8/19/2019 sqa52

1/10

System installationpeople maybypasscontrolspresentin system and obtain informationfromthe system

which is not supposed to be availafle to them under normalcircumstances.Thus, the controls are by-

Passed and the system is hackedby them.Careless or incorrectrestartingof a system after abruptshutdownmay cause the state of transitionto be

unknownto a user. In some mailingsoftware,if a personcloses the browserwithout logging out' the next

Person can open the apf licationwith an authenticationof previousperson directly.Hardware maintenanceactivities may be performedwhile productiolldata is on|inc, and the equiPment

undergoing maintenance is not isolated from the system before maintenance.For example, the Printer,

which is assigned to printfinancialinstrumentslike chequesand drafts, may have a stationaryof blank

Instrumentswith it. Printermaintenanceis done at this time.

OPeratormay perform an unauthorisedaction for personalgains, and the system cannot detecUstop such

transaction.This may lead to data loss and modification.

OPerationsstaff may destroy hardwareand system data for personalgains or other reasons. Data present

in the system may be lost or modified,thus affecting system processing in a negative manner.

Wrong version of an applicationmay beexecuted, if configurationmanagementprocesses are not followed

correctly. If old sources and executablesare not replacedby new sources and executablesafterthe changes,then the application may not be able to integratewith them.

Program may execute multiple instances using same transactionsagain & again, and may update the

database again and again. Transactionsonce completedmay not leave the queue and there is no controlto

protect transaction getting executed for the second time.

Operator may bypass installed controlsof working, andthe system allows processing even after bypassinI

of such controls without any notification.Controls may be disabled, or detective controlsmay be bypassec

and system allows them to be disabled as bypassed.

Supervision may not be adequate and people may hack parts of the System for personalbenefit or throng

negligent working patterns.The supervisor Waynot be able to detect and control these activities.Due to incorrectly learned procedures, an operator Way modify or delete muter mesor main databm&om the system, and the system may allow so withoutofferingany protectionof such infoation suc

u maining a bacp.

Data Storage MediaHandling Variousstoragemedialikefloppies,pen drives,and CI)s are handledby softwaresystemsfor takmgbackupsor loadingdata.

0

Scanned by CamScanner

8/19/2019 sqa52

2/10

Risk Analysis 145

Storage.media containing sensitive data may not get adequatephysical/logical protection becausethe

oPeratlonsstaff is not trained to doso. Security proceduremay not be effective or peoplehandling storage

media may not be trained as awareof security procedures.

Output may be sent to the wrong individual/terminal by mistake andsystem allows that- The terminal may

take an action basedon sucha transaction.This is a commonscenariofor printing of financial instruments

which areexpectedto be processedon securedprinters. If user changesthe printer destinationand system

allows such change,it may break the security establishedfor the purpose.Improperly denned operating proceduresin post-processingtasks may result in loss of dataor outPut.

Proceduresmay not be capableor they am not followed properly. If mediaare not handleddiligently, they

may result into lossof data.

Programming Errors Theremaybesomeesorsin programswrittenfor the workingsystem.The reason

of sucherrorsmaybewrongrequirements,wrong designs,wrongcoding,or insufficienttesting

Recordsfrom sensitiveHiesmay bedeletedwithout an avaifabifftyof processeswhich can reconstructit

Systemdoesnot mainWininformationaboutwhat hasbeendeletedandwho hasdoneit.

Programmersmayinsertspecialprovisionsin programsthat manipulatedatapresentin systems.Data may

get modi6eddueto someproblemsintroducedby software.Hard coding/instrumentationdonefor testing

may not be removed.Programchangesmaynot betestedadequatelybeforebeingusedin a productionenvironment.Maintenance

activitiesmay introduceseveralregressiondefectsas changesmay atfect unchangedpartsof the systemand

testingdoesnot detectthem.Changesin programmayresult in new errors becauseof unanticipatedinteractionsbetweenmodulesnot

testedadequately.This is possibledueto unavailabilityof traceability matrix and impact analysisbefore

changeis not being complete.

