Video: Risk Associated with IT Summary

In this lesson, Nick Palazzolo, CPA, delves into the significance of safeguarding data within the realm of information technology, emphasizing the ever-present threats such as phishing attacks. He explains the essential practice of segregating duties to prevent unauthorized access to critical information, ensuring that authorization, custody, and record keeping are kept distinct. Furthermore, Nick sheds light on evaluating the monetary value of risk, a concept applicable in various scenarios beyond IT. He illustrates this through the lens of calculating probabilities and potential impacts, drawing parallels to weighing risks in different business contexts. This comprehensive overview underlines the importance of understanding data management processes, from collection to backup, analysis, and presentation. To reinforce the lesson, Nick encourages active practice with multiple-choice questions to identify and overcome personal stumbling blocks in grasping the material.

"Examprep.ai helped me pass all 4 CPA exams on the first try. I highly recommend. I especially like the feedback and ratings the software provides so I know where to focus my time."

Daniel H., CPA

"I can't recommend ExamPrep.ai enough. Nick's lessons turned concepts I struggled with into strengths. I was able to pass FAR right before other exams expired!"

Andrew K, CPA

"I just want to say thank you for the great lesson videos. I couldn't stay awake through lectures of another course. After watching all your FAR lessons I was finally able to pass!"

Alyssa M., CPA Candidate

Video Transcript

Instructor: Nick Palazzolo

Nick Palazzolo is head instructor of ExamPrep.ai CPA Review. Nick's teaching style is engaging & upbeat, combining practical Big 4 tax & assurance expertise with years of 1-on-1 coaching. His lessons are concise and emphasize what you need to know to pass. Whether you're a recent grad or working full-time, we’re confident you can conquer your CPA exams with Nick’s review.

Cite this lesson

Link to this page

[[ citeExample ]]

Copy to clipboard

Copy URL to clipboard

Copy HTML to clipboard

Wow. Data is really important, as you can see. Super important. I mean, I remember back in 2017, big data was the buzzword at the time.

I mean, just because it's not the buzzword now doesn't mean it's not important. We want to protect that data at all costs from phishing attacks and all these other malicious actions. So how do we do that? We want to understand how to properly segregate duties within an IT structure within an organization. Remember that we want to keep authorization, custody, and record keeping all separate from each other.

Know how IT attacks can be used to maliciously obtain data. Definitely something we want to be aware of. Understand how to calculate the monetary value of risk. And this is actually something you can see in other sections other than IT. There is the probability of risk, right? It's kind of similar to that, say, even toward Wack, like it's a wager. So we want to weigh that risk and the probability that it will happen versus not happen. There are risks outside of IT as well. So you could get a question about that.

It's the same process. It's just a risk from having your business in the middle of a fault line of an earthquake, right, or operating in a risky country. Lastly, we want to be familiar with how data is collected, processed, analyzed, backed up, and presented. All of this, you're going to do well. Make sure you recap this.

You take a good look. Get those multiple choice questions. As much as it's great speaking with you, I want you to practice, get that hard practice of running through questions and working through those issues. I hope I address a lot of those issues in these lessons. However, you don't know what

Unlock the full video transcript and subtitles support with a free account!

Get more from this lesson

Create an account 7-day free trial. No credit card required.

Information Systems

Module: 3 Concepts, 33 Videos

Understanding IT Overview and Objectives

3:00

IT Governance

11:52

Electronic Data Interchange

2:16

Business Information Systems