SlideShare una empresa de Scribd logo

Is acca19(security and legal compliance)

T
Taibah University, College of Computer Science & Engineering

Security Physical threats Physical access control Building controls into an information system

TecnologíaEmpresariales
1 de 21
Descargar para leer sin conexión
1 Security and Legal Compliance (1) Lecture 19 Abdisalam Issa-Salwe Thames Valley University
Abdisalam Issa-Salwe, Thames Valley University 2 Topic list  Security  Physical threats  Physical access control  Building controls into an information system
Abdisalam Issa-Salwe, Thames Valley University 3 Security  Security in information management context means the protection of data from accidental or deliberate threats which might cause unauthorised modification, disclosure or destruction of data, and the protection of the information system from the degradation or non-availability of services
Abdisalam Issa-Salwe, Thames Valley University 4 Physical threats  Fire  Water  Weather  Lighting  Terrorist activity  Accidental damage
Abdisalam Issa-Salwe, Thames Valley University 5 Physical access control  Personal identification numbers (PINs)  Door locks  Card entry systems  Computer theft
Abdisalam Issa-Salwe, Thames Valley University 6 Building control into an information system  Control can be classified into:  Security control:  about protection of data from accidental or deliberate threats  Integrity control:  in the context of security is preserved when data is the same as in source documents and has not been accidentally or intentionally altered, destroyed or disclosed  System integrity: operating conforming to the design specification despite attempts (deliberate or accidental) to make it have incorrectly.  Contingency controls:  It is an unscheduled interruption of computing services that requires measures outside the day- to-day routing operating procedures
Abdisalam Issa-Salwe, Thames Valley University 7 Building control into an information system (cont)…  Data will maintain its integrity if it is complete and not corrupt. This means that:  The original input of the data must be controlled  Any processing and storage should be set up so that they are complete and correct
Abdisalam Issa-Salwe, Thames Valley University 8 Building control into an information system (cont)…  Input control should ensure the accuracy, completeness and validity:  Data verification involves ensuring data entered matches source documents  Data validating involves ensuring that data entered is not incomplete or unreasonable. Various checks:  Check digits  Control totals  Hash totals  Range checks  Limit checks
Abdisalam Issa-Salwe, Thames Valley University 9 Privacy and data protection  Privacy:  The right of the individual to control the use of information about him or her, including information on financial status, health and lifestyle (I.e. prevent unauthorised disclosure).
Abdisalam Issa-Salwe, Thames Valley University 10 Data protection principles  Personal data is information about a living individual, including expression of opinion about him or her. Data about organisation is not personal data  Data users are organisation or individuals who control personal data and the use of personal data  A data subject is an individual who is the subject of personal data
Abdisalam Issa-Salwe, Thames Valley University 11 Internet security issue  Establishing organisation links to the Internet brings numerous security dangers  Corruptions such as viruses on a single computer can spread through the network to all the organisation's computer  Hacking: involves attempting to gain unauthorised access to a computer system
Abdisalam Issa-Salwe, Thames Valley University 12 Type of virus/program  File virus: Files viruses infect program files  Boot sector or ‘stealth’ virus: the book sector is the part of every hard disk and diskette. The stealth virus hides from virus detection programs by hiding themselves in boot records or files.  Trojan: it is a small program that performs unexpected function. It hides itself inside a ‘valid’ program.  Logic bomb: a logic bomb is a program that is executed when a specific act is performed.
Abdisalam Issa-Salwe, Thames Valley University 13 Type of virus/program (cont…)  Time bomb: a time bomb is a program that is activated at a certain time or data, such as Friday the 13th or April 1st  Worm: it is a type of virus that can replicate (copy) itself and use memory, but cannot attach itself to other programs  Droppers: it is a program that installs a virus while performing another function
Abdisalam Issa-Salwe, Thames Valley University 14 Type of virus/program (cont…)  Macro virus: it is a piece of self- replicating cod written in an application’s ‘macro’ language. Example, Melissa was a well publicised macro virus
Abdisalam Issa-Salwe, Thames Valley University 15 Information systems and accountants  Accountants track companies’ expenses, as well as prepare, analyze and verify financial documents. They look for ways to run businesses more efficiently, keep public records and make sure taxes are paid properly.  Public accountants perform audits and prepare taxes for corporations, government agencies, nonprofits and individuals.
Abdisalam Issa-Salwe, Thames Valley University 16 Information systems and accountants (cont…)  Management accountants are members of the executive team who record and analyze information about budgets, costs and assets. Their work may support strategic planning or product development. They may also write financial reports for stockholders, creditors or government agencies.  Government accountants and auditors maintain and examine government records, or they audit private businesses or individuals on the government's behalf.  Internal auditors are fiscal police officers. They verify the accuracy of an organization's financial records and look for waste, mismanagement and fraud.
Abdisalam Issa-Salwe, Thames Valley University 17
Abdisalam Issa-Salwe, Thames Valley University 18
Abdisalam Issa-Salwe, Thames Valley University 19
Abdisalam Issa-Salwe, Thames Valley University 20
Abdisalam Issa-Salwe, Thames Valley University 21

