Security Measure in CBIS 1.

Access to system
Access to systems should be limited to authorized and responsible personnel only. Example: The use of personal identification number (PIN) Prevention from making more than three incorrect attempts Fingerprint, voice prints and password Application software and operating systems should be properly safeguarded against unauthorized access. Data and application software need to back up so that the copies can be used to restore the originals in case a corruption occurs. The backup of the application software should be checked at frequent intervals to ensure that it has not come corrupted in storage. The data file need to be backed up more frequently as the numerical values in the files changes at every processing

2. The security of data

3. Security backups

Type of Risk Type of Risk Unintentional Errors

These errors may appear in input data or during processing that will damage the accuracy and reliability of a firms files and outputs

Examples Accidentally striking the wrong

key on a terminal keyboard An incorrectly written computer program producing computational errors Deliberately increase the amount on a check received from a customer

Deliberate Errors
These errors constitute fraud. They may appear in input data, during processing or in generated outputs that will damage the accuracy and reliability of a firms files and outputs

Unintentional losses of assets

A firms assets including data may be accidentally lost or misplaced

Goods may be put into the wrong

warehouse bins the lead to pickers unable to find them when filling orders A file stored on a magnetic disk may be wiped out by a sudden power surge Thieves that break into a firms storeroom Embezzlement and larceny A hacker may break into a firms computerized files An employee may peek at a salary report in an unlocked file drawer Sabotage of computer facilities Fires that engulf computer rooms Hurricanes and floods

Thefts of assets
A firms assets may be stolen or misappropriated.

Breaches of security
Unauthorized access to firms data files and reports

Act of violence and natural disasters

Act of violence and natural disasters may damage a firms assets, including data.

Data Coding in Computer-based Systems

Classification of data is grouping the data into classes of data according to a certain classification plan. Coding of data is the assignment of symbols, such as letters and numbers, in accordance with a classification plan.

Attributes of codes
A coding system that supports a firms classification plan should: Uniquely identify objects Be as concise and simple as possible Allow for expected growth in the foreseeable future Be standardized throughout all functions and level within a firm

Coding System Coding System Mnemonic coding system

A code that provides visible clues concerning that objects it represent

Examples
AZ for Arizona WSW-P175R-14 represent a white sidewall radial tire of a specific size. Sequence codes in checks and sales invoices Customer number may be blocked by sales territory: 1-4999 Southern 5000-9999 Northern 5-73-201 is group coding for a type of raw material stored by a metal products manufacturer. The description of the group code is as follows: 5 Steel rods 73 Stored in the 7th bin row on the 3rd bin self 201 20 feet long and 1 sequence inch in the cross section

Sequence coding system

Assigning numbers or letters in consecutive order

Block coding system

Assigning series of numbers within a sequence to entities or event having common features

Group coding system

A refinement of the block code. It is a group coding system that has two or more sub-codes that identify facets pertaining to an object.