Slide 2: Problem Background (Point 1)

 Increasing Cybersecurity Threats:

 Rising Incidents: Educational institutions have become prime targets for cyberattacks,
with a reported 30% increase in incidents over the past year.
 Types of Threats: Common threats include phishing attacks, ransomware, and data
breaches, which can compromise sensitive financial and personal information.
 Consequences: Data breaches can lead to significant financial losses, legal liabilities,
and damage to the institution's reputation, affecting student trust and enrollment.

Slide 3: Problem Background (Point 2)

 Ineffectiveness of Current Internal Controls:
 Assessment Findings: Preliminary evaluations at NLAC School reveal gaps in existing
internal controls related to accounting information management.
 Specific Issues: Lack of access controls, inadequate monitoring of financial
transactions, and insufficient employee training on security protocols.
 Need for Policy Implementation: A comprehensive accounting information security
policy is essential to address these weaknesses and enhance the overall effectiveness
of internal controls.

Slide 4: Research Gap Analysis

 Limited Research in Educational Contexts:
 Existing Literature: Most studies focus on corporate environments, leaving a gap in
understanding how security policies impact internal controls in educational institutions.
 Specificity to NLAC School: There is a lack of empirical evidence regarding the
unique challenges and requirements of schools like NLAC in implementing security
policies.
 Opportunity for Contribution:
 This research aims to fill the gap by providing insights into the role of accounting
information security policies in strengthening internal controls specifically within NLAC
School.

Slide 5: Theoretical/Conceptual Framework

 Information Security Management Theory:
 Core Principle: Emphasizes the necessity of formal security policies to protect
information assets from unauthorized access and breaches.
 Application: This theory will guide the development of a tailored security policy for
NLAC School.
 COSO Internal Control Framework:
 Components: The framework includes five components: Control Environment, Risk
Assessment, Control Activities, Information and Communication, and Monitoring
Activities.
 Relevance: This framework will be used to evaluate the effectiveness of internal
controls in relation to the proposed security policy.
 Risk Management Theory:
 Focus: Identifying, assessing, and mitigating risks associated with information security.
 Integration: This theory will help analyze how effective risk management practices can
enhance internal controls at NLAC School.

Slide 6: Statement of the Problem

 Main Problem:
 How does the implementation of an accounting information security policy affect the
strengthening of internal controls at NLAC School?
 Key Considerations:
 The current state of internal controls.
 The perceived importance of security policies among stakeholders.

Slide 7: Sub-Problems
 Sub-Problem 1:
 What are the current internal control practices in place at NLAC School regarding
accounting information?
 Focus Areas:
 Review existing policies and procedures.
 Identify weaknesses and gaps in current practices, such as access controls and
transaction monitoring.

Slide 8: Sub-Problems
 Sub-Problem 2:
 How do stakeholders perceive the importance of an accounting information security
policy in strengthening internal controls?
 Stakeholders:
 Administrators, accounting staff, IT personnel, and faculty.
 Method: Conduct surveys and interviews to gather qualitative and quantitative data on
perceptions and attitudes toward security policies.
 Slide 9: Limitation of the Study
 Scope Limitations:
 The study focuses exclusively on NLAC School, which may limit the generalizability of
findings to other educational institutions.
 Time Constraints:
 The research will be conducted over a limited timeframe, potentially affecting the depth
of data collection and analysis.
 Potential Bias:
 Responses may be influenced by personal experiences or perceptions of stakeholders,
leading to subjective interpretations.

Slide 10: Importance of the Study

 Enhancing Security:
 The study will provide insights into improving the security of accounting information,
which is critical for safeguarding sensitive data.
 Policy Development:
 Findings will aid in the formulation of effective accounting information security policies
tailored to the needs of educational institutions.
 Strengthening Internal Controls:
 Contributes to the overall effectiveness of internal controls, reducing the risk of fraud,
errors, and data breaches, thereby enhancing institutional integrity.

