Professional Documents
Culture Documents
Module Outline MIM737
Module Outline MIM737
A. INTRODUCTION
Operations Management
Computer operations
Data preparation
1. Boundary controls
Access controls – functions of an Access control mechanism, object resources, action privileges,
implementing an ACM, dynamics of authorization
Cryptographic controls – private key and public key cryptosystems, transposition ciphers, substituition
ciphers and product ciphers, choosing a cipher system, key management – key generation,key
distribution, key installation.
Digital signatures – secret messages, signed messages, signed, secret messages
2. Input Controls
Data and Instruction Input – data capture methods, data preparation methods, input devices, data codes,
data coding errors, types of codes, check digits, instruction input, data input validation checks, designing
data input validation program, handling of errors
Validation and Error Control – lexical validation, syntactic validation, semantic validation
Communication Controls
Component failure
Subversive threats – passive and active threats
Controls over component failure
Treatment of line errors
Error detection – loop checks, redundancy checks, parity checks
Error correction – error correcting codes, retransmission
Improving network reliability
Controls over subversive threats – link encryption, end to end encryption, message authentication codes,
message sequence numbers, request-response mechanism
Firewalls, intrusion detection systems, secure email,
3. Processing Controls
Processor controls – real memory controls, error detection and correction, access controls, operating
system integrity, nature of a secure operating system, functional requirements, design approaches,
operating system integrity threats.
Application software controls – validation checks
5. Security policies
2. Ron Weber, “Information Systems Control and Audit”, Pearson Education, 2004.
4. Hunton, J.E., Bryant, S.M., and Bagranoff, N.A., Core Concepts of Information Technology Auditing,
John Wiley & Sons, 2004