Presentation is loading. Please wait.

Presentation is loading. Please wait.

Systems Design Chapter 6.

Published byΟλυμπία Ζάρκος Modified over 5 years ago

Similar presentations

Presentation on theme: "Systems Design Chapter 6."— Presentation transcript:

1 Systems Design Chapter 6

2 Outline Design Phase Integrity & Security Controls
Describe the Environment Design Application Components Note: other tasks described in other lectures Integrity & Security Controls Integrity Input controls Output controls Fraud Recovery Security

3 DESIGN What is Design? ANALYSIS IMPLEMENTATION "the Bridge"
"Requirements gathering" "Construction" Less user involvement More technical specialists Modeling the solution The blueprint

4 SDLC Phase: Design Core Process 4: Design system components
Environment Application components User interfaces (Ch 8) Database (Ch 9) Software classes (Ch 12-14)

5 Describe the Environment
Describe not define! System designer does not have control of the environment. Many times we have to conform to what is already there. Environment External Systems Communciation protocols, message formats Security methods Organization’s Technology Architecture Desktops, Mobile Devices Servers Operating Systems Networks Database Management Systems Network Diagram

6 Describe the Environment
Location Diagram Deployment Diagram

7 Design Application Components
a well defined unit of software that performs some function(s) Desktop Application P.O.S. System Website Mobile App

8 Design Application Components
Package Diagram Determine major components Subsystems Packages used to group related functionality into one group/namespace Multi-Layer Design

9 Integrity & Security Controls

10 Designing Integrity Controls
Input Output Recovery Fraud Security Designing Integrity Controls Input Controls - preventing erroneous data What could go wrong? Data entry errors Missing information Inaccurate & unreliable data What can we do? Value limit controls Completeness controls Data validation controls Field combination controls Other Lookup tables Check digits

11 Designing Integrity Controls
Input Output Recovery Fraud Security Designing Integrity Controls Output Controls - ensuring that info arrives at proper destination, is accurate, current, & complete What could go wrong? Missing printed reports with sensitive data Making decisions off of incomplete reports Making decisions off of old data What can we do? Limit physical access to printers Dispose of discarded output properly Label printed output properly page 1 of 10 timestamp

12 Designing Integrity Controls
Input Output Recovery Fraud Security Designing Integrity Controls Backups & Recovery, Redundancies - protecting from data loss What could go wrong? Destruction of data due to: Human error Hardware failure Disaster Malicious intent What can we do? Backup & Recovery Redundancy

13 Designing Integrity Controls
Input Output Recovery Fraud Security Designing Integrity Controls Fraud Prevention – preventing unauthorized transactions by authorized users What could go wrong? What can we do? Separation of duties Records & Audit trails Transaction Logging Monitoring Unusual transactions Asset control Limit physical access Security Opportunity Motive Rationalization Fraud Triangle

14 Designing Security Controls
Input Output Recovery Fraud Security Designing Security Controls Access Controls – preventing unauthorized access by unauthorized users What could go wrong? Networks or systems accessed or attacked Data viewed and/or copied by unauthorized users What can we do? Access Controls Authentication Authorization Data Encryption Symmetric vs Asymmetric Public key encryption Digital Signatures & Certificates Secure Transactions

Download ppt "Systems Design Chapter 6."

Similar presentations

Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Chapter 12 Designing System Interfaces, Controls, and Security

Chapter 12 Designing System Interfaces, Controls, and Security
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.

Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
8.

8.
Systems Analysis and Design in a Changing World, 6th Edition

Systems Analysis and Design in a Changing World, 6th Edition
Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.

Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.
Risks, Controls and Security Measures

Risks, Controls and Security Measures
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.

Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
14 Systems Analysis and Design in a Changing World, Fourth Edition.

14 Systems Analysis and Design in a Changing World, Fourth Edition.
1 Output Controls Ensure that system output is not lost, misdirected, or corrupted and that privacy is not violated. Exposures of this sort can cause serious.

1 Output Controls Ensure that system output is not lost, misdirected, or corrupted and that privacy is not violated. Exposures of this sort can cause serious.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Chapter 19 Security.

Chapter 19 Security.
Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
General Ledger and Reporting System

General Ledger and Reporting System
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
INFO 355Week #61 Systems Analysis II Essentials of design INFO 355 Glenn Booker.

INFO 355Week #61 Systems Analysis II Essentials of design INFO 355 Glenn Booker.
Chapter 10: Computer Controls for Organizations and Accounting Information Systems

Chapter 10: Computer Controls for Organizations and Accounting Information Systems
Data and Database Administration

Data and Database Administration

Similar presentations

Ads by Google