Control

of 11

Please download to get full document.

View again

All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
PDF
11 pages
0 downs
4 views
Share
Description
Control. Zulhizam Bin Ebrahim 4092007721 Mohd Shamir Bin Abd Azia 4092007261 Muhammad Salehin Bin Suhaimi 4123014302. Controls. Controls : constraints and restrictions imposed on a user or a system Controls can be used to secure against risks
Transcript
ControlZulhizam Bin Ebrahim 4092007721Mohd Shamir Bin Abd Azia 4092007261Muhammad Salehin Bin Suhaimi 4123014302Controls
  • Controls: constraints and restrictions imposed on a user or a system
  • Controls can be used to secure against risks
  • Controls are also used to ensure that nonsensical data is not entered
  • Controls can reduce damage caused to systems, application, and data
  • Management Information Systems, Sixth EditionControls (continued)Management Information Systems, Sixth EditionApplication Reliability and Data Entry Controls
  • A reliable application is one that can resist inappropriate usage such as incorrect data entry or processing
  • The application should provide clear messages when errors or deliberate misuses occur
  • Controls also translate business policies into system features
  • Management Information Systems, Sixth EditionBackup
  • Backup: periodic duplication of all data
  • Redundant Arrays of Independent Disks (RAID): set of disks programmed to replicate stored data
  • Data must be routinely transported off-site as protection from a site disaster
  • Some companies specialize in data backup services or backup facilities for use in the event of a site disaster
  • Management Information Systems, Sixth EditionAccess Controls
  • Access controls: measures taken to ensure only authorized users have access to a computer, network, application, or data
  • Physical locks: lock the equipment in a secure facility
  • Software locks: determine who is authorized
  • Three types of access controls:
  • What you know: access codes, such as user ID and password
  • What you have: requires special devices
  • Who you are: unique physical characteristics
  • Management Information Systems, Sixth EditionAccess Controls (continued)
  • Access codes and passwords are usually stored in the OS or in a database
  • Security card is more secure than a password
  • Allows two-factor access
  • Biometric: uses unique physical characteristics such as fingerprints, retinal scans, or voiceprints
  • Up to 50% of help desk calls are from people who have forgotten their passwords
  • Biometrics can eliminate these kinds of calls
  • Management Information Systems, Sixth EditionAtomic Transactions
  • Atomic transaction: a set of indivisible transactions
  • All of the transactions in the set must be completely executed, or none can be
  • Ensures that only full entry occurs in all the appropriate files to guarantee integrity of the data
  • Is also a control against malfunction and fraud
  • Management Information Systems, Sixth EditionAtomic Transactions (continued)Management Information Systems, Sixth EditionAudit Trail
  • Audit trail: a series of documented facts that help detect who recorded which transactions, at what time, and under whose approval
  • Sometimes automatically created using data and timestamps
  • Certain policy and audit trail controls are required in some countries
  • Information systems auditor: a person whose job is to find and investigate fraudulent cases
  • Management Information Systems, Sixth Edition The end……………
    Related Search
    We Need Your Support
    Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

    Thanks to everyone for your continued support.

    No, Thanks