Recomendados

Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Sabiha M
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to security
Dhani Ahmad
 
Securing information system (Management Information System)
Securing information system (Management Information System)Securing information system (Management Information System)
Securing information system (Management Information System)
Masudur Rahman
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security
Sammer Qader
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
Nicholas Davis
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
Nada G.Youssef
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEM
ANAND MURALI
 
Securing information system
Securing information systemSecuring information system
Securing information system
Tanjim Rasul
 

Recomendados

Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Sabiha M
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to security
Dhani Ahmad
 
Securing information system (Management Information System)
Securing information system (Management Information System)Securing information system (Management Information System)
Securing information system (Management Information System)
Masudur Rahman
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security
Sammer Qader
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
Nicholas Davis
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
Nada G.Youssef
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEM
ANAND MURALI
 
Securing information system
Securing information systemSecuring information system
Securing information system
Tanjim Rasul
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
learnt
 
Infromation Assurance
Infromation AssuranceInfromation Assurance
Infromation Assurance
Akshay Pal
 
Cyber security
Cyber securityCyber security
Cyber security
Akdu095
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
Biswajit Bhattacharjee
 
Overview
OverviewOverview
Overview
phanleson
 
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
karthikasivakumar3
 
Information security management iso27001
Information security management iso27001Information security management iso27001
Information security management iso27001
Hiran Kanishka
 
USG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptxUSG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptx
BilmyRikas
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.ppt
amuthadeepa
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
Ahmed Moussa
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information System
Daryl Conson
 
Security And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation TechnologySecurity And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation Technology
paramalways
 
Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001
Donald E. Hester
 
Cat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsCat21:Development Mangement Information Systems
Cat21:Development Mangement Information Systems
Simeon Ogao
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
Online
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challenges
Louie Medinaceli
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
jayashri kolekar
 
information security technology
information security technologyinformation security technology
information security technology
garimasagar
 
Infromation securiity
Infromation securiityInfromation securiity
Infromation securiity
Aamir Sohail
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical Challenges
Ram Dutt Shukla
 
How to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdfHow to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdf
rohit219406
 
security system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxsecurity system by desu star chapter 1.pptx
security system by desu star chapter 1.pptx
desalewminale
 

Más contenido relacionado

La actualidad más candente

InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
learnt
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
Biswajit Bhattacharjee
 
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
karthikasivakumar3
 
USG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptxUSG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptx
BilmyRikas
 
Security And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation TechnologySecurity And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation Technology
paramalways
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challenges
Louie Medinaceli
 
information security technology
information security technologyinformation security technology
information security technology
garimasagar
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical Challenges
Ram Dutt Shukla
 

La actualidad más candente (20)

InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
 
Infromation Assurance
Infromation AssuranceInfromation Assurance
Infromation Assurance
 
Cyber security
Cyber securityCyber security
Cyber security
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
 
Overview
OverviewOverview
Overview
 
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
 
Information security management iso27001
Information security management iso27001Information security management iso27001
Information security management iso27001
 
USG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptxUSG_Security_Awareness_Primer.pptx
USG_Security_Awareness_Primer.pptx
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.ppt
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information System
 
Security And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation TechnologySecurity And Ethical Challenges Of Infornation Technology
Security And Ethical Challenges Of Infornation Technology
 
Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001
 
Cat21:Development Mangement Information Systems
Cat21:Development Mangement Information SystemsCat21:Development Mangement Information Systems
Cat21:Development Mangement Information Systems
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challenges
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
information security technology
information security technologyinformation security technology
information security technology
 
Infromation securiity
Infromation securiityInfromation securiity
Infromation securiity
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical Challenges
 

Similar a Is acca19(security and legal compliance)

How to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdfHow to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdf
rohit219406
 
MIS 7.pptx
MIS 7.pptxMIS 7.pptx
MIS 7.pptx
Omar91305
 
Chapter 5 Selected Topics in computer.pptx
Chapter 5 Selected Topics in computer.pptxChapter 5 Selected Topics in computer.pptx
Chapter 5 Selected Topics in computer.pptx
AschalewAyele2
 
Fundamentals of Information Security..pdf
Fundamentals of Information Security..pdfFundamentals of Information Security..pdf
Fundamentals of Information Security..pdf
Zahid Hussain
 
Database Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every OrganizationDatabase Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every Organization
April Dillard
 
Himmatullah Ferozee Assingnment.pptx
Himmatullah Ferozee Assingnment.pptxHimmatullah Ferozee Assingnment.pptx
Himmatullah Ferozee Assingnment.pptx
MobeenMasoudi
 
Information System Security
Information System Security Information System Security
Information System Security
Syed Asif Sherazi
 

Similar a Is acca19(security and legal compliance) (20)

How to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdfHow to secure information systemsSolutionAnswerInformation.pdf
How to secure information systemsSolutionAnswerInformation.pdf
 
security system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxsecurity system by desu star chapter 1.pptx
security system by desu star chapter 1.pptx
 
MIS 7.pptx
MIS 7.pptxMIS 7.pptx
MIS 7.pptx
 
Chapter 5 Selected Topics in computer.pptx
Chapter 5 Selected Topics in computer.pptxChapter 5 Selected Topics in computer.pptx
Chapter 5 Selected Topics in computer.pptx
 
Fundamentals of Information Security..pdf
Fundamentals of Information Security..pdfFundamentals of Information Security..pdf
Fundamentals of Information Security..pdf
 
Database Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every OrganizationDatabase Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every Organization
 
Security Ch-1.pptx
Security Ch-1.pptxSecurity Ch-1.pptx
Security Ch-1.pptx
 
Himmatullah Ferozee Assingnment.pptx
Himmatullah Ferozee Assingnment.pptxHimmatullah Ferozee Assingnment.pptx
Himmatullah Ferozee Assingnment.pptx
 
mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and Solutions
 
mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and Solutions
 
Information System Security
Information System Security Information System Security
Information System Security
 
Module -5 Security.pdf
Module -5 Security.pdfModule -5 Security.pdf
Module -5 Security.pdf
 
Cyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptxCyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptx
 
Security in network computing
Security in network computingSecurity in network computing
Security in network computing
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
Data Security
Data SecurityData Security
Data Security
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
 
Health Information Privacy and Security
Health Information Privacy and SecurityHealth Information Privacy and Security
Health Information Privacy and Security
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
 

Más de Taibah University, College of Computer Science & Engineering

Lecture1 is322 data&infomanag(introduction)(old curr)
Lecture1 is322 data&infomanag(introduction)(old curr)Lecture1 is322 data&infomanag(introduction)(old curr)
Lecture1 is322 data&infomanag(introduction)(old curr)
Taibah University, College of Computer Science & Engineering
 

Más de Taibah University, College of Computer Science & Engineering (20)

Lecture 1- Computer Organization and Architecture.pdf
Lecture 1- Computer Organization and Architecture.pdfLecture 1- Computer Organization and Architecture.pdf
Lecture 1- Computer Organization and Architecture.pdf
 
The paper the welfare state of the somali nation - a possible solution to t...
The paper the welfare state of the somali nation - a possible solution to t...The paper the welfare state of the somali nation - a possible solution to t...
The paper the welfare state of the somali nation - a possible solution to t...
 
