Page 149 - Trust in ICT 2017
P. 149

Trust in ICT                                                2


            –       The  freedoms  described  in  the  Universal  Declaration  of  Human  Rights  and  the  International
                    Covenant on Civil and Political Rights also guarantee that individuals throughout the world will not
                    allow themselves to be submerged by the mass of confused data. It is for relevant information,
                    exchange,  sharing,  discussion  and  scientific  or  free  creative  activity  that  such  information  can
                    become knowledge.
            –       Freedom of expression is moreover the guarantee of access for all to contents that are as diversified
                    and reliable as possible.
            –       From the point of view of fundamental rights, the political safeguarding of those rights and the
                    diversity of contents that circulate in the global information society.
            Knowledge societies is risk societies

            Knowledge resources have become strategic, but if exploited for ill-intentioned purposes they could inflict
            irreparable damage. By making such resources accessible to the world at large, unknown dangers will be
            opened up. On the contrary, the accelerated spread of knowledge is to confront risks and to boost the self-
            regulating capacity of human societies. The risks that threaten people arise from the complexity of their
            interaction  and  the  mechanisms  required  to  cope  with  those  risks.  Knowledge  societies  may  precisely
            constitute the most effective means of dealing with the new complexity of technological developments.
            Eventually, some mechanisms are needed to cure the ills of ignorance and error, to free the individual from
            fears and constraints represented by nature, to lessen uncertainty and to control risks.
            Knowledge  societies  will  have  to  meet  instability  and  insecurity  that  are  often  social  and  political
            consequences of scientific progress and technological innovation. In nature, any technological innovation
            and any technical system generates risks. However, not all risks are equal and some are unacceptable. The
            distinction between risks taken intentionally and risks incurred passively is an ethical debate on inequalities
            with regard to risk.
            Risks on data integrity

            Data integrity refers to maintaining and assuring the accuracy and consistency of data. It is critical to design,
            implementation, and usage of any system which stores, processes, or retrieves data. Data integrity is the
            opposite of data corruption, which is a form of data loss. Data integrity as protecting data from unauthorized
            parties is not to be confused with data security. It aims to prevent unintentional changes to information. The
            failure of data integrity results from any unintended changes to data as the results of storage, retrieval,
            processing operation, including malicious intent, unexpected hardware failure, and human error, etc. If the
            changes are the results of unauthorized access, it may also be a failure of data security. Data integrity can be
            lost because of programming errors (e.g. good data is processed by incorrect programs), processing errors
            (e.g. transactions are processed more than once against the same master file), or management/process
            errors (e.g. poor management of the systems maintenance process).
            The risks of data integrity pervasively apply to an application system used to support a work process in
            multiple places and at multiple times throughout the network. However, they are principally manifest in the
            following components of risks:
            –       User interface: Risks in this area relate to whether there are adequate restrictions of user interfaces
                    to be authorized to perform system functions. Other risks relate to the adequacy of preventive or
                    detective controls of user interfaces to ensure that only valid data can be entered into a system.

            –       Processing:  Risks  relate  to  whether  there  are  adequate  preventive  or  detective  balancing  and
                    reconciliation controls to ensure that data processing has been timely completed. It includes risks
                    associated with the accuracy and integrity of decisions-making.
            –       Error processing: Risks in this area relate to whether or not there are adequate processes and other
                    system  methods  to  ensure  that  any  data  entry  or  processing  exceptions  that  are  captured  are
                    adequately corrected, and reprocessed accurately, completely and on a timely basis.

            –       Data  interface: Risks  relate  to whether  there  are  adequate  preventive or  detective  controls  to
                    ensure data that is adequately and completely transmitted to be processed by another system.




                                                                                                         141
   144   145   146   147   148   149   150   151   152   153   154