 And it can be when you when you look at it from the from the workers standpoint, and all you can see on your end is like, I only have limited access to this database program and I can't see what everything else is going on. It can be a restrictive at the same time. Notice that too much separation of duties, too much restriction to people in terms of how much access they have to a certain database limits some things as well as well, because it is basically red tape. But you need to find that balance. And it's a great way the database program is is a great tool to be able to find balance in that you can limit certain areas for certain people in terms of what they can access in the database program, greater ability to to prevent or detect a circumvention of controls. So we can also have a better supervision type of duties. Oftentimes to be able to track what's happening. We can actually see, you know, who was in the database program, who is doing what within the database program risks. Then these are like basically the downside unauthorized access to data that may result in destruction of data or improper changes to the data. So it's quite possible when you have the database program, even if you put the right restrictions in that people can get access to it because of course, especially if something's on some type of online database program, nothing is completely secure, of course. And it's quite possible that you can have problems. If you don't have a well designed database program, then it's quite possible that people are going to get the access to the data or improper people are going to get access to the data, possibly do something such as an error, delete the data or have some kind of changes or do something improper to the data reliance on systems or programs that unknown to management, incorrectly process data, process, incorrect data or both. If we have very complex database systems, this is happening more and more because what happens is management no longer having to do the calculation, but just depending on the number that has been gotten from the calculation, no longer understands the complex calculation itself. So the data input, therefore, that you're going to put into the system in order to generate these types of calculation could be off because a lot of times we don't know as much in terms of what needs to be input properly in order for the computer to do a complex calculation to get the right result. And once the result has come out, we may not be able to interpret it quite as well because we're not understanding the process. We're not going through the calculations of it. So although the computer can do complex calculations, the ability for us to interpret them and also put in the data necessary to do them properly can actually deteriorate as we become more dependent on the computer to do the calculation. Unauthorized changes to system or programs. So there could be obviously unauthorized changes. We've got to be able to make sure that we have controls over who was operating the system. Problem with that one is that obviously the person that's designing the internal control system that has an idea of what the separation of duty should be is separate from the IT department that knows how to actually implement the segregation of duties in the IT process. And there has to be really good communication between those individuals to put into a separation of duties that works. Unauthorized changes to data are similar kind of problem. Inappropriate manual intervention so we could have manual interventions within the system that are not properly put in place again. And this all comes down to how well the database program is going to be set up. Potential loss of data. It's possible that we could lose the data. We always have to be thinking about how are we going to conserve the data because if we're in a system where we're not basically saving everything off the system and basically putting it into a file somewhere like it used to be where we have hard copies and whatnot, then all of our data is on a server somewhere. And the question is of course that server can be deleted. Can we lose the server information if there was a problem? How do we support this information? How can we possibly back up this information? That all becomes an issue as we get more information on a database system as opposed to a more of a traditional system.