Question

Class Accounting Information System

1. how does data differ from information?

2. what are sime internal control measures that could prevent a hacker from alteeinf data in your company’s database?

Answer 1

Ans. 1 : * Difference between data and information :

Data are simply facts or figures — bits of information, but not information itself. When data are processed, interpreted, organized, structured or presented so as to make them meaningful or useful, they are called information. Information provides context for data.

For example, a list of dates-data-is meaningless without the information that makes the dates relevant (dates of holiday).

Ans. 2 : Internal control measures are as follows :

1. Isolate sensitive databases—maintain an accurate inventory of all databases deployed across the enterprise and identify all sensitive data residing on those databases.
2. Eliminate vulnerabilities—continually assess, identify and remediate vulnerabilities that expose the database.
3. Enforce least privileges—identify user entitlements and enforce user access controls and privileges to limit access to only the minimum data required for employees to do their jobs.
4. Monitor for deviations—implement appropriate policies and monitor any vulnerabilities that cannot be remediated for any and all activity the deviates from authorized activity.
5. Respond to suspicious behavior—alert and respond to any abnormal or suspicious behavior in real time to minimize risk of attack.