1 Pertemuan 10 Membuat dan mengelola resiko dan kriminalitas sistem informasi Matakuliah: H0472 / Konsep Sistem Informasi Tahun: 2006 Versi: 1.

Slides:



Advertisements
Similar presentations
1 E-business Security and Control 2 Opening Case: Visa 10 commandments for online merchants – Maintaining a network firewall – Keeping security patches.
Advertisements

Arsitektur Jaringan Pertemuan 09 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.
1 Pertemuan 15 The Business Owner’s View Matakuliah: A0194/Pengendalian Rekayasa Ulang Informasi Tahun: 2005 Versi: 1/5.
Pertemuan 24 Proses Bisnis SDM, Keuangan, dan Konversi Matakuliah: M0034 /Informasi dan Proses Bisnis Tahun: 2005 Versi: 01/05.
Dynamic SQL Pertemuan 11 Matakuliah: T0413/Current Popular IT II Tahun: 2007.
Pertemuan 10 Cara mengelola Sumber Daya Teknologi secara baik Matakuliah: H0402/PENGELOLAAN SISTEM KOMPUTER Tahun: 2005 Versi: 1/0.
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
©1999 Addison Wesley Longman Slide 13.1 Information System Security and Control 13.
Pertemuan 4 Membangun Teknologi Informasi Matakuliah: H0402/PENGELOLAAN SISTEM KOMPUTER Tahun: 2005 Versi: 1/0.
1 Pertemuan 10 Arsitektur Jaringan Model OSI Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.
1 Pertemuan 23 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 23 Object database design (Lanjutan bagian 2) Matakuliah: M0174/OBJECT ORIENTED DATABASE Tahun: 2005 Versi: 1/0.
Manajemen Jaringan dan Network Security Pertemuan 26 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.
1 Pertemuan 12 Perencanaan Sistem Informasi Matakuliah: H0472 / Konsep Sistem Informasi Tahun: 2006 Versi: 1.
1 Pertemuan 7 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 13 BACK PROPAGATION Matakuliah: H0434/Jaringan Syaraf Tiruan Tahun: 2005 Versi: 1.
1 Pertemuan 23 Managing The Effectiveness of The Audit Department Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 05 Firewall Matakuliah: H0451/Praktikum Jaringan Komputer Tahun: 2006 Versi: 1/0.
1 Minggu 8, Pertemuan 16 Transaction Management (cont.) Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Pertemuan 2 Konsep WCA (Work Concept Analysis)
Pertemuan 16 Business and Information Process Rules, Risks, and Controls Matakuliah: M0034 /Informasi dan Proses Bisnis Tahun: 2005 Versi: 01/05.
Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
1 Pertemuan 01 Pengantar tentang database Matakuliah: >/ > Tahun: > Versi: >
1 Pertemuan 17 Seleksi DBMS Matakuliah: >/ > Tahun: > Versi: >
1 Pertemuan 21 Parallelism and Superscalar Matakuliah: H0344/Organisasi dan Arsitektur Komputer Tahun: 2005 Versi: 1/1.
1 Pertemuan 18 Penemuan Fakta Matakuliah: >/ > Tahun: > Versi: >
1 Pertemuan 21 Audit Reporting Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 3 Information at Risk Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 4 Auditing Standards and Responsibilities Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 01 Teknologi Jaringan Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 Minggu 1, Pertemuan 1 Introduction to Database Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
1 Pertemuan 20 Time & Condition Clauses with Future reference Matakuliah: G0134 – Grammar III Tahun: 2005 Versi: revisi 1.
1 Pertemuan 18 I wish, If only Matakuliah: G0134 – Grammar III Tahun: 2005 Versi: revisi 1.
1 Pertemuan 9 Membuat dan mengelola sistem informasi Matakuliah: H0472 / Konsep Sistem Informasi Tahun: 2006 Versi: 1.
1 Pertemuan 5 Bisnis Proses Matakuliah: H0472 / Konsep Sistem Informasi Tahun: 2006 Versi: 1.
Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
1 Pertemuan 10 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Computer Fraud Pertemuan XVI Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.
1 Pertemuan 26 Manajemen Jaringan dan Network Security Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.
1 Pertemuan 25 Making It Happen Matakuliah: A0194/Pengendalian Rekayasa Ulang Informasi Tahun: 2005 Versi: 1/5.
1 Pertemuan 17 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 20 Microprogrammed Control Matakuliah: H0344/Organisasi dan Arsitektur Komputer Tahun: 2005 Versi: 1/1.
1 Pertemuan 24 Managing The Effectiveness of The Audit Department Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 5 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 8 The Object Definition Language (Lanjutan) Matakuliah: M0174/OBJECT ORIENTED DATABASE Tahun: 2005 Versi: 1/0.
1 Pertemuan 1 Sistem Informasi pada dunia nyata Matakuliah: H0472 / Konsep Sistem Informasi Tahun: 2006 Versi: 1.
Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Evolving IT Framework Standards (Compliance and IT)
Pertemuan 5 Pengembangan Teknologi Informasi Matakuliah: H0402/PENGELOLAAN SISTEM KOMPUTER Tahun: 2005 Versi: 1/0.
Information System Security and Control
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Information Systems Security Operational Control for Information Security.
1 Pertemuan 3 Konsep Sistem Operasi Matakuliah: T0316/sistem Operasi Tahun: 2005 Versi/Revisi: 5.
1 Pertemuan 17 Basisdata (Databases) Matakuliah: T0604-Pengantar Teknologi Informasi Tahun: 2008 Versi: 2.0/0.0 Williams, B.K, Stacy C. Sawyer (2007).
1 Pertemuan 03 Ancaman dan Serangan Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 Pertemuan 26 Making It Happen Matakuliah: A0194/Pengendalian Rekayasa Ulang Informasi Tahun: 2005 Versi: 1/5.
1 Pertemuan 25 Bahasa-bahasa Pemrograman Matakuliah: T0604-Pengantar Teknologi Informasi Tahun: 2008 Versi: 2.0/0.0 Williams, B.K, Stacy C. Sawyer (2007).
CONTROLLING INFORMATION SYSTEMS
Pertemuan 15 Business and Information Process Rules, Risks, and Controls Matakuliah: M0034 /Informasi dan Proses Bisnis Tahun: 2005 Versi: 01/05.
1 Pertemuan 8 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 16 The Business Owner’s View Matakuliah: A0194/Pengendalian Rekayasa Ulang Informasi Tahun: 2005 Versi: 1/5.
© 2003 McGraw-Hill Australia Pty Ltd, PPTs t/a Accounting Information & Reporting Systems by A. Aseervatham and D. Anandarajah. Slides prepared by Kaye.
1 Pengembangan Sistem Informasi Williams, B.K, Stacy C. Sawyer (2007). Using Information Technology: A Practical Introduction to Computers & Communications.
Pertemuan 20 The Business Views of the Technology Architecture
Pertemuan 22 The Business Views of the Technology Architecture
Tahun : <<2005>> Versi : <<1/1>>
Pengembangan Sistem Informasi
Pengembangan Sistem Informasi
Presentation transcript:

