Comprehensive Analysis of Information Security and Storage Systems

Verified

Added on 2022/10/14

AI Summary

This report provides a detailed analysis of information security and storage systems, beginning with a comparison of desktop-based and cloud-based computerized accounting systems, highlighting the advantages of cloud systems. It delves into the Australian Privacy Principles (APPs), describing each principle and providing practical examples of how organizations can comply with them. The report also addresses the Notifiable Data Breaches (NDB) scheme and its implications for bookkeepers, emphasizing the importance of data protection. Furthermore, it covers essential pre-set configurations for accounting software like Xero, key features of source documents, and methods for ensuring data security. The report concludes by underscoring the significance of confidentiality and integrity in information security policies, as well as the need to securely manage and dispose of sensitive data.

Running head : INFORMATION SECURITY AND STORAGE SYSTEM
Title : Information security and storage system
Name Of the student :
Name of the college:
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1INFORMATION SECURITY AND STORAGE SYSTEM
Table of Contents
Activity1.....................................................................................................................................2
Activity 2....................................................................................................................................2
Activity 3....................................................................................................................................5
Activity 4....................................................................................................................................6
Biblography................................................................................................................................7

2INFORMATION SECURITY AND STORAGE SYSTEM
Activity1
1.
Features of desktop based computerized accounting system:
1. Speed – when a computerized accounting system is used, accounting data is processed
faster than manual accounting system, as computers takes a lot of less time compared
to humans in performing the task.
2. Accuracy – in a computerized accounting system the chances of errors are reduced as
the primary data is entered one time for all the processes and next to next usage in
preparing the accounting reports. In manual accounting system, errors occurs as the
same set of accounting data is been posted many times, while preparing different
types of accounting reports.
3. Reliability – the computer system is well accustomed in performing same task again
and again. It is not subjected to fatigue, boredom or tiredness, unlike human beings.
Computerized accounting system relies more on computers, they are more reliable
than manual accounting system.
4. Updated information – in computerized accounting system, the accounting records are
updated whenever any accounting data is put and it is stored. Hence, the latest
information related to accounts are always ready whenever accounting reports are
printed and produced.
5. Automated Document Production – all the computerized accounting systems have
fixed and user defined format of accounting reports that are produced automatically.
In a computerized accounting system , accounting reports like Trial Balance, Cash
Book and Statement of accounts are produced within seconds.
6. Storage and Retrieval – the accounting data, in computerized accounting system are
stored in such a way that does not require a huge physical space, as the data are stored
in floppies, CD- ROMs and hard – disks which take a fraction amount of physical
space compared to the accounting registers like journal, ledger. The computerized
accounting system allows fast and correct retrieval of information and data.
2.
Advantage of using cloud accounting system over computerized accounting system is the
access of data from anywhere. Anyone can access the information and data wirelessly and
from any location. One needs to have internet access and any kind of electronic device to
login the system securely and after completion of the task, securely log out of the system.

3INFORMATION SECURITY AND STORAGE SYSTEM
Activity 2
1. APP 1 – Open and transparent management of personal information –
This principle makes sure that APP entities handle individual information in
an transparent and open method. The entities should follow the Australian Privacy
Principles and a registered APP code that binds the entity. That would enable the
entity to handle complaints or questions pertaining to the compliance of the APP or
the codes. An APP entity should have clear and updated policy about managing the
personal information by the entity.
2. APP 2 – Anonymity and pseudonymity –
Demands APP entities to provide options to individual, to identify themselves
or using a fictitious name.
3. APP 3 – Collection of solicited personal information –
Highlights when an APP entity can collect personal information that is
obtained by taking permission. It puts higher standards in assembling of sensitive
information.
4. APP 4 – Dealing with unsolicited personal information –
It is compulsion for the entity within a fixed time frame to decide if the entity
could have collected the information by requesting it or not. If the information is not
present in the Commonwealth record.
5. APP5 – Notification of the collection of personal information –
Highlights the situation when an APP entity collects personal information and
must inform the person about few matters. The person may not be aware that the APP
entity has collected the person’s personal information.
6. APP 6 – Use or disclosure of personal information -
Highlights the situation where an APP entity may use or revel personal
information that it has.
7. APP 7 – Direct marketing –
Use or reveling of personal information for direct marketing by an
organization.
8. APP 8 – Cross – border disclosure of personal information -
Highlights the methods an APP should take to protect personal information
before it is reveled outside the nation.
9. APP 9 – Adoption, use or disclosure of government related identifiers –
Highlights the limited situations when an organization may embrace a
government related identifier of an individual as its own identifier.
10. APP 10 – Quality of personal information –
An APP entity should take proper methods to make sure that the personal
information that is collected is correct, updated and complete. An entity

