The need for the external auditor to rely on internal E.D.P. auditors in complex computerised environments (with particular reference to financial institutions)

Ford, John Charles

23 September 2014

M.Com. (Accounting) / Please refer to full text to view abstract

Auditing

Auditing - Data processing

An adaptive quality-based fingerprints matching using feature level 2 (minutiae) and extended features (pores)

Mngenge, Ntethelelo Alex

25 November 2013

M.Ing. (Electrical and Electronic Engineering Technology) / Automated Fingerprint Recognition Systems (AFRSs) have not been very effective so far in matching poor quality fingerprints because the challenges involved in low quality fingerprint matching are quite different from high quality fingerprint matching. The difficulty is due to three main reasons: (i) poor quality of fingerprints in terms of the clarity of ridge information due to harsh working conditions, diseases and aging, (ii) failure to acquire adequate minutiae points after segmentation and (iii) large non-linear distortion due to pressure variations which causes ridges to deform. Thus, low quality fingerprint recognition is a difficult problem which still needs more attention. This is because the accuracy of a fingerprint matching module heavily depends on the quality of the fingerprint probe image. Poor quality fingerprints lead to maximization of False Acceptance Rate (FAR) instead of True Acceptance Rate (TAR). As a result, researchers have suggested that extended features must be incorporated to improve accuracy. These features have been successfully used by Latent Print Experts (LPEs) for crime investigation purposes to increase matching accuracy for fingerprints collected from crime scenes with those stored in the national or international databases. There are three categories of fingerprint features: (i) level 1 (e.g. delta), (ii) level 2 (e.g. minutiae) and (iii) level 3 or extended features (e.g. pores). In this work, improvements have been made through fusion of minutiae and extended feature scores together with the fingerprint image quality. However, fusion algorithms designed so far are not adaptive, i.e. they assume that the effect of the quality of the image on the matching score is the same for different matchers based on different features. To test this assumption, this work adopted an algorithm from the literature that first assigns quality score to different regions of a fingerprint. Quality scores assigned to each region of the segmented fingerprint was mapped to extracted minutiae and extended features (pores). The overall quality rating of each of these were calculated as the sum of all quality scores assigned to regions. This procedure helped the designed fusion algorithm to assign more weight on highly reliable features and less weight on unreliable features. Two experiments conducted for rating minutiae and pore features that are based on this procedure, showed that quality scores for features under study do not stay constant. An adaptive weighted sum fusion algorithm was designed, implemented, tested and compared to non-adaptive algorithms, namely, simple sum and weighted sum fusion. The proposed adaptive weighted sum differs from traditional weighted sum fusion algorithm in that it uses weights assigned to each feature based on the quality map of each region of the fingerprint as opposed to the whole image. The performance of the system was tested using PlyU High Resolution Fingerprint (HRF) Database. Two performance measures were used to rate the proposed algorithm in comparison with simple sum and traditional weighted sum, namely, Area Under the Curve (AUC) and Equal Error Rate (EER). Both these performance measures showed that the algorithm proposed in this work outperforms both simple sum and traditional weighted sum fusion approaches. The proposed algorithm yields an improvement of 8% and 13.33% in EER and AUC, respectively for weighted sum fusion and 2% and 4.8% in EER and AUC, respectively for simple sum fusion.

Information security culture.

