Computers, security, and the audit function

As the role of computation spread in the world of commercial data processing and in the world of organizational administration, concern and attention were directed toward such matters as programming techniques, computer capabilities, and computer performance measurement and evaluation. However, because computers became increasingly essential to the conduct of an organization's daily activities, and because these systems frequently controlled vast amounts of organizational resources, the computer became an object of attack. In some cases the organization was the target; the computer was the means to attack it. In other cases personal gain was the goal; the computer was merely the means for misappropriating corporate assets. Parker has chronicled more than two hundred cases of computer-related crimes. Therefore, concern has recently been focused on the security of computer installations and the maintenance of computer system integrity. In 1974 both AFIPS and the National Bureau of Standards have published guidelines for computer security.