An accountant's guide to managing control risks In today's networked world, security and risk control are no longer just the province of the IT department. Accountants and other business managers who are responsible for corporate risk management must fully understand the control and security risks that can affect the financial health of the entire organization. Risks, Controls and Security: Concepts and Applications introduces you to today's control risks and how to manage them. Beginning with basic systems controls and security awareness, the book provides you with a clear comprehension of the concepts, issues, and techniques of information security in a networked environment. Moving from theory to application, you'll cover all the key security principles that are applicable to all businesses, including e-businesses: * Enterprise risk management * Control and security frameworks * Basic cryptography and public key infrastructure * Security for operating systems, applications, database management systems, and telecommunications * Network and web security * Policy, regulation, and ethics Real-world problem scenarios and a wealth of pedagogical features--discussion questions, short exercises, example cases, and "concept maps" that help you visualize the material--ensure your confident grasp of the material and enable you to put "security into practice." Designed for practicing professionals as well as for students in accounting, business management, and computer science, Risks, Controls and Security will prepare you well for meeting the challenge of protecting information assets.
Recommendations
Security risk management using internal controls
WISG '09: Proceedings of the first ACM workshop on Information security governanceRather than treating security as an independent technical concern, it should be considered as just another risk that needs to be managed alongside all other business risks. An Internal Controls approach to security risk management is proposed whereby ...
Data Security and risks for IoT in intercommunicating objects
BDCA'17: Proceedings of the 2nd international Conference on Big Data, Cloud and ApplicationsNowadays Internet of Things" (IoT) codes are passive entities that encode information, The goal of this work is to give explicit interconnections between IoT specifications and interpreting IoT codes and information's in order to exchange information to ...
Prioritizing Cloud Security Controls
AWICT 2017: Proceedings of the Second International Conference on Advanced Wireless Information, Data, and Communication TechnologiesAs more and more organization move to the cloud, security remains a major concern. Given the unique nature of a cloud computing system, security threats take a different form in the cloud. These unique threats require unique security measures and ...