skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 64678 Find in a Library
Title: COMPUTER SYSTEM SECURITY AND AUDITING IMPLICATIONS
Journal: NATIONAL PUBLIC ACCOUNTANT  Volume:23  Issue:1  Dated:(1978)  Pages:20-24
Author(s): C A SRINIVASAN; P E DASCHER
Corporate Author: National Soc of Public Accountants
United States of America
Date Published: 1978
Page Count: 5
Sponsoring Agency: National Soc of Public Accountants
Washington, DC 20006
Format: Article
Language: English
Country: United States of America
Annotation: THIS PAPER DESCRIBES A SYSTEMATIC APPROACH TO INFORMATION (DATA) SECURITY AND DISCUSSES THE SECURITY AUDIT IMPLICATIONS OF COMPLEX COMPUTER SYSTEMS.
Abstract: DATA SECURITY REFERS TO THE SAFETY OF INFORMATION FROM ALL POSSIBLE VIOLATIONS INCLUDING UNAUTHORIZED DISCLOSURE, MODIFICATION, OR DESTRUCTION, WHETHER ACCIDENTAL OR DELIBERATE. GOOD SECURITY TECHNIQUES INCLUDE PHYSICAL PROTECTION; EFFECTIVE EMPLOYEE CRIME PREVENTION PROCEDURES SUCH AS SCREENING, LICENSING, EMPLOYEE RELATIONS PROGRAMS, AND PROCEDURAL CONSTRAINTS; AND ADMINISTRATIVE SECURITY. IN ADDITION, COMPUTER SYSTEM SECURITY TECHNIQUES OF STRUCTURED DESIGN, STRUCTURED PROGRAMMING, AND CHIEF PROGRAMMER TEAMS CAN BE APPLIED. COMMUNICATIONS SECURITY IS ALSO IMPORTANT AND INVOLVES IDENTIFICATION OF USERS, ISOLATION OF SYSTEM COMPONENTS, SURVEILLANCE, AND INTEGRITY OF THE DATA BASE SYSTEM. DATA SECURITY AUDITORS NEED TO REVIEW THE EXISTING SYSTEM TO SEE IF IT HAS ANY SECURITY OR SYSTEM INTEGRITY DEFICIENCIES. THEY ALSO NEED TO IDENTIFY POSSIBLE IMPROVEMENTS AND ASSURE THE MAINTENANCE OF INDIVIDUAL ACCOUNTABILITY AT ALL TIMES. AUDITING COMPUTER SYSTEMS IS DONE AT THREE LEVELS--AROUND, THROUGH, AND WITH THE COMPUTER. THE OCCURRENCE OF A THREAT IS COUNTERED WITH AUDIT LOGS AS WELL AS AUDIT TRAILS, CHECK SUMMING, SAMPLING, COMPARISON OF DUPLICATE FILES OR PROGRAMS, EXTRACTION, AND TAGGING. AN INTEGRATED TEST FACILITY (ITF) TECHNIQUE IS ALSO IN USE. PROJECTIONS ARE TOWARDS INCREASED SPECIALIZATION AND SPECIAL PURPOSE SYSTEMS WHICH SHOULD PROMOTE GREATER SECURITY. FOOTNOTES ARE PROVIDED. (AOP)
Index Term(s): Computer crime prevention measures; Computer privacy and security; Computer software; Computers; Crime Control Programs; Deterrence; Minicomputer systems; White collar crime
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=64678

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.