An organizational security demand is necessary for every industry. Especially large global corporation approaches high risk as regards of their large operation and management. The more the business area gets larger, the more the operation and management possess complicated and sophisticated. Organizational risk is created from vulnerabilities, threats and attacks consequent through the organizational weakness.
Risk assessment for computing industry depends upon on the security measurement of system resources of computing system as Hardware, Software and Data. However, risk assessment report for subject organization is required to identify here. Risk of subject organization is analyzed first and then assessed simply. Information are assembled plainly with the sight to stating organizational past and present condition concerning with the risk measurement and risk securitization. For better measurement, technical and business-oriented information are used that support to assume the organizational barriers and vulnerabilities. Data are sited through the internet source, company reports, news reports, journal articles.
Introduction to Subject Organization
Suggested subject organization is Dell Computer Corporation. This corporation was mostly renounced fast growing computer assembler in the world during the last two eras. Dell Computer Corporation is one of the largest computing manufacturer and service provider holding top position and popularity. However, the innovated competitive and market strategy lead this corporation to the revolutionary success in computer based system in the world. As a global corporation, Dell Computer still holds its growth to revolutionary success.
The outset of Dell Computer Corporation was in 1984 established by eighteen years old Michael S. Dell when there was the early stage of personal computer industry. This corporation originally known as “PC’s Limited” which obtains it’s headquartering in Austin, Texas since its foundation. Dell acts as the designer, manufacturer, seller and service provider companionable to IBM. In July 2002, Dell Computer was the world’s largest computer architect operating its business with 34,800 employees in more than 30 countries and customers in more than 170 countries (Achtmeyer. 2002).
Since founding Michael Dell has been intending to a glowing practice in computer customization and sales and its marketing. The core motive of Dell Computer Corporation is to serve up people according to wants. It runs and grows business considering customer’ satisfaction. Dell is the direct seller of computer systems which leads itself as a service industry than the product industry from the beginning.
It takes necessary steps up to date concerning computing revolutionary and innovation add-on customer needs and satisfaction. Dell faces various troubles that growing as obstacles of Dell’ business upon different periods from the beginning. However, Dell uses to engender various strategies to overcome the obstacles. For example, Dell used to employ telephone-sales strategy as part of direct sales and service of computing products and got prior respond to the customers during 1980s and 1990s. During then Dell changes and modified its competitive strategy for many times because of holding market.
Meredith (1998) States that “[t]he new performance measurements have helped the company hone its direct-sales, build-to-order strategy, generate some $3.5 billion in cash since 1995, and become Wall Street’s top performer for 1, 3, 5, and 10 years”. For having leadership of market Dell has been maintaining the three strategies of market leaders.
- Visionary growth strategies
- Innovative Business Models
- Vision and Stretch
- Smart Competitive and Marketing Strategies
- Winning organization and people
- Innovative Organization and Growth Culture
- Winning Leaders and Team
- Extended Enterprise and Lean Processes
- Relentless Innovation
- Venture Strategies
- Fast Company
- Innovation System
Dell upholds the most aspects of posing of market leadership. Following those there are three golden rules Dell maintains. Those are (Dell. 1999):
- Disdain inventory
- Never sell indirect
- Always listen to the customer
Sustaining such explicit rules, Dell draws the concentration of ultimate customers. Scorning stocking, direct selling of products and concentrating the customer deficiency are the secrets of Dell’s popularity. Asides Dell maintains some competitive strategies for competing for contending upon the market. The strategies are (Dell. 1999):
- Speed to market
- Superior customer service
- A fierce commitment to producing consistently high quality, custom-made computer systems that provide the highest performance and the latest relevant technology to the customers
- An early exploitation of the Internet
Competitive strategy of Dell includes sustaining spirit to existing market, committing the consistency of newest & soaring quality of products for finer serving to the customers and premature exercise of internet that direct itself to the market competitiveness. To exist and persuade competitive strategy Dell looks for easier object of market approach accompanying company status and market feasibility. Michael Dell states that-
“We put a great deal of emphasis on understanding what drove customer satisfaction, whether it was response times on the telephone, quality of products, valuable features, or the ease of experience in using the product. Engaging the entire company – from manufacturing to engineering to sales to support staff – in the process of understanding customer requirements became a constant focus of management, energy, training, and employee education” (Kotelnikov 2001).
