information systems control dr. yan xiong college of business csu sacramento january 27,2003 this...
Post on 21-Dec-2015
218 views
TRANSCRIPT
Information Systems ControlInformation Systems Control
Dr. Yan XiongDr. Yan XiongCollege of BusinessCollege of BusinessCSU SacramentoCSU SacramentoJanuary 27,2003January 27,2003
This lecture is based on Martin (2002) and Romney and This lecture is based on Martin (2002) and Romney and Steinbart (2002)Steinbart (2002)
AgendaAgenda AIS ThreatsAIS Threats Internal ControlsInternal Controls General controls for information systemsGeneral controls for information systems Internet controlsInternet controls Contingency managementContingency management
AIS ThreatsAIS ThreatsNatural and politicalNatural and political disasters:disasters:
– fire or excessive heatfire or excessive heat– floodsfloods– earthquakesearthquakes– high windshigh winds– warwar
AIS ThreatsAIS Threats Software errors andSoftware errors and equipment malfunctionsequipment malfunctions
– hardware failureshardware failures– power outages and fluctuationspower outages and fluctuations– undetected data transmission errorsundetected data transmission errors
AIS ThreatsAIS Threats Unintentional actsUnintentional acts
• accidents caused by human carelessnessaccidents caused by human carelessness• innocent errors of omissionsinnocent errors of omissions• lost or misplaced datalost or misplaced data• logic errorslogic errors• systems that do not meet company needssystems that do not meet company needs
AIS ThreatsAIS Threats Intentional actsIntentional acts
• sabotagesabotage• computer fraudcomputer fraud• embezzlementembezzlement• confidentiality breachesconfidentiality breaches• data theftdata theft
AgendaAgenda AIS ThreatsAIS Threats Internal ControlInternal Control Cost-benefit AnalysisCost-benefit Analysis General controls for information systemsGeneral controls for information systems Internet controlsInternet controls Contingency managementContingency management
Internal ControlInternal ControlThe COSO (Committee of Sponsoring Organizations) The COSO (Committee of Sponsoring Organizations)
study defines internal control as the process study defines internal control as the process implemented by the board of directors, management, implemented by the board of directors, management, and those under their direction to provide reasonable and those under their direction to provide reasonable assurance that control objectives are achieved with assurance that control objectives are achieved with regard to:regard to:– effectiveness and efficiency of operations effectiveness and efficiency of operations – reliability of financial reportingreliability of financial reporting– compliance with applicable laws and regulationscompliance with applicable laws and regulations
Internal Control ClassificationsInternal Control Classifications The specific control procedures used in the internal control and management control The specific control procedures used in the internal control and management control
systems may be classified using the following four internal control classifications:systems may be classified using the following four internal control classifications:1 Preventive, detective, and corrective controls Preventive, detective, and corrective controls 2 General and application controlsGeneral and application controls3 Administrative and accounting controlsAdministrative and accounting controls4 Input, processing, and output controlsInput, processing, and output controls
Types of ControlsTypes of Controls PreventivePreventive: deter problems : deter problems
beforebefore they arise they arise segregating dutiessegregating duties
DetectiveDetective: discover control : discover control problems problems as soonas soon as they arise as they arise bank reconciliationbank reconciliation
CorrectiveCorrective: remedy problems : remedy problems discovered with detective controlsdiscovered with detective controls file backupsfile backups
Internal Control ModelInternal Control Model COSO’s internal control model has five crucial components: COSO’s internal control model has five crucial components:
1 Control environmentControl environment2 Control activitiesControl activities3 Risk assessmentRisk assessment4 Information and communicationInformation and communication5 MonitoringMonitoring
The Control EnvironmentThe Control EnvironmentThe control environment consists of many factors, including The control environment consists of many factors, including
the following:the following:1 Commitment to integrity and ethical valuesCommitment to integrity and ethical values2 Management’s philosophy and operating styleManagement’s philosophy and operating style3 Organizational structureOrganizational structure
The Control EnvironmentThe Control Environment4 The audit committee of the board of directorsThe audit committee of the board of directors5 Methods of assigning authority and responsibilityMethods of assigning authority and responsibility6 Human resources policies and practicesHuman resources policies and practices7 External influencesExternal influences
Control ActivitiesControl ActivitiesGenerally, control procedures fall into one of five categories:Generally, control procedures fall into one of five categories:
1 Proper authorization of transactions and activitiesProper authorization of transactions and activities2 Segregation of dutiesSegregation of duties3 Design and use of adequate documents and recordsDesign and use of adequate documents and records4 Adequate safeguards of assets and recordsAdequate safeguards of assets and records5 Independent checks on performanceIndependent checks on performance
Proper Authorization of Transactions Proper Authorization of Transactions and Activitiesand Activities AuthorizationAuthorization is the empowerment management gives employees to is the empowerment management gives employees to
perform activities and make decisions.perform activities and make decisions. Digital signatureDigital signature or fingerprint is a means of signing a document with or fingerprint is a means of signing a document with
a piece of data that cannot be forged.a piece of data that cannot be forged. Specific authorizationSpecific authorization is the granting of authorization by management is the granting of authorization by management
for certain activities or transactions.for certain activities or transactions.
