Presentation is loading. Please wait.

Presentation is loading. Please wait.

CONTROLLING INFORMATION SYSTEMS

Published byAmice Collins Modified over 8 years ago

Similar presentations

Presentation on theme: "CONTROLLING INFORMATION SYSTEMS"— Presentation transcript:

1 CONTROLLING INFORMATION SYSTEMS

2 Reasons Errors do occur in computer-based systems
Computers have been used for fraudulent purpose Computer systems and their software and data resources have been accidentally or maliciously destroyed

3 Effective Controls make:
To ensure information system security that is the accuracy, integrity, and safety of information systems activities and resources Minimize errors, fraud, and destruction in an information services organization Provide quality assurance for information systems Reduce the potential negative impact

4 Categories of Control Information system controls Procedural controls
Physical facility controls

5 Information System Controls
Ensure proper methods data entry, processing techniques, storage, and information output. Identify incorrect, invalid, or improper input data as it enters the computer system Processing controls are developed to identify errors in arithmetic calculations and logical operations

6 Procedural Controls: Help an organization maintain the accuracy and integrity of operations and systems Sketch out the duties of systems development, computer operations, and control of data and program files Standard procedures promotes uniformity and minimizes the chances of errors and fraud.

7 Physical Facility Controls:
Protect physical facilities and their contents from loss or destruction. Computer centers are subject to such hazards as accidents, natural disasters, sabotage, vandalism, unauthorized use Protect the hardware, software, and vital data resources of computer using organizations. Formal backup and recovery procedures. Training at least two people in the operation and maintenance of any critical system

8 INFORMATION SECURITY

9 Meaning Means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction Incorporate a range of policies, security products, technologies and procedures. A set of procedures and systems needs to be applied to effectively deter access to information.

10 Role of Hackers: Hackers are the people who break through information security systems. They use their technological skills to break into computer systems and access private information They bypass firewall with the right hardware. This makes loss of vital information, or a virus could be planted and erase all information They gain access to a network if a firewall is shut down for only a minute.

11 Role of an organization related to information security issues:
Must protect their information from loss Protecting valuable asset, such as tangible property, equipment, money, or staff by developing SOPs. Protect against accidental or malicious unauthorized disclosure, modification, or destruction or inability.

12 Basic Principle of Information Security:
Confidentiality Integrity Availability Trust Ethicality

13 COMPUTER CRIME

14 DEFINITION Criminal activities which involve the use of information technology To gain an illegal or an unauthorized access to a computer system with intent of damaging, deleting or altering computer data Activities such as electronic frauds, misuse of devices, identity theft and data

15 Types of Computer Crimes:
Hacking: The activity of breaking into a computer system to gain an unauthorized access is known as hacking Phishing: Phishing is the act of attempting to acquire sensitive information like usernames, passwords and credit card details. Computer Viruses: Viruses spread to other computers through network file system, USB drives and CDs

16 Crimes (Continued…) Cyber-stalking: Torture individuals through Internet by means of chat rooms, on-line forums and social networking websites, obscene s, abusive phone calls. Identity Theft: Involves stealing money and obtaining other benefits through the use of a false identity. Illegal migration, terrorism and blackmail

Download ppt "CONTROLLING INFORMATION SYSTEMS"

Similar presentations

By Andy Scott, Michael Murray and Adam Kanopa

By Andy Scott, Michael Murray and Adam Kanopa
AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.

AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Created by: Robert McAndrews Career & Technology Education Humble Independent School District.

Created by: Robert McAndrews Career & Technology Education Humble Independent School District.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Using Your Knowledge – Security Threats

Using Your Knowledge – Security Threats
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.

Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
Threats and Attacks Principles of Information Security, 2nd Edition

Threats and Attacks Principles of Information Security, 2nd Edition
Wonga example Register Question- What risks do you think businesses face due to IT developments?

Wonga example Register Question- What risks do you think businesses face due to IT developments?
Overview of IS Auditing n Need for control and Audit of Computers –Org cost of data loss –cost of incorrect decision –Value of hardware, software, personnel.

Overview of IS Auditing n Need for control and Audit of Computers –Org cost of data loss –cost of incorrect decision –Value of hardware, software, personnel.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
L o g o Types of Computer Crime Zhuravlev Alexander 326 MSLU.

L o g o Types of Computer Crime Zhuravlev Alexander 326 MSLU.
By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.

By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.

Similar presentations

Ads by Google