Session+4 - CLASS #1 Accounting Information Systems: An...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CLASS #1 Accounting Information Systems: An Overview August 2, 2010 HAPTER 8 Information Systems Controls for System Reliability Part 2: Confidentiality, Privacy, Processing Integrity, and Availability Summer 2010 UC Irvine MGMT 136: Accounting Information Systems 3 INTRODUCTION Questions to be addressed in this chapter include: What controls are used to protect the confidentiality of sensitive information? What controls are designed to protect privacy of customers personal information? What controls ensure processing integrity? How are information systems changes controlled to ensure that the new system satisfies all five principles of systems reliability? Summer 2010 UC Irvine MGMT 136: Accounting Information Systems 4 INTRODUCTION Reliable systems satisfy five principles: Information Security (discussed in Chapter 7) Confidentiality Privacy Processing integrity Availability SECURITY CONFIDENTIALITY PRIVACY PROCESSING INTEGRITY AVAILABILITY SYSTEMS RELIABILITY Summer 2010 UC Irvine MGMT 136: Accounting Information Systems 5 CONFIDENTIALITY Reliable systems maintain the confidentiality of sensitive information. SECURITY CONFIDENTIALITY PRIVACY PROCESSING INTEGRITY AVAILABILITY SYSTEMS RELIABILITY Summer 2010 UC Irvine MGMT 136: Accounting Information Systems 6 CONFIDENTIALITY Maintaining confidentiality requires that management identify which information is sensitive. Each organization will develop its own definitions of what information needs to be protected. Most definitions will include: Business plans Pricing strategies Client and customer lists Legal documents COBIT control objective PO 2.3 specifies the need to identify and to properly label potentially sensitive information, to assign responsibility for its protection, and to implement appropriate controls. Summer 2010 UC Irvine MGMT 136: Accounting Information Systems 7 CONFIDENTIALITY Table 8-1 in your textbook summaries key controls to protect confidentiality of information: Situation Controls Storage Encryption and access controls Transmission Encryption Disposal Shredding, thorough erasure, physical destruction Overall Categorization to reflect value and training in proper work practices Summer 2010 UC Irvine MGMT 136: Accounting Information Systems 8 CONFIDENTIALITY Encryption is a fundamental control procedure for protecting the confidentiality of sensitive information. Confidential information should be encrypted: While stored Whenever transmitted Summer 2010 UC Irvine MGMT 136: Accounting Information Systems 9 CONFIDENTIALITY The Internet provides inexpensive transmission, but data is easily intercepted....
View Full Document

Page1 / 288

Session+4 - CLASS #1 Accounting Information Systems: An...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online