Segregation of DutiesSegregation of Duties Good internal control demands that no single Good internal control demands that no single
employee be given too much responsibility.employee be given too much responsibility. An employee should not be in a position to perpetrate An employee should not be in a position to perpetrate
and conceal fraud or unintentional errors.and conceal fraud or unintentional errors.
Segregation of DutiesSegregation of Duties
Recording FunctionsPreparing source documents
Maintaining journalsPreparing reconciliations
Preparing performance reports
Custodial FunctionsHandling cash
Handling assetsWriting checks
Receiving checks in mail Authorization FunctionsAuthorization of
transactions
Segregation of DutiesSegregation of Duties If two of these three functions are the responsibility of a single person, If two of these three functions are the responsibility of a single person,
problems can arise.problems can arise. Segregation of duties prevents employees from falsifying records in Segregation of duties prevents employees from falsifying records in
order to conceal theft of assets entrusted to them.order to conceal theft of assets entrusted to them. Prevent authorization of a fictitious or inaccurate transaction as a Prevent authorization of a fictitious or inaccurate transaction as a
means of concealing asset thefts.means of concealing asset thefts.
Segregation of DutiesSegregation of Duties Segregation of duties prevents an employee Segregation of duties prevents an employee
from falsifying records to cover up an from falsifying records to cover up an inaccurate or false transaction that was inaccurate or false transaction that was inappropriately authorized.inappropriately authorized.
Design and Use of Adequate Design and Use of Adequate Documents and RecordsDocuments and Records
The proper design and use of documents and records The proper design and use of documents and records helps ensure the accurate and complete recording of all helps ensure the accurate and complete recording of all relevant transaction data.relevant transaction data.
Documents that initiate a transaction should contain a Documents that initiate a transaction should contain a space for authorization.space for authorization.
Design and Use of Adequate Design and Use of Adequate Documents and RecordsDocuments and Records The following procedures safeguard assets from theft, unauthorized use, The following procedures safeguard assets from theft, unauthorized use,
and vandalism:and vandalism:– effectively supervising and segregating dutieseffectively supervising and segregating duties– maintaining accurate records of assets, including informationmaintaining accurate records of assets, including information– restricting physical access to cash and paper assetsrestricting physical access to cash and paper assets– having restricted storage areashaving restricted storage areas
Adequate Safeguards of Assets and RecordsAdequate Safeguards of Assets and Records What can be used to safeguard assets?What can be used to safeguard assets?
– cash registerscash registers– safes, lockboxessafes, lockboxes– safety deposit boxessafety deposit boxes– restricted and fireproof storage areasrestricted and fireproof storage areas– controlling the environmentcontrolling the environment– restricted access to computer rooms, computer files, and informationrestricted access to computer rooms, computer files, and information
Independent Checks on PerformanceIndependent Checks on Performance Independent checks to ensure that transactions are processed Independent checks to ensure that transactions are processed
accurately are another important control element.accurately are another important control element. What are various types of independent checks? What are various types of independent checks?
– reconciliation of two independently maintained sets of recordsreconciliation of two independently maintained sets of records– comparison of actual quantities with recorded amountscomparison of actual quantities with recorded amounts
Independent Checks on PerformanceIndependent Checks on Performance– double-entry accountingdouble-entry accounting– batch totalsbatch totals
Five batch totals are used in computer systems:Five batch totals are used in computer systems:1 A financial total is the sum of a dollar field.A financial total is the sum of a dollar field.2 A hash total is the sum of a field that would usually not be added.A hash total is the sum of a field that would usually not be added.