. program acceptancetestmay fail to detecterrors occurringfor unusualinputs to the system.Acceptancetestingmay not covereveryscenarioof failure,and systemfails ata latter datedueto somegenuinesituation

which wasnot tested.

Program,which must be safeguarded,may not be identified and protectedsufficiently. Programsmay be

changedwithout properchangecontrol proceduresin place.

Test dataandtest resultsor documentationfor applicationmay not be retained for future use. Test docu-

mentationmay not becreatedor maintainedthroughouttesting and after delivery.

Documentationfor vital programsmay not be safeguardedadequately.Lossof documentationmay lead to

problemsin maintenancewhen somechangesare suggestediu existing system.The traceability matrix may

be very useful for impact analysisbut it may be absentor may not be capableof doing impact analysis.

Programmersmay fail to keepa changelog or maintainbackupcopiesof their work or to formaliserecord

keepingactivities.Changesare donein systemwithout properdocumentation.

Poor programdesignmay result in critical datainitialisationto zero, or to some~arbitrary value not ex-

pectedby the system.An errormayoccur whenthe programis modified to changea datavalue butonly

changesit in one phasewhile chaugesin other phasesaremissed.

Programmay containroutinesnot compatiblewith their inteudedpurpose,which can disableor bypass

securityprotectionmechanismpreseutin the system.Theremay be someredundantcodeor somesystem

componentswherecontrolgoesby mistake.  Inadequatedocumeutationor labeling may result in wrong version of programbeing modified during

maintenance.This may induceseveraldefectsiu an existingsystem.

canned by CamScanner

8/19/2019 sqa52

3/10

Operating System Flaws Operating system is the main Layeron which the Program sits' OPefatingsystem provides some servicesto applicationsbeing run and communicateswith hardware Partsas Per If Stfuct'ons

coming from the application.

User jobs may be permitted to read/write outside assigned storage area due to problems associated with

oPerating systems. Data may be written on some extern&Lmedianot expected by the aPPlication.

inconsistency may be introduced info data because of simultaneous processing of same hie by multiPle

J'obs,. and system is not able to handle such concurrency. System selected may be wrong as technical

requirements of concurrency are not defined correctly

OPerating system design and implementation erfOfS may allow a user to disable controls present Of to

access all system information by bypassing the controls, and the system does not detect it.

Unauthorised modification to operating system such as hot fixes may allow a data-entry person to enter the

Program without authorisation, and/of modify the data entered into the system maliciously.

OPerating system crashes may expose valuable information about system (such as password lfStSOf 

authorisation table) to a person who is not authorised to access such information.

' Maintenance staff may bypass security controls designed and implemented in the system while peffoffflingmaintenance activities. At such time, the system is vulnerable to esors Of intentionalacts. fhe system may

not detect them.

' Operating system may fail to maintain an unbrokenaudittrail and some informationfrom the trail is lost

(of modified).

While restarting after crash, operatingsystemmay fail to ascertainthat all terminal locations previously

occupied are still occupied by the same individuals.System may start communicating with teffflinalS

without any authenticationrequired for reconnecting.

User may be able to get into a monitor/supervisorymode without pfOpefauthofisation. Authorisation

control is nOt implemented correctly, and the system is not able to manage access COntfOlS foFdifferent

groups and users.

Operating system may fail to erase the space/free the memory assigned to a jofl aftef noffflaVabffofffla

termination of the job Data is still availablein temporarymemory and can enter the system.

5.8.17 COMMUNICATION SYSTEMFLAWS/FAILURES

A system needs to communicatewith usefs and othefSystems. It has to receivedata from othef systems as

well as give data to other systems in the environmentFailuresin communicationmay be attfiflutedto the

following reasons.

