Integrity, Internal Control and Security in Information Systems


Book Description

IT Governance is finally getting the Board's and top management's attention. The value that IT needs to return and the associated risks that need to be managed, have become so important in many industries that enterprise survival depends on it. Information integrity is a significant part of the IT Governance challenge. Among other things, this conference will explore how Information Integrity contributes to the overall control and governance frameworks that enterprises need to put in place for IT to deliver business value and for corporate officers to be comfortable about the IT risks the enterprise faces. The goals for this international working conference are to find answers to the following questions: • what precisely do business managers need in order to have confidence in the integrity of their information systems and their data; • what is the status quo of research and development in this area; • where are the gaps between business needs on the one hand and research I development on the other; what needs to be done to bridge these gaps. The contributions have been divided in the following sections: • Refereed papers. These are papers that have been selected through a blind refereeing process by an international programme committee. • Invited papers. Well known experts present practice and research papers upon invitation by the programme committee. • Tutorial. Two papers describe the background, status quo and future development of CobiT as well as a case of an implementation of Co biT.




Computers at Risk


Book Description

Computers at Risk presents a comprehensive agenda for developing nationwide policies and practices for computer security. Specific recommendations are provided for industry and for government agencies engaged in computer security activities. The volume also outlines problems and opportunities in computer security research, recommends ways to improve the research infrastructure, and suggests topics for investigators. The book explores the diversity of the field, the need to engineer countermeasures based on speculation of what experts think computer attackers may do next, why the technology community has failed to respond to the need for enhanced security systems, how innovators could be encouraged to bring more options to the marketplace, and balancing the importance of security against the right of privacy.




Standards for Internal Control in the Federal Government


Book Description

Policymakers and program managers are continually seeking ways to improve accountability in achieving an entity's mission. A key factor in improving accountability in achieving an entity's mission is to implement an effective internal control system. An effective internal control system helps an entity adapt to shifting environments, evolving demands, changing risks, and new priorities. As programs change and entities strive to improve operational processes and implement new technology, management continually evaluates its internal control system so that it is effective and updated when necessary. Section 3512 (c) and (d) of Title 31 of the United States Code (commonly known as the Federal Managers' Financial Integrity Act (FMFIA)) requires the Comptroller General to issue standards for internal control in the federal government.




Integrity and Internal Control in Information Systems V


Book Description

Integrity and Internal Control in Information Systems V represents a continuation of the dialogue between researchers, information security specialists, internal control specialists and the business community. The objectives of this dialogue are: -To present methods and techniques that will help business achieve the desired level of integrity in information systems and data; -To present the results of research that may be used in the near future to increase the level of integrity or help management maintain the desired level of integrity; -To investigate the shortcomings in the technologies presently in use, shortcomings that require attention in order to protect the integrity of systems in general. The book contains a collection of papers from the Fifth International Working Conference on Integrity and Internal Control in Information Systems (IICIS), sponsored by the International Federation for Information Processing (IFIP) and held in Bonn, Germany in November 2002.




Integrity and Internal Control in Information Systems


Book Description

This publication is a collection of papers from the Third International Working Conference of IFIP TC-11 Working group 11.5 on "Integrity and Internal Control in Information systems". IFIP TC-11 Working Group 11.5 explores the area of integrity within information systems and the relationship between integrity in information systems and the overall internal control systems that are established in organizations to support the corporate governance codes. We want to recommend this book to security specialists, IT auditors and researchers who want to learn more about the business concerns related to integrity. Those same security specialists, IT auditors and researchers will also value this book for the papers presenting research into new techniques and methods for obtaining the desired level of integrity. The third conference represents a continuation of the dialogue between information security specialists, internal control specialists and the business community. The conference objectives are: • To present methods and techniques that will help business achieve the desired level of integrity in information systems and data; • To present the results of research that may in future be used to increase the level of integrity or help management maintain the desired level of integrity; • To investigate the shortcomings in the technologies presently in use, shortcomings that require attention in order to protect the integrity of systems in general.




Information Systems for Business and Beyond


Book Description

"Information Systems for Business and Beyond introduces the concept of information systems, their use in business, and the larger impact they are having on our world."--BC Campus website.




Computer Security


Book Description

We live in a wired society, with computers containing and passing around vital information on both personal and public matters. Keeping this data safe is of paramount concern to all. Yet, not a day seems able to pass without some new threat to our computers. Unfortunately, the march of technology has given us the benefits of computers and electronic tools, while also opening us to unforeseen dangers. Identity theft, electronic spying, and the like are now standard worries. In the effort to defend both personal privacy and crucial databases, computer security has become a key industry. A vast array of companies devoted to defending computers from hackers and viruses have cropped up. Research and academic institutions devote a considerable amount of time and effort to the study of information systems and computer security. Anyone with access to a computer needs to be aware of the developing trends and growth of computer security. To that end, this book presents a comprehensive and carefully selected bibliography of the literature most relevant to understanding computer security. Following the bibliography section, continued access is provided via author, title, and subject indexes. With such a format, this book serves as an important guide and reference tool in the defence of our computerised culture.




Federal Information System Controls Audit Manual (FISCAM)


Book Description

FISCAM presents a methodology for performing info. system (IS) control audits of governmental entities in accordance with professional standards. FISCAM is designed to be used on financial and performance audits and attestation engagements. The methodology in the FISCAM incorp. the following: (1) A top-down, risk-based approach that considers materiality and significance in determining audit procedures; (2) Evaluation of entitywide controls and their effect on audit risk; (3) Evaluation of general controls and their pervasive impact on bus. process controls; (4) Evaluation of security mgmt. at all levels; (5) Control hierarchy to evaluate IS control weaknesses; (6) Groupings of control categories consistent with the nature of the risk. Illus.




Glossary of Key Information Security Terms


Book Description

This glossary provides a central resource of definitions most commonly used in Nat. Institute of Standards and Technology (NIST) information security publications and in the Committee for National Security Systems (CNSS) information assurance publications. Each entry in the glossary points to one or more source NIST publications, and/or CNSSI-4009, and/or supplemental sources where appropriate. This is a print on demand edition of an important, hard-to-find publication.




Principles of Accounting Volume 1 - Financial Accounting


Book Description

The text and images in this book are in grayscale. A hardback color version is available. Search for ISBN 9781680922929. Principles of Accounting is designed to meet the scope and sequence requirements of a two-semester accounting course that covers the fundamentals of financial and managerial accounting. This book is specifically designed to appeal to both accounting and non-accounting majors, exposing students to the core concepts of accounting in familiar ways to build a strong foundation that can be applied across business fields. Each chapter opens with a relatable real-life scenario for today's college student. Thoughtfully designed examples are presented throughout each chapter, allowing students to build on emerging accounting knowledge. Concepts are further reinforced through applicable connections to more detailed business processes. Students are immersed in the "why" as well as the "how" aspects of accounting in order to reinforce concepts and promote comprehension over rote memorization.