Professional Documents
Culture Documents
(Week 11)
Question 1:
While out at a consulting engagement, one of your graduate staff members comes to you with the
following question, ‘I’m confused. Since I first studied AIS at uni, I have never really
understood this concept of control . . . I mean what is the relationship among the control
environment, organisational objectives and the internal control system?’
Required:
You should include a description of what an internal control is, the relationship between internal
control components, organisational objectives and the different divisions of the organisation, and
a description of the control environment, general controls and application controls and how they
relate to one another.
Question 2:
Classify the following control activities as general or application and explain your reasoning,
(b) When sales are entered the system retrieves customer details based on the customer
number.
(d) Systems development is subject to signoff by the CIO before it can take place.
(b)
(c)
(d)
(e)
Question 3:
The computer system requires all users to log on with a user identification (their first initial and
the first six letters of their surname), and a password that is assigned to users when they join the
firm (that is unable to be changed).
The users have access to the internet and several have installed Windows Live Messenger and
other chat programs on their machines.
The main task of John, one of the staff members, is to perform data entry. Each day he receives a
bundle of orders from the customer assistant, with John’s job being to enter the details into the
system.
John first enters the customer name, address and contact number then clicks on the ‘Next’ button
to enter the items and quantities ordered by the customer.
If the customer name is not provided the computer will prompt John to go back and fill in the
details before proceeding to the next screen. In addition, the computer will only accept numeric
values for the quantities ordered.
Once all orders are entered John clicks the ‘Done’ button and the computer displays the number
of orders entered on the screen.
John usually ignores this, because by the time orders have been entered it is usually lunch time.
Required
(b) Suggest an internal control for each risk (the control may be mentioned in the case or missing
and you think it should be applied).
Control
Present
Gen/App
Man/Comp
Risk 2.
Control
Present
Gen/App
Man/Comp
Risk 3.
Control
Present
Gen/App
Man/Comp
Risk 4.
Control
Present
Gen/App
Man/Comp