Integrity, Internal Control and Security in Information Systems Connecting Governance and Technology

IT Governance is finally getting the Board's and top management's attention. The value that IT needs to return and the associated risks that need to be managed, have become so important in many industries that enterprise survival depends on it. Information integrity is a significant part of the IT Governance challenge. Among other things, this conference will explore how Information Integrity contributes to the overall control and governance frameworks that enterprises need to put in place for IT to deliver business value and for corporate officers to be comfortable about the IT risks the enterprise faces. The goals for this international working conference are to find answers to the following questions: • what precisely do business managers need in order to have confidence in the integrity of their information systems and their data; • what is the status quo of research and development in this area; • where are the gaps between business needs on the one hand and research I development on the other; what needs to be done to bridge these gaps. The contributions have been divided in the following sections: • Refereed papers. These are papers that have been selected through a blind refereeing process by an international programme committee. • Invited papers. Well known experts present practice and research papers upon invitation by the programme committee. • Tutorial. Two papers describe the background, status quo and future development of CobiT as well as a case of an implementation of Co biT.

one. Refereed papers.- 1. A cautionary note regarding the data integrity capacity of certain secure systems.- 2. Developing secure software: A survey and classification of common software vulnerabilities.- 3. Establishing accounting principles as invariants of financial systems.- 4. Integrity and internal control in modern banking systems.- 5. Diversity as a defense strategy in information systems: Does evidence from previous events support such an approach?.- two. Invited papers.- 6. Data quality: developments and directions.- 7. Developments in electronic payment systems security: EMV and CEPS.- three. Tutorial “CobiT and IT Governance”.- 8. Governing information technology through CobiT.- 9. Implementation of the COBIT-3 maturity model in Royal Philips Electronics.- four. Vendor white papers.- 10. Business process security: Managing the new security challenge with X-Tra Secure.- 11. The information integrity imperative.- five. Panel session.- 12. The way forward.- Index of contributors.- Index of keywords.