Independent Checks on PerformanceIndependent Checks on Performance3 A record count is the number of documents processed.A record count is the number of documents processed.4 A line count is the number of lines of data entered.A line count is the number of lines of data entered.5 A cross-footing balance test compares the grand total of A cross-footing balance test compares the grand total of
all the rows with the grand total of all the columns to all the rows with the grand total of all the columns to check that they are equal.check that they are equal.
Information and CommunicationInformation and Communication The fourth component of COSO’s internal control model is information The fourth component of COSO’s internal control model is information
and communication.and communication. Accountants must understand the following:Accountants must understand the following:
1 How transactions are initiatedHow transactions are initiated2 How data are captured in machine-readable form or converted from How data are captured in machine-readable form or converted from
source documentssource documents
Information and CommunicationInformation and Communication3 How computer files are accessed and updatedHow computer files are accessed and updated4 How data are processed to prepare informationHow data are processed to prepare information5 How information is reportedHow information is reported6 How transactions are initiatedHow transactions are initiated
All of these items make it possible for the system to have an audit trail.All of these items make it possible for the system to have an audit trail. An audit trail exists when individual company transactions can be traced through the An audit trail exists when individual company transactions can be traced through the
system.system.
Monitoring PerformanceMonitoring Performance The fifth component of COSO’s internal control model is monitoring.The fifth component of COSO’s internal control model is monitoring. What are the key methods of monitoring performance?What are the key methods of monitoring performance?
– effective supervisioneffective supervision– responsibility accountingresponsibility accounting– internal auditinginternal auditing
Risk AssessmentRisk Assessment The third component of COSO’s internal control model is risk The third component of COSO’s internal control model is risk
assessment.assessment. Companies must identify the threats they face:Companies must identify the threats they face:
– strategic — doing the wrong thingstrategic — doing the wrong thing– financial — having financial resources lost, wasted, or stolenfinancial — having financial resources lost, wasted, or stolen– information — faulty or irrelevant information, or unreliable systemsinformation — faulty or irrelevant information, or unreliable systems
Risk AssessmentRisk Assessment Companies that implement electronic data interchange (EDI) must identify Companies that implement electronic data interchange (EDI) must identify
the threats the system will face, such as:the threats the system will face, such as:1 Choosing an inappropriate technologyChoosing an inappropriate technology2 Unauthorized system accessUnauthorized system access3 Tapping into data transmissionsTapping into data transmissions4 Loss of data integrityLoss of data integrity
Risk AssessmentRisk Assessment5 Incomplete transactionsIncomplete transactions6 System failuresSystem failures7 Incompatible systemsIncompatible systems
Risk AssessmentRisk Assessment Some threats pose a greater risk because the probability of their Some threats pose a greater risk because the probability of their
occurrence is more likely.occurrence is more likely. What is an example?What is an example? A company is more likely to be the victim of a computer fraud rather A company is more likely to be the victim of a computer fraud rather
than a terrorist attack.than a terrorist attack. Risk and exposure must be considered together.Risk and exposure must be considered together.
Cost and BenefitsCost and Benefits Benefit of control procedure is Benefit of control procedure is
difference between difference between expected loss with control procedure(s) expected loss with control procedure(s) expected loss without itexpected loss without it
Loss / Fraud ConditionsLoss / Fraud Conditions ThreatThreat: potential adverse : potential adverse
or unwanted event that can or unwanted event that can be injurious to AISbe injurious to AIS
ExposureExposure: potential maximum : potential maximum $ loss if event occurs$ loss if event occurs
RiskRisk: likelihood that event will occur: likelihood that event will occur Expected Loss:Expected Loss: Risk * Exposure Risk * Exposure
Loss / Fraud ConditionsLoss / Fraud Conditions
ExposureExposure RiskRiskExpected
LossExpected
LossXX ==
Maximum Loss ($)Maximum Loss ($)
Likelihood of Event Occurring
Likelihood of Event Occurring
Potential $ LossPotential $ Loss
For each AIS threat:For each AIS threat:
ExposuresExposures
PossiblePossibleThreatThreat SymbolSymbol
Expo-Expo-suresure RiskRisk
DisasterDisaster DD HH L+L+
Power OutagePower Outage OO MM HH
System Down System Down HH LL LL
Human ErrorHuman Error EE MM MM
FraudFraud FF MM LL
Data TheftData Theft TT LL MM
SabotageSabotage SS HH LL
Risk Assessment of ControlsRisk Assessment of Controls
Control NeedsControl Needs
CostsCosts
ThreatThreat
RiskRisk
ExposureExposure
CostBenefi-cial?
