WWW.THESES.XLIBX.INFO
FREE ELECTRONIC LIBRARY - Theses, dissertations, documentation
 
<< HOME
CONTACTS



Pages:     | 1 |   ...   | 44 | 45 || 47 |

«Securing Information in the Digital Age Information Security Policies This document presents a suite of integrated solutions which, together, offer ...»

-- [ Page 46 ] --

Twip Unit of measurement, One TWentIeth of a Point, ie 1/20 of a printer's point. There are thus 1,440 Twips to an inch or about 567 Twips to a centimetre. This unit of measurement seems only to have seen use in Billyware formats and productsnotably Rich Text Format, Visual Basic, and Visual C++.

UK Data Protection Act The Data Protection Act 1998 came into force on 1 March 2000 in the United Kingdom, and established rules for processing information of a personal nature and applies to paper records as well as those held on computers. The Data Controller is “a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed”. The principles of the Act are as follows :Anyone processing personal data must comply with the eight enforceable

principles of good practice. Data must be:

1) fairly and lawfully processed 2) processed for limited purposes 3) adequate, relevant and not excessive 4) accurate 5) not kept longer than necessary 6) processed in accordance with the data subject's rights 7) secure 8) not transferred to countries without adequate protection Personal data covers both facts and opinions about the individual. It also includes information regarding the intentions of the data controller towards the individual, although in some limited circumstances exemptions will apply. With processing, the definition is far wider than before. For example, it incorporates the concepts of 'obtaining', holding' and 'disclosing'. For more information see http://wood.ccta.gov.uk/dpr/dpdoc.nsf.

UK Regulation of Investigatory Powers Act - RIPA In February 2000, the UK Government introduced a Bill into Parliament called the Regulation of Investigatory Powers Bill RIPA).The aim of this Bill is to bring UK interception powers (and related issues) into line with the European Charter on Glossary 486 Human Rights while updating UK interception powers to cope with technological developments such as the Internet.

In essence the RIPA will allow the law enforcement authorities to intercept any form of electronic communication and to acquire any electronic keys in order to decrypt the data. Note that such disclosure may require the holders of the data to breach confidentiality to such agencies.

This Act, which was given the Royal Assent in July 2000, remains controversial because : it is unclear how it can conform to the European Charter on Human Rights.

• the surrender of a Digital Certificate to allow the authorities to decrypt the data (further) undermines Internet security and privacy in the UK.

• Internet Service Providers must maintain an ‘interception capability’ to enable the interception of e-mail and other traffic.

• it is likely to impose an additional cost on UK based Internet Service Providers; which will be passed on to both businesses and consumers.

–  –  –

Uninterruptible Power Supplies - UPS A UPS is a vital piece of hardware that should not be overlooked. Without it, a power ‘outage’ or even a surge, can shut down your systems within seconds. If this happens on a Windows® PC, the consequences are unlikely to be more than annoying and perhaps the loss of the work you were currently working on.

However, if your server, running Windows® NT, 2000 or UNIX, suddenly has the power cut, the consequences can be more serious, as (potentially) hundreds of files can be left in an “open” state which, in the worst scenario, could prevent the system from rebooting properly – or even at all.

Therefore, the purchase and installation of a suitable sized UPS is vital. Because it contains its own battery(ies) it can not only prevent damage from sudden power surges, but it can continue to run your systems for between 15 minutes and 1 hour (or more), thus allowing an orderly, but speedy, close down.

However, a UPS is not supposed to allow the system to be operated for any length of time and, to provide a greater degree of protection against power cuts, a Backup Power Generator should be considered.

Up / Uptime When systems arte said to be ‘up’ this means that they are running and (normally) accessible in the usual manner. Uptime, refers to the period during which the system is up. See Down and Downtime.

–  –  –

Upgrade path According to sales personnel, this is the route by which the organisation’s brand new computer installation is ‘future proof’. It usually consists of a brochure full of pictures of bigger, faster, and more expensive machinery; all of which is likely to be obsolete by the time the organisation needs a new system !!

Upgrades Upgrades should be the release of new software (or hardware) which genuinely fixes old problems and introduces new (and tested) functionality. Unfortunately, upgrades can become a clever means of charging customers for the functionality which they should have had when they first purchased the product! Normally, where a product has reported bugs and problems, the software vendor will release a patch.

URL URL or Uniform Resource Locator is the techie term for the location of a file or resource on the Internet. The URL will always include the type of protocol being used e.g. http for a Web page or ftp for the address of a specific file which is to be downloaded.





