What are the components of an organizational framework for security and control?
- Define general controls and describe each type of general control.
- Define application controls and describe each type of application control.
- Describe the function of risk assessment and explain how it is conducted for information systems.
- Define and describe the following: security policy, acceptable use policy, authorization policy.
Explain how MIS auditing promotes security and control.