Premium Essay

Erp Security Management

In: Business and Management

Submitted By sunlox
Words 6202
Pages 25
Anthony Wataka
Accounting Information Systems
Information Security Management within ERP Systems Research Paper

This paper will discuss research on Information Security Management (ISM) within Enterprise Resource Planning (ERP) Systems since information security continues to be a hot topic in the business world. The major focus of the paper will be threefold: an analysis of the ERP systems in the present day, a relation of these systems to the accounting and auditing world, and finally, the future of the technology, given its vast impact in the business world.
Notable ERP Systems Research
Key research pertinent to this paper includes the works of Grabski et al. (2011) who discuss various issues relating to the security environment, as regards the ERP systems. They talk about the risk associated with ERP systems implementation and define it as a “problem that has not occurred but has the potential to cause loss” (Grabski et al. 2011, p. 55). They mention that there is a need for ERP audit techniques, such as embedded audit modules, to control security risks (2011, p.55). This paper will utilize their research work to analyze auditing in an ERP environment by examining security risks and internal controls after ERP implementation.

Additionally, Hunton et al. (2004) try to address the issue of risk associated with ERP systems, in the context of auditing (p.1-23). Hunton et al. (2004) analyze how financial auditors compare ERP systems related risks to non-ERP systems risks (p.1). They also address the issue of the likelihood of financial auditors to consult IT auditors to help them assess ERP systems risks (Hunton et al., 2004, p. 1). With that in mind, they suggest that financial auditors may fail to recognize certain security related ERP systems security risks, compared to IT auditors (p. 1). This paper will briefly look at how enterprises…...

Similar Documents

Premium Essay

Global and Domestic Security Management

...GM 594: Global and Domestic Security Management Table of Contents I. Introduction i. An example of an international company ii. Introduction to the subject of the paper II. Background i. Geographical location ii. History and its consequences of on this region iii. Current financial and economical situation III. Differences in the cultures i. Common ways of doing business ii. Understanding the culture and traditions IV. Security issues i. Benefits of establishing a business in this region ii. Business security issues facing an organization iii. Adverse effects on an organization V. Recommendations on reducing the risk i. Protection of assets and information ii. Protection of labor iii. Adhering to the laws and regulations VI. Conclusion VII. Works Cited Business Opportunities in Eastern Europe I. Introduction How safe is it to explore the business markets outside of the USA, particularly in the undeveloped markets? A good example of a company willing to take the risk to discover new business opportunities in such economic markets is the Coca Cola Company. Its early recognition of the global demand for their products led them to explore investing in the yet unexplored, and politically and economically challenged markets including the markets in the region of Eastern Europe. In the early 1990s, after some significant political and economical changes in this region,......

Words: 4049 - Pages: 17

Premium Essay

Risk Management Security

...Project Part 1 Task 2 Risk Management Plan Alen Kovacevic C. Wyrick IS3110 January 29, 2013 Purpose The Senior Management of the Defense Logistics Information Services (DLIS) has decided to update the previous risk management plan with a developing, new risk management plan. This new risk management plan will not only minimize the amount of risk for future endeavors, but will also be in compliance with regulations such as the Federal Information Security Management Act (FISMA), Department of Defense (DOD), Department of Homeland Security (DHS), National Institute of Standards and Technology (NIST), Control Objects for Information and Technology (COBIT), and Information Assurance Certification and Accreditation Process (DAICAP). Scope The risk management plan is for the organization use only and its network, including remote access company owned building in United States. Outside sources from this scope and risk management plan may cause the network infrastructure to fail or will make it a high risk structure due to the fact that the outside source may not protected to interact with other outside sources allowing hackers to infiltrate your system and steal important files. Compliances Federal Information Security Management Act (FISMA) compliance is required for federal agencies to protect their important information. Department of Homeland Security (DHS) compliance is to be required for protection to the United States against terrorists. There are other......