Colonial intrusion and_the_somali_resistance
Colonial intrusion and_the_somali_resistanceColonial intrusion and_the_somali_resistance
Colonial intrusion and_the_somali_resistance
 
Lecture 3 (Contemporary approaches to Information Systems)
Lecture 3 (Contemporary approaches to Information Systems)Lecture 3 (Contemporary approaches to Information Systems)
Lecture 3 (Contemporary approaches to Information Systems)
 
Lecture 7 (business-level strategy and the value chain model)
Lecture 7 (business-level strategy and the value chain model)Lecture 7 (business-level strategy and the value chain model)
Lecture 7 (business-level strategy and the value chain model)
 
Lecture 4 (using information technology for competitive advantage)
Lecture 4 (using information technology for competitive advantage)Lecture 4 (using information technology for competitive advantage)
Lecture 4 (using information technology for competitive advantage)
 
Lecture 2 (major types of information systems in organizations)
Lecture 2 (major types of information systems in organizations)Lecture 2 (major types of information systems in organizations)
Lecture 2 (major types of information systems in organizations)
 
Practical session 1 (critical path analaysis)
Practical session 1 (critical path analaysis)Practical session 1 (critical path analaysis)
Practical session 1 (critical path analaysis)
 
Chapter 2 modeling the process and life-cycle
Chapter 2 modeling the process and life-cycleChapter 2 modeling the process and life-cycle
Chapter 2 modeling the process and life-cycle
 
Historical Perspective on the Challenge Facing the Somali Sacral Unity
Historical Perspective on the Challenge Facing the Somali Sacral UnityHistorical Perspective on the Challenge Facing the Somali Sacral Unity
Historical Perspective on the Challenge Facing the Somali Sacral Unity
 
Colonial intrusion and the Somali Resistance
Colonial intrusion and the Somali ResistanceColonial intrusion and the Somali Resistance
Colonial intrusion and the Somali Resistance
 
Lecture 8 (information systems and strategy planning)
Lecture 8 (information systems and strategy planning)Lecture 8 (information systems and strategy planning)
Lecture 8 (information systems and strategy planning)
 
Lecture 4 (using information technology for competitive advantage)
Lecture 4 (using information technology for competitive advantage)Lecture 4 (using information technology for competitive advantage)
Lecture 4 (using information technology for competitive advantage)
 
Lecture1 data structure(introduction)
Lecture1 data structure(introduction)Lecture1 data structure(introduction)
Lecture1 data structure(introduction)
 
Lecture2 is331 data&infomanag(databaseenv)
Lecture2 is331 data&infomanag(databaseenv)Lecture2 is331 data&infomanag(databaseenv)
Lecture2 is331 data&infomanag(databaseenv)
 
Lecture1 is322 data&infomanag(introduction)(old curr)
Lecture1 is322 data&infomanag(introduction)(old curr)Lecture1 is322 data&infomanag(introduction)(old curr)
Lecture1 is322 data&infomanag(introduction)(old curr)
 
Lecture6 is353(ea&data viewpoint )
Lecture6 is353(ea&data viewpoint )Lecture6 is353(ea&data viewpoint )
Lecture6 is353(ea&data viewpoint )
 
Lecture4 is353-ea(fea)
Lecture4 is353-ea(fea)Lecture4 is353-ea(fea)
Lecture4 is353-ea(fea)
 
Lecture3 is353-ea(togaf)
Lecture3 is353-ea(togaf)Lecture3 is353-ea(togaf)
Lecture3 is353-ea(togaf)
 
Lecture2 is353-ea(the zachma framework)
Lecture2 is353-ea(the zachma framework)Lecture2 is353-ea(the zachma framework)
Lecture2 is353-ea(the zachma framework)
 

Último

Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Último (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

Is acca19(security and legal compliance)