The rules and regulation and the market strategy has been directed Dell to being the peak one in the market. Throughout the year 1995 to 2000, Dell organized itself with an elevated performing through capturing computing market. Here, ‘Figure: 1’ shows Dell’s growth performance competing comparing with other market’ computing leaders as well as IBM, Compaq, HP and Gateway. Though as it is concerned to all that IBM is the top largest computer and software manufacture now in the world, Dell performed very fast than IBM according to overall output performance at the middle of decade 1990s. Some of the competitors, however, now a day, catch glowing performing following Dell’s strategy.
It is due to analyze theoretically the apparent risk of Dell Computer Corporation. Alike all computing industry Dell restrains the components of computer-based system include hardware, software and data that act as valuable assets internally and externally. This system, however, works constantly under different risks like vulnerabilities, threats, attacks.
Vulnerabilities may be defined as the code of failure of any process or physical system of computing system. The main system assets as hardware, software and data may approach this problem. However, the vulnerabilities of the system resources are common problem for any computing industry like Dell Computer Corporation. These cause sudden problem momentously. By the means of various defectives, vulnerabilities sign to big harms. The probable vulnerabilities are discussed below.
- Hardware Vulnerabilities: Hardware is visual device of computing system. This system consists of various types of hardware which simply be attacked through moving, changing, adding, trafficking or flooding with transmit till functioning the devices. Besides that hardware can be soaked with frozen, burned, water, gassed and electrocuted with power surges. On the other hand there are intentional or unintentional accidental or incidental acts considered as “involuntary or voluntary machine slaughter” or “matricide” happened throughout kicking, slapping, bumping, jarring, punching, stabbing with knives, bombing, firing, and collisions inside the computer room etc. Theses happenings may cause large problem for computing machinery.
- Software vulnerabilities: Software is the vital thing to give life hardware which contains operating system, controls, utility programs and application programs. Software vulnerabilities may be created mostly intentionally and sometimes unintentionally. “Software can be replaced, changed, or destroyed spitefully, or it can be modified, deleted, or misplaced accidentally. Whether intentional or not, these attacks exploit the software’s vulnerabilities” (Pfleeger and Pfleeger. 2002, p.496). Besides software deletion and software modification it can faces theft illegally too.
Alike hardware and software, data another component which faces against vulnerabilities. But data vulnerabilities are more significant and serious factor than hardware and software vulnerabilities because the usage of data is vaster than hardware and software. “[a] data attack is a more widespread and serious problem than either a hardware or software attack. Thus, data items have greater public value than hardware and software because more people know how to use or interpret data” (Pfleeger and Pfleeger. 2002, p.15).
Threats are caused by some undesirable situation that may reasons harm or loss for computing system. These threats are induced by human-initiated or computer-initiated. Unintentional human blunder, hardware design falling or software imperfection or even natural disasters are kind of treats that cause impairment upon computing system.
Attack on the system may be abused by human in the course of vulnerability. It can be launched by other system too.” A human who exploits vulnerability perpetrates an attack on the system. An attack can also be launched by another system, as when one system sends an overwhelming set of messages to another, virtually shutting down the second system’s ability to function” (Pfleeger and Pfleeger. 2002, p.6). This type of attack now a day happens frequently. There are four types of vulnerabilities, threats and attacks as interception, interruption, modification, and fabrication. These are the typical category of vulnerabilities, threats and attacks for Dell Computer Corporation which may grounds harm or loss for its business anytime.
