Wait a second!
More handpicked essays just for you.
Computer threats
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Computer Risks And Exposures
1420 Words3 Pages
Recommended: Computer threats
Computer Risks and Exposures
Computers of all kinds within an organisation are constantly faced with a variety of risks and exposures. It is helpful if we first define these terms:
• Computer risk
Probability that an undesirable event could turn into a loss
• Computer exposure
Results from a threat from an undesirable event that has the potential to become a risk
• Vulnerability
A flaw or weakness in the system that can turn into a threat or a risk
The total impact of computer risks range from minor to devastating and could include any or all of:
• Loss of sales or revenues
• Loss of profits
• Loss of personnel
• Failure to meet government requirements or laws
• Inability to serve customers
• Inability to sustain growth
• Inability to operate effectively and efficiently
• Inability to compete successfully for new customers
• Inability to stay ahead of the competition
• Inability to stay independent without being acquired or merged
• Inability to maintain present customer/client base
• Inability to control costs
• Inability to cope with advancements in technology
• Inability to control employees involved in illegal activities
• Damage to business reputation
• Complete business failure
Computer risks. exposures and losses may be characterised as intentional or unintentional and may involve actual damage, alteration of data or programs as well as unauthorised dissemination of information. Objects which can be affected include physical items such as the hardware or hard-copy outputs which are both vulnerable to risks such as theft or loss; the tele-communications system which can cause major corporate grief if unavailable for any reason as well as being vulnerable to internal or external penetration; the applications software which, being a major control element, is vulnerable to change, bypassing or direct sabotage; systems software such as the operating system itself which can also be amended or circumvented; computer operations where control procedures may be amended or bypassed and the data itself where virtually anything could happen.
• The risks in I. S. are the reverse of the control objectives and must be treated as business risks. As such they are the responsibility of executive management with enforcement at a technical level. Obviously, the relative importance of risks will vary and the control techniques will vary from industry to industry and from company to company. The risks may be minimised but they can never be totally eliminated.
Computer System Threats
Threats may come from either external or internal sources and may be intentional or unintentional as well as malicious or non-malicious.
Internal threats may come from:
• Users
• Management
• IS Auditors
• IS Staff
• Others
Acting alone or in collusion.
Users
Threats from this source are the most commonly occurring and include errors, fraud, breach of confidentiality (commonly accidentally) or malicious damage.