Professional Documents
Culture Documents
Security and Ethical Challenges
Security and Ethical Challenges
Security and Ethical Challenges
CHALLENGES
“Security” means the policies, procedures & technical
measures used to prevent
unauthorized access,
alteration,
theft,
physical damage to information systems.
To maintain information confidentiality
Causes of Accidents:
1. Operator Error
2. Hardware Malfunctions
3. Software bugs
4. Data Errors
5. Accidental disclosure of Information
6. Natural calamities.
2. Threat of Computer Crime
Theft
i) Theft of Software & Equipment
Right to privacy
Technological growth
Unethical use of Information Technology
Informed Consent
Those affected by technology should understand & accept
risk
Justice
The benefit & burden of technology should be distributed
freely.
INFORMATION SYSTEM
CONTROLS
“Controls” are constraints or restrictions imposed on a
user or system against the risk or to reduce damage caused
to the system.
A) Edit Checks
These are programmed routines that can be performed
to edit input data for errors before they are processed.
B) Control Totals
These are established before hand for input and
processing transactions.
II Processing Controls
These are the routines for establishing that data are
complete and accurate during updating.
A) Check Points
These minimize the effect of processing errors or
failures, since processing can be restarted from last
checkpoint.
B) Computer Matching
It matches input data with information held on master data.
III Output Controls
These are the measures that ensure that the results of
computer processing are accurate, complete and properly
distributed.
A) Control Totals
Control totals on output are usually compared with
control totals generated during input & processing
stages.
B) Report Distribution Logs
Documentation specifying that authorized recipients
have received their reports and other documents.
IV Storage Controls
These are measures taken to protect the stored data
resources.
A) Passwords
Databases and files are protected from unauthorized
access by security programs that require proper
identification before they can be used.
B) Backup Files
These are duplicate files of data or programs