1 / 29

Learning Objectives

MSIS 5623 Chapter 15. 3. The IS Department . The reporting relationship of the ISD is important in that it reflects the focus of the department. If the ISD reports to the accounting or finance areas, there is often a tendency to emphasize accounting or finance applications at the expense of those in

elspeth
Download Presentation

Learning Objectives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. MSIS 5623 Chapter 15 1 Chapter 15

    2. MSIS 5623 Chapter 15 2 Learning Objectives Recognize the difficulties in managing information resources. Understand the role of the IS department and its relationships with end users. Discuss the role of the chief information officer. Recognize information systems’ vulnerability, attack methods, and the possible damage from malfunctions. Describe the major methods of defending information systems. Describe the security issues of the Web and electronic commerce. Describe business continuity and disaster recovery planning. Understand the economics of security and risk management. Describe the role of IT in supporting counterterrorism.

    3. MSIS 5623 Chapter 15 3 The IS Department The reporting relationship of the ISD is important in that it reflects the focus of the department. If the ISD reports to the accounting or finance areas, there is often a tendency to emphasize accounting or finance applications at the expense of those in the marketing, production, and logistics areas. The name of the ISD is also important. Data Processing (DP) Department. Management Information Systems (MIS) Department Information Systems Department (ISD) Another important characteristic is the status of the ISD

    4. MSIS 5623 Chapter 15 4 The End-User Relationship To improve collaboration, the ISD and end users may employ three common arrangements: the steering committee service-level agreements the information center.

    5. MSIS 5623 Chapter 15 5 The End-User Relationship - continued

    6. MSIS 5623 Chapter 15 6 The CIO (Chief Information Officer) The changing role of the ISD highlights the fact that the CIO is becoming an important member of the firm's top management team. Realization of the need for IT-related disaster planning and the importance of IT to the firm’s activities. Aligning IT with the business strategy Implementing state-of-the-art solutions Providing information access Being a business visionary who drives business strategy Coordinating resources

    7. MSIS 5623 Chapter 15 7 The Transition Environment

    8. MSIS 5623 Chapter 15 8 IS Vulnerability

    9. MSIS 5623 Chapter 15 9 IT Security Terms

    10. MSIS 5623 Chapter 15 10 System Vulnerability

    11. MSIS 5623 Chapter 15 11 System Vulnerability Continued These threats can be classified as: Unintentional Human errors Environmental hazards Computer system failures Intentional Theft of data Inappropriate use of data Theft of mainframe com­puter time Theft of equipment and/or programs

    12. MSIS 5623 Chapter 15 12 System Vulnerability Continued Intentional continued Deliberate manipulation in handling Entering data Processing data Transferring data Programming data Labor strikes Riots Sabotage Malicious damage to computer resources Destruction from viruses and similar attacks Miscellaneous computer abuses Internet fraud. Terrorists’ attack

    13. MSIS 5623 Chapter 15 13 Programming Attack – One method

    14. MSIS 5623 Chapter 15 14 Viruses – One method

    15. MSIS 5623 Chapter 15 15 Protecting Information Resources Aligned. The program must be aligned with organizational goals. Enterprisewide. Everyone in the organization must be included. Continuous. The program must be operational all the time. Proactive. Use innovative, preventive, and protective measures. Validated. The program must be tested to ensure it works. Formal. It must include authority, responsibility & accountability.

    16. MSIS 5623 Chapter 15 16 Corporate Security Plan - Protecting

    17. MSIS 5623 Chapter 15 17 Difficulties - Protecting

    18. MSIS 5623 Chapter 15 18 Defense Strategy - Protecting The major objectives of a defense strategy are: Prevention and deterrence. Detection. Limitation of damage. Recovery. Correction Awareness and compliance

    19. MSIS 5623 Chapter 15 19 Defense Strategy - Controls

    20. MSIS 5623 Chapter 15 20 Defense Strategy – Biometric

    21. MSIS 5623 Chapter 15 21 Defense Strategy – Internet Security

    22. MSIS 5623 Chapter 15 22 Business Continuity

    23. MSIS 5623 Chapter 15 23 Business Continuity continued

    24. MSIS 5623 Chapter 15 24 Auditing

    25. MSIS 5623 Chapter 15 25 Risk Management

    26. MSIS 5623 Chapter 15 26 IT Security Trends Increasing the reliability of systems Self-healing computers Intelligent systems for early intrusion detection Intelligent systems in auditing and fraud detection Artificial intelligence in biometrics Expert systems for diagnosis, prognosis, and disaster planning Smart cards

    27. MSIS 5623 Chapter 15 27 MANAGERIAL ISSUES

    28. MSIS 5623 Chapter 15 28 MANAGERIAL ISSUES Continued

    29. MSIS 5623 Chapter 15 29 MANAGERIAL ISSUES Continued

More Related