- This topic has 5 replies, 2 voices, and was last updated 2 years ago by
.
- Posts
Board of directors were recently embarrassed when a very unhappy junior human resource employ emailed details of their salaries to the entire company.An investigation revealed that the human resources director had lent his user name and password to the junior employee so that routine maintenance of the human resources database could be conducted whilst the director was on vacation.Duringthe director’s vacation,the junior employee had used the director’s username and password to access the board’s salary records. Which of the following controls could have helped to prevent this breach of confirmed confidential??
Sir answer me this question and why you answer it?
Unless you have been given this as a test question, you must have an answer in the same book in which you have found the question. So ask about whatever it is in the answer that you are not clear about and I will explain.
(We do not provide answers to homework questions, and if that is not the case then there is no point in attempting questions for which you do not have an answer – you should be using a Revision Kit from one of the ACCA Approved Publishers because they have answers and explanations!!)
Thank you sir, I have the revision kit book and I have got the answer. Although there is the answer, the answer doesn’t make sense for me . I thought the answer is updating their password, not knowing how it come, the book said they have to manage the database in order to protect confidential information.
How can it be?
The problem is that the junior employee did need to do routine maintenance and so did need access to part of the database. However the director’s password gave access to everything, including confidential information, and so even if he had changed his password the problem would remain (because she would still need a password to be able to do maintenance).
The way to avoid the problem would be to organise things so that she could have a password that only allowed her access to the things she needed to be able to access, and not given her the password of the director which gave her access to everything.
- The topic ‘Information technologies and system’ is closed to new replies.