Académique Documents
Professionnel Documents
Culture Documents
Alta Carte PDF
Alta Carte PDF
No. 6 ~ 2007
82 Finance - Accountancy
No. 6 ~ 2007
Finance - Accountancy 83
6. conformity;
7.
8.
9.
ment;
10.information resources classification
and control.
In order for the ISO 17799 standard to
sary of the BS 7799-2standard. Its advantage ers to be trained.
informa
tion security management system to be im
a) defining the information security tives
b)
sary resources;
c) tegrity or ensuring business continuity;
ment;
d) security
e) controls selection;
f)
g)
IT Gov- ment in ensuring security
ernance Institute
of ISACAthe best practices for the
COBITControl
Objectives for Information and related Tech-
nology. COBIT structures the In order to achieve security objectives
into four areas
a)
b)
c)
d) monitoring and evaluation. ing levels
application security, first of all im
tives.
The security policy
(Secure Sockets Layer) etc.;
No. 6 ~ 2007
84 Finance - Accountancy
system security
The users are identified and authenticated
on a system level by a single security mecha resources;
integrity
on the system;
network security
by means of the integrity it is ensured that in
Virtual Private Network) and gate-
ways; be modified;
physical security availability it ensures that autho
organization security
conformity
regulations and standards.
into consideration the training in the field
security management system
ous advantages
of disaster.
It is mandatory for the to
quently on the modality of configuring the
safely accessing information (by em
rity measures can be also defined as the art of ment in and commitment to information se
curity;
The main security objectives regulations and local regulations;
confidentiality business continuity.
No. 6 ~ 2007
Finance - Accountancy 85
audit and
evaluation tools
standard access.
Logic access audit implies:
evaluating controls regarding system
evaluating the control environment in
2. Information Systems sults;
Security Audit
Information systems security audit
and logic
access audit
must be used (aiming to test the security)
phases
researching of the ac
cess;
most times the .
establishing the data in custody; valuable source for the auditor. C onsequent
establishing the security administrator; auditor is entitled to request an inter
for accessing documents;
No. 6 ~ 2007
86 Finance - Accountancy
No. 6 ~ 2007
Finance - Accountancy 87
tion environment. An internet connection
established by using the logic SSL module
(Secure Sockets Layer). SSL is integrated into
SET (Secure Electronic Transaction). In this material and financial conditions in order to
and it is only then that they are sent to the
identification number and message returning for an information system to be totally secu
be identifiable.
Server securitizing
ling the requests addressed to such and se
REFERENCES:
Oprea, Dumitru, Analysis and Design of Economic Information Systems -
No. 6 ~ 2007
88 Finance - Accountancy
No. 6 ~ 2007