Konsep Pengendalian Intern Untuk Keamanan Sistem Informasi

Authors

  • Sayuthi Sayuthi Universitas Syiah Kuala

DOI:

https://doi.org/10.30603/ab.v17i2.2370

Keywords:

access control , IT control, personal computers, users, intruders

Abstract

The purpose of this article is to determine the concepts of good control to be applied in a corporate organizational environment. Based on several concepts offered, the control based on Sarbanes-Oxley and Internal Control (COSO Framwork) is still highly recommended by experts. This is because the control concept of this model has adopted all existing aspects of protection, both physical and non-physical. However, security protection for information systems should ideally be focused on access control and IT control. There are three groups of individuals who differ in their normal ability to access hardware, namely; 1) Personal computer systems, which often pose a potential bottleneck because they often have special access to important data and programs. 2) Users, they have narrower access, but they still have the opportunity to commit embezzlement. 3) The intruders, they do not have access at all, but they are often people who have the ability to interfere with company information systems.

References

Bagranoff, Nancy A., Simkin, Mark G. & Norman, Carolyn Strand. (2010). Core Concepts Of Accounting Information Systems Eleventh Edition: Wiley.John Wiley Sons.INC

Bodnar H. George and William S. Hopwood (2000). “Sistem Informasi Akuntansi”. Edisi Terjemahan. Buku Satu. Penerbit Salemba Empat, Pearson Education Asia Pte. Ltd. Prentice-Hall. Inc.

Dhillon, Gurpreet. (1997). Managing Information System Security: Macmillan Education UK

Hall A. James (2011), “Accounting Information Systems” 7th Edition, Cengage Learning Asia Pte. Ltd. Singapore.

Ibrahim Ibrahim, A. (2010), “Sistem Pemesanan Tiket Pesawat Berbasis Web”, Jurnal Sistem Informasi, Fasilkom Unsri, Vol. 3.

Loudon, Kenneth C and Jane P Loudon (2014), Management Information Systems Managing the Digital Firm. 13th Edition. Global Edition. Pearson. New York.

Kim, David & Solomon, Michael G. (2012). Fundamentals of information system security: Jones and Bartlett learning book and product are available through most bookstrores and online book sellers.

Raggad. (2010). Information Security Management Concepts and Practice: 1st CRC Press, Inc. Boca Raton, FL, USA.

Romney, Marshall & Steinbart, Paul. 2006. Accounting Information Systems, Tenth Edition. Upper Saddle River, New Jersey, 07458 : Pearson Education, Inc

Sandhu S. Ravi and Pierangela Samarati (1994) Access Control: Princples and Practice lEEE Communication Magazine

Stair M. Ralph and George W. Reynolds (2010) Principles of Information Systems A Managerial Approach. Ninth Edition. Course Technology, Cengage Learning. USA

Todorov, Dobromir. (2007). Mechanics of User Identification and Authentication Fundamentals of Identity Management: Auerbach Publications Taylor & Francis Group Boca Raton New York

Downloads

Published

2021-12-15

How to Cite

Sayuthi, S. (2021). Konsep Pengendalian Intern Untuk Keamanan Sistem Informasi . Al-Buhuts, 17(2), 290–308. https://doi.org/10.30603/ab.v17i2.2370

Issue

Vol. 17 No. 2 (2021): Al-Buhuts

Section

Articles

License

Copyright (c) 2021 Sayuthi Sayuthi

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.