SlideShare une entreprise Scribd logo

Is acca19(security and legal compliance)

T
Taibah University, College of Computer Science & Engineering

Security Physical threats Physical access control Building controls into an information system

TechnologieBusiness
1  sur  21
Télécharger pour lire hors ligne
1 Security and Legal Compliance (1) Lecture 19 Abdisalam Issa-Salwe Thames Valley University
Abdisalam Issa-Salwe, Thames Valley University 2 Topic list  Security  Physical threats  Physical access control  Building controls into an information system
Abdisalam Issa-Salwe, Thames Valley University 3 Security  Security in information management context means the protection of data from accidental or deliberate threats which might cause unauthorised modification, disclosure or destruction of data, and the protection of the information system from the degradation or non-availability of services
Abdisalam Issa-Salwe, Thames Valley University 4 Physical threats  Fire  Water  Weather  Lighting  Terrorist activity  Accidental damage
Abdisalam Issa-Salwe, Thames Valley University 5 Physical access control  Personal identification numbers (PINs)  Door locks  Card entry systems  Computer theft
Abdisalam Issa-Salwe, Thames Valley University 6 Building control into an information system  Control can be classified into:  Security control:  about protection of data from accidental or deliberate threats  Integrity control:  in the context of security is preserved when data is the same as in source documents and has not been accidentally or intentionally altered, destroyed or disclosed  System integrity: operating conforming to the design specification despite attempts (deliberate or accidental) to make it have incorrectly.  Contingency controls:  It is an unscheduled interruption of computing services that requires measures outside the day- to-day routing operating procedures
Abdisalam Issa-Salwe, Thames Valley University 7 Building control into an information system (cont)…  Data will maintain its integrity if it is complete and not corrupt. This means that:  The original input of the data must be controlled  Any processing and storage should be set up so that they are complete and correct
Abdisalam Issa-Salwe, Thames Valley University 8 Building control into an information system (cont)…  Input control should ensure the accuracy, completeness and validity:  Data verification involves ensuring data entered matches source documents  Data validating involves ensuring that data entered is not incomplete or unreasonable. Various checks:  Check digits  Control totals  Hash totals  Range checks  Limit checks
Abdisalam Issa-Salwe, Thames Valley University 9 Privacy and data protection  Privacy:  The right of the individual to control the use of information about him or her, including information on financial status, health and lifestyle (I.e. prevent unauthorised disclosure).
Abdisalam Issa-Salwe, Thames Valley University 10 Data protection principles  Personal data is information about a living individual, including expression of opinion about him or her. Data about organisation is not personal data  Data users are organisation or individuals who control personal data and the use of personal data  A data subject is an individual who is the subject of personal data
Abdisalam Issa-Salwe, Thames Valley University 11 Internet security issue  Establishing organisation links to the Internet brings numerous security dangers  Corruptions such as viruses on a single computer can spread through the network to all the organisation's computer  Hacking: involves attempting to gain unauthorised access to a computer system
Abdisalam Issa-Salwe, Thames Valley University 12 Type of virus/program  File virus: Files viruses infect program files  Boot sector or ‘stealth’ virus: the book sector is the part of every hard disk and diskette. The stealth virus hides from virus detection programs by hiding themselves in boot records or files.  Trojan: it is a small program that performs unexpected function. It hides itself inside a ‘valid’ program.  Logic bomb: a logic bomb is a program that is executed when a specific act is performed.
Abdisalam Issa-Salwe, Thames Valley University 13 Type of virus/program (cont…)  Time bomb: a time bomb is a program that is activated at a certain time or data, such as Friday the 13th or April 1st  Worm: it is a type of virus that can replicate (copy) itself and use memory, but cannot attach itself to other programs  Droppers: it is a program that installs a virus while performing another function
Abdisalam Issa-Salwe, Thames Valley University 14 Type of virus/program (cont…)  Macro virus: it is a piece of self- replicating cod written in an application’s ‘macro’ language. Example, Melissa was a well publicised macro virus
Abdisalam Issa-Salwe, Thames Valley University 15 Information systems and accountants  Accountants track companies’ expenses, as well as prepare, analyze and verify financial documents. They look for ways to run businesses more efficiently, keep public records and make sure taxes are paid properly.  Public accountants perform audits and prepare taxes for corporations, government agencies, nonprofits and individuals.
Abdisalam Issa-Salwe, Thames Valley University 16 Information systems and accountants (cont…)  Management accountants are members of the executive team who record and analyze information about budgets, costs and assets. Their work may support strategic planning or product development. They may also write financial reports for stockholders, creditors or government agencies.  Government accountants and auditors maintain and examine government records, or they audit private businesses or individuals on the government's behalf.  Internal auditors are fiscal police officers. They verify the accuracy of an organization's financial records and look for waste, mismanagement and fraud.
Abdisalam Issa-Salwe, Thames Valley University 17
Abdisalam Issa-Salwe, Thames Valley University 18
Abdisalam Issa-Salwe, Thames Valley University 19
Abdisalam Issa-Salwe, Thames Valley University 20
Abdisalam Issa-Salwe, Thames Valley University 21

