Information System Security, Control and Audit

1. Discuss and illustrate the statement “IT security, control and auditing as a business enabler”.

IT security, control and auditing are acted in close relationship with each other. They are used extensively in different categories being specifically in business.

For IT security and control, the purpose of them are played a role on precautionary, safeguards and countermeasures to avoid, counteract or minimize security risk of business. Therefore, the enterprises’ internal information and property can be protection from theft, corruption or natural disaster, while allowing the information and property to remain accessible and productive to its intended user. For instance, when a unauthorized user enter an organization’s information system that have already been set up a set of security measures, the system will lock out the intruder, then sounding the intruder alarm, then recovering the organization to normal working status.

For IT auditing, the purpose of them are played a role on collecting and evaluating evidence of an organization’s information systems, practices and operations. It is performed to ascertain the validity and reliability of information for the evaluation, and then it can provide an assessment of a system’s internal control. For instance, in financial audit, the process of evaluation the figures of financial statement, so the organization can avoid the possible financial faults and disorder.

Obviously, IT security and control can protect some security issues, such as knowledge and customers’ information, and response some antagonism actions. IT auditing can assess and evaluate the level of a system’s control, then the organization can sense the risk of the current system early and can avoid some loss, such as information and assert. Thus, the information system are safeguarding assert, maintaining data integrity, and operating effectively to achieve

...