Is an illegal way of entering of unauthorized party who intend to access to an asset. The parties may be incorporated by any other computing system or a person or a program. For instance, illegal imitating of program files or data files or tapping telephone line to attain secret data from a network. Hardware, software and data may be faced by interception in different way. However, Hardware can be intercepted by theft, software or data can be intercepted too as well.
To a hardware or software or data may lose the asset system. The system components may be countenanced of interruption through distinct manner of incidents. For examples, wicked break down of hardware or crossing out of a program or data file or break down of a file manager operating system etc. Hardware can be interrupted by denial of service, software can be interrupted by deletion and data can be interrupted by losing.
Is another way of threats, vulnerabilities and attacks that is created by illegal party too. Throughout this threat the assets of a system can be modified than origin. The value of database or even hardware device or program can be threaten to be modified that may not be changeable of undetectable ever. Software modification refers such anti programs which access a program and infect it. The example of such categories is as Trojan Horse, Virus, trapdoor and information leaks.
Means generating intentional duplicating or falsehood of any objects of a system by an unauthorized party. Aside interception or interruption or modification, fabrication is another way of creating system defect. The interloper may create fake transmission though a network communication system that may not be sometimes distinct able than actual thing if even competently done. Substituting the objects of hardware and data and software, fabrication can create system faults.
The discussed threats, vulnerabilities and attacks are universal type of dilemma to a computing system now days. So as a global corporation Dell Computer is in danger point of this type of threats. Besides those risks there are some other weak points which may be possible targets of risks derived from other exposed assets deserving the corporation. Those are the risks of Networks, Access and Key People.
- Network is the sophisticated and important factors of computer system which accumulates and mixes different stations and server. Risks behind network are dangerous. This causes threats to system and data secrecy. Network is a combination of hardware, software and data which generally faces communication problems resulting by lacking of physical proximity, using of insecure medium of sharing and incapability of identifying distant users positively of a network.
- Access means entering to computer system causes stealing computer time, malicious access and unauthorized access those results of losing data and damaging software enrolment. Accessing is important part of episode of risks that faces wrong entry of illegal party. By accessing the code of security may be destructed or changed.
- Key People concerns the personnel, operators, and programmers. The individual problem or dissatisfactory impression etc. may cause the security threats for the computing system. Confidential problem of individuals of key people sometimes cause uncertain crisis for computing system. And sometimes unpleasing attitude and manner against the member of the key people grounds below standard or dissatisfactory surface for organizational performance.
Risk Assessment Report
Standing against those risks, Dell Computer has been possessing succeeded in every step in its business crisis. According to Dell,
“By approaching a problem, a response or an opportunity from a different perspective, you create an opportunity for new understanding and new learning. By questioning all the aspects of our business, we continuously inject improvement and innovation into our culture. How can we teach people to be more innovative? Ask them to approach a problem in a holistic sense.” (Kotelnikov 2001).
Generally large business being appeared operational and managerial problem internally or externally. Dell has faced such like of problem during 1993. Dell was induced to diversify business in Asia as a result of performing well in U.S.A. In spite of retaining revenue growth Dell was not properly capable to predict as regards the concerns of the probability of risk in diversification of direct sales in Japan at that period.
“Though the company introduced three new computer lines, had begun to sell computers by direct sale in Japan, and revenues in that year were expected to rise to $3 billion, company growth had begun to hinder its ability to manage its operations. Miscalculations of the pace of change in the notebook-computer market forced Dell to discontinue its notebook line. Losses associated with writeoff of the notebook line and falling personal-computer prices due to industry competition caused a decrease in company profits despite an 80 percent increase in revenues.
