Control
This presentation is the property of its rightful owner.
Sponsored Links
1 / 11

Control PowerPoint PPT Presentation


  • 100 Views
  • Uploaded on
  • Presentation posted in: General

Control. Zulhizam Bin Ebrahim 4092007721 Mohd Shamir Bin Abd Azia 4092007261 Muhammad Salehin Bin Suhaimi 4123014302. Controls. Controls : constraints and restrictions imposed on a user or a system Controls can be used to secure against risks

Download Presentation

Control

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Control

Control

Zulhizam Bin Ebrahim 4092007721

Mohd Shamir Bin Abd Azia 4092007261

Muhammad Salehin Bin Suhaimi 4123014302


Controls

Controls

  • Controls: constraints and restrictions imposed on a user or a system

    • Controls can be used to secure against risks

    • Controls are also used to ensure that nonsensical data is not entered

  • Controls can reduce damage caused to systems, application, and data

Management Information Systems, Sixth Edition


Controls continued

Controls (continued)

Management Information Systems, Sixth Edition


Application reliability and data entry controls

Application Reliability and Data Entry Controls

  • A reliable application is one that can resist inappropriate usage such as incorrect data entry or processing

    • The application should provide clear messages when errors or deliberate misuses occur

  • Controls also translate business policies into system features

Management Information Systems, Sixth Edition


Backup

Backup

  • Backup: periodic duplication of all data

  • Redundant Arrays of Independent Disks (RAID): set of disks programmed to replicate stored data

  • Data must be routinely transported off-site as protection from a site disaster

  • Some companies specialize in data backup services or backup facilities for use in the event of a site disaster

Management Information Systems, Sixth Edition


Access controls

Access Controls

  • Access controls: measures taken to ensure only authorized users have access to a computer, network, application, or data

    • Physical locks: lock the equipment in a secure facility

    • Software locks: determine who is authorized

  • Three types of access controls:

    • What you know: access codes, such as user ID and password

    • What you have: requires special devices

    • Who you are: unique physical characteristics

Management Information Systems, Sixth Edition


Access controls continued

Access Controls (continued)

  • Access codes and passwords are usually stored in the OS or in a database

  • Security card is more secure than a password

    • Allows two-factor access

  • Biometric: uses unique physical characteristics such as fingerprints, retinal scans, or voiceprints

  • Up to 50% of help desk calls are from people who have forgotten their passwords

    • Biometrics can eliminate these kinds of calls

Management Information Systems, Sixth Edition


Atomic transactions

Atomic Transactions

  • Atomic transaction: a set of indivisible transactions

    • All of the transactions in the set must be completely executed, or none can be

    • Ensures that only full entry occurs in all the appropriate files to guarantee integrity of the data

    • Is also a control against malfunction and fraud

Management Information Systems, Sixth Edition


Atomic transactions continued

Atomic Transactions (continued)

Management Information Systems, Sixth Edition


Audit trail

Audit Trail

  • Audit trail: a series of documented facts that help detect who recorded which transactions, at what time, and under whose approval

    • Sometimes automatically created using data and timestamps

  • Certain policy and audit trail controls are required in some countries

  • Information systems auditor: a person whose job is to find and investigate fraudulent cases

Management Information Systems, Sixth Edition


The end

The end……………


  • Login