Legislative and security requirements of audit material for evidentiary purpose

This research used the Queensland Police Service, Australia, as a major case study. Information on principles, techniques and processes used, and the reason for the recording, storing and release of audit information for evidentiary purposes is reported. It is shown that Law Enforcement Agencies have a two-fold interest in, and legal obligation pertaining to, audit trails. The first interest relates to the situation where audit trails are actually used by criminals in the commission of crime and the second to where audit trails are generated by the information systems used by the police themselves in support of the recording and investigation of crime. Eleven court cases involving Queensland Police Service audit trails used in evidence in Queensland courts were selected for further analysis. It is shown that, of the cases studied, none of the evidence presented was rejected or seriously challenged from a technical perspective. These results were further analysed and related to normal requirements for trusted maintenance of audit trail information in sensitive environments with discussion on the ability and/or willingness of courts to fully challenge, assess or value audit evidence presented. Managerial and technical frameworks for firstly what is considered as an environment where a computer system may be considered to be operating “properly” and, secondly, what aspects of education, training, qualifications, expertise and the like may be considered as appropriate for persons responsible within that environment, are both proposed. Analysis was undertaken to determine if audit and control of information in a high security environment, such as law enforcement, could be judged as having improved, or not, in the transition from manual to electronic processes. Information collection, control of processing and audit in manual processes used by the Queensland Police Service, Australia, in the period 1940 to 1980 was assessed against current electronic systems essentially introduced to policing in the decades of the 1980s and 1990s. Results show that electronic systems do provide for faster communications with centrally controlled and updated information readily available for use by large numbers of users who are connected across significant geographical locations. However, it is clearly evident that the price paid for this is a lack of ability and/or reluctance to provide improved audit and control processes. To compare the information systems audit and control arrangements of the Queensland Police Service with other government departments or agencies, an Australia wide survey was conducted. Results of the survey were contrasted with the particular results of a survey, conducted by the Australian Commonwealth Privacy Commission four years previous, to this survey which showed that security in relation to the recording of activity against access to information held on Australian government computer systems has been poor and a cause for concern. However, within this four year period there is evidence to suggest that government organisations are increasingly more inclined to generate audit trails. An attack on the overall security of audit trails in computer operating systems was initiated to further investigate findings reported in relation to the government systems survey. The survey showed that information systems audit trails in Microsoft Corporation's “Windows” operating system environments are relied on quite heavily. An audit of the security for audit trails generated, stored and managed in the Microsoft “Windows 2000” operating system environment was undertaken and compared and contrasted with similar such audit trail schemes in the “UNIX” and “Linux” operating systems. Strength of passwords and exploitation of any security problems in access control were targeted using software tools that are freely available in the public domain. Results showed that such security for the “Windows 2000” system is seriously flawed and the integrity of audit trails stored within these environments cannot be relied upon. An attempt to produce a framework and set of guidelines for use by expert witnesses in the information technology (IT) profession is proposed. This is achieved by examining the current rules and guidelines related to the provision of expert evidence in a court environment, by analysing the rationale for the separation of distinct disciplines and corresponding bodies of knowledge used by the Medical Profession and Forensic Science and then by analysing the bodies of knowledge within the discipline of IT itself. It is demonstrated that the accepted processes and procedures relevant to expert witnessing in a court environment are transferable to the IT sector. However, unlike some discipline areas, this analysis has clearly identified two distinct aspects of the matter which appear particularly relevant to IT. These two areas are; expertise gained through the application of IT to information needs in a particular public or private enterprise; and expertise gained through accepted and verifiable education, training and experience in fundamental IT products and system.

Working with and within your research dreams

Presentation given to postgraduates at the School of Social and Policy Research, The Northern Institute, Charles Darwin University, Darwin, Northern Territory, 28 August 2010.

After the marketplace: evidence, social science and educational research

This paper is an essay on the state of Australian education that frames new directions for educational research. It outlines three challenges faced by Australian educators: highly spatialised poverty with particularly strong mediating effects on primary school education; the need for intellectual and critical depth in pedagogy, with a focus in the upper primary and middle years; and the need to reinvent senior schooling to address emergent pathways from school to work and civic life. It offers a narrative description of the dynamics of policy making in Australia and North America and argues for an evidence-based approach to social and educational policy – but one quite unlike current test and market-based approaches. Instead, it argues for a multidisciplinary approach to a broad range of empirical and case-based evidence that subjects these to critical, hermeneutic social sciences. Such an approach would join educational policy with educational research, and broader social, community and governmental action with the aim of reorganising and redistributing material, cultural and social resources.

