tel 14. Personnel Segregation of duties Strategic IT plan Disaster recovery planning Restrict entry to the computer facili employee badges, guest sign-in, and locksoh the 15. 16. rough the use of (on computer room 17. 18. er doors Access control software Personnel development controls 19. 20. hapter, foll 3 The following is a list of 13 control plans from this cha tch the 10 situa a list of 10 situations that have control implications. Match stolowed psoushoel fa tions with the control plan that would best prevent the from occurring. Because there are 13 control plans, you shouln failure letters left over. Control Plans A. Firewall B. Backup batteries and generators C. Insurance D. Employee badges, guest sign-in, locks on computer room doors E. Hot site F. Intrusion detection systems G. Off-site storage of backup computer programs and data H. Training (personnel development) I. Personnel termination procedures J. Security guards K. Program change controls L. Operations run manuals M. Fidelity Bond Chapt er 8 - Controlling Information Systems: Introduct 309 to Pervasive Controls Situations 1. Th e computer users at the Identity Company do not know how to use the computer very well. 2. A computer hacker created a and passwords. He used the random number program to a n to generate random user IDs computer system of Samson, Inc. uring the nightly computer run to for deposits and withdrawals for that day, an electrical storm caused a temporary power failure. The run had to be reprocessed frol beginning, resulting in certain other computer jobs not being com- pleted on schedule. 4. A fire destroyed part of the computer room and the adjacent library of computer disks at Petunia, Inc. It took several months to ct the data from manual source documents and other hard copy reco rds. 5. A competitor flooded the Wolfeson Company Web server with false messages (i.e., a denial-of-service attack). The Web server, unabl handle all of this traffic, shut down for several hours until the mes- sages could be cleared. A group of demonstrators broke into a computer center and destroyed computer equipment worth several thousand dollars- 7. A computer programmer at Dover Company was fired for gross incompetence. During the two-week notice period, the programmer destroyed the documentation for all programs that he had developed since being hired. The cash receipts clerk was on his way to the bank to deposit all the cash and checks received by the company that day when he decided that he would prefer to have a vacation in Brazil. The clerk kept the cash and cashed the checks. All the money was lost to the company. 8. isgruntled programmer at the Going Company planted a logic bomb in the computer program that produced weekly payroll checks The bomb was triggered to go off if the programmer were ever ter minated. When the programmer was fired for continued absenteeism, the next weekly payroll run destroyed all the company's payroll mas- ter data. 9. A d The computer systems at Club, Inc. were destroyed in a recent fire. It took Club several days to get its IT functions operating again. 10