1 Pertemuan 10 Membuat dan mengelola resiko dan kriminalitas sistem informasi Matakuliah: H0472 / Konsep Sistem Informasi Tahun: 2006 Versi: 1

2 Learning Outcomes Pada akhir pertemuan ini, diharapkan mahasiswa akan mampu : Menjelaskan sistem keamanan dan kontrol pada Teknologi Informasi

3 Outline Materi Ancaman terhadap kegagalan project Ancaman terhadap tidak berfungsinya sistem Ancaman terhadap kriminalitas komputer

4 Information System Security and Control Threat of Project Failure Threat of Accidents and Malfunctions Threat of Computer Crime Factors That Increase the Risks Methods for Minimizing Risks

5 Introductory Case: London Ambulance Service Wow, what a mess! What did they do wrong? Did they do anything right? Was this a system that should have even been attempted?

6 Threat of Project Failure When can projects fail? INITIATION The reasons for building the system have too little support. The system seems too expensive. DEVELOPMENT It is too difficult to define the requirements. The system is not technically feasible. The project is too difficult is too difficult for technical staff assigned. IMPLEMENTATION The system requires too great a change from existing work practices. Potential users dislike the system or resist using it. Too little effort is put into the implementation. OPERATION AND MAINTENANCE System controls are insufficient. Too little effort goes into supporting effective use. The system is not updated as business needs change.

7 Threat of Project Failure Remember this? What do you think the curve would look like for cost of failure?

8 Threat of Accidents and Malfunctions Operator error Hardware malfunction –Intel Pentium bug –Was like the embedded chip issue for Y2K Software bugs Data errors Damage to physical facilities –We’ll talk more about this for disaster recovery Inadequate system performance –London ambulance case

9 Threat of Computer Crime Theft –Physical (esp. laptops) Case of a laptop taken from the Pentagon in a conference room… Recently heard about Silicon Valley exec who lost laptop CCI insurance –Logical Unauthorized use Fraudulent data entry Unauthorized use/modification of data Sabotage and Vandalism –Trap door, Trojan Horse, Virus

10 Factors that Increase Risk Nature of Complex Systems Human Limitations Pressures in the Business Environment

11 Methods for Minimizing Risks Controlling System Development and Modifications Providing Security Training Maintaining Physical Security Controlling Access to Data, Computers, and Networks Controlling Transaction Processing Motivating Efficient and Effective Operation Auditing the Information System Preparing for Disasters

12 Minimize Risks…

13 Build the system correctly… Software change control

14 Train the users about security…

15 Maintain physical security…

16 Prevent unauthorized access to hardware and software… Manual data handling Access privileges Access control –What you know –What you have –Where you are –Who you are

17 Prevent unauthorized access to hardware and software… Be aware of network issues –Encrypt if necessary

18 Perform transactions correctly… Segregation of duties Data validation Error correction Backup & recovery

19 Innovate for efficiency… Monitor systems Look for opportunities Look for incentives Look for disincentives

20 Audit your system… Trust but verify…

21 Prepare for disasters… Remember Murphy's Law

22 Closing Ancaman terhadap kegagalan project Ancaman terhadap tidak berfungsinya sistem Ancaman terhadap kriminalitas komputer

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.