| In recent years, with the rapid development of modern information technology and its applications, it changes the management environment and management concept of enterprise, and business accounting environment, tremendous changes has also taken place , accounting information system emerged consequently. Accounting information system helps enterprises to realize coordination of financial and business operation, and reporting, reimbursement, audit, auditing and other remote processing, and dynamic accounting as well as online financial management. Aplication of Accounting information system, although it brings convient information service to enterprises, however, for its characteristics of openness, vulnerability of data storage and so on, it also brings a lot of security risks at the same time. With the expansion of the scope of computer use, corrupt and fraud common criminal activities frequently take place used by computer, such as storing data in computer disk is easy to tamper; unauthorized person may look through computer networks which are highly centralized database data; copying, forging or destructting important data of enterprise database and so on. Due to high concealment and great harm of computer crime. Therefore, the strengthening of accounting information systems security has become particularly important.According analysis of security problems of the accounting information system, based on COSO enterprise risk management elements and the COBIT IT governance model based on the theory, this article takes the COBIT installation, solutions and change of licensing, operations management, data management, physical environment management, to ensure IT system security processes into the accounting information system, building security control framework of the accounting information system combind with the COSO enterprise risk management, goal-setting, control, manage and monitor. Accounting information system security controls will be divided into technical system, organization system and management system. Technology system strengthen the system on the technical level, by resolving security issues existed in the system through technical control during system design; organization system is to ensure the effective implementation of authorization controls, based on clear responsibilities of business processes , strengthen the authority control, establish internal control systems with separatable and incompatible duties; management system is a management control system, which is regulated from the point of management view, to ensure the safe operation of the system as the goal.Finally, for the security risks existed in the data of accounting information system, to ensure the reliability and integrity of accounting information, taking accounts prcessing module for example, analysing and designing security accounts processing module controls ,implemented data encryption of accounts processing module on the technical level. |
PDF Full Text Request