Complex Integrated Accounting Systems And Auditing

This theme editorial for the special issue is a compilation of my considered views on the state of organizational technology riskmanagement and related issues being faced by the nations, enterprises and even individuals today. The modern auditor is a complexly and eclectically educated and trained person sincemost of the professional audit organizations expect that an entrant to the profession must possess skills not only in the conventional aspects of financial systems but also in the eclectic sphere of knowledge related to the information technology and management, security and forensics, sociology of the enterprise, human perceptions and professional judgement, etc. My objective in this editorial is tomake these auditors aware about technology risk management, its impact on the enterprise internal controls and organizational vulnerabilities. Billions of dollars are spent each year on technology used to protect people, assets and facilities. International information technology (IT) security standards are identified and used to select the best technical solution for an organization’s risk and security problems. Yet security incidents keep occurring daily, and when one hole is plugged, another one is discovered! The vicious cycle never ends. Despite the technological benefits brought to security, this is one of the drawbacks technology brings to risk management and security. The impact that technology has on risk and security is exacerbated by the convergence of IT into the physical security space where the internal controls of an organization are impacted in areas such as risk management, physical security, IT security and safety. Access control systems and video surveillance are now computerized and integrated with other business systems such as human resources (HR). Technology and security have been converging for decades directly impacting risk management functions throughout the organization. At this point of the convergence trend, technology can bring new capabilities and vulnerabilities to physical security and risk management. This trend began to be noticed in the 1990s. Five star hotels started replacing their mortise locks on guest rooms with magnetic card readers. Today, we have access control systems, digital video cameras and smart cards that have become a ubiquitous part of our life. A number of factors are causing a paradigm shift in risk and security philosophy. Including the rapid evolution of the threat matrix with an increased understanding of the concept of “asymmetric” threat coupled with a growing realization of the significant operational inter-dependencies between IT and the various physical assets/processes they support (at the system, enterprise, and critical infrastructure levels). This shift is being driven by the “convergence” of IT security methods with those of the more traditional physical security methods. The impact is being felt throughout the community, but is perhaps currently most