A new attack involves hacking into medical records and then offering these records for sale on the black market. A medical recor

Question

3 years ago

14

A new attack involves hacking into medical records and then offering these records for sale on the black market. A medical recor

ds company in Brazil learned of this attack and has built controls into its systems to prevent hackers from accessing its systems. This is an IT application of the COSO principle of _______ and evidences _______ controls.

Computers and Technology

1 answer:

Flura [38] · Answer 1 · 2022-03-25T22:48:23+03:00

Answer:

1. Control Activities

2. Internal

Explanation:

Considering the scenario explained in the question, it can be concluded that This is an IT application of the COSO principle of CONTROL ACTIVITIES and evidence PREVENTIVE controls.

In this case, the Control Activities which is one of the five principles of COSO (Committee of Sponsoring Organizations of the Treadway Commission) is a means of selecting and developing general control over technology, through strategies and techniques. This is what the medical records company did by building controls into its systems to prevent hackers from accessing its system.

This is an example of internal CONTROL ACTIVITIES that illustrates PREVENTIVE control against potential risks or hacks.