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4INFORMATION SECURITY AND STORAGE SYSTEM
should take proper steps to make sure that the personal information it uses or
revels is complete, updated and correct.
11. APP 11 – Security of personal information –
An APP entity should take proper steps to safeguard personal information it
has from interference and loss, misuse and unauthorized access, modification
and reveling.
12. APP 12 – Access to personal information –
Highlights the obligation of an APP entity when an individual request, to
provide access to personal information held about them by the entity.
13. APP 13 - Correction of personal information -
Highlights obligation of an APP entity for correcting the personal information
it has about individuals.
2.
APP 1 – Mrs. A’s name, phone number and email address are collected by an organization to
create customer contact file. Mrs. A’s customer contact file contains personal information, as
she is the subject of the record.
APP 2 – Mr. K’s agency client number, not his name is present in the list of benefit
recipients. Since the number of his client is included in the list, it shows he is the recipient of
that benefit.
APP 3 – Mr. P having diabetics is a personal information obtained by taking permission from
Mr. P himself.
APP 4 – Mr. P diagnosed with diabetics, may have his health insured, this information can be
recorded without his permission.
APP 5 –When Mrs. A’s personal information was collected, the organization has informed
Mrs A about it.
APP 6 – When Mr. R is awarded the best employee of the month in an organization, details
are revealed to outsiders.

5INFORMATION SECURITY AND STORAGE SYSTEM
APP 7 – When the organization does marketing about its products, by revealing that a
particular client has used the products and was benefited, in television, newspaper.
APP 8 – An MNC, can use the same advertisement for marketing , outside the nation. For
that protection of the personal information has to be done.
APP 10 – The organization should have the personal details of Miss N, updated when she
changed her place of residence.
APP 11 – The personal information of the CEO of the organization, should be safeguarded,
his personal information like phone number, should not be out in the public.
APP 12 - The salary details of an employee, can be obtained, when he request it from the
organization.
3.
Notifiable Data Breaches (NDB) scheme is an amendment to the Privacy Act 1988. It is
applicable to data breaches that occur on and after 22nd February 2018. It commands a
reporting and notification method that the Office of the Australian Information Commissioner
(OAIC) had earlier recommended as best practice. Entities like Australian Privacy Principle
(APP), tax file number (TFN) recipients that were covered by the Privacy Act must comply
with the NDB scheme. Registered tax practitioners have obligation to protect TFN
information under Privacy Rule 2015 and the Taxation Administration Act 1953. If tax
practitioners are unable to follow the new NDB scheme there may be implications in relation
to the Tax Agent Services Act 2009 (TASA). Due to the nature of client information
contained by bookkeepers like TFNs, names, addresses, bank account details, addresses and
financial data, if a breach takes place, it would harm the business or an individual, so
notification is required. Unable to follow the legislation would result in fines from the OAIC
of maximum of $ 1.8 million for corporations and $60000 for individuals.

6INFORMATION SECURITY AND STORAGE SYSTEM
Activity 3
1.Name, location of the company, Bank a/c Number, Bank name, Registration Number of the
Company, beginning of accounting year, currency are the things that need to be pre- set.
2. The software generates balance sheet report, profit and loss statement, creditors report,
trial balance.
3. The key features that the source documents contain are amounts, date, bill number, GST
account, name of the dealer,.
4. No the source documents do not contain information that was irrelevant to the functions of
Xero.
5. Ways to keep all information secure while working on the files:
1. Encrypt the data, which is very important and sensitive.
2. Back up data in the cloud.
3. Always have anti – malware protection.
4. Hard drive of the old computers should be cleaned or destroyed before disposing.
5. Secure the wireless network.
Activity 4
1. Keeping transaction information secure by knowing who has access to the data,
protect the most important data by developing a data security plan and policies,
having stronger passwords and updating back up daily.
2. Xero does prepare Balance Sheet, Income statements and all the financial statements
and payrolls for the organization automatically.
3. One has to enter the accounting data and transactions manually, maintain paper
invoices and emails from customers.
4. An information security policy should include confidentially, integrity in the
information security policy. Confidentiality is the feature so that the information is
not revealed to people, entities, or processes which is not authorized. It is a part of
privacy, which protects the data from viewers who are not authorized.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7INFORMATION SECURITY AND STORAGE SYSTEM
5. In APP 11,the rule ask to demolish personal information that is not required any more.
Hence, demolish bills and invoices which are more than three years old and erase
information of the customers from Xero if the transactions do not proceed.
Biblography
Lim, F.P.C., 2013. Impact of information technology on accounting systems. Asia-Pasific
Jornal of Multimedia Services Convergent with Art, Humanities and Socialgy, 3(2), pp.93-
106.
Chou, W.Y., Tien, P.T., Lin, F.Y. and Chiu, P.C., 2017. Application of visually based,
computerised diagnostic decision support system in dermatological medical education: a pilot
study. Postgraduate medical journal, 93(1099), pp.256-259.