Question

Explain how security and the other four principles in the Trust Services Framework affect systems reliabilityExplain how security and the other four principles in the Trust Services Framework affect systems reliability

Answer 1

Security is a top management issue—not an IT issue. Management is responsible for the accuracy of various internal reports and financial statements produced by the organization’s IS. Management must certify the accuracy of the financial statements and maintain effective internal controls.

The Trust Services framework identifies four essential criteria for successfully implementing the five principles of systems reliability:

• Develop and document policies.
• Effectively communicate those policies to all authorized users.
• Design and employ appropriate control procedures to implement those policies.
• Monitor the system, and take corrective action to maintain compliance with the policies.

Top management involvement and support is necessary to satisfy each of the preceding criteria.

Policy Development--A comprehensive set of security policies should be developed before designing and implementing specific control procedures. This process begins with taking an inventory of information systems hardware, software, and databases. Once the resources have been identified, they need to be valued in order to select the most cost-effective control procedures.