EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Using Control Frameworks to Map Risks in Web 2.0 Applications

Riaan J. Rudman ()
Additional contact information
Riaan J. Rudman: Department of Accounting, Stellenbosch University, South-Africa

Journal of Accounting and Management Information Systems, 2011, vol. 10, issue 4, 495-515

Abstract: Web 2.0 applications are continuously moving into the corporate mainstream. Each new development brings its own threats or new ways to deliver old attacks. The objective of this study is to develop a framework to identify the security issues an organisation is exposed to through Web 2.0 applications, with specific focus on unauthorised access. An extensive literature review was performed to obtain an understanding of the technologies driving Web 2.0 applications. Thereafter, the technologies were mapped against Control Objectives for Information and related Technology and Trust Service Principles and Criteria and associated control objectives relating to security risks. These objectives were used to develop a framework which can be used to identify risks and formulate appropriate internal control measures in any organisation using Web 2.0 applications. Every organisation, technology and application is unique and the safeguards depend on the nature of the organisation, information at stake, degree of vulnerability and risks. A comprehensive security program should include a multi-layer approach comprising of a control framework, combined with a control model considering the control processes in order to identify the appropriate control techniques.

Keywords: Web 2.0; Security risks; Control framework; Control Objectives for Information and related Technology (CobiT); Trust Service Principles and Criteria (search for similar items in EconPapers)
JEL-codes: M42 O32 (search for similar items in EconPapers)
Date: 2011
References: Add references at CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
http://online-cig.ase.ro/RePEc/ami/articles/10_4_4.pdf (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:ami:journl:v:10:y:2011:i:4:p:495-515

Access Statistics for this article

More articles in Journal of Accounting and Management Information Systems from Faculty of Accounting and Management Information Systems, The Bucharest University of Economic Studies
Bibliographic data for series maintained by Cristina Tartavulea ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-04-05
Handle: RePEc:ami:journl:v:10:y:2011:i:4:p:495-515