INFORMATION RISK AND IT-ENHANCED INTERNAL CONTROL (STUDY OBJECTIVE 3)
As business environments become more complex, the possibility of receiving unreliable information increases. Information risk is the chance that information used by decision makers may be inaccurate. Following are some causes of information risk:
- The remoteness of information. Decision makers are typically forced to rely on others for information. When the source of the information is removed from the decision maker, the information stands a greater chance of being misstated. A decision maker may become detached from the source of important information due to geographic distances, organizational layers, or other factors that are often associated with a company's growth.
- The volume and complexity of the underlying data. As a business grows, the volume and complexity of its transactions increase. This tends to increase the chance that misstated information may exist undetected.
- The motive of the preparer. Those who prepare information may have goals different from those of the decision maker. As a result, the information may be slanted in favor of a particular viewpoint or incentive, which impacts its presentation and decision-making usefulness.
The most common way for decision makers to reduce information risk is to rely upon information that has been audited by an independent party. Because information users generally do not have the time or ability to verify information for themselves, they depend on auditors ...
Get Accounting Information Systems: The Processes and Controls, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
