Computer Application Security Objectives
There are three objectives of computer application security, corresponding to the three direct negative effects on computerized data that they seek to overcome. Each specific application must be analyzed to determine the appropriate level of each of the three objectives.
The data is the same as the original input source and/or has been computed and maintained accurately. This objective protects against either accidental or purposeful modification or destruction of data (or programs).
The data is held in confidence and is protected from unauthorized disclosure. This objective protects against either accidental or purposeful disclosure of data to unauthorized persons.
Data and System Availability
Authorized users can obtain the required data and system services in a reasonable period of time. This protects against lack of access (or too slow access) to data, programs, and other system resources when required by authorized system users.
Source: Fundamentals of Computer Fraud. (1999). Austin, TX: Association of Certified Fraud Examiners.
© Copyright 2000 Raymond S. Kulzick. All rights reserved. 000620.
This publication provides business, financial planning, and/or tax information to our clients. All material is for general information only and should not be acted upon without seeking appropriate professional assistance.