Despite these setbacks, Dell Computer predicted a return to profitability in the third quarter of 1993 after an internal reorganization had addressed problems related to rapid growth. The company planned to consolidate its European operations and update its notebook computer business” (Kutner. 2008, Reinert. 1992 & Business Week. 1993)
In 1993, Thomas J. Meredith, the former CFO of Dell Computer Corporation, was superior performer in both performance measurement and risk management of Dell Computer. He was a fit forecaster like Dell who brought a balance of growth, liquidity and profitability to the company rapidly from side to side taking effective initiatives time to time. For instance, within that year Dell’s cash reserves were in danger and accounts receivables were rising faster than the revenue growth rates. In the first six months of 1993, Dell had a $66 million loss thanks to inventory write-downs (Meredith. 1998).
To overcome the problem and take a healthier balance Meredith recognized the cash conversion cycle (CCC) as a means of performance measurement that brought the challenge of balancing profitable growth and liquidity management. Meredith (1998) points out:
“Using the metrics of days sales outstanding (DSO), days sales in inventory (DSI), and days of payables outstanding (DPO), Dell added DSO and DSI, then subtracted DPO, to determine the cash conversion cycle. During 15 months of what Meredith calls ‘impassioned evangelizing,’ he focused Dell employees on how they could influence the CCC equation: accelerating in-ventory turns and collection activities, slowing down supplier payments, and the like. In late 1994, the cycle stood at an acceptable 40 days; today it is a phenomenal negative 8 days.”
This new measurement was stand as the key of growth formulated as- DSO + DSI – DPO = CCC. During the ending of 1990s, when the competitors adopted similar measurement, Dell recommended high confidently that no one can touch the peak of Dell computer. “None can touch Dell’s recent response to the Asian crisis, either–a response that has its roots in charges levelled in 1992 that some of the company’s hedging activities were speculative in nature. This was not our finest hour as a company, and the crisis focused attention on the need for change. (Meredith. 1998). Again Meredith (1998) observes. “It was clear that we needed a well-defined [foreign exchange] FX policy” (Meredith. 1998).
Meredith (1998) grew new strategy for Dell’s currency risk management program and shaped a task force consisting the treasury risk managers and commodity managers for assessing supplier’s underlying costs. During the same period Dell faced approximately 63000 monitors to fire risk after importing from a Taiwanese manufacturer those were directly sold. About 32 reports of monitor overheating and catching fire were received then. However, Dell took necessary steps for diminishing this problem. “Consumers using Dell computer monitors should look for the model number “DL-1460NI” on the back of the monitor. Those having model DL-1460NI monitors should call Dell at (800)913-3355 to arrange for shipping and repair of the monitor” (U.S. Consumer Product Safety Commission. 20 May 1994).
Dell takes different tactics to compete in the market to obtain highest sales growth in the right time and right place. “As competitors began to imitate its telephone-sales strategy, Dell changed its image from that of a low-price leader to one offering quality and extensive service by becoming the first PC manufacturer (Kutner. 2008) to offer free installation of applications software with the purchase of a computer
There is another type of common risk is computer criminals who intend to cause computer crime to computing manufacturers as well as Dell Computer. Besides there have been some common risks of computer criminals who intend to cause computer crime to computing manufacturers as well as Dell Computer. Their intention and motivation is to access to the computing system and break down the system security as a whole. There are Amateurs, Crackers or Malicious Hackers, Career Criminals and Terrorists. They wait for chance of making trap to crack system, stealing data and denial-of-service attacks, etc.
Mentioned risks were not the consequence of the lacking of Dell’s over all management. Those occurred risks were derived uncertainly and momentously. These uncertainties are usual for every company, but are not usual as such low amount of risks throughout a short business life as well as the performance and growth of Dell. Excluding these Dell was aware always. Dell never wants to give any chance of facing organizational risks.
It was always concerned well about likely problems. Even Michal Dell individually has moved toward for evading the problems and handled very watchfully. Dell said, “I also enjoy roaming around outside the company to see what people think of us. On the Web, nobody knows I’m a CEO. I’ll hang out in chatrooms where actual users commonly chat about Dell and our competitors. I listen to their conversations as they discuss their purchases and their likes and dislikes. It’s a tremendous learning opportunity.” (Kotelnikov 2001).