Recommandé

Cybersecurity
CybersecurityCybersecurity
CybersecuritySabiha M
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to securityDhani Ahmad
 
Securing information system (Management Information System)
Securing information system (Management Information System)Securing information system (Management Information System)
Securing information system (Management Information System)Masudur Rahman
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security Sammer Qader
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security BackgroundNicholas Davis
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMANAND MURALI
 
Securing information system
Securing information systemSecuring information system
Securing information systemTanjim Rasul
 

Recommandé

Cybersecurity
CybersecurityCybersecurity
CybersecuritySabiha M
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to securityDhani Ahmad
 
Securing information system (Management Information System)
Securing information system (Management Information System)Securing information system (Management Information System)
Securing information system (Management Information System)Masudur Rahman
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security Sammer Qader
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security BackgroundNicholas Davis
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMANAND MURALI
 
Securing information system
Securing information systemSecuring information system
Securing information systemTanjim Rasul
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
Infromation Assurance
Infromation AssuranceInfromation Assurance
Infromation AssuranceAkshay Pal
 
Cyber security
Cyber securityCyber security
Cyber securityAkdu095
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)Biswajit Bhattacharjee
 
Overview
OverviewOverview
Overviewphanleson
 
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...karthikasivakumar3
 
Information security management iso27001
Information security management iso27001Information security management iso27001
Information security management iso27001Hiran Kanishka
 
USG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptxUSG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptxBilmyRikas
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.pptamuthadeepa
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information SystemDaryl Conson
 
Security And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation TechnologySecurity And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation Technologyparamalways
 
Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Donald E. Hester
 
Cat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsCat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsSimeon Ogao
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challengesLouie Medinaceli
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
information security technology
information security technologyinformation security technology
information security technologygarimasagar
 
Infromation securiity
Infromation securiityInfromation securiity
Infromation securiityAamir Sohail
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical ChallengesRam Dutt Shukla
 
How to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdfHow to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdfrohit219406
 
security system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxsecurity system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxdesalewminale
 

Contenu connexe

Tendances

InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
Infromation Assurance
Infromation AssuranceInfromation Assurance
Infromation AssuranceAkshay Pal
 
Cyber security
Cyber securityCyber security
Cyber securityAkdu095
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)Biswajit Bhattacharjee
 
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...karthikasivakumar3
 
Information security management iso27001
Information security management iso27001Information security management iso27001
Information security management iso27001Hiran Kanishka
 
USG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptxUSG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptxBilmyRikas
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.pptamuthadeepa
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information SystemDaryl Conson
 
Security And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation TechnologySecurity And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation Technologyparamalways
 
Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Donald E. Hester
 
Cat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsCat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsSimeon Ogao
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challengesLouie Medinaceli
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
information security technology
information security technologyinformation security technology
information security technologygarimasagar
 
Infromation securiity
Infromation securiityInfromation securiity
Infromation securiityAamir Sohail
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical ChallengesRam Dutt Shukla
 

Tendances (20)

InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
 
Infromation Assurance
Infromation AssuranceInfromation Assurance
Infromation Assurance
 
Cyber security
Cyber securityCyber security
Cyber security
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
 
Overview
OverviewOverview
Overview
 
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
 
Information security management iso27001
Information security management iso27001Information security management iso27001
Information security management iso27001
 
USG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptxUSG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptx
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.ppt
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information System
 
