Professional Documents
Culture Documents
Data processing is done with the use of an electronic device or computer. Data are
converted into magnetic and electronic impulses in or on electronic device. The data are
then processed by transporting them within the system on wire circuits, microcircuits,
magnetic tapes, magnetic cores, etc. at an extremely high speed and with a minimum of
human interaction.
In the manual data processing systems, the major share of the workout is done by
people while in automated data processing systems, the major share of data-processing
workload is carried by machines.
Many organizations find that the best solution to their processing requirements is to use
a combination of methods: perhaps, using manual methods for such volume or
nonrecurring jobs while using computers for large volume for repetitive tasks. A
computer is used most efficiently in processing operations with one or more of the
following:
1. Extremely fast
Thousands of calculations can be performed each second and masse of data can
be processed and rearranged for various requirements in a fraction of time.
2. Extremely accurate
Computers can offer an accuracy for each unit of work produced unmatched by
any other means. This is, of course, on the assumption that the data entered to
the system and the programs which process the data are correct.
1
3. Greater processing control
Data is introduced only once and handled completely automatically. Oss of
control arising from transfer of data form machine to machine is eliminated.
5. Reduced cost
Because of the speed, timelines, and accuracy that the computers can provide the
required reports, cost of processing business transactions can be reduced
substantially.
3. Chanelling of work
In normal mechanization, the work load is spread out over a number of
machines or in anormal system, over a number of persons. In the absence of one
person the work can be transferred to another person or machine. In EDP,
usually all the company`s varied operations are chanelled through one piece of
equipment and if breakdown occurs – a major catastrophe may also be
encountered in terms of delayed processing, rescheduling of machines, etc..
2
4. Conversion of electronic system
Problems related to conversion from manual to EDP system are physical, that is,
site preparation, air consitioning, sufficient space supply, and actual equipment
installation. In conversion of source documentsto media suitable for electronic
programs, it is usual to run parallel operations to insure accuracy of the output.
This will involve substantial additional cost of the company.
1. Hardware
2. Software
3. Peopleware
4. Procedures
5. Data
I. HARDWARE
- Control Unit
- Part of a digital computer or processor which determines the
execution and interpretation of instructions in proper sequence, including
the decoding of each instruction and the application of the proper signals
3
to the arithmetic unit and other register in accordance with the decoded
information.
- Storage or Memory
- Device in which data can be stored and from which they can be
obtained at a later time. Primary storage is closely connected to the CPU in
the central processor. It consists of electronic components that store letters,
numbers, and special characters used in processing. The purpose of
primary storage is to hold the operating system, part or all of a program
being executed, and data used by program.
2. Peripheral Equipment
- this encompasses the auxiliary machines that may be placed under the control
of the CPU. Classified as on-line or off-line, it consists of input, storage and
4
output devices.
b. Output devices
- these are devices that produce readable data for users or
imputable data for further processing.
- Examples (Cathode ray tube, printers, plotters, magnetic tape,
microfilm, microfiche, multimedia output device, etc)
c. Storage Devices
- these are devices that store data that can be subsequently used by
the CPU. Classified as sequential or random access, and secondary storage
devices, data are made available to the CPU by a peripheral processor.
- Examples (Magnetic drum, magnetic disk, magnetic cards/strips,
floppy disks,CD-ROM, image processing)
1. Controllers
- hardware unit designed to operate specific input or output
units
- these devices eliminate the need for the CPU to operate
such devices.
- Examples (Terminals and printers)
2. Channels
- hardware units located within or outside the CPU that are
designed to handle the transfer of data into or out of primary
storage (memory). Thus, the CPU need not handle the
transfer of data.
3. Console
- it is used for communication between an operator or
engineer and the computer.
5
- it permits the computer to exchange instructions with the
operator, logs jobs, and provides a printout of activity that
can be reviewed by auditors and the control group.
4. Node
- hardware device in a network that can act as a message
buffer (hold part of the message until the rest is received),
switch messages, and serve as an error control.
- a node can be a computer, controller or multiplexor.
5. Emulator
- hardware device that permits one system to imitate another,
that is, to use the same data and programs and obtain the
same results as the other system.
