Download presentation
Presentation is loading. Please wait.
Published byClarissa Terry Modified over 9 years ago
1
Zulhizam Bin Ebrahim 4092007721 Mohd Shamir Bin Abd Azia 4092007261 Muhammad Salehin Bin Suhaimi 4123014302
2
Management Information Systems, Sixth Edition2 Controls: constraints and restrictions imposed on a user or a system ◦ Controls can be used to secure against risks ◦ Controls are also used to ensure that nonsensical data is not entered Controls can reduce damage caused to systems, application, and data
3
Management Information Systems, Sixth Edition3
4
4 A reliable application is one that can resist inappropriate usage such as incorrect data entry or processing ◦ The application should provide clear messages when errors or deliberate misuses occur Controls also translate business policies into system features
5
Management Information Systems, Sixth Edition5 Backup: periodic duplication of all data Redundant Arrays of Independent Disks (RAID): set of disks programmed to replicate stored data Data must be routinely transported off-site as protection from a site disaster Some companies specialize in data backup services or backup facilities for use in the event of a site disaster
6
Management Information Systems, Sixth Edition6 Access controls: measures taken to ensure only authorized users have access to a computer, network, application, or data ◦ Physical locks: lock the equipment in a secure facility ◦ Software locks: determine who is authorized Three types of access controls: ◦ What you know: access codes, such as user ID and password ◦ What you have: requires special devices ◦ Who you are: unique physical characteristics
7
Management Information Systems, Sixth Edition7 Access codes and passwords are usually stored in the OS or in a database Security card is more secure than a password ◦ Allows two-factor access Biometric: uses unique physical characteristics such as fingerprints, retinal scans, or voiceprints Up to 50% of help desk calls are from people who have forgotten their passwords ◦ Biometrics can eliminate these kinds of calls
8
Management Information Systems, Sixth Edition8 Atomic transaction: a set of indivisible transactions ◦ All of the transactions in the set must be completely executed, or none can be ◦ Ensures that only full entry occurs in all the appropriate files to guarantee integrity of the data ◦ Is also a control against malfunction and fraud
9
Management Information Systems, Sixth Edition9
10
10 Audit trail: a series of documented facts that help detect who recorded which transactions, at what time, and under whose approval ◦ Sometimes automatically created using data and timestamps Certain policy and audit trail controls are required in some countries Information systems auditor: a person whose job is to find and investigate fraudulent cases
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.