Recommendation regarding Risk Report
Every global corporation requires Basic requirements for organizational existence depend upon various policies and steps to act against organizational risks and jeopardy or hazard. The requirements concern the organizational demands and fulfillments. The necessities are produced through the following:
- Customer Value Proposition: emphasizing on the value of customer as regards as main object of business.
- Marketing Strategy: highlighting a specific and suitable marketing strategy for market competitiveness.
- Customer Satisfaction: putting emphasize on prominence of the customer’s needs and wants as well as their contentment.
- Product or Service Innovation: amending or modernizing or inventing existing product or new-fangled product and services according to wind of change of time.
- Strategic Growth Focus: spotlighting on the lifting up of the strategies time to time.
- Innovation: giving emphasize on novelty of organizational factors such as management, financial system, marketing system, organization, coordinating and motivation.
- Technology Innovation: valuing on the technological change and revolution.
- Process Innovation: innovating different business procedures, methods, ways and schemes.
- Business Innovation: inventing new trade, industry, selling, production, dealings and commerce.
To survive the organization has to perform benefit ratio concerning with competitive price rate, mass marketing, new attributes of business, increasing extension line asides customer services. The other factors of surviving to endure business of Dell are constructing resources, linear and incremental innovation, and functional improvements. Associating surviving Dell has been performing as the leader of computing market from commencement. To be the leader Dell tags on the means of winning customers and competitive advantages. It creates upper customer assessment and positioning, differentiation, customer partnership, novel service & product categories, new brands and speed.
On the other hand it builds unique capabilities, systematic & radical innovation; venture strategies, adaptability and new business model to lead itself as the competitive leader of market. As a market leader Dell’ performance is much better to be noticed. Dell retains the revenue growth and products sales with a better risk management through worldwide from its born. The growth performance shows Dell’s high capabilities in risk management.
In spite of possessing operational, financial, managerial skills and well experience, Dell can include some more policy to retain its flow of succeeding. Analyzing risk and risk report, it is to certify that though Dell Computer Corporation is capable to assess its risks successfully, it can intend more intention into securitizing the probable risks according to the past experience. Due to do this Dell could do with well practice about security goal and defending method.
For the purpose of security goal Dell has to address carefully three significant aspects to its security system: Confidentiality, Integrity and Availability (Pathak, Jagdish 2005).
These three device security aims to preserve the protection of hardware, software and data system and other exposed assets as Networks, Access, and Key People. For better respond Dell has to make a balance between confidentiality, availability and integrity. “One of the challenges in building a secure system is finding the right balance among the goals, which often conflict” (Pfleeger and Pfleeger. 2002, p.10)
- Confidentially is the term which defines only the authorized accessibility to the computing resources. That means only who have the legacy of accessing to read or view or print or know he will be permitted to access particular asset. There are other names of confidentiality as secrecy or privacy. Confidentiality is significant by the means of security of illegal entrance.
- Integrity may be defined allowing modification the system assets only by the authorized body in legal way. In this framework, modification includes alteration, writing, changing status, deleting, shifting, and creating.
The goal of security of those act is expected following being aware about integrity. It is due to establish integrity for protesting any unauthorized party. Pfleeger and Pfleeger (2002) point out, “integrity means different things in different contexts” (p10). Pfleeger and Pfleeger (2002, p.11) also listed as follows:
- modified only in acceptable ways
- modified only by authorized people
- modified only by authorized processes
- internally consistent
- meaningful and usable
Is the action against denial of service which means resources are accessible by the right person at the right time. That means system assets are available for only to the appropriate and reliable person following time perfection.
Pfleeger and Pfleeger (2002) pointed out that “[w]e can construct an overall description of availability by combining these goals. We say a data item, service, or system is available if
- There is a timely response to our request.
- Resources are allocated fairly so that some requesters are not favored over others.
- The service or system involved follows a philosophy of fault tolerance, whereby hardware or software faults lead to graceful cessation of service or to work-arounds rather than to crashes and abrupt loss of information.