AccidentalFailure Failuresin comffluflicatiOnmay occuraccidentlywhenthe systemis not Protected&omaccidentalfailures.

. Undetected communicationseffOfS from & to the system may fesult in incorrect/modifieddata during

communication.Data is lost, addedof altereddotingcommunicationas some Packetsate lost Of addedOT

their sequenceis alteredduringtransit.The systemmaynotbe ableto detecttflechangesin communicatioll

and tries to rebuild the messagefrom whateverit has received' .Infoffflationmay be accidentallymisdirectedto a wfong teffflinalOf WfOfIgsystem,and the messageISFe`

ceivedby the wfoflgpef son, who may misuse it. The system does not mute the communicationPfc.Pefly`

Communicationnodes may leaveunpfotectedpartsof messagesin temPofafymemoryduringunantlclPate(

interruptionsin communication. These paftSmay be difected wrongly to a destinationwhefe It IS nO

expectedOf may be lost penflanently.

canned by CamScanner

8/19/2019 sqa52

4/10

Communicationprotocolsmay fail to positively identifythe transmitteror receivermessageand those

may get mixed' Theremay be problemsassociatedwith encryption,coding anddecodingof messagesand

system may not be ableto correctlydecodethemessages.

IntenfionalActs Failuresin communication,intentionallydone by some authoriseduser/unauthoriseduser, which system is not able to detectandcorrect,as the case may be.

An unauthorisedindividualmay monitorthe communicationlines. This may happenwhen somebody

hacks a system or takescontrolof logged-insessionmaliciouslyandstartsworkingas an authoriseduser.

Systems may be vulnerableto externalusers taking controlof communicationwithin system without

.detectingsuch action.

A personmay enterthe systemby unlawfulmethodssuchas hackingandremovethe datafromthe system.

The system may be unableto detectsuch incidencesandprotectthe infiltration.

Programsin networkthatswitch systems ON may be modi6ed to compromisesecuritysystem. Security

compromisemay lead to exposingsystems to unplannedperpetratorswho can steal the data. Theremay

be loss of.dataor loss of controlover the system.. Data may be changedby individualsby hackingthe lines of communicationand taking control of the

system. Data updationmay not storeor rememberthe old datain the system.Also, updationmay not need

any approvalof authorisedpersonbeforerecordscan be updated.

. An unauthoriseduser may takeover the communicationportwhenan authoriseduser disconnectsfrom it.

Many systems are notable to understandsuch changeoverandallows unauthoriseduser to use the system.

. If encryptionis used, keys for decoding may be stolen by an unauthorisedperson. Data coding and

decoding may not work properly.If decoding does not work, datacommunicationwill not be understood

by the recipientcorrectly.If it is wrongly decoded,again it can lead to a communicationproblems.

User may be spoofed into providingsensitive datato a personnot authorisedto get it. The system needs

to create a log of activities done by differentusers in the system like accessing or copying data from sys-

tem. But, if transactionsare happeningoutside the system, there may be very less control by.the software

as such.False messages may be insertedinto the system, or actualmessages may be modified or deleted by an

unauthoriseduser.This may confuse authoriseduser.The system may not be able to detect the slams of 

the message entered'along with the user enteringsuch a message'.

. Messages which are confidentialin nature may be recordedand replayed into the system. The message

may.be available to unauthorisedpeople andany misuse is possible.

Data may be BZteredby unauthoriseduser of the system. User may not get complete dala.

