The Informatics Audit - A Collaborative Process

The paper present issues regarding the audit in informatics field, the audit seen as a collaborative process and how the collaborative banking systems are audited. In this paper, the methodology and techniques for an effective audit process are described. There are highlighted some aspects regarding the assessment of collaborative systems and specific flows of informatics audit.Informatics Audit, Collaborative Process, Collaborative System, Methodology, Banking

ePortfolios: Mediating the minefield of inherent risks and tensions

The ePortfolio Project at the Queensland University of Technology (QUT) exemplifies an innovative and flexible harnessing of current portfolio thinking and design that has achieved substantial buy-in across the institution with over 23000 active portfolios. Robust infrastructure support, curriculum integration and training have facilitated widespread take-up, while QUT’s early adoption of ePortfolio technology has enabled the concomitant development of a strong policy and systems approach to deal explicitly with legal and design responsibilities. In the light of that experience, this paper will highlight the risks and tensions inherent in ePortfolio policy, design and implementation. In many ways, both the strengths and weaknesses of ePortfolios lie in their ability to be accessed by a wider, less secure audience – either internally (e.g. other students and staff) or externally (e.g. potential employees and referees). How do we balance the obvious requirement to safeguard students from the potential for institutionally-facilitated cyber-harm and privacy breaches, with this generation’s instinctive personal and professional desires for reflections, private details, information and intellectual property to be available freely and with minimal restriction? How can we promote collaboration and freeform expression in the blog and wiki world but also manage the institutional risk that unauthorised use of student information and work so palpably carries with it? For ePortfolios to flourish and to develop and for students to remain engaged in current reflective processes, holistic guidelines and sensible boundaries are required to help safeguard personal details and journaling without overly restricting students’ emotional, collaborative and creative engagement with the ePortfolio experience. This paper will discuss such issues and suggest possible ways forward

Security Incident Response Criteria: A Practitioner's Perspective

Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives