1] * There are ethicaql issues related to information technolohy:
.Privacy --- Privacy policies which are related to data collection problems, accuracy and confidentiality help organizations avoid legal issues.
.Intellectual property --- Intangible property created by corporations or individuals that is protected under trade secret, patents & copyritght laws.
* Intellectual property issues regarding IT's Software are the most common.
2] * Inforamtion security threats:
1. Intentional:
. Espionage
. Extortion
. Vandalism
. Theft
. Software attacks :
viruses - trojans horses - logic bombs - back doore - denial of service alien software - phishing - pharming
. Compromises to intellectual property
2. Unintentional:
. Human errors
. Environmental hazards
. Computer system failure
3] * There are different mechanisms to protect information systems --> Controls :
. Security procedures
. Physical guards
. Detection software.
* The controls are used for:
. Prevention
. Deterrence
. Detection
. Damage control
. Recovery
. Information system correction
* General controls:
1. Physical controls
2. Access controls
3. Administrative controls
4. Communication controls
* Another type of controls are Application controls:
1. Input controls
2. Processing controls
3. Output controls
4] * IS auditing is done around, through, using a computer.
. Internal & External IT auditing --> many issues that could be supported by Software & Checklists.
* IT auditing prepares for disaster ricovery .. how is that done??
Because it implies how to avoid, plan & fast recovery from any disaster.
.Privacy --- Privacy policies which are related to data collection problems, accuracy and confidentiality help organizations avoid legal issues.
.Intellectual property --- Intangible property created by corporations or individuals that is protected under trade secret, patents & copyritght laws.
* Intellectual property issues regarding IT's Software are the most common.
2] * Inforamtion security threats:
1. Intentional:
. Espionage
. Extortion
. Vandalism
. Theft
. Software attacks :
viruses - trojans horses - logic bombs - back doore - denial of service alien software - phishing - pharming
. Compromises to intellectual property
2. Unintentional:
. Human errors
. Environmental hazards
. Computer system failure
3] * There are different mechanisms to protect information systems --> Controls :
. Security procedures
. Physical guards
. Detection software.
* The controls are used for:
. Prevention
. Deterrence
. Detection
. Damage control
. Recovery
. Information system correction
* General controls:
1. Physical controls
2. Access controls
3. Administrative controls
4. Communication controls
* Another type of controls are Application controls:
1. Input controls
2. Processing controls
3. Output controls
4] * IS auditing is done around, through, using a computer.
. Internal & External IT auditing --> many issues that could be supported by Software & Checklists.
* IT auditing prepares for disaster ricovery .. how is that done??
Because it implies how to avoid, plan & fast recovery from any disaster.
End of Chapter ..
No comments:
Post a Comment