Accounting Information Systems
11th Edition
ISBN: 9781337552127
Author: Ulric J. Gelinas, Richard B. Dull, Patrick Wheeler, Mary Callahan Hill
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 9DQ
Summary Introduction
“Preventing the unauthorized disclosure and loss of data has become almost impossible. Employees and others can use iPods, flash drives, cameras and PDA’s Product I to download data and remove it from an organization’s premises.”
To discuss: Whether you agree on the above statement and describe some controls that might reduce the risk of data disclosure and loss from these devices.
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why?
(c) A criminal remotely accessed a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters.
Controls over data management systems fall into two categories: access controls and backup controls. In the shared database environment, access control risks include corruption, theft, misuse, and destruction of data. These threats originate from both unauthorized intruders and authorized users who exceed their access privileges. Which of the following options is not part of controls over data management systems?
a. Employees that sharing the same computers need restriction for access to specific directories, programs, and data files by using multilevel password control.b. To recover data from disaster, organizations must implement policies and procedures and routinely provide backup copies of critical files.c. Database Administrator works closely with users and systems designers has primary responsibility for user view design and works closely with users and systems designers.d. Access to confidential data must be properly managed. Inference controls prevent users from inferring,…
Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why?
(i)To facilitate working from home, an employee installed a modem on his office workstation. An attacker successfully penetrated the company’s system by dialing into that modem.
Chapter 8 Solutions
Accounting Information Systems
Ch. 8 - What are the four major categories of pervasive...Ch. 8 - What are the differences among a pervasive control...Ch. 8 - Prob. 3RQCh. 8 - Describe some compensating controls that can be...Ch. 8 - What are policy controls plans? How do policies...Ch. 8 - Why should an organization conduct monitoring...Ch. 8 - Prob. 8RQCh. 8 - Prob. 10RQCh. 8 - What are the major elements of the strategic IT...Ch. 8 - Prob. 12RQ
Ch. 8 - Prob. 13RQCh. 8 - What are the four stages through which a program...Ch. 8 - What steps are commonly included in a business...Ch. 8 - Prob. 16RQCh. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 21RQCh. 8 - Prob. 22RQCh. 8 - Prob. 23RQCh. 8 - Prob. 24RQCh. 8 - Prob. 25RQCh. 8 - Prob. 26RQCh. 8 - Prob. 27RQCh. 8 - Prob. 28RQCh. 8 - Prob. 29RQCh. 8 - Prob. 30RQCh. 8 - Prob. 31RQCh. 8 - Prob. 1DQCh. 8 - Prob. 2DQCh. 8 - No matter how sophisticated a system of internal...Ch. 8 - Prob. 4DQCh. 8 - Prob. 5DQCh. 8 - Prob. 6DQCh. 8 - Prob. 7DQCh. 8 - Contracting for a hot site is too cost-prohibitive...Ch. 8 - Prob. 9DQCh. 8 - Prob. 10DQCh. 8 - Prob. 11DQCh. 8 - The following is a list of six control plans from...Ch. 8 - Prob. 2SPCh. 8 - Prob. 3SPCh. 8 - Prob. 2PCh. 8 - The following is a list of 13 control plans from...Ch. 8 - Prob. 4PCh. 8 - Prob. 5PCh. 8 - Prob. 6PCh. 8 - Examine the last column in Table 8.2 (p. 280) for...
Knowledge Booster
Similar questions
- Which of the following statements is NOT correct? a. EAMs capture transactions during processing without removing the application from service. b. EAMs support continuous monitoring of controls. c. EAMs have the potential to corrupt corporate databases d. EAMs decrease operational performance. e. All of the above are correct statements.arrow_forwardCommunication via the internet is fraught with major security problems. When it comes to Internet communications, which of these aspects poses the biggest security risk?arrow_forwardAs an added measure, a company has set up its network so that computers that currently log in through the central authentication system (CAS) can log in even if the network is unavailable (through a system of stored password information). This move would be most closely associated with which CIIA goals: Confidentiality and Integrity O Integrity and Availability Confidentiality and Accessibility O Confidentiality and Availabilityarrow_forward
- Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (e)A company’s programming staff wrote custom code for the shopping cart feature on its website. The code contained a vulnerability that could be exploited when the customer typed in the ship-to address.arrow_forwardSTUDY QUESTIONS Why is human behavior considered one of the biggest potential threats to operating system integrity? What are the issues that need to be considered before implementing keystroke monitoring? Describe the three ways on how an audit trail can be used to support security objectives. Explain how poorly designed audit trail logs can actually be dysfunctional. Why would a systems programmer create a back door if he or she has access to the program in his or her day-to-day tasks? PROBLEMS Problem 1: Charles Hart, an accounts payable clerk, is an hourly employee. He never works a minute past 5 P.M. unless the overtime has been approved. Charles has recently found himself faced with some severe financial difficulties. He has been accessing the system from his home during the evening and setting up an embezzlement scheme. As his boss, what control technique(s) can be used to help detect this type of fraud? Problem 2: In 2002, Mr. Rollerball started Mighty Mouse,…arrow_forwardHow can an organisation use their information system to prevent employees from making inappropriate procurements or fraudulent purchases? Discuss and justify your answer with peer-reviewed supportarrow_forward
- The ABC Company is switching from its legacy centralizedsystem to a fully distributed system. Underthe new model, all employees will work from PCsconnected to a local area network. a. Outline a plan of action to ensure that the propercontrols over hardware, software, data, people,procedures, and documentation are in place.b. Discuss any risks the company may face if thedevised plan is not implemented.arrow_forward14. Explain how to prevent and detect computer fraud and abuse.arrow_forwardYour organisation is disturbed that some staff members are clocking on for others who do not report for work. Recommend controls that will minimize this menace?arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Pkg Acc Infor Systems MS VISIO CDFinanceISBN:9781133935940Author:Ulric J. GelinasPublisher:CENGAGE LAccounting Information SystemsAccountingISBN:9781337619202Author:Hall, James A.Publisher:Cengage Learning,
- Business/Professional Ethics Directors/Executives...AccountingISBN:9781337485913Author:BROOKSPublisher:Cengage
Pkg Acc Infor Systems MS VISIO CD
Finance
ISBN:9781133935940
Author:Ulric J. Gelinas
Publisher:CENGAGE L
Accounting Information Systems
Accounting
ISBN:9781337619202
Author:Hall, James A.
Publisher:Cengage Learning,
Business/Professional Ethics Directors/Executives...
Accounting
ISBN:9781337485913
Author:BROOKS
Publisher:Cengage