Security implications of computer usage in Singapore (1992)

Abstract

This survey on computer security in Singapore for the year 1992 was based on a sample of organisations listed in the "Singapore 1000" companies. The respondents(MIS managers) answered a set of questionnaires modified from the "Australian Top Nine Test" to determine their level of computer security. It was found that more than 95 per cent of the organisations did not satisfy the minimum acceptable standard as determined by the Top Nine Test. The results indicated weaknesses in computer security of the organisations in Singapore. Major risk areas were then identified. Generally, the survey has indicated a marginal improvement in the state of computer security in Singapore when compared to a 1989 survey. This low standard of computer security is mainly due to a lack of awareness that information is an asset of the company. Moreover, limited information on fraud and abuse has been disclosed by the organisation . The report also discusses some important findings in EDP audit and computer abuse. Finally, some recommendations are made to curb the weaknesses identified .