NCJ Number
90285
Editor(s)
D B Hoyt,
D M Ley,
S F Piron,
J K Roth
Date Published
1973
Length
178 pages
Annotation
Thirteen papers deal with various aspects of computer security, including management's role in computer security, computer facility physical security, monitoring devices, hardware elements of security, auditing computerized systems, and computer risk insurance.
Abstract
In the discussion of management's role in computer security, it is noted that management must identify the risks and the consequences of cost versus exposure for each type of threat. Consideration of computer facility physical security includes selecting and preparing the physical location, fire prevention and detection, access controls, and safeguarding data processing records, the program library, and system files. A monitoring device is the method or technique used to ensure compliance with the standards for the computer security system. Various types of security devices are described. Another chapter deals principally with the means by which hardware elements of a data processing system affect the security and integrity of its operations. A checklist for hardware security and integrity is provided. A review of security topics related to using data processing service bureaus is included, as well as a discussion of what to look for when working in a service bureau environment. The chapter on software control and security examines the security of the software itself, its protection from physical danger, and security through elements of the software, such as its own integrity. Other chapters focus on forms and related supplies, the management of employees to increase security, outside contract services, and accountability and reporting. Fifty-seven bibliographic entries and a subject index are provided.