ASSESSING OF CONTROL SECURITY POLICIES ON DATA PROTECTION IN ACCOUNTING INFORMATION SYSTEM IN QUEZON CITY
Keywords:
control security policies, accounting information systems (ais), data protection, cybersecurity, policy enforcement, access controls, incident response, digital literacy, government institutions, quezon cityAbstract
This study evaluates the effectiveness of control security policies in protecting data within Accounting Information Systems (AIS) used by government institutions in Quezon City. As digital systems become integral to financial operations, the need to ensure data security, integrity, and confidentiality has become increasingly important. The research examines how security policies, system protection measures, technological tools, and data management practices contribute to safeguarding financial information. It also identifies key challenges in the implementation of these policies and offers recommendations to strengthen cybersecurity measures in AIS environments. This study adopted a quantitative research design to examine the effectiveness of control security policies in safeguarding data within Accounting Information Systems (AIS). A total of 50 participants from the Commission on Elections (COMELEC) in Quezon City—including accountants, IT staff, auditors, and treasurers—were selected through convenience sampling, given their direct involvement in AIS operations. Data collection was conducted using a validated survey questionnaire, which captured both demographic information and evaluations of cybersecurity practices. The organization maintains solid technical and procedural security measures, enhancing policy enforcement, strengthening access controls, improving staff training, and developing a more comprehensive incident response plan are essential to fully optimize data protection within the Accounting Information System (AIS). The study revealed that the majority of respondents, primarily young professionals aged 22–26, demonstrated a strong awareness of and positive attitudes toward control security policies—reflecting a solid baseline in digital literacy and cybersecurity practices. Survey findings showed that respondents generally agreed their organization had effective security controls, consistent system protection measures, secure technological infrastructure, and reliable data protection strategies. However, slightly lower ratings in areas such as policy enforcement, clearly defined user access rights, and incident response planning indicate the need for targeted improvements in these aspects.
