Summary: This article, which appeared in the Journal of Accounting and EDP, Vol. I, No. 4, Winter 1986, discusses the resolution of security problems involving the use of microcomputers in business by: (1) identifying audit problems which arise; and (2) presenting management countermeasures. Microcomputer use carries risks in three major areas: (1) physical security of hardware; (2) physical security of data and software; and (3) data integrity. Physical security of hardware involves common-sense methods to prevent theft or damage. Various methods in use to secure data and software include: (1) password protection; (2) data encryption/decryption; (3) copy protection; (4) audit trails; and (5) security controls on the microcomputer-mainframe link. Maintaining current, accurate, and complete data requires: (1) standard hardware and software configuration within an organization; (2) data and program backup; (3) testing and documentation of computer models and user-written programs; and (4) use of current data only. Auditors should make use of available programming tools, such as cross-reference, file recovery, disk explorations, sort/merge, and file dump. A partial list of hardware and software available for microcomputers is included.
