Author :
Kulkarni, Abhijit ; Williams, Emilio ; Grimaila, Michael R.
Author_Institution :
Corp. Governance-IT, Dell Inc., Round Rock, TX, USA
Abstract :
Along with traditional applications that record, process, and report financial transactions, virtually all organizations use End User Computing Applications (EUCAs) such as Microsoft (MS) Excel spreadsheets, MS Access databases, Business Intelligence (BI) Reports, and MS Word documents for data storage, calculations, and reporting. These EUCAs are important components of the financial reporting process and are “data feeders” to ERP applications such as SAP®, Oracle Financials®, and PeopleSoft®. EUCAs are also key elements in supporting processes like Quote to Collect, Procure to Pay, Planning/Budgeting, and Financial Reporting. In this paper, we investigate the components of a typical EUCA, define the risks associated with reliance on such systems, and provide solutions that can be deployed to partially address the standard security concerns (e.g., confidentiality, integrity, availability). The need to mitigate the risks of sensitive information assets is in direct alignment the objectives of mission assurance and operational resilience for private sector organizations.
Keywords :
enterprise resource planning; financial data processing; personal computing; security of data; ERP application; end user computing application data; financial reporting process; financial transaction; private sector organization; security risk; Book reviews; Databases; Electronic countermeasures; Organizations; Security; Standards organizations; ECMS; EDI; EUCA; FTP; PCI; PII; Risk; SOX; TFS; TTL;