Words: 1365 - Pages: 6

Free Essay

Sap Erp Human Capital Management

...SAP Information Sheet SAP ERP Human Capital Management SAP Enterprise Learning Quick Facts Overview © 2013 SAP AG or an SAP affiliate company. All rights reserved. Boost Productivity and Employee Satisfaction with SAP® Enterprise Learning Quick Facts Overview Summary SAP® Enterprise Learning is a comprehensive enterprise learning environment in which business and learning processes can be managed and integrated. It helps ensure that employees have the right skills and qualifications by enabling course content management, providing classroom training and e-learning, and managing learning processes. Objectives • Overcome shortage of qualified, trained people in key roles • Address the development needs of a global, mobile, multigenerational workforce • Ensure that training costs, usage, impact, and effectiveness are all transparent • Adhere to regulatory compliance requirements Solution • Collaborative resources to keep worker skills current • Support for a comprehensive learning approach • Learning units based on a learner’s personal data • Modular, reusable learning content • Quick identification of information needed Benefits • Tailor-made learning opportunities for key contributors • Retention of key talent and increased employee satisfaction • A skilled workforce with better training • Reduced risk of regulatory noncompliance • Integration of the software with existing enterprise resource planning software • Streamlined processes Learn more Call......

Words: 656 - Pages: 3

Free Essay

Security Management

...Security and Management week 1 conference 1 Since 9/11 security has moved from the periphery to the center, with the Government, Private Organizations, and individual citizens placing more emphasis on the need for Security. Security services today are sophisticated and complex it involves the use of criminal and civil law, investigations, policy formulation, psychology, and sociology just to name a few. The most important purpose of security is that of guardian and protector (ortemeir 2013 pg. 4). Ortemeir states that large facilities can utilize security personnel, instead of mailroom staff, to provide internal mail and delivery services, thus increasing value to the organization by cutting delivery costs, while increasing patrol activity. In an organizational sense security is a function and responsibility that is throughout the operation of all public agencies and private institutions. (Ortemeir 2013 pg. 4-5) The roles of public law enforcement are to keep the peace, maintain order, police public property, and respond to and investigate reported crimes on public, and private property, the public police have no authority to enforce a private organizations policies and procedures. Some of the benefits of Law enforcement, and Security partnerships for example include Law enforcement can prepare private security to assist in emergencies, obtain free training, and services, reduce the numbers of calls for service. Security services providers can gain information from law...

Words: 258 - Pages: 2

Free Essay

Cloud Computing and Erp Security

...driving force behind the Cloud computing which allows the Cloud service providers to run multiple virtual servers simultaneously on one particular host. Cloud computing is one of the latest innovations of IT which claims to be all capable of driving the future world of IT within minimum costs. This concept of cloud computing being one side widely accepted by normal users while on the other hand majority of the Organizations have some serious security concerns before moving to this form of IT evolution. In this research proposal all the potential security and confidentiality threats associated with the cloud computing were first investigated and then appropriate security and confidentiality recommendations is to be proposed and published. A diminutive computing interface providing cloud computing based services is also to be designed in-order to explain more precisely as how these suggested cloud computing security and confidentiality recommendations be implemented...Practically. 1. INTRODUCTION Cloud computing and Security is a new buzzword in the business industry today. The idea leading to cloud computing paradigm is that the computing resources and software are available to the end user, whether an organisation or an individual, in a virtualized environment (cloud) and the user can access it on demand and using a ‘pay as you go’ approach. These services in industry are respectively referred to as Infrastructure as a Service (Iaas), Platform as a Service......

Words: 6240 - Pages: 25

Premium Essay

Computer Updating and Security Management

...Computer Updating and Security Management Once again the IT Administrators have asked to clarify certain points to them on the implementation of the new network being installed. This takes in account that they know the basics of Server 2008 for windows, and have some knowledge working it. Let us then answer their questions on computer updating and security management. The first thing to address is the software and service Microsoft Server 2008 had in place for centralized updates. IT has a program called WSUS that allows all updates to be centralized from one place. It allows update support for a lot of computers up to 100,000, which leaves more than enough room for the school to grow. Since the main office will be the center I would set up a standard Hierarchy of WSUS (Moskowitz, n.d.). An upstream server which is located in the main office will approve and deploy the updates. The downstream server would be located at the school site. They will download the updates from the upstream server and parceled out to the computers/clients allowed. This will be a good fit for updates that are deemed unnecessary or not wanted by the organization and easily managed from a central location. The security measures in place will be of course IPSec. The communications from the main office to the school will be using Layer Two Tunneling Protocol or L2TP (Freelancer, 2008). This will ensure a secure connection at the highest possible setting. Group policies will be in place in order to...