An example URL using the http protocol is http://www.rusecure.co.uk/ Usenet The part of the Internet populated by Newsgroups. The term ‘news’ is a little misleading since these groups are more in the nature of discussion groups.

Usenet is relatively harmless, but access to newsgroups, as opposed to E-mail, is largely unnecessary for organisation users, except possibly for some of the groups dedicated to technical computer matters.

User Acceptance Testing – UAT The test procedures that lead to formal ‘acceptance’ of new or changed systems.

User Acceptance Testing is a critical phase of any ‘systems’ project and requires significant participation by the ‘End Users’. To be of real use, an Acceptance Test Plan should be developed in order to plan precisely, and in detail, the means by which ‘Acceptance’ will be achieved. The final part of the UAT can also include a parallel run to prove the system against the current system.

The User Acceptance Test Plan will vary from system to system but, in general, the testing should be planned in order to provide a realistic and adequate exposure of the system to all reasonably expected events. The testing can be based upon the User Requirements Specification to which the system should conform.

As in any system though, problems will arise and it is important to have determined what will be the expected and required responses from the various Glossary 488 parties concerned; including Users; Project Team; Vendors and possibly Consultants / Contractors.

In order to agree what such responses should be, the End Users and the Project Team need to develop and agree a range of ‘Severity Levels’. These levels will range from (say) 1 to 6 and will represent the relative severity, in terms of business / commercial impact, of a problem with the system, found during testing. Here is an example which has been used successfully; ‘1’ is the most severe; and ‘6’ has the least impact :Show Stopper’ i.e. it is impossible to continue with the testing because of the severity of this error / bug 2 Critical Problem; testing can continue but we cannot go into production (live) with this problem 3 Major Problem; testing can continue but live this feature will cause severe disruption to business processes in live operation 4 Medium Problem; testing can continue and the system is likely to go live with only minimal departure from agreed business processes 5 Minor Problem; both testing and live operations may progress.

This problem should be corrected, but little or no changes to business processes are envisaged 6 ‘Cosmetic’ Problem e.g. colours; fonts; pitch size However, if such features are key to the business requirements they will warrant a higher severity level.

The users of the system, in consultation with the executive sponsor of the project, must then agree upon the responsibilities and required actions for each category of problem. For example, you may demand that any problems in severity level 1, receive priority response and that all testing will cease until such level 1 problems are resolved.

Caution. Even where the severity levels and the responses to each have been agreed by all parties; the allocation of a problem into its appropriate severity level can be subjective and open to question. To avoid the risk of lengthy and protracted exchanges over the categorisation of problems; we strongly advised that a range of examples are agreed in advance to ensure that there are no fundamental areas of disagreement; or, or if there are, these will be known in advance and your organisation is forewarned.

Finally, it is crucial to agree the Criteria for Acceptance. Because no system is entirely fault free, it must be agreed between End User and vendor, the maximum number of acceptable ‘outstandings’ in any particular category. Again, prior consideration of this is advisable.

N.B. In some cases, users may agree to accept (‘sign off’) the system subject to a range of conditions. These conditions need to be analysed as they may, perhaps unintentionally, seek additional functionality which could be classified as scope creep. In any event, any and all fixes from the software developers, must be subjected to rigorous System Testing and, where appropriate Regression Testing.

User Group (software application) A User Group is often formed when a group of users of a common system believe that there is value in exchanging issues and solutions common amongst them.

The User Group can also act as a common voice from the User Group to the vendor thus offering the possibility of consensus and focus where competing priorities could otherwise exist.

–  –  –

User IDs / User Name User IDs are the backbone of most system’s access security. The ID can be any combination of characters and is normally issued with a password. The (user) ID will usually remain fixed and is often the user’s name or perhaps job title. Linked to the ID will be a password which should be changed in accordance with your Information Security Policy.

The choice of User ID or User Name, is often selected by the Systems Administrator and will often be the user’s name or initials; this is helpful for easy recognition of those logged into the system etc. However, having a User Name of ‘StephenJI’ is also reducing the effectiveness of one of the main security safeguards for all system’s access; the User ID and password. If the User ID is already known, this allows a hacker to concentrate upon the password, in the certain knowledge that the User ID is correct!

However, be aware that many systems (especially PCs) will ‘remember’ the last User ID and will display it ‘helpfully’ (?!) upon login. You should consult your Systems Administrator, or other technical support person, to consider how to increase the effectiveness of the User ID and Password combination for the system in question.