Security And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation TechnologySecurity And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation Technology
 
Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001
 
Cat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsCat21:Development Mangement Information Systems
Cat21:Development Mangement Information Systems
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challenges
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
information security technology
information security technologyinformation security technology
information security technology
 
Infromation securiity
Infromation securiityInfromation securiity
Infromation securiity
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical Challenges
 

Similaire à Is acca19(security and legal compliance)

How to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdfHow to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdfrohit219406
 
security system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxsecurity system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxdesalewminale
 
Chapter 5 Selected Topics in computer.pptx
Chapter 5 Selected Topics in computer.pptxChapter 5 Selected Topics in computer.pptx
Chapter 5 Selected Topics in computer.pptxAschalewAyele2
 
Fundamentals of Information Security..pdf
Fundamentals of Information Security..pdfFundamentals of Information Security..pdf
Fundamentals of Information Security..pdfZahid Hussain
 
Database Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every OrganizationDatabase Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every OrganizationApril Dillard
 
Himmatullah Ferozee Assingnment.pptx
Himmatullah Ferozee Assingnment.pptxHimmatullah Ferozee Assingnment.pptx
Himmatullah Ferozee Assingnment.pptxMobeenMasoudi
 
mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsESET North America
 
mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsKristie Allison
 
Information System Security
Information System Security Information System Security
Information System Security Syed Asif Sherazi
 
Cyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptxCyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptxhimanshuratnama
 
Security in network computing
Security in network computingSecurity in network computing
Security in network computingManoj VNV
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to securityMukesh Chinta
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce SecurityMrUmairKhan1
 

Similaire à Is acca19(security and legal compliance) (20)

How to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdfHow to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdf
 
security system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxsecurity system by desu star chapter 1.pptx
security system by desu star chapter 1.pptx
 
MIS 7.pptx
MIS 7.pptxMIS 7.pptx
MIS 7.pptx
 
Chapter 5 Selected Topics in computer.pptx
Chapter 5 Selected Topics in computer.pptxChapter 5 Selected Topics in computer.pptx
Chapter 5 Selected Topics in computer.pptx
 
Fundamentals of Information Security..pdf
Fundamentals of Information Security..pdfFundamentals of Information Security..pdf
Fundamentals of Information Security..pdf
 
Database Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every OrganizationDatabase Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every Organization
 
Security Ch-1.pptx
Security Ch-1.pptxSecurity Ch-1.pptx
Security Ch-1.pptx
 
Himmatullah Ferozee Assingnment.pptx
Himmatullah Ferozee Assingnment.pptxHimmatullah Ferozee Assingnment.pptx
Himmatullah Ferozee Assingnment.pptx
 
mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and Solutions
 
mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and Solutions
 
Information System Security
Information System Security Information System Security
Information System Security
 
Module -5 Security.pdf
Module -5 Security.pdfModule -5 Security.pdf
Module -5 Security.pdf
 
Cyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptxCyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptx
 
Security in network computing
Security in network computingSecurity in network computing
Security in network computing
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
Data Security
Data SecurityData Security
Data Security
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
 
Health Information Privacy and Security
Health Information Privacy and SecurityHealth Information Privacy and Security
Health Information Privacy and Security
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
 

Plus de Taibah University, College of Computer Science & Engineering

Plus de Taibah University, College of Computer Science & Engineering (20)

Lecture 1- Computer Organization and Architecture.pdf
Lecture 1- Computer Organization and Architecture.pdfLecture 1- Computer Organization and Architecture.pdf
Lecture 1- Computer Organization and Architecture.pdf
 
The paper the welfare state of the somali nation - a possible solution to t...
The paper the welfare state of the somali nation - a possible solution to t...The paper the welfare state of the somali nation - a possible solution to t...
The paper the welfare state of the somali nation - a possible solution to t...
 
