Protection of accounting information in the conditions of cyber security

Abstract

In the given study, it is substantiated that the unauthorized use of information generated in the accounting system can lead to harmful consequences, risking loss of information, incorrect data entry and misuse of confidential information. Therefore, the issue of protecting information generated in the accounting system is extremely urgent, and ensuring its security is a priority in many companies. The purpose of the study was to generalize existing approaches and outline promising directions for the organization of accounting information protection in the context of cyber security. It has been proven that effective communication and joint strategies between management, accountants and auditors are important to reduce or protect against emerging threats to the accounting information system. To properly assess potential risks, accountants and auditors must be familiar with current and emerging technologies. Groups of risks are given, based on the selection of risks for all components of the accounting process, which are inherent in electronic accounting information systems (risks associated with the collection and input of data into an automated system, risks associated with information processing and its storage on electronic media, risks associated with stage of generalization and transfer of information) and analyzed their features in order to find ways of minimization. Controlling unauthorized access to accounting records is an important component of internal control. Access and password policies, encryption, digital signatures, disk locks, firewalls, and digital certificates are examples of controls that should be identified, documented, communicated, and tested when evaluating control effectiveness. Examples of the impact of cyberattacks on the accounting system and related costs are given. It is well-founded that the protection of accounting information and the avoidance of cyber-attacks is possible only if comprehensive measures and joint actions of management, accounting, auditors and educational institutions are followed in the training of future specialists.