Computer Risks And Exposures

1420 Words3 Pages
bulb-icon

Recommended: Computer threats

Computer Risks and Exposures

Computers of all kinds within an organisation are constantly faced with a variety of risks and exposures. It is helpful if we first define these terms:

• Computer risk

Probability that an undesirable event could turn into a loss

• Computer exposure

Results from a threat from an undesirable event that has the potential to become a risk

• Vulnerability

A flaw or weakness in the system that can turn into a threat or a risk

The total impact of computer risks range from minor to devastating and could include any or all of:

• Loss of sales or revenues

• Loss of profits

• Loss of personnel

• Failure to meet government requirements or laws

• Inability to serve customers

• Inability to sustain growth

• Inability to operate effectively and efficiently

• Inability to compete successfully for new customers

• Inability to stay ahead of the competition

• Inability to stay independent without being acquired or merged

• Inability to maintain present customer/client base

• Inability to control costs

• Inability to cope with advancements in technology

• Inability to control employees involved in illegal activities

• Damage to business reputation

• Complete business failure

Computer risks. exposures and losses may be characterised as intentional or unintentional and may involve actual damage, alteration of data or programs as well as unauthorised dissemination of information. Objects which can be affected include physical items such as the hardware or hard-copy outputs which are both vulnerable to risks such as theft or loss; the tele-communications system which can cause major corporate grief if unavailable for any reason as well as being vulnerable to internal or external penetration; the applications software which, being a major control element, is vulnerable to change, bypassing or direct sabotage; systems software such as the operating system itself which can also be amended or circumvented; computer operations where control procedures may be amended or bypassed and the data itself where virtually anything could happen.

• The risks in I. S. are the reverse of the control objectives and must be treated as business risks. As such they are the responsibility of executive management with enforcement at a technical level. Obviously, the relative importance of risks will vary and the control techniques will vary from industry to industry and from company to company. The risks may be minimised but they can never be totally eliminated.

Computer System Threats

Threats may come from either external or internal sources and may be intentional or unintentional as well as malicious or non-malicious.

Internal threats may come from:

• Users

• Management

• IS Auditors

• IS Staff

• Others

Acting alone or in collusion.

Users

Threats from this source are the most commonly occurring and include errors, fraud, breach of confidentiality (commonly accidentally) or malicious damage.

Show More
Related

  • Engagement Risk Case Study

    1087 Words  | 3 Pages

    The risk that the auditor or audit firm will suffer harm after the audit is completed, even though the audit report was correct,

    Read More

  • Millercoors Case Study

    1381 Words  | 3 Pages

    All organizations and industries experience risk exposure, from both internal and external events. Accordingly, with outcome speculation being uncertain, organizations can experience either negative or positive effects. In general, the IS31000 defines risk as the “effect of uncertainty on objects” (Elliott, 2012 p.1.4). Consequently, the application of risk management practices helps minimize the effects of risk uncertainty on an organization and is accomplished through coordinating an organization’s activities by establishing control and creating policies in regards to risk. Risk’s most evident category is hazard risk which encompasses risk from accidental loss. In addition, operational risk stems from controls,

    Read More

  • The Use of Computers on Car Crash-Analysis Programs

    1014 Words  | 3 Pages

    In the world today, computers are used in every field. Be it a major space exploration or a small chore like cleaning our room. The use of computers has made our lives easier but at the same time a computer failure can make our lives miserable too. We trust computers more than we trust anything else these days. We use computers to communicate, share personal information, buy goods online, etc. We also trust computers with our safety. Starting from house alarm systems and other safety devices we have now moved on to using computers to Test Car Crashes.

    Read More

  • Homeland Security: The Mission Of Homeland Security

    1035 Words  | 3 Pages

    Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what

    Read More

  • HIPPA and the Privacy of Medical Records

    1335 Words  | 3 Pages

    There is constant concern about different kinds of devices and tools because of their vulnerability: laptops; personal computers in the home; libraries and public workstations; USB Flash Drives and email, to name a few. These items are easily accessible for those attempting to breach security.... ... middle of paper ... ...