Words: 591 - Pages: 3

Free Essay

Itc Change Management -> to Erp

...Business case Gruppo ItalAB Esame  di  ICT  Management  –  Prof.  Maine6   Alunni:  Alfonso  Annunziata-­‐  Maria  Bologna  -­‐  Francesco  De  Troia  -­‐  Stefano  Guerrato   Presentazione Azienda Il  gruppo  ItalAB  è  composto  da  due  società  di  medie  dimensioni:  le  due  società  A  e  B   operano  i  se7ori    diversi  con  modelli  di  business  altre7anto  diversi  secondo  il  loro  mercato   di  riferimento.  La  società  A  opera  nel  se7ore  delle  linee  di  produzione  nel  se7ore   alimentare,  la  società  B  commercializza  soluzioni  per  la  clima?zzazione  con  forte  focus  nel   residenziale.     Confronto tra società A e B Pun$  descri,vi   Fa0urato  globale   Fa0urato  mercato  Italia   Fa0urato  mercato  Estero   n.  dipenden$   Poli$ca  distribu$va   Si$  produ,vi   Mercato  (trend)   Cara0eris$ca  della  domanda   SCM-­‐OPS   PLC   Consociata  A        70.000.000          21.000.000          49.000.000     200   Dire7a   Si   In  crescita   Costante   ETO   Lungo   Consociata  B        35.000.000          31.500.000 ...

Words: 3478 - Pages: 14

Premium Essay

Risk Management in Justice and Security

...Running Head: RISK MANAGEMENT IN JUSTICE AND SECURITY ORGANIZATIONS Risk Management in Justice and Security Organizations Rita A. Davis University of Phoenix CJA/520 Group ID: MSAS0KCAO6 RJ Schafer September 11, 2009 Risk Management in Justice and Security Organizations Introduction Risk management is essential to the security and well being of any organization. Risk management is crucial in guaranteeing that security controls and spending are proportionate with the actual risks to which the organization is exposed. Following a comprehensive and formal risk management approach requires a sound understanding of the principles of risk. Risk goes beyond the questions of efficiency, technique. This paper will discuss the role of risk management in justice and security organizations What is Risk? “Risk is the uncertainty of financial loss, the variations between actual and expected results, or the probability that a loss has occurred, or will occur… three main categories are personal, property, and liability” ( Broder, p. 3). An organization should perform a risk analysis, which is a, “management tool, the standards for which are determined...

Words: 986 - Pages: 4

Premium Essay

Maximum Security in Database Management

...Maximum Security in Database Management Maximum Security in Database Management Rackspace Introduction In the current world there people and organization experience un-eventualities and risk of their confidential information. My organization, Rackspace, is a hosting and cloud system organization. For this company it is vital that information is stored in data bases that are run by organizations, locally hosted on personal computers. Intruders can access this information if it is not properly secured. Therefore the purpose of this study is to inform about the current savvy technologies that can be applied to completely thwart intruders from accessing such delicate information within Rackspace. Part 1: Project Identification and Business Environment For this project to go on in a smooth and effective manner different individuals must carry on certain specified task. For Rackspace, this means that every person must hold on to a responsibility to properly and pursue it to the end. Some of the responsibilities are interdepended and other are depended. In case of an interdependent responsibility there will be a proper communicated channel of events that will ensure that information is traversed from one source to another to smoothen up events. Therefore, the following a list of responsible individuals who will implement the process of securing the database of an organization. Company Chief Executive Officer Responsible for overseeing the success......

