INFORMATION RESOURCE PLANS ENCOMPASSING COMPUTER SECURITY
There is a rising trend for organizations to consider computer security more seriously than they have done in the past. As a result, organizations have begun to integrate computer security into their Information Resource Plans. The increased attention to computer security is not without substantial purpose. The United States Department of Justice (Bureau of Statistics, 1988, p. 10) reports that, over the past decade, the use of computers and advanced communication techniques for business and industrial purposes has radically altered the traditional means by which business is conducted. These changes have led to the creation of an environment in which white-collar abuse of fiscal trust and responsibility can result in unusually large losses to both organizations, their clients, and individual victims. The three areas in which such activity has most occurred entail the violation of centrally stored information, the manipulation of computer programs/software, and the manipulation of computer operations. Consider that the centralized storage of individually identifiable information has created new opportunities for white-collar crimes by means of involving the unlawful acquisition and disclosure of data. Further, the manipulation of computer programs/software can conceal the conduct of illegal transactions and prevent, or at least postpone, discovery of the loss by a victim or financial institution. As well, the manipulation of computer operations to distort or eliminate data files can also result in considerable loss to the victim or institution, financial or otherwise. To these, Conly and McEwen (1990, p. 3) add telecommunications crimes involving computers, and the theft of hardware and/or software.
Conly and McEwen (1990) note that internal computer crimes consist of alterations being made to computer programs that result in the performance of unauthorized funct...