Integrity and Internal Control in Information Systems

COSO, internal control, control model, control framework, control self assessment, risk assessment, corporate governance This paper describes the importance of internal controls to the Worldbank and the project that was initiated to implement the COSO internal control framework in the W orldbank. The paper concludes with benefits of the project and some challenges for the future activities.

[1]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[2]  Eduardo B. Fernández,et al.  Authorization in multilevel database models , 1979, Inf. Syst..

[3]  Luke C. Dion A Complete Protection Model , 1981, 1981 IEEE Symposium on Security and Privacy.

[4]  S Pincus,et al.  A Sense of Self , 2015, Perspectives in biology and medicine.

[5]  Andrew Birrell,et al.  Implementing Remote procedure calls , 1983, SOSP '83.

[6]  Gunar E. Liepins,et al.  Detection of anomalous computer session activity , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[7]  Harold S. Javitz,et al.  The SRI IDES statistical anomaly detector , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Hans-Jörg Schek,et al.  Concepts and Applications of Multilevel Transactions and Open Nested Transactions , 1992, Database Transaction Models for Advanced Applications.

[9]  A. Elmagarmid Database transaction models for advanced applications , 1992 .

[10]  Marianne Winslett,et al.  Entity Modeling in the MLS Relational Model , 1992, VLDB.

[11]  Bharat K. Bhargava,et al.  Ensuring relaxed atomicity for flexible transactions in multidatabase systems , 1994, SIGMOD '94.

[12]  Paola Inverardi,et al.  Graphics by a Logic Database Management System , 1994, J. Vis. Lang. Comput..

[13]  Jim Gray,et al.  A critique of ANSI SQL isolation levels , 1995, SIGMOD '95.

[14]  Vipul Kashyap,et al.  Media-independent correlation of Information: What? How? , 1996, MD.

[15]  Sushil Jajodia,et al.  Database security and privacy , 1996, CSUR.

[16]  Elisa Bertino,et al.  An Extended Authorization Model for Relational Databases , 1997, IEEE Trans. Knowl. Data Eng..

[17]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.

[18]  Lars Frank,et al.  Semantic ACID Properties in Multidatabases Using Remote Procedure Calls and Update Propagations , 1998, Softw. Pract. Exp..

[19]  Joan L. Aron,et al.  Application of Models from Epidemiology to Metrics for Computer Virus Risk , 1998, IICIS.

[20]  Avishai Wool,et al.  Firmato: a novel firewall management toolkit , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[21]  Lars Frank Atomicity Implementation in Multidatabases with High Performance and Availability , 1999, CODAS.