Colonial intrusion and_the_somali_resistance
Colonial intrusion and_the_somali_resistanceColonial intrusion and_the_somali_resistance
Colonial intrusion and_the_somali_resistance
 
Lecture 3 (Contemporary approaches to Information Systems)
Lecture 3 (Contemporary approaches to Information Systems)Lecture 3 (Contemporary approaches to Information Systems)
Lecture 3 (Contemporary approaches to Information Systems)
 
Lecture 7 (business-level strategy and the value chain model)
Lecture 7 (business-level strategy and the value chain model)Lecture 7 (business-level strategy and the value chain model)
Lecture 7 (business-level strategy and the value chain model)
 
Lecture 4 (using information technology for competitive advantage)
Lecture 4 (using information technology for competitive advantage)Lecture 4 (using information technology for competitive advantage)
Lecture 4 (using information technology for competitive advantage)
 
Lecture 2 (major types of information systems in organizations)
Lecture 2 (major types of information systems in organizations)Lecture 2 (major types of information systems in organizations)
Lecture 2 (major types of information systems in organizations)
 
Practical session 1 (critical path analaysis)
Practical session 1 (critical path analaysis)Practical session 1 (critical path analaysis)
Practical session 1 (critical path analaysis)
 
Chapter 2 modeling the process and life-cycle
Chapter 2 modeling the process and life-cycleChapter 2 modeling the process and life-cycle
Chapter 2 modeling the process and life-cycle
 
Historical Perspective on the Challenge Facing the Somali Sacral Unity
Historical Perspective on the Challenge Facing the Somali Sacral UnityHistorical Perspective on the Challenge Facing the Somali Sacral Unity
Historical Perspective on the Challenge Facing the Somali Sacral Unity
 
Colonial intrusion and the Somali Resistance
Colonial intrusion and the Somali ResistanceColonial intrusion and the Somali Resistance
Colonial intrusion and the Somali Resistance
 
Lecture 8 (information systems and strategy planning)
Lecture 8 (information systems and strategy planning)Lecture 8 (information systems and strategy planning)
Lecture 8 (information systems and strategy planning)
 
Lecture 4 (using information technology for competitive advantage)
Lecture 4 (using information technology for competitive advantage)Lecture 4 (using information technology for competitive advantage)
Lecture 4 (using information technology for competitive advantage)
 
Lecture1 data structure(introduction)
Lecture1 data structure(introduction)Lecture1 data structure(introduction)
Lecture1 data structure(introduction)
 
Lecture2 is331 data&infomanag(databaseenv)
Lecture2 is331 data&infomanag(databaseenv)Lecture2 is331 data&infomanag(databaseenv)
Lecture2 is331 data&infomanag(databaseenv)
 
Lecture1 is322 data&infomanag(introduction)(old curr)
Lecture1 is322 data&infomanag(introduction)(old curr)Lecture1 is322 data&infomanag(introduction)(old curr)
Lecture1 is322 data&infomanag(introduction)(old curr)
 
Lecture6 is353(ea&data viewpoint )
Lecture6 is353(ea&data viewpoint )Lecture6 is353(ea&data viewpoint )
Lecture6 is353(ea&data viewpoint )
 
Lecture4 is353-ea(fea)
Lecture4 is353-ea(fea)Lecture4 is353-ea(fea)
Lecture4 is353-ea(fea)
 
Lecture3 is353-ea(togaf)
Lecture3 is353-ea(togaf)Lecture3 is353-ea(togaf)
Lecture3 is353-ea(togaf)
 
Lecture2 is353-ea(the zachma framework)
Lecture2 is353-ea(the zachma framework)Lecture2 is353-ea(the zachma framework)
Lecture2 is353-ea(the zachma framework)
 

Dernier

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 

Dernier (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 

Is acca19(security and legal compliance)

