With the advent of electronic commerce, and the increasing sophistication of the information systems used in business organizations, control and security have become key management issues. Responsibility for ensuring that controls are well designed and properly managed can no longer simply be delegated to the technical experts. It has become an area in which the whole management team needs to be involved.
This comprehensive review, written for the business reader, includes coverage of recent developments in electronic commerce, as well as the more traditional systems found in many organizations, both large and small.
Intended for any manager whose work depends on financial or other business information, it includes case studies, summaries and review questions, making it equally suitable as a source text for students of business studies at postgraduate or advanced level.
Introduction Part 1: Threats and Risks 1.Information under Threat 2.Risk Appraisal Part2:Controls for Internal Services 3.Computerised Controls: the Organizational Context 4.Access Controls 5.Controls within Business Processes Part 3:Controls for Networked Services 6.Controls for Network Communications 7.Managing Security for Network Services 8.Controls for Local Area Networks and Small Systems Part4:Business Continuity and Archiving 9.Business Continuity 10.Controls for Archived Data Part 5:Computer Audit 11.Computer Audit:Introduction of New Systems 12.Computer Audit: Control of Existing Systems 13.Computer Forensics Part6:Regulation and Standards 14.Security Standards and Codes of Practice.