Words: 3927 - Pages: 16

Premium Essay

Sinosteel Strengthens Business Management with Erp

...Case 3: Sinosteel strengthens business management with ERP 1. What is the business of Sinosteel, what are its major challenges, and how would an ERP system address the challenges they face? „h It has core business in resources development, trade & logistics, engineering project and science & technology, equipment manufacturing and specialized service, providing comprehensive auxiliary service for steel industry, especially steel mills. „h Maintenance of economic and technological cooperation with other nations and global companies and strengthen its global reach. As well as, along with other state enterprises, continue efforts to expand the global control over commodities-key, thus exclusivity to get stream in the provision that will ensure a steady stream of resources to the booming economy of China. „h They optimize management processes, standardize coding, regulations, etc. prevention of information risks, adapt industry processes and superior ownership expertise, centralize and unify the communication process, reports, accountancy, etc. 2. Why did Sinosteel pursue the development of an ERP system? What were the objectives? What challenges (risks) does ERP address for Sinosteel? [The CEO is difficult to understand on some of the objectives, but later in the video an IT manager is clearer and reflects the CEO¡¦s position almost exactly. You will need to listen carefully]. „h Because the need to consolidate management of diverse operations implementing the major......

Words: 701 - Pages: 3

Premium Essay

Security Management Plan

...IT 454 Security Management Plan Marshall Miller December 20, 2015 Table of Contents Section 1: Information Security Management 4 Intro to Organization 4 People 4 Physical Security 4 Training of Security 4 Information Technology Training 4 Technology 5 Project Manager Roles 5 Section 2: Security Program 6 Data Classification 6 Management Support 7 Hierarchy Reporting Structure 8 8 Section 3: Security Policies 10 Acceptable Use Policy 10 1. Overview 10 2. Purpose 10 3. Scope 11 4. Policy 11 5. Enforcement 13 6. Definitions 13 7. Implementation Date 13 Section 4: Security Policies 14 Risk Assessment 14 Quantitative Risk Analysis 14 Quantitative Risk Analysis 14 Methodologies 15 1. Transfer 15 2. Avoid 15 3. Reduce 15 4. Accept 16 Summary 16 Section 5: Controlling Risk 17 Administrative 17 Human Resources 17 Organizational Structure 17 Security Policies 18 Technical 18 Access Control 18 System Architecture 18 System Configuration 18 Physical 19 Heating and Air Conditioning 19 Fire 19 Flood 19 Summary 19 Bibliography 20 Section 1: Information Security Management Intro to Organization My organization is about a federally recognized business called JPPSO (Joint Personnel Property Shipment Office). JPPSO specializes in the shipping of military personnel goods. JPPSO works hand in hand with the United States Air Force to enforce the safe shipping of military household......

Words: 2755 - Pages: 12

Premium Essay

Security Risk Management Plan

...SECURITY RISK MANAGEMENT PLAN Prepared by Jeremy Davis Version control Project title | Security Risk Management Plan Draft | Author | Jeremy Davis | VC | 1.0 | Date | 25/10/10 | Contents Executive summary 4 Project purpose 5 Scope of Risk management 5 Context and background 5 Assumptions 5 Constraints 5 Legislation/Standards/Policies 6 Risk management 6 Identification of risk 7 Analysis of risk 8 Risk Category 9 Review of Matrix 9 Action plan 9 Testing Procedures 11 Maintenance 11 Scheduling 11 Implementation 12 Training 12 Milestones 12 Monitoring and review 13 Definition 13 Authorisation 14 Reference 15 Executive summary A Security Risk Management Plan (SRMP) helps CBS by providing specific guidelines and rules to ensure risk management is considered and included. It provides guidelines for its implementation that can minimise the threats by planning, policies, processes and procedures that can help your business get everything back to normal as soon as possible. This SRMP was designed for the guidelines for its implementation of risk management in CBS and in its operations in order to ensure its security and safety of its staff and assets. Throughout this SRMP it identifies threats, procedures, policies, responsible person and etc which will provide you and your staff information to prepare you with the worst disaster event. Every business these days has a SRMP in case of any events which may occur,...

