The Role of Information Systems in Amazon
The report focusses on the Amazon Company and the reliance operations on the information systems. Additionally, the report outlines the importance of information system to the company’s success in the sale of goods such as allowing online payment and product tracking while in transit. Additionally, the report identifies the general management controls and application controls used by the organisation to avoid risks that could hinder operations.
A further focus is on the risks that the organisation faces during operations and the methods used to analyse and control the risks. The risks include such as loss of information and inaccuracy in the data collected from the customers. Additionally, the report checks the benefits that accrue to the company by controlling risks such as the protection of the customer’s information. Moreover, the report focusses on the audit plans and processes used by the company to identify the problems within the system. The identification of the problems is important to ensure that the areas of possible threat are corrected and prevented from causing harm.
The Amazon is an E-commerce company that deals in the sale of goods to customers through the internet. The Amazon has operated for many years in various markets within the globe (Amazon, n.d.). Most individuals currently use the Amazon to sell and buy a variety of products such electronics, clothes, shoes and magazines among many other products. Amazon requires that the customers log in and search for the required products within the price affordable price range. The customers put the products in an online cart and proceed to purchase the goods either by paying online or cash on delivery. The online payment is done using visa card or other online payment platforms such as the PayPal. After selecting the payment method, the goods are delivered to the customer’s point of receipt during the business days (Amazon, n.d.).
The information systems are core to the operations of the business since the Amazon site works as the point of contact with the customers (Ref. Mattord, 2018). The site has replaced the normal physical business premises where customers can visit and buy goods. Therefore, the customers find all the products required under the appropriate products category. The site allows the customers to have a one-stop shopping experience since many sellers post many goods on the site. Additionally, Amazon uses information systems to receive payments from customers through electronic payment methods. The methods include such as PayPal, MasterCard and visa card.
General Management Controls and Application Controls
Further uses of the information system include the online tracking of goods on delivery to the customer. The online tracking protects the loss and theft of good while in transit (Olsen, 2018). The online trackers identify where the customer’s position and provides information about the time that the customers will receive the product.
The site also has customer relation tools that track the activities of the customers. The tool tracks such as the times that the customers’ log in to the site in a day, the goods and services that the customers like purchasing and the location of the customer. The site collects the customers’ information for use in conducting personalised marketing (Olsen, 2018).
The company uses various general management controls to ensure the effective operation of the programmed procedures (Amazon, n.d.). The controls apply to the whole system of application within the organisation. The Amazon uses data security controls to protect information from access by unauthorised third parties. The data security control protects customer information from access by malicious individuals. The customer’s information includes such as the residential areas and credit card numbers. The hackers could use the information to steal money from the customers, which is bad for the customers due to the loss of customers who lack trust in the online store. Therefore, the company has installed reliable data security procedures to ensure that third parties do not access the customer’s sensitive information (Data Security Controls and The CISSP, n.d.).
Additionally, the company uses software controls to prevent the unauthorised access to the computer programme. The control governs the operation systems for proper execution of application programmes. Moreover, the software controls play an important role in the organisation such file set up, handling and record keeping.
Amazon Company uses various application controls to ensure that only authorized data is accurately processed by the applications. The controls account for the application’s procedures from the initial stage of transactions, the processing and finally the use of the output.
Amazon has installed input authorization controls to ensure the correct recording and monitoring of data flow through the systems. The steps include the authorisation of only a few employees to accept payments from customers and allow the exchange of goods.
Moreover, Amazon has data conversion software to transcribe data accurately from one form to another. The transcription is used to convert information of orders placed by customers to a form that the system can read. The tool ensures that the transcription is accurate to avoid the delivery of wrong products to the customers.
Comparison of General Management Controls and Application Controls
Comparisons of the general management controls to the application controls
The general management and application controls have some similarities within the operations of the company. The similarity is seen where the two types of control create policies and procedures relating to a variety of information system functions leading to effective operations (Mendez, 2015). Additionally, the controls provide security to the system by preventing harmful access and ensure that the outputs from processes are accurate to aid in decision-making.
