ACC 574 WEEK 3 DISCUSSION - 83725

Solution Posted by
olufunmilola

olufunmilola

Rating : (9)A+
Solution Detail
Price: $14.00
  • From: Business, Accounting
  • Posted on: Wed 31 Dec, 2014
  • Request id: None
  • Purchased: 0 time(s)
  • Average Rating: No rating
Request Description
1) Security Controls" Please respond to the following: • Evaluate the impact on auditors if operating systems and networks are determined to lack adequate security controls. Suggest at least two controls that should be implemented to reduce the risk to data integrity and explain your answer. • Create an argument in support of establishing a policy for security violations so when breaches occur, the organization will be a position to prosecute the person committing the violation. Determine the types of security controls that should be implemented to reduce security violations and explain your answer. 2) "Database Systems" Please respond to the following: • Assess the effectiveness of the grandparent-parent-child backup technique, providing suggestions for implementing such a system. Provide support for your suggestions. • From the e-Activity, evaluate three emerging issues that relate to the implementation of IT systems and the related impact to the fraud environment. Recommend a risk mitigation strategy associated with installing a new database system, and determine the impact of designing an effective internal control audit plan to determine if those risks have been identified. NOTE: MORE THAN ONE ANSWER POSTED FOR THE PRICE OF ONE CHOOSE ANY
Solution Description

DISCUSSION 1

Evaluate the impact on auditors if operating systems and networks are determined to lack adequate security controls. Suggest at least two controls that should be implemented to reduce the risk to data integrity and explain your answer.

 

Operating systems are the brains of a computer’s control program.  The operating system is responsible for translating high level languages into machine language.  Operating systems allocate resources to end users, applications and other devices.  Operating systems also manage tasks such as job scheduling and processing. 

 

It is critical to test operating system controls in an audit.  Should an operating system be compromised, that compromise could result in the failure of internal controls, thereby potentially causing system security to be breached.  In order to effectively audit the operating system integrity control, the auditor will examine the following:Access privileges, Password Control, Protection from malicious & destructive program - viruses and malware.

  •  A formal log-on procedure is the operating system’s first line of defense against unauthorized access. When the user initiates the process, he or she is presented with a dialog box requesting the user’s ID and password.
  • If the log-on attempt is successful, the operating system creates an access token that contains key information about the user, including user ID, password, user group, and prvileges granted to the user.
  • An access control list is assigned to each IT resource (computer directory, data file, program, or printer), which controls access to the resources
  •  Resource owners in this setting may be granted discretionary access privileges, which allow them to grant access privileges to other users.

Create an argument in support of establishing a policy for security violations so when breaches occur, the organization will be a position to prosecute the person committing the violation. Determine the types of security controls that should be implemented to reduce security violations and explain your answer.

Policy and procedures should be set up to deal with IT security breaches by an employee of a IT security systems. The employee should be required to acknowledge that they understand what will occur (loss of enployment and prosecution) to them if they breaches IT security. This should be done before employees are issued an ID and Password. A yearly reminded should be sent out to all enployees and a digital signature should be captured acknowledging that the employee understand all policy about IT security breaches.

 Sources: Information Technology Auditing and Assurance, Third Edition: James A. Hall; Copyright 2011 Cengage Learning, Inc.; http://www.coursesmart.com/9781439079119/firstsection#X2ludGVybmFsX0J2ZGVwRmxhc2hSZWFkZXI/eG1saWQ9OTc4MTQzOTA3OTExOS9pdg

Organization' Information Security Policy Compliance:Stick or Carrot Approached? Chen, Yen, Ramamurthy, Wen, Kuang-Wel

OR

"Security Controls"  Please respond to the following:

 

Evaluate the im

Attachments
WEEK_3.docx
WEEK_3.docx