Professional Documents
Culture Documents
Information System Controls
Information System Controls
COSO defined internal control framework to improve the systems and provide the
efficiency and effectiveness in the operations of organization.
These are internal controls which are broadly divided in two categories:-
1. Physical Control Activity
2. IT control Activity
General Controls are those controls which apply to whole computer environment.
These controls are established in order to ensure that all data files are safe and secure;
all application and programs files are well implemented.
For e.g. Data should be restored/ backed up at some storage device on frequent
intervals. This is required for business continuity and handles disaster management.
2. Application control
Application controls ensures the validity, completeness and accuracy of specific
application or transaction. They focus on the risk associated with some specific
application and set control to mitigate the risk.
For Example- There should be one payment against one invoice and it should be
recorded under vendor ledger properly.
Fixed assets purchased during the year should be recorded under respective head and it
should be supported with source/base document i.e. Purchase bill. Verification check
required.
Conclusion
These controls emphasize to achieve integrity and authenticity of data. They focus on
continuity of operations without any hack.