Martins, Adele

24 April 2008

The current study originated from the realisation that information security is no longer solely dependent on technology. Information security breaches are often caused by users, most of the time internal to the organisation, who compromise the technology-driven solutions. This interaction between people and the information systems is seemingly the weakest link in information security. A people-oriented approach is needed to address this problem. Incorporating the human element into information security could be done by creating an information security culture. This culture can then focus on the behaviour of users in the information technology environment. The study is therefore principally aimed at making a contribution to information security by addressing information security culture and, for this reason, culminates in the development of an information security culture model and assessment approach. While developing the model, special care was taken to incorporate the behaviour of people in the working environment and hence organisational behaviour coupled with issues concerning information security culture that need to be addressed. An information security culture assessment approach is developed consisting of a questionnaire to assess whether an organisation has an adequate level of information security culture. The assessment approach is illustrated through a case study. Below is an overview of the framework within which the research was conducted: The dissertation consists of four parts. Chapters 1 and 2 constitute Part 1: Introduction and background. Chapter 1 serves as an introduction to the research study by providing the primary motivation for the study and defining the problems and issues to be addressed. In addition, the chapter is devoted to defining a set of standard terms and concepts used throughout the study. The chapter concludes with an overview of the remaining chapters. Chapter 2 gives some background to information security culture and discusses its evolution to date. There is a new trend in information security to incorporate the human element through an information security culture. Information security is divided into two different levels. Level 1 focuses on the human aspects of information security, such as the information security culture, and level 2 incorporates the technical aspects of information security. Part 2: Information security culture model is covered in chapters 3, 4 and 5. In chapter 3, the concept of information security culture is researched. Different perspectives are examined to identify issues that need to be considered when addressing information security culture. A definition of information security culture is constructed based on organisational culture. Chapter 4 is devoted to developing a model that can be used to promote an information security culture. This model incorporates the concept of organisational behaviour as well as the issues identified in chapter 3. Chapter 5 builds upon the information security culture model and aims to identify practical tasks to address in order to implement the model. In Part 3: Assessing information security culture, chapters 6 to 10, attention is given to the assessment of an information security culture, giving management an indication of how adequately the culture is promoted through the model. Chapter 6 considers the use of available approaches such as ISO17799 to aid in promoting and assessing an information security culture. This approach is evaluated against the definition of information security culture and the information security culture model in order to determine whether it could assess information security culture in an acceptable manner. The next four chapters, namely chapters 7 to 10, are devoted to the development of an information security culture assessment approach consisting of four phases. Chapter 7 discusses phase 1. In this phase a questionnaire is developed based on the information security culture model. Chapter 8 uses the information security culture questionnaire as part of a survey in a case study. This case study illustrates phase 2 as well as what information can be obtained through the questionnaire. In chapter 9 the data obtained through the survey is analysed statistically and presented (phase 3). The level of information security culture is then discussed in chapter 10, with interpretations and recommendations to improve the culture (phase 4). Chapter 11 in Part 4: Conclusion serves as a concluding chapter in which the usefulness and limitations of the proposed model and assessment approach are highlighted. The research study culminates in a discussion of those aspects of information security culture that could bear further research. / Prof. J.H.P. Eloff

computer security

data protection

Data mining: an exploratory overview.

Ferreira, Rian Johan

22 April 2008

Managers the world over complain that they are overwhelmed by the amount of data available to them, but that they are unable to make any sense of this data. The changing business environment and the fact that customers are becoming more and more demanding highlight the need for organisations to be able to adapt faster and more effectively to those changes. Data mining developed as a direct result of the natural evolution of information technology. The increased organisational use of computer based systems has resulted in the accumulation of vast amounts of data, and the need for decision makers to have efficient access to knowledge, and not only data, has resulted in more and more organisations adopting the use of data mining. The promise of data mining is to return the focus of large, impersonal organisations to serving their customers better and to providing more efficient business processes. Indeed, for some organisations data mining offers the potential for gaining a competitive advantage, but for others it has become a matter of survival. The literature is filled with examples of the successful application of data mining, not only to specific business functions, but also in specific industries. Undoubtedly, certain industries, such as those dealing with huge amounts of data, and those exposed to many diverse customers, stand to benefit more from data mining than others. iii The benefits, associated with data mining, for organisations, individuals and society as a whole, far exceed its drawbacks, but the biggest issue facing organisations that want to employ data mining, is its cost. The other drawbacks of data mining relate to the threat that it poses to privacy, and any data mining effort must not only be done within the framework of the relevant laws, but must also be done in an ethical manner. Although data mining is probably beyond the financial ability of most organisations, its main principle, the fact that there might be value in organisational data, should not be forgotten. Organisations must endeavour to treat their data with the same respect it has for all its other corporate assets. / Mr. C. Scheepers

business intelligence

data mining

Die administratiewe gebruik van die rekenaar in 'n hospitaalverpleegeenheid

Cloete, Woutrina

28 October 2015

M.Cur. / By studying the literature, the use of the computer in the administration of health services and a nursing unit in overseas countries, was described. Criteria were set to measure the use of the computer in a South African hospital. The research done, showed that the computer is not used to its full capacity and that the nursing staff has a need for the better use of the computer. Aspects that need attention are the methods of communication, record keeping and the duplication of records as well as personnel administration and the relevant record keeping ...

Audit and control of the teleprocessing monitor with specific reference to IBM's customer information control system (CICS)

Ferreira, H.M.S.

04 February 2014

M.Comm. (Computer Auditing) / Please refer to full text to view abstract

Auditing - Data processing.

Auditing

Auditing database integrity with special reference to relational and relationallike database management systems

Johnston, Hester Nicolette

23 September 2014

M.Com. (Accounting) / Please refer to full text to view abstract

Auditing - Data processing

Representing the planned vs. as-built story for linear projects in urban environment using data visualization

