COB 204 Chapter Notes - Chapter 7.5: External Auditor, Internal Audit, Computer Hardware

Controls: defense mechanisms organizations implement to protect their information assets. Biometrics: something the user is; examines a person"s innate physical characteristics. b. ii. Something the user has: includes regular id cards, smart id cards, and tokens. b. iii. Something the user does: includes voice and signature recognition b. iv. Something the user knows: includes passwords and passphrases: authorization: determines which actions, rights, or privileges the person has, based on his or her verified identity. c. i. Privilege: a collection of related computer system operations that a user is authorized to perform. c. ii. Public key encryption: uses a public key (locking key) and the private key (unlocking key) a. ii. Certificate authority: acts as a trusted intermediary between companies a. iii. This type of site provides no computer hardware or user work stations: information systems auditing, security controls to ensure that information systems function properly, audit: an examination of is, their inputs, outputs, and processing b. i.