Slide 11: Definition of Terms (Operational Meanings)

 Accounting Information Security Policy:
 A formal set of guidelines and procedures designed to protect financial data from
unauthorized access, breaches, and misuse.
 Key Components: Access controls, data encryption, incident response plans, and
employee training programs.

Slide 12: Definition of Terms (Operational Meanings)

 Internal Controls:
 Processes and procedures implemented to ensure the integrity of financial and
accounting information, promote accountability, and prevent fraud.
 Key Elements: Segregation of duties, authorization processes, reconciliations, and
monitoring activities to ensure compliance and accuracy.

Slide 13: Literatures Reviewed (Synthesis)

 Cybersecurity in Education:
 Research indicates that educational institutions are increasingly targeted by
cybercriminals due to their valuable data.
 Key Findings: Institutions with robust cybersecurity measures report fewer incidents of
data breaches and improved trust among stakeholders, highlighting the need for
effective security policies.

Slide 14: Literatures Reviewed (Synthesis)

 Impact of Security Policies on Internal Controls:
 Studies show that well-defined security policies significantly enhance the effectiveness
of internal controls across various sectors.
 Evidence: Organizations that implement comprehensive security policies experience
reduced instances of fraud and improved compliance with regulations, demonstrating
the importance of a structured approach.

Slide 15: Literatures Reviewed (Synthesis)

 Best Practices in Information Security:
 Literature suggests that adopting best practices in information security, such as regular
audits, employee training, and incident response planning, can lead to improved
compliance and risk management.
 Recommendations: Continuous monitoring and updating of security policies are
essential to adapt to evolving threats and ensure the protection of sensitive information.

Slide 16: Research Method(s) to be Used

 Qualitative Research:
 Conduct in-depth interviews and focus groups with stakeholders (administrators,
teachers, IT staff) to gather insights on current practices and perceptions.
 Quantitative Research:
 Distribute structured surveys to assess the effectiveness of existing internal controls
and the perceived importance of security policies among stakeholders.
 Slide 17: Subject/Participant/Respondent (Inclusion/Exclusion
Criteria)
 Inclusion Criteria:
 Stakeholders involved in financial management, including administrators, accounting
staff, and IT personnel at NLAC School.
 Participants must have at least one year of experience in their current roles to ensure
informed responses.
 Exclusion Criteria:
 Individuals not directly involved in financial processes or information security, such as
students or non-financial staff.

Slide 18: Research Site

 Location: NLAC School
 Description:
 A mid-sized educational institution with a diverse student body and a range of academic
programs.
 The school has an established accounting department and IT infrastructure, making it a
suitable site for the study.

Slide 19: Instrumentation/Data Gathering Tools

 Surveys:
 Structured questionnaires designed to assess perceptions of internal controls and the
importance of security policies.
 Interviews:
 Semi-structured interview guides to facilitate in-depth discussions with stakeholders.
 Document Review:
 Analysis of existing internal control policies, security protocols, and incident reports to
supplement survey and interview data.

Slide 20-21: Data Gathering Procedure

 Step 1:
 Obtain necessary approvals from school administration and ethics review board to
conduct the research.
 Step 2:
 Distribute surveys electronically to stakeholders, ensuring anonymity and confidentiality
to encourage honest responses.
 Step 3:
 Conduct interviews with selected participants, recording responses for analysis and
ensuring a comfortable environment for open discussion.
 Step 4:
 Review relevant documents and policies to supplement survey and interview data,
providing a comprehensive understanding of current practices.

Slide 22-23: (Mode of) Analysis and Treatment of Data

 Qualitative Analysis:
 Use thematic analysis to identify key themes and patterns from interview transcripts,
employing coding techniques to categorize responses and draw insights.
 Quantitative Analysis:
 Analyze survey data using statistical software (e.g., SPSS) to calculate descriptive
statistics and correlations, conducting inferential statistics to determine the significance
of findings related to internal controls and security policies.