User Interface The User Interface is the way in which a system presents itself to, and interacts with, a human user. In today’s Graphical Windowing environments the User Interface is a combination of the look, feel and overall logic of the ‘man machine interface’.

User Requirements Specification – URS The User Requirements Specification is a document produced by, or on behalf of your organisation, which documents the purposes for which a system is required – its functional requirements - usually in order of priority / gradation.

Whilst the URS will not usually probe the technical specification, it will nevertheless outline the expectations and, where essential may provide further detail e.g. the User Interface, say Microsoft Windows®, and the expected hardware platform etc.

The URS is an essential document which outlines precisely what the User (or customer) is expecting from this system. The term User Requirement Specification can also incorporate the functional requirements of the system or may be in a separate document labelled the Functional Requirements Specification – the FRS.

Users The term ‘User’, whilst not being totally complimentary, (in the USA it suggests being a user of illegal drugs), means anyone who is using a system or computer.

Users are not considered to be technically competent (otherwise they would be in IT!) and most problems are blamed on the users! In contrast, those who administer systems and networks would never consider themselves as users; despite the fact that they too have to write reports and use office programs like the rest of us!

–  –  –

VDU A VDU is a Visual Display Unit. Before computer displays became generally available with larger (17’+) monitors and high resolution graphs, the screen used to be referred to an ‘the VDU’. Today, this term has been replaced by ‘monitor’.

Vendor Support Vendor support can be a major source of risk to Information Security. Although a system may meet functional requirements, if the vendor does not have adequate support arrangements e.g. an office within the same state, or even country, you should question this aspect most carefully. Vendors will always play down this aspect, for they wish to make the sale. However, your system and hence your information, is at risk if you are unable to obtain adequate support within a reasonable time frame.

Where a vendor does not maintain a support office within reasonable distance, an acceptable alternative is to arrange for priority telephone support. However, for this to work, it is often imperative that you maintain systems staff who are capable of diagnosing the issue and discussing the problem with the vendor’s technical staff. In general users would not always be able to do this; not always because of their lack of technical knowledge about their system, but because they may also need knowledge of the operating system and the networking environment.

In general, maintaining a Service Level Agreement (SLA) with the vendor of your key operational systems is a necessary expense.

–  –  –



Pages:     | 1 |   ...   | 44 | 45 || 47 |


Similar works:

«IA/10 14 July 2006 UNITED NATIONS DEPARTMENT OF ECONOMIC AND SOCIAL AFFAIRS STATISTICS DIVISION Seminar Creation, Recognition and Valuation of Intellectual Assets New York, 13 – 14 July 2006 United Nations, Conference room 6 Accounting Standards Regarding Intellectual Assets By Halsey Bullen and Regenia Cafini Accounting Standards Regarding Intellectual Assets Halsey Bullen and Regenia Cafini Paper Prepared for the Seminar on the Creation, Recognition and Valuation of Intellectual Assets...»

«JUNE 2014 Greater Rostraver Chamber of Commerce Chamber Connection GET CONNECTED—STAY CONNECTED * www.greaterrostraverchamber.org * grcoc1@comcast.net * www.facebook.com/greaterrostraverchamber * June Business of the Month Salon Eye Candy INSIDE THIS ISSUE: June BOM GRC News Member News Seated: Emily Andrews, Paige Echols, Savanna Cuevas, Haley Yoder Join Us. Standing: GRC Board Member, Lynn Grimes, Barb Martin, Jamie St. Clair Davis, Linda Davis, Next Luncheon Rose Vatakis, GRC Board Member...»

«Iran’s Economic Conditions: U.S. Policy Issues Shayerah Ilias Analyst in International Trade and Finance April 22, 2010 Congressional Research Service 7-5700 www.crs.gov RL34525 CRS Report for Congress Prepared for Members and Committees of Congress Iran’s Economic Conditions: U.S. Policy Issues Summary The Islamic Republic of Iran, a resource-rich and labor-rich country in the Middle East, is a central focus of U.S. national security policy. The United States asserts that Iran is a state...»

«Boletín Bibliográfico Santiago, octubre 2012 FACULTAD DE ARQUITECTURA Y ARTE 2 Libros 2 Revistas 3 FACULTAD DE COMUNICACIONES 17 Libros 17 Revistas 18 FACULTAD DE DERECHO 26 Libros 26 Revistas 28 FACULTAD DE DISEÑO 55 Revistas 55 FACULTAD DE ECONOMÍA Y NEGOCIOS 65 Libros 65 Revistas 66 FACULTAD DE EDUCACIÓN Y HUMANIDADES 95 Libros 95 Revistas 95 FACULTAD DE GOBIERNO 100 Libros 100 FACULTAD DE INGENIERÍA 100 Libros 100 Revistas 100 FACULTAD DE MEDICINA 117 Libros 117 Revistas 118 FACULTAD...»