5.9.1 \..NADEQU,_ATE5CHED.UL.EANDBUD.GETade(Zuate'scheduleandbudgetforproductdeveZopmentactivitiesreferto manyaspectsof deveZopmen

r9ess along-w~-cu""mer'proces procuring̀softwarefromoutsid .Someof theaspcts hisrisk.ar_estedbelow --"- "' "'-'"'""-` ' -"' ~ -' ' "'"". .' ''-'-'-,...--~-.`..

canned by CamScanner

8/19/2019 sqa52

5/10

148

'~eVdlop n-g-""-en__~~menon|st tofn~~~-~~~ ~ a~ut ~~ ~d

and test the correct product which is fit for use. .- - -`-- - -'

kof understandingof networkdiagrams-requiredfor use, and inabilityto convert effortsintoschedules

techvely OPtimisationof resourcesto get optimumscheduleand optimisationof effortsmayi:ine. '-)

Even If effort estimationand schedulingwork properly,yet there ay be a problemwith vailabill.tyof '

budget to Performall proposedactivitiesassociatedwith development,testing and re " "

5.9.2 DEVELOPMENT PROCESS/TEST PROCESS COMPETENCY

DeveloPmenVtestProcess must be capable of deliveringthe right productto the customer.It covers adequate

frameworkof Processesused fordevelopmentand testig, andecessary skills of developmentteam an test

team.to Perform tasks allocatedto them. If developmentprocessis not capable,it may give producersgap or

nt gaP' If test process is not capable,it maynot be able to detectthis gap.

ENTIFICATIONOF RISKS

has three components,viz. probabilityof_.failure_ofan applicationduring production,,ilppact of 

such-failwe on the users,.andability to de-tthe occurrenceof a risk beforeor-duringits happDin ro-b-

ability of haPPeningof risk or impact of such risk is 0', then there is no existenceof"l`is"wen detec-

tion ability can never be 0'. Risk cannot be eliminatedcompletelyby any method of risk reductionbut its

Probability of happeninimpact on the user can be reduced by planningpreemptiveeffortsor risk-fighting

arrangements. Detection ability of software can be improvedby devisingvarious detectivecontrols as well as

training users to understand the symptomswhen risk is materialisingso that risk rating can be reduced.

msks to the final users in terms of these three components are identified in Failure Mode and Effect

Analysis (FlvfEA)' performed by the developers or experts with the help of customer or user. Outcome of FMEA is used in developing a test plan for the software under testing Risk analysis is also one way to in-

dicate possible risks to the users so that they are aware and can take precautionswhile using the software. It

thus indicates accident prone zones' in the application use.

5. I 0. I METHOD FOLLOWED FOR RISKANALYSIS

An organisationmusthavea processto identify,defineandevaluaterisksposedbythesoftwareto finalusersas

wellas projectmanagementrisksposedduringdevelopmentactivities.NI stakeholdersincludingprojectteamas

wellas usersmustbe involvedinsuchidentificationandanalysisof risksanddecisionaboutvariouscontrols,to

reduceprobabilityorimpact,or improvedetectionabilityof therisk.Stagesin riskanalysismaybe as follows.

Definitionof Risk An organisationmustdefineall possiblecausesof risksfacedby the usev whileusingsoftware.Similarly,theremustbe somearrangementto definethepossiblerisksduringsoftwarede-

velopmentandtesting activities.Variousmethodsaresuggestedfor definingrisksfor a softwareproducV

organisation.Few of themareas follows.

RiskRepoSitoly If anorganisationhaspreviousexperienceof similarsoftwaredevelopmentandusage,it

may havea repositoryof risksfacedby variousstakeholderswhiledevelopingsoftware,or risksfacedby the

userswhile usingthe software.Creatinga riskrepositoryforanorganisationthroughitsanalysisof historicaldatais a very useful way of riskidentification.(It is said thathistoryrepeatsitself againand again) If one

has faced some risk in the past,probabilityand impactcanbe assessedfromthe historicaldataavailable.

Customermay also havea riskrepository,whichmay be sharedwiththe develoflmentteam.

canned by CamScanner

8/19/2019 sqa52

6/10

8/19/2019 sqa52

7/10

150 | SOFTWARETEST/NG:PrincipleSeTechniquesand Tools

2) Medium risks: Whereverprobabilityand impactbothare medium,it is consideredas mediumrisk. These

may be mitigated if the customerinsists on such actions.Wheneverprobabilityis medium and impact is

low, or Probabilityis low but impactis high, it is also consideredas mediumrisk.

