BUS 082 Lecture Notes - Lecture 27: Computer Virus, Plaintext, Internal Control
Document Summary
The organisational plan and all related measures that an entity adopts to. Characteristics of an effective internal control system: Encourage adherence of personnel to company policies. Consists of general controls and accounting controls. Separation of the custody of assets from accounting. Separation of the authorisation of transactions from the custody of related assets. Separation of duties within the accounting function. Security should be assigned to data based on the value of the data and confidentiality requirements. Reviews of access rights should be undertaken. Logs should be reviewed for suspicious activity. Personnel who move throughout the organisation should have their access reviewed to prevent access creep". People who leave an organisation should have their duties revoked. Access controls should reinforce segregation of duties. Plain-text messages are rearranged by some mathematical process. Encrypted message cannot be read by anyone who doesn"t have the key. Limit access to a network in order to keep out intruders. Most measures can be circumvented or overcome.