- Email: [email protected]
Survey questionnaire
The sections of the seminar that dealt with audit techniques were too compressed, and little attention was paid to current computer issues. One such issue which might have provoked lively debate is the consequences to organisations of extensive distributed processing and the many and varied problems raised by the growth of international telecommunications networks. For details of future courses contact: Education for Business and Industry Ltd, 34 Biddulph Road, South Croydon CR2 8QB, UK. Tel: 01-668 6183.
FUTURE
SEMINAR
Network Seminars, UK, is running a repeat of its practical workshop on computer-related fraud at the Tower Hotel, London, from 5-7 March 1979.
-
Delegates need no detailed computing knowledge.
- Fraud and other security risks are demonstrated in the classroom on mini computers and programmable calculators. - Each delegate is given a programmable calculator for use in sessions which simulate the risks of fraud in * *
* *
purchasing systems sales
disbursements and receivables nominal ledger updates
- Frauds involving false input, amendment to master files, program patches and manipulated output are simulated, and their impacts measured and monitored. - Comprehensive guidelines on the prevention and detection of fraud are suggested. The seminar is limited to 30 delegates. Details can be obtained from: Network Seminars, 5 Vincent Square, London SWl, UK. Tel: 01-834 4161/7160. The cost of the three-day course, including all handout material and a programmable calculator, which delegates keep, is E230 (inclusive of Value Added Tax).
SURVEY QUESTIONNAIRE Continued from last month
Last month we reported on Geoffrey Horwitz's survey of different ideas about what constitutes acceptable behaviour in the world of computers. Below is the second example he used in his questionnaire. QUESTION:
Your company has had an exceptionally bad year. Problems arising from inflation and economic uncertainty have caused management (which has a good record) to make some atypically erroneous decisions. They would like to publish profit and loss accounts which reflect a break-even rather than the loss which has actually taken place. As data processing manager, you agree to ensure that the average price of stock-intrade in increased by 10%. You can do this quite easily by adjusting the overheads which are part of
COMPUTERF~~D&SECUBITT~
VollNo3
11
the product cost, plus of allocating costs. How would
you rate
the above
0
-
OKAY
-
UNETHICAL0
-
one or two changes
in the basis
behaviour?
DISHONEST ILLEGAL0
0
-
CAN'T
DECIDE0
(In Horwitz's initial sample group of 226 people, 14 rated it as and the remainder as DISHONEST, ILLEGAL OKAY, 28 as UNETHICAL, or CAN'T DECIDE.)
LITERATURE SECURITY ACCURACY AND PRIVACY
NOTEBOOK COMPUTER SECURITY INSTITUTE
SECURITY, Martin.
ACCURACY (Prentice
AND PRIVACY IN COMPUTER Hall, Englewood Cliffs,
SYSTEMS, by James New Jersey, USA 197:.
Current training of computer people concentrates on operation of a system rather than security and reliability. However, the emphasis is slowly changing and manufacturers like IBM, ICL, Honeywell and DEC have held courses and published materials that encourage users to improve the security of their computer systems. This book provides useful external and independent advice to users on this subject.
One of the very few organisations devoted full-time to computer Membership benefits security is the US Computer Security Institute. include: *
Special
*
Computer
*
Access
*
A 373-page Computer Security Manual in loose-leaf contains useful guidance on most computer-related
seminars Security through
and annual
gatherings
Newsletter
a hot
line
to computer
security
expertise form which security subjects
The Advisory Committee includes Brandt Allen of the University Virginia and Donn B Parker of the Stanford Research Institute, California. Membership costs US$75.00 per annum. Computer Security Institute, Massachusetts 01749, USA.
All reasonable and Publisher profit, arising
5 Kane
Industrial
Estate,
of
Hudson,
care is taken in the compilation of information for this bulletin. However, the Editor do not accept responsibility for any claim for damages, consequential loss, or loss of from the use of the information.
Elsevier International Bulletins Editorial
Mayfield
Office:
House, 256
Banbury Road, Oxford OX2 7DH.
