Question

1. What are the actions recommended by the Treadway Commission to reduce the possibility of fraudulent financial reporting?

3. Describe the difference between authentication and authorization?

4. What motives do people have for hacking? Why has hacking become so popular in recent years? Do you regard it as a crime? Explain your position.

5. What is the management's role in IS security?

Answer 1

1.

i) Educating management on the indicators of fraud.

ii) Employees functions are diversified which means that a task is to be divided among various members of the organization so that whenever a fraud is done it can be detected easily.

iii) External audit is to be in mandatory.

3.

Authentication: It involves identifying the person who he is and giving necessary permission to get along with something. For eg. User id and password of a person

Authorization: It involves permitting a person to get along by giving all the required access to get the information or something. For eg. Usage of pen-drive information by a person.

4.

1.Hacking is a legal activity which is permissible by the government or the institution educating it, to a certain limit say to the extent it is legal to be done. But it is illegally used by many of the professionals for their personal purposes and this is not to be done and here in this crisis it's a crime.

2. In legal terms it very helpful for the government security and many web services.

5.

The main role of a management's role in IS security will be complete analysis of the environment and make sure that they provide a better scope for working of employers and convenience for the visitors.

1. The management is wholly responsible for maintenance of the information security and its implementation.

2. It analysis the amount to be invested in information security for a organization and taking care of its enforcement activities.