Information Systems Security and Control Chapter 14.

Slides:



Advertisements
Similar presentations
1 E-business Security and Control 2 Opening Case: Visa 10 commandments for online merchants – Maintaining a network firewall – Keeping security patches.
Advertisements

14.1 © 2004 by Prentice Hall INFORMATIONSYSTEMS SECURITY AND CONTROL.
Crime and Security in the Networked Economy Part 4.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.
4/15: Security & Controls in IS Systems Vulnerabilities Controls: what to use to guard against vulnerabilities –General controls –Application controls.
Information System Security and Control Chapter 15 © 2005 by Prentice Hall Essentials of Management Information Systems, 6e Chapter 15 Information System.
Lecture 10 Security and Control.
Lecture 10 Security and Control.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Risks, Controls and Security Measures
Sixth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Essentials of Management Information Systems, 6e Chapter 15 Information System Security and Control 15.1 © 2005 by Prentice Hall Information System Security.
Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.
11.1 Copyright © 2005 Pearson Education Canada Inc. Management Information Systems, Second Canadian Edition Chapter 11: Information Systems Security, Quality,
Prepared by:Nahed AlSalah Data Security 2 Unit 19.
Misbahuddin Azzuhri SE. MM. CPHR.
Chapter 8 Security and Control.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.
Securing Information Systems
7.1 © 2007 by Prentice Hall 10 Chapter Securing Information Systems.
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
Chapter 17: Computer Audits ACCT620 Internal Accounting Otto Chang Professor of Accounting.
14. CONTROLLING INFORMATION SYSTEMS 14. CONTROLLING INFORMATION SYSTEMS 14.1.
Overview of Systems Audit
7.1 © 2007 by Prentice Hall 7 Chapter Securing Information Systems.
1 I.Assets and Treats Information System Assets That Must Be Protected People People Hardware Hardware Software Software Operating systems Operating systems.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
C8- Securing Information Systems
8.1 © 2007 by Prentice Hall Minggu ke 6 Chapter 8 Securing Information Systems Chapter 8 Securing Information Systems.
11.1 Copyright © 2005 Pearson Education Canada Inc. Management Information Systems, Second Canadian Edition Chapter 11: Information Systems Security, Quality,
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.
1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.
SESSION 14 INFORMATION SYSTEMS SECURITY AND CONTROL.
Learning Objectives Demonstrate why info systems are vulnerable to destruction, error, abuse, quality control problemsDemonstrate why info systems are.
CPS ® and CAP ® Examination Review OFFICE SYTEMS AND TECHNOLOGY, Fifth Edition By Schroeder and Graf ©2005 Pearson Education, Inc. Pearson Prentice Hall.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,
Chap1: Is there a Security Problem in Computing?.
Copyright © 2007 Pearson Education Canada 23-1 Chapter 23: Using Advanced Skills.
Chapter 7 1Artificial Intelligent. OBJECTIVES Explain why information systems need special protection from destruction, error, and abuse Assess the business.
© 2014 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
14.1 © 2003 by Prentice Hall 14 INFORMATIONSYSTEMS SECURITY AND CONTROL Chapter.
Information Systems Design and Development Security Precautions Computing Science.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.
LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.
Securing Information Systems
Securing Information Systems
INFORMATION SYSTEMS SECURITY AND CONTROL.
Chapter 8 – Administering Security
INFORMATION SYSTEMS SECURITY & CONTROL
APPLICATION RISK AND CONTROLS
Securing Information Systems
Computer-Based Processing: Developing an Audit Assessment Approach
Chapter 10 Security and Control.
INFORMATION SYSTEMS SECURITY and CONTROL
Information Systems Security and Control
Presentation transcript:

Information Systems Security and Control Chapter 14

Scalability and Stress Tests  CNN web traffic during the presidential election – ? Times more  Performance failure often accompany a web site’s success –Scalability –Wealth effect –vulnerability

September 11, 2001  Lean (JIT) system faced serious impact on unpredictable disruptions  Need to be able to dynamically handle the “surge and ebb” of lead times when traditional conditions no longer exist.

Balanced systems  Neither over-controlled nor under- controlled –Opposite forces: ease of use of a system  No perfect systems – no system without hidden bugs  No free lunch – no system without constant maintenance and modification

Fragility of IT systems  Health and Normal usage –No drink, no food, etc  Fire, flood,  User errors  Program changes  Electrical surge or outage  Hardware and software failure

maliciousness  Unauthorized access  Degree of exposure  Ease of intercept – radio frequency bands –Hacker –Computer viruses – antivirus software

Look no further  Human error – ignorant and self protection  System error – defected system and complicated setting  Shallow and weak foundation – domino effects and man-made disasters

Preparedness  Security and quality according to the importance of the data and operation –Visa USA systems: duplicated systems and fault-tolerant computer systems –A dental office patients management system

Controls  General controls  Application controls

General controls  Controls over the system implementation process  Software controls  Physical hardware controls  Computer operations controls  Data security controls  Administrative disciplines, standards, and procedures

Application controls  Input controls –Control totals –Edit checks  Processing control –Run control totals –Computer pattern matchings  Output control

Security and E-commerce  Encryption  Public key encryption  Authentication  Message integrity  Digital signature  Digital certificate

E-payment systems  Digital wallet  E-cash  Electronic check  Smart card

System quality  Rigorous methodologies in system development  Spent more on front end – right system analysis, specification, and design - to reduce cost on the back end – rework, and maintenance  Use software metrics to assess system performance continuously

System audit  Surveying end users for their perceptions of data quality and system performance  Surveying entire data files  Surveying samples from data files

Software Quality Assurance Methodologies and Tools  Structured methodologies  Structured Analysis – Data Flow Diagram  Structured Design  Structured Programming  CASE  Software Metrics  Structure Walkthrough

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.