ACCT 484 Lecture Notes - Lecture 20: Environmental Security, Session Hijacking, Operations Management
Document Summary
Physical and hardware controls: formal controls. Determine the consequences of misinterpretation of data and. Determine the consequences of misapplication of rules in organization. Threat vulnerabilities: modification, destruction, disclosure, interception, interruption, fabrication. Attributes and protection of data: integrity. Attributes and protection of data: availability. Attributes and protection of data: authentication. Attributes and protection of data: nonrepudiation. Countermeasures: designed to minimize or eliminate the risks stemming from vulnerabilities. Methods of defense: encryption, software controls. Program controls: physical and hardware controls. Definition of internal control: procedures designed by management to provide reasonable assurance regarding achievement of specific objectives, classification of it internal controls. Coso: control environment, risk assessment, control activities, information and communication, monitoring. Identify the control frameworks discussed in our schlarman (2007) and determine which framework would be useful if you were considering expanding your hot dog cart business: coso more likely: less it focus.