3) Low risks: Wherever probability is low and impact is medium/low, it can be considered as low risk. There

may be contingency plan for such risks.

Table5.1 ' H - M. L matrix

~Probability"""`.""`""`""..'-."'"""-"`""` '--

 /mpad ~' "'.Hjf{ih.' Medium Low

High Hig.'h: " - ' " 'High Medium

Medium High ` . Medium Low

  Low High Medium Low

Oetection Ability-Ability to Detect When the Riskis Rea{jSjngIf therisk can be seen while it is happen..

mg' or If it gives some warningor indicationbeforehappenin its detectionabilityis consideredas`l;igh.Userscan be safeguardedto some extentin case of beingwarnedwhenthe riskis apparing.If therisk occrs

suddenly'It has moreratingas the impactis sudden.Thus,detectionabilityratio arerev rsed.In case of risk wheredetectionabilityis veryhigh, theratinggiven is verylow On theeotherand,in case of riskwherethere is no chanceof detection,ratinggiven is very high.

Risks are measuredand ranked as per Risk PrioritisationNumber(RPN)' or Risk IdentificationNumber(RlN)'. Mathematically,risks can be categorisedas perquantificationof risks.

msk formula = probabHityof occurrenceof fish x impact or loss x inabHityof detection

RPNIRIN- P x I x D

Risks with higherratingsneed to be plannedfor handlingfirstwhile risks with lowerratingsmay beaccepted as it is dependingon management'sdecision.

5.11 TYPES OF SOFTWARE RISKS

Risks associatedwith softwareapplicationuse arenumerous.Theychangefromapplicationto application,

fromcustomerto customerandfromtimeto time. Evenif therisks,identifiedaresame,yet theirprobability,

impactanddetectionmaydifferconsiderablyfromcaseto case.Somerisksaretimedependent.Followingis

a list of few risksassociatedwithimplementationof softwareapplication.

Incorrectresults may be producedwhileprocessingdatausingan application.Wrongresultsmaybe dueto

algorithmproblems, rounding-offerrors,designproblemsandso on. It mayaffectvariousdecisionstaken

by the user on the basis of data processing.

Unauthorisedtransaction can happen when somebodywho is not authorisedto performsome action is

capable of crossing the defense walls and entering the system.This can happendue to some Problemsof _-" "' ..,"

canned by CamScanner

8/19/2019 sqa52

8/10

de$ig.n and deneloflmentthroughrequirementswherethe system is notprotectedadequately. jncomfatible

,reqult~meats and design may lead to variousdefects of securitylapses. - "

sablhty of the system is very importantfactorwhile deployingit. Peof le giving requirementsand creating

oeslgns may not understandexactlywhattheusers wantorwhetherthey arecapableof usingthe system.If the

common users find it difficultto use the system,i.e. if usabilityis poor,it can hamperusageof the systcln.

Performance level of system may be unacceptabledue to optimisationproblems, memory leakages,

bandwidth issues, etc. If the response of an aplication is weak, users may not preferto work with it. jf 

the resPonse is much faster thanthe requiredspeed, it can also createproblemto users. Risk of rejection

of such a system by the users is very high.

System may be wlnerable to outsideattackslike viruses,Trojans,andworms.Althoughfull-proofsecurity

is impossible, yet sufficientlevel of defense is necessaryto protectdata from pilferage,loss, etc.

System may not workwithotherhardware/softwareavailablewiththeusers-this canbea compatibilityissue.

The user may not preferto changethe environmentwherehe is comfortablefor the sake of an application.

