According to Turner and Weickgenannt (2013), there three major control concerns related to databases, and such as: Unauthorized access, adequate backup of the data, and data integrity. To prevent a data breach and exposing sensitive information, the company should develop an automated security system through IT compliance control. It can be done by implementing log-in procedures, password settings in every certain days, server and firewall configurations, biometric controls, security token, intrusion detection in all company’s computers, and vulnerability assessment (Turner & Weickgenannt, 2013). When there is an immediate business transaction occurs, the company should able to identify any external threats by using real-time alert system, if there is a system used by the company. Real-time alert system can help to identify and respond to the threat of a targeted attack and security and sensitive information, and it will a red flag to the management to investigate any suspicious network activities. For example, an employee is browsing through data and customer’s records and trying to sell customer data to the external or third party without any customer’s or companies permission, real –time alert system will give a signal to the management and alert them …show more content…
For example, if a customer is applying for a loan at the bank, the bank has a right to have a full and complete disclosure of the customer’s credit history. Therefore, the company’s IT application control must be used to ensure completeness and accuracy of data in the database because the IT application controls are analyzed by managers to validate data and reports (Turner & Weickgenannt,