CostBenefi-cial?
ImplementImplement
YesYes
NoNo
Payroll CasePayroll Case
ConditionCondition WithoutWithout WithWith DifferenceDifference
Cost Payroll Cost Payroll $10K$10K $10K$10K
Risk of ErrorRisk of Error 15%15% 1%1%
Error CostError Cost $1.5K$1.5K $0.1K $0.1K $1.4K$1.4K
Validate CostValidate Cost 00 $0.6K$0.6K $(0.6K)$(0.6K)
ExpectedExpected BenefitBenefit
$0.8K$0.8K
AgendaAgenda AIS ThreatsAIS Threats Internal ControlsInternal Controls General controls for information systemsGeneral controls for information systems Internet controlsInternet controls Contingency managementContingency management
General ControlsGeneral Controls General controlsGeneral controls ensure that ensure that overall overall computer environment is computer environment is
stable and well managedstable and well managed General control categories:General control categories:
1 Developing a security planDeveloping a security plan2 Segregation of duties within the systems functionSegregation of duties within the systems function
General ControlsGeneral Controls3 Project development controlsProject development controls4 Physical access controls Physical access controls 5 Logical access controlsLogical access controls6 Data storage controlsData storage controls7 Data transmission controlsData transmission controls8 Documentation standardsDocumentation standards9 Minimizing system downtimeMinimizing system downtime
General ControlsGeneral Controls10. 10. Protection of personal computers and Protection of personal computers and
client/server networksclient/server networks11.11. Internet controlsInternet controls12.12. Disaster recovery plansDisaster recovery plans
Security PlanSecurity Plan Developing and continuously Developing and continuously
updating a comprehensive updating a comprehensive security plan one of most security plan one of most important controls for company important controls for company
Questions to be asked:Questions to be asked: WhoWho needs access to needs access to whatwhat information? information? WhenWhen do they need it? do they need it? On On whichwhich systems does the information systems does the information
reside?reside?
Segregation of DutiesSegregation of Duties In AIS, procedures that used to be performed by separate In AIS, procedures that used to be performed by separate
individuals combinedindividuals combined Person with unrestricted accessPerson with unrestricted access
to computer, to computer, its programs, its programs, and live data and live data
has opportunity to both perpetrate and conceal fraudhas opportunity to both perpetrate and conceal fraud
Segregation of DutiesSegregation of Duties To combat this threat, organizations must To combat this threat, organizations must
implement compensating control proceduresimplement compensating control procedures Authority and responsibility must be clearly Authority and responsibility must be clearly
divideddividedNOTE: must change with increasing levels of automationNOTE: must change with increasing levels of automation
Segregation of DutiesSegregation of Duties
Divide following functions:Divide following functions:• Systems analysisSystems analysis• ProgrammingProgramming• Computer operationsComputer operations• UsersUsers• AIS libraryAIS library• Data controlData control
Duty SegregationDuty Segregation
ProgramsPrograms OutputOutput
Use
ArchiveDesignSpecsDesignSpecs
AnalyzeAnalyze
ProgramProgram
OperateOperate
What about small firms?What about small firms?
Project Development Project Development ControlsControls Long-range master planLong-range master plan Project development planProject development plan Periodic performance evaluationPeriodic performance evaluation Post-implementation reviewPost-implementation review System performance measurementsSystem performance measurements
Development ControlsDevelopment ControlsMaster
DevelopmentPlan
MasterDevelopment
Plan
ProjectDevelopment
Plan
ProjectDevelopment
Plan
STARTEDPROJECTSTARTEDPROJECT
COMPLETEDPROJECT
COMPLETEDPROJECT
SYSTEMOPERATION
SYSTEMOPERATION
PeriodicPerformance
Review
PeriodicPerformance
Review
PostImplement
Review
PostImplement
Review
PerformanceMeasures
PerformanceMeasures
Physical Access ControlsPhysical Access Controls Placing computer equipment in locked rooms and Placing computer equipment in locked rooms and
restricting access to authorized personnelrestricting access to authorized personnel Having only one or two entrances to computer roomHaving only one or two entrances to computer room Requiring proper employee IDRequiring proper employee ID Requiring visitors to sign logRequiring visitors to sign log Installing locks on PCsInstalling locks on PCs
Logical Access ControlsLogical Access Controls Users should be allowed access only to the data they are authorized to use and then Users should be allowed access only to the data they are authorized to use and then
only to perform specific authorized functions. only to perform specific authorized functions. What are some logical access controls?What are some logical access controls?
