CS507 Information Systems GDB Solution Spring 2014

The topic of the Graded Discussion Board (GDB) will be as follows:

A bank is receiving a large number of complaints from their customers about credit being deducted from their accounts without their knowledge. Due to these complaints, bank’s reputation is badly affected and customers are switching to other banks. Bank management is much worried about this situation because the bank is going in loss and might have to shut down. Bank management wants to resolve these issues of fraudulent activities. There can be different causes of this situation like a bank employee involved in this activity, some external person making intrusions in the system or there may be some program bug.  Which strategy you will adopt if you have to track down the root cause of all these frauds? Justify your answer with logical arguments.

Solution:Audit trails and logs are a form of documentation which helps in reviewing various activities
undertaken by various users. Any alterations and modifications made in the documentation should
be logged as well for monitoring the integrity. Documentation may include program code of
application softwares, technical manuals, user manuals and any other system-related
documentation. This would help to see that data is not modified on the instructions of the users.
Log of all amendments should be supported by proper authorization by responsible officers.
Accountability through audit trails

Audit trails are technical mechanism that helps managers maintains individual accountability.
Users can be identified by the log being maintained. Users are informed of what the password
allows them to do and why it should be kept secure and confidential. Audit trails help to provide
variants from normal behavior which may lead to unauthorized usage of resources.