Computer Application Security Objectives

There are three objectives of computer application security, corresponding to the three direct negative effects on computerized data that they seek to overcome. Each specific application must be analyzed to determine the appropriate level of each of the three objectives.

Data Integrity

The data is the same as the original input source and/or has been computed and maintained accurately. This objective protects against either accidental or purposeful modification or destruction of data (or programs).

Data Confidentiality

The data is held in confidence and is protected from unauthorized disclosure. This objective protects against either accidental or purposeful disclosure of data to unauthorized persons.

Data and System Availability

Authorized users can obtain the required data and system services in a reasonable period of time. This protects against lack of access (or too slow access) to data, programs, and other system resources when required by authorized system users.

 

Source: Fundamentals of Computer Fraud. (1999). Austin, TX: Association of Certified Fraud Examiners.

Copyright 2000 Raymond S. Kulzick. All rights reserved. 000620.

This publication provides business, financial planning, and/or tax information to our clients. All material is for general information only and should not be acted upon without seeking appropriate professional assistance.

Home

Main Page

Contact

Search

Contact rkulzick@kulzick.com with questions or comments about this web site.
Copyright 2000 Kulzick Associates, PA - Last modified: September 13, 2008