Risk and Security Issues for Electronic Commerce Practice

This paper outlines research in progress for defining security, control and audit issues in Electronic Commerce (EC). The research involves focused interviews with expert developers, security consultants and both internal and external auditors. This work builds on previous research into Security and Audit of Electronic Data Interchange (EDI) and uses this as the basis for building a framework of risks, security and controls for auditing electronic commerce. The preliminary research results will be validated by a survey considering the importance of these aspects and the involvement of audit and security personnel in developing EC systems. The results should provide for a framework for managing EC security, control and the identification of EC future audit techniques. These results should then allow the development of audit techniques to assist in the management of EC, primarily decision aids, with the potential to look towards embedded audit technologies. The challenge for researchers is to feedback results of EC research, as described above, so that IS practitioners may take advantage of the findings to improve the security, control and auditability of future EC systems

Critical success factors for e-tendering implementation in construction collaborative environments : people and process issues

The construction industry is increasingly engulfed by globalisation where clients, business partners and customers are found in virtually every corner of the world. Communicating, reaching and supporting them are no longer optional but are imperative for continued business growth and success. A key component of enterprise communication reach is collaborative environments (for the construction industry) which allows customers, suppliers, partners and other project team members secure access to project information, products or services they need at any given moment. Implementation of the stated critical success factors of the project is essential to ensure optimal performance and benefits from the system to all parties involved. This paper presents critical success factors for the implementation of e-tendering in collaborative environments with particular considerations given to the people issues and process factors

Fiscal Update, September 15, 2003

The Fiscal Division newsletter, published weekly during session and periodically during the interim

Consolidated List of Requirements

This document is a consolidated catalogue of requirements for the Electronic Health Care Record (EHCR) and Electronic Health Care Record Architecture (EHCRA), gleaned largely from work done in the EU Framework III and IV programmes and CEN, but also including input from other sources including world-wide standardisation initiatives. The document brings together the relevant work done into a classified inventory of requirements to inform the on-going standardisation process as well as act as a guide to future implementation of EHCRA-based systems. It is meant as a contribution both to understanding of the standard and to the work that is being considered to improve the standard. Major features include the classification into issues affecting the Health Care Record, the EHCR, EHCR processing, EHCR interchange and the sharing of health care information and EHCR systems. The principal information sources are described briefly. It is offered as documentation that is complementary to the four documents of the ENV 13606 Parts I-IV produced by CEN Pts 26,27,28,29. The requirements identified and classified in this deliverable are referenced in other deliverables

Credit Card Fraud: A New Perspective On Tackling An Intransigent Problem

This article offers a new perspective on battling credit card fraud. It departs from a focus on post factum liability, which characterizes most legal scholarship and federal legislation on credit card fraud and applies corrective mechanisms only after the damage is done. Instead, this article focuses on preempting credit card fraud by tackling the root causes of the problem: the built-in incentives that keep the credit card industry from fighting fraud on a system-wide basis. This article examines how credit card companies and banks have created a self-interested infrastructure that insulates them from the liabilities and costs of credit card fraud. Contrary to widespread belief, retailers, not card companies or banks, absorb much of the loss caused by thieves who shop with stolen credit cards. Also, credit card companies and banks earn fees from every credit card transaction, including those that are fraudulent. In addressing these problems, this article advocates broad reforms, including legislation that would mandate data security standards for the industry, empower multiple stakeholders to create the new standards, and offer companies incentives to comply by capping bank fees for those that are compliant, while deregulating fees for those that are not compliant

Identity Trust Framework for iGaming

The online gambling community, or the iGaming industry in the United States has individual solutions and a mix of classic processes to manage universal customer identity but it lacks a standard identity management framework in which to enroll new iGaming users, monitor those users and ensure secure transactions, which leaves it open to identity theft and financial fraud. The iGaming industry offers online poker, sports betting and casino table games. iGaming providers (provider/providers) include companies such as PartyPoker.com, Pokerstars.com, Bovada.com, BetOnline.com among others. An iGaming player (player/players) is anyone who plays to gamble on games through the Internet. This report focuses on the requirements and specification for an Identity Trust Framework to enhance security and privacy in the United States iGaming industry and players.Informatio

Audit implications of EDI; Auditing procedure study;

https://egrove.olemiss.edu/aicpa_guides/1035/thumbnail.jp