6. Performance Monitor
- hardware or software that observes and records system
activities
- Examples (electrical activity or data about program
execution)
II. SOFTWARE
- These are softwares that supervise the operations of the CPU, control the
input/output functions of the computer system, translate the programming
languages and provide various other support activities.
a. Systems Software
- softwares that supervise the operations of the CPU, control the input/output
functions of the computer system, translate programming languages and provide
various other support services. They include:
1. Operating Systems
- controls and schedules hardware use. It is a set of software program that
helps a computer run itself, and the application programs designed for it.
- to communicate with the user, the operating system of a personal
computer may include a graphical user interface (GUI) which employs
graphic icons to represent activities, programs and files.
- Examples (DOS, Windows, Macintosh, UNIX, AmigaOS, etc)
6
- several different operating systems permit a single configuration of
hardware to function in the following modes:
i. Multiprogramming
- the operating system processes a program until an input/output
operation is required.
ii. Multiprocessing
- multiple CPUs process data while sharing peripheral units,
allowing two or more programs to be executed simultaneously.
v. Time sharing
- differs from multiprogramming in that the CPU spends a fixed
amount of time on each program.
vi. Multitasking
- multiprogramming on a single-user operating system, for
example, in a microcomputer.
i. Hierarchical
- the data elements at one level “own” the data elements at the next
lower level
ii. Networked
- each data elemet can have several owners and can own several
other elements
7
iii. Relational
- a database with the logical structure of a spreadsheet.
3. Utility programs
- perform basic EDP operations such as sorting, merging and other file
maintenance.
4. Interpreting program
- translates instructions written in the programming language into
machine language.
5. Compiler program
- reads ad converts the whole program first and execute it after the entire
source code has been translated.
6. Source programs
- programs written in all non-machine languages or source languages.
They can be converted into object programs before they can be used
directly by a processor.
7. Object program
- a program of machine readable and executable instructions to be
followed by the CPU. Only an object program can actually be used to run
a computer.
8. Assembler program
- programs that convert source programs written in assembler language
( a mnemonic language) into object programs.
8
medicine, education and law enforcement.
- Application programs may be developed internally or purchased from vendors
1. Vendor-produced software
- is in either source code or object code but vendors prefer to sell the latter.
III. PERSONNEL
1. Systems Analyst
2. Systems Programmer
ii. Provides the link between the needs of application systems and the
requirements.
9
3. Application Programmer
4. Database administrator
ii. Controls all aspects of the design and development of database and
is responsible for the preparation of the data dictionary.
iii. Provides continuing liaison between the EDP design team and the
users in regard to logical file structures and data content.
c. Operations Personnel
1. Computer Operator
i. Responsible for the daily operations of both the hardware and the
software.
iii. Provides physical security over data and program files that are in
an operational mode.
3. Librarian
10
4. Control Clerk
ii. Monitors manual input that is transmitted from the functional areas
(e.g. payroll and shipping)
iv. Maintains error logs and ensures compliance with control totals.
IV. PROCEDURES
- These refer to the process for obtaining and preparing data, operating the
computer, distributing the input from computer processing and
controlling processing steps.
V. DATA
This is one of the widely used type of data processing which is also known as
serial/sequential, tacked/queued of offline processing wherein records are collected
intro groups (batches) before processing. The fundamental of this type of processing is
that the different jobs of different users are processed in the order received. Once the
stacking of jobs is complete they are provided/sent for processing while maintaining the
same order. This processing of a large volume of data helps in reducing the processing
cost thus making it data processing economical.
Examples include payroll and billing system, employee’s detail concerning the
number of hours worked, rate of pay, and other details are collected for a period of
time. These details are then used to process the payment for the duration worked.
11
This type of system is best for large organizations.
Advantages:
Best for large organizations but small organization can also benefit from it.
Disadvantages:
2. Online Processing
Advantages:
It is easy to use. Tasks get processed automatically by the web and database
servers.
Disadvantages:
12
In online purchases, if servers hang out for a few seconds, there can be
interruptions.
Electricity problem
This method is used for carrying out ‘real-time’ processing. This is required where
the results are displayed immediately or in lowest time possible. The data fed to the
software is used almost instantaneously for processing purpose. The nature of
processing of this type of data processing requires use of internet connection and data is
stored/used online. No lag is expected/acceptable in this type and receiving and
processing of transaction is carried out simultaneously. This method is costly than batch
processing as the hardware and software capabilities are better. Example includes
banking system, tickets booking for flights, trains, movie tickets, rental agencies etc.