– passwordspasswords– physical possession identificationphysical possession identification– biometric identificationbiometric identification– compatibility testscompatibility tests
Access Control MatrixAccess Control Matrix
ABCABC 00 11 0 0 00 DEFDEF 11 22 00 00 KLM KLM
11 11 11 11
NOPNOP 33 00 33 00
WORDWORD A A
BB 11 22
PASSPASS-- FILESFILES PROGRAMSPROGRAMS
0 – No access1 – Read / display0 – No access1 – Read / display
2 – Update3 – Create / delete2 – Update3 – Create / delete
Data Storage ControlsData Storage Controls Information gives company competitive edge and makes Information gives company competitive edge and makes
it viable it viable Company should identify types of data used and level Company should identify types of data used and level
of protection required for each of protection required for each Company must also document steps taken to protect dataCompany must also document steps taken to protect data
e.g., off-site storagee.g., off-site storage
Data Transmission Data Transmission ControlsControls
Reduce risk of data Reduce risk of data transmission failurestransmission failures– data encryption (cryptography)data encryption (cryptography)– routing verification proceduresrouting verification procedures– parity bitsparity bits– message acknowledgment techniquesmessage acknowledgment techniques
Information Information Transmission SystemTransmission SystemInformation
Source
Receiver
Information
Destination
Transmitter
Message
ChannelSignal
Noise
Transmission ControlsTransmission Controls
Encr
ypt
Encr
ypt
Dec
rypt
Dec
rypt
SENDSEND RECEIVERECEIVE
RoutingVerification RoutingVerification
DataEncryption DataEncryption
MessageAcknowledge- ment
MessageAcknowledge- ment
MessageMessage
Parity BitParity Bit
Even Parity Bit SystemEven Parity Bit System
11 00 11 11 00 11 11 00 11
Parity BitParity Bit
Message in BinaryMessage in Binary A “1” placed in paritybit to make an even number of “1”s.
A “1” placed in paritybit to make an even number of “1”s.
There are five “1” bits in message There are five “1” bits in message
Data Transmission ControlsData Transmission Controls Added importance when using electronic data Added importance when using electronic data
interchange (EDI) or electronic funds transfer interchange (EDI) or electronic funds transfer (EFT)(EFT)
In these types of environments, sound internal control is In these types of environments, sound internal control is achieved using control proceduresachieved using control procedures
Data Transmission ControlData Transmission Control Controlled physical access Controlled physical access
to network facilitiesto network facilities Identification required for all Identification required for all
network terminalsnetwork terminals Passwords and dial-in phone Passwords and dial-in phone
numbers changed on regular basisnumbers changed on regular basis Encryption used to secure stored Encryption used to secure stored
and transmitted dataand transmitted data Transactions logTransactions log
Documentation Documentation StandardsStandards Documentation procedures and standards ensure clear and Documentation procedures and standards ensure clear and
concise documentationconcise documentation Documentation categories:Documentation categories:
• Administrative documentationAdministrative documentation• Systems documentationSystems documentation• Operating documentationOperating documentation
Minimizing System Minimizing System DowntimeDowntime Significant financial losses can be incurred if Significant financial losses can be incurred if
hardware or software malfunctions cause AIS to failhardware or software malfunctions cause AIS to fail Methods used to minimize system downtimeMethods used to minimize system downtime
• preventive maintenancepreventive maintenance• uninterruptible power systemuninterruptible power system• fault tolerancefault tolerance
Protection of PCs and Protection of PCs and Client/Server NetworksClient/Server Networks PCs more vulnerable to security risks than mainframe PCs more vulnerable to security risks than mainframe
computerscomputers Difficult to restrict physical accessDifficult to restrict physical access PC users less aware of importance of security and controlPC users less aware of importance of security and control More people familiar with the operation of PCsMore people familiar with the operation of PCs Segregation of duties is difficultSegregation of duties is difficult
Protection of PCs and Protection of PCs and Client/Server NetworksClient/Server Networks
Train users in PC-related Train users in PC-related control conceptscontrol concepts
Restrict access by using Restrict access by using locks and keys on PCslocks and keys on PCs
Establish policies and proceduresEstablish policies and procedures
Protection of PCs and Protection of PCs and Client/Server NetworksClient/Server Networks Portable PCs should not be stored in carsPortable PCs should not be stored in cars Back up hard disks regularlyBack up hard disks regularly Encrypt or password protect filesEncrypt or password protect files Build protective walls around operating systemsBuild protective walls around operating systems Use multilevel password controls to limit employee access to incompatible Use multilevel password controls to limit employee access to incompatible
datadata
AgendaAgenda AIS ThreatsAIS Threats Control conceptsControl concepts General controls for information systemsGeneral controls for information systems Internet controlsInternet controls Contingency managementContingency management
Internet ControlsInternet Controls Internet control is installing a firewall, hardware Internet control is installing a firewall, hardware
and software that control communications and software that control communications between a company’s internal network (trusted between a company’s internal network (trusted network) and an external network.network) and an external network.
