Control
Sponsored Links
This presentation is the property of its rightful owner.
1 / 11

Control PowerPoint PPT Presentation


  • 119 Views
  • Uploaded on
  • Presentation posted in: General

Control. Zulhizam Bin Ebrahim 4092007721 Mohd Shamir Bin Abd Azia 4092007261 Muhammad Salehin Bin Suhaimi 4123014302. Controls. Controls : constraints and restrictions imposed on a user or a system Controls can be used to secure against risks

Download Presentation

Control

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Control

Zulhizam Bin Ebrahim 4092007721

Mohd Shamir Bin Abd Azia 4092007261

Muhammad Salehin Bin Suhaimi 4123014302


Controls

  • Controls: constraints and restrictions imposed on a user or a system

    • Controls can be used to secure against risks

    • Controls are also used to ensure that nonsensical data is not entered

  • Controls can reduce damage caused to systems, application, and data

Management Information Systems, Sixth Edition


Controls (continued)

Management Information Systems, Sixth Edition


Application Reliability and Data Entry Controls

  • A reliable application is one that can resist inappropriate usage such as incorrect data entry or processing

    • The application should provide clear messages when errors or deliberate misuses occur

  • Controls also translate business policies into system features

Management Information Systems, Sixth Edition


Backup

  • Backup: periodic duplication of all data

  • Redundant Arrays of Independent Disks (RAID): set of disks programmed to replicate stored data

  • Data must be routinely transported off-site as protection from a site disaster

  • Some companies specialize in data backup services or backup facilities for use in the event of a site disaster

Management Information Systems, Sixth Edition


Access Controls

  • Access controls: measures taken to ensure only authorized users have access to a computer, network, application, or data

    • Physical locks: lock the equipment in a secure facility

    • Software locks: determine who is authorized

  • Three types of access controls:

    • What you know: access codes, such as user ID and password

    • What you have: requires special devices

    • Who you are: unique physical characteristics

Management Information Systems, Sixth Edition


Access Controls (continued)

  • Access codes and passwords are usually stored in the OS or in a database

  • Security card is more secure than a password

    • Allows two-factor access

  • Biometric: uses unique physical characteristics such as fingerprints, retinal scans, or voiceprints

  • Up to 50% of help desk calls are from people who have forgotten their passwords

    • Biometrics can eliminate these kinds of calls

Management Information Systems, Sixth Edition


Atomic Transactions

  • Atomic transaction: a set of indivisible transactions

    • All of the transactions in the set must be completely executed, or none can be

    • Ensures that only full entry occurs in all the appropriate files to guarantee integrity of the data

    • Is also a control against malfunction and fraud

Management Information Systems, Sixth Edition


Atomic Transactions (continued)

Management Information Systems, Sixth Edition


Audit Trail

  • Audit trail: a series of documented facts that help detect who recorded which transactions, at what time, and under whose approval

    • Sometimes automatically created using data and timestamps

  • Certain policy and audit trail controls are required in some countries

  • Information systems auditor: a person whose job is to find and investigate fraudulent cases

Management Information Systems, Sixth Edition


The end……………


  • Login