IDEAS home Printed from https://ideas.repec.org/a/ami/journl/v10y2011i4p495-515.html
   My bibliography  Save this article

Using Control Frameworks to Map Risks in Web 2.0 Applications

Author

Listed:
  • Riaan J. RUDMAN

    (Department of Accounting, Stellenbosch University, South-Africa)

Abstract

Web 2.0 applications are continuously moving into the corporate mainstream. Each new development brings its own threats or new ways to deliver old attacks. The objective of this study is to develop a framework to identify the security issues an organisation is exposed to through Web 2.0 applications, with specific focus on unauthorised access. An extensive literature review was performed to obtain an understanding of the technologies driving Web 2.0 applications. Thereafter, the technologies were mapped against Control Objectives for Information and related Technology and Trust Service Principles and Criteria and associated control objectives relating to security risks. These objectives were used to develop a framework which can be used to identify risks and formulate appropriate internal control measures in any organisation using Web 2.0 applications. Every organisation, technology and application is unique and the safeguards depend on the nature of the organisation, information at stake, degree of vulnerability and risks. A comprehensive security program should include a multi-layer approach comprising of a control framework, combined with a control model considering the control processes in order to identify the appropriate control techniques.

Suggested Citation

  • Riaan J. RUDMAN, 2011. "Using Control Frameworks to Map Risks in Web 2.0 Applications," Journal of Accounting and Management Information Systems, Faculty of Accounting and Management Information Systems, The Bucharest University of Economic Studies, vol. 10(4), pages 495-515, December.
    • Handle: RePEc:ami:journl:v:10:y:2011:i:4:p:495-515
    as

    Download full text from publisher

    File URL: http://online-cig.ase.ro/RePEc/ami/articles/10_4_4.pdf
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Silvia Fissi & Francesco Grazzini, 2021. "L?utilizzo dei Social Media durante la pandemia da COVID-19: un nuovo strumento per la gestione del rischio sanitario?," MANAGEMENT CONTROL, FrancoAngeli Editore, vol. 2021(suppl. 2), pages 265-288.

    More about this item

    Keywords

    Web 2.0; Security risks; Control framework; Control Objectives for Information and related Technology (CobiT); Trust Service Principles and Criteria;
    All these keywords.

    JEL classification:

    • M42 - Business Administration and Business Economics; Marketing; Accounting; Personnel Economics - - Accounting - - - Auditing
    • O32 - Economic Development, Innovation, Technological Change, and Growth - - Innovation; Research and Development; Technological Change; Intellectual Property Rights - - - Management of Technological Innovation and R&D

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:ami:journl:v:10:y:2011:i:4:p:495-515. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Cristina Tartavulea (email available below). General contact details of provider: .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.