ANDLINGO F RIS KS IN TESTING

Every organisation faces many risks while using/creating software for business purpose. Users may face

several risks related to inability of an application to satisfy their needs. Development organisation may face

project management risks while user organisation may face user related risks. Here, we will not be dealing

with project management related risks as these may not affect testing approach directly. We will be dealing

with risks associated with users interms of loss or difficulties faced by them. In risk planning, an organisation

has to decide the strategy of handling the risk associated with usage of software. Risks can be handled in five

ways, as given below.

5.12.1 INH ERENT AND RESID UAL RIS KS

Thereare variousrisksassociatedwithsoftwarerisk.Inherentrisks describeall risksinducedin the system

due to some of the reasonsdescribedabove. Theyare presentby defaultwhen we decideany particularapproachof implementation.Residualrisks are the risksremainingin the systemafteran organisationor

customerdecidesto takeactionsto reducethe probabilityor impactof the risk. Risks can never be made

 zero' unlessthe organisationdecidesto bypasstherisk.

5. 12.2 ACCEPTANCEOF RISKAS ITISAn organisationmay list the possiblerisks with probabilitiesand impacts,but withoutany action plan to

preventor mitigatethe risks-thusacceptingtherisksas theyare,as perthe decisionof the managementfrom

customerside. Thisis a managementdecisionbaseduponcost-benefitanalysisof the risk and possible con-

trolsto avoid it. The natureof the risk playsthe majorrole in this decision-if the risks are uncontrollable

(suchas naturaldisasters),or if risk controlis economicallynot viable,thenthe managementmay decideto

acceptthe risk evenafterknowingits probabilityandimpact.

No furtheractionsarerequiredoncetherisksareacceptedby the managementor customer.Thereasonfor

acceptanceof riskmay be documentedso thatconcernedpeoplemayreferto it in future.

5.12.3 BYPASSING/AVOIDINGRISK

Bypassing/avoidingrisk involvessteeringclearof any particulareventleadingto the risk, by changingthe path

opproach which is responsiblefor inducingrisk. This can be one of the outputsof risk managementdecision.

cannea oy lamcanner

8/19/2019 sqa52

9/10

where cither risk is uncontrollable or risk control is economically not viable. If software imPlementation is a

~isIn_anagement may decide to continue the existing manual operations.

4 RISKPREVENTION

Preventing risk can be useful only if probability of failure due to risk is signi6cant. When the Probability of 

failure is very high, it represents a potentially harmful event. By preventing the occurrence of such an event,the Probability of failure can be reduced to an acceptable level. prevention works better than cure' may also

be used when there is no possibility of reducing impact, if the risk materialises.

5 12.5 RlS K M ITIGATION

Risk mitigation can be useful when the impact of risk is high b̀ut probability of happening of such an event is

not so high'if Probability is not very high but the losses due to materialisation of risk are very high, then there

must be some mechanism existing to reduce the possible impact when such risk becomes a reality It can be

aPPlied even when there is no possif inly of reducing probability. A very common example may be a natural

disaster where it is beyond human capabilities to reduce probability, but impact may be reduced substantiallyby devising plans accordingly.

When both probability and impact are moderate, then a combination of preventive and mitigation controlscan be applied.

5.12.6 DEFUSING THE RISKS

Sometimes,it may be difficultto avoidthe risk andreduceits probabilityand/orimpact.Acceptanceof the

risk is also difficult--suchinstanceshave no solutionandhence,area crucialconcernfor an organisation.In such cases, an organisationmay try to diffusethe risk by takingsome actions.Keepinga backupof the

operations,buying insurancecover,andmulti-siteworkingare some of the ways in whichthe organisationcan diffuse the risks.

5.12 7 CONTINGENCY PLAN

Contingencyplanningis requiredto knowwhatoneneedsto dowhentheriskmaterialises.Afterplanningto

reducethe probabilityof a riskthroughpreventiveactions,andto reduceitsimpactthroughmitigation,it can

be possiblethattheriskbecomesa reality.Onemusthavea runaway'planin orderto managetheriskwhen

itemes reality This maybe a damage-controlmechanism.