Zeb, Jehan

05 1900

Very large sets of multi-source, multi-dimensional and time varying data are generated during the execution of construction projects, especially large-scale infrastructure projects. Emphasized in this thesis is how data visualization can provide important insights during the planning, implementation and post project analysis phases of linear projects in an urban environment, which are attended by a complex working environment and multiple stakeholders. These insights can lead to enhanced communication and better decision making. Thesis objectives are four fold: (i) examine how the representation of a schedule using linear planning charts can assist with assessing the quality of a schedule in terms of the construction strategy, communicate schedule intent to projects participants, and assist with telling the as-built story; (ii) explore images useful for representing multi source, multi-dimensional, time varying as-built construction data in support of management functions specifically with regards to communication and decision making; (iii) demonstrate the ability of visual representations of construction data to assist in telling the as-built story of a project in a manner that provides useful insights to project participants; and, (iv) critique the images presented in light of the data visualization principles and interaction tools identified, and suggest improvements as appropriate and possibly other images, including properties desired. In addressing these objectives, the methodology involved a review of computer science and construction literature as it pertains to data visualization and a case study of a past project which reflected the scale and complexity of planning and executing linear projects in an urban environment. The planned and as-built story were captured from the available data depicting the contractor’s perspective in the project’s product, process, and as-built views which were replicated in a research software system called REPCON software. This system supports selected data visualization capabilities, which were examined and critiqued as part of this thesis. It is demonstrated that data visualization is a powerful paradigm for gaining insights into the quality of a project’s plan and for understanding a project’s as-built performance. Greater benefits could be achieved by exploiting cutting edge visualization tools and by designing and implementing a more comprehensive set of images. / Applied Science, Faculty of / Civil Engineering, Department of / Graduate

Construction project data visualization

Discovering and summarizing email conversations

Zhou, Xiaodong

05 1900

With the ever increasing popularity of emails, it is very common nowadays that people discuss specific issues, events or tasks among a group of people by emails. Those discussions can be viewed as conversations via emails and are valuable for the user as a personal information repository. For instance, in 10 minutes before a meeting, a user may want to quickly go through a previous discussion via emails that is going to be discussed in the meeting soon. In this case, rather than reading each individual email one by one, it is preferable to read a concise summary of the previous discussion with major information summarized. In this thesis, we study the problem of discovering and summarizing email conversations. We believe that our work can greatly support users with their email folders. However, the characteristics of email conversations, e.g., lack of synchronization, conversational structure and informal writing style, make this task particularly challenging. In this thesis, we tackle this task by considering the following aspects: discovering emails in one conversation, capturing the conversation structure and summarizing the email conversation. We first study how to discover all emails belonging to one conversation. Specifically, we study the hidden email problem, which is important for email summarization and other applications but has not been studied before. We propose a framework to discover and regenerate hidden emails. The empirical evaluation shows that this framework is accurate and scalable to large folders. Second, we build a fragment quotation graph to capture email conversations. The hidden emails belonging to each conversation are also included into the corresponding graph. Based on the quotation graph, we develop a novel email conversation summarizer, ClueWordSummarizer. The comparison with a state-of-the-art email summarizer as well as with a popular multi-document summarizer shows that ClueWordSummarizer obtains a higher accuracy in most cases. Furthermore, to address the characteristics of email conversations, we study several ways to improve the ClueWordSummarizer by considering more lexical features. The experiments show that many of those improvements can significantly increase the accuracy especially the subjective words and phrases. / Science, Faculty of / Computer Science, Department of / Graduate

email summarization

data mining

An appraisal of secure, wireless grid-enabled data warehousing

Seelo, Gaolathe

January 2007

In most research, appropriate collections of data play a significant role in aiding decision-making processes. This is more critical if the data is being accessed across organisational barriers. Further, for the data to be mined and analysed efficiently, to aid decision-making processes, it must be harnessed in a suitably-structured fashion. There is, for example, a need to perform diverse data analyses and interpretation of structured (non-personal) HIV/AIDS patient-data from various quarters in South Africa. Although this data does exist, to some extent, it is autonomously owned and stored in disparate data storages, and not readily available to all interested parties. In order to put this data to meaningful use, it is imperative to integrate and store this data in a manner in which it can be better utilized by all those involved in the ontological field. This implies integration of (and hence, interoperability), and appropriate accessibility to, the information systems of the autonomous organizations providing data and data-processing. This is a typical problem-scenario for a Virtual Inter-Organisational Information System (VIOIS), proposed in this study. The VIOIS envisaged is a hypothetical, secure, Wireless Grid-enabled Data Warehouse (WGDW) that enables IOIS interaction, such as the storage and processing of HIV/AIDS patient-data to be utilized for HIV/AIDS-specific research. The proposed WDGW offers a methodical approach for arriving at such a collaborative (HIV/AIDS research) integrated system. The proposed WDGW is virtual community that consists mainly of data-providers, service-providers and information-consumers. The WGDW-basis resulted from systematic literaturesurvey that covered a variety of technologies and standards that support datastorage, data-management, computation and connectivity between virtual community members in Grid computing contexts. A Grid computing paradigm is proposed for data-storage, data management and computation in the WGDW. Informational or analytical processing will be enabled through data warehousing while connectivity will be attained wirelessly (for addressing the paucity of connectivity infrastructure in rural parts of developing countries, like South Africa).

Data warehousing

Computer security