  • 1. 1 Security and Legal Compliance (1) Lecture 19 Abdisalam Issa-Salwe Thames Valley University
  • 2. Abdisalam Issa-Salwe, Thames Valley University 2 Topic list  Security  Physical threats  Physical access control  Building controls into an information system
  • 3. Abdisalam Issa-Salwe, Thames Valley University 3 Security  Security in information management context means the protection of data from accidental or deliberate threats which might cause unauthorised modification, disclosure or destruction of data, and the protection of the information system from the degradation or non-availability of services
  • 4. Abdisalam Issa-Salwe, Thames Valley University 4 Physical threats  Fire  Water  Weather  Lighting  Terrorist activity  Accidental damage
  • 5. Abdisalam Issa-Salwe, Thames Valley University 5 Physical access control  Personal identification numbers (PINs)  Door locks  Card entry systems  Computer theft
  • 6. Abdisalam Issa-Salwe, Thames Valley University 6 Building control into an information system  Control can be classified into:  Security control:  about protection of data from accidental or deliberate threats  Integrity control:  in the context of security is preserved when data is the same as in source documents and has not been accidentally or intentionally altered, destroyed or disclosed  System integrity: operating conforming to the design specification despite attempts (deliberate or accidental) to make it have incorrectly.  Contingency controls:  It is an unscheduled interruption of computing services that requires measures outside the day- to-day routing operating procedures
  • 7. Abdisalam Issa-Salwe, Thames Valley University 7 Building control into an information system (cont)…  Data will maintain its integrity if it is complete and not corrupt. This means that:  The original input of the data must be controlled  Any processing and storage should be set up so that they are complete and correct
  • 8. Abdisalam Issa-Salwe, Thames Valley University 8 Building control into an information system (cont)…  Input control should ensure the accuracy, completeness and validity:  Data verification involves ensuring data entered matches source documents  Data validating involves ensuring that data entered is not incomplete or unreasonable. Various checks:  Check digits  Control totals  Hash totals  Range checks  Limit checks
  • 9. Abdisalam Issa-Salwe, Thames Valley University 9 Privacy and data protection  Privacy:  The right of the individual to control the use of information about him or her, including information on financial status, health and lifestyle (I.e. prevent unauthorised disclosure).
  • 10. Abdisalam Issa-Salwe, Thames Valley University 10 Data protection principles  Personal data is information about a living individual, including expression of opinion about him or her. Data about organisation is not personal data  Data users are organisation or individuals who control personal data and the use of personal data  A data subject is an individual who is the subject of personal data
  • 11. Abdisalam Issa-Salwe, Thames Valley University 11 Internet security issue  Establishing organisation links to the Internet brings numerous security dangers  Corruptions such as viruses on a single computer can spread through the network to all the organisation's computer  Hacking: involves attempting to gain unauthorised access to a computer system
  • 12. Abdisalam Issa-Salwe, Thames Valley University 12 Type of virus/program  File virus: Files viruses infect program files  Boot sector or ‘stealth’ virus: the book sector is the part of every hard disk and diskette. The stealth virus hides from virus detection programs by hiding themselves in boot records or files.  Trojan: it is a small program that performs unexpected function. It hides itself inside a ‘valid’ program.  Logic bomb: a logic bomb is a program that is executed when a specific act is performed.
  • 13. Abdisalam Issa-Salwe, Thames Valley University 13 Type of virus/program (cont…)  Time bomb: a time bomb is a program that is activated at a certain time or data, such as Friday the 13th or April 1st  Worm: it is a type of virus that can replicate (copy) itself and use memory, but cannot attach itself to other programs  Droppers: it is a program that installs a virus while performing another function
  • 14. Abdisalam Issa-Salwe, Thames Valley University 14 Type of virus/program (cont…)  Macro virus: it is a piece of self- replicating cod written in an application’s ‘macro’ language. Example, Melissa was a well publicised macro virus
  • 15. Abdisalam Issa-Salwe, Thames Valley University 15 Information systems and accountants  Accountants track companies’ expenses, as well as prepare, analyze and verify financial documents. They look for ways to run businesses more efficiently, keep public records and make sure taxes are paid properly.  Public accountants perform audits and prepare taxes for corporations, government agencies, nonprofits and individuals.
  • 16. Abdisalam Issa-Salwe, Thames Valley University 16 Information systems and accountants (cont…)  Management accountants are members of the executive team who record and analyze information about budgets, costs and assets. Their work may support strategic planning or product development. They may also write financial reports for stockholders, creditors or government agencies.  Government accountants and auditors maintain and examine government records, or they audit private businesses or individuals on the government's behalf.  Internal auditors are fiscal police officers. They verify the accuracy of an organization's financial records and look for waste, mismanagement and fraud.
  • 17. Abdisalam Issa-Salwe, Thames Valley University 17
  • 18. Abdisalam Issa-Salwe, Thames Valley University 18
  • 19. Abdisalam Issa-Salwe, Thames Valley University 19
  • 20. Abdisalam Issa-Salwe, Thames Valley University 20
  • 21. Abdisalam Issa-Salwe, Thames Valley University 21