discussion

"Preventing the unauthorized disclosure and loss of data has become almost impossible.  Employees and others can use iPods, flash drives, cameras, and PDAs such as iPhones to download data and remove it from an organization's premises."

 

Reply:   Do you agree or disagree with the statement above?  Please provide support for your position.  What controls from the chapter could be applied to reduce the risk of data disclosure and risk from these devices (please pick 3)?  How would the controls you choose reduce the risk?

Important categories of pervasive control plans are:

•Organization design (separation of duties).

•Personnel Policies.

•Monitoring.

•IT general controls.

Pervasive control plans:

•Provide a second umbrella of protection over AIS business processes.

•Operate across all business processes and affect a company’s capability to meet goals.

Storage of backup computer program and data

Security Guards

Back up batteries and generators