Professional Documents
Culture Documents
The use of OLRT system results in a significant Computer security should be established at each
changes in internal control. Original source location to prevent unauthorized access to the
documents my be available to support input to company’s data.
the computer and the overall amount of the hard IMPACT OF COMPUTERS ON ACCOUNTING
copy audit trail may substantially reduced. SYSTEMS
Essential controls should be programmed into
the computer. The use of computers in business information
systems has fundamental effects on the nature
Database storage of business transacted, the procedures followed,
In a database system, separate application files the risks incurred, and the methods of
(master files) are replaced with integrated mitigating those risks. These effects flow from
databases that are shared by many users and the characteristics that distinguish computer-
application programs. It eliminates much of data based from manual processing.
redundancy, and since database is normally
Consistency of performance
stored on a direct access device, the system
Concentration of duties
responds quickly to users’ requests for
Systems generated transactions
information.
Documents are not maintained in
It is essential that the database be secured readable form
against improper access or alteration. Reports can be generated easily
Organizations that use database systems often
create a data administrator function, with Consistency of performance
responsibility for implementing and If the computer is programmed to perform
maintaining central databased and controlling specific task, it will run consistently so long as
access to the data. failures do not occur.
Computer Networks Concentration of duties
Networks of computers linked together through Incompatible duties are frequently combined
telecommunication links enable companies to within the system provided there are
communicate information back and forth compensating controls that are put in place.
between geographically dispersed business
locations. Systems generated transactions
There are programs that automatically compute Virus infects programs already in existence by
certain transaction without the need for an input inserting new code. The primary purpose of a
document. virus is to reproduce. It may also have a
secondary function such as destroying data,
Documents are not maintained in readable form
when the target program is executed, the virus
Data can be entered into the system without infects another program. The secondary viral
supporting documents. For example, in an function is then performed at some later time,
electronic data interchange (EDI) system a perhaps using a bomb as a trigger.
purchase transaction may be automatically Characteristics of a virus include replication,
initiated by the client’s computer by sending an requires a host program as a carrier, activated by
electronic message (purchase order) directly to a external action, and replication limited to
supplier’s computer system. Invoicing and system.
payment for the purchase may also be processed
Trojan Horse
electronically.
A trojan horse is a program that performs a
Reports can be generated easily
useful (normal) function, but also performs an
In online, real-time systems, transactions are unexpected action – a form of virus (attack or
processed immediately and all accounting trap door).
records are updated instantaneously.
Worm
COMPUTER FRAUD
A worm differs from a virus in that it reproduces
Computer fraud is rampant, as the use of on its own, rather than requiring a program host.
computers becomes part of our daily lives, with Characteristics of a worm include replication,
greater and greater frequency. The definition of does not require a host (self-contained)
what constitutes computer fraud becomes even activated by creating a process (needs a
more complex with the ingenuity of people who multitasking system), and replication occurs
intend to deceive, mispresent, destroy, steal across communication links for network worms.
information, or cause harm to others by
Bomb
accessing information through deceptive and
illegal means. More and more people across the A logic bomb goes off when the program being
globe are becoming comfortable with the online normally arrives at a prespecified event (e.g., a
purchasing process. But as more people start financial calculation exceeds a certain peso
buying things online, computer fraud is amount). A time bomb goes off at a prespecified
becoming a much larger problem than anyone time.
could have guessed. Just as you have to be
Trap Door
careful when you’re walking down the street, or in
your own home when you lock up at night, you’ve A trap door allows a user to gain more access to
got to be careful of the many examples of more system functions that are normally
computer fraud that will make their way onto available. These access privileges can be
your computer. obtained through a keyboard sequence or
system condition (e.g., an aborted system start-
Today’s fraudsters aren’t just bored teenagers
up). Once the access is obtained, the user can
anymore. The online criminals of today are
then manipulate, change, or destroy data.
skilled computer experts who know how to
manipulate your computer into giving them the Auditors should be alert to the potential for these
information they need for their computer fraud types of techniques used in fraud when
schemes. And the worst part is that you can have evaluating control risk for clients using
crucial information stolen from you without ever computerized systems.
knowing what had happened.
INTERNAL CONTROL IN THE COMPUTER
Frauds have typically relied on techniques INFORMATION SYSTEM
(malicious code) unique to computers such as
Virus, Trojan horse, Worm, Bomb and Trap door. AUDITOR’S RESPONSIBILITIES