Download - Controls in information system
![Page 1: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/1.jpg)
IS security objective
Confidentialit
y
integrity
availability
![Page 2: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/2.jpg)
Sensitive information
![Page 3: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/3.jpg)
Sensitive information
Strategic plan – m & a pending, crucial decisions, major expension
Business operation – client lists, process and procedures (proprietary)
Finances - cost sheet, ratios(GP, NP), salaries wages, precise salary information, loans, dividends
![Page 4: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/4.jpg)
Need for control in IS
Increase the ability to capture, store, analyze and process data
Safeguard assets to maintain data integrityCovering access safeguards over computer
programs, data and any related equipmentSystem effectiveness and efficiency Control built in well designed system
![Page 5: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/5.jpg)
Impact of tech. on IC
![Page 6: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/6.jpg)
Categories of control
1. PREVENTIVE 1. ADMIN 1. PHYSICAL 1. MGMT.
2. DETECTIVE 2. OPERATION 2. LOGICAL 2. APP.3. CORRECTIVE 3. ACCOUNTS 3. ENVIORNMENTAL4. COMPENSATORY
OBJECTIVE FUNCTION AUDIT FUNCTION
IS RESOURCES
![Page 7: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/7.jpg)
FUNCTION
Admin – lawful, compliance of mgmt and other statutory requirements
Operation – effectiveness, efficiency, objective achieve, day to day business
Accounts – balance sheet, true & fair view, reliability of financial control
![Page 8: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/8.jpg)
OBJECTIVE
Preventive – designed to prevent and control error and any malicious activity
anti virus, passwords, firewall, smart cards, skilled personnel, segregation of duties,
Detective – designed to detect errors or malicious activitycctv, log, anti virus, audit, reconciliation Corrective – designed to reduce the impact of error or
malicious activityanti virus, back up, insurance, fire extinguisher, recovery plan Compensatory - reduce the probability of threats, many
devices are used in, cost of the lock should not be more than assets, organization may not be able to implement control in that cast compensatory control are used to such appropriateness
OTP, Buying something from reliance industries,
![Page 9: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/9.jpg)
IS RESOURCES
![Page 10: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/10.jpg)
Environmental
IssuesPrimarily due to elements of natureNatural resources, AC failure, electrical
shock
![Page 11: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/11.jpg)
Issues and revelations
Power supply to compiler equipment remains in specifications
AC system properly workingBack up media protected from damage,
magnet effect etc.Equipment kept free from dust and smokeFood, beverage and tobaco product are
prohibited
![Page 12: Controls in information system](https://reader034.vdocument.in/reader034/viewer/2022051503/5886c5e41a28abcc7d8b6153/html5/thumbnails/12.jpg)
controls
Water/smoke detectorsHand held fire extinguisherFire suppression systema)Dry pipe b) water based c) halogen• Regular inspection• Electrical surge protectors• Two substations• Emergency power off switches• wires in conduit and panels• Documented and tested emergency evacuation plans