Furthermore, the differences appear in the use of the controls. The controls are applied differently within the company. The application controls are installed to ensure accuracy and security of the data passing through specific applications (Mendez, 2015). For example, application controls are installed in the payroll to prevent errors in payment such as double payment of salaries and the elimination of ghost workers from the pay slip. On the other hand, general management controls are used across all systems within the organisation. The controls are used by all departments to prevent unauthorised access to the information. The controls are more organisation wide than the application controls due to the combination of software and procedures that create an overall control structure.
Amazon employs various risk management techniques to ensure the success of the operations and that customers can rely on the site to buy goods. The company ensures that the system is always up and running to ensure that the customers always buy goods and services at any time. Therefore, the company focusses on various issues to ensure that the system is free from the possibility of failure (Li Rui, 2015).
The company ensures the reliability of the system by employing performance monitors that give real-time reports on the operations. The company uses the information to improve the ability of the system to give the required response to the users (Jr, 2018). The data assists in identifying the points of poor performance within the system and necessary actions are taken to improve operations.
Additionally, the company also prevents the risk of confidentiality, which is the unauthorised access to sensitive information. The risk could lead to a loss of trust in the company by customers thus resulting in a shortage of market for products. Therefore, the company employs technical control procedures to secure information from unauthorised access by third parties. The technical controls ensure confidentiality by offering automated protection against misuse or access to valuable information (R., 2012).
Risk Management Techniques in Amazon
Additionally, the system ensures availability by using strong host computers to ensure that the site is always available to the customers. Furthermore, the company employs cloud-based backup systems to ensure that the system does not crash when fed with large amounts of data (Leach, 2018). The cloud-based system stores large amounts of data, which prevents the loss of information relating to products such as price, product name and availability.
The company manages integrity and security by employing various procedures that ensure the full protection of users from the risk (Data Security Controls and The CISSP, n.d.). The company ensures integrity by using proper screening procedures for the sellers and buyers. Amazon requires that the sellers provide full information about the business and does follow up to ensure that the customers received the goods paid for. The measure protects the customers against con sellers who do not deliver after customers make payments. On the other hand, the system ensures security by putting up firewalls that prevent unauthorised persons from accessing the customers’ information.
The company conducts the risk identification and assessment processes through conducting system risk audits. The audits take place during the period set by the management to identify the risks within the system. The company employs the services of external experts to audit the system for identification and assessment of the risks (Li Rui, 2015). Additionally, Amazon has internal auditors who perform continuous risk audits to prevent failure of the system. The auditors also report on the extent that the risk could affect operations.
The risk controls take place through the installation of risk mitigation procedures that prevent the system against failure. Amazon collects data on the system to identify areas that pose a risk to the operations. The company has installed software that informs about risks and provides solutions to the problems. Additionally, the company uses various security measures such as firewalls and antiviruses to prevent unauthorised access to the system (Simon Milton, 2015).
The company benefits from the audit activities carried out in the system. The audits help in the review of the performance of the system, which helps to improve the shortcomings and identify the risks that could result in failure (R., 2012). Additionally, auditing the system helps to ensure tight security of the system to avoid unauthorised access by persons such as hackers. The company uses effective audit plans and processes to ensure a successful review of the information system
Risk Identification and Assessment
The Amazon company has a comprehensive plan to follow when conducting the audit. The audit plan focusses on the need to identify risks and shortcomings within the information system. Additionally, the risk seeks to achieve the best solutions to the challenges raised during an audit. The company requires that the auditors follow the steps specified in the audit plan. The plan includes five steps that ensure that the audit meets the set objectives.
The first part of the audit plan requires the determination of the audit subject (Audit Plan Activities: Step-by-Step, 2018). The stage sets the various parts of the information system that will undergo auditing. The plan requires the audit of areas that face high risk and that the users frequently access.
