With the advent of electronic commerce, and the increasing sophistication of the information systems used in business organizations, control and security have become key management issues. Responsibility for ensuring that controls are well designed and properly managed can no longer simply be delegated to the technical experts. It has become an area in which the whole management team needs to be involved.
This comprehensive review, written for the business reader, includes coverage of recent developments in electronic commerce, as well as the more traditional systems found in many organizations, both large and small.
Intended for any manager whose work depends on financial or other business information, it includes case studies, summaries and review questions, making it equally suitable as a source text for students of business studies at postgraduate or advanced level.
'Touching on important aspects such as the Data Protection Act and the Misuse of Computers Act - it would be a great surprise to me if Security and Control in Information Systems did not become a standard work in the field of IT in general, and for students of IT and information systems in particular. - Security Managment Today
Introduction Part 1: Threats and Risks 1.Information under Threat 2.Risk Appraisal Part 2:Controls for Internal Services 3.Computerised Controls: the Organizational Context 4.Access Controls 5.Controls within Business Processes Part 3:Controls for Networked Services 6.Controls for Network Communications 7.Managing Security for Network Services 8.Controls for Local Area Networks and Small Systems Part 4:Business Continuity and Archiving 9.Business Continuity 10.Controls for Archived Data Part 5:Computer Audit 11.Computer Audit:Introduction of New Systems 12.Computer Audit: Control of Existing Systems 13.Computer Forensics Part 6:Regulation and Standards 14.Security Standards and Codes of Practice.