The concept of vulnerability and the protection of human subjects of research

This article provides an overview of the concept of vulnerability through the lens of the U.S. federal regulations for the protection of human subjects of research. General issues that emerge for nurse researchers working with regulated vulnerable populations are identified. Points of current controversy in the application of the regulations and current discourse about vulnerable groups are highlighted. Suggestions for negotiating the tension between federally regulated human subject requirements and the realities of research with vulnerable subjects are given. The limitations of the designation of vulnerable as a protection for human subjects will also be discussed.

Towards research-based innovation and reform: Singapore education in transition

The challenges facing the Singapore education system in the new millennium are unique and unprecedented in Asia. Demands for new skills, knowledges, and flexible competencies for globalised economies and cosmopolitan cultures will require system-wide innovation and reform. But there is a dearth of international benchmarks and prototypes for such reforms. This paper describes the current Core Research Program underway at the National Institute of Education in Singapore, a multilevel analysis of Singaporean schooling, pedagogy, youth and educational outcomes. It describes student background, performance, classroom practices, student artefacts and outcomes, and student longitudinal life pathways. The case is made that a systematic focus on teachers' and students' work in everyday classroom contexts is the necessary starting point for pedagogical innovation and change. This, it is argued, can constitute a rich multidisciplinary evidence base for educational policy. (Contains 1 figure, 1 table and 3 notes.)

The constitutional power to make war: domestic legal issues raised by Australia's action in Iraq

The legal power to declare war has traditionally been a part of a prerogative to be exercised solely on advice that passed from the King to the Governor-General no later than 1942. In 2003, the Governor- General was not involved in the decision by the Prime Minister and Cabinet to commit Australian troops to the invasion of Iraq. The authors explore the alternative legal means by which Australia can go to war - means the government in fact used in 2003 - and the constitutional basis of those means. While the prerogative power can be regulated and/or devolved by legislation, and just possibly by practice, there does not seem to be a sound legal basis to assert that the power has been devolved to any other person. It appears that in 2003 the Defence Minister used his legal powers under the Defence Act 1903 (Cth) (as amended in 1975) to give instructions to the service head(s). A powerful argument could be made that the relevant sections of the Defence Act were not intended to be used for the decision to go to war, and that such instructions are for peacetime or in bello decisions. If so, the power to make war remains within the prerogative to be exercised on advice. Interviews with the then Governor-General indicate that Prime Minister Howard had planned to take the matter to the Federal Executive Council 'for noting', but did not do so after the Governor-General sought the views of the then Attorney-General about relevant issues of international law. The exchange raises many issues, but those of interest concern the kinds of questions the Governor-General could and should ask about proposed international action and whether they in any way mirror the assurances that are uncontroversially required for domestic action. In 2003, the Governor-General's scrutiny was the only independent scrutiny available because the legality of the decision to go to war was not a matter that could be determined in the High Court, and the federal government had taken action in March 2002 that effectively prevented the matter coming before the International Court of Justice

Substance use disorders

Basic competencies in assessing and treating substance use disorders should be core to the training of any clinical psychologist, because of the high frequency of risky or problematic substance use in the community, and its high co-occurrence with other problems. Skills in establishing trust and a therapeutic alliance are particularly important in addiction, given the stigma and potential for legal sanctions that surround it. The knowledge and skills of all clinical practitioners should be sufficient to allow valid screening and diagnosis of substance use disorders, accurate estimation of consumption and a basic functional analysis. Practitioners should also be able to undertake brief interventions including motivational interviews, and appropriately apply generic interventions such as problem solving or goal setting to addiction. Furthermore, clinical psychologists should have an understanding of the nature, evidence base and indications for biochemical assays, pharmacotherapies and other medical treatments, and ways these can be integrated with psychological practice. Specialists in addiction should have more sophisticated competencies in each of these areas. They need to have a detailed understating of current addiction theories and basic and applied research, be able to undertake and report on a detailed psychological assessment, and display expert competence in addiction treatment. These skills should include an ability to assess and manage complex or co-occurring problems, to adapt interventions to the needs of different groups, and to assist people who have not responded to basic treatments. They should also be able to provide consultation to others, undertake evaluations of their practice, and monitor and evaluate emerging research data in the field.