Advantages:
Disadvantages:
It usually uses two or more processors to share the workloads which makes
it costly.
13
Advantages:
Lower cost
Disadvantages:
Loss of control
Lack of standards
14
Speed : Accounting data is processed faster by using a computerized accounting
system than it is achieved through manual efforts. This is because computers
require far less time than human beings in performing a task.
Real time user interface : Most of the automated accounting systems are inter-
linked through network of computers. This facilitates the availability of
information to various users at the same time on the real time basis (that is
spontaneously).
15
Legibility : The data displayed on computer monitor is legible. This is because
the characters (alphabets, numerals, etc.) are typewritten using standard fonts.
This helps in avoiding errors caused by untidy written figures in a manual
accounting system.
Quality Reports : The in-built checks and untouchable features of data, handling
facilitate hygienic and true accounting reports that are highly objective and can
be relied upon.
MIS Reports : The computerized accounting system facilitates the real time
production of management information reports, which will help management to
monitor and control the business effectively. Debtors’ analysis would indicate the
possibilities of defaults (or bad debts) and also concentration of debt and its
impact on the balance sheet. For example, the company has a policy of restricting
the credit sales by a fixed amount to a given party, the information is available on
the computer system immediately when every voucher is entered through the
data entry form. However, it takes time when it comes to a manual accounting
system period. Besides, the results may not be accurate.
Storage and Retrieval : The computerized accounting system allows the users to
store data in manner that does not require a large amount of physical space. This
is because the accounting data is stored in a hard-disk, CD-ROM, floppies that
occupy a fraction of physical space compared to books of accounts in the form of
ledger, journal and other accounting registers. Besides, the system permits fast
and accurate retrieval of data and information.
The main limitations emerge out of the environment in which the computerised
accounting system is made to operate. These limitations are as given below ;
16
Cost of Training : The sophisticated computerised accounting packages generally
require specialised staff personnel. As a result, a huge training costs are incurred
to understand the use of hardware and software on a continuous basis because
newer types of hardware and software are acquired to ensure efficient and
effective use of computerised accounting systems.
Disruption : The accounting processes suffer a significant loss of work time when
an organisation switches over to the computerised accounting system. This is
due to changes in the working environment that requires accounting staff to
adapt to new systems and procedures.
System Failure : The danger of the system crashing due to hardware failures and
the subsequent loss of work is a serious limitation of computerised accounting
system. However, providing for back-up arrangements can obviate this
limitation. Software damage and failure may occur due to attacks by viruses.
This is of particular relevance to accounting systems that extensively use Internet
facility for their online operations. No full proof solutions are available as of now
to tackle the menace of attacks on software by viruses.
17
etc. This affects adversely the working efficiency of accounting staff on one hand
and increased medical expenditure on such staff on the other.
18
3. Lack of segregation of functions
One of the techniques for achieving good internal control is that no one
department should be responsible for handling all phases of transaction and
where possible, following functions should be segregated.
a) Approval of transaction
b) Recording
c) Custody of related assets.
19
possibility for unauthorized access to accounting records and manipulation of
data is more likely in IT environment than is manual system. For example, in
some instances employees credited their personal accounts against outstanding
loans due form them. The error could not be detected on a timely basis.
Cases have also came to light where an employee who is debtor of the entity
credited his own account by transferring collections received from another
debtor. Likewise, a computer programme used to process accounts receivable
may be designated to raise a sales invoice as soon as a delivery note is entered on
computer. An employee made an unauthorized change in the programme and
caused substantial deliveries to special customers without raising an invoice.
In a manual system, the clerk who has written books can be identified by his
handwriting. Erasing figures are not permitted. In a computer system it may not
be easy to detect who has made the entries, because manual books do not exist
The information is only keyed to computer.
The amounts and entries can be easily altered.
Books of accounts in a manual system can be kept under lock and key. In a
computer system if passwords are not used, or not frequently changed , the
access to all books is easy.
In case of a software error, the resultant errors will continue unless corrected. If
the auditor tests a sample of population, he will only insist on correcting the
errors found and other errors may remain undetected. The same problem will be
repeated from year to year.