- The service or system can be used easily and in the way it was intended to be used.
- Concurrency is controlled; that is, simultaneous access, deadlock management, and exclusive access are supported as required. (p.12)”
For defending the versatilities and threats and attacks, Dell use specific method for controlling risks. “A control is an action, device, procedure, or technique that removes or reduces a vulnerability. …. A threat is blocked by control of a vulnerability” (Pfleeger & Pfleeger 2002, p.7), Defense against risks is strategic one. According to Pfleeger & Pfleeger (2002), there are some specific methods for controlling and defending of computing risk as regards as the principles of protection. Dell can consider the following methods defend as follows (Pfleeger & Pfleeger. 2002. p.22):
- prevent it, by blocking the attack or closing the vulnerability
- deter it, by making the attack harder but not impossible
- deflect it, by making another target more attractive (or this one less so)
- detect it, either as it happens or some time after the fact
- recover from its effects
Only these are not sufficient for having successful outcome against risks and in every situation. To do it there need have more considering factors. As discussed in the Dell’s feature that Dell is highly expert to minimize risks and competitive strategy, eventually, it is recommended to add the following methods for securitization of risks.
- Controls: Here, controls is emphasis to the physical security to put off the exploiting a computing system’s vulnerabilities. Though it is traditional method, it is modernize now being strong. the necessary things which may include- strong physical structure overall such as making strong door with strong locks with a burglar alarm, reinforced windows, heavy walls, surrounding moat, arrow slits, drawbridge, etc.
- Encryption: Encryption is a formal name of the way of scrambling or encoding for providing computer security. Encryption is helpful to deals with the performing confidentiality and integrity of data. This is a way of code of conduct of computer security.
Software can be controlled by using some tools and techniques. Program or the combination of program make the software system that is important to preserve. This includes the following (Pfleeger & Pfleeger 2002, p.24):
- internal program controls: parts of the program that enforce security restrictions, such as access limitations in a database management program
- operating system and network system controls: limitations enforced by the operating system or network to protect each user from all other users
- independent control programs: application programs, such as password checkers, intrusion detection utilities, or virus scanners, that protect against certain types of vulnerabilities
- development controls: quality standards under which a program is designed, coded, tested, and maintained to prevent software faults from becoming exploitable vulnerabilities
Hardware surfaces the software or data which needs of cautionary use. Hardware Controls are as the way of assisting the securitization of computing. These includes (Pfleeger & Pfleeger 2002, p.25):
- hardware or smart card implementations of encryption
- locks or cables limiting access or deterring theft
- devices to verify users’ identities
- intrusion detection systems
- circuit boards that control access to storage media
Policies and Procedures
For enlightening computing security it is due to execute legal and ethical controls though policies and procedures that may perform as simplest controls of computing assets such as recurrent change of passwords.
This is most effective and least expensive controls (Pfleeger & Pfleeger 2002, p.25). For example, locks on doors, security guards, backing up of the software and data and structural site planning for preventing natural disasters, etc.
In the light of the discussion, it can be assess that the risks of Dell’s are focused during the decade, 1990. Dell was able to identify the problems as well as threats, vulnerabilities and attacks and securitize them very cautiously. However and whatever the risks created, Dell could predict the reasons behind that. Its well structured and healthy management have considered recovering risks. However, Dell has been maintaining distinct defending method and use the terms of security goal directly or indirectly. Consequently, it can be stated that for raising the continuing image, Dell can consider the security goal and defending method that mentioned.
Achtmeyer, William F. (2002). Dell Computer Corporation. Center for Global Leadership. Tuck School of Business at Dartmouth. Web.
The author, Achtmeyer, William F. (2002) has been made the autobiography to the Dell Computer Corporation from beginning to 2004. How many workers are engaged in the corporation, how many countries are related to that corporation are discussed properly? He shows the status of Dell corporation in market leadership.
