skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 82075 Find in a Library
Title: Security, Audit, and Control of Small Computer Systems
Corporate Author: L J Duff and Associates, Inc
Canada
Date Published: 1981
Page Count: 256
Sponsoring Agency: Bank Admin Institute
Rolling Meadows, IL 60068
L J Duff and Associates, Inc
Montreal, Quebec, Canada
Sale Source: Bank Admin Institute
60 Gould Ctr
Rolling Meadows, IL 60068
United States of America
Language: English
Country: United States of America
Annotation: This manual discusses the risks, responsibilities, and requirements imposed on banks and other financial institutions when management assumes responsibility for security, audit, and control of small computer systems.
Abstract: Features of small computer systems significant to the security, audit, and control of the computerized process are considered, and guidelines are provided for defining the significance of the small computer system to the bank. Suggestions are offered for identifying the system components necessary for evaluating security, audit, and control. The major elements of small computer systems that require management's attention to ensure security, audibility, and control are identified. Requirements for organizational control of the small computer system are presented, along with requirements for system access control. Guidelines are provided for controlling errors, data manipulation, and information disclosure. Further, guidelines address the control of system changes, requirements to ensure operational continuity of the system, and documentation requirements. The characteristics of applications processed by small computer system are identified, and guidelines are presented to ensure the completeness, accuracy, and authorization of processing within applications, as well as guidelines for the definition of management trails. The conduct of an evaluation of small computer systems that will minimize exposures to the organization is described. The relationship between the environment in which mini-and microcomputer-based systems are found, the recognition of exposures to the organization, the significance of the general operating environment, and the approach to the application review are described. Suggestions are also offered for correcting deficiencies identified. Appended are a glossary, criteria for system significance, a system component inventory, a processing environment checklist, and an application checklist. Graphic illustrations are provided. (Author summary modified)
Index Term(s): Audits; Computer crime prevention measures; Computer privacy and security; Financial institutions
Note: Number 214
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=82075

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.