Module 5

Case Study
Group 1 - 4A7
Pink Company
Case Study:
Tasks To Do
Introduction
Case Problem:
General Overview
Risks Associated
with the Approach
Internal Control
Weaknesses
 Internal Control
Pink's decision to assign the
responsibilities of system
development and system
maintenance to a single
employee can result to (1)
inadequate documentation and
(2) program fraud.
Weaknesses
Absence of strong data backup
policies may exploit the
company's data files during
primary data failures (both
internal and external factors).
This situation also highlights
the need for a good disaster
recovery plan.
Training only one employee
can cause various problems.
Only having one person to
understand the system creates
opportunity for fraud to occur.
There will be no available
personnel to overtake if the
programmer decides to leave.
Internal Control
Weaknesses

Making significant custom upgrade on the system after a

three years may be considered as inappropriate. There is a
possibility that the existing system is insufficient for the
company.
Alternative Courses
of Action (ACA)
 System experts are divided into various
Alternative Courses primary tasks.
System development needs the skills of

of Action (ACA)
multiple people.

Recommendation:
1. Create a team of IT application programmers.
2. Segregation of duties for update programmers
and system maintenance.
3. Strict adherence to the organizational framework.
Alternative Courses
Operational viability takes into account
both the existing practices and the
individual capabilities required to use

of Action (ACA) the new model.

Recommendation:
1. Strengthening capabilities while keeping
current workforce.
2. Consult reputable professionals.
 Recommendation:
1. With the aid of Mnemonics, the software provider

Alternative Courses
that first helped with the development and
deployment of the specialized asset management
software, invest in a substantial upgrade.

of Action (ACA)
Advantages:
1. A single employee serving as the design and maintenance
programmer is more economical than developing internal
systems.
2. Improvements to a more capable and productive design process.
3. System improvements demand resources and knowledge from
developers.
 To prevent unapproved program
Alternative Courses revisions and illegal access to programs,
Pink Company should put in place a

of Action (ACA) robust access control system.

Recommendation:
1. Subjecting employee access points to regulation
2. Complete and appropriate documentation
3. Clearly defined responsibilities
Alternative Courses
Establish audit policies to safeguard the
system against unauthorized access and
undocumented software changes to
of Action (ACA) reduce the risk to information security.

Recommendation:
1. Contact a professional IT specialist.
2. Check audit trails
3. Establish a safe program library.
 Conclusion
It is important to address Continuous Training of
the weaknesses in internal Employees
control

Segregation of Duties Careful Planning

Proper Documentation and

Establishing System and
Audit Policies
Group Members
Group 1 - 4A7
 References
& Sources
How To Establish An Effective Maintenance
Training Program (Christiansen, 2021)
Disaster recovery plans explained (Kyndryl, n.d.)
Why is Custom Software Development
Important? (Gohil, 2022)
Accounting Information Systems (Hall, 2011)
What Is Backup and Recovery? - Why It’s
Important (NetApp, 2019)
How Long Does It Take To Build Custom
Software? (Wardynski, 2022)
Thank Y o u
Group 1 - 4A7