1 / 11

Control

Control. Zulhizam Bin Ebrahim 4092007721 Mohd Shamir Bin Abd Azia 4092007261 Muhammad Salehin Bin Suhaimi 4123014302. Controls. Controls : constraints and restrictions imposed on a user or a system Controls can be used to secure against risks

ruana
Télécharger la présentation

Control

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Control Zulhizam Bin Ebrahim 4092007721 Mohd Shamir Bin Abd Azia 4092007261 Muhammad Salehin Bin Suhaimi 4123014302

  2. Controls • Controls: constraints and restrictions imposed on a user or a system • Controls can be used to secure against risks • Controls are also used to ensure that nonsensical data is not entered • Controls can reduce damage caused to systems, application, and data Management Information Systems, Sixth Edition

  3. Controls (continued) Management Information Systems, Sixth Edition

  4. Application Reliability and Data Entry Controls • A reliable application is one that can resist inappropriate usage such as incorrect data entry or processing • The application should provide clear messages when errors or deliberate misuses occur • Controls also translate business policies into system features Management Information Systems, Sixth Edition

  5. Backup • Backup: periodic duplication of all data • Redundant Arrays of Independent Disks (RAID): set of disks programmed to replicate stored data • Data must be routinely transported off-site as protection from a site disaster • Some companies specialize in data backup services or backup facilities for use in the event of a site disaster Management Information Systems, Sixth Edition

  6. Access Controls • Access controls: measures taken to ensure only authorized users have access to a computer, network, application, or data • Physical locks: lock the equipment in a secure facility • Software locks: determine who is authorized • Three types of access controls: • What you know: access codes, such as user ID and password • What you have: requires special devices • Who you are: unique physical characteristics Management Information Systems, Sixth Edition

  7. Access Controls (continued) • Access codes and passwords are usually stored in the OS or in a database • Security card is more secure than a password • Allows two-factor access • Biometric: uses unique physical characteristics such as fingerprints, retinal scans, or voiceprints • Up to 50% of help desk calls are from people who have forgotten their passwords • Biometrics can eliminate these kinds of calls Management Information Systems, Sixth Edition

  8. Atomic Transactions • Atomic transaction: a set of indivisible transactions • All of the transactions in the set must be completely executed, or none can be • Ensures that only full entry occurs in all the appropriate files to guarantee integrity of the data • Is also a control against malfunction and fraud Management Information Systems, Sixth Edition

  9. Atomic Transactions (continued) Management Information Systems, Sixth Edition

  10. Audit Trail • Audit trail: a series of documented facts that help detect who recorded which transactions, at what time, and under whose approval • Sometimes automatically created using data and timestamps • Certain policy and audit trail controls are required in some countries • Information systems auditor: a person whose job is to find and investigate fraudulent cases Management Information Systems, Sixth Edition

  11. The end……………

More Related