U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

GUIDE TO EDP (ELECTRONIC DATA PROCESSING) AND EFT (ELECTRONIC FUNDS TRANSFER) SECURITY BASED ON OCCUPATIONS

NCJ Number
48900
Author(s)
ANON
Date Published
1977
Length
83 pages
Annotation
GUIDELINES FOR DETECTING AND PREVENTING ACCIDENTAL OR INTENTIONAL ABUSE OF EDP (ELECTRONIC DATA PROCESSING) AND EFT (ELECTRONIC FUNDS TRANSFER) SYSTEMS BY EMPLOYEES ARE PRESENTED.
Abstract
THE GUIDE IS DESIGNED FOR BANK EXAMINERS WHO EVALUATE AUDIT EFFECTIVENESS, FOR AUDITORS WHO EVALUATE COMPUTER SYSTEMS AND NETWORK SECURITY, AND FOR EDP MANAGERS. THE GUIDE IS ORGANIZED AROUND 20 OCCUPATIONS CHOSEN BECAUSE THEY INVOLVE SKILLS, KNOWLEDGE, AND ACCESS RELEVANT TO THE SECURITY OF COMPUTER SERVICES AND ASSETS FOUND IN EDP AND EFT. FOUR CLASSES OF VULNERABILITIES (PHYSICAL, TRANSACTIONAL, PROGRAMMING, AND ELECTRONIC), 17 TYPES OF AUDIT TOOLS AND TECHNIQUES FOR DETECTION, AND 8 CLASSES OF CONTROLS FOR DETECTION AND PREVENTION ARE IDENTIFIED. FOR EACH OCCUPATION, THE FOLLOWING INFORMATION IS PRESENTED: JOB FUNCTIONS; PROBABLE EFT EMPLOYERS; SECURITY-RELEVANT SKILLS, AND WORK AREA ACCESS; VULNERABILITIES OF AN EDP SYSTEM TO ACCIDENTAL OR INTENTIONAL ACTS BY A PERSON IN THE OCCUPATION; AUDIT TOOLS AND TECHNIQUES AND EDP CONTROLS THAT CAN REDUCE THE VULNERABILITIES; AND RELATED ISSUES AND PROBLEMS. OTHER SECTIONS OF THE GUIDE DESCRIBE THE EDP AND EFT ENVIRONMENT, GENERAL REMEDIES THAT APPLY TO EDP AND EFT PERSONNEL, CLASSIFICATION OF VULNERABILITIES, AND AUDIT TOOLS AND CONTROLS. CHARTS AND DIAGRAMS ARE PROVIDED. (AUTHOR ABSTRACT MODIFIED--LKM)