NCJ Number
82971
Journal
Computer Security Journal Volume: 1 Issue: 2 Dated: (Winter 1982) Pages: 23-29
Date Published
1982
Length
7 pages
Annotation
While some may look upon data security as a new field centering around technical considerations, the author suggests that it is primarily a management issue and involves the basic concepts of separation of duties and internal controls.
Abstract
With the growth of data processing, there has been a corresponding interest in legislation to satisfy the public's concern for privacy and computer crime. The need to develop a comprehensive data security approach, including physical security, contingency planning, data access controls, network security, data classification, and a policy statement is reviewed with a special emphasis on the need to establish an organizational security policy. This paper is based on a presentation at the 59th Conference of the Insurance Accounting and Statistical Association last June. (Publisher's abstract)