Professional Documents
Culture Documents
Example; QUESTION
Describe hash functions, and provide two purposes which they can be used for.
Answer:
Hash functions are mathematical algorithms that generate a message summary or digest, and
are sometimes called a fingerprint. (1 mark)
They are used to confirm the identity (1 mark) of a specific message and
to confirm that there have not been any changes (1 mark) to the content.
Justification:
The chance of insider fraud can be very hard to predict, but is clearly possible. Depending on how long it takes for
the fraud to be identified, there could be significant impact on the organizations finances.
Assuming there is a regular monthly audit check of the firm’s cash flow, it is likely the fraud will be detected
relatively quickly, which suggests a moderate consequence rating. Again changing these assumptions will change
the ratings.
Recommend Controls:
To manage the risk to "integrity of the accounting records on the server" from "financial fraud by an
employee, disguised by altering the accounting records ", some suitable specific controls from Table 15.3
could include: Separation of Duties, Access Control Supervision and Review, Audit Monitoring, Analysis,
and Reporting, User Identification and Authentication, and Personnel Screening.
Cost-effective Controls:
the most cost-effective controls are likely to include Separation of Duties to ensure that significant
financial transactions must be authorized by multiple staff, along with Access Control Supervision and
Review to help detect fraud should it occur.
Powerpoint Slides
As far as the text book material is concerned, if it was not covered in the PowerPoint slides then it is less
likely that it will be in the exam.
Refer to the previous slide on Collaborate Sessions.