Internet ControlsInternet Controls PasswordsPasswords Encryption technologyEncryption technology Routing verification Routing verification
proceduresprocedures Installing a firewall Installing a firewall
Internet RisksInternet Risks
Split into packetsSplit into packets
May travel different pathsMay travel different pathsAA
Messageoriginatingat Point A
Messageoriginatingat Point A
BB
IntendedDestination Point B
IntendedDestination Point B
??Did Point B receive this message?Did Point B receive this message?
??Was the message really sent by Point A?
Was the message really sent by Point A?
?? Did anyone elsesee the message? Did anyone elsesee the message?
Messaging SecurityMessaging Security ConfidentialityConfidentiality IntegrityIntegrity: detect tampering: detect tampering AuthenticationAuthentication: correct party: correct party Non-repudiationNon-repudiation: sender can’t deny: sender can’t deny Access controlsAccess controls: limit entry to : limit entry to
authorized usersauthorized users
Symmetric EncryptionSymmetric Encryption
ClearText
Message
Dec
ryp
t
En
cryp
t
En
cod
ed M
essa
geClearText
Message
Sender ReceiverIdentical Keys
PKIPKI Public Key InfrastructurePublic Key Infrastructure Most commonly usedMost commonly used Two keys:Two keys:
public key – publicly availablepublic key – publicly available private key – kept secretprivate key – kept secret
Two keys related through secret Two keys related through secret mathematical formulamathematical formula
Need both to process transactionNeed both to process transaction
Biometric UsageBiometric Usage For user authenticationFor user authentication By order of useBy order of use
finger scannersfinger scanners hand geometryhand geometry face-recognitionface-recognition eye scaneye scan voiceprintsvoiceprints signature verificationsignature verification
Digital SignatureDigital Signature Also called Also called CertificateCertificate Issued by trusted third partyIssued by trusted third party
Certification Authority (CA)Certification Authority (CA) Electronic passport to prove identityElectronic passport to prove identity Provides assurance messages are validProvides assurance messages are valid Uses encryption to verify Uses encryption to verify
identity of unseen partneridentity of unseen partner
FirewallFirewall FirewallFirewall is barrier is barrier
between networks between networks not allowing information not allowing information to flow into and out of to flow into and out of trusted networktrusted network
FirewallsFirewalls
ValidTraffic ValidTraffic
SensitiveDatabaseSensitiveDatabase
ValidAccess ValidAccess
Fire
wal
lFi
rew
all
Fire
wal
lFi
rew
all
External ScreenExternal Screen
Acc
ess
Con
trol
sA
cces
s C
ontr
ols
Acc
ess
Con
trol
sA
cces
s C
ontr
ols
InternalScreenInternalScreen
Internet
Attempted AccessAttempted Access
Firewall TypesFirewall Types Packet Filter:Packet Filter:
simplest typesimplest type doesn’t examine datadoesn’t examine data looks at IP headerlooks at IP header
Proxy Firewall (Server):Proxy Firewall (Server): hides protected private networkhides protected private network forwards requests from private to forwards requests from private to
public network (not within)public network (not within)
Firewall TypesFirewall Types Demilitarized Zone:Demilitarized Zone:
more securemore secure several layers of firewall protectionseveral layers of firewall protection different levels of protection to different levels of protection to
different portions of company’s different portions of company’s networknetwork
runs between private network and runs between private network and outside public networkoutside public network
Bypassing FirewallsBypassing Firewalls
Firewall
Internet
SERVERInventory
Customer InfoOrdering
R&DDepartment
AgendaAgenda AIS ThreatsAIS Threats Control conceptsControl concepts General controls for information systemsGeneral controls for information systems Internet controlsInternet controls Contingency managementContingency management
Contingency Contingency ManagementManagement Disaster RecoveryDisaster Recovery
is reactiveis reactive Contingency ManagementContingency Management