England
Orders, payments and fulfilment enquiries to: PO Box 851, 1001 Lausanne 1, Switzerland. USA: 52 Vanderbilt Avenue, New York, New York 10017 Subscription
rates:
1 year 2 years
s110.00 8200.00
f 55.00 f 100.00
(UK only) (UK only)
Have you ordered your binder7 A specially designed binder is available of COMPUTER FRAUD & SECURITY BULLETIN $9.50 f3.60 (UK only)
for your personal
copies
FUTURE
SEMINAR
Network Seminars, UK, is running a repeat of its practical workshop on computer-related fraud at the Tower Hotel, London, from 5-7 March 1979.
-
Delegates need no detailed computing knowledge.
- Fraud and other security risks are demonstrated in the classroom on mini computers and programmable calculators. - Each delegate is given a programmable calculator for use in sessions which simulate the risks of fraud in * *
* *
purchasing systems sales
disbursements and receivables nominal ledger updates
- Frauds involving false input, amendment to master files, program patches and manipulated output are simulated, and their impacts measured and monitored. - Comprehensive guidelines on the prevention and detection of fraud are suggested. The seminar is limited to 30 delegates. Details can be obtained from: Network Seminars, 5 Vincent Square, London SWl, UK. Tel: 01-834 4161/7160. The cost of the three-day course, including all handout material and a programmable calculator, which delegates keep, is E230 (inclusive of Value Added Tax).
SURVEY QUESTIONNAIRE Continued from last month
Last month we reported on Geoffrey Horwitz's survey of different ideas about what constitutes acceptable behaviour in the world of computers. Below is the second example he used in his questionnaire. QUESTION:
Your company has had an exceptionally bad year. Problems arising from inflation and economic uncertainty have caused management (which has a good record) to make some atypically erroneous decisions. They would like to publish profit and loss accounts which reflect a break-even rather than the loss which has actually taken place. As data processing manager, you agree to ensure that the average price of stock-intrade in increased by 10%. You can do this quite easily by adjusting the overheads which are part of
COMPUTERF~~D&SECUBITT~
VollNo3
11
the product cost, plus of allocating costs. How would
you rate
the above
0
-
OKAY
-
UNETHICAL0
-
one or two changes
in the basis
behaviour?
DISHONEST ILLEGAL0
0
-
CAN'T
DECIDE0
(In Horwitz's initial sample group of 226 people, 14 rated it as and the remainder as DISHONEST, ILLEGAL OKAY, 28 as UNETHICAL, or CAN'T DECIDE.)
LITERATURE SECURITY ACCURACY AND PRIVACY
NOTEBOOK COMPUTER SECURITY INSTITUTE
SECURITY, Martin.
ACCURACY (Prentice
AND PRIVACY IN COMPUTER Hall, Englewood Cliffs,
SYSTEMS, by James New Jersey, USA 197:.
Current training of computer people concentrates on operation of a system rather than security and reliability. However, the emphasis is slowly changing and manufacturers like IBM, ICL, Honeywell and DEC have held courses and published materials that encourage users to improve the security of their computer systems. This book provides useful external and independent advice to users on this subject.
One of the very few organisations devoted full-time to computer Membership benefits security is the US Computer Security Institute. include: *
Special
*
Computer
*
Access
*
A 373-page Computer Security Manual in loose-leaf contains useful guidance on most computer-related
seminars Security through
and annual
gatherings
Newsletter
a hot
line
to computer
security
expertise form which security subjects
The Advisory Committee includes Brandt Allen of the University Virginia and Donn B Parker of the Stanford Research Institute, California. Membership costs US$75.00 per annum. Computer Security Institute, Massachusetts 01749, USA.
All reasonable and Publisher profit, arising
5 Kane
Industrial
Estate,
of
Hudson,
care is taken in the compilation of information for this bulletin. However, the Editor do not accept responsibility for any claim for damages, consequential loss, or loss of from the use of the information.
Elsevier International Bulletins Editorial
Mayfield
Office:
House, 256
Banbury Road, Oxford OX2 7DH.
England
Orders, payments and fulfilment enquiries to: PO Box 851, 1001 Lausanne 1, Switzerland. USA: 52 Vanderbilt Avenue, New York, New York 10017 Subscription
rates:
1 year 2 years
s110.00 8200.00
f 55.00 f 100.00
(UK only) (UK only)
Have you ordered your binder7 A specially designed binder is available of COMPUTER FRAUD & SECURITY BULLETIN $9.50 f3.60 (UK only)
for your personal
copies