Ch_07 - IT AUDIT SOLUTIONS MANUAL Chapter 7 Discussion...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: IT AUDIT SOLUTIONS MANUAL Chapter 7 Discussion Questions 7-1. What would be the differences in risks faced by an organization that used the Internet primarily to display content versus a business that conducted collaborative e- business? A company that primarily uses the Internet to publish information is much less at risk than one that engages in collaborative e-business. A web site with content and no exchange of data really has little risk. A site that allows the exchange of data back and forth among servers may allow unauthorized users to obtain access to internal networks. 7-2. What are the differences between the OSI protocol described in Chapter 6 and the TCP/IP protocol described in this chapter? OSI is the general network protocol and TCP/IP is the protocol for the Internet. OSI, consisting of seven layers, supports network interoperability, which allows disparate computers to communicate and share data. TCP/IP has a four-layered architecture. It allows communication and data sharing among computers across the Internet. The layers in OSI and TCP/IP map to each other and serve the same functions. 7-3. XML is developing as a language to facilitate the extraction and manipulation of data on the Internet. Discuss some of the obstacles likely in the development of a common language for communicating and manipulating e-business data. XML lets various groups of individuals or entities develop their own set of custom mark-up applications for their particular area of interest (e.g., accounting). An obstacle to its development is that each group must agree on standards for their mark-up domain, otherwise the ability to communicate is lost. There is also the issue that software developers must incorporate support for XML in their appropriate software. XML and its industry-specific derivatives will only be successful if it gains wide usage and acceptance. As of this writing, Microsoft plans to release MS Office 11 in mid-2003 - and it will include XML support. This development should have a dynamic impact on the future of XML. 7-4. Privacy is considered to be one of the biggest concerns in conducting consumer-to- business transactions across the Internet. Find the privacy policy for a popular online retailer and compare it with that of GE. Almost every web site has a privacy policy. 7-5. Discuss the difference between privacy and confidentiality issues for two businesses engaged in e-commerce. The AICPA/CICA Trust Services principles and criteria refer to online privacy as concerning personal information obtained from e-business transactions. Confidentiality, on the other hand, is considered to be information that has been agreed to be kept secret. Interestingly, confidential information does not have some of the rights of access that personal information does. It is also more difficult to define confidential information so it is important that parties conducting e- business clearly designate that which they consider to be confidential. Many of the controls that...
View Full Document

This note was uploaded on 05/08/2011 for the course BA 1 taught by Professor Peter during the Spring '11 term at University of Macau.

Page1 / 7

Ch_07 - IT AUDIT SOLUTIONS MANUAL Chapter 7 Discussion...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online