Business Week, (1993). Claire Poole, “The Kid Who Turned Computers into Commodities,” Forbes.
Dell, Michael. (1999). Direct from Dell. Harper.
The author, Michael Dell, himself tells the incredible story of the selling development of the Dell. The book, Direct from Dell, is prepared into two parts. The first narrates the history and the massive growth of Dell Computer. The second part points out the Dell’s management approach, from developing customer focus to creating alliances with suppliers.
Kotelnikov, Vadim (2001). Value Chain Management. Ten BUSINESS e-COACH: Innovation Unlimited. Web.
The article, “Value Chain Management”, is equipped into different parts. Those are as: What is Value Chain?; Today’s Challenges; 8 Best Practices of Successful Companies; Employee Empowerment; Lean Enterprise; Case in Point Canon: Eliminating 9 Wastes; Today’s Solution: Process-managed Enterprise 4 Phases of IT/Business; Alignment Leveraging; Your Service-Profit Chain; Extended Enterprise; The Growing Role of the Business Architect; The Tao of Business Success, etc.
Kotelnikov, Vadim (2001). Dell Computer Corporation: Strategies that Revolutionized an Industry. BUSINESS e-COACH. Web.
The article, “Dell Computer Corporation: Strategies that Revolutionized an Industry”, is pointed out various issues. Those are as: The Power of Vision and Business Concept; Delivering the Best Possible Customer Experience; Focus On the Best Solution, not the Best Technology; Teaching Innovative Thinking; and Getting Feedback from Customers and Suppliers.
Kutner, Jon. (2008). The Handbook of Texas Online. Dell Computer Corporation. Texas State Historical Association. Web.
In this description, On the one hand, the Dell Corporation’s strapping enlargement and conditions are discussed and on the other hand the Dell Corporation’s success was also criticized as Despite the Dell Corporation’s strapping enlargement and conditions, the Dell Corporation’s success was not assured as of mid-1993. Some risk are taken by the corporation as such introduction of notebook computer.
Meredith, Thomas. (1998). Performance measurement & Risk management at Dell. Tuesday, September 01, 1998. CNET Networks. Business Services Industry. Web.
The article provides the optimism in the finance executive’s words which couldn’t have been darker for the Round Rock, Texas-based computer maker. He describes the company that was growing too fast.
Pathak, Jagdish (2005). Information Technology Auditing. Chapter of IT Auditing and Security of Information Systems. Information Technology Auditing. Springer Berlin Heidelberg. pp.107-149. Web.
In this chapter, “IT Auditing and Security of Information Systems. Information Technology Auditing”, the risks involved in computing are included as such the goals of secure computing: confidentiality, integrity, availability, the threats to security in computing: interception, interruption, modification, fabrication, Controls available to address these threats: encryption, programming controls, operating systems, network controls, administrative controls, law, and ethics etc.
Pfleeger, Charles P. and Pfleeger, Shari Lawrence. (2002). Security in Computing. Chapter 1: Is There a Security Problem in Computing?. Prentice Hall PTR.
In this chapter, “Chapter 1: Is There a Security Problem in Computing”, the issues of risks are incorporated elaborately. The Authors also present the privacy engineering for preventing the privacy incursion and calculate the financial assessment of privacy.
Reinert, Al ( 1992). “Revenge of the Nerd,” Texas Monthly. Vertical Files, Barker Texas History Center, University of Texas at Austin. Dell Computer Corporation.
The author presents the paper in Texas Monthly, on 1992 for proving the matter of security. In that time security to computer related was not so burning issues.
U.S. Consumer Product Safety Commission. (1994). Dell DL-1460NI Computer Monitors Recalled Due To Fire Risk. NEWS from CPSC. Office of Information and Public Affairs: Washington. Web.
In this article, the cooperation with the U.S. Consumer Product Safety Commission (CPSC), shows the description of the using process of Dell Computer as internal components. In which countries, it is imported that was also discussed in this writings. At last, consumer’s remedy are also discussed.