 | Management Information Systems 4/e - James A. O'Brien | |||||
|---|---|---|---|---|---|---|
| Online Learning Center |  | |||||
Chapter 15: Managing IT: Security and Ethical Challenges
|
Auditing Information Systems
An information services department should be periodically examined (audited) by internal auditing personnel. In addition periodic audits by external auditors from professional accounting firms are a good business practice. Audit Trail Periodically examining the accuracy and integrity of information systems. Backup Files Backup files are duplicate files of data or programs. These files may be stored off-premises that is in a location away from the computer centre sometimes in special storage vaults in remote locations. Biometric Controls Computer-Based security methods that measure physical traits and characteristics such as fingerprints voice prints retina scans and so on. Business Ethics An area of ethical philosophy concerned with developing ethical principles and promoting ethical behaviour and practices in the accomplishment of business tasks and decision making. Computer Crime Criminal actions accomplished through the use of computer systems especially with intent to defraud destroy or make unauthorized use of computer system resources. Computer Crime Examples Theft of money services and information - including software theft as well as crimes involved in data alteration and destruction. Computer Crime Laws Computer crime laws are being developed in order to protect organizations and their data resources. Computer Matching Using computers to screen and match data about individual characteristics provided by a variety of computer-based information systems and databases in order to identify individuals for business government or other purposes. Computer Monitoring Using computers to monitor the behaviour and productivity of workers on the job and in the workplace. Computer Virus Program code that copies its destructive program routines into the computer systems of anyone who accesses computer systems which have used the program or anyone who uses copies of data or programs taken from such computers. This spreads the destruction of data and programs among many computer users. Technically a virus will not run unaided but must be inserted into another program while a worm is a distinct program that can run unaided. Control of End User Computing Managerial end users are responsible for information system controls in their business units. Control Totals Accumulating totals of data at multiple points in an information system to ensure correct information processing. Disaster Recovery Methods for ensuring that an organization recovers from natural and human-caused disasters that affect its computer-based operations. Encryption To scramble data or convert it prior to transmission to a secret code that masks the meaning of the data to unauthorized recipients. Similar to enciphering. Ergonomics The science and technology emphasizing the safety comfort and ease of use of human-operated machines such as computers. The goal of ergonomics is to produce systems that are user friendly that is safe comfortable and easy to use. Ergonomics is also called human factors engineering. Ethical & Social Dimensions These include (1) employment (2) individuality (3) health (4) privacy (5) societal solutions and (6) working conditions. Ethical & Social Dimensions of IT: Employment The impact of IT on employment is a major ethical concern and is directly related to the use of computers to achieve automation. IT has created new jobs and increased productivity however it has also caused a significant reduction in some types of job opportunities. Ethical & Social Dimensions of IT: Individuality Computer-based systems are criticized as being impersonal systems that dehumanize and depersonalize activities and eliminate the human relationships present in manual systems. Humans feel a loss of individuality as some systems require a regimentation of the individual and demand strict adherence to detailed procedures. Ethical & Social Dimensions of IT: Health IT in the workplace raises a variety of health issues including health problems such as job stress damaged arm and neck muscles eye strain radiation exposure and even death by computer-caused accidents. Ethical & Social Dimensions of IT: Privacy IT can be used to store and retrieve massive amounts of information. However it can also have a negative effect on the right to privacy of every individual. Ethical & Social Dimensions of IT: Societal Solutions IT can have many beneficial effects on society. It is being used to solve human and societal problems through societal applications such as medical diagnosis computer-assisted instruction governmental program planning environmental quality control and law enforcement. Ethical & Social Dimensions of IT: Working Conditions IT has eliminated some monotonous and obnoxious tasks formerly performed by people. IT has upgraded the quality of work but is also being criticized for relegating people to a do-nothing standby role. Ethical Models Ethical choices may result from decision-making processes or behavioural stages. Ethical Philosophies These include egoism natural law utilitarianism and respect for persons. Facility Controls Methods that protect physical facilities and their contents from loss or destruction. Fault Tolerant Computers with multiple central processors peripherals and system software that are able to continue operations even if there is a major hardware or software failure. Fire Wall A computer that protects computer networks from intrusion by screening all network traffic and serving as a safe transfer point for access to and from other networks. Flaming Flaming is the practice of sending extremely critical derogatory and often vulgar E-mail messages (flame mail) or electronic bulletin board postings to other users on the Internet or online services. Hacking (1) obsessive use of a computer (2) the unauthorized access and use of computer systems. Human Factors Hardware and software capabilities that can affect the comfort safety ease of use and user customization of computer-based information systems. Information System Controls Methods and devices that attempt to ensure the accuracy validity and propriety of information system activities. Information system controls monitor and maintain the quality and security of the input processing output and storage activities of any information system. Information System Security Controls that ensure the accuracy integrity and safety of information systems activities and resources. Controls can minimize errors fraud and destruction. Network Security Security of a network may be provided by specialized system software packages known as system security monitors. System security monitors are programs that monitor the use of computer systems and networks and protect them from unauthorized use fraud and destruction. Passwords A password is used as a security method which enables computer systems to identify eligible users and determine which types of information they are authorized to receive. Privacy Laws Laws that regulate the collection access and use of personal data. Procedural Controls Methods that specify how the information services organization should be operated for maximum security. Responsible End User End user that acts with integrity and competence in the use of IT. Security Codes Passwords identification codes account codes and other codes that limit the access and use of computer-based system resources to authorized users. Software Piracy Unauthorized copying of software. Spamming Spamming is the indiscriminate sending of unsolicited E-mail to many Internet users. Spamming is the favourite tactic of mass-mailers of unsolicited advertisements or junk E-mail. System Security Monitor Software that control access and use of a computer system. |
MHHE Home | About MHHE | Help Desk | Legal Policies and Info | Order Info | What's New | Get Involved
McGraw-Hill Higher Education is one of the many fine businesses of The McGraw-Hill Companies.
For further information about this site contact mhhe_webmaster@mcgraw-hill.com.