«/ y Progreso Investigación por Iván Carrino Marcos Hilding Ohlsson Buenos Aires, 2012 /1 / y Progreso A finales de 2001, un grupo de destacados economistas presentaron en la facultad de ciencias económicas de la Universidad de Buenos Aires el “Plan Fénix, propuestas para el desarrollo con equidad”, una serie de documentos en los que analizaban y delineaban un plan para que la Argentina saliera de su comprometida situación económica y social. Los documentos del plan ocuparon varios...»

«Investigating Three Dimensional Geometry Of a information says middle, get you to trade your call in doing on the adage, by the companies that have costs more generally a connection. They can succeed not in offering out the programs. Deadlines are the card to their minutes to know the, and not, of your successful graphics that will create of their USB loan way. The increases on the population underestimates a estimated type association and hiring professional a period is massive buildings. In...»

«Who pays for the EU and how much does it cost the UK? Disentangling fact from fiction in the EU Budget Iain Begg, London School of Economics 27 January 2016 The EU budget is large, complex and politically highly charged, but it is also prone to be poorly explained and understood in much of the debate on the UK and Europe. A key reason for this is that there are many ways of presenting key measures, such as how much it costs or who gains from it, allowing protagonists on different sides of the...»

«Comparaciones multilaterales de costes, productividad y precio de los factores en sectores con un factor específico: una aplicación al sector lechero de la Unión Europea (*) ANA M.ª ALDANONDO OCHOA (**) JOSÉ LUIS SÁINZ CASTELAR (**) VALERO CASASNOVAS (**) INTRODUCCIÓN La economía de la producción neoclásica se aplica tanto a las comparaciones de eficiencia a nivel micro como en los análisis macro. En las comparaciones multilaterales de productividad de una industria que se apoyen en...»

«21st World Congress of Political Science July 12 to 16, 2009 Santiago, Chile Session name SS01, panel 349, ID 1684 THE NEW INTERNATIONAL ROLE OF CHINA AND ITS RELATIONS WITH ARGENTINA IN TIME OF CRISIS Eduardo Daniel Oviedo1 National Scientific and Technical Researches Council (CONICET) and National University of Rosario, Argentina eduardodanieloviedo@yahoo.com.ar Introduction The current economic crisis is a moment of power redistribution that affects the correlation of forces among the...»

«Southern Cross University ePublications@SCU Southern Cross Business School Employees in outplacement services, do they really get the help they need? Lynn C. Gribble Southern Cross University Peter Miller Southern Cross University Publication details Pre-print of Gribble, LC& Miller, P 2009, 'Employees in outplacement services, do they really get the help they need?', Australian Journal of Career Development, vol. 18, no. 3, pp. 18-28. Published version available from:...»

«Advocis 390 Queens Quay West, Suite 209 Toronto, ON M5V 3A2 T 416.444.5251 1.800.563.5822 F 416.444.8031 www.advocis.ca April 8, 2011 CCIR Secretariat 5160 Yonge Street, PO Box 85 17th Floor Toronto, ON M2N 6L9 Dear CCIR Secretariat: Re: CCIR Issues Paper: Managing General Agencies Life Insurance Distribution Model, February 2011 Advocis welcomes the opportunity to provide its comments to the CCIR in response to the questions and issues raised in the CCIR’s Issues Paper dated February 2011....»

«INVENTORY POLICY For Real Property (Broader Public Sector Entities) Inventory Policy V 3.6 December 03, 2015 Page 1 12 CONTENTS 1. TITLE 2. OVERVIEW 3. PURPOSE 4. POLICY STATEMENT 5. APPLICATION 6. EVALUATION AND REVIEW 7. ACCOUNTING FOR REAL PROPERTY ASSETS 8. APPENDIX I: DEFINITIONS Inventory Policy V 3.6 December 03, 2015 Page 2 12 1. TITLE: Inventory Policy for Real Property (Broader Public Sector Entities) Version 2.2 2. OVERVIEW: Objectives  Promote portfolio management approach to the...»





 
<<  HOME   |    CONTACTS
2016 www.theses.xlibx.info - Theses, dissertations, documentation

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.