Controls for Information Security - Essay Example

Controls for Information SecurityHow Information Security Affects Information Systems ReliabilityAccording to Romney, et al (2012), information Security affects information systems reliability by ensuring that malicious threats do not cause downtime. Users require accurate, comprehensive and timely data that the information security must protect from loss or theft by third parties (Romney, et al, 2012). This implies that an organization wants an information system that is reliable to produce the intended functions.

The other way that information security affects information systems reliability is the protection against data failure (Romney, et al, 2012). It is evident that data failures can lead to time wastage and costly expenditures to repair the damage caused due to loss of vital information. In this regard, data confidentiality, integrity and availability must be maintained with a viable information security system. The other third parties or unauthorized users must not gain access to the organization’s data since this reduces the credibility of the data (Romney, et al, 2012).

The performance of the information system depends on the security measures installed in the entire system. For instance, an organization should ensure that its systems maintain the essential tenets of data, which are confidentiality, reliability and accuracy. The process entails the installation of modern and updated information security system that protects the data against malicious access. Information security also ensures that all the users must protect their systems from usage by other persons since this can jeopardize the operations of the entire organization (Romney, et al, 2012).

The enhancement of data reliability occurs if the information transferred or retrieved is accurate and complete in its original function. How a Combination of Preventive, Detective, and Corrective Controls Can Be Employed To Provide Reasonable Assurance about the SecurityThe combination of preventive, detective and corrective controls is suitable for the security of an organization’s information system because the multiple control layers work together to avoid a single point of failure. The detective controls comprise of log analysis, intrusion detection systems and constant monitoring of the system (Romney, et al, 2012).

Similarly, the preventive mechanism identifies the probability of an attack and initiates control measures, such as IT solutions, physical security or change of controls and management. The preventive control functions towards identifying and blocking the malicious risks (Romney, et al, 2012). It involves the observation of safe computing practices that hinder unwarranted access by others. After the prevention measures, the corrective controls ensure that, the affected data can be restored to usefulness.

Considering this, the combination or the detective, preventive and corrective controls work through the entire systems by recognizing threats both internally and externally. Controls must always be in place in an organizational system since they protect the deletion, copying or transfer of data (Romney, et al, 2012). This implies that controls also serve as data security that may reach the hands of unauthorized parties. It is essential to install all the control strategies that function together towards achieving the organizational performance (Romney, et al, 2012).

This is because it is easy to thwart fraud cases that might involve the fabrication of data to suit the cyber criminals. The combination of the preventive, detective and corrective controls seal all the gaps that might allow network traffic or illegal access. The absence of one control mechanism gives a void where data can be lost or corruption of the system may occur. The management of the control tools also requires the usage of the various methods, such as the constant change of passwords and locking of computer rooms (Romney, et al, 2012).

ReferenceRomney, M. B. (2012). Accounting information systems. Frenchs Forest, N.S.W: Pearson Australia.