论文信息 - Identifying risks in e-commerce payment security for use by the IS auditor

Identifying risks in e-commerce payment security for use by the IS auditor

The emergence and growth of business conducted through the Internet has given rise to numerous concerns. Both business and customers alike are facing additional risks in this environment. The Information Systems Auditor (IS auditor) plays an important role in contributing towards managements' efforts to manage the electronic commerce (EC) environment and more specific Internet security and Internet payments. This article investigates the role of the IS auditor in the EC environment and seeks to contribute towards the development of knowledge on the topic by identifying, describing and discussing the major risks associated with EC payment security and Internet payment methods. This is the first of two articles on the IS auditor in the EC environment. The second article uses the risk model developed in this paper to develop a suitable audit approach for the IS auditor in the mentioned environment.

P. S. Bezuidenhout | J. D. Gloeck

[1] John Braun,et al. Internet security , 2001 .

[2] Slemo Warigon. Commercial, Privacy Protection, Regulatory, and Security Implications of Electronic Cash , 1998 .

[3] Frederic G Withington. Technology forecast , 1985 .

[4] Thomas M. Siebel,et al. Cyber Rules: Strategies for Excelling at E-Business , 1999 .

[5] B. Yener,et al. Internet Security , 2003 .

[6] Dieter Gollmann. E-commerce security , 2000 .

[7] Ginsberg Da,et al. Information systems audit. , 1987 .

[8] Stephanie Denny. The Electronic Commerce Challenge , 1998 .

[9] Anup K. Ghosh. Securing E-Commerce: A Systematic Approach , 1997 .

[11] S. Garfinkel,et al. Web security & commerce , 1997 .

[12] David Cullinane,et al. Electronic Commerce Security , 1998, Inf. Secur. J. A Glob. Perspect..

[13] Belden Menkus. Is Auditing and Edpacs at 25 Years , 1998 .

[14] Alka Jarvis,et al. The Audit Process , 1996 .

[15] Lynda L. McGhie,et al. Security Management for the World Wide Web , 2001, High-Performance Web Databases.