Posted by: Robert Davis
Adaptive Systems, Assurance Services, Attestation, Control Evaluation, Control System, Due Care, Educational Institutions, Internal Control System, Logical Security, Non-profit, Open Source, Operating Style, Quality Assurance Program, Security Risks, Trust Management
As conveyed by TechTarget.com, “Identity management (ID management) is a broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity.” In this area, based on my experience, Wikipedia software does not provide adequate mechanisms for user accountability as presented in a position paper by OneName Corporation’s Requirements for a Global Identity Management Service. Specifically, it appears there is no password synchronization defining the one-to-many correspondence that may exist between a user and authorized accounts.
Davis, Robert E. (2010). IT Auditing: An Adaptive System. Available from http://www.lulu.com/product/ebook/it-auditing-an-adaptive-system/18809075
Hanson, R. (2011, October 13). The Art of Dis-Connecting: Social Networking Risk Management. Presentation to the ISACA Perth Chapter. Converted PDF formatted material available at: www.isaca.org/chapters2/Perth/Documents/Social%20Networking%20Session%20-%20Rob%20Hanson.pdf
Singleton, T. (2012). What Every IT Auditor Should Know About Auditing Social Media. ISACA Journal, 5. Retrived from: http://www.isaca.org/Journal/Past-Issues/2012/Volume-5/Pages/What-Every-IT-Auditor-Should-Know-About-Auditing-Social-Media.aspx