Another potential for irregularity is the alteration of a master file. If the access to
a master file is not restricted an employee can alter his salary on the master file.
The same amount of salary will be repeated every month on the payroll
summary. Collusion with a customer may cause his credit limit to be increased
on master file. The master file may also be changed for the discount rate allowed
to a customer.
Collusion with customer may also result in crediting his account with the
amount received from another customer. In manual system due to segregation of
duties commitment of this type of fraud is more difficult.
Erasing a complete record or a file to damage the company is far easier in a
computer system than in manual books.
5. lnililltion or execution of transactions
20
In IT environment the approval of transactions is not evidenced in the same way
as in the manual procedure. For example a sale invoice on an on line system is
processed from shipping information received on the terminal through the
warehouse and on the basis of approved price list.
6. Potential for the use of computer assisted audit techniques
The computers may be used as audit tools either through audit software or test
data techniques. As a result audit procedures may be performed more effectively
and efficiently.
As in manual system, the auditor is required to carry out risk assessment in CIS
environment. However the CIS environment may affect the procedures for
assessment of inherent and control risk.
Two types of inherent and control risks in CIS environment are:
Deficiencies pervasive in CIS environment affecting multiple applications
(general CIS controls) Deficiencies related to specific areas (application controls)
FRAUD
Fraud is any and all means a person uses to gain an unfair advantage over another
person.
Elements
Computer Fraud
Computer fraud includes the following
21
Intent to illegally obtain information or tangible property through the use of
computers.
More of something
In less time
With less effort
They may also leave very little evidence, which can make these crimes more difficult to detect.
Computer systems are particularly vulnerable to computer crimes for several reasons:
Company databases can be huge and access privileges can be difficult to create
and enforce.
Consequently, individuals can steal, destroy, or alter massive amounts of data in
very little time.
Organizations often want employees, customers, suppliers, and others to have
access to their system from inside the organization and without. This access also
creates vulnerability.
Modern systems are accessed by PCs, which are inherently more vulnerable to security risks and
difficult to control
Input
The simplest and most common way to commit a fraud is to alter computer
input.
Requires little computer skills.
22
Perpetrator only need to understand how the system operates
Examples
a) Disbursement Fraud
b) Inventory Fraud
c) Payroll Fraud
d) Cash Receipt Fraud
e) Fictitious Refund Fraud
Processor
Computer instructions
May include:
Computer instruction fraud used to be one of the least common types of frauds
because it required specialized knowledge about computer programming beyond the
scope of most users. Today these frauds are more frequent, courtesy of web pages that
instruct users on how to create viruses and other schemes.
Stored data
Involves:
Altering or damaging a company company’s data files; or
Copying, using, or searching the data files without authorization.
23
In many cases, disgruntled employees have scrambled, altered, or destroyed data
files.
Theft of data often occurs so that perpetrators can sell the data.
Most identity thefts occur when insiders in financial institutions, credit agencies,
etc., steal and sell financial information about individuals from their employer
employer’s database.
Output
1. Data Diddling
Changing data before, during, or after it is entered into the system.
Can involve adding, deleting, or altering key system data.
2. Data Leakage
Unauthorized copying of company data.
3. Denial of Service Attacks
An attacker overloads and shuts down an Internet Service Provider’s
email system by sending email bombs at a rate of thousands per second
system second——often from randomly generated email addresses.
4. Eavesdropping
Perpetrators surreptitiously observe private communications or
transmission of data.
Equipment to commit these “electronic wiretaps” is readily available at
electronics stores.
5. Email Threats
24
A threatening message is sent to a victim to induce the victim to do
something o that would make it possible to be defrauded.
6. Hacking
Unauthorized access to and use of computer systems—usually by means
of a personal computer and a telecommunications network.
something o that would make it possible to be defrauded.
7. Phreakers
Hacking that attacks phone systems and uses phone lines to transmit
viruses and to access, steal, and destroy data.
8. Hijacking
Involves gaining control of someone else computer to carry out illicit
activities without the user’s knowledge.
9. Identity Theft
Assuming someone’s identity, typically for economic gain, by illegally
obtaining and using confidential information such as the person using
social security number, bank account number, or credit card number.
25