Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.

Published byCandice Cobb Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL."— Presentation transcript:

1 1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL

2 2 Why Systems are Vulnerable Digital data –Can be duplicated/changed without being detected Networks –Connected to LANs, WANS, & the Internet –Anyone from inside/outside the organization can attempt to infiltrate information systems Data is now centralized and integrated

3 3 Different Types of Attacks Hacker –Person who gains unauthorized access to a computer network for profit, criminal mischief, or personal pleasure Cracker –A hacker with criminal intent Denial of Service (DOS) Attack –A hacker overloads a network server with a flood of requests for information, crashing network Computer virus –Many varieties, always changing Theft –Steal hardware, software, data

4 4 Other Threats Natural disasters –Tornado, hurricane, flood etc Man-made disasters –September 11 Human error –Data entry errors & data quality problems –Software bugs & defects

5 5 System Quality Issues Bugs –Program code defects or errors –Difficult / impossible to achieve zero bugs Maintenance –Modifying a system in production use –Can take up to 50% of IS Staff time Data Quality –Data input errors, or faulty design –Cause serious operational and financial problems

6 6 Creating a Control Environment Controls –Methods, policies, procedures to protect assets; accuracy & reliability of records; adherence to management standards General controls –Overall controls applied to all CBIS Application controls –Controls specific to each application

7 7 Ensuring Availability of Systems High-Availability computing –Computing environment to help firms recover quickly from a system crash Fault-tolerant computer systems –Systems that contain redundant hardware, software, etc. that can back up a system and keep it running to prevent system failure

8 8 Techniques Load balancing –Distributing requests across multiple servers Mirroring –Duplicating all procedures and transactions on backup server Clustering –Linking two computers, so one can act as backup

9 9 Internet Security Firewalls –Placed between internal LANs and external networks Need to write/maintain rules that dictate what comes in and what goes out. Intrusion Detection Systems –Automatically detects suspicious network traffic at most vulnerable points of network

10 10 Security and E-Commerce What can you do? –Encryption –Authentication –Digital signature –Digital certificate –SSL (secure sockets layer) protocol –SET (secure electronic transaction) protocol

11 11 Ensuring Software Quality Structured Methodologies –Structured Analysis –Structured Design –Structured Programming –CASE Tools

12 12 Structured Analysis Defines system inputs, processes and outputs Represent in Data Flow Diagrams (DFD)

13 13 Structured Design Designs systems top-down, hierarchical Uses structure charts

14 14 Structured Programming Uses structured design to create modules

15 15 CASE Tools Computer Aided Software Engineering Automation of software methodologies Reduces repetitive work Automated facilities for producing –Charts and diagrams –Screen and report generators –Data dictionaries –Documentation

16 16 Other issues Resource allocation during system development –How costs, time and personnel are assigned Software metrics –Quantify system performance Testing –Test, test, and then test some more!

Download ppt "1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL."

Similar presentations

14.1 © 2004 by Prentice Hall INFORMATIONSYSTEMS SECURITY AND CONTROL.

14.1 © 2004 by Prentice Hall INFORMATIONSYSTEMS SECURITY AND CONTROL.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.
4/15: Security & Controls in IS Systems Vulnerabilities Controls: what to use to guard against vulnerabilities –General controls –Application controls.

4/15: Security & Controls in IS Systems Vulnerabilities Controls: what to use to guard against vulnerabilities –General controls –Application controls.
Information System Security and Control Chapter 15 © 2005 by Prentice Hall Essentials of Management Information Systems, 6e Chapter 15 Information System.

Information System Security and Control Chapter 15 © 2005 by Prentice Hall Essentials of Management Information Systems, 6e Chapter 15 Information System.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Lecture 10 Security and Control.

Lecture 10 Security and Control.
Lecture 10 Security and Control.

Lecture 10 Security and Control.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.

10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Risks, Controls and Security Measures

Risks, Controls and Security Measures
14.1 © 2004 by Prentice Hall Management Information Systems 8/e Chapter 14 Information Systems Security and Control 14 INFORMATIONSYSTEMS SECURITY AND.

14.1 © 2004 by Prentice Hall Management Information Systems 8/e Chapter 14 Information Systems Security and Control 14 INFORMATIONSYSTEMS SECURITY AND.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Essentials of Management Information Systems, 6e Chapter 15 Information System Security and Control 15.1 © 2005 by Prentice Hall Information System Security.

Essentials of Management Information Systems, 6e Chapter 15 Information System Security and Control 15.1 © 2005 by Prentice Hall Information System Security.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
11.1 Copyright © 2005 Pearson Education Canada Inc. Management Information Systems, Second Canadian Edition Chapter 11: Information Systems Security, Quality,

11.1 Copyright © 2005 Pearson Education Canada Inc. Management Information Systems, Second Canadian Edition Chapter 11: Information Systems Security, Quality,
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Similar presentations

Ads by Google