is proactiveis proactive Continuity PlanningContinuity Planning latest term latest term Accounting standards in terms Accounting standards in terms
of Disaster Recoveryof Disaster Recovery
Disaster Recovery PlanDisaster Recovery Plan Purpose: to ensure processing capacity can Purpose: to ensure processing capacity can
be restored as smoothly and quickly as be restored as smoothly and quickly as possible in the event of:possible in the event of: a major disastera major disaster a temporary disruptiona temporary disruption
Disaster Plan ObjectivesDisaster Plan Objectives Minimize disruption, Minimize disruption,
damage, and lossdamage, and loss Temporarily establish Temporarily establish
alternative means of alternative means of processing informationprocessing information
Resume normal operations as soon Resume normal operations as soon as possibleas possible
Train and familiarize personnel with Train and familiarize personnel with emergency operationsemergency operations
Plan ElementsPlan Elements Priorities for recovery Priorities for recovery
processprocess Backup data and program Backup data and program
filesfiles Backup facilitiesBackup facilities
reciprocal agreementsreciprocal agreements hot and cold siteshot and cold sites shadow mode (parallel)shadow mode (parallel)
Back Up DataBack Up Data Rollback:Rollback:
predated copy of each predated copy of each record created prior to record created prior to processing transactionprocessing transaction
If hardware failureIf hardware failure records rolled back to records rolled back to
predated versionpredated version transactions processed from transactions processed from
beginningbeginning
Back Up Data DecisionsBack Up Data Decisions How often? (e.g., weekly)How often? (e.g., weekly)
Exposure * Risk = Expected LossExposure * Risk = Expected Loss Where do you store backup dataWhere do you store backup data
on-site (e.g., fireproof safe)on-site (e.g., fireproof safe) off-site (incurs costs)off-site (incurs costs)
How quick to recover?How quick to recover? What is recovered first?What is recovered first?
Remote AccessRemote Access Computer World, 1/21/02Computer World, 1/21/02 Companies eying remote access Companies eying remote access
as contingency management tool as contingency management tool Scrambling to develop remote Scrambling to develop remote
access systemsaccess systems Result of September 11Result of September 11 If main facilities down, still can If main facilities down, still can
communicate with one another communicate with one another
Recovery PlanRecovery Plan Recovery plan not complete until tested by Recovery plan not complete until tested by
simulating disastersimulating disaster EDSEDS
Plan must be continuously reviewed and revised so it Plan must be continuously reviewed and revised so it reflects current situationreflects current situation
Plan should include insurance coveragePlan should include insurance coverage
Cardinal HealthCardinal Health Redundant systems for Redundant systems for
critical order processingcritical order processing Redundant WAN trunksRedundant WAN trunks System data backed up dailySystem data backed up daily
backup media kept off-sitebackup media kept off-site Backup replica siteBackup replica site
different part of countrydifferent part of country switched on within 30 minutesswitched on within 30 minutes
The Money StoreThe Money Store Databases backed up Databases backed up
every eveningevery evening Back-up files stored atBack-up files stored at
on-siteon-site information storage vendorinformation storage vendor
Automatic archival process that Automatic archival process that periodically pulls / stores back-up periodically pulls / stores back-up data filesdata files
The Money StoreThe Money Store Call CentersCall Centers
in 3 locations nationallyin 3 locations nationally separated so that a natural separated so that a natural
disaster will not hit all three disaster will not hit all three simultaneouslysimultaneously
calls electronically rerouted to calls electronically rerouted to other two sitesother two sites
in Sacramento, rent vacant in Sacramento, rent vacant building as emergency sitebuilding as emergency site