    Read More

  • Why Software Systems Fail

    4133 Words  | 9 Pages

    Flynn, Donal J.; "Information Systems Requirements: Determination and Analysis"; McGraw-Hill Book Company; 1992Parnas; 1985; taken from: Sherer, Susan A.; "Software Failure Risk – Measurement and Management"; Plenum Press; 1992Jones, Carpers; "Patterns of Software Systems Failure and Success"; Thomson computer press; 1996Neumann, Peter G.; "Computer Related Risks"; Addison-Wesley publishing company; 1995Petroski, Henry; "To Engineer is Human"; MacMillan Publishing; 1985Flowers, Stephen; "Software failure: management failure"; Chichester: John Wiley and Sons; 1996.Report of the Inquiry into the London Ambulance Service; February 1993. Simpson, Moira (1994); "999!: My computers stopped breathing !"; The Computer Law and Security Report, 10; March – April; pp 76-81Dr. Dobbs Journal; January 1997 edition<a href="http://catless.ncl.ac.uk/Risks">http://catless.ncl.ac.uk/Risks<a href="http://www.scit.wlv.ac.uk ">http://www.scit.wlv.ac.uk <a href="http://www.bbc.co.uk/news">http://www.bbc.co.uk/news<a href="http://abcnews.go.com/sections/travel">http://abcnews.go.com/sections/travel

    Read More

  • Cumberland Risk Management Essay

    809 Words  | 2 Pages

    Risk is characterized as an occasion that has a probability of happening, and could have either a positive or negative effect to a project ought to that risk occur. A risk may have at least one causes and, on the off chance that it happens, at least one effects. For example,

    Read More

  • Technology Threatens Your Privacy

    959 Words  | 2 Pages

    ...n. While many people don’t realize it, there is always risk when you use the internet. You must be able to know how to defend yourself against these attacks or you risk losing it all.

    Read More

  • The Avantages of Outsourcing

    835 Words  | 2 Pages

    Lastly is an insider threat. Insider threats is attacks on computer by outsider (crackers) are more publicized, attacks perpetrated by insiders are very common and often more damaging. Even with the stronger technology safeguard in place, information systems still suffer a lot of damage. The main reason for this threat it is that the security measures cater only for external threat and none can be used to catch the most dangerous threat, but trusted insider

    Read More

  • Payment Systems and Security

    1239 Words  | 3 Pages

    It is also useful to consider not only these specific threats, but also the underlying themes that are of particular concern in recent years. Three such themes are terrorism, identity theft and internal fraud (that is, fraud committed by employees or other “insiders” in the organization).

    Read More

  • The Five Steps Of Risk Management In Coca-Cola

    965 Words  | 2 Pages

    As the first step, identify potential risks plays a crucial role in the risk management process. The core purpose of identifying risk is to figure out causes of risk and analyze result caused by the risks and its probability . Hence, risk identification can begin with the source of problem, or with the problem itself. The chosen method of identifying risk may depend on culture, industry practice and compliance. The identification

    Read More

  • Thesis Statement For Risk Management

    2180 Words  | 5 Pages

    Risk mitigation is also the process of controlling actions, which are identified, and selecting the suitable ones to reduce risk according to project objectives (Pa, 2015). Risk mitigation is important in IT organizations in so many ways. According to Ahdieh, Hashemitaba, Ow (2012), mitigation of risk provides a mechanism for managers to handle risk effectively by providing the step wise execution of the risk handling (as cited in Pa, 2015, pg. 49). Some risks, once identified, can readily be eliminated or reduced. However, most risks are much more difficult to mitigate, particularly high-impact, low-probability risks. Therefore, risk mitigation and control need to be long-term efforts by IT project managers throughout the project lifecycle. There are three types of risk mitigation strategies that hold unique to Business Continuity and Disaster

    Read More

  • Computers and Health

    2805 Words  | 6 Pages

    For my I-Search topic I chose to research health related issues due to increased computer usage both in the work and home settings. Computer technology is becoming commonplace in the work field. As a teacher, I use the computer to present topics to my students, enter grades, send email to co-workers and parents, and to post homework assignments on the Internet. Ten years ago, teachers and other professionals used computers on a limited basis. I became interested in the side effects caused by prolonged usage of computers since several family members complain of wrist soreness as well as eyestrain due to the effects of monitor radiation.

    Read More

  • The Effects of Computers on Everyday Life

    806 Words  | 2 Pages

    Computers have changed the way that the world works in many different ways. Some of these changes are positive and some of these changes have had negative effects on our lives. From an industrial standpoint most of these changes have been helpful to businesses and the economy. In the medical field computers have had an impact in many different areas, ranging from the way appointments are made to the carrying out of everyday tasks.

    Read More

  • The Pros And Cons Of Computer Based Education

    1005 Words  | 3 Pages

    theft and cheating. Identity theft is a very serious crime and due to the resources made available

    Read More

More about Computer Risks And Exposures

Open Document