Internal auditors have an important role in communicating the threat posed by the spread of computer viruses and advising on appropriate control strategies. Computer virus is defined, distinguishing between “true” viruses and other rogue software like logic bombs, Trojan horses and worms. Some reported incidents are discussed; the application of risk management as an effective approach is considered. Control techniques are listed under the categories: organisational, software and hardware. How epidemiological analogy can be applied in high risk situations is explored through a system infection control programme under the direction of a system infection control committee.
CitationDownload as .RIS
MCB UP Ltd
Copyright © 1990, MCB UP Limited