TYPESOFACTIONSFORRISKCONTROLMANAGEMENT

Whenan organisationdecidesto controlthe risks-eitherprobabilityor impactor both-or triesto imProvc

detectionability,then it appliesdifferentmeasures.msk reductionmeasuresarecalledas controls.Control

are of two maintypes dependinguponthe waytheyare aPfllied'

. ManagementControl Controlsappliedby the managementsdecisionare managementcontrol!Thesemay`beappliedmanuallyorthroughthe hardware/softwaredevisedforfflePurfiose'Manag.emenfcoll_

troldefinesthe~licies andstrategiesof doingthings,in orderto avoidrisks,orto reducetheir~mct wmlIthey materialise.Managementcontrolsset the foundationon whichapplicationcontrolmaywork(̀ienerau

managementcontrolsare preventivein nature.'

Scanned by CamScanner

8/19/2019 sqa52

10/10

hysiAPc1~tieOmsnDCOntfol APPlicationcontrols are exercisedby the hardwarclsoHwareor by somc

thundeewor inc ~~~~ee yb ~ ae tn os'somThue a~ thoua~ o re

Controls can be FurtherClaSsjficdas ShownBelow

e cPf rotjs oliecControlsThecontrols which canprevent the happening of risks are termed as preven-

e erallyar ae le~ drd~o e,m nag am ~ect  \/Ce~

(such as code of conduct, policies and procedur' s) serve the purposof preventive contr The preventive

controls must follow Poka Yoke' methodology so that risks maynot occur in the first place,

CommonTypesof PreventiveControlsAuthorisation before entering data into the system can reduce the probability of wrong data entry.

Data entry in the system with validations applied at the level of data entry.

* Input validation using some automated or manual check to prevent errors.* Pre-numbered forms are used in excise and sales tax invoices,so that there is control over outputs.

* Error messaging of preventive type which preventsanything wrong from being entered into the system.

Tool tips. Some applications provide a facility that when the cursor hovers over a particular control,

tool tips are displayed For example, if a cursor hovers over the first icon in the tool bar of a Word

document, a tool tip appears which says Nw Blank Document'. Tool tip' is a common terminology used

by developers and testers.

Poka Yoke Poka yoke is termed as positive con6rmation' or `fail-proof arrangement' where no risk will

be permiued to hit the common users. Poka yoke means making an arrangement so that nothing can fail. It is

supposed to give consistent results and does not have human-error factor.

* Indicative/DetectiveControl Thesecondlevel of controlsis indicative/detectivecontrols. Thewntrols whichindicatethatsomethingunnaturalis happeningandthus,thereis a needfor the personlentity

responsible,to take actionsto controlthe damagehappeningdueto materialisationof the risk are indicative

controls.A simple errormessage,̀thefile deletedfromthe recyclingbin will not be availablein future',is a

kindof indicativecontrol.

CommonTypes of lndicOt,"ve/DetediveContrOl 

. Datatransmissioncontrolwheredatasend from one placeto anotheris talliedto find if somethinghasbeenlost/gainedduringthe transmission.

. Control/hashtotals areusedto comparethe totalsof transactionstakingpartin processing.Errormessagingof detectivetype wheresomethingwrongis indicated.

. Reactive/CorrectiveControl Reactivecontrolsreactto the adversesituationdue to happeningof a riskto controlthe damage.The fuseinstalledin an electricalapplicationblows off when voltagefluctuates

to save the equipments;this is a kindof reactivecontrol.Reactivecontrolmay work in conjunctionwith

indicativecontrolwhereindicativecontrolgives a thresholdto activatereactivecontrol.Reactivecontrols

areof two types, namely,

 Auto-Reactive Control Auto-reactivecontrols act without any interferenceby human elements.

Generallywhen a detectivecontroldetectsa problem,thenthe auto-reactivecontrolgives a thresholdto aneventto controlthe damagedueto riskrealisation.