take at least two to three days to be fully processed.
Part 2:
Internal Controls
Based on the COSO framework, there are five principles of internal auditing that help in internal controls. They include control environment- the bank had some policies that governed its ethics and values. This ethics and values played a significant role when it comes to competence. The board of directors was responsible for making sure that there are strategies in place to make the bank more competent compared to others. Risk assessment- On this principle, the bank made sure that it had clear objectives to be able to achieve their goals. The bank also had a procedure in which they identify the risk and do an analysis on how to control them when they occur. The strategies of the bank were flexible to any change because change is bound to happen.
Control activities- The bank was able to apply the change management effectively as well as the backups strategies were always successful. The security of the bank was intact and well put in place. The bank was also able to outsource some employees in case of an urgent matter that needed to be taken care of within a small period. Information and communication- Communication was effectively passed to the employees, and this resulted in work efficiency. Monitoring- the management had the upper hand in their supervision, and this was very recommendable. The assessments done showed that the employees were working very hard to make sure that the bank’s objectives were achieved. Reports on what was lacking were always communicated.
Conclusion
The bank has ensured that the strategies put in place have catered for the employees and their client’s safety. This has made a significant improvement in the bank’s success. However, there is still some of the things that might continue pulling them down. The fact that the bank sort, when there is an urgency in some matters, makes it very risky in terms of safety. Therefore the bank should ensure that they have enough staff members that will be able to take care of an emergency when it occurs.
References
Soh, D. S., & Martinov-Bennie, N. (2015). Internal auditors’ perceptions of their role in environmental, social and governance assurance and consulting. Managerial Auditing Journal, 30(1), 80-111.
Mihret, D. G., & Grant, B. (2017). The role of internal auditing in corporate governance: a Foucauldian analysis. Accounting, Auditing & Accountability Journal, 30(3), 699-719.
O’Leary, D. E. (2018). Big Data and Knowledge Management with Applications in Accounting and Auditing: The Case of Watson.
Li, C., Raman, K. K., Sun, L., & Wu, D. (2017). The effect of ambiguity in an auditing standard on auditor independence: Evidence from nonaudit fees and SOX 404 opinions. Journal of Contemporary Accounting & Economics, 13(1), 37-51.