  • 1. 1 Security and Legal Compliance (1) Lecture 19 Abdisalam Issa-Salwe Thames Valley University
  • 2. Abdisalam Issa-Salwe, Thames Valley University 2 Topic list  Security  Physical threats  Physical access control  Building controls into an information system
  • 3. Abdisalam Issa-Salwe, Thames Valley University 3 Security  Security in information management context means the protection of data from accidental or deliberate threats which might cause unauthorised modification, disclosure or destruction of data, and the protection of the information system from the degradation or non-availability of services
  • 4. Abdisalam Issa-Salwe, Thames Valley University 4 Physical threats  Fire  Water  Weather  Lighting  Terrorist activity  Accidental damage
  • 5. Abdisalam Issa-Salwe, Thames Valley University 5 Physical access control  Personal identification numbers (PINs)  Door locks  Card entry systems  Computer theft
  • 6. Abdisalam Issa-Salwe, Thames Valley University 6 Building control into an information system  Control can be classified into:  Security control:  about protection of data from accidental or deliberate threats  Integrity control:  in the context of security is preserved when data is the same as in source documents and has not been accidentally or intentionally altered, destroyed or disclosed  System integrity: operating conforming to the design specification despite attempts (deliberate or accidental) to make it have incorrectly.  Contingency controls:  It is an unscheduled interruption of computing services that requires measures outside the day- to-day routing operating procedures
  • 7. Abdisalam Issa-Salwe, Thames Valley University 7 Building control into an information system (cont)…  Data will maintain its integrity if it is complete and not corrupt. This means that:  The original input of the data must be controlled  Any processing and storage should be set up so that they are complete and correct
  • 8. Abdisalam Issa-Salwe, Thames Valley University 8 Building control into an information system (cont)…  Input control should ensure the accuracy, completeness and validity:  Data verification involves ensuring data entered matches source documents  Data validating involves ensuring that data entered is not incomplete or unreasonable. Various checks:  Check digits  Control totals  Hash totals  Range checks  Limit checks
  • 9. Abdisalam Issa-Salwe, Thames Valley University 9 Privacy and data protection  Privacy:  The right of the individual to control the use of information about him or her, including information on financial status, health and lifestyle (I.e. prevent unauthorised disclosure).
  • 10. Abdisalam Issa-Salwe, Thames Valley University 10 Data protection principles  Personal data is information about a living individual, including expression of opinion about him or her. Data about organisation is not personal data  Data users are organisation or individuals who control personal data and the use of personal data  A data subject is an individual who is the subject of personal data
  • 11. Abdisalam Issa-Salwe, Thames Valley University 11 Internet security issue  Establishing organisation links to the Internet brings numerous security dangers  Corruptions such as viruses on a single computer can spread through the network to all the organisation's computer  Hacking: involves attempting to gain unauthorised access to a computer system
  • 12. Abdisalam Issa-Salwe, Thames Valley University 12 Type of virus/program  File virus: Files viruses infect program files  Boot sector or ‘stealth’ virus: the book sector is the part of every hard disk and diskette. The stealth virus hides from virus detection programs by hiding themselves in boot records or files.  Trojan: it is a small program that performs unexpected function. It hides itself inside a ‘valid’ program.  Logic bomb: a logic bomb is a program that is executed when a specific act is performed.
  • 13. Abdisalam Issa-Salwe, Thames Valley University 13 Type of virus/program (cont…)  Time bomb: a time bomb is a program that is activated at a certain time or data, such as Friday the 13th or April 1st  Worm: it is a type of virus that can replicate (copy) itself and use memory, but cannot attach itself to other programs  Droppers: it is a program that installs a virus while performing another function
  • 14. Abdisalam Issa-Salwe, Thames Valley University 14 Type of virus/program (cont…)  Macro virus: it is a piece of self- replicating cod written in an application’s ‘macro’ language. Example, Melissa was a well publicised macro virus
  • 15. Abdisalam Issa-Salwe, Thames Valley University 15 Information systems and accountants  Accountants track companies’ expenses, as well as prepare, analyze and verify financial documents. They look for ways to run businesses more efficiently, keep public records and make sure taxes are paid properly.  Public accountants perform audits and prepare taxes for corporations, government agencies, nonprofits and individuals.
  • 16. Abdisalam Issa-Salwe, Thames Valley University 16 Information systems and accountants (cont…)  Management accountants are members of the executive team who record and analyze information about budgets, costs and assets. Their work may support strategic planning or product development. They may also write financial reports for stockholders, creditors or government agencies.  Government accountants and auditors maintain and examine government records, or they audit private businesses or individuals on the government's behalf.  Internal auditors are fiscal police officers. They verify the accuracy of an organization's financial records and look for waste, mismanagement and fraud.
  • 17. Abdisalam Issa-Salwe, Thames Valley University 17
  • 18. Abdisalam Issa-Salwe, Thames Valley University 18
  • 19. Abdisalam Issa-Salwe, Thames Valley University 19
  • 20. Abdisalam Issa-Salwe, Thames Valley University 20
  • 21. Abdisalam Issa-Salwe, Thames Valley University 21