Assume you are the information system auditor of a large trading house. How would you ensure the system security and transaction security?

A Management Information System ICT Revision Questions and Answers

As the system auditor, I shall verify and carry out the following to ensure system security:
i. Platform security in terms of hardware robustness and up-to-date software.
ii. Proper and timely patching, updating, bug-fixing of the software.

iii. Well-defined access policies and roles for both end-users and administrators.
iv. Clear security guidelines for end users and system administrators.
v. Mechanism to ensure high availability for both system and network.
Similarly, to ensure the transaction security, I shall verify and carry out the following activities:
i. Recommend and enforce secure transaction modes such as those using encryption.
ii. By enforcing proper filtering and analytical arrangements to ensure that the data being transacted are safe.
iii. Enacting security alert and alarm mechanism for both the system administrators and end users in case of any breach or malpractice.
iv. Making sure that the system has necessary log record of each and every transaction happening in the system. This log is of high importance in case of any fraud or loss of data.

Leave a Reply

Your email address will not be published. Required fields are marked *