The second step defines the objectives that the audit should achieve (Audit Plan Activities: Step-by-Step, 2018). The objectives include the identification of risk and determination of satisfaction levels among the users. Additionally, the plan also sets the scope of the audit, which sets the limit for audit. For example, the scope could specify that the audit should only review a single or multiple applications. The next step involves performing a pre-audit plan, which refers to activities such as risk assessment to set the final cope of the audit (Audit Plan Activities: Step-by-Step, 2018). The step defines the clear subject and objects of the audit. Finally, the planners determine the steps for gathering data for auditing (Audit Plan Activities: Step-by-Step, 2018). The steps emphasise the collection of necessary data to aid in the assessment and identification of the risk.
The Amazon Company follows six steps of an audit process to ensure meeting of the set objectives. Additionally, the audit steps provide comprehensive information about the system. The first step includes the requesting of important documents and reports from the system to identify problems in the system (Penn, 2018). The auditor also requests access to various parts of the software to conduct the audit.
Secondly, the auditor prepares an audit plan to use during the exercise (Penn, 2018). The audit plan outlines the steps that the auditor follows while auditing. Additionally, the plan gives the issues to check and sets the objectives. The third stage requires the scheduling of a meeting with the various management and audit employees of the company (Penn, 2018). The meeting aims at setting rules of audit and informing on the responsibilities of each person.
After the meeting, the auditor conducts a fieldwork, which entails the evaluation of internal controls and compliance tests (Penn, 2018). The auditors do the fieldwork in a comprehensive way to avoid omitting important details. The auditor then drafts a report based on the finding of the audit. The report consists of the observations made by the auditor and recommendations to improve the system. Finally, the auditor closes the audit by seeking the management’s approval on whether the report adheres to the set objectives (Penn, 2018).
Conclusion
The Amazon company has a high-quality information system that serves the customers appropriately without failure. The system provides tight security to the customer information through the installation of security standards that prevent hacking. Additionally, the company ensures the availability of the system to the customers and maintains a high level of integrity and trust to the customers. The Amazon Company also conducts audit procedures that review the system to identify risks.
However, the system could improve accessibility by ensuring that the customers can access the system using all browsers available. The company should consider complaints from consumers highlighting the inability to access the system using some browsers. Therefore, the improvement could increase the customer visits to the site and the effectiveness in providing services.
References
Amazon. (n.d.). Retrieved from Amazon: www.amazon.com
Audit Plan Activities: Step-by-Step. (2018). Retrieved from ISACA: www.isaca.org/creating-audit-programs
Data Security Controls and The CISSP. (n.d.). Retrieved from Infosec Institute: https://resources.inforsecinstitute.com/category/certifications-training
Jr, L. R. (2018). Information Systems Research. Informs PubsOnline. Retrieved from https://pubsonline.informs.org
Leach, D. F. (2018). Data Presentation. Retrieved from Data Presentation Website: https://www.academic.sun.ac.za
Li Rui, Y. T.-L. (2015). Reliability Management for Information System. Springer, 268-274. doi:10.1007
Mendez, R. (2015). General Control vs. Application Control. Retrieved from Prezi: https://prezi.com
Olsen, E. (2018). Strategic Implementation. Retrieved from On Strategy Website: https://www.onstrategyhq.com
Penn, S. (2018). Six Steps in Audit Process. Retrieved from Chron: https:/www.smallbusiness.chron.com/six-step-audit-process
R., W. (2012). Theory Building in the Information Systems Discipline: Some Critical Reflection. ANU Press. Retrieved from https://www.jstor.org/stable/j.ctt24h30p.6
Ref. Mattord, M. E. (2018). Principles of Information Security. Cengage Learning.
Simon Milton, J. L. (2015). Reality of Information Systems Research. ANU Press. Retrieved from www.jstor.org/stable/j.ctt2jbj4x.6.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