Words: 2028 - Pages: 9

Premium Essay

Security Risk Management

...Security Risk Management Plan Sydney Head Office 175 Sydney Rd Sydney NSW 2000 DOCUMENT VERSION CONTROL Document Name: | Amalgamation of GSC | Version Number: | 0.1 | Date: | 18 July 2016 | Reviewed By: | | Authorised By: | | CHANGE HISTORY Version | Issue Date | Author | Reason for Change | 0.1 | 20.05 | ABCELLO | Original Document | | | | | | | | | | | | | | | | | | | | | | | | | DISTRIBUTION LIST Copy No | Name | Location | 1. | Master | Project Office | 2. | <Project Manager> | | 3. | <Project Sponsor> | | 4. | <Executive Sponsor> | | 5. | | | | | | | | | | | | | | | CONTENTS INTRODUCTION | 4 | | | SCOPE OF WORKS | 4 | DISCLAIMER AND LIMITATIONS | 4 | | | METHODOLOGY | 4 | | | STRATEGIC CONTENT | 4 | STAKEHOLDER LIST | 5 | RISK MANAGEMENT CONTEXT | 5 | THE RISK MANAGEMENT PROCESS | 6 | | | ANALYSIS OF SECURITY RISK | 7 | TREATMENT OPTIONS | 7 | | | SOURCES OF EVENT RISK | 8 | | | RISK IMPLEMENTATION/RISK IDENTIFICATION | 9 | | | RISK ASSESSMENT SUMMARY | 9 | RISK 1 - Operational | 10 | RISK 2 - Strategic | 10 | RISK 3 - Human / Animal Resources | 11 | RISK 4 - Systems | 11 | RISK 5 - Financial | 12 | RISK 6 - Legal | 12 | | | RISK ASSESSMENT TABLES & CONSEQUENCE | 13 -18 | STAKEHOLDERS SIGN OFF | 19 | BIBLIOGRAPHY | 20 | |......

Words: 3116 - Pages: 13

Free Essay

Network Management and Security

... (Name) (Instructors’ name) (Course) (Date) Network Management and Security A telecommunication Management Network, commonly known as TMN, is an infrastructure that provides interfaces for connection between several types of operating systems and telecommunications equipment, so as to manage the telecommunication service and network. This is from Glenn Warnock and Nathoo Amin (215). Also, it enables the functioning of the management information, which is exchanged through these interfaces. On the other hand, 5620 SAM is widely used for developing distributed systems, as it provides the infrastructure for interoperability of several object oriented management applications. With this application, the 5620 enables applications of operating systems to interoperate with the service access manager, allowing it to provide connections, isolate and manage network issues across an Alcatel network (225). With this, users can access management information transparently and independent of the hardware and software platform. This therefore enhances the portability of applications, which are developed across the multiple platforms of management. The principles and concepts of the TMN that can be matched with the features and functions of the 5620 platforms include the specification translation and the interaction translation. Redundancy is also an important feature. It is the automatic transfer of data network to stand by, and protects the network against hardware failure,......

Words: 2230 - Pages: 9

Premium Essay

Security Management

...TABLE OF CONTENTS A. Four Functions of Management 1 1. Planning 2 Planning Terminology 3 Vision 3 Mission 3 Objective 3 Goals 3 Strategic Planning 4 2. Organizing 4 Organizational Structure 5 Division of Labor 5 Delegation of Authority 6 Departmentation 7 Informal Structure 8 Leading 8 Staffing 9 Staffing Success – More than Luck 10 Starting with Self Assessment 10 Know yourself 11 Know your business 11 Know Advantage & Disadvantage of Employment 11 Directing 12 Motivation 13 Removing Barrier of Communications 13 Facilitating Communication 16 Controlling 17 B. Management Plan (Intro) 20 Security Management Plan 22 -oOo- Ils-pwu-2012 Principles of Organization & Management: Four Functions of Management Planning means looking ahead and chalking out future courses of action to be followed. It is a preparatory step. It is a systematic activity which determines when, how and who is going to perform a specific job. Planning is a detailed......

Words: 7522 - Pages: 31