Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

The National Conunercial Bank has fifteen branches and maintains a mainframe cojnputer system al its corporate headquarters. National has recently undergone an examination by the

The National Conunercial Bank has fifteen branches and maintains a mainframe cojnputer system al its corporate headquarters. National has recently undergone an examination by the slate banking examiners, and the examiners have some concerns about National's computer operations. During the last few years, each branch has purchased a number of microcomputers to communicate with the mainframe in the emulation mode. Emulation occurs when a microcomputer attaches to a mainframe computer and, with the use of the appropriate software, can act as if it is one of the mainframe terminals. The branch also uses these microcomputers to download information from the mainframe and, in the local mode, manipulate customer data to make banking decisions at the branch level. Each microcomputer is initially supplied with a word processing application package to formulate correspondence to the customers, a spreadsheet package to perform credit and financial loan analyses beyond the basic credit analysis package on the mainframe, and a database management package to formulate customer market and sensitivity information. National's centralized data processing department is responsible only for mainframe operations; microcomputer security is the responsibility of each branch. Because the bank examiners believe National is at risk, they have advised the bank to review the recommendations suggested in a letter issued by banking regulatory agencies in 2008. This letter emphasizes the risks associated with end-user operations and encourages banking management to establish sound control policies. More specifically, microcomputer end-user operations have outpaced the implementation of adequate controls and have taken processing control out of the centralized environment, introducing vulnerability in new areas of the bank. The letter also emphasizes that the responsibility for corporate policies identifying management control practices for all areas of information processing activities resides with the board of directors. The existence and adequacy of compliance with these policies and practices will be part of the regular banking examiners' review. The three required control groups for adequate information system security as they relate to National are (l) processing controls, (2) physical and environmental controls, and (3) spreadsheet program development controls. Required:

For each of the three control groups listed

a. Identify three types of controls for microcomputer end-user operations where National Commercial Bank might be at risk.

b. Recommend a specific control procedure that National should implement for each type of control you identified. Use the following format for your

Control Types Recommended Procedures

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Accounting Principles Understanding Important Terms And Principles Of Accounting

Authors: Lyndsay Sudduth

1st Edition

B0B5KV57NJ, 979-8840104033

More Books

Students also viewed these Accounting questions

Question

